Domain Ontology to Distinguish Different Types of Rootkits
Rootkit is an auxiliary tool for sniffing, stealing and hiding, so it has become the key component in almost all successful attacks. Analysis of rootkits will provide system administrators and security software managers the ability to detect and prevent a computer being compromised. Ontology will provide detailed conceptualization to represent the rootkit concepts and its relationships to other security concepts in cyber-attack domain. In this paper we presented an ontology for rootkits which contains many concepts relating to security, cyber-attacks and operating systems. We divided rootkits according to four attributes, and expanded the ontology for rootkits accordingly. This ontology can be used to distinguish different types of rootkits.
 A. G´ omez-P´ erez, M. Fern´ andez-L´ opez, and O. Corcho, ntological Engineering, 1st ed. London: Springer, 2004.
 Gruber, T., Towards Principles for the Design of Ontologies used for Knowledge Sharing. International Journal of Human -Computer Studies, 1995. 43(5/6): p.907 -928.
 Tala Tafazzoli and Seyed Hadi Sadjadi. Malware fuzzy ontology for semantic web. IJCSNS International Journal of Computer Science and Network Security, VOL.8 No.7, July 2008.
 Manuel Corregedor and Sebastiaan Von Solms, Implementing Rootkits to Address Operating System Vulnerabilities
 Andrew Simmonds, Peter Sandilands, and Louis van Ekert, An ontology for network security attacks, RAID 2003, LCNS 2820, Springer-Verlag,2003.
 Kim, A, Luo, J & Kang, M 2005 ‘Security Ontology for Annotating Resources’, paper presented to the 4th International Conference on Ontologies, Databases, and Applications of Semantics, ODBASE 2005.
 Denker, G, Nguyen, S & Ton, A 2004 ‘OWL-S Semantics of Security Web Services: a Case Study’, paper presented to SRI International, Menlo Park, California, USA.
 John D. Howard, Thomas A. Longstaff, A common language for computer security incidents, Sandia National Laboratories, Sandia Report, 1998.
 Hsiu-Sen Chiang, Woei-Jiunn Tsaur, Ontology-based Mobile Malware Behavioral Analysis
 A Complex Malware for Targeted Attacks". Budapest University of Technology and Economics. 28 May 2012. Archived from the original on 30 May 2012. Retrieved 29 May 2012.
 Flamer/sKyWIper Malware: Analysis. FireEye. Archived from the original on 31 May 2012. Retrieved 31 May 2012.
  M. Christodorescu, S. Jha, S.A. Seshia, D. Song, and R.E. Bryant,“Semantics-aware malware detection,” in Proc. the IEEE Symposium on Security and Privacy, Oakland, California, pp. 32-46, May 2005.
  J. A. Morales, P. J. Clarke, Y. Deng, and B. M. Golam Kibria,“Testing and evaluating virus detectors for handheld devices”,Journal in Computer Virology, vol. 2, no. 2, pp. 135- 147, 2006.
 E. Lacombe, F. Raynal, V. Nicomette, Rootkit modeling and experiments under Linux, Journal in Computer Virology, vol. 4, no. 2, 2008, pp:137-157.
 Jianxiong Wang,” A Rule-based Approach for Rootkit Detection”,The 2nd IEEE International Conference on Information Management and Engineering (ICIME), Pp. 405 – 408,2010.
 Detectors' Vulnerabilities Using a New Woei-Jiunn Tsaur and Yuh-Chen,” Exploring Rootkit Windows Hidden Driver Based Rootkit”, IEEE Second International Conference on Social Computing (SocialCom), pp.842-848,2010.
 Shu Zhou and Chenglong,” A Windows Rootkit Detection Method Based on Cross-View”, International Conference on E-Product E-Service and E-Entertainment (ICEEE),pp.1 - 3,2010.
 Endong Wang, Long Xin, Zhongyuan Wu, Weiqing Dong and Xiaoshe Dong,” KVM-based Detection of Rootkit Attacks “,International Conference on Intelligent Networking and Collaborative Systems (INCoS), PP. 703 – 708,2011.
 Hai Bi, “Anti-rootkit Technology of Kernel Integrity Detection and Restoration”, International Conference on Network Computing and Information Security (NCIS), Pp. 276 – 278,2011.
 Watters, P. ; Xinwen Wu ,” RBACS: Rootkit Behavioral Analysis and Classification System”, Third International Conference on Knowledge Discovery and Data Mining,pp.78- 80,2010
 Yu-Jie Hao, Yan Zhang, Zhi-Peng Lu and Rui Zhang ,”A New Malware Detection Method based on Raw Information”, International Conference on Computing and Intelligence Analysis, pp- 307 - 310,2008.
 Jun Han ,”Security Attack Ontology for Web Services”, Second International Conference on Semantics, Knowledge and Grid,pp.42-50,2008. Sacco, Anibal; Ortéga, Alfredo (2009-06-01). "Persistent BIOS Infection: The Early Bird Catches the Worm". Phrack. 66 (7). Retrieved 2010-11 -13.
 Sacco, Anibal; Ortéga, Alfredo (2009-06-01). "Persistent BIOS Infection: The Early Bird Catches the Worm". Phrack. 66 (7). Retrieved 2010-11 -13.
 http://studylib.net/doc/9005710/lab-5-rootkits--backdoors-- and-trojans
 Protégé https://protege.stanford.edu/
 Feilmayr, Christina; Wöß, Wolfram (2016). "An analysis of ontologies and their success factors for application to business". Data & Knowledge Engineering: 1 –23. Retrieved 23 May 2017
 Ontology Evaluation and Ranking using OntoQA - IEEE Xplore ..., ieeexplore.ieee.org/document/4338348/
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0)