About the project
The TOCSA-project is funded by Norges forskningsråd (NFR) within the framework for Industry Ph.Ds (Nærings-Ph.D). The project is a collaboration between
The planned duration of the project is 48 months, the funding period spans the period mid 2016 and till mid 2020.
Project number: 263375
In a nutshell
Too often security professionals are only observing the evidence of cyberattacks – trails of information that are the long left-behind remnants from an attacker’s past actions. When defending against these attacks, priority is understandably placed on recovering from the current attack, with identifying the attackers as an afterthought. The repercussion is that attackers are rarely identified, seldom prosecuted, and able to operate with an almost free-reign.
This observation provides the motivation for the research project that will develop models and tools based on ontologies for fully and semi-automated classification and discovery of cyberthreats.
The following publications have been made from the TOCSA project:
- "Semantic Cyberthreat modelling" - STIDS2016
- "Cyber Threat Intelligence Model: An Evaluation of Taxonomies, Sharing Standards, and Ontologies within Cyber Threat Intelligence" - EISIC 2017
- "Ethical Considerations in Sharing Cyber Threat Intelligence" - NISK 2017
The following presentations of TOCSA have been made:
- April, 2019, DFRWS EU 2019
- February 2019, TEKNA breakfast meeting
- October 2018, FIRST TC Norway Chapter
- June, 2018, ECCWS 2018
- May, 2018, ATT@CK ws
- November 2017, NISK 2017
- September 2017, EISIC2017
- June 2017, FIRST Conference, Puerto Rico.
- March 29th 2017, NSM Sikkerhetskonferansen
- February 7th 2017, mnemonic breakfast seminar
- November 16th 2016, Semantic Technology for Intelligence, Defence and Security (STIDS2016), George Mason University.