The Formal Representation of Cyberthreats for Automated Reasoning
Data Science in Cybersecurity and Cyberthreat Intelligence
School of Science
© Springer Nature Switzerland AG 2020. Considering the complexity and dynamic nature of cyberthreats, the automation of data-driven analytics in cyberthreat intelligence is highly desired. However, the terminology of cyberthreat intelligence varies between methods, techniques, and applications, and the corresponding expert knowledge is not codified, making threat data inefficient, and sometimes infeasible, to process by semantic software agents. Therefore, various data models, methods, and knowledge organization systems have been proposed over the years, which facilitate knowledge discovery, data aggregation, intrusion detection, incident response, and comprehensive and automated data analysis. This chapter reviews the most influential and widely deployed cyberthreat classification models, machine-readable taxonomies, and machine-interpretable ontologies that are well-utilized in cyberthreat intelligence applications.