Abstract : Securing the Internet of Things, more precisely, the ETSI Machine to Machine (M2M) architecture is a difficult task, since there is a need to secure heterogeneous wireless communications (cellular, wireless, wired), devices (sensor or mobile phone) and applications (programming language, framework, database). In this article, we present the state of the art concerning the security ontologies in various domains (Web, MANET, 2G/GSM, 3G/UMTS, 4G/LTE, Wi-Fi, Intrusion Detection System). Since, most of the existing security ontologies are not published online or do not follow semantic web best practices, we have designed the STAC (Security Toolbox: Attack & Countermeasure) ontology-based security knowledge respecting the semantic web guidelines. The STAC ontology, dataset and application have been designed to help software developers or designers to choose security mechanisms fitting their needs to secure Internet of Things (IoT) applications. STAC is published online (http://sensormeasurement.appspot.com/?p=stac).