Ç¥ÁØÈ­ Âü¿©¾È³»

TTAÀÇ Ç¥ÁØÇöȲ

Ȩ > Ç¥ÁØÈ­ °³¿ä > TTAÀÇ Ç¥ÁØÇöȲ

Ç¥ÁعøÈ£ TTAE.OT-12.0019-Part2 ±¸Ç¥ÁعøÈ£
Á¦°³Á¤ÀÏ 2018-12-19 ÃÑÆäÀÌÁö 76
ÇѱÛÇ¥ÁØ¸í ±¸Á¶È­µÈ À§Çù Á¤º¸ Ç¥Çö ±Ô°Ý(STIX) ¹öÀü 2.0 - Á¦2ºÎ: STIX °´Ã¼
¿µ¹®Ç¥Áظí Structured Threat Information eXpression(STIX) Version 2.0 - Part2: STIX Objects
Çѱ۳»¿ë¿ä¾à ÀÌ Ç¥ÁØÀº STIX µµ¸ÞÀÎ °´Ã¼(SDO, STIX Domain Objects)ÀÇ ÁýÇÕÀ» Á¤ÀÇÇϸç, °¢ SDO´Â ÀϹÝÀûÀ¸·Î CTI¿¡¼­ ³Î¸® »ç¿ëµÇ´Â °³³ä¿¡ ÇØ´çÇÑ´Ù. SDOÀÇ ±¸¼º¿ä¼Ò(°ø°Ý ÆÐÅÏ, Ä·ÆäÀÎ, ´ëÀÀ ¹æ¹ý, ¾ÆÀ̵§Æ¼Æ¼, ħÇØ ÁöÇ¥, ħÅõ ÁýÇÕ, ¾Ç¼ºÄÚµå, °üÃø µ¥ÀÌÅÍ, ¸®Æ÷Æ®, À§Çù ÇàÀ§ÀÚ, µµ±¸, Ãë¾àÁ¡)¿Í STIX °ü°è(Relationships)¸¦ »ç¿ëÇÏ¿© °´Ã¼°£ÀÇ Æø ³Ð°í ´Ù¾çÇÑ CTI¸¦ »ý¼ºÇÏ°í °øÀ¯ÇÒ ¼ö ÀÖ´Ù.
¿µ¹®³»¿ë¿ä¾à The standard defines the set of STIX Domain Objects, each of which corresponds to a unique concept commonly represented in CTI. Using SDO(Attack Pattern, Campaign, Course of Action, Identity, Indicator, Intrusion Set, Malware, Observed data, Report, Threat Actor, Tool, Vulnerability) and STIX relationships as building blocks, individuals can create and share broad and comprehensive cyber threat intelligence.
±¹Á¦Ç¥ÁØ
°ü·ÃÆÄÀÏ TTAE.OT-12.0019-Part2.pdf TTAE.OT-12.0019-Part2.pdf            

ÀÌÀü
¿þÀÌºí·¿ º¯È¯ ±â¹Ý ¼ûÀº ºñµ¿±â ºü¸¥ ¸µÅ©(WHA-QL) ¾ÆÅ°ÅØó
´ÙÀ½
±¤ Ä«¸Þ¶ó Åë½Å ¹°¸® °èÃþ ¸ðµå¸¦ À§ÇÑ ¼ÒÇÁÆ®¿þ¾î Á¤ÀÇ ±¸¼º ¹æ¹ý