CWE Ontology
DOI:
https://doi.org/10.55630/sjc.2022.16.39-56Keywords:
Cybersecurity, Weakness, Semantic Web, OntologyAbstract
CWE is a community-supported database of known weaknesses. It is under permanent update and development. MITRE Corporation hosts this database. It consists of several viewpoints structured at several abstract levels.
CWE database is the base of CWE ontology. It redefines weaknesses in terms of the Semantic Web. This ontology is a part of ontology ecosystem developed to capture cybersecurity knowledge on known vulnerabilities, weaknesses, and attacks patterns.
CWE ontology classifies CVE/NVD vulnerabilities. It is useful for research and investigation on new vulnerabilities and weaknesses using reasoners. In addition, CWE is useful for cybersecurity incident forensic investigations, software acquisition and development.