| Popis: |
Automated cyber threat intelligence information exchange systems enable cyber attack response teams to share information about cyber-attacks. In order to cooperate and collaborate on collective cyber responses, it is necessary to develop common sharing methods for cyber threat information exchange. Such methods increase our capabilities for Homeland Security by enabling faster and more intelligent automated response to cyber attacks. STIX, IODEF, OpenIOC and others are such XML based exchange formats, developed mostly independently by different parties for their needs. However these formats are not unanimously adopted, and are limited to syntactic representation. In this paper we analyze these exchange formats using ontologies and library science, in order to see to what degree they overlap and/or provide extra features. We also analyze additional features and benefits provided by semantic formats, in comparison to purely syntactic representations, and analyze potential benefits of RDF/OWL-based semantic exchange format, in comparison to purely syntactic representation. |
