ABSTRACT
In this chapter the methodology pursued for the purposes of achieving a classification scheme to structure to systematize the knowledge on ransomware retrieved by the semantic annotation procedure from CVE descriptions will be presented. In particular, the first part of the section will address the description of the semantic annotation procedure carried out over the texts included in the CVE list in order to train a model which can automatically detect the salient information to isolate and select to be integrated in the classification tool. The primary elements of this chapter will focus on the identification of the main representative concepts within the source corpus made up of CVE textual descriptions, then on the formalization of this knowledge through a pattern-based approach aimed at detecting a semantic recursive chain to be formalized in the classification scheme, which in this research will be represented by means of an ontological framework. The latter point will be addressed by structuring the hierarchical configuration through main classes considered as entry points for the ontology system. The second part of this section will cover the identification of regular expressions within CVE. The third part of the section will show the connection between the vulnerabilities described in the CVE and the ransomware within the classification tool, as well as the statistic and semantic analysis.
