By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData Collective
  • Analytics
    AnalyticsShow More
    data analytics in sports industry
    Here’s How Data Analytics In Sports Is Changing The Game
    6 Min Read
    data analytics on nursing career
    Advances in Data Analytics Are Rapidly Transforming Nursing
    8 Min Read
    data analytics reveals the benefits of MBA
    Data Analytics Technology Proves Benefits of an MBA
    9 Min Read
    data-driven image seo
    Data Analytics Helps Marketers Substantially Boost Image SEO
    8 Min Read
    construction analytics
    5 Benefits of Analytics to Manage Commercial Construction
    5 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-23 SmartData Collective. All Rights Reserved.
Reading: Enhancing Collective Defense with Taxonomies for Operational Cyber Defense
Share
Notification Show More
Latest News
big data mac performance
Data-Driven Tips to Optimize the Speed of Macs
News
3 Ways AI Has Helped Marketers and Creative Professionals Streamline Workflows
3 Ways AI Has Helped Marketers and Creative Professionals Streamline Workflows
Artificial Intelligence
data analytics in sports industry
Here’s How Data Analytics In Sports Is Changing The Game
Big Data
data analytics on nursing career
Advances in Data Analytics Are Rapidly Transforming Nursing
Analytics
data analytics reveals the benefits of MBA
Data Analytics Technology Proves Benefits of an MBA
Analytics
Aa
SmartData Collective
Aa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > Data Management > Best Practices > Enhancing Collective Defense with Taxonomies for Operational Cyber Defense
Best PracticesBook ReviewBusiness IntelligenceData MiningPrivacySecurity

Enhancing Collective Defense with Taxonomies for Operational Cyber Defense

BobGourley
Last updated: 2011/08/15 at 2:58 PM
BobGourley
6 Min Read
SHARE

Cyberspace is our interconnected information technology. And since everything either is or is becoming connected, one of the defining characteristics of cyberspace is its complexity. This adds burden to cyber defenders. Defense teams require experience, education, training and a mindset that lets them continually learn. They also must forge broad teams across multiple subject and functional areas. An ability to rapidly collaborate and exchange data while in a fight is a must.

More Read

3 Ways AI Has Helped Marketers and Creative Professionals Streamline Workflows

3 Ways AI Has Helped Marketers and Creative Professionals Streamline Workflows

Anti-Spoofing is Crucial for Data-Driven Businesses
5 Proven Tips for Utilizing AI with PPC Advertising in 2023
5 Ways AI Technology Has Disrupted Website Development
Four Strategies For Effective Database Compliance

For years computer security professionals have sought the best ways to dialog on incidents, and some great foundational work has been done in this area. This post reviews two key works I have found to be of special relevance to today’s cyber defenders. One is a 1998 publication titled “A Common Language for Computer Security Incidents,” the other is a matrix developed by Dr. John Mallary of MIT’s CSAIL. Both these documents have already had impacts on the community and the many automated data exchange models in place today. But both are also relevant to the human to human dialog and understanding on cyberspace operations and are important pieces for continued study.

What is a taxonomy?

A taxonomy is a set of related terms. It is a classification scheme. How do you judge a good taxonomy? It should meet several criteria, including being:

  1. Mutually exclusive – classifying in one category excludes all others because categories do not overlap,
  2. Exhaustive – taken together, the categories include all possibilities,
  3. Unambiguous – clear and precise so that classification is not uncertain, regardless of who is classifying,
  4. Repeatable – repeated applications result in the same classification, regardless of who is classifying,
  5. Accepted – logical and intuitive so that categories could become generally approved,
  6. Useful – could be used to gain insight into the field of inquiry

Caution: there is probably no such thing as a perfect taxonomy. They are all approximations of reality and therefore you will never have one that meets every criteria perfectly. But the characteristics above are good goals to judge the taxonomy by.

When it comes to cyberspace activity, the taxonomy presented by John Howard and Thomas Longstaff comes pretty close to meeting those goals which is why it is still so relevant today.

They define a taxonomy of terms in a way that can be logically and graphically expressed.

See, for example, the picture below.

This is from their report and it lets you related terms in a way that can help in dialog between humans and also help in automating information exchange.

The top line of words can be easily thought of as a sentence. Attackers use Tools against Vulnerabilities to cause an Action against a Target to achieve an Unauthorized Result to meet an Objective.

The details of their work spell out with clarify what the individual terms are and that is also a huge help to dialog. Over time there has been a little modification by operational users on some of the terms, and the adversaries in cyberspace have continued to change their craft and a few more terms have entered the lexicon. But overall the framework is sound.

For organizations who need to focus more on the threat, taxonomies have also been devised that delve deeper into the motivations and resources and capabilities of adversaries. Most computer security books today have some articulation of the threat at a high level, but to find the most operationally useful articulation of the threat I recommend the works of John Mallery of MIT’s Computer Science and Artificial Intelligence Laboratory. With John’s permission I have reproduced one of his taxonomy’s of the threat below:

[click image to open full size]

Note that John’s articulation of threat actors is different than the October 1998 work of Sandia and CERT. Part of that is due to the passing of time, but you should also keep in mind that although we like a common language for all mission areas, there are also differences of taxonomies based on how information is used. Some organizations may choose to slightly modify John’s approach (but I would recommend the default be to keep his taxonomy unless there is specific reason to clarify, since it is helpful to have a common expression of terms).

John is working on a paper that captures many of the key considerations from his work in things cyber. As soon as that is publicly available we will review it here.

BobGourley August 15, 2011
Share this Article
Facebook Twitter Pinterest LinkedIn
Share

Follow us on Facebook

Latest News

big data mac performance
Data-Driven Tips to Optimize the Speed of Macs
News
3 Ways AI Has Helped Marketers and Creative Professionals Streamline Workflows
3 Ways AI Has Helped Marketers and Creative Professionals Streamline Workflows
Artificial Intelligence
data analytics in sports industry
Here’s How Data Analytics In Sports Is Changing The Game
Big Data
data analytics on nursing career
Advances in Data Analytics Are Rapidly Transforming Nursing
Analytics

Stay Connected

1.2k Followers Like
33.7k Followers Follow
222 Followers Pin

You Might also Like

3 Ways AI Has Helped Marketers and Creative Professionals Streamline Workflows
Artificial Intelligence

3 Ways AI Has Helped Marketers and Creative Professionals Streamline Workflows

6 Min Read
anti-spoofing tips
Security

Anti-Spoofing is Crucial for Data-Driven Businesses

6 Min Read
ai in ppc advertising
Artificial Intelligence

5 Proven Tips for Utilizing AI with PPC Advertising in 2023

10 Min Read
ai in web design
Artificial Intelligence

5 Ways AI Technology Has Disrupted Website Development

7 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

AI chatbots
AI Chatbots Can Help Retailers Convert Live Broadcast Viewers into Sales!
Chatbots
data-driven web design
5 Great Tips for Using Data Analytics for Website UX
Big Data

Quick Link

  • About
  • Contact
  • Privacy
Follow US

© 2008-23 SmartData Collective. All Rights Reserved.

Removed from reading list

Undo
Go to mobile version
Welcome Back!

Sign in to your account

Lost your password?