Security and Ontology

We are aware of the need for controlled vocabularies, taxonomies, and ontologies to make progress toward a science of cybersecurity. We are addressing this gap. The first step is the Malware Analysis Lexicon (MAL) initiative, a small project to develop the discipline's first common vocabulary.

On this page, we link to our recent MAL publications and provide a set of related resources. We also invite your feedback. Do you have comments or new terms to contribute to our lexicon? Do you want more information about our methods and future plans? Contact us—we are eager to talk to you and hear your opinions.

Related Websites

a free open-source Java tool providing an extensible architecture for the creation of customized knowledge-based applications

the W3C-produced ontology language that uses both URIs for naming and the description framework for the web

Enisa's Ontology for and Taxonomies for Critical Infrastructure
a set of ontology and taxonomies for critical infrastructures

The Second International Workshop on Security Ontologies and Taxonomies
an annual workshop on ontologies and security

a collaborative work environment for ontological engineering and sponsor of the Ontology Summit

Data Breach Legislation Ontology
a description of work by CMU's Travis Breaux, who has captured the data breach notification legislation for many states using a formal ontology language