A computational ontology for cyber operations

More Info
expand_more

Abstract

Due to the advancement of technology and continuing emergence of international conflict situations, wars are now also conducted into the official new battlefield: Cyberspace. Although several incidents have been characterized in terms of cyber operations, there is an important gap in the existing body of knowledge concerning the definition of this concept, and a formal mechanism of representing such operations is lacking. This can produce dissonance and disturbance in the decision making processes and communication in cyber operations, for instance, when planning or assessing their effects. In order to understand what cyber operations represent and to make communication more effective, this article proposes a multidisciplinary definition and a knowledge base for cyber operations implemented as a computational ontology. This article follows a design science approach and grounds its sources in extensive literature review, reports, military doctrine, case studies, evaluation interviews and direct participation and observation in joint military operations exercises and experience in writing cyber operations scenarios. The computational ontology has been designed to reflect the understanding of and the necessary communication in cyber operations based on the abovementioned sources. Its upper classes are: Context, Actor, Type, MilitaryObjective, Phase, Target, Cyber Weapon, Asset, Geolocation, Action and Effect. The ontology has been developed in Protégé by using the Ontology Engineering Methodology, and contains 140 classes, 37 individuals and 94 properties. This ontology makes possible the classification of the essential entities of a cyber operation: Military objective, target, cyber weapon/capability and effect. The proposed ontology has been exemplified and evaluated on two case studies conducted on Operation Olympic Games/Stuxnet and Georgia and with the help of two military experts with international experience. The validation results show that the proposed ontology is effective in representing cyber operations accurately, clearly and concisely. To increase its applicability, future research will focus on assessing the effects of Cyber Operations.