scholarly journals A Shared Cyber Threat Intelligence Solution for SMEs

Electronics ◽  
2021 ◽  
Vol 10 (23) ◽  
pp. 2913
Author(s):  
Max van Haastrecht ◽  
Guy Golpur ◽  
Gilad Tzismadia ◽  
Rolan Kab ◽  
Cristian Priboi ◽  
...  
Keyword(s):  
Systematic Review ◽  
State Of The Art ◽  
Cyber Threats ◽  
Current State ◽  
Intelligence Sharing ◽  
Threat Intelligence ◽  
Cyber Threat ◽  
Cyber Threat Intelligence

Small- and medium-sized enterprises (SMEs) frequently experience cyberattacks, but often do not have the means to counter these attacks. Therefore, cybersecurity researchers and practitioners need to aid SMEs in their defence against cyber threats. Research has shown that SMEs require solutions that are automated and adapted to their context. In recent years, we have seen a surge in initiatives to share cyber threat intelligence (CTI) to improve collective cybersecurity resilience. Shared CTI has the potential to answer the SME call for automated and adaptable solutions. Sadly, as we demonstrate in this paper, current shared intelligence approaches scarcely address SME needs. We must investigate how shared CTI can be used to improve SME cybersecurity resilience. In this paper, we tackle this challenge using a systematic review to discover current state-of-the-art approaches to using shared CTI. We find that threat intelligence sharing platforms such as MISP have the potential to address SME needs, provided that the shared intelligence is turned into actionable insights. Based on this observation, we developed a prototype application that processes MISP data automatically, prioritises cybersecurity threats for SMEs, and provides SMEs with actionable recommendations tailored to their context. Subsequent evaluations in operational environments will help to improve our application, such that SMEs are enabled to thwart cyberattacks in future.

scholarly journals A Theoretical review on the importance of Threat Intelligence Sharing & The challenges intricated

2021 ◽  
Vol 12 (3) ◽  
pp. 3950-3956
Author(s):  
Sandhya Sukhabogi Et.al
Keyword(s):  
Cyber Defense ◽  
Related Data ◽  
Cyber Threats ◽  
Broad View ◽  
Intelligence Sharing ◽  
Threat Intelligence ◽  
Cyber Threat ◽  
Cyber Threat Intelligence ◽  
Day By Day

Cyber Threat Intelligence (CTI) is the emerging strategy of cyber defense which helps organizations to combat the latest and more sophisticated cyber threats. Gathering this threat information, analyzing and communicating it between the security teams is very difficult and challenging because of the heterogeneous aspects involved.  The necessity of sharing the intelligence related data collected by organizations is increasing day by day to counter the ever changing and highly dynamic threat landscape. In this paper an attempt is made to understand CTI concept and how it is collected and analyzed to form useful actionable intelligence are observed. The importance of Threat intelligence sharing, and various standards working in the area of TIS are also mentioned. Finally the primary challenges in TIS are given a light in a broad view

scholarly journals BLOCIS: Blockchain-Based Cyber Threat Intelligence Sharing Framework for Sybil-Resistance

Electronics ◽  
2020 ◽  
Vol 9 (3) ◽  
pp. 521 ◽  
Author(s):  
Seonghyeon Gong ◽  
Changhoon Lee
Keyword(s):  
Sybil Attack ◽  
Validity And Reliability ◽  
Related Data ◽  
Cyber Threats ◽  
Fifth Generation ◽  
Inaccurate Data ◽  
Threat Intelligence ◽  
Cyber Threat ◽  
Cyber Threat Intelligence ◽  
The Impact

The convergence of fifth-generation (5G) communication and the Internet-of-Things (IoT) has dramatically increased the diversity and complexity of the network. This change diversifies the attacker’s attack vectors, increasing the impact and damage of cyber threats. Cyber threat intelligence (CTI) technology is a proof-based security system which responds to these advanced cyber threats proactively by analyzing and sharing security-related data. However, the performance of CTI systems can be significantly compromised by creating and disseminating improper security policies if an attacker intentionally injects malicious data into the system. In this paper, we propose a blockchain-based CTI framework that improves confidence in the source and content of the data and can quickly detect and eliminate inaccurate data for resistance to a Sybil attack. The proposed framework collects CTI by a procedure validated through smart contracts and stores information about the metainformation of data in a blockchain network. The proposed system ensures the validity and reliability of CTI data by ensuring traceability to the data source and proposes a system model that can efficiently operate and manage CTI data in compliance with the de facto standard. We present the simulation results to prove the effectiveness and Sybil-resistance of the proposed framework in terms of reliability and cost to attackers.

