Rethinking Cybersecurity Ontology Classification and Evaluation: Towards a Credibility-Centered Framework
摘要
This paper analyzes the proliferation of cybersecurity ontologies, arguing that this surge cannot be explained solely by technical shortcomings related to quality, but also by a credibility deficit - a lack of trust, endorsement, and adoption by users. This conclusion is based on our first contribution, which is a state-of-the-art review and categorization of cybersecurity ontologies using the Framework for Ontologies Classification (F4OC) framework. To address this gap, we propose a revised framework for assessing credibility, introducing indicators such as institutional support, academic recognition, day-to-day practitioners’ validation, and industrial adoption. Based on these new credibility indicators, we construct a classification scheme designed to guide the selection of ontologies that are relevant to specific security needs. We then apply this framework to a concrete use case: the Franco-Luxembourgish research project ANCILE ( https://www.linkedin.com/company/autonomic-cybersecurity-with-adversarial-learning-and-explanations ), which illustrates how a credibility-aware evaluation can reshape ontology selection for operational contexts.