Ontological Approach

Ontological approach provides us with the way to store the information that can be gained from the attack graph in a structured form. Ontology is made of entities and their interrelationships. The entities are defined as follows:Machine: Any host machine connected to the network comes in the category. All the workstations and the servers that the attacker can use to his advantage will be called as a machine. Vulnerability: Any weakness in the system that the attacker have access and capability to exploit is considered a vulnerability. There are many vulnerability scanners available that scan the system and list all the vulnerabilities that exist in that particular system. All the vulnerabilities are
The labeling of vulnerability goes like this LOW: if the base score is 0.0-3.9,MEDIUM if the base score is 4.0-6.9, HIGH if the base score is 7.0-8.9 and CRITICAL if the base score is 9.0-10.0.Vulnerability Description: National Vulnerability Database provides vulnerability description along with the vulnerability ids and the CVSS score. Vulnerability description gives details of what type of attack can exploit that vulnerability.Attack: An attack can be defined as an unwanted situation when the attacker exploits the vulnerability present in the system and gains certain advantage out of it.Attacker: Attacker is someone who initiates the attack.Privileges: After every attack, the attacker as a consequence gains some advantage out of the attack. These advantages come under the privileges gained by the attacker.Attack Description: Description of particular attack that is how it is carried is given under this entity.Goal: Every attacker has a goal which he wants to achieve.To achieve that particular goal he launches a series of attacks.This goal is specified under this category.Paths: An attacker can follow various different paths to achieve a