The Quest for the Appropriate Cyber-threat Intelligence Sharing Platform

2019 ◽  
Author(s):  
Thanasis Chantzios ◽  
Paris Koloveas ◽  
Spiros Skiadopoulos ◽  
Nikos Kolokotronis ◽  
Christos Tryfonopoulos ◽  
...  
Keyword(s):  
Intelligence Sharing ◽  
Threat Intelligence ◽  
Cyber Threat ◽  
Cyber Threat Intelligence

scholarly journals A Novel Trust Taxonomy for Shared Cyber Threat Intelligence

2018 ◽  
Vol 2018 ◽  
pp. 1-11 ◽  
Author(s):  
Thomas D. Wagner ◽  
Esther Palomar ◽  
Khaled Mahbub ◽  
Ali E. Abdallah
Keyword(s):  
Focal Point ◽  
Relevant Information ◽  
Illustrative Case ◽  
Sensitive Information ◽  
Trust Establishment ◽  
Intelligence Sharing ◽  
Threat Intelligence ◽  
Cyber Threat ◽  
High Level ◽  
Cyber Threat Intelligence

Cyber threat intelligence sharing has become a focal point for many organizations to improve resilience against cyberattacks. The objective lies in sharing relevant information achieved through automating as many processes as possible without losing control or compromising security. The intelligence may be crowdsourced from decentralized stakeholders to collect and enrich existing information. Trust is an attribute of actionable cyber threat intelligence that has to be established between stakeholders. Sharing information about vulnerabilities requires a high level of trust because of the sensitive information. Some threat intelligence platforms/providers support trust establishment through internal vetting processes; others rely on stakeholders to manually build up trust. The latter may reduce the amount of intelligence sources. This work presents a novel trust taxonomy to establish a trusted threat sharing environment. 30 popular threat intelligence platforms/providers were analyzed and compared regarding trust functionalities. Trust taxonomies were analyzed and compared. Illustrative case studies were developed and analyzed applying our trust taxonomy.

scholarly journals Cyber Threat Intelligence and its Role in Proactive Incident Response

2017 ◽  
Author(s):  
Husam Hassan Ambusaidi ◽  
Dr. PRAKASH KUMAR UDUPI
Keyword(s):  
Early Detection ◽  
Cyber Security ◽  
Cyber Attacks ◽  
Incident Response ◽  
Cyber Threats ◽  
Threat Intelligence ◽  
Reliable Source ◽  
Cyber Threat ◽  
Cyber Threat Intelligence

Every day organizations are targeted by different and sophisticated cyber attacks. Most of these organizations are unaware that they are targeted and their networks are compromised. To detect the compromised networks the organizations need a reliable source of cyber threats information.  Many cyber security service vendors provide threat intelligence information to allow early detection of the cyber threats. This research will explore different type of cyber threat intelligence and its role in proactive incident response. The research study the threat intelligence features and how the threat feeds collected and then distributed.  The research studies the role of cyber threat intelligence in early detection of the threats.

scholarly journals Threats from the Dark: A Review over Dark Web Investigation Research for Cyber Threat Intelligence

2021 ◽  
Vol 2021 ◽  
pp. 1-21
Author(s):  
Randa Basheer ◽  
Bassel Alkhatib
Keyword(s):  
State Of The Art ◽  
Deep Web ◽  
Web Content ◽  
Ethical Considerations ◽  
Future Directions ◽  
Threat Intelligence ◽  
Cyber Threat ◽  
Cyber Threat Intelligence ◽  
Surface Web ◽  
Dark Web

From proactive detection of cyberattacks to the identification of key actors, analyzing contents of the Dark Web plays a significant role in deterring cybercrimes and understanding criminal minds. Researching in the Dark Web proved to be an essential step in fighting cybercrime, whether with a standalone investigation of the Dark Web solely or an integrated one that includes contents from the Surface Web and the Deep Web. In this review, we probe recent studies in the field of analyzing Dark Web content for Cyber Threat Intelligence (CTI), introducing a comprehensive analysis of their techniques, methods, tools, approaches, and results, and discussing their possible limitations. In this review, we demonstrate the significance of studying the contents of different platforms on the Dark Web, leading new researchers through state-of-the-art methodologies. Furthermore, we discuss the technical challenges, ethical considerations, and future directions in the domain.

Sign in / Sign up

Export Citation Format

Share Document