All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”

ObservableDB: An Inverted Index for Graph-Based Traversal of Cyber Threat Intelligence

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14610%2F22%3A00129774" target="_blank" >RIV/00216224:14610/22:00129774 - isvavai.cz</a>

  • Result on the web

    <a href="https://doi.org/10.1109/NOMS54207.2022.9789882" target="_blank" >https://doi.org/10.1109/NOMS54207.2022.9789882</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1109/NOMS54207.2022.9789882" target="_blank" >10.1109/NOMS54207.2022.9789882</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    ObservableDB: An Inverted Index for Graph-Based Traversal of Cyber Threat Intelligence

  • Original language description

    In this paper, we address the lack of analytical tools and search interfaces, which would help both humans and machines to navigate and correlate the floods of heterogeneous cyber threat intelligence (CTI) data generated every day. This work supports our long-term goal of machine-assisted discovery and inference of detectable indicators for adversarial tactics, techniques, and procedures from the available CTI. In particular, we present the idea of an observable database that works as an inverted index for CTI. This observable-centric concept is supported by a fully-functional practical result that leverages a meta-programming approach to auto-generate a graph-based API for data search and manipulation. The created prototype allows for powerful graph-based filtering, traversal and retrieval of the stored cyber observables and the referenced CTI.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

  • OECD FORD branch

    10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Result continuities

  • Project

    <a href="/en/project/VI20202022164" target="_blank" >VI20202022164: Advanced security orchestration and intelligent threat management</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Others

  • Publication year

    2022

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    Proceedings of the IEEE/IFIP Network Operations and Management Symposium 2022

  • ISBN

    9781665406017

  • ISSN

    1542-1201

  • e-ISSN

  • Number of pages

    4

  • Pages from-to

    1-4

  • Publisher name

    IEEE

  • Place of publication

    USA

  • Event location

    Budapest, Hungary

  • Event date

    Jan 1, 2022

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

    000851572700136