With the popularization of the Internet of Things (IoT) in the home environment, security incidents have become more recurrent with end users. Knowledge sharing on incident mitigation with intrusion prevention systems (IPSs) can improve domestic IoT security, but both signa-ture-based and anomaly-based approaches pose challenges of updating, portability, and privacy. Our previous work extended the RFC 8520 functions and proposed the Intra-Network eXposure analyzer Utility (INXU) as a signature-based IPS to address these challenges. The INXU's architecture solves the signature update problem, and its Malicious Traffic Description (MTD) data model solves the portability and privacy issues. However, the referred MTD data model is prone to high false-positive detection rates due to the lack of contextual information for identifying effective threats. Thus, this work proposes an improvement to the MTD data model that reduces the false-positive detection rates. The concepts from an IoT security ontology are incorporated into the MTD data model to insert contextual information for the decision making process. With this, the present work proposes the improved MTD as a standard data model for sharing knowledge about the mitigation of malicious activities through IoT systems. Experiments using a Mirai botnet variant shows the improved performance provided by the solution herein proposed. The infections are reduced by up to 63 percent when compared to RFC 8520, and the false-positive detection is reduced by approximately 27 percent when compared with the original MTD.