VirusBattle: State-of-the-art malware analysis for better cyber threat intelligence

2014 ◽  
Author(s):  
Craig Miles ◽  
Arun Lakhotia ◽  
Charles LeDoux ◽  
Aaron Newsom ◽  
Vivek Notani
Keyword(s):  
State Of The Art ◽  
Malware Analysis ◽  
Threat Intelligence ◽  
Cyber Threat ◽  
Cyber Threat Intelligence

scholarly journals Threats from the Dark: A Review over Dark Web Investigation Research for Cyber Threat Intelligence

2021 ◽  
Vol 2021 ◽  
pp. 1-21
Author(s):  
Randa Basheer ◽  
Bassel Alkhatib
Keyword(s):  
State Of The Art ◽  
Deep Web ◽  
Web Content ◽  
Ethical Considerations ◽  
Future Directions ◽  
Threat Intelligence ◽  
Cyber Threat ◽  
Cyber Threat Intelligence ◽  
Surface Web ◽  
Dark Web

From proactive detection of cyberattacks to the identification of key actors, analyzing contents of the Dark Web plays a significant role in deterring cybercrimes and understanding criminal minds. Researching in the Dark Web proved to be an essential step in fighting cybercrime, whether with a standalone investigation of the Dark Web solely or an integrated one that includes contents from the Surface Web and the Deep Web. In this review, we probe recent studies in the field of analyzing Dark Web content for Cyber Threat Intelligence (CTI), introducing a comprehensive analysis of their techniques, methods, tools, approaches, and results, and discussing their possible limitations. In this review, we demonstrate the significance of studying the contents of different platforms on the Dark Web, leading new researchers through state-of-the-art methodologies. Furthermore, we discuss the technical challenges, ethical considerations, and future directions in the domain.

scholarly journals A Shared Cyber Threat Intelligence Solution for SMEs

Electronics ◽  
2021 ◽  
Vol 10 (23) ◽  
pp. 2913
Author(s):  
Max van Haastrecht ◽  
Guy Golpur ◽  
Gilad Tzismadia ◽  
Rolan Kab ◽  
Cristian Priboi ◽  
...  
Keyword(s):  
Systematic Review ◽  
State Of The Art ◽  
Cyber Threats ◽  
Current State ◽  
Intelligence Sharing ◽  
Threat Intelligence ◽  
Cyber Threat ◽  
Cyber Threat Intelligence

Small- and medium-sized enterprises (SMEs) frequently experience cyberattacks, but often do not have the means to counter these attacks. Therefore, cybersecurity researchers and practitioners need to aid SMEs in their defence against cyber threats. Research has shown that SMEs require solutions that are automated and adapted to their context. In recent years, we have seen a surge in initiatives to share cyber threat intelligence (CTI) to improve collective cybersecurity resilience. Shared CTI has the potential to answer the SME call for automated and adaptable solutions. Sadly, as we demonstrate in this paper, current shared intelligence approaches scarcely address SME needs. We must investigate how shared CTI can be used to improve SME cybersecurity resilience. In this paper, we tackle this challenge using a systematic review to discover current state-of-the-art approaches to using shared CTI. We find that threat intelligence sharing platforms such as MISP have the potential to address SME needs, provided that the shared intelligence is turned into actionable insights. Based on this observation, we developed a prototype application that processes MISP data automatically, prioritises cybersecurity threats for SMEs, and provides SMEs with actionable recommendations tailored to their context. Subsequent evaluations in operational environments will help to improve our application, such that SMEs are enabled to thwart cyberattacks in future.

Darkweb Cyber Threat Intelligence Mining

2017 ◽  
Author(s):  
John Robertson ◽  
Ahmad Diab ◽  
Ericsson Marin ◽  
Eric Nunes ◽  
Vivin Paliath ◽  
...  
Keyword(s):  
Threat Intelligence ◽  
Cyber Threat ◽  
Cyber Threat Intelligence

Dark-Net Ecosystem Cyber-Threat Intelligence (CTI) Tool

2019 ◽  
Author(s):  
Nolan Arnold ◽  
Mohammadreza Ebrahimi ◽  
Ning Zhang ◽  
Ben Lazarine ◽  
Mark Patton ◽  
...  
Keyword(s):  
Threat Intelligence ◽  
Cyber Threat ◽  
Cyber Threat Intelligence

scholarly journals Improving Forensic Triage Efficiency through Cyber Threat Intelligence

2019 ◽  
Vol 11 (7) ◽  
pp. 162 ◽  
Author(s):  
Nikolaos Serketzis ◽  
Vasilios Katos ◽  
Christos Ilioudis ◽  
Dimitrios Baltatzis ◽  
Georgios Pangalos
Keyword(s):  
Information Security ◽  
Digital Forensics ◽  
Incident Response ◽  
Security Controls ◽  
Digital Forensic ◽  
Threat Intelligence ◽  
Cyber Threat ◽  
Series Of Experiments ◽  
Cyber Threat Intelligence ◽  
Security Incidents

The complication of information technology and the proliferation of heterogeneous security devices that produce increased volumes of data coupled with the ever-changing threat landscape challenges have an adverse impact on the efficiency of information security controls and digital forensics, as well as incident response approaches. Cyber Threat Intelligence (CTI)and forensic preparedness are the two parts of the so-called managed security services that defendants can employ to repel, mitigate or investigate security incidents. Despite their success, there is no known effort that has combined these two approaches to enhance Digital Forensic Readiness (DFR) and thus decrease the time and cost of incident response and investigation. This paper builds upon and extends a DFR model that utilises actionable CTI to improve the maturity levels of DFR. The effectiveness and applicability of this model are evaluated through a series of experiments that employ malware-related network data simulating real-world attack scenarios. To this extent, the model manages to identify the root causes of information security incidents with high accuracy (90.73%), precision (96.17%) and recall (93.61%), while managing to decrease significantly the volume of data digital forensic investigators need to examine. The contribution of this paper is twofold. First, it indicates that CTI can be employed by digital forensics processes. Second, it demonstrates and evaluates an efficient mechanism that enhances operational DFR.

Sign in / Sign up

Export Citation Format

Share Document