Other formats:
BibTeX
LaTeX
RIS
@inproceedings{1863346, author = {Tovarňák, Daniel and Čech, Michal and Tichý, Dušan and Dohnal, Vojtěch}, address = {USA}, booktitle = {Proceedings of the IEEE/IFIP Network Operations and Management Symposium 2022}, doi = {http://dx.doi.org/10.1109/NOMS54207.2022.9789882}, editor = {Varga, Pal, et al.}, keywords = {cyber threat intelligence; security; GraphQL}, howpublished = {elektronická verze "online"}, language = {eng}, location = {USA}, isbn = {978-1-6654-0601-7}, pages = {1-4}, publisher = {IEEE}, title = {ObservableDB: An Inverted Index for Graph-Based Traversal of Cyber Threat Intelligence}, url = {https://doi.org/10.1109/NOMS54207.2022.9789882}, year = {2022} }
TY - JOUR ID - 1863346 AU - Tovarňák, Daniel - Čech, Michal - Tichý, Dušan - Dohnal, Vojtěch PY - 2022 TI - ObservableDB: An Inverted Index for Graph-Based Traversal of Cyber Threat Intelligence PB - IEEE CY - USA SN - 9781665406017 KW - cyber threat intelligence KW - security KW - GraphQL UR - https://doi.org/10.1109/NOMS54207.2022.9789882 N2 - In this paper, we address the lack of analytical tools and search interfaces, which would help both humans and machines to navigate and correlate the floods of heterogeneous cyber threat intelligence (CTI) data generated every day. This work supports our long-term goal of machine-assisted discovery and inference of detectable indicators for adversarial tactics, techniques, and procedures from the available CTI. In particular, we present the idea of an observable database that works as an inverted index for CTI. This observable-centric concept is supported by a fully-functional practical result that leverages a meta-programming approach to auto-generate a graph-based API for data search and manipulation. The created prototype allows for powerful graph-based filtering, traversal and retrieval of the stored cyber observables and the referenced CTI. ER -
TOVARŇÁK, Daniel, Michal ČECH, Dušan TICHÝ and Vojtěch DOHNAL. ObservableDB: An Inverted Index for Graph-Based Traversal of Cyber Threat Intelligence. Online. In Varga, Pal, et al. \textit{Proceedings of the IEEE/IFIP Network Operations and Management Symposium 2022}. USA: IEEE, 2022, p.~1-4. ISBN~978-1-6654-0601-7. Available from: https://dx.doi.org/10.1109/NOMS54207.2022.9789882.
|