請用此 Handle URI 來引用此文件:
http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/79513完整後設資料紀錄
| DC 欄位 | 值 | 語言 |
|---|---|---|
| dc.contributor.advisor | 孫雅麗(Yeali S.Sun) | |
| dc.contributor.author | Tri-Thong Tran | en |
| dc.contributor.author | 陳智聰 | zh_TW |
| dc.date.accessioned | 2022-11-23T09:02:24Z | - |
| dc.date.available | 2024-10-04 | |
| dc.date.available | 2022-11-23T09:02:24Z | - |
| dc.date.copyright | 2021-11-08 | |
| dc.date.issued | 2021 | |
| dc.date.submitted | 2021-10-05 | |
| dc.identifier.citation | [1] Berners-Lee, T., Hendler, J., Lassila, O. (2001). The Semantic Web. Scientific American, 284(5), 34-43. [2] CALDERA. from https://github.com/mitre/caldera [3] CAPEC. from https://capec.mitre.org/ [4] Domingue, J., Fensel, D., Hendler, J. A. (2011). Introduction to the Semantic Web Technologies. [5] Gao, P., Liu, X., Choi, E., Soman, B., Mishra, C., Farris, K., Song, D. (2021). A System for Automated Open-Source Threat Intelligence Gathering and Management. Paper presented at the Proceedings of the 2021 International Conference on Management of Data. [6] Gao, P., Shao, F., Liu, X., Xiao, X., Qin, Z., Xu, F., . . . Song, D. (2021). Enabling efficient cyber threat hunting with cyber threat intelligence. Paper presented at the 2021 IEEE 37th International Conference on Data Engineering (ICDE). [7] Gruber, T. (2009). Ontology. In L. Liu M. T. ÖZsu (Eds.), Encyclopedia of Database Systems (pp. 1963-1965). Boston, MA: Springer US. [8] Gruber, T. R. (1993). A translation approach to portable ontology specifications. Knowledge acquisition, 5(2), 199-220. [9] Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor. (2020). from https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html [10] Husari, G., Al-Shaer, E., Ahmed, M., Chu, B., Niu, X. (2017). TTPDrill: Automatic and Accurate Extraction of Threat Actions from Unstructured Text of CTI Sources. [11] Malware Attribute Enumeration and Characterization. from https://maecproject.github.io/releases/5.0/MAEC_Vocabularies_Specification.pdf [12] Malware Behavior Catalog. from https://github.com/MBCProject/mbc-markdown [13] Milajerdi, S. M., Gjomemo, R., Eshete, B., Sekar, R., Venkatakrishnan, V. N. (2019, 19-23 May 2019). HOLMES: Real-Time APT Detection through Correlation of Suspicious Information Flows. Paper presented at the 2019 IEEE Symposium on Security and Privacy (SP). [14] MITRE ATT CK. from https://attack.mitre.org/versions/v8/ [15] Noy, N. F., McGuinness, D. L. (2004). Ontology development 101: A guide to creating your first ontology, 2001. [16] OWL 2 Web Ontology Language Primer (Second Edition). from https://www.w3.org/TR/2012/REC-owl2-primer-20121211/ [17] Raad, J., Cruz, C. (2015). A survey on ontology evaluation methods. Paper presented at the Proceedings of the International Conference on Knowledge Engineering and Ontology Development, part of the 7th International Joint Conference on Knowledge Discovery, Knowledge Engineering and Knowledge Management. [18] RDF 1.1 Concepts and Abstract Syntax. from https://www.w3.org/TR/rdf11-concepts/ [19] RDF Schema 1.1. from https://www.w3.org/TR/rdf-schema/ [20] Satvat, K., Gjomemo, R., Venkatakrishnan, V. (2021). EXTRACTOR: Extracting Attack Behavior from Threat Reports. arXiv preprint