[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [cti-users] Re: Research Paper
|
In the “Semweb” community there is a difference between “linked open data” (Mostly RDF) and inferencing (mostly OWL, which can be represented in RDF). Both
are graphs. OWL adds formal first order logic capabilities. The graph query language they have defined is “SPARQL” and works across both. RDF is a web based graph data model (there are others), with multiple representations including XML and JSON. Graph data representations and queries like this work well when you want a lot of flexibility to subset and structure the data in various ways for different
purposes, viewpoints and communities. If you have very fixed requirements you may be able to “flatten” it into a table or hierarchical structure. So different use cases may point you to a graph, flat or hierarchical structure for the same information. IMHO
what you want is all of the above, you don’t want to get locked into any single perspective and representation. If one is foundational, the graph is the way to go. OWL sounds great in that some of the inferences can infer new data from others. BUT, OWL inference as is implemented and used today is mostly an expensive in-memory
computation. RDF assumes loosely coupled data in a very distributed model (linked open data). LOD allows reference to information on the web without the need to copy everything. So I would think a LOD graph of CTI data would be very interesting. I’m going
to draw flies with this – but I would stay away from OWL (or perhaps use a very reduced subset of it, sometimes called RDF++). The reason is that OWL puts limits on your graph representation (so the OWL inferences can work) and to really take advantage of
it you really need all data in memory. Of course tools could use OWL internally to process CTI data. If you look at your underlying model as a graph, you can always flatten it for specific use cases. To define this graph model I would still use UML, it can be mapped to OWL or RDF and is much more understandable than the text based OWL/RDF tools. -Cory Casanave From: cti-users@lists.oasis-open.org [mailto:cti-users@lists.oasis-open.org]
On Behalf Of Bush, Jonathan I do like this because it separates conceptual design from implementation, but I have a bit of a knowledge gap in the OWL area. Question – How would we get from
this sort of thinking to implementation (which is of course still important)? From:
cti-users@lists.oasis-open.org [mailto:cti-users@lists.oasis-open.org]
On Behalf Of Shawn Riley Hi folks, I've had a few people follow up asking where they could learn more about knowledge engineering and semantic web technologies since that was a key focus on the science of cybersecurity
research paper. I just learned of a new Massively Open Online Course (MOOC) on Knowledge Engineering and Semantic Web Technologies that is FREE and open to everyone! I posted more information in a couple blogs posts for those interested. I know there are a
number of us in the STIX, CYBOX, MSM community focused on the knowledge engineering side using semantic web technologies so while this is slightly off topic, I hope you find this information of value. LinkedIn PeerLyst On Sun, Aug 23, 2015 at 7:43 AM, Shawn Riley <shawn.p.riley@gmail.com> wrote: Hi Folks, Back in 2012 when STIX was released, the white paper included a mention of other possible implementations such as semantic web (OWL/RDF) and JSON-centric. We've had Bret share details on his
JSON efforts with the list so I wanted to take the opportunity to share our research paper on using semantic web technologies (OWL/RDF) with the group. This isn't marketing as there is no company or product mentioned. Rather, we're just sharing knowledge based
on our international research efforts. Given the ongoing debate over XML vs JSON, we thought it would also be good to show how both of these could be supported using the semantic technology approach. In many ways our research "connected the dots" between existing cybersecurity efforts across different government agencies that have been identified by the government as the way forward. From
the Science of Security championed by National Security Agency and National Science Foundation, to the Cybersecurity Measurement and Management Architecture championed by the Department of Homeland Security and the Department of Defense, and the revolutionary
intelligence methodologies (object-based production / activity-based intelligence) championed by the Intelligence Community and particularly the National Geospatial-Intelligence Agency. While each of these cybersecurity and intelligence efforts can stand on its own and provide great benefit, bringing these efforts together demonstrates how each agency's investments can see
a greater return on investment by working together to develop scientific foundations for the operational cybersecurity ecosystem. Just like we need infrastructure in areas like Meteorology to understand and predict the weather we need operational cybersecurity
science infrastructure to understand and predict events in our cyber ecosystem of the future. The paper can be downloaded from LinkedIn's Slideshare. Best, Shawn Shawn Riley Executive Vice President Centre for Strategic Cyberspace + Security Science London, England, UK - Washington, DC, USA
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]