Abstract
Cyber Threat Intelligence (CTI) can be used by organisations to assist their security teams in safeguarding their networks against cyber-attacks. This can be achieved by including threat data feeds into their networks or systems. However, despite being an effective Cyber Security (CS) tool, many organisations do not sufficiently utilise CTI. This is due to a number of reasons such as not fully understanding how to manage a daily flood of data filled with extraneous information across their security systems. This adds an additional layer of complexity to the tasks performed by their security teams who might not have the appropriate tools or sufficient skills to determine what information to prioritise and what information to disregard. Therefore, to help address the stated issue, this paper aims firstly to provide an in-depth understanding of what CTI is and how it can benefit organisations, and secondly to deliver a brief analysis of the application of Artificial Intelligence and Machine Learning in generating actionable CTI. The key contribution of this paper is that it assists organisations in better understanding their approach to CTI, which in turn will enable them to make informed decisions in relation to CTI.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Montasari R, Hill R (2019) Next-generation digital forensics: challenges and future paradigms. In: 2019 IEEE 12th international conference on global security, safety and sustainability (ICGS3). IEEE, pp 205–212
Montasari Reza (2017) A standardised data acquisition process model for digital forensic investigations. Int J Inf Comput Secur 9(3):229–249
Montasari R (2018) Testing the comprehensive digital forensic investigation process model (the cdfipm). In: Technology for smart futures. Springer, pp 303–327
Montasari R, Hill R, Carpenter V, Montaseri F (2019) Digital forensic investigation of social media, acquisition and analysis of digital evidence. Int J Stratg Eng(IJoSE) 2(1):52–60
Montasari R, Hosseinian-Far A, Hill R (2018) Policies, innovative self-adaptive techniques and understanding psychology of cyber security to counter adversarial attacks in network and cyber environments. In: Cyber criminology. Springer, pp 71–93
Montasari R, Hill R, Parkinson S, Peltola P, Hosseinian-Far A, Daneshkhah A (2020) Digital forensics: challenges and opportunities for future studies. Int J Organ Collect Intell (IJOCI) 10(2):37–53
Montasari R, Hosseinian-Far A, Hill R, Montaseri F, Sharma M, Shabbir S (2018) Are timing-based side-channel attacks feasible in shared, modern computing hardware? Int J Organ Collect Intell (IJOCI) 8(2):32–59
Farsi M, Daneshkhah A, Hosseinian-Far A, Chatrabgoun O, Montasari R (2018) Crime data mining, threat analysis and prediction. In: Cyber criminology. Springer, pp 183–202
Montasari R (2017) An overview of cloud forensics strategy: capabilities, challenges, and opportunities. In: Strategic engineering for cloud computing and big data analytics. Springer, pp 189–205
Montasari R, Hill R, Montaseri F, Jahankhani H, Hosseinian-Far A (2019) Internet of things devices: digital forensic process and data reduction. Int J Electr Secur Digital Forensics
Montasari R, Peltola P (2015) Computer forensic analysis of private browsing modes. In: International conference on global security, safety, and sustainability. Springer, pp 96–109
Pescatore J (2019) SANS top new attacks and threat report, 2019. SANS Institute Cyber Security Report
McMillan R (2013) Definition: threat intelligence. Accessed 29 March 2019
Johansen G (2017) Digital forensics and incident response: an intelligent way to respond to attacks. Packt Publishing
CERT-UK (2015) An introduction to threat intelligence, 2015. CERT-UK. TLP White
NCSC (National Cyber Security Centre) (2016) Vulnerability management: guidance to help organisations assess and prioritise vulnerabilities. https://www.ncsc.gov.uk/guidance/vulnerability-management. NCSC. Accessed 05 March 2020
CBEST (2016) CBEST intelligence-led testing: CBEST implementation guide, 2016. CBEST. Version 2.0
Crowd Strike (2019) Cyber threat intelligence. https://www.crowdstrike.com/epp-101/threat-intelligence/. Crowd Strike. Accessed 27 Feb 2020
CREST (2019) What is cyber threat intelligence and how is it used? CREST. CTIPS (CREST Threat Intelligence Professionals)
KimeB (2016) Threat intelligence: planning and direction. SANS Institute. White Paper
Recorded Future (2020) What is threat intelligence? https://www.recordedfuture.com/threat-intelligence/. Crowd Strike. Accessed 17 Feb 2020
Montasari R, Peltola P, Evans D (2015) Integrated computer forensics investigation process model (icfipm) for computer crime investigations. In: International conference on global security, safety, and sustainability. Springer, pp 83–95
Montasari R (2016) Review and assessment of the existing digital forensic investigation process models. Int J Comput Appl 147(7):41–49
Montasari R (2016) Formal two stage triage process model (ftstpm) for digital forensic practice. Int J Comput Sci Secur 10:69–87
Montasari R (2016) An ad hoc detailed review of digital forensic investigation process models. Int J Electron Secur Digit Forensics 8(3):205–223
Stephen D, Mason R, Robert M, Matthew S (2016) Applying cyber threat intelligence to industrial control systems. J Cyber Secur Inf Syst 7(2)
Shackleford D (2015) Who’s using cyberthreat intelligence and how? SANS Institute. Accessed 24 Jan 2018
NormShield (2020) Cyber threat intelligence. https://www.normshield.com/cyber-security-with-artificial-intelligence-in-10-question/. Recorded Future. Accessed 24 Feb 2020
Pokorny Z (2018) 4 ways machine learning produces actionable threat intelligence. https://www.recordedfuture.com/machine-learning-threat-intelligence/.NormShield. Accessed 25 Jan 2020
Forcepoint (2020) What is threat intelligence?: Threat intelligence defined and explored. https://www.forcepoint.com/cyber-edu/threat-intelligence.Forcepoint. Accessed 29 Feb 2020
Intel & Analysis Working Group (2020) What is cyber threat intelligence? https://www.cisecurity.org/blog/what-is-cyber-threat-intelligence/. CIS (Centre for Internet Security). Accessed 26 Jan 2020
Avast (2020) What is threat intelligence?. https://smb.avast.com/answers/threat-intelligence. Avast. Accessed 07 March 2020
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Montasari, R., Carroll, F., Macdonald, S., Jahankhani, H., Hosseinian-Far, A., Daneshkhah, A. (2021). Application of Artificial Intelligence and Machine Learning in Producing Actionable Cyber Threat Intelligence. In: Montasari, R., Jahankhani, H., Hill, R., Parkinson, S. (eds) Digital Forensic Investigation of Internet of Things (IoT) Devices. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-030-60425-7_3
Download citation
DOI: https://doi.org/10.1007/978-3-030-60425-7_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-60424-0
Online ISBN: 978-3-030-60425-7
eBook Packages: Computer ScienceComputer Science (R0)