Epistemology for cyber security: a controlled natural language approach

Leigh Edward Chase*, Alaa Mohasseb, Benjamin Aziz

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In this paper we introduce a new Controlled Natural Language (CNL) known as "Noam". It is used to express cyber security knowledge and for reasoning over it. The approach follows examples set by other domain-specific languages and constrained grammars, but is highly unusual due to its singular focus on cyber security. Like most CNLs Noam is both human-readable and machine-solvable, thus fulfilling important assurance requirements with respect to transparency and explainability. The language seeks to address a growing problem faced by security engineers and architects; namely, that their endeavours are constrained by the complexity and sheer interconnectedness of the systems they protect. This is further compounded by year-on-year vulnerability disclosure rates and diversification of the Tactics, Techniques and Procedures used by threat actors. Our approach is analogical in which the Noam CNL is used to construct a system model, instrument it with data from the real environment and apply functional programming techniques in order to ’solve-for’ certain conditions of interest. The intention is to demonstrate the value of CNLs and semantic reasoning within cyber security, framed in the context of improving the information available to security engineers, architects and other decision-makers.
Original languageEnglish
Title of host publicationAdvances in Information Systems, Artificial Intelligence and Knowledge Management
Subtitle of host publication6th International Conference on Information and Knowledge Systems, ICIKS 2023, Portsmouth, UK, June 22–23, 2023, Proceedings
EditorsInès Saad, Camille Rosenthal-Sabroux, Faiez Gargouri, Salem Chakhar, Nigel Williams, Ella Haig
PublisherSpringer Nature
Pages267–282
ISBN (Electronic)9783031516641
ISBN (Print)9783031516634
DOIs
Publication statusPublished - 20 Jan 2024
EventThe 6th International Conference on Information and Knowledge Systems - Portsmouth Business School, Portsmouth, United Kingdom
Duration: 22 Jun 202323 Jun 2023
Conference number: 6
https://iciks.org/

Publication series

NameLecture Notes in Business Information Processing
PublisherSpringer Nature
Volume486
ISSN (Print)1865-1348
ISSN (Electronic)1865-1356

Conference

ConferenceThe 6th International Conference on Information and Knowledge Systems
Abbreviated titleICIKS2023
Country/TerritoryUnited Kingdom
CityPortsmouth
Period22/06/2323/06/23
Internet address

Keywords

  • cyber security
  • explainable learning
  • controlled natural language
  • knowledge representation
  • epistemology
  • machine reasoning

Fingerprint

Dive into the research topics of 'Epistemology for cyber security: a controlled natural language approach'. Together they form a unique fingerprint.

Cite this