Skip to content
This repository is for development of the Unified Cyber Ontology.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
docs
uco-action Normalized all the ttl files with rdf-toolkit. The observable.ttl has… Jul 13, 2019
uco-core
uco-identity
uco-investigation Normalized all the ttl files with rdf-toolkit. The observable.ttl has… Jul 13, 2019
uco-location Normalized all the ttl files with rdf-toolkit. The observable.ttl has… Jul 13, 2019
uco-marking
uco-master Normalized all the ttl files with rdf-toolkit. The observable.ttl has… Jul 13, 2019
uco-observable A few fixes for embedded quotes issues Jul 13, 2019
uco-pattern Normalized all the ttl files with rdf-toolkit. The observable.ttl has… Jul 13, 2019
uco-role
uco-time
uco-tool Normalized all the ttl files with rdf-toolkit. The observable.ttl has… Jul 13, 2019
uco-types
uco-victim Normalized all the ttl files with rdf-toolkit. The observable.ttl has… Jul 13, 2019
.gitignore Ignore jekyll output/working files Mar 9, 2017
LICENSE Create LICENSE Dec 19, 2018
README.md
_config.yml Set theme jekyll-theme-slate Jan 4, 2017
catalog-v001.xml Modifications to address issue #103 Jul 12, 2019

README.md

“An ontology defines the basic terms and relations comprising the vocabulary of a topic area, as well as the rules for combining terms and relations to define extensions to the vocabulary. ” (Neches R, Fikes R, Finin T, Gruber T, Patil R, Senator T, Swartout WR (1991) “Enabling Technology for Knowledge Sharing” AI Magazine. Winter 1991. 36-56.)

“An ontology is a formal, explicit specification of a shared conceptualization. ” (Studer, Benjamins, Fensel. Knowledge Engineering: Principles and Methods. Data and Knowledge Engineering. 25 (1998) 161-197)

Unified Cyber Ontology (UCO)

Unified Cyber Ontology (UCO) is a community-developed ontology/model, which is intended to serve as a consistent foundation for standardized information representation across the cyber security domain/ecosystem.

Specific information representations focused on individual cyber security subdomains (cyber investigation, computer/network defense, threat intelligence, malware analysis, vulnerability research, offensive/hack-back operations, etc.) can be be based on UCO and defined as appropriate subsets of UCO constructs.

Through this approach not only are domain-focused representations defined consistently but they also can take advantage of shared APIs and information can flow in an automated fashion across subdomain boundaries.

The purpose of this repository is to provide a foundation for broader community involvement in defining what to represent and how.

Current Release

The current release of UCO is v0.3.0

The content of v0.3.0 is primarily of fixing lexical, syntactic and semantic reasoning errors present in v0.2.0 and simplifying in some areas. Its content is driven primarily from the initial base requirements of expressing cyber investigation information and is the product of input from the Cyberinvestigation Analysis Standard Expression (CASE) community.

Future versions of UCO will not only expand and refine the ontology itself but will also provide more complete and formalized documentation.

You can’t perform that action at this time.