OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

cti-users message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [cti-users] Research Paper

Thanks Adam. I thought it might be of interest to see research from a CISO/SOC/User point of view for using STIX, CYBOX, MAEC, etc vice the normal vendor view normally expressed on the list. We'll try to follow up with some additional information. 

Some users have said "Slideshare" is blocked from their networks and requested alternative ways to get the research paper. I've included a few additional sources below.

http://cscss.org/wp-content/uploads/2015/08/CSCSS-Science-of-Security-Developing-Scientific-Foundations-for-the-Operational-Cybersecurity-Ecosystem.pdf


https://www.researchgate.net/profile/Shawn_Riley2/contributions


Best,

Shawn



On Sun, Aug 23, 2015 at 8:50 AM, Adam Carbone <adam.carbone@villagerockinvestments.com> wrote:

I would love to hear more about your efforts, really see the benefits of this was based on semantic web technologies, and then of you wanted json use json-ld.
Seems like an obvious choice not sure why this list hasn't embraced the idea.

Regards
Adam Carbone

On Aug 23, 2015 7:43 AM, "Shawn Riley" <shawn.p.riley@gmail.com> wrote:
Hi Folks,

Back in 2012 when STIX was released, the white paper included a mention of other possible implementations such as semantic web (OWL/RDF) and JSON-centric. We've had Bret share details on his JSON efforts with the list so I wanted to take the opportunity to share our research paper on using semantic web technologies (OWL/RDF) with the group. This isn't marketing as there is no company or product mentioned. Rather, we're just sharing knowledge based on our international research efforts. Given the ongoing debate over XML vs JSON, we thought it would also be good to show how both of these could be supported using the semantic technology approach. 

In many ways our research "connected the dots" between existing cybersecurity efforts across different government agencies that have been identified by the government as the way forward. From the Science of Security championed by National Security Agency and National Science Foundation, to the Cybersecurity Measurement and Management Architecture championed by the Department of Homeland Security and the Department of Defense, and the revolutionary intelligence methodologies (object-based production / activity-based intelligence) championed by the Intelligence Community and particularly the National Geospatial-Intelligence Agency.

While each of these cybersecurity and intelligence efforts can stand on its own and provide great benefit, bringing these efforts together demonstrates how each agency's investments can see a greater return on investment by working together to develop scientific foundations for the operational cybersecurity ecosystem. Just like we need infrastructure in areas like Meteorology to understand and predict the weather we need operational cybersecurity science infrastructure to understand and predict events in our cyber ecosystem of the future.

The paper can be downloaded from LinkedIn's Slideshare.

Best,
Shawn

Shawn Riley
Executive Vice President
Centre for Strategic Cyberspace + Security Science
London, England, UK - Washington, DC, USA


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]