Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Collection

Security and Ontology Collection

  • This research explores controlled vocabularies, taxonomies, and ontologies to make progress toward a science of cybersecurity.
  • Publisher: Software Engineering Institute
  • We are aware of the need for controlled vocabularies, taxonomies, and ontologies to make progress toward a science of cybersecurity. SEI researchers are addressing this gap by developing the discipline's first common vocabulary.

  • An Incident Management Ontology November 2014 Author(s): Dave Mundie, Robin Ruefle, Audrey J. Dorofee, John McCloud, Samuel J. Perl, Matthew L. Collins In this paper, the authors describe the shortcomings of the incident management meta-model and how an incident management ontology addresses those shortcomings.
  • Building an Incident Management Body of Knowledge September 2012 Author(s): Dave Mundie, Robin Ruefle In this paper, the authors describe the components of the CERT Incident Management Body of Knowledge (CIMBOK) and how they were constructed.
  • The MAL: A Malware Analysis Lexicon February 2013 Author(s): Dave Mundie, David McIntire In this report, the authors present results of the Malware Analysis Lexicon (MAL) initiative, which developed the first common vocabulary for malware analysis.
  • Using a Malware Ontology to Make Progress Towards a Science of Cybersecurity May 2013 Author(s): Dave Mundie, Julia H. Allen In this podcast, Dave Mundie explains why a common language is essential to developing a shared understanding to better analyze malicious code.