Skip to main content
SpringerLink
Log in

Application of Artificial Intelligence and Machine Learning in Producing Actionable Cyber Threat Intelligence

  • Chapter
  • First Online:
Digital Forensic Investigation of Internet of Things (IoT) Devices

Abstract

Cyber Threat Intelligence (CTI) can be used by organisations to assist their security teams in safeguarding their networks against cyber-attacks. This can be achieved by including threat data feeds into their networks or systems. However, despite being an effective Cyber Security (CS) tool, many organisations do not sufficiently utilise CTI. This is due to a number of reasons such as not fully understanding how to manage a daily flood of data filled with extraneous information across their security systems. This adds an additional layer of complexity to the tasks performed by their security teams who might not have the appropriate tools or sufficient skills to determine what information to prioritise and what information to disregard. Therefore, to help address the stated issue, this paper aims firstly to provide an in-depth understanding of what CTI is and how it can benefit organisations, and secondly to deliver a brief analysis of the application of Artificial Intelligence and Machine Learning in generating actionable CTI. The key contribution of this paper is that it assists organisations in better understanding their approach to CTI, which in turn will enable them to make informed decisions in relation to CTI.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
eBook
USD 16.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Montasari R, Hill R (2019) Next-generation digital forensics: challenges and future paradigms. In: 2019 IEEE 12th international conference on global security, safety and sustainability (ICGS3). IEEE, pp 205–212

    Google Scholar 

  2. Montasari Reza (2017) A standardised data acquisition process model for digital forensic investigations. Int J Inf Comput Secur 9(3):229–249

    Google Scholar 

  3. Montasari R (2018) Testing the comprehensive digital forensic investigation process model (the cdfipm). In: Technology for smart futures. Springer, pp 303–327

    Google Scholar 

  4. Montasari R, Hill R, Carpenter V, Montaseri F (2019) Digital forensic investigation of social media, acquisition and analysis of digital evidence. Int J Stratg Eng(IJoSE) 2(1):52–60

    Article  Google Scholar 

  5. Montasari R, Hosseinian-Far A, Hill R (2018) Policies, innovative self-adaptive techniques and understanding psychology of cyber security to counter adversarial attacks in network and cyber environments. In: Cyber criminology. Springer, pp 71–93

    Google Scholar 

  6. Montasari R, Hill R, Parkinson S, Peltola P, Hosseinian-Far A, Daneshkhah A (2020) Digital forensics: challenges and opportunities for future studies. Int J Organ Collect Intell (IJOCI) 10(2):37–53

    Google Scholar 

  7. Montasari R, Hosseinian-Far A, Hill R, Montaseri F, Sharma M, Shabbir S (2018) Are timing-based side-channel attacks feasible in shared, modern computing hardware? Int J Organ Collect Intell (IJOCI) 8(2):32–59

    Article  Google Scholar 

  8. Farsi M, Daneshkhah A, Hosseinian-Far A, Chatrabgoun O, Montasari R (2018) Crime data mining, threat analysis and prediction. In: Cyber criminology. Springer, pp 183–202

    Google Scholar 

  9. Montasari R (2017) An overview of cloud forensics strategy: capabilities, challenges, and opportunities. In: Strategic engineering for cloud computing and big data analytics. Springer, pp 189–205

    Google Scholar 

  10. Montasari R, Hill R, Montaseri F, Jahankhani H, Hosseinian-Far A (2019) Internet of things devices: digital forensic process and data reduction. Int J Electr Secur Digital Forensics

    Google Scholar 

  11. Montasari R, Peltola P (2015) Computer forensic analysis of private browsing modes. In: International conference on global security, safety, and sustainability. Springer, pp 96–109

    Google Scholar 

  12. Pescatore J (2019) SANS top new attacks and threat report, 2019. SANS Institute Cyber Security Report

    Google Scholar 

  13. McMillan R (2013) Definition: threat intelligence. Accessed 29 March 2019

    Google Scholar 

  14. Johansen G (2017) Digital forensics and incident response: an intelligent way to respond to attacks. Packt Publishing

    Google Scholar 

  15. CERT-UK (2015) An introduction to threat intelligence, 2015. CERT-UK. TLP White

    Google Scholar 

  16. NCSC (National Cyber Security Centre) (2016) Vulnerability management: guidance to help organisations assess and prioritise vulnerabilities. https://www.ncsc.gov.uk/guidance/vulnerability-management. NCSC. Accessed 05 March 2020

  17. CBEST (2016) CBEST intelligence-led testing: CBEST implementation guide, 2016. CBEST. Version 2.0

    Google Scholar 

  18. Crowd Strike (2019) Cyber threat intelligence. https://www.crowdstrike.com/epp-101/threat-intelligence/. Crowd Strike. Accessed 27 Feb 2020

