{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,25]],"date-time":"2026-04-25T15:17:16Z","timestamp":1777130236649,"version":"3.51.4"},"reference-count":53,"publisher":"MDPI AG","issue":"9","license":[{"start":{"date-parts":[[2018,9,12]],"date-time":"2018-09-12T00:00:00Z","timestamp":1536710400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100002322","name":"Coordena\u00e7\u00e3o de Aperfei\u00e7oamento de Pessoal de N\u00edvel Superior","doi-asserted-by":"publisher","award":["BEX 0966\/15-0"],"award-info":[{"award-number":["BEX 0966\/15-0"]}],"id":[{"id":"10.13039\/501100002322","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100010661","name":"Horizon 2020 Framework Programme","doi-asserted-by":"publisher","award":["636909"],"award-info":[{"award-number":["636909"]}],"id":[{"id":"10.13039\/100010661","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>The use of sensors and actuators as a form of controlling cyber-physical systems in resource networks has been integrated and referred to as the Internet of Things (IoT). However, the connectivity of many stand-alone IoT systems through the Internet introduces numerous cybersecurity challenges as sensitive information is prone to be exposed to malicious users. This paper focuses on the improvement of IoT cybersecurity from an ontological analysis, proposing appropriate security services adapted to the threats. The authors propose an ontology-based cybersecurity framework using knowledge reasoning for IoT, composed of two approaches: (1) design time, which provides a dynamic method to build security services through the application of a model-driven methodology considering the existing enterprise processes; and (2) run time, which involves monitoring the IoT environment, classifying threats and vulnerabilities, and actuating in the environment ensuring the correct adaptation of the existing services. Two validation approaches demonstrate the feasibility of our concept. This entails an ontology assessment and a case study with an industrial implementation.<\/jats:p>","DOI":"10.3390\/s18093053","type":"journal-article","created":{"date-parts":[[2018,9,12]],"date-time":"2018-09-12T10:26:36Z","timestamp":1536747996000},"page":"3053","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":100,"title":["An Ontology-Based Cybersecurity Framework for the Internet of Things"],"prefix":"10.3390","volume":"18","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-3255-1320","authenticated-orcid":false,"given":"Bruno Augusti","family":"Mozzaquatro","sequence":"first","affiliation":[{"name":"Faculdade de Ci\u00eancias e Tecnologia, Universidade NOVA de Lisboa, 2829-516 Caparica, Portugal"}]},{"given":"Carlos","family":"Agostinho","sequence":"additional","affiliation":[{"name":"Centre of Technology and Systems, UNINOVA, 2829-516 Caparica, Portugal"}]},{"given":"Diogo","family":"Goncalves","sequence":"additional","affiliation":[{"name":"University of Surrey, 388 Stag Hill, Guildford GU2 7XH, UK"}]},{"given":"Jo\u00e3o","family":"Martins","sequence":"additional","affiliation":[{"name":"Faculdade de Ci\u00eancias e Tecnologia, Universidade NOVA de Lisboa, 2829-516 Caparica, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3703-6854","authenticated-orcid":false,"given":"Ricardo","family":"Jardim-Goncalves","sequence":"additional","affiliation":[{"name":"Faculdade de Ci\u00eancias e Tecnologia, Universidade NOVA de Lisboa, 2829-516 Caparica, Portugal"}]}],"member":"1968","published-online":{"date-parts":[[2018,9,12]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Ibarra-Esquer, J.E., Gonz\u00e1lez-Navarro, F.F., Flores-Rios, B.L., Burtseva, L., and Astorga-Vargas, M.A. (2017). Tracking the Evolution of the Internet of Things Concept Across Different Application Domains. Sensors, 17.","DOI":"10.3390\/s17061379"},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"1284","DOI":"10.1016\/j.comcom.2012.04.018","article-title":"Pervasive communications in healthcare","volume":"35","author":"Delmastro","year":"2012","journal-title":"Comput. Commun."},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Polycarpou, E., Lambrinos, L., and Protopapadakis, E. (2013, January 4\u20137). Smart parking solutions for urban areas. Proceedings of the 2013 IEEE 14th International Symposium on \u201cA World of Wireless, Mobile and Multimedia Networks\u201d (WoWMoM), Madrid, Spain.","DOI":"10.1109\/WoWMoM.2013.6583499"},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"1665","DOI":"10.1016\/j.comcom.2013.09.004","article-title":"The role of communication systems in smart grids: Architectures, technical solutions and research challenges","volume":"36","author":"Ancillotti","year":"2013","journal-title":"Comput. Commun."