Indicator of compromise
Ọdịdị
Ihe ngosi nke nkwekọrịta (IoC) na nyocha kọmputa bụ ihe a hụrụ na netwọk ma ọ bụ na sistemụ arụmọrụ nke, na obi ike dị elu, na-egosi ntinye kọmputa.[1]
Ụdị ihe ngosi
[dezie | dezie ebe o si]IoCs ndị a na-ahụkarị bụ mbinye aka nje na adreesị IP, MD5 hashes nke faịlụ malware, ma ọ bụ URL ma ọ bụ aha ngalaba nke botnet iwu na njikwa sava. Mgbe achọpụtara IoCs site na usoro mmeghachi omume ihe omume na nyocha kọmputa, enwere ike iji ha mee ihe maka ịchọpụta ngwa ngwa nke mgbalị mwakpo n'ọdịnihu site na iji usoro nchọpụta intrusion na ngwanrọ antivirus.
Akụrụngwa
[dezie | dezie ebe o si]E nwere atụmatụ iji dozie usoro nke ndị na-akọwa IoC maka nhazi akpaaka nke ọma.[2][3] A na-agbanwekarị ihe ngosi ndị a ma ama n'ime ụlọ ọrụ ahụ, ebe a na-eji Traffic Light Protocol.[4][5][6][7][8][9][10]
Leekwa
[dezie | dezie ebe o si]- AlienVault
- Mandiant
- Malware
- Malware Information Sharing Platform
Ndetu
[dezie | dezie ebe o si]- ↑ Gragido (October 3, 2012). Understanding Indicators of Compromise (IoC) Part I. RSA. Archived from the original on September 14, 2017. Retrieved on June 5, 2019.
- ↑ The Incident Object Description Exchange Format. RFC 5070. IETF (December 2007). Retrieved on 2019-06-05.
- ↑ Introduction to STIX. Retrieved on 2019-06-05.
- ↑ FIRST announces Traffic Light Protocol (TLP) version 1.0. Forum of Incident Response and Security Teams. Retrieved on 2019-12-31.
- ↑ Luiijf (March 2015). Sharing Cyber Security Information. Global Conference on CyberSpace 2015. Toegepast Natuurwetenschappelijk Onderzoek. Retrieved on 2019-12-31.
- ↑ Stikvoort (11 November 2009). ISTLP - Information Sharing Traffic Light Protocol. Trusted Introducer. National Infrastructure Security Co-ordination Centre. Retrieved on 2019-12-31.
- ↑ Development of Policies for Protection of Critical Information Infrastructures. Organisation for Economic Co-operation and Development (OECD). Retrieved on 2019-12-31.
- ↑ ISO/IEC 27010:2015 [ISO/IEC 27010:2015 | Information technology — Security techniques — Information security management for inter-sector and inter-organizational communications]. International Organization for Standardization/International Electrotechnical Commission (November 2015). Retrieved on 2019-12-31.
- ↑ Traffic Light Protocol (TLP) Definitions and Usage. United States Department of Homeland Security. Retrieved on 2019-12-31.
- ↑ Traffic Light Protocol. Centre for Critical Infrastructure Protection. Archived from the original on 2013-02-05. Retrieved on 2019-12-31.