Epistemology for cyber security: a controlled natural language approach

Leigh Edward Chase; Alaa Mohasseb; Benjamin Aziz

Epistemology for cyber security: a controlled natural language approach

Leigh Edward Chase^*, Alaa Mohasseb, Benjamin Aziz

^*Corresponding author for this work

School of Computing

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

In this paper we introduce a new Controlled Natural Language (CNL) known as "Noam". It is used to express cyber security knowledge and for reasoning over it. The approach follows examples set by other domain-specific languages and constrained grammars, but is highly unusual due to its singular focus on cyber security. Like most CNLs Noam is both human-readable and machine-solvable, thus fulfilling important assurance requirements with respect to transparency and explainability. The language seeks to address a growing problem faced by security engineers and architects; namely, that their endeavours are constrained by the complexity and sheer interconnectedness of the systems they protect. This is further compounded by year-on-year vulnerability
disclosure rates and diversification of the Tactics, Techniques and Procedures used by threat actors. Our approach is analogical in which the Noam CNL is used to construct a system model, instrument it with data from the real environment and apply functional programming techniques in order to ’solve-for’ certain conditions of interest. The intention is to demonstrate the value of CNLs and semantic reasoning within cyber security, framed in the context of improving the information available to security engineers, architects and other decision-makers.

Original language	English
Title of host publication	Proceedings of the 6th International Conference on Information and Knowledge Systems
Publisher	Springer
Publication status	Accepted for publication - 25 Apr 2023
Event	The 6th International Conference on Information and Knowledge Systems - Portsmouth Business School, Portsmouth, United Kingdom Duration: 22 Jun 2023 → 23 Jun 2023 Conference number: 6 https://iciks.org/

Conference

Conference	The 6th International Conference on Information and Knowledge Systems
Abbreviated title	ICIKS2023
Country/Territory	United Kingdom
City	Portsmouth
Period	22/06/23 → 23/06/23
Internet address	https://iciks.org/

Keywords

cyber security
explainable learning
controlled natural language
knowledge representation
epistemology
machine reasoning

Access to Document

https://iciks.org/

Embargoed Document

ICIKS_2023_paper_964
Accepted author manuscript (Post-print), 495 KB
Due to publisher’s copyright restrictions, this document is not freely available to download from this website until: 1/01/50

Cyber Threats Prediction Using Experience Sharing Model And Ensemble Learning Algorithms
Mohasseb, A. & Aziz, B.
1/10/20 → 1/10/25
Project: Research

Cite this

@inproceedings{bfd1ee332f314b6d93b58612a4bed00f,

title = "Epistemology for cyber security: a controlled natural language approach",

abstract = "In this paper we introduce a new Controlled Natural Language (CNL) known as {"}Noam{"}. It is used to express cyber security knowledge and for reasoning over it. The approach follows examples set by other domain-specific languages and constrained grammars, but is highly unusual due to its singular focus on cyber security. Like most CNLs Noam is both human-readable and machine-solvable, thus fulfilling important assurance requirements with respect to transparency and explainability. The language seeks to address a growing problem faced by security engineers and architects; namely, that their endeavours are constrained by the complexity and sheer interconnectedness of the systems they protect. This is further compounded by year-on-year vulnerabilitydisclosure rates and diversification of the Tactics, Techniques and Procedures used by threat actors. Our approach is analogical in which the Noam CNL is used to construct a system model, instrument it with data from the real environment and apply functional programming techniques in order to {\textquoteright}solve-for{\textquoteright} certain conditions of interest. The intention is to demonstrate the value of CNLs and semantic reasoning within cyber security, framed in the context of improving the information available to security engineers, architects and other decision-makers.",

keywords = "cyber security, explainable learning, controlled natural language, knowledge representation, epistemology, machine reasoning",

author = "Chase, {Leigh Edward} and Alaa Mohasseb and Benjamin Aziz",

note = "12 month embargo. Springer. This version of the article has been accepted for publication, after peer review (when applicable) and is subject to Springer Nature{\textquoteright}s AM terms of use, but is not the Version of Record and does not reflect post-acceptance improvements, or any corrections. The Version of Record is available online at: http://dx.doi.org/[insert DOI]; The 6th International Conference on Information and Knowledge Systems, ICIKS2023 ; Conference date: 22-06-2023 Through 23-06-2023",

year = "2023",

month = apr,

day = "25",

language = "English",

booktitle = "Proceedings of the 6th International Conference on Information and Knowledge Systems",

publisher = "Springer",

url = "https://iciks.org/",

}

TY - GEN

T1 - Epistemology for cyber security: a controlled natural language approach

AU - Chase, Leigh Edward

AU - Mohasseb, Alaa

AU - Aziz, Benjamin

N1 - Conference code: 6

PY - 2023/4/25

Y1 - 2023/4/25

N2 - In this paper we introduce a new Controlled Natural Language (CNL) known as "Noam". It is used to express cyber security knowledge and for reasoning over it. The approach follows examples set by other domain-specific languages and constrained grammars, but is highly unusual due to its singular focus on cyber security. Like most CNLs Noam is both human-readable and machine-solvable, thus fulfilling important assurance requirements with respect to transparency and explainability. The language seeks to address a growing problem faced by security engineers and architects; namely, that their endeavours are constrained by the complexity and sheer interconnectedness of the systems they protect. This is further compounded by year-on-year vulnerabilitydisclosure rates and diversification of the Tactics, Techniques and Procedures used by threat actors. Our approach is analogical in which the Noam CNL is used to construct a system model, instrument it with data from the real environment and apply functional programming techniques in order to ’solve-for’ certain conditions of interest. The intention is to demonstrate the value of CNLs and semantic reasoning within cyber security, framed in the context of improving the information available to security engineers, architects and other decision-makers.

AB - In this paper we introduce a new Controlled Natural Language (CNL) known as "Noam". It is used to express cyber security knowledge and for reasoning over it. The approach follows examples set by other domain-specific languages and constrained grammars, but is highly unusual due to its singular focus on cyber security. Like most CNLs Noam is both human-readable and machine-solvable, thus fulfilling important assurance requirements with respect to transparency and explainability. The language seeks to address a growing problem faced by security engineers and architects; namely, that their endeavours are constrained by the complexity and sheer interconnectedness of the systems they protect. This is further compounded by year-on-year vulnerabilitydisclosure rates and diversification of the Tactics, Techniques and Procedures used by threat actors. Our approach is analogical in which the Noam CNL is used to construct a system model, instrument it with data from the real environment and apply functional programming techniques in order to ’solve-for’ certain conditions of interest. The intention is to demonstrate the value of CNLs and semantic reasoning within cyber security, framed in the context of improving the information available to security engineers, architects and other decision-makers.

KW - cyber security

KW - explainable learning

KW - controlled natural language

KW - knowledge representation

KW - epistemology

KW - machine reasoning

M3 - Conference contribution

BT - Proceedings of the 6th International Conference on Information and Knowledge Systems

PB - Springer

T2 - The 6th International Conference on Information and Knowledge Systems

Y2 - 22 June 2023 through 23 June 2023

ER -

Epistemology for cyber security: a controlled natural language approach

Abstract

Conference

Keywords

Access to Document

Embargoed Document

Projects

Cyber Threats Prediction Using Experience Sharing Model And Ensemble Learning Algorithms

Cite this