Strategic Cyber Threat Intelligence Sharing: A Case Study of IDS Logs

Dog, Spike; Tweed, Alex; Rouse, LeRoy; Chu, Bill; Duan, Qi; Hu, Yueqi; Yang, Jing; Al-Shaer, Ehab

doi:10.1109/icccn.2016.7568578

Cited by 9 publications

(7 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Some community-driven efforts attempt to detect and prevent botnets by providing databases with known spam bots such as the The Spamhaus Project [218] and IBM X-Force exchange [219], where IT researchers can report suspected IP addresses and see a list of IP addresses along with a % indicator of how likely the IP is used for C&C. Furthermore Structured Threat Information eXpression (STIX) is used for exchanging cyber threat intelligence (CTI) as described in [220]. Dog et al [221] examined the value of sharing IDS logs between enterprises and not just sharing IP addresses, domains and specific attacks. The study shows that intelligence sharing can provide good strategic threat information for enterprises.…”

Section: Community Driven Tools Against Botnetsmentioning

confidence: 99%

A Survey on Botnets: Incentives, Evolution, Detection and Current Trends

Stege

El-Habr

et al. 2021

Future Internet

View full text Add to dashboard Cite

Botnets, groups of malware-infected hosts controlled by malicious actors, have gained prominence in an era of pervasive computing and the Internet of Things. Botnets have shown a capacity to perform substantial damage through distributed denial-of-service attacks, information theft, spam and malware propagation. In this paper, a systematic literature review on botnets is presented to the reader in order to obtain an understanding of the incentives, evolution, detection, mitigation and current trends within the field of botnet research in pervasive computing. The literature review focuses particularly on the topic of botnet detection and the proposed solutions to mitigate the threat of botnets in system security. Botnet detection and mitigation mechanisms are categorised and briefly described to allow for an easy overview of the many proposed solutions. The paper also summarises the findings to identify current challenges and trends within research to help identify improvements for further botnet mitigation research.

show abstract

Section: Community Driven Tools Against Botnetsmentioning

confidence: 99%

A Survey on Botnets: Incentives, Evolution, Detection and Current Trends

Stege

El-Habr

et al. 2021

Future Internet

View full text Add to dashboard Cite

show abstract

“…That are Strategic Threat Intelligence, Tactical Threat Intelligence, Technical Threat Intelligence and Operational Threat Intelligence. Strategic Threat Intelligence offer the overview of the threat status of the organization (Dog et al, 2016;Tounsi & Rais, 2018). It is designed to provide information for high-level decisions made by managers and other decision makers in the organization.…”

Section: Strategic Threat Intelligencementioning

confidence: 99%

“…Before selecting the strategic of the threat intelligence, it is important to decide the organization's potential uses cases (Dog et al, 2016). Instead of select a strategic of the threat intelligence and try to accord and implement in the organization use cases to the strengths of the strategic.…”

Section: Implementation Of Strategic Threat Intelligencementioning

confidence: 99%

The Implementation of Strategic Threat Intelligence for Business Organization

Leong

2021

JITA

View full text Add to dashboard Cite

Nowadays strategic threat intelligence is very important to all the organization. Strategic cyber threat intelligence can determine who and why to provide key insights to the organization. It purpose is to determine who is behind a particular threat or threat family and addressing to evolving trends. The strategic level of cyber threat intelligence also included and explains about why. Why makes a company or an organization a target? Strategic Threat Intelligence offer the overview of the threat status of the organization. Therefore, the C-Suite include chief executive officer (CEO), chief financial officer (CFO), chief operating officer (COO) and chief information officer (CIO) of the organization use cyber threat intelligence data to understand the high-level trends and threats to the company or the organization. The C-Suite of the organization also need to know how to implement the strategic threat intelligence to prevent unexpected things happen. This research paper aims to discuss about the importance of the strategic threat intelligence to the company or organization and how to implement it. After knowing and understanding the implementation of strategic threat intelligence to the company or organization, this research paper also will discuss about the when of using strategic threat intelligence. The issue and challenges is also discussed in the article.

show abstract

“…Nevertheless, strategic intelligence is rarely shared because it could reveal information about the stakeholders strategic plans [21]. The researchers in [39] presented a use case for strategic CTI sharing from Intrusion Detection System (IDS) logs. The data was collected from sources such as, honeypots, incident reports, and logs.…”

Section: Industry Sector Sharingmentioning

confidence: 99%

Cyber threat intelligence sharing: Survey and research directions

Wagner

Mahbub

Palomar

et al. 2019

Computers & Security

184

View full text Add to dashboard Cite

Cyber Threat Intelligence (CTI) sharing has become a novel weapon in the arsenal of cyber defenders to proactively mitigate increasing cyber attacks. Automating the process of CTI sharing, and even the basic consumption, has raised new challenges for researchers and practitioners. This extensive literature survey explores the current state-of-the-art and approaches different problem areas of interest pertaining to the larger field of sharing cyber threat intelligence. The motivation for this research stems from the recent emergence of sharing cyber threat intelligence and the involved challenges of automating its processes. This work comprises a considerable amount of articles from academic and gray literature, and focuses on technical and non-technical challenges. Moreover, the findings reveal which topics were widely discussed, and hence considered relevant by the authors and cyber threat intelligence sharing communities.

show abstract

Strategic Cyber Threat Intelligence Sharing: A Case Study of IDS Logs

Cited by 9 publications

References 2 publications

A Survey on Botnets: Incentives, Evolution, Detection and Current Trends

A Survey on Botnets: Incentives, Evolution, Detection and Current Trends

The Implementation of Strategic Threat Intelligence for Business Organization

Cyber threat intelligence sharing: Survey and research directions

Contact Info

Product

Resources

About