This is not the first time we have talked about the Structured Threat Information Exchange (STIX) a description language used to compile and organise information about anything related to cybersecurity. It can be shared, stored, and analyzed in a consistent manner.
Today’s paper attempts to use STIX 2 to capture an additional piece of information : the opponent’s behavior. It’s a first step in this work, but its aim is to fill the gap left in the Cyber Threat Intelligence, which is almost entirely characterized by IoCs (Indicators of Compromise).
We will follow the development of this researcher's work with great interest.