SemanticWeb Ontology for Botnet Classification

Botnets have become a vital security problem on the Internet as such attacks lead to fraud, spam, identity theft, and information leakage. No intelligent classification knowledge graph of Botnets has been created for integration into AI applications. We address this by integrating concepts from cybersecurity into AI. Using an ontology model, we designed concept classes, individuals, and object properties of botnet to construct a knowledge graph of botnet containing their classification, features, and attack type. Our technique extracts cybersecurity knowledge from various textual sources to populate our knowledge graph on botnets and their attack type. To construct our knowledge base, we use Web Ontology Language (OWL 2 DL) for knowledge representation and Resource Description Framework (RDF) as a standard model for metadata representation. The system then reasons over the knowledge graph that combines a variety of collaborative agents to derive improved results. We describe a proof-of-concept framework for our approach as well as demonstrate its capabilities by testing it against different attack types and botnet identification features. Our knowledge basewill help researchers analyze botnet samples and understand the infection procedures of botnets. It will also help in measuring the potential risk and possible damages of botnets.