Relevance Filtering for Shared Cyber Threat Intelligence (Short Paper)

  • Thomas D. Wagner
  • Esther Palomar
  • Khaled Mahbub
  • Ali E. Abdallah
Conference paper
First Online:
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10701)

Abstract

Cyber threat intelligence sharing is an imperative process to survive current and future attacks. The received information may protect stakeholders from being attacked by utilizing the course of action to remedy on-site vulnerabilities. Automating this process has shown to be challenging because several processes have to be synchronized and orchestrated to achieve the goal of automated information sharing. Organizations are inundated with threat information generated on site and received through crowd sourcing. This work presents a novel component for automated sharing, i.e. the content relevance filter.

Keywords

Threat intelligence platform Advanced persistent threat Cyber threat intelligence Threat sharing Relevance 
This is a preview of subscription content, log in to check access.

References

  1. 1.
    Al-Ibrahim, O., Mohaisen, A., Kamhoua, C., Kwiat, K., Njilla, L.: Beyond free riding: quality of indicators for assessing participation in information sharing for threat intelligence. arXiv preprint arXiv:1702.00552 (2017)
  2. 2.
    Friedman, J., Bouchard, M.: Definitive Guide to Cyber Threat Intelligence. CyberEdge Press (2015)Google Scholar
  3. 3.
    Iimura, T., Miyamoto, D., Tazaki, H., Kadobayashi, Y.: NECOMAtter: curating approach for sharing cyber threat information. In: Proceedings of The Ninth International Conference on Future Internet Technologies, p. 19. ACM (2014)Google Scholar
  4. 4.
    Khouzani, M.H.R., Pham, V., Cid, C.: Strategic discovery and sharing of vulnerabilities in competitive environments. In: Poovendran, R., Saad, W. (eds.) GameSec 2014. LNCS, vol. 8840, pp. 59–78. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-12601-2_4 Google Scholar
  5. 5.
    Lu, S., Kokar, M.M.: A situation assessment framework for cyber security information relevance reasoning. In: 2015 18th International Conference on Information Fusion (Fusion), pp. 1459–1466. IEEE (2015)Google Scholar
  6. 6.
    Sillaber, C., Sauerwein, C., Mussmann, A., Breu, R.: Data quality challenges and future research directions in threat intelligence sharing practice. In: Proceedings of the 2016 ACM on Workshop on Information Sharing and Collaborative Security, pp. 65–70. ACM (2016)Google Scholar
  7. 7.
    Wagner, C., Dulaunoy, A., Wagener, G., Iklody, A.: MISP: the design and implementation of a collaborative threat intelligence sharing platform. In: Proceedings of the 2016 ACM on Workshop on Information Sharing and Collaborative Security, pp. 49–56. ACM (2016)Google Scholar
  8. 8.
    Zheng, D.E., Lewis, J.A.: Cyber Threat Information Sharing: Recommendations for Congress and the Administration (2015)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Thomas D. Wagner
    • 1
  • Esther Palomar
    • 1
  • Khaled Mahbub
    • 1
  • Ali E. Abdallah
    • 1
  1. 1.Birmingham City UniversityBirmingham, West MidlandsUK

Personalised recommendations