OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti-stix message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [cti-stix] RFI: MITRE Analysis and Assessment Vocabulary

Potentially related to https://github.com/STIXProject/schemas/issues/347

2015-10-23 21:07 GMT+03:00 Patrick Maroney <Pmaroney@specere.org>:
> Although relative to the active discussions, I wanted to pull this RFI out
> of the increasingly bifurcated related threads:
>
> (1)  MITRE published the following paper in 2013 that some of may find of
> value:
>
> Characterizing Effects on the Cyber Adversary
> A Vocabulary for Analysis and Assessment
>
> Deborah Bodeau
> Richard Graubart
>
> November 2013
>
>
> http://www.mitre.org/sites/default/files/publications/characterizing-effects-cyber-adversary-13-4173.pdf
>
> Abstract
>
> This paper presents a vocabulary for stating claims or hypotheses about the
> effects of cyber mission assurance decisions on cyber adversary behavior.
> Cyber mission assurance decisions include choices of cyber defender actions,
> architectural decisions, and selections and uses of technologies to improve
> cyber security, resiliency, and defensibility (i.e., the ability to address
> ongoing adversary activities). The vocabulary enables claims and hypotheses
> to be stated clearly, comparably across different assumed or real-world
> environments, and in a way that suggests evidence that might be sought but
> is independent of how the claims or hypotheses might be evaluated. The
> vocabulary can be used with multiple modeling and analysis techniques,
> including Red Team analysis, game-theoretic modeling, attack tree and attack
> graph modeling, and analysis based on the cyber attack lifecycle (also
> referred to as cyber kill chain analysis or cyber campaign analysis).
>
>
>
> (2)  I've reached out to a couple of MITRE contacts but have been unable to
> find any additional related papers, reference implementations, and/or
> schematic representations of the Analysis and Assessment Vocabulary.  I'd
> welcome a direct reach back if anyone has anything related to this work.
>
>
> Patrick Maroney
> President
> Integrated Networking Technologies, Inc.
> Office:  (856)983-0001
> Cell:      (609)841-5104

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]