| 1 Definition | 2 Functional Requirements | 3 Syntax |
| 4 Semantics | 5 Conformance Testing | 6 Performance Assessment |
1 Definition
Risk Descriptors related to Cyber Risks to be processed by the Primary Discontinuity Prediction.
2 Functional Requirements
See Semantics.
3 Syntax
https://schemas.mpai.community/CUI1/V2.0/data/CyberRiskDescriptors.json
4 Semantics
| Label | Description |
| Header | Cyber Risk Descriptors Header |
| – Standard-CyberRiskDescriptors | The characters “CUI-YRD-V” |
| – Version | Major version – 1 or 2 characters |
| – Dot-separator | The character “.” |
| – Subversion | Minor version – 1 or 2 characters |
| MInstanceID | Identifier of Virtual Space. |
| CyberRiskDescriptorsTime | Time of Cyber Risk Descriptors. |
| CyberRiskDescriptorsData | Set of Risk Descriptors. |
| – AttackerSourceIP | Data of IP of the Source Attacker |
| – AttackDetectionTime | Time the attack was started or detected. |
| – VectorProviderOrSource | Provider of input vector or external source. |
| – Type | IP address. |
| – AttackSorceIPAddress | IP address of source of attack. |
| – DoSDestinationIP | Data of IP of Destination attack. |
| – AttackDetectionTime | Time the attack was detected. |
| – VectorProviderOrSource | Provider of input vector or external source. |
| – Type | IP address. |
| – AttackDestinationIPAddress | IP address of attack destination. |
| – SourcePort | Data of Port originating the attack. |
| – AttackDetectionTime | Time the attack data flow was started or detected. |
| – Vector ProviderOrSource | Provider of input vector or external source. |
| – Type | Port Number. |
| – AttachSourcePortNumber | Port number from which the packet was sent. |
| – DestinationPort | Data of Port under attack. |
| – AttackDetectionTime | Time the attack data flow was started or detected. |
| – Vector ProviderOrSource | Provider of input vector or external source. |
| – Type | Port Number. |
| – AttackDestinationPortNumber | The port number to which the packet is directed. |
| – Protocol | Data of Protocol used by the attacker. |
| – AttackDetectionTime | Time of attack. |
| – VectorProviderOrSource | Provider of input vector or external source. |
| – Type | Protocol. |
| – CommunicationProtocol | Protocol name and version. |
| – Duration | Data of attack duration |
| – StartAndEndTime | Start and End. |
| – VectorProviderOrSource | Provider of input vector or external source. |
| – Type | Continuous or discontinuous. |
| – AttackDuration | Attack duration. |
| – Packets | Data of attack packets. |
| – AttackDetectionTime | Time the attack was detected. |
| – Vector ProviderOrSource | Provider of input vector or external source. |
| – Type | Packet size. |
| – TransmittedPacktetsNumber | Number of transmitted packets. |
| – RequestFrequency | Data of Frequency of HTTP Requests. |
| – AttackDetectionTime | Time attack was detected. |
| – Vector ProviderOrSource | Provider of input vector or external source. |
| – Type | Attack frequency. |
| – OccurrenceOfFlowRate | Frequency of attack data flows. |
| – IPAddressEntropy | Data of IP Address Entropy |
| – AttackDetectionTime | Time attack was detected. |
| – VectorProviderOrSource | Provider of input vector or external source. |
| – Type | Type of entropy (if available) |
| – SourceDiversity | Parameters related to attack entropy. |
| – TCPFlag | Data related to TCP packets. |
| – AttackDetectionTime | Time attack was detected. |
| – Vector ProviderOrSource | Provider of input vector or external source. |
| – Type | TCP Packet Flag. |
| – TCPPacketsFlag | Flags of TCP packets. |
5 Conformance Testing
A Data instance Conforms with Cyber Risk Descriptors (CUI-YRD) V2.0 if:
- The Data validates against the Cyber Risk Descriptors’ JSON Schema.
- All Data in the Cyber Risk Descriptors’ JSON Schema
- Have the specified type.
- Validate against their JSON Schemas.
