Cyber Supply Chain Threat Analysis and Prediction using Machine Learning and Ontology


Stockholm University


Abel Yeboah-Oforil, Haralambos Mouratidis, Umar Ismail, Shareeful Islam, Spyridon Papastergiou


Cyber Supply Chain Threat Analysis and Prediction using Machine Learning and Ontology

Open Access

View and Download at Zenodo here.


Cyber Supply Chain (CSC) security requires a secure integrated network among the sub-systems of the inbound and outbound chains. Adversaries are deploying various penetration and manipulation attacks on an CSC in-tegrated network’s nodes. The different levels of integrations and inherent system complexities pose potential vulnerabilities and attacks that may cascade to other parts of the supply chain system. Thus, it has become im-perative to implement systematic threats analyses and predication within the CSC domain to improve the overall security posture. This paper presents a unique approach that advances the current state of the art on CSC threat analysis and prediction by combining work from three areas: Cyber Threat Intelligence (CTI ), Ontologies, and Machine Learning (ML). The outcome of our work shows that the conceptualization of cybersecurity using ontologi-cal theory provides clear mechanisms for understanding the correlation be-tween the CSC security domain and enables the mapping of the ML predic-tion with 80% accuracy of potential cyberattacks and possible counter-measures.

Publication medium



17th International Conference on Artificial Intelligence Applications and Innovations (AIAI)

Date of the conference:



Virtual Event

Is this a peer-reviewed publication?


Is this a joint public/private publication?



Project Coordinator: Sofoklis Efremidis
Institution: Maggioli SPA
Email: info{at}
Start: 1-10-2020
Duration: 36 months
Participating organisations: 14
Number of countries: 10



EU flagThis project has received funding from the European Union’s Horizon 2020 Research and Innovation program under grant agreement No 952690. The website reflects only the view of the author(s) and the Commission is not responsible for any use that may be made of the information it contains.