To search, Click below search items.


All Published Papers Search Service


Malware fuzzy ontology for semantic web


Tala Tafazzoli, Seyed Hadi Sadjadi


Vol. 8  No. 7  pp. 153-161


The term malware, in the area related to computer science, is used to define malicious code which is designed and written to execute attacks on software systems. In this paper, after a quick review of malact ontology, malware ontology is presented. Malwares include viruses, worms, botnets, spywares, backdoors, trojan horses, rootkits and exploits. In this paper malwares are grouped based on four attributes. These attributes include: Objective, operational status, establishment status and communication status. Then by analyzing malware and their characteristics, we propose malware ontology. The ontology is used to represent the concepts and their relationships in network security. One of the usages of ontology is information sharing and reuse in semantic web. In this paper, by proposing malware ontology, we presented the semantic relation map between concepts of this area which is used in semantic based search engines in incident area and CERT portals. Because malwares have similar characteristics, there is no clear boundary between their concepts so fuzzy logic is used to represent malware relationships. Malware relationships are presented in five categories: very weak relations, weak relations, moderate relations, good relations and very good relations and weights are assigned to them. If search is done on any concept (nodes) in the graph, the amount of the relationship with other concepts is calculated and based on the search demand and level of relationship, search is done on other related concepts.


Information security, artifact, malware, ontology, fuzzy logic.