search

oasis-tcs / openc2-ap-ids

OASIS OpenC2 TC: developing a concise and extensible language to enable the command and control of cyber defense components. https://github.com/oasis-tcs/openc2-ap-ids
Other
1 stars 0 forks source link

Define intrusion #3

Open sparrell opened 4 years ago

sparrell commented 4 years ago

Does scope include physical intrusion or is focus just on cyber intrusion?

Vasileios-Mavroeidis commented 4 years ago

OpenC2 is a language for the command and control of cyber defense components. So, i propose to start with the cyber domain. This ofc does not prohibit us from demonstrating OpenC2 in the wild. I would suggest having a concrete use case for doing that, so that we can get the domain expertise and transfer it to an AP.

This paper also may be of interest to create a use case. It demonstrates analytics capability for physical security by orchestrating, automating, and correlating cyber-physical sensors and their logs. http://folk.uio.no/josang/papers/MKJ2018-ASONAM.pdf

alevere commented 4 years ago

I agree with Vasileios that for this profile the scope should be the cyber domain as that is more inline with the initial goals of OpenC2.