Abstract
The rapid integration of information technology has been met with an alarming rate of cyber-attacks conducted by malicious hackers using sophisticated exploits. Many organizations have aimed to develop timely, relevant, and actionable cyber threat intelligence (CTI) about emerging threats and key threat actors to enable effective cybersecurity decisions. To streamline and create efficient and effective CTI capabilities, many major cybersecurity companies such as FireEye, Anomali, ThreatConnect, McAfee, CyLance, ZeroFox, and numerous others have aimed to develop CTI platforms, enabling an unprecedented ability to prioritize threats; pinpoint key threat actors; understand their tools, techniques, and procedures (TTP); deploy appropriate security controls; and ultimately, improve overall cybersecurity hygiene. Given the significant benefits of such platforms, our objective for this chapter is to provide a systematic review of existing CTI platforms within industry today. Such a review can offer significant value to academics across multiple disciplines (e.g., sociology, computational linguistics, computer science, information systems, and information science) and industry professionals across public and private sectors. Systematically reviewing existing CTI platforms identified five future possible directions CTI start-ups can explore: (1) shift from reactive to proactive OSINT-based CTI platforms, (2) enhancement of natural language processing (NLP) and text mining capabilities, (3) enhancement of data mining capabilities, (4) further integration of big data and cloud computing technologies, and (5) opportunities and strategies for academia to address identified gaps.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Anomali. (2017). ThreatStream 6.0 Data Sheet. https://anomali.cdn.rackfoundry.net/files/ThreatStream_6.0.pdf.
Benjamin, V. A. (2016). Securing cyberspace: Analyzing cybercriminal communities through web and text mining perspectives. Doctoral dissertation, University of Arizona.
Benjamin, V. A., & Chen, H. (2013). Machine learning for attack vector identification in malicious source code. In 2013 IEEE international conference on intelligence and security informatics (ISI) (pp. 21–23). IEEE.
Benjamin, V., Li, W., Holt, T., & Chen, H. (2015). Exploring threats and vulnerabilities in hacker web: Forums, IRC and carding shops. In 2015 IEEE international conference on intelligence and security informatics (ISI) (pp. 85–90). IEEE.
Benjamin, V., Zhang, B., Nunamaker, J. F., & Chen, H. (2016). Examining hacker participation length in cybercriminal internet-relay-chat communities. Journal of Management Information Systems, 33(2), 482–510.
Benjamin, V., Valacich, S. J., & Chen, H. (2019). DICE-E: A Framework for Conducting Darknet Identification, Collection, Evaluation with Ethics. MIS Quarterly, 43(1), 1–22.
Friedman, J. 2015. Definitive guide to cyber threat intelligence. CyberEdge Group, LLC. https://cryptome.org/2015/09/cti-guide.pdf.
Luke Graham. (2017). Cybercrime costs the global economy $450 billion: CEO. Retrieved June 5, 2017, from https://www.cnbc.com/2017/02/07/cybercrime-costs-the-global-economy-450-billion-ceo.html.
Grisham, J., Samtani, S., Patton, M., & Chen, H. (2017). Identifying mobile malware and key threat actors in online hacker forums for proactive cyber threat intelligence. In 2017 IEEE international conference on intelligence and security informatics: Security and big data, ISI 2017 (pp. 13–18).
Kime, B. P. (2016). Threat intelligence: Planning and direction. SANS Institute. https://www.sans.org/reading-room/whitepapers/threats/threat-intelligence-planning-direction-36857. Accessed 5 June 2017.
Li, W. (2017). Towards secure and trustworthy cyberspace: Social media analytics on hacker communities. Doctoral dissertation, University of Arizona.
Li, W., & Chen, H. (2014). Identifying top sellers in underground economy using deep learning-based sentiment analysis. In 2014 IEEE joint intelligence and security informatics conference (pp. 64–67). IEEE.
Li, W., Chen, H., & Nunamaker, J. F. (2016a). Identifying and profiling key sellers in cyber carding community: AZSecure text mining system. Journal of Management Information Systems, 33(4), 1059–1086.
Li, W., Yin, J., & Chen, H. (2016b). Targeting key data breach services in underground supply chain. In IEEE international conference on intelligence and security informatics: cybersecurity and big data, ISI 2016 (pp. 322–324).
Samtani, S., & Chen, H. (2016). Using social network analysis to identify key hackers for keylogging tools in hacker forums. In 2016 IEEE conference on intelligence and security informatics (ISI) (pp. 319–321). IEEE.
Samtani, S., Chinn, R., & Chen, H. (2015). Exploring hacker assets in underground forums. In 2015 IEEE international conference on intelligence and security informatics (ISI) (pp. 31–36). IEEE.
Samtani, S., Chinn, K., Larson, C., & Chen, H. (2016). AZSecure hacker assets portal: Cyber threat intelligence and malware analysis. In 2016 IEEE conference on intelligence and security informatics (ISI) (pp. 19–24). IEEE.
Samtani, S., Chinn, R., Chen, H., & Nunamaker, J. F. (2017). Exploring emerging hacker assets and key hackers for proactive cyber threat intelligence. Journal of Management Information Systems, 34(4), 1023–1053.
Shackleford, D. (2016). 2016 security analytics survey. SANS Institute. https://www.sans.org/reading-room/whitepapers/analyst/2016-security-analytics-survey-37467. Accessed 5 June 2017.
Acknowledgments
This work was supported in part by NSF CRII CNS-1850362.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 The Author(s)
About this entry
Cite this entry
Samtani, S., Abate, M., Benjamin, V., Li, W. (2020). Cybersecurity as an Industry: A Cyber Threat Intelligence Perspective. In: Holt, T., Bossler, A. (eds) The Palgrave Handbook of International Cybercrime and Cyberdeviance. Palgrave Macmillan, Cham. https://doi.org/10.1007/978-3-319-78440-3_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-78440-3_8
Published:
Publisher Name: Palgrave Macmillan, Cham
Print ISBN: 978-3-319-78439-7
Online ISBN: 978-3-319-78440-3
eBook Packages: Law and CriminologyReference Module Humanities and Social SciencesReference Module Business, Economics and Social Sciences