You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Ivan Kirillov edited this page Sep 23, 2015
·
1 revision
Abstraction Level: High
Related Use Cases
Description
Supporting the detection of various forms of malicious activity (e.g., malware, DDOS attacks, etc.) through the use of structured cyber data such as IP addresses is fundamental to the notion of indicator sharing and incident response (when followed by detection). In its most basic form, it means being able to characterize cyber data and also specify a pattern around it, to signify "what" to look for.
Requirements
The ability to characterize various types of cyber data