University of Oslo Sweat Equity

2-June-2022 DC CAW

University of Oslo Sweat Equity

The University of Oslo will present the Threat Actor Context Ontology of the OASIS Threat Actor Context Technical Committee (TAC TC) in support of cybersecurity automation and, in particular, the sense-making and decision-making processes of cyberspace defense as they are described in the IACD framework.

The core model of the TAC ontology is based on the STIX 2.1 standard and further augments it with other representations that describe components of the Cyber Threat Intelligence (CTI) domain. An example concept is the definition of the Threat Agent Library developed by Tim Casey and Intel Corporation in 2007, which describes a threat actor type typology.

We will further discuss and showcase how the TAC ontology can integrate with other open-source solutions (stix shifter and Kestrel threat hunting language) and utilize open standards (OpenC2, CACAO, SBOM, VEX, CSAF) to address different cybersecurity use cases.

Finally, we will demonstrate the reasoning capability of the ontology that allows us to infer new facts/intelligence in near real-time.

Return to Sweat Equity

return to Sweat Equity

Return to Agenda

return to Agenda

Return to Home

return to Home