STIDS2016 is the 11th international conference held at George Mason University in Washington DC. STIDS provides a forum for academia, government and industry to share the latest research on semantic technology for defense, intelligence and security applications.
The need for a machine readable presentation of threat actors is needed for machines to be able to identify malicious presence at a given scene. This requires semantic modelling of the cyber threat information, and our research is going towards an ontology for cyber threats. This article is the first little step on the way, identifying relevant existing research, and introducing a matured version of Ryan Stillions “Detection Maturity Level Model” and our own Semantic Threat Classification Model. These models will be the foundation for the future work on developing our own threat intelligence platform.
To explain our motivation behind the research, and our findings so far, we have added examples on how this approach brings value in incident response, threat intelligence and information sharing. Examples selected from our latest incident experiences.
Our extended abstract will be presented in Washington DC on November 16th, please find the agenda here:
The article will be published here after the conference.
Read more about the Threat Ontologies for Cybersecurity Analytics (TOCSA) project here.