| 1 Definition | 2 Functional Requirements | 3 Syntax |
| 4 Semantics | 5 Conformance Testing | 6 Performance Assessment |
1 Definition
Data produced based on the Primary Risk Statements describing the Cyber Risk to be processed by the Primary Discontinuity Prediction.
2 Functional Requirements
See Semantics.
3 Syntax
https://schemas.mpai.community/CUI1/V2.0/data/CyberRiskDescriptors.json
4 Semantics
| Label | Description |
| Header | Space-Time Header |
| – Standard-Object | The characters “CUI-YRD-V” |
| – Version | Major version – 1 or 2 characters |
| – Dot-separator | The character “.” |
| – Subversion | Minor version – 1 or 2 characters |
| MInstanceID | Identifier of Virtual Space. |
| CyberRiskStatementTime | Cyber Risk Statement Time |
| CyberRiskData | Set of Risk Statements |
| – AttackerSourceIP | |
| – AttackDetectionTime | Time the attack was started or detected. |
| – VectorProviderOrSource | Provider of input vector or external source. |
| – Type | IP address |
| – AttackSorceIPAddress | IP address of source of attack |
| – DoSDestinationIP | |
| – AttackDetectionTime | Time the DoS was detected. |
| – VectorProviderOrSource | Provider of input vector or external source. |
| – Type | Type: IP address |
| – AttackDestinationIPAddress | IP address of destination of attack |
| – SourcePort | |
| – AttackDetectionTime | Time the flow was started or detected. |
| – Vector ProviderOrSource | Provider of input vector or external source. |
| – Type | Number |
| – AttachSourcePortNumber | Port number from which the packet was sent. |
| – DestinationPort | |
| – AttackDetectionTime | Time the flow was started or detected. |
| – Vector ProviderOrSource | Provider of input vector or external source. |
| – Type | Number |
| – AttackDestinationPortNumber | The port number to which the packet is directed. |
| – Protocol | |
| – AttackDetectionTime | |
| – Vector ProviderOrSource | |
| – Type | |
| – CommunicationProtocol | |
| – Duration | |
| – StartAndEndTimeTime | |
| – Vector ProviderOrSource | |
| – Type | |
| – AttackDuration | |
| – Packets | |
| – AttackDetectionTime | |
| – Vector ProviderOrSource | |
| – Type | |
| – TransmittedPacktetsNumber | |
| – Bytes | |
| – AttackDetectionTime | |
| – Vector ProviderOrSource | |
| – Type | |
| – DataTransferVolume | |
| – RequestFrequency | |
| – AttackDetectionTime | |
| – Vector ProviderOrSource | |
| – Type | |
| – OccurrenceOfFlowRate | |
| – IPAddressEntropy | |
| – AttackDetectionTime | |
| – Vector ProviderOrSource | |
| – Type | |
| – SourceDiversity | |
| – TCPFlag | |
| – AttackDetectionTime | |
| – Vector ProviderOrSource | |
| – Type | |
| – TCPPacketsFlag |
5 Conformance Testing
A Data instance Conforms with Primary Risk Statements (CUI-PRS) V2.0 if:
- The Data validates against the Primary Risk Statements’ JSON Schema.
- All Data in the Primary Risk Statements’ JSON Schema
- Have the specified type.
- Validate against their JSON Schemas.
- Conform with their Data Qualifiers if present.
