44 2033180199

ICAR, a categorical framework to connect vulnerability, threat and asset managements

Arnaud Valence

ICAR is a mathematical framework derived from category theory for representing cybersecurity NIST and MITRE’s ontologies. Designed for cybersecurity, ICAR is a category whose objects are cybersecurity knowledge (weakness, vulnerability, impacted product, attack technique, etc.) and whose morphisms are relations between this knowledge that make sense for cybersecurity. Within this rigorous and unified framework, we obtain a knowledge graph capable of identifying the attack and weakness structures of an IS, at the interface between description logics, database theory and cybersecurity. We then define ten cybersecurity queries to help understand the risks incurred by IS and organise their defence. ICAR is therefore a vulnerability-oriented OSINT framework.

免责声明: 此摘要通过人工智能工具翻译,尚未经过审核或验证。
 
协会、社团和大学的同行评审出版 pulsus-health-tech
Top