Common Vulnerabilities and Exposures from Emails

Abstract

Ontologies are used for knowledge management, concept
definition and semantic search. Ontology is applicable to the organization
and management of knowledge in a single given domain. This paper is an
attempt to construct a knowledge base for email vulnerabilities using
ontologies. It presents a method of building relations among CVEs email
entries as established by the MITRE Corporation’s weaknesses data base.
The use of ontology is illustrated with queries analyzing software products
from a security manager’s point of view. This work is based on the MITRE
community effort CWE List, Version 3.1 - Research concept view CWE-1000.

ACM Computing Classification System (1998): I.2.4, K.4.1, H.4.3.

Key words: mail weaknesses, ontology concepts, ontology principles, weaknesses, weakness

concepts.

This paper is partly supported by the National Scientific Program “Information and

Communication Technology for a Single Digital Market in Science, Education and Security

(ICTinSES)”, financed by the Ministry of Education and Science in Bulgaria. This article presents

principal results of the author’s doctoral thesis “Supporting CWEs and CVEs Knowledge Base for

Mailing Aspects”.