scholarly journals Investigating sharing of Cyber Threat Intelligence and proposing a new data model for enabling automation in knowledge representation and exchange.

2021 ◽  
Author(s):  
Siri Bromander ◽  
Morton Swimmer ◽  
Lilly Muller ◽  
Audun Jøsang ◽  
Martin Eian ◽  
...  
Keyword(s):  
Knowledge Representation ◽  
Data Model ◽  
Data Validation ◽  
Threat Intelligence ◽  
Collective Defense ◽  
New Knowledge ◽  
Cyber Threat ◽  
Available Information ◽  
Cyber Threat Intelligence ◽  
Insight Into

For a strong, collective defense in the digital domain we need to produce, consume, analyze and share cyber threat intelligence. With an increasing amount of available information, we need automation in order to be effective. We present the results from a questionnaire investigating the use of standards and standardization and how practitioners share and use cyber threat intelligence. We propose a strict data model for cyber threat intelligence which enables consumption of all relevant data, data validation and analysis of consumed content. The main contribution of this paper is insight into how cyber threat intelligence is shared and used by practitioners, and the strictness of the data model which enforces input of information and enables automation and deduction of new knowledge.

Darkweb Cyber Threat Intelligence Mining

2017 ◽  
Author(s):  
John Robertson ◽  
Ahmad Diab ◽  
Ericsson Marin ◽  
Eric Nunes ◽  
Vivin Paliath ◽  
...  
Keyword(s):  
Threat Intelligence ◽  
Cyber Threat ◽  
Cyber Threat Intelligence

Dark-Net Ecosystem Cyber-Threat Intelligence (CTI) Tool

2019 ◽  
Author(s):  
Nolan Arnold ◽  
Mohammadreza Ebrahimi ◽  
Ning Zhang ◽  
Ben Lazarine ◽  
Mark Patton ◽  
...  
Keyword(s):  
Threat Intelligence ◽  
Cyber Threat ◽  
Cyber Threat Intelligence

scholarly journals Improving Forensic Triage Efficiency through Cyber Threat Intelligence

2019 ◽  
Vol 11 (7) ◽  
pp. 162 ◽  
Author(s):  
Nikolaos Serketzis ◽  
Vasilios Katos ◽  
Christos Ilioudis ◽  
Dimitrios Baltatzis ◽  
Georgios Pangalos
Keyword(s):  
Information Security ◽  
Digital Forensics ◽  
Incident Response ◽  
Security Controls ◽  
Digital Forensic ◽  
Threat Intelligence ◽  
Cyber Threat ◽  
Series Of Experiments ◽  
Cyber Threat Intelligence ◽  
Security Incidents

The complication of information technology and the proliferation of heterogeneous security devices that produce increased volumes of data coupled with the ever-changing threat landscape challenges have an adverse impact on the efficiency of information security controls and digital forensics, as well as incident response approaches. Cyber Threat Intelligence (CTI)and forensic preparedness are the two parts of the so-called managed security services that defendants can employ to repel, mitigate or investigate security incidents. Despite their success, there is no known effort that has combined these two approaches to enhance Digital Forensic Readiness (DFR) and thus decrease the time and cost of incident response and investigation. This paper builds upon and extends a DFR model that utilises actionable CTI to improve the maturity levels of DFR. The effectiveness and applicability of this model are evaluated through a series of experiments that employ malware-related network data simulating real-world attack scenarios. To this extent, the model manages to identify the root causes of information security incidents with high accuracy (90.73%), precision (96.17%) and recall (93.61%), while managing to decrease significantly the volume of data digital forensic investigators need to examine. The contribution of this paper is twofold. First, it indicates that CTI can be employed by digital forensics processes. Second, it demonstrates and evaluates an efficient mechanism that enhances operational DFR.

Sign in / Sign up

Export Citation Format

Share Document