Beyond technical data - a more comprehensive situational awareness fed by available intelligence information

Kornmaier, Andreas; Jaouen, Fabrice

doi:10.1109/cycon.2014.6916400

Cited by 6 publications

(5 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…During the analysis and production step, all processed information is integrated, evaluated, analyzed, and interpreted to produce intelligence. Kornmaier and Jaouën insisted that, to generate operational or strategic intelligence beyond tactical information, which is technical in nature, the threat data should be fused with data collected from different disciplines such as Human Based Intelligence (HUMINT), Imagery Intelligence (IMINT), Signal Intelligence (SIGINT), and Geographic Intelligence (GeoINT) [21].…”

Section: Analysis and Productionmentioning

confidence: 99%

Automated Dataset Generation System for Collaborative Research of Cyber Threat Analysis

Kim

2019

Security and Communication Networks

View full text Add to dashboard Cite

The objectives of cyberattacks are becoming sophisticated, and attackers are concealing their identity by masquerading as other attackers. Cyber threat intelligence (CTI) is gaining attention as a way to collect meaningful knowledge to better understand the intention of an attacker and eventually predict future attacks. A systemic threat analysis based on data acquired from actual cyber incidents is a useful approach to generating intelligence for such an objective. Developing an analysis technique requires a high volume and fine quality data. However, researchers can become discouraged by an inaccessibility to data because organizations rarely release their data to the research community. Owing to a data inaccessibility issue, academic research tends to be biased toward techniques that develope steps of the CTI process other than analysis and production.In this paper, we propose an automated dataset generation system called CTIMiner. The system collects threat data from publicly available security reports and malware repositories. The data are stored in a structured format. We released the source codes and dataset to the public, including approximately 640,000 records from 612 security reports published from January 2008 to June 2019. In addition, we present a statistical feature of the dataset and techniques that can be developed using it. Moreover, we demonstrate an application example of the dataset that analyzes the correlation and characteristics of an incident. We believe our dataset will promote collaborative research on threat analysis for the generation of CTI.

show abstract

Section: Analysis and Productionmentioning

confidence: 99%

Automated Dataset Generation System for Collaborative Research of Cyber Threat Analysis

Kim

2019

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…The three level of intelligence is translated into three different activities in the decomposition because they are carried out by different level of analyst and also produces three different outputs. The pyramid also shows that the to produce strategic intelligence, the decision makers cannot consume CTI directly, they need aggregated high level data, therefore before any CTI can be consumed by the top level managements it must be sorted, grouped, fusion and present it in a visual manner [14]. To accommodate those needs a CTI visualization, fusion and presentation activity to be added before the CTI is passed to the strategic CTI analysis.…”

Section: Decomposition Of the National Cti Analysismentioning

confidence: 99%

“…The quality checking and acceptance activity is the only activity that is not in the intelligence lifecycle that is included in the business process, the reason behind adding an extra activity is that interoperability and automation is one of the biggest challenge in CTI information sharing [14] that needs to be addressed. The nationwide CTI information exchange has to accommodate various security tools and products that the actors uses, the CTI that it disseminates must be a true actionable intelligence that could be used to auto configure security products for a fast mitigation of a cyber security threat.…”

Section: Decomposition Of the Quality Checking Andmentioning

confidence: 99%

Business Process Reengineering of an Information Exchange Management System for a Nationwide Cyber Threat Intelligence

Pramadi¹,

Rosmansyah²,

Kim³

et al. 2017

Journal of Korea Multimedia Society

View full text Add to dashboard Cite

Nowadays, nations cyber security capabilities play an important role in a nation's defense. Security-critical infrastructures such as national defenses, public services, and financial services are now exposed to Advanced Persistent Threats (APT) and their resistance to such attacks effects the nations stability. Currently Cyber Threat Intelligence (CTI) is widely used by organizations to mitigate and deter APT for its ability to proactively protect their assets by using evidence-based knowledge. The evidencebased knowledge information can be exchanged among organizations and used by the receiving party to strengthen their cyber security management. This paper will discuss on the business process reengineering of the CTI information exchange management for a nationwide scaled control and governance by the government to better protect their national information security assets.

show abstract

“…The intelligence information might offer early warning information about incoming threats or information needed for incident response. Paper [20] states that pure technical data is just a part of bigger situational awareness fused with intelligence information.…”

Section: Analysis Informationmentioning

confidence: 99%

Architecture for the Cyber Security Situational Awareness System

Kokkonen

2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

Beyond technical data - a more comprehensive situational awareness fed by available intelligence information

Cited by 6 publications

References 9 publications

Automated Dataset Generation System for Collaborative Research of Cyber Threat Analysis

Automated Dataset Generation System for Collaborative Research of Cyber Threat Analysis

Business Process Reengineering of an Information Exchange Management System for a Nationwide Cyber Threat Intelligence

Architecture for the Cyber Security Situational Awareness System

Contact Info

Product

Resources

About