  19. CREST (2019) What is cyber threat intelligence and how is it used? CREST. CTIPS (CREST Threat Intelligence Professionals)

    Google Scholar 

  20. KimeB (2016) Threat intelligence: planning and direction. SANS Institute. White Paper

    Google Scholar 

  21. Recorded Future (2020) What is threat intelligence? https://www.recordedfuture.com/threat-intelligence/. Crowd Strike. Accessed 17 Feb 2020

  22. Montasari R, Peltola P, Evans D (2015) Integrated computer forensics investigation process model (icfipm) for computer crime investigations. In: International conference on global security, safety, and sustainability. Springer, pp 83–95

    Google Scholar 

  23. Montasari R (2016) Review and assessment of the existing digital forensic investigation process models. Int J Comput Appl 147(7):41–49

    Google Scholar 

  24. Montasari R (2016) Formal two stage triage process model (ftstpm) for digital forensic practice. Int J Comput Sci Secur 10:69–87

    Google Scholar 

  25. Montasari R (2016) An ad hoc detailed review of digital forensic investigation process models. Int J Electron Secur Digit Forensics 8(3):205–223

    Article  Google Scholar 

  26. Stephen D, Mason R, Robert M, Matthew S (2016) Applying cyber threat intelligence to industrial control systems. J Cyber Secur Inf Syst 7(2)

    Google Scholar 

  27. Shackleford D (2015) Who’s using cyberthreat intelligence and how? SANS Institute. Accessed 24 Jan 2018

    Google Scholar 

  28. NormShield (2020) Cyber threat intelligence. https://www.normshield.com/cyber-security-with-artificial-intelligence-in-10-question/. Recorded Future. Accessed 24 Feb 2020

  29. Pokorny Z (2018) 4 ways machine learning produces actionable threat intelligence. https://www.recordedfuture.com/machine-learning-threat-intelligence/.NormShield. Accessed 25 Jan 2020

  30. Forcepoint (2020) What is threat intelligence?: Threat intelligence defined and explored. https://www.forcepoint.com/cyber-edu/threat-intelligence.Forcepoint. Accessed 29 Feb 2020

  31. Intel & Analysis Working Group (2020) What is cyber threat intelligence? https://www.cisecurity.org/blog/what-is-cyber-threat-intelligence/. CIS (Centre for Internet Security). Accessed 26 Jan 2020

  32. Avast (2020) What is threat intelligence?. https://smb.avast.com/answers/threat-intelligence. Avast. Accessed 07 March 2020

Download references

Author information

Authors and Affiliations

  1. Hillary Rodham Clinton School of Law, Swansea University, Richard Price Building, Sketty Ln, Sketty, Swansea, SA28PP, United Kingdom

    Reza Montasari & Stuart Macdonald

  2. Cardiff School of Technology, Cardiff Metropolitan University, Llandaff Campus, Western Avenue, Cardiff, CF52YB, United Kingdom

    Fiona Carroll

  3. Information Security and Cyber Criminology, Northumbria University, 110 Middlesex Street, London, E17HT, United Kingdom

    Hamid Jahankhani

  4. Faculty of Business and Law, University of Northampton, Waterside Campus, University Drive, Northampton, NN15PH, United Kingdom

    Amin Hosseinian-Far

  5. School of Computing, Electronics and Mathematics, Coventry University, Priory Street, Coventry, CV15FB, United Kingdom

    Alireza Daneshkhah

Authors
  1. Reza Montasari
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Fiona Carroll
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Stuart Macdonald
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Hamid Jahankhani
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Amin Hosseinian-Far
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Alireza Daneshkhah
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Reza Montasari .

Editor information

Editors and Affiliations

  1. Hillary Rodham Clinton School of Law, Swansea University, Swansea, UK

    Reza Montasari

  2. London Campus, Northumbria University, London, UK

    Hamid Jahankhani

  3. Department of Computer Science, University of Huddersfield, Huddersfield, UK

    Richard Hill

  4. Department of Computer Science, University of Huddersfield, Huddersfield, UK

    Simon Parkinson

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Montasari, R., Carroll, F., Macdonald, S., Jahankhani, H., Hosseinian-Far, A., Daneshkhah, A. (2021). Application of Artificial Intelligence and Machine Learning in Producing Actionable Cyber Threat Intelligence. In: Montasari, R., Jahankhani, H., Hill, R., Parkinson, S. (eds) Digital Forensic Investigation of Internet of Things (IoT) Devices. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-030-60425-7_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-60425-7_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-60424-0

  • Online ISBN: 978-3-030-60425-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation