rhohimer
commented
1 year ago @adulau I will bring this topic up in our Working Session tomorrow!
Closed adulau closed 1 year ago
rhohimer
commented
1 year ago @adulau I will bring this topic up in our Working Session tomorrow!
rhohimer
commented
1 year ago A potential route to map MISP galaxies to the TAC ontology would be to use the existing converter and an @context for the resulting STIX 2.1 JSON documents.
rhohimer
commented
1 year ago I think that having started the creation of an @context file for STIX 2.1 JSON files that an easier solution to converting STIX 2.1 JSON documents to TAC knowledge graphs is SPARQL-Anything. see: https://github.com/SPARQL-Anything/sparql.anything
Investigating it.
rhohimer
commented
1 year ago I just had an epiphany. We can easily convert STIX 2.1 JSON into a TAC Knowledge Graph without converting to JSON-DL first. We can use SPARQL-Anything to convert the STIX 2.1 JSON contents into stix:StixObject instances. Then the TAC ontology can infer the correct class type from the "type" key on each stix:StixObject
This is a huge break through...
If I'm correct in my thinking, I could be loading valid STIX 2.1 JSON documents into a TAC Knowledge Graph very soon. If I didn't have other things to do it could be as soon as the end of the weekend.
rhohimer
commented
1 year ago I'll continue to investigate this STIX 2.1 JSON to TAC Knowledge Graph conversion.
@adulau can you locate a MISP Galaxy that has be converted to a valid STIX 2.1 JSON representation?
rhohimer
commented
1 year ago Closing the issue. Assuming path forward is to convert the MISP Galaxy to a STIX JSON file first.
How is the integration of TAC ontology foreseen with MISP galaxies?
There is already a documented mapping (especially on the UUID uses) for STIX 2.1 at the following location: https://misp.github.io/misp-stix/documentation/misp_galaxies_to_stix21.html