Cyber Treat Intelligence Modeling

  • Adiel AviadEmail author
  • Krzysztof Węcel
Conference paper
Part of the Lecture Notes in Business Information Processing book series (LNBIP, volume 353)


This paper proposes semantic approach to manage cyber threat intelligence (CTI). The economic rational is presented as well as functional needs. Several cases of domain standards, tools and practices are modeled as a representation of the CTI sub-domain. This work focuses on the technical and operational CTI that is common to most organizations.


Cyber threat intelligence Threat intelligence Threat modeling Cybersecurity 


  1. 1.
    Shackleford, D.: Who’s Using Cyberthreat Intelligence and How ? (2015)Google Scholar
  2. 2.
    Brown, S., Gommers, J., Serrano, O.: From cyber security information sharing to threat management. In: Proceedings of the 2nd ACM Workshop on Information Sharing and Collaborative Security, pp. 43–49 (2015)Google Scholar
  3. 3.
    Goel, S.: Cyberwarfare: connecting the dots in cyber intelligence. Commun. ACM 54, 132 (2011)CrossRefGoogle Scholar
  4. 4.
    Chimson, D., Ruks, M.: Threat Intelligence: Collecting, Analysing, Evaluating (2015)Google Scholar
  5. 5.
    Berners-Lee, T., Hendler, J., Lassila, O.: The semantic web. Sci. Am. 284, 34–43 (2001)CrossRefGoogle Scholar
  6. 6.
    Connolly, J., Davidson, M., Matt, R., Clem, S.: The Trusted Automated eXchange of Indicator Information (TAXII) (2012)Google Scholar
  7. 7.
    Porche, I.: Emerging cyber threats and implications. Rand Corp. 8, 14 (2016)Google Scholar
  8. 8.
    Johnson, C., Badger, L., Waltermire, D., Snyder, J., Skorupka, C.: Guide to Cyber Threat Information Sharing NIST Special Publication 800-150 Guide to Cyber Threat Information Sharing (2016)Google Scholar
  9. 9.
    Lee, R.M., Bianco, D.: Generating Hypotheses for Successful Threat Hunting (2016)Google Scholar
  10. 10.
    CERT-UK, CISCP: An Introduction to threat intelligence. Searchsecurity Buyers Guide 7 (2016)Google Scholar
  11. 11.
    Barnum, S.: STIX WhitepaperGoogle Scholar
  12. 12.
  13. 13.
    Hayes, D.R., Cappa, F.: Open-source intelligence for risk assessment. Bus. Horiz. 61, 689–697 (2018)CrossRefGoogle Scholar
  14. 14.
    Quick, D., Choo, K.-K.R.: Digital forensic intelligence: data subsets and open source intelligence (DFINT + OSINT): a timely and cohesive mix. Futur. Gener. Comput. Syst. 78, 558–567 (2018)CrossRefGoogle Scholar
  15. 15.
    Shadbolt, N., Berners-Lee, T., Hall, W.: The semantic web revisited. IEEE Intell. Syst. 21, 96–101 (2006)CrossRefGoogle Scholar
  16. 16.
    Kim, N., Kim, B., Lee, S., Cho, H., Park, J.: Design of a cyber threat intelligence. Int. J. Innov. Res. Technol. Sci. 5 (2017)Google Scholar
  17. 17.
    Aviad, A., Węcel, K., Abramowicz, W.: A semantic approach to modelling of cybersecurity domain. J. Inf. Warf. 15, 91–102 (2016)Google Scholar
  18. 18.
    Hevner, A.R., March, S.T., Park, J., Ram, S.: Design science in information systems research. MIS Q. 28, 75–105 (2004)CrossRefGoogle Scholar
  19. 19.
    Kaplanski, P., Weichbroth, P.: Cognitum ontorion: knowledge representation and reasoning system. Stud. Comput. Intell. 658, 27–43 (2017)Google Scholar
  20. 20.
    Clark, R.M.: Intelligence Analysis: A Target-centric Approach. CQ Press, Washington (2013)Google Scholar
  21. 21.
    Antoniou, G., Van Harmelen, F.: A Semantic Web Primer (2008)Google Scholar
  22. 22.
    Verizon: 2016 Data Breach Investigations Report (2016)Google Scholar
  23. 23.
    Michel, F., Montagnat, J., Faron-Zucker, C.: A survey of RDB to RDF translation approaches and tools. Informatique, Signaux Et Systèmes, p. 23 (2014)Google Scholar
  24. 24.
    Hert, M., Reif, G., Gall, H.: A comparison of RDB-to-RDF mapping languages. In: Proceedings of the 7th International Conference on Semantic Systems- I-Semantics, pp. 25–32 (2011)Google Scholar
  25. 25.
    The White House, Office of the Press Secretary: Cyber Threat Intelligence Integration CenterGoogle Scholar
  26. 26.
    Kirillov, I.A., Chase, P., Beck, D., Martin, R.: Malware Attribute Enumeration and Characterization (2016)Google Scholar
  27. 27.
    MITRE: CAPEC - About CAPECGoogle Scholar
  28. 28.
    OWASP: OWASP Top 10 – 2013 (2003)Google Scholar
  29. 29.
    WASC: The WASC Threat Classification v2.0Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Poznan University of EconomicsPoznanPoland
  2. 2.Givat-ShmuelIsrael

Personalised recommendations