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"1558","DOI":"10.1109\/TII.2014.2306391","article-title":"IoT-Based Configurable Information Service Platform for Product Lifecycle Management","volume":"10","author":"Cai","year":"2014","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"2233","DOI":"10.1109\/TII.2014.2300753","article-title":"Internet of Things in Industries: A Survey","volume":"10","author":"Xu","year":"2014","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_7","unstructured":"Manyika, J. (2015). The Internet of Things: Mapping the Value Beyond the Hype, McKinsey Global Institute."},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"2","DOI":"10.1016\/j.pmcj.2011.10.001","article-title":"Looking ahead in pervasive computing: Challenges and opportunities in the era of cyber\u2013physical convergence","volume":"8","author":"Conti","year":"2012","journal-title":"Pervasive Mob. Comput."},{"key":"ref_9","first-page":"97","article-title":"That \u2018internet of things\u2019 thing","volume":"22","author":"Ashton","year":"2009","journal-title":"RFID J."},{"key":"ref_10","unstructured":"Chase, J. (2013). The Evolution of the Internet of Things, Texas Instruments."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"395","DOI":"10.1016\/j.future.2017.11.022","article-title":"IoT security: Review, blockchain solutions, and open challenges","volume":"82","author":"Khan","year":"2018","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"9","DOI":"10.1109\/JPROC.2017.2781198","article-title":"Safety and Security in Cyber-Physical Systems and Internet-of-Things Systems","volume":"106","author":"Wolf","year":"2018","journal-title":"Proc. IEEE"},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"1125","DOI":"10.1109\/JIOT.2017.2683200","article-title":"A Survey on Internet of Things: Architecture, Enabling Technologies, Security and Privacy, and Applications","volume":"4","author":"Lin","year":"2017","journal-title":"IEEE Internet Things J."},{"key":"ref_14","unstructured":"(2018, January 16). Dell Data Security Survey Finds that a Lack of Security Knowledge Limits Business Initiatives. Available online: http:\/\/www.dell.com\/learn\/us\/en\/uscorp1\/press-releases\/dell-data-security-survey\/."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Singh, K., and Awasthi, A.K. (2013). A Review on Wireless Network Security. Quality, Reliability, Security and Robustness in Heterogeneous Networks, Springer.","DOI":"10.1007\/978-3-642-37949-9"},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Mozzaquatro, B.A., Jardim-Goncalves, R., and Agostinho, C. (2015, January 12\u201313). Towards a reference ontology for security in the Internet of Things. Proceedings of the 2015 IEEE International Workshop on Measurements Networking (M&N), Coimbra, Portugal.","DOI":"10.1109\/IWMN.2015.7322984"},{"key":"ref_17","unstructured":"Weisner, S., Guglielmina, C., Gusmeroli, S., and Doumeingts, G. (2018, January 16). Generic methodology for service engineering based on service modelling and model transformation. Available online: http:\/\/cordis.europa.eu\/fp7\/ict\/enet\/documents."},{"key":"ref_18","unstructured":"Debar, H., Curry, D.A., and Feinstein, B.S. (2018, January 16). The intrusion detection message exchange format (IDMEF). Available online: https:\/\/tools.ietf.org\/html\/rfc4765."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"173","DOI":"10.1504\/IJHPCN.2013.056525","article-title":"Security event correlation approach for cloud computing","volume":"7","author":"Ficco","year":"2013","journal-title":"Int. J. High Perform. Comput. Netw."},{"key":"ref_20","first-page":"219","article-title":"Intrusion detection in federated clouds","volume":"13","author":"Ficco","year":"2016","journal-title":"Int. J. Comput. Sci. Eng."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"567","DOI":"10.1007\/s11277-011-0384-6","article-title":"Interoperability of Security-Enabled Internet of Things","volume":"61","author":"Alam","year":"2011","journal-title":"Wirel. Pers. Commun."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"1040","DOI":"10.1016\/j.future.2016.11.011","article-title":"Multi-layer cloud architectural model and ontology-based security service framework for IoT-based smart homes","volume":"78","author":"Tao","year":"2018","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_23","unstructured":"Ekelhart, A., Fenz, S., and Neubauer, T. (2009, January 5\u20138). AURUM: A Framework for Information Security Risk Management. Proceedings of the 2009 42nd Hawaii International Conference on System Sciences, Waikoloa, HI, USA."