Transforming network simulation data to semantic data for network attack planning

Abstract

This research paper investigates a technique to transform network simulation data into linked data through the use of ontology models. By transforming the data, it allows one to use semantic reasoners to infer and reason additional insight. A case study was performed, using the Common Open Research Emulator (CORE), to generate the necessary network simulation data. The simulation data was analysed, and then transformed into linked data. The result of the transformation is a data file that adheres to the Web Ontology Language (OWL) 2.0 eXtensible Markup Language (XML) format, which can be read, merged, and reasoned by ontology tools such as Protégé. Using the Web Ontology Language Application Program Interface (OWL API), it was possible to merge the transformed data with other ontology models to form a knowledge base for a specific field — particularly network warfare ontologies in this instance. The knowledge base can then be queried dynamically, similar to semantic based intrusion detection systems (IDS). For example using associated network data during a warfare operation in order to infer doctrines, operating procedures or related information. Overall, this research provides a step towards automating the transformation of network data to semantic data to aid network attack and defence strategies.