Towards an ontology of state actors in cyberspace

To improve cyber threat analysis practices in cybersecurity, I present a plan to build a formal ontological representation of state actors in cyberspace and of cyber operations. I argue that modelling these phenomena via ontologies allows for coherent integration of data coming from diverse sources, automated reasoning over such data, as well as intelligence extraction and reuse from and of them. Existing ontological tools in cybersecurity can be ameliorated by connecting them to neighboring domains such as law, regulations, governmental institutions, and documents. In this paper, I propose metrics to evaluate currently existing ontological tools to create formal representations in the cybersecurity domain, and I provide a plan to develop and extend them when they are lacking.