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"35","DOI":"10.1016\/j.cosrev.2017.01.001","article-title":"Cyber-insurance survey","volume":"24","author":"Marotta","year":"2017","journal-title":"Comput. Sci. Rev."},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"2654","DOI":"10.1002\/sec.406","article-title":"Secure communication for the Internet of Things\u2014A comparison of link-layer security and IPsec for 6LoWPAN","volume":"7","author":"Shahid","year":"2014","journal-title":"Secur. Commun. Netw."},{"key":"ref_26","unstructured":"Mozzaquatro, B.A., Agostinho, C., Melo, R., and Jardim-Goncalves, R. (2017). A Model-Driven Adaptive Approach for IoT Security. Model-Driven Engineering and Software Development: 4th International Conference, MODELSWARD 2016, Rome, Italy, February 19\u201321, 2016, Revised Selected Papers, Springer International Publishing."},{"key":"ref_27","unstructured":"Mozzaquatro, B.A. (2018, May 20). IoTSec Ontology. Available online: http:\/\/iotsec.brunomozza.com\/."},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Bagosi, T., Calvanese, D., Hardi, J., Komla-Ebri, S., Lanti, D., Rezk, M., Rodr\u00edguez-Muro, M., Slusnys, M., and Xiao, G. (2014). The Ontop Framework for Ontology Based Data Access. The Semantic Web and Web Science: 8th Chinese Conference, CSWS 2014, Wuhan, China, August 8\u201312, 2014, Revised Selected Papers, Springer.","DOI":"10.1007\/978-3-662-45495-4_6"},{"key":"ref_29","unstructured":"Prud\u2019hommeaux, E., and Seaborne, A. (2018, March 19). SPARQL Query Language for RDF. Available online: www.w3.org\/TR\/rdf-sparql-query\/."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"89","DOI":"10.1016\/S1071-5819(02)00127-1","article-title":"The evolution of Prot\u00e9g\u00e9: An environment for knowledge-based systems development","volume":"58","author":"Gennari","year":"2003","journal-title":"Int. J. Hum. Comput. Stud."},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"101","DOI":"10.1007\/978-3-319-04948-9_9","article-title":"SLMToolBox: An Implementation of MDSEA for Servitisation and Enterprise Interoperability","volume":"Volume 7","author":"Bazoun","year":"2014","journal-title":"Enterprise Interoperability VI; Proceedings of the I-ESA Conferences"},{"key":"ref_32","unstructured":"Koenig, J. (2018, January 16). Jboss jBPM. Available online: http:\/\/ftp.vdel.com\/files\/jboss\/jbpm_white paper.pdf."},{"key":"ref_33","first-page":"34","article-title":"Netfilter\u2019s connection tracking system","volume":"31","author":"Ayuso","year":"2006","journal-title":"LOGIN USENIX Mag."},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Zhou, Z., Chen, Z., Zhou, T., and Guan, X. (2010, January 30\u201331). The study on network intrusion detection system of Snort. Proceedings of the 2010 International Conference on Networking and Digital Society, Wenzhou, China.","DOI":"10.1109\/ICNDS.2010.5479341"},{"key":"ref_35","unstructured":"OSS, P. (2018, January 16). Prelude OSS. Available online: http:\/\/www.prelude-siem.com\/en\/products\/prelude-os\/."},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Kasinathan, P., Costamagna, G., Khaleel, H., Pastrone, C., and Spirito, M.A. (2013, January 4\u20138). An IDS Framework for Internet of Things Empowered by 6LoWPAN. Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, Berlin, Germany.","DOI":"10.1145\/2508859.2512494"},{"key":"ref_37","unstructured":"BeyondTrust (2018, January 16). Retina Network Security Scanner. Available online: https:\/\/www.beyondtrust.com\/products\/retina-network-security-scanner\/."},{"key":"ref_38","unstructured":"Suryn, W., Abran, A., and April, A. (2018, January 16). ISO\/IEC SQuaRE. The Second Generation of Standards for Software Product Quality. Available online: https:\/\/www.semanticscholar.org\/paper\/ISO-%2F-IEC-SQuaRE-.-The-second-generation-of-for-Suryn-Abran\/348575d1cc283f04e2a1695ccc6e0a221442653b."},{"key":"ref_39","first-page":"1","article-title":"Evaluating the Good Ontology Design Guideline (GoodOD) with the Ontology Quality Requirements and Evaluation Method and Metrics (OQuaRE)","volume":"9","author":"Boeker","year":"2014","journal-title":"PLoS ONE"},{"key":"ref_40","unstructured":"Horrocks, I., Patel-Schneider, P.F., Boley, H., Tabet, S., Grosof, B., and Dean, M. (2018, January 16). SWRL: A Semantic Web Rule Language Combining OWL and RuleML. Available online: http:\/\/www.daml.org\/rules\/proposal\/."