Upload
Featured Recent Articles Topics Login Upload
Application of CYBEX (Cybersecurity Information
1 / 1

Application of CYBEX (Cybersecurity Information

Author : yoshiko-marsland | Published Date : 2025-07-18

Description: Application of CYBEX Cybersecurity Information Exchange techniques to future networks Tony Rutkowski Yaana Technologies Georgia Tech Q417 Rapporteur SG17 Tutorial Geneva 15 Dec 2010 V11 CYBEX Basics The new cybersecurity paradigm know
cybex exchange cybersecurity information security

Presentation Embed Code

Download Presentation

Download Presentation The PPT/PDF document "Application of CYBEX (Cybersecurity Information" is the property of its rightful owner. Permission is granted to download and print the materials on this website for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.

Transcript:Application of CYBEX (Cybersecurity Information:
Application of CYBEX (Cybersecurity Information Exchange) techniques to future networks Tony Rutkowski Yaana Technologies Georgia Tech Q.4/17 Rapporteur SG17 Tutorial Geneva 15 Dec 2010 V1.1 CYBEX Basics The new cybersecurity paradigm know your weaknesses minimize the vulnerabilities know your attacks share the heuristics within trust communities CYBEX – techniques for the new paradigm Weakness, vulnerability and state Event, incident, and heuristics Information exchange policy Identification, discovery, and query Identity assurance Exchange protocols X.1500 culminates a broadly supported 2-year effort Consists of a non-prescriptive, extensible, complementary “collection of tools” that can be used as needed 2 Today’s Reality “security by design” is not a reasonable objective today, as the code/systems are too complex, distributed, autonomous and constantly changing Common global protocol platforms for the trusted exchange of information are essential A distributed, “security management” network plane that supports autonomy is emerging Single “national centres” for this purpose are not feasible and would represent a massive vulnerability 3 CYBEX Facilitates a Global Cybersecurity Model 4 CYBEX Information Exchange Techniques Deny resources Stored event data availability Identity Management Forensics & heuristics analysis Provide data for analysis Encryption/ VPNs esp. for signalling Resilient infrastructure Routing & resource constraints Network/ application state & integrity Real-time data availability Measures for protection Measures for threat detection Blacklists & whitelists Vulnerability notices Measures for threat response Provide basis for additional actions Patch development Provide basis for actions Reputation sanctions Provide awareness of vulnerabilities and remedies The CYBEX Model 5 Cybersecurity Information use (out of scope) structuring cybersecurity information for exchange purposes identifying and discovering cybersecurity information and entities establishment of trust and policy agreement between exchanging entities requesting and responding with cybersecurity information assuring the integrity of the cybersecurity information exchange Cybersecurity Entities Cybersecurity Entities Cybersecurity Information acquisition (out of scope) Exchange Policies Exchange Weakness, Vulnerability/State Exchange Event/Incident/Heuristics Exchange CYBEX Technique Clusters: Structured Information Event Expressions Malicious Behavior Malware Patterns Incident and Attack Patterns Knowledge Base Weaknesses Vulnerabilities and Exposures Platforms State Assessment Results Security State Measurement Configuration Checklists Terms and conditions Exchange Protocol CYBEX Technique Clusters: Utilities Identity Assurance Authentication Assurance Methods Authentication Assurance Levels Identification, Discovery, Query Common Namespaces Discovery enabling mechanisms Request and distribution mechanisms Interaction Security Transport Security Trusted Platforms Trusted Network Connect Today’s Use Cases Your computer Patch Tuesday Open Windows Update X.1500 Appendices NICT CYBEX Ontology Japan’s JVN USA Federal Desktop Core Configuration/ US Government Configuration Baseline 8 Significant adoption rate SG17

Download Document

Here is the link to download the presentation.
"Application of CYBEX (Cybersecurity Information"The content belongs to its owner. You may download and print it for personal use, without modification, and keep all copyright notices. By downloading, you agree to these terms.

Related Presentations

2015 Global cybersecurity status report
2015 Global cybersecurity status report
 Industrial control system cybersecurity regulations: what c
Industrial control system cybersecurity regulations: what c
 Cybersecurity Update American Fraternal Alliance
Cybersecurity Update American Fraternal Alliance
 Cybersecurity Education & Awareness
Cybersecurity Education & Awareness
 Cybersecurity & the Acquisition Lifecycle Integration Tool (CALIT)
Cybersecurity & the Acquisition Lifecycle Integration Tool (CALIT)
 Cybersecurity Framework Luncheon
Cybersecurity Framework Luncheon
 Navy Cybersecurity Engineering
Navy Cybersecurity Engineering
 Cybersecurity Indiana Department of Insurance Financial Services Division
Cybersecurity Indiana Department of Insurance Financial Services Division
 Development of the Cybersecurity Skills Index (CSI): A Scenarios-Based, Hands-On Measure
Development of the Cybersecurity Skills Index (CSI): A Scenarios-Based, Hands-On Measure
 Cybersecurity career Opportunities
Cybersecurity career Opportunities
 Medical Device Cybersecurity: FDA Perspective
Medical Device Cybersecurity: FDA Perspective
 ISACA Cybersecurity Audit Certification Exam Questions and Answers PDF
ISACA Cybersecurity Audit Certification Exam Questions and Answers PDF
 ISACA Certified Cybersecurity Fundamentals Exam Questions
ISACA Certified Cybersecurity Fundamentals Exam Questions