Towards the adoption of automated cyber threat intelligence information sharing with integrated risk assessment
ARES '24: Proceedings of the 19th International Conference on Availability, Reliability and Security
Article No.: 166, Pages 1 - 9
Abstract
In the domain of cybersecurity, effective threat intelligence and information sharing are critical operations for ensuring appropriate and timely response against threats, but limited in automation, standardization, and ease of use in current platforms. This paper introduces a Cyber Threat Intelligence (CTI) Information Sharing platform, designed for critical infrastructures and cyber-physical systems. Our platform integrates existing cybersecurity tools and leverages digital twin technology, enhancing threat analysis and mitigation capabilities. It features an automated process for disseminating standardized and structured intelligence, utilizing the Malware Information Sharing Platform (MISP) for effective dissemination. A significant enhancement is the integration of risk assessment tools, which enriches the shared intelligence with detailed risk information, supporting an informed decision-making. The platform encompasses a user-friendly dashboard and a robust backend, streamlining the threat intelligence cycle and transforming raw data coming from diverse sources into actionable insights. Overall the CTI4BC platform presents a solution to overcome challenges in the CTI sharing, contributing to a more resilient cybersecurity domain.
References
[1]
Elias Bou-Harb, Walter Lucia, Nicola Forti, Sean Weerakkody, Nasir Ghani, and Bruno Sinopoli. 2017. Cyber Meets Control: A Novel Federated Approach for Resilient CPS Leveraging Real Cyber Threat Intelligence. IEEE Communications Magazine 55, 5 (2017), 198–204. https://doi.org/10.1109/MCOM.2017.1600292CM
[2]
Thanasis Chantzios., Paris Koloveas., Spiros Skiadopoulos., Nikos Kolokotronis., Christos Tryfonopoulos., Vasiliki-Georgia Bilali., and Dimitris Kavallieros.2019. The Quest for the Appropriate Cyber-threat Intelligence Sharing Platform. In Proceedings of the 8th International Conference on Data Science, Technology and Applications - DATA. INSTICC, SciTePress, 369–376. https://doi.org/10.5220/0007978103690376
[3]
Django Software Foundation. 2024. Django Documentation. https://docs.djangoproject.com/en/3.2/ Accessed: 2024-03-28.
[4]
Facebook, Inc.2024. React - A JavaScript library for building user interfaces. https://reactjs.org/. Accessed: 2024-03-28.
[5]
MISP Project. 2024. MISP - Malware Information Sharing Platform and Threat Sharing. https://www.misp-project.org/. Accessed: 2024-03-28.
[6]
Georgios Sakellariou, Panagiotis Fouliras, Ioannis Mavridis, and Panagiotis Sarigiannidis. 2022. A Reference Model for Cyber Threat Intelligence (CTI) Systems. Electronics 11, 9 (April 2022), 1401. https://doi.org/10.3390/electronics11091401
[7]
The Apache Software Foundation. 2024. Apache Kafka. https://kafka.apache.org/. Accessed: 2024-03-28.
[8]
Cynthia Wagner, Alexandre Dulaunoy, Gérard Wagener, and Andras Iklody. 2016. MISP: The Design and Implementation of a Collaborative Threat Intelligence Sharing Platform. In Proceedings of the 2016 ACM on Workshop on Information Sharing and Collaborative Security (Vienna, Austria) (WISCS ’16). Association for Computing Machinery, New York, NY, USA, 49–56. https://doi.org/10.1145/2994539.2994542
Index Terms
- Towards the adoption of automated cyber threat intelligence information sharing with integrated risk assessment
Recommendations
Risk Assessment of Sharing Cyber Threat Intelligence
Computer SecurityAbstractSharing Cyber Threat Intelligence (CTI) is advocated to get better defence against new sophisticated cyber-attