Published March 17, 2022
| Version 0.0.3
Software
Open
Observable Database for CTI
Authors/Creators
- 1. Masaryk University
Description
This is an experimental implementation of an observable database that works as an inverted index for heterogeneous cyber threat intelligence. It leverages meta-programming to auto-generate a GraphQL API, which allows for graph-based filtering, traversal and retrieval of the indexed cyber observables and the referenced CTI data. We have paired the prototype with a data generator for testing and demonstration purposes. The generated data are mapped to standards and technologies commonly used in the cyber threat intelligence domain.
Requirements
- Docker
- Docker Compose
Additional Details
More details can be found in the README.md file inside the uploaded ZIP archive.
Notes
This research was supported by the Security Research Programme of the Czech Republic 2015–2022 (BV III/1-VS) granted by the Ministry of the Interior of the Czech Republic under No. VI20202022164 Advanced Security Orchestration and Intelligent Threat Management.
Files
csirtmu-observable-database.zip
Files
(200.6 kB)
| Name | Size | Download all |
|---|---|---|
|
md5:50087771e58e622695f83f62932ebabb
|
200.6 kB | Preview Download |