arXiv:2104.08618. [21] Strom, B. E., Applebaum, A., Miller, D. P., Nickels, K. C., Pennington, A. G., Thomas, C. B. (2018). Mitre att ck: Design and philosophy. Technical report. [22] Syed, Z., Padia, A., Finin, T., Mathews, L., Joshi, A. (2016). UCO: A unified cybersecurity ontology. Paper presented at the Workshops at the thirtieth AAAI conference on artificial intelligence. [23] Zhu, Z., Dumitras, T. (2018). Chainsmith: Automatically learning the semantics of malicious campaigns by mining threat intelligence reports. Paper presented at the 2018 IEEE European Symposium on Security and Privacy (EuroS P). | |
| dc.identifier.uri | http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/79513 | - |
| dc.description.abstract | "資安威脅情報 (Cyber Threat Intelligence, CTI) 一直以來是惡意行為分析與資訊安全防禦上不可或缺的重要資訊參考。資安威脅情報可協助企業了解網路攻擊入侵所使用之戰略、手法及程序,進一步制定防禦政策及機制。知名入侵威脅描述框架—— MITRE ATT CK ——從真實的網路攻擊事件案例中收集並彙整了大量資安威脅相關情報,提供一個框架式的網路及系統攻擊概觀,以易於理解的矩陣格式將一些已知的攻擊事件經分析並以其攻擊戰術和手法歸類綜整後,呈現惡意攻擊的戰術、手法及相關案例簡約的特徵描述。為讓資安威脅情報能夠有效地被分享與使用,它們需要有結構化的正規化表達方式。本論文提出利用知識本體論 (ontology) 建立 MITRE ATT CK 資安威脅情報的知識本體庫,以達到知識分享共用的目的。本論文將從 MITRE ATT CK 網站上收集資料,依據三個重要常用的查詢模式所需資源,利用 Web Ontology Language (OWL) 定義已知資安威脅的術語 (knowledge terms) 所組成的概念集合 (a set of concepts) 與關聯 (relations);最後將為所有資料實例建立其知識本體資源,進而建構出完整的 MITRE ATT CK 知識本體庫。本論文最後以網頁介面實作一基於該知識本體庫的知識查詢系統,以利使用者簡單、方便及快速獲得欲查詢的 MITRE ATT CK 資安威脅情報。" | zh_TW |
| dc.description.provenance | Made available in DSpace on 2022-11-23T09:02:24Z (GMT). No. of bitstreams: 1 U0001-3009202120190300.pdf: 3654330 bytes, checksum: 04989304de12f154824a2cb09d9354f3 (MD5) Previous issue date: 2021 | en |
| dc.description.tableofcontents | "口試委員會審定書 i 誌謝 ii 中文摘要 iii 英文摘要 iv 目錄 壹 圖目錄 參 表目錄 肆 第一章 緒論 1 1.1 研究動機 1 1.2 研究目的 2 1.3 研究議題與欲採行的方法 2 1.4 論文成果與預期效益 4 第二章 背景知識與文獻探討 5 2.1 背景知識 5 2.1.1 MITRE ATT CK:入侵威脅描述框架 5 2.1.2 知識本體論 6 2.1.3 知識本體 (Ontology) 與語義網 (Semantic Web) 6 2.1.4 資源描述框架 (Resource Description Framework, RDF) 8 2.1.5 資源描述框架 schema (Resource Description Framework Schema, RDFS) 10 2.1.6 Web Ontology Language (OWL) 12 2.2 文獻探討 16 第三章 研究方法 19 3.1 設計知識本體的建構流程 19 3.2 收集資料 21 3.2.1 Tactics 22 3.2.2 Techniques / Sub-techniques 23 3.2.3 Mitigations 27 3.2.4 Groups 28 3.2.5 Software 29 3.3 設立查詢模式與建構知識本體庫 37 3.3.1 建立基礎資料模型的知識本體資源 39 3.3.2 從文字描述中截取有趣的資料 43 3.3.3 建立資料項目的知識本體資源 45 第四章 系統實作 57 4.1 系統架構 57 4.2 使用工具 57 4.3 系統介面與操作 58 第五章 結論與未來展望 71 5.1 結論 71 5.2 未來展望 71 參考文獻 73" | |
| dc.language.iso | zh-TW | |
| dc.title | 建構資安威脅知識本體庫 | zh_TW |
| dc.title | Cyber Threat Ontology Construction | en |
| dc.date.schoolyear | 109-2 | |
| dc.description.degree | 碩士 | |
| dc.contributor.oralexamcommittee | 陳孟彰(Hsin-Tsai Liu),李育杰(Chih-Yang Tseng),陳俊良,黃意婷 | |
| dc.subject.keyword | 資安威脅情報,MITRE ATT CK,知識本體,Web Ontology Language (OWL),查詢系統, | zh_TW |
| dc.subject.keyword | Cyber Threat Intelligence (CTI),MITRE ATT CK,ontology,Web Ontology Language (OWL),query system, | en |
| dc.relation.page | 76 | |
| dc.identifier.doi | 10.6342/NTU202103480 | |
| dc.rights.note | 同意授權(全球公開) | |
| dc.date.accepted | 2021-10-06 | |
| dc.contributor.author-college | 管理學院 | zh_TW |
| dc.contributor.author-dept | 資訊管理學研究所 | zh_TW |
| dc.date.embargo-lift | 2024-10-04 | - |
| 顯示於系所單位: | 資訊管理學系 | |
文件中的檔案:
| 檔案 | 大小 | 格式 | |
|---|---|---|---|
| U0001-3009202120190300.pdf | 3.57 MB | Adobe PDF | 檢視/開啟 |
系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。