Advertisement

Cyber Threat Intelligence: Challenges and Opportunities

  • Mauro Conti
  • Tooska DargahiEmail author
  • Ali Dehghantanha
Part of the Advances in Information Security book series (ADIS, volume 70)

Abstract

The ever increasing number of cyber attacks requires the cyber security and forensic specialists to detect, analyze and defend against the cyber threats in almost real-time. In practice, timely dealing with such a large number of attacks is not possible without deeply perusing the attack features and taking corresponding intelligent defensive actions—this in essence defines cyber threat intelligence notion. However, such an intelligence would not be possible without the aid of artificial intelligence, machine learning and advanced data mining techniques to collect, analyse, and interpret cyber attack evidences. In this introductory chapter we first discuss the notion of cyber threat intelligence and its main challenges and opportunities, and then briefly introduce the chapters of the book which either address the identified challenges or present opportunistic solutions to provide threat intelligence.

Keywords

Cyber threat intelligence Indicators of attack Indicators of compromise Artificial intelligence 

Notes

Acknowledgements

We would like to sincerely thank all the authors and reviewers, as well as Springer editorial office for their effort towards the success of this book.

References

  1. 1.
    Alhawi, O.M.K., Baldwin, J., Dehghantanha, A.: Leveraging machine learning techniques for windows ransomware network traffic detection. In: M. Conti, A. Dehghantanha, T. Dargahi (eds.) Cyber Threat Intelligence, chap. 5. Springer - Advances in Information Security series (2018, in press)Google Scholar
  2. 2.
    Baldwin, J., Alhawi, O.M.K., Shaughnessy, S., Akinbi, A., Dehghantanha, A.: Emerging from The Cloud: a Bibliometric Analysis of Cloud Forensics Studies. In: M. Conti, A. Dehghantanha, T. Dargahi (eds.) Cyber Threat Intelligence, chap. 16, p. in press. Springer - Advances in Information Security series (2018)Google Scholar
  3. 3.
    Baldwin, J., Dehghantanha, A.: Leveraging support vector machine for opcode density based detection of crypto-ransomware. In: M. Conti, A. Dehghantanha, T. Dargahi (eds.) Cyber Threat Intelligence, chap. 6, p. in press. Springer - Advances in Information Security series (2018)Google Scholar
  4. 4.
    Ding, Q., Li, Z., Haeri, S., Trajković, L.: Application of machine learning techniques to detecting anomalies in communication networks: Classification algorithms. In: M. Conti, A. Dehghantanha, T. Dargahi (eds.) Cyber Threat Intelligence, chap. 4, p. in press. Springer - Advances in Information Security series (2018)Google Scholar
  5. 5.
    Ding, Q., Li, Z., Haeri, S., Trajković, L.: Application of machine learning techniques to detecting anomalies in communication networks: Datasets and feature selection algorithms. In: M. Conti, A. Dehghantanha, T. Dargahi (eds.) Cyber Threat Intelligence, chap. 3, p. in press. Springer - Advances in Information Security series (2018)Google Scholar
  6. 6.
    Elingiusti, M., Aniello, L., Querzoni, L., Baldoni, R.: PDF-malware detection: a survey and taxonomy of current techniques. In: M. Conti, A. Dehghantanha, T. Dargahi (eds.) Cyber Threat Intelligence, chap. 9, p. in press. Springer - Advances in Information Security series (2018)Google Scholar
  7. 7.
    Gill, J., Okere, I., HaddadPajouh, H., Dehghantanha, A.: Mobile Forensics: A Bibliometric Analysis. In: M. Conti, A. Dehghantanha, T. Dargahi (eds.) Cyber Threat Intelligence, chap. 15, p. in press. Springer - Advances in Information Security series (2018)Google Scholar
  8. 8.
    Haughey, H., Epiphaniou, G., Al-Khateeb, H., Dehghantanha, A.: Adaptive Traffic Fingerprinting for Darknet Threat Intelligence. In: M. Conti, A. Dehghantanha, T. Dargahi (eds.) Cyber Threat Intelligence, chap. 10, p. in press. Springer - Advances in Information Security series (2018)Google Scholar
  9. 9.
    Homayoun, S., Ahmadzadeh, M., Hashemi, S., Dehghantanha, A., Khayami, R.: BoTShark: A deep learning approach for botnet traffic detection. In: M. Conti, A. Dehghantanha, T. Dargahi (eds.) Cyber Threat Intelligence, chap. 7, p. in press. Springer - Advances in Information Security series (2018)Google Scholar
  10. 10.
    Pandya, M.K., Homayoun, S., Dehghantanha, A.: Forensics Investigation of OpenFlow-Based SDN Platforms. In: M. Conti, A. Dehghantanha, T. Dargahi (eds.) Cyber Threat Intelligence, chap. 14, p. in press. Springer - Advances in Information Security series (2018)Google Scholar
  11. 11.
    Papalitsas, J., Rauti, S., Tammi, J., Leppänen, V.: A honeypot proxy framework for deceiving attackers with fabricated content. In: M. Conti, A. Dehghantanha, T. Dargahi (eds.) Cyber Threat Intelligence, chap. 12, p. in press. Springer - Advances in Information Security series (2018)Google Scholar
  12. 12.
    Park, R.: Guide to zero-day exploits (2015). URL https://www.symantec.com/connect/blogs/guide-zero-day-exploits
  13. 13.
    Petraityte, M., Dehghantanha, A., Epiphaniou, G.: A Model for Android and iOS Applications Risk Calculation: CVSS Analysis and Enhancement Using Case-Control Studies. In: M. Conti, A. Dehghantanha, T. Dargahi (eds.) Cyber Threat Intelligence, chap. 11, p. in press. Springer - Advances in Information Security series (2018)Google Scholar
  14. 14.
    Shackleford, D.: Who’s using cyberthreat intelligence and how? – a SANS survey (2015). URL https://www.sans.org/reading-room/whitepapers/analyst/cyberthreat-intelligence-how-35767
  15. 15.
    Shalaginov, A., Banin, S., Dehghantanha, A., Franke, K.: Machine learning aided static malware analysis: A survey and tutorial. In: M. Conti, A. Dehghantanha, T. Dargahi (eds.) Cyber Threat Intelligence, chap. 2, p. in press. Springer - Advances in Information Security series (2018)Google Scholar
  16. 16.
    Wardman, B., Weideman, M., Burgis, J., Harris, N., Butler, B., Pratt, N.: A practical analysis of the rise in mobile phishing. In: M. Conti, A. Dehghantanha, T. Dargahi (eds.) Cyber Threat Intelligence, chap. 8, p. in press. Springer - Advances in Information Security series (2018)Google Scholar
  17. 17.
    Yasmin, R., Memarian, M.R., Hosseinzadeh, S., Conti, M., Leppänen, V.: Investigating the possibility of data leakage in time of live VM migration. In: M. Conti, A. Dehghantanha, T. Dargahi (eds.) Cyber Threat Intelligence, chap. 13, p. in press. Springer - Advances in Information Security series (2018)Google Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.University of PaduaPaduaItaly
  2. 2.Department of Computer ScienceUniversity of SalfordManchesterUK
  3. 3.Department of Computer ScienceUniversity of SheffieldSheffieldUK

Personalised recommendations