44 2033180199

ICAR, a categorical framework to connect vulnerability, threat and asset managements

Arnaud Valence

ICAR is a mathematical framework derived from category theory for representing cybersecurity NIST and MITRE’s ontologies. Designed for cybersecurity, ICAR is a category whose objects are cybersecurity knowledge (weakness, vulnerability, impacted product, attack technique, etc.) and whose morphisms are relations between this knowledge that make sense for cybersecurity. Within this rigorous and unified framework, we obtain a knowledge graph capable of identifying the attack and weakness structures of an IS, at the interface between description logics, database theory and cybersecurity. We then define ten cybersecurity queries to help understand the risks incurred by IS and organise their defence. ICAR is therefore a vulnerability-oriented OSINT framework.

Isenção de responsabilidade: Este resumo foi traduzido usando ferramentas de inteligência artificial e ainda não foi revisado ou verificado.
 
Publicação de revisão por pares para associações, sociedades e universidades pulsus-health-tech
Top