Security and Ontology Resources
This research explores controlled vocabularies, taxonomies, and ontologies to make progress toward a science of cybersecurity.
Abstract
We are aware of the need for controlled vocabularies, taxonomies, and ontologies to make progress toward a science of cybersecurity. SEI researchers are addressing this gap by developing the discipline's first common vocabulary.
Collection Contents
-
An Incident Management Ontology
November 25, 2014 • Conference Paper
By Dave Mundie, Robin Ruefle, Audrey J. Dorofee, John McCloud, Samuel J. Perl, Matthew L. Collins
In this paper, the authors describe the shortcomings of the incident management meta-model and how an incident management ontology addresses those shortcomings.
read -
Building an Incident Management Body of Knowledge
September 7, 2012 • White Paper
By Dave Mundie, Robin Ruefle
In this paper, the authors describe the components of the CERT Incident Management Body of Knowledge (CIMBOK) and how they were constructed.
read -
The MAL: A Malware Analysis Lexicon
February 1, 2013 • Technical Note
By Dave Mundie, David McIntire
In this report, the authors present results of the Malware Analysis Lexicon (MAL) initiative, which developed the first common vocabulary for malware analysis.
read -
Using a Malware Ontology to Make Progress Towards a Science of Cybersecurity
May 9, 2013 • Podcast
By Dave Mundie, Julia H. Allen
In this podcast, Dave Mundie explains why a common language is essential to developing a shared understanding to better analyze malicious code.
learn more -
FAQ: Collaboration Between the CERT Coordination Center and Computer Security Incident Response Teams Worldwide
June 19, 2008 • Brochure
This FAQ answers questions related to the collaboration between the CERT/CC and CSIRTs worldwide.
read