Presentation is loading. Please wait.

Presentation is loading. Please wait.

CTI CybOX SC Meeting www.oasis-open.org December 17, 2015.

Published bySandra Norman Modified over 9 years ago

Similar presentations

Presentation on theme: "CTI CybOX SC Meeting www.oasis-open.org December 17, 2015."— Presentation transcript:

1 CTI CybOX SC Meeting www.oasis-open.org December 17, 2015

2 Agenda Recent Discussion Recap Device/System Object Refactoring Discussion Extensions Draft Face to Face Agenda OASIS Work Product Update

3 Recent Discussion Recap I File Object Refactoring File metadata properties More explicit directory characterization FieldTypeMultiplicityDescription is_directoryboolean1 A required flag that indicates whether the file object instance represents a directory (if TRUE) or a file (if FALSE). file_namestring0-1 The name of the file, including its extension (if known) but excluding its path. This field may only be included ONLY IF the is_directory property is set to FALSE. file_pathFilePath0-1 The path to the file on the file system, excluding its name and extension. If this field is included without the file_name field, the file object instance specifies a directory. FieldTypeMultiplicityDescription extension_typestring1 Specifies the type of this extension; required and MUST be set to 'FileMetadataExtension' mime_typestring0-1 The MIME type name from the IANA media type registry (http://www.iana.org/assignments/media-types/media-types.xhtml) specified for the file, e.g., "msword".http://www.iana.org/assignments/media-types/media-types.xhtml

4 Recent Discussion Recap II Capture of Analytical Observations E.g., file masquerading “malware.exe.txt” Is this something that belongs in CybOX? is_masqueraded = true Or should CybOX only support “the facts” that support the analytical observation, and leave the observations to be captured elsewhere? file_name = “malware.exe.txt” mime_type = “vnd.microsoft.portable-executable”

5 Device/Sys. Object Refactoring I Current State (CybOX 2.1) OS Property Device Property

6 Device/Sys. Object Refactoring II Proposed Refactoring (straw man)

7 Face to Face Agenda (draft) Patterning refactoring Object refactoring Focus on any open questions for each CybOX Core Pruning Making a more lightweight, focused CybOX Core CybOX 3.0 “end state” Overlapping STIX/CybOX issues Design philosophy First-class relationships Required IDs Etc.

8 OASIS Work Product Update CybOX 2.1.1 90 specifications out of 94 reviewed and edited https://github.com/CybOXProject/specifications/tree/master/documents ETA: Late December

9 Next Meeting Thursday, January 28 th @ 10:00am ET

Download ppt "CTI CybOX SC Meeting www.oasis-open.org December 17, 2015."

Similar presentations

OASIS OData Technical Committee. AGENDA Introduction OASIS OData Technical Committee OData Overview Work of the Technical Committee Q&A.

OASIS OData Technical Committee. AGENDA Introduction OASIS OData Technical Committee OData Overview Work of the Technical Committee Q&A.
SARs Total: 14,730 Suspicious Activity Report Filing Trend for the State of Nebraska For the period April 1, 1996 through December 31, 2006.

SARs Total: 14,730 Suspicious Activity Report Filing Trend for the State of Nebraska For the period April 1, 1996 through December 31, 2006.
Stop Programming and Start Modeling: Developing Work- Centered Semantic Applications † Semantic Technology Conference May 23, 2007 Andrew Crapo Amy Aragones,

Stop Programming and Start Modeling: Developing Work- Centered Semantic Applications † Semantic Technology Conference May 23, 2007 Andrew Crapo Amy Aragones,
Guide To UNIX Using Linux Third Edition

Guide To UNIX Using Linux Third Edition
Update the PATH variable Trying to run the command: “javac Ex1.java” you’ve may encountered the error: “javac is not recognized as internal or external.

Update the PATH variable Trying to run the command: “javac Ex1.java” you’ve may encountered the error: “javac is not recognized as internal or external.
100 200 300 400 500 System Software Operating System Boot Process Files Misc.

System Software Operating System Boot Process Files Misc.
Access Control 2015-9-31. Problem A primary consideration in object- oriented design is to “separate the things that change from the things that stay.

Access Control Problem A primary consideration in object- oriented design is to “separate the things that change from the things that stay.
Computer Systems 2010-2011 Week 10: File Organisation Alma Whitfield.

Computer Systems Week 10: File Organisation Alma Whitfield.
Dean Cheng Jouni Korhonen Mehamed Boucadair

Dean Cheng Jouni Korhonen Mehamed Boucadair
Mapping between SOS standard specifications and INSPIRE legislation. Relationship between SOS and D2.9 Matthes Rieke, Dr. Albert Remke (m.rieke,

Mapping between SOS standard specifications and INSPIRE legislation. Relationship between SOS and D2.9 Matthes Rieke, Dr. Albert Remke (m.rieke,
Thursday, December 5 th, 2013 Cause & Effect Review Jeopardy.

Thursday, December 5 th, 2013 Cause & Effect Review Jeopardy.
Reviewing Recent ICSE Proceedings For:.  Defining and Continuous Checking of Structural Program Dependencies  Automatic Inference of Structural Changes.

Reviewing Recent ICSE Proceedings For:.  Defining and Continuous Checking of Structural Program Dependencies  Automatic Inference of Structural Changes.
CTI STIX SC Monthly Meeting www.oasis-open.org August 19, 2015.

CTI STIX SC Monthly Meeting August 19, 2015.
UNIX Commands. Why UNIX Commands Are Noninteractive Command may take input from the output of another command (filters). May be scheduled to run at specific.

UNIX Commands. Why UNIX Commands Are Noninteractive Command may take input from the output of another command (filters). May be scheduled to run at specific.
Presence Data Model Jonathan Rosenberg. Changes in -02 Split out data and processing models Allow multiple devices, services, person with same URI/device.

Presence Data Model Jonathan Rosenberg. Changes in -02 Split out data and processing models Allow multiple devices, services, person with same URI/device.
Updates made to latest draft since Herndon Sony Corporation Toshiaki Kojima.

Updates made to latest draft since Herndon Sony Corporation Toshiaki Kojima.
Header Compression over Unidirectional Lightweight Encryption (ULE) draft-byun-ipdvb-ule-header-comp Do J. Byun John Border Roderick Ragland.

Header Compression over Unidirectional Lightweight Encryption (ULE) draft-byun-ipdvb-ule-header-comp Do J. Byun John Border Roderick Ragland.
Agenda 5 minutes: WG Overview, announcements 10 minutes: Document plans 30 minutes: Interoperability Experience 10 minutes: Timezone Registry work Links:

Agenda 5 minutes: WG Overview, announcements 10 minutes: Document plans 30 minutes: Interoperability Experience 10 minutes: Timezone Registry work Links:
Intrusion Detection State of the Art/Practice Anita Jones University of Virginia.

Intrusion Detection State of the Art/Practice Anita Jones University of Virginia.
Λειτουργικά Συστήματα - Lab1 Γιάννης Πετράκης. The Operating System  Unix is a layered operating system  The innermost layer is the hardware that provides.

Λειτουργικά Συστήματα - Lab1 Γιάννης Πετράκης. The Operating System  Unix is a layered operating system  The innermost layer is the hardware that provides.

Similar presentations

Ads by Google