},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"51","DOI":"10.1016\/j.websem.2007.03.004","article-title":"Pellet: A practical OWL-DL reasoner","volume":"5","author":"Sirin","year":"2007","journal-title":"Web Semant. Sci. Serv. Agents World Wide Web"},{"key":"ref_42","doi-asserted-by":"crossref","first-page":"54","DOI":"10.1109\/MS.2017.2","article-title":"Enabling IoT Ecosystems through Platform Interoperability","volume":"34","author":"Schmid","year":"2017","journal-title":"IEEE Softw."},{"key":"ref_43","doi-asserted-by":"crossref","unstructured":"Skouby, K.E., and Lynggaard, P. (2014). Smart home and smart city solutions enabled by 5G, IoT, AAI and CoT services. 2014 International Conference on Contemporary Computing and Informatics (IC3I), IEEE.","DOI":"10.1109\/IC3I.2014.7019822"},{"key":"ref_44","doi-asserted-by":"crossref","unstructured":"Veeramachaneni, K., Arnaldo, I., Korrapati, V., Bassias, C., and Li, K. (2016, January 9\u201310). AI^2: Training a Big Data Machine to Defend. Proceedings of the 2016 IEEE 2nd International Conference on Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing (HPSC), and IEEE International Conference on Intelligent Data and Security (IDS), New York, NY, USA.","DOI":"10.1109\/BigDataSecurity-HPSC-IDS.2016.79"},{"key":"ref_45","doi-asserted-by":"crossref","first-page":"559","DOI":"10.1016\/j.ijinfomgt.2009.10.002","article-title":"Ontology management and evolution for business intelligence","volume":"30","author":"Mikroyannidis","year":"2010","journal-title":"Int. J. Inf. Manag."},{"key":"ref_46","doi-asserted-by":"crossref","unstructured":"Forbes, D.E., Wongthongtham, P., Terblanche, C., and Pakdeetrakulwong, U. (2018). Ontology Engineering. Ontology Engineering Applications in Healthcare and Workforce Management Systems, Springer International Publishing.","DOI":"10.1007\/978-3-319-65012-8"},{"key":"ref_47","doi-asserted-by":"crossref","unstructured":"Mavroeidis, V., and Bromander, S. (2017, January 11\u201313). Cyber Threat Intelligence Model: An Evaluation of Taxonomies, Sharing Standards, and Ontologies within Cyber Threat Intelligence. Proceedings of the 2017 European Intelligence and Security Informatics Conference (EISIC), Athens, Greece.","DOI":"10.1109\/EISIC.2017.20"},{"key":"ref_48","doi-asserted-by":"crossref","unstructured":"Jones, C.L., Bridges, R.A., Huffer, K.M.T., and Goodall, J.R. (2015, January 7\u20139). Towards a Relation Extraction Framework for Cyber-Security Concepts. Proceedings of the 10th Annual Cyber and Information Security Research Conference, Oak Ridge, TN, USA.","DOI":"10.1145\/2746266.2746277"},{"key":"ref_49","doi-asserted-by":"crossref","unstructured":"Abie, H., and Balasingham, I. (2012, January 24\u201326). Risk-based Adaptive Security for Smart IoT in eHealth. Proceedings of the 7th International Conference on Body Area Networks, Oslo, Norway.","DOI":"10.4108\/icst.bodynets.2012.250235"},{"key":"ref_50","doi-asserted-by":"crossref","first-page":"735142","DOI":"10.1155\/2014\/735142","article-title":"SDN: Evolution and Opportunities in the Development IoT Applications","volume":"10","author":"Caraguay","year":"2014","journal-title":"Int. J. Distrib. Sens. Netw."},{"key":"ref_51","doi-asserted-by":"crossref","first-page":"74","DOI":"10.1109\/MC.2017.195","article-title":"Softwarization of Internet of Things Infrastructure for Secure and Smart Healthcare","volume":"50","author":"Salahuddin","year":"2017","journal-title":"Computer"},{"key":"ref_52","doi-asserted-by":"crossref","unstructured":"Liyanage, M., Ahmad, I., Okwuibe, J., de Oca, E.M., Mai, H.L., L\u00f3pez, O., and Uriarte, M. (2018). Software Defined Security Monitoring in 5G Networks. A Comprehensive Guide to 5G Security, John Wiley & Sons.","DOI":"10.1002\/9781119293071.ch10"},{"key":"ref_53","doi-asserted-by":"crossref","unstructured":"Nobre, J.C., Mozzaquatro, B.A., and Granville, L.Z. (2018). Network-Wide Initiatives to Control Measurement Mechanisms: A Survey. IEEE Commun. Surv. Tutor.","DOI":"10.1109\/COMST.2018.2797170"}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/18\/9\/3053\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T15:20:07Z","timestamp":1760196007000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/18\/9\/3053"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,9,12]]},"references-count":53,"journal-issue":{"issue":"9","published-online":{"date-parts":[[2018,9]]}},"alternative-id":["s18093053"],"URL":"https:\/\/doi.org\/10.3390\/s18093053","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2018,9,12]]}}}