CTI CybOX SC Meeting www.oasis-open.org August 27, 2015.

Slides:

Advertisements

Similar presentations

Malware Artifacts.

Advertisements

A component- and message-based architectural style for GUI software

CSE 8343 – Adv. OS Group A5 Proposal for Paper Presentation I & II and Survey paper I.

Chorus Vs Unix Operating Systems Overview Introduction Design Principles Programmer Interface User Interface Process Management Memory Management File.

DNR-322L & DNR-326.

1 Module 1 The Windows NT 4.0 Environment. 2  Overview The Microsoft Operating System Family Windows NT Architecture Overview Workgroups and Domains.

计算机系信息处理实验室 Lecture 11 Security

1 Case Study 2: Windows 2000 Chapter History of windows Programming windows System structure 11.4 Processes and threads in.

Home: Phones OFF Please Unix Kernel Parminder Singh Kang Home:

CS-3013 & CS-502, Summer 2006 Review Topics1 CS-3013 & CS-502 Operating Systems.

OPERATING SYSTEMS Introduction

Processes in Unix, Linux, and Windows CS-502 Fall Processes in Unix, Linux, and Windows CS502 Operating Systems (Slides include materials from Operating.

Mining Metamodels From Instance Models: The MARS System Faizan Javed Department of Computer & Information Sciences, University of Alabama at Birmingham.

Internet Basics.

Technical Overview Qube 2. Presentation I. Solutions –A Gateway to the World –A Business Server –An Internet Server –An Server II. Concept –Server.

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Mastering Windows Network Forensics and Investigation Chapter 11: Text Based Logs.

Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.

CS252: Systems Programming Ninghui Li Final Exam Review.

Lead from the front Texas Nodal 1 EDS 3R5 Phase 1 Testing Detailed Approach and Demonstration August 16, 2007.

Ceng Operating Systems 11-1 Chapter 11 : Case Study - Win 2000 History of windows 2000 Programming windows 2000 System structure Processes and threads.

Chapter 8 Windows Outline Programming Windows 2000 System structure Processes and threads in Windows 2000 Memory management The Windows 2000 file.

CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.

CN2140 Server II Kemtis Kunanuraksapong MSIS with Distinction MCT, MCITP, MCTS, MCDST, MCP, A+

Examining TCP/IP.

EMerge Browser Managed Security Platform Module 3: Startup eMerge Certification Course  Physical connection  TCP/IP Characteristics of PC  Initial connection.

TELE 301 Lecture 10: Scheduled … 1 Overview Last Lecture –Post installation This Lecture –Scheduled tasks and log management Next Lecture –DNS –Readings:

CTI STIX SC Monthly Meeting August 19, 2015.

1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.

The Performance of Microkernel-Based Systems

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.

1 Confidential Enterprise Solutions Group Process and Threads.

Copyright © cs-tutorial.com. Overview Introduction Architecture Implementation Evaluation.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.

CE Operating Systems Lecture 13 Linux/Unix interprocess communication.

COT 4600 Operating Systems Spring 2011 Dan C. Marinescu Office: HEC 304 Office hours: Tu-Th 5:00 – 6:00 PM.

Topics Network topology Virtual LAN Port scanners and utilities Packet sniffers Weak protocols Practical exercise.

How to connect to the Internet 1998/12/09 KEIO University, JAPAN Mikiyo

DESIGN OF SOFTWARE ARCHITECTURE

1 Isolating Web Programs in Modern Browser Architectures CS6204: Cloud Environment Spring 2011.

CTI STIX SC Monthly Meeting October 21, 2015.

CTI CybOX SC Meeting November 19, 2015.

CTI CybOX SC Meeting October 29, 2015.

CTI CybOX SC Meeting September 24, 2015.

MICROSOFT TESTS /291/293 Fairfax County Adult Education Courses 1477/1478/1479.

CTI STIX SC Status Report October 22, 2015.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #8 File Systems September 22, 2008.

Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.

CTI CybOX SC Meeting December 17, 2015.

Configuring a Router Module 3 Semester 2. Router Configuration Tasks Name a router Set passwords Examine show commands Configure a serial interface Configure.

Troubleshooting Workflow 8 Raymond Cruz, Software Support Engineer.

OASIS CTI F2F – CybOX Session 1 January 14, 2016.

COT 4600 Operating Systems Spring 2011 Dan C. Marinescu Office: HEC 304 Office hours: Tu-Th 5:00 – 6:00 PM.

APACHE Apache is generally recognized as the world's most popular Web server (HTTP server). Originally designed for Unix servers, the Apache Web server.

Operating Systems {week 01.b}

CTI STIX SC Monthly Meeting

File System Implementation

Process Realization In OS

Threads and Locks.

Case Study 2: Windows History of windows 2000

Briefing on STIX | TAXII

I/O Systems I/O Hardware Application I/O Interface

Sightings and Observations

Windows System Programming Third Edition

Operating Systems Lecture 1.

Final Review CSE 421/521 B.Ramamurthy 2/25/2019 B.Ramamurthy.

Operating Systems Structure

Web Servers (IIS and Apache)

Presentation transcript:

CTI CybOX SC Meeting August 27, 2015

Agenda n CybOX Object Survey Results n OASIS Work Product Status & Discussion n CybOX Use Case Discussion n Recent Discussion Topics

Object Survey Results I ObjectCount% of Total Responses Address Object Domain Name Object Message Object File Object URI Object Hostname Object Port Object Network Connection Object Process Object Win Registry Key Object DNS Record Object HTTP Session Object Win Executable File Object X509 Certificate Object Artifact Object Network Subnet Object Socket Address Object System Object User Account Object Win File Object Top 10

Object Survey Results II ObjectCount% of Total Responses Network Route Entry Object25.13 Pipe Object25.13 Unix Network Route Entry Object25.13 Win Kernel Hook Object25.13 Win Network Route Entry Object25.13 Win Pipe Object25.13 Win Volume Object25.13 Semaphore Object12.56 Unix Pipe Object12.56 Volume Object12.56 Win Critical Section Object12.56 Win Kernel Object12.56 Win Memory Page Region Object12.56 Win Semaphore Object12.56 Win System Restore Object12.56 Disk Partition Object00.00 GUI Dialogbox Object00.00 GUI Object00.00 GUI Window Object00.00 Win Mailslot Object00.00 Win Waitable Timer Object00.00 Bottom 10

OASIS Work Products n CybOX 2.1.1: multi-part specification l Overview l Core l Common l Objects* n XML binding specification l Includes reference implementation n CybOX XSDs l Vocabularies l Extensions l UML Model

CybOX Use Cases I n Core vision l Representation of cyber observables, including both static and dynamic l Specification of patterns on cyber observables l Extensibility to allow for representation of custom/specialized cyber observables

CybOX Use Cases II n Domains l Indicator sharing l Incident response l Malware analysis l Digital forensics l Others n Data sources l Sensors l Systems l Others

Recent Discussion Topics n On GitHub: l Lists in CybOX Object fields l Atomic vs. Abstract CybOX Objects l Duplicate/Overlapping CybOX Objects l Separate Patterns and Instances in CybOX Observables and Objects

Next meeting n Thursday, September 24 4:00pm EDT