WebMBO: Uma Ontologia para Comportamento de Malware Web(WebMBO: an Ontology of Web Malware Behavior)

Malicious software (malware) is a major threat to information security and it is largely associated with attacks to the Web. Knowledge about how malicious software behave is the basis to develop and maintain more secure information systems. However, current web malware has complex behavior, which cannot be represented by the traditional labeling system based on classes, which defines discrete types of malware. In this paper, we propose the use of ontologies to represent suspicious behavior on the web, since ontologies can provide formal and computer-interpretable models capable of representing complex behaviors. To this end, this paper presents the modeling process of the WebMBO, an ontology representing suspect behavior using OWL and SWRL. Resumo. Programas maliciosos (malware) são uma grande ameaça à segurança de informação, sendo associados à maioria dos ataques presentes na Web. O conhecimento sobre o comportamento malicioso desses programas constitui a base para construir sistemas de informação mais seguros. Entretanto, malwares web atuais apresentam comportamentos complexos que não podem ser precisamente representados pela rotulação tradicional baseada em classes que definem tipos distintos. Neste artigo, é proposto o uso de ontologias para representar comportamentos suspeitos de malware Web, uma vez que elas podem prover um modelo formal e interpretável por computador capaz de representar comportamentos complexos. Para tanto, este artigo apresenta o processo de modelagem da WebMBO, uma ontologia que representa comportamentos suspeitos usando OWL e SWRL.

[1]  Zahid Anwar,et al.  Semantic security against web application attacks , 2014, Inf. Sci..

[2]  Deepak Gupta,et al.  Security against Web Application Attacks Using Ontology Based Intrusion Detection System , 2016 .

[3]  Marcin Szpyrka,et al.  Identification of malware activities with rules , 2014, 2014 Federated Conference on Computer Science and Information Systems.

[4]  André Ricardo Abed Grégio,et al.  An ontology of suspicious software behavior , 2016, Appl. Ontology.

[5]  Vitor Monte Afonso,et al.  Ontology for malware behavior: A core model proposal , 2014, 2014 IEEE 23rd International WETICE Conference.

[6]  Tsung-Yen Chuang,et al.  Ontology-based intelligent system for malware behavioral analysis , 2010, International Conference on Fuzzy Systems.