Abstract
Phishing attacks are the most common form of social engineering where attackers intend to deceive targeted people into revealing sensitive information or installing malware. To understand the dynamics of phishing attacks and design suitable countermeasures, particularly the promotion of phishing awareness, cybersecurity researchers have proposed several domain conceptual models and lightweight ontologies. Despite the growing literature in ontology engineering highlighting the advantages of employing upper and reference ontologies for domain modeling, current phishing attack models lack ontological foundations. As a result, they suffer from a number of shortcomings, such as false agreements, informality, and limited interoperability. To address this gap, we propose a Phishing Attack Ontology (PHATO) grounded in the Reference Ontology for Security Engineering (ROSE) and the Common Ontology of Value and Risk (COVER), which are both founded in the Unified Foundational Ontology (UFO). Our proposal is represented through the OntoUML ontology-driven conceptual modeling language, benefiting from its ecosystem of tools and domain ontologies. We also discuss some implications of PHATO for the design of anti-phishing countermeasures.
| Original language | English |
|---|---|
| Title of host publication | ER-Companion 2023 |
| Subtitle of host publication | Companion Proceedings of the 42nd International Conference on Conceptual Modeling: ER Forum, 7th SCME, Project Exhibitions, Posters and Demos, and Doctoral Consortium co-located with ER 2023 Lisbon, Portugal, November 06-09, 2023 |
| Editors | Claudenir M. Fonseca, José Borbinha, Giancarlo Guizzardi |
| Place of Publication | Aachen |
| Publisher | CEUR |
| Number of pages | 13 |
| Publication status | Published - Nov 2023 |
| Event | 42nd International Conference on Conceptual Modeling, ER 2023 - Congress Center of the Instituto Superior Técnico, Lisbon, Portugal Duration: 6 Nov 2023 → 9 Nov 2023 Conference number: 42 https://er2023.inesc-id.pt/ |
Publication series
| Name | CEUR workshop proceedings |
|---|---|
| Publisher | Rheinisch Westfälische Technische Hochschule |
| Volume | 3618 |
| ISSN (Print) | 1613-0073 |
Conference
| Conference | 42nd International Conference on Conceptual Modeling, ER 2023 |
|---|---|
| Abbreviated title | ER 2023 |
| Country/Territory | Portugal |
| City | Lisbon |
| Period | 6/11/23 → 9/11/23 |
| Internet address |
Keywords
- Common ontology of value and risk
- Cybersecurity
- Phishing attack
- Phishing attack ontology
- Reference ontology for security engineering
- Social engineering
- Unified Foundational Ontology (UFO)
Fingerprint
Dive into the research topics of 'Toward a phishing attack ontology'. Together they form a unique fingerprint.Research output
- 2 Book editing
-
Conceptual Modeling: 42nd International Conference, ER 2023, Lisbon, Portugal, November 6–9, 2023, Proceedings
Ameida, J. P. A. (Editor), Borbinha, J. (Editor), Guizzardi, G. (Editor), Link, S. (Editor) & Zdravkovic, J. (Editor), 28 Oct 2023, Cham: Springer. 430 p. (Lecture Notes in Computer Science; vol. 14320)Research output: Book/Report › Book editing › Academic
Open AccessFile144 Downloads (Pure) -
ER-Companion 2023: Companion Proceedings of the 42nd International Conference on Conceptual Modeling: ER Forum, 7th SCME, Project Exhibitions, Posters and Demos, and Doctoral Consortium, co-located with ER 2023, Lisbon, Portugal, November 06-09, 2023
M. Fonseca, C., Borbinha, J. & Guizzardi, G., 2023, Aachen: CEUR. (CEUR workshop proceedings; vol. 3618)Research output: Book/Report › Book editing › Academic
Open Access
Cite this
- APA
- Author
- BIBTEX
- Harvard
- Standard
- RIS
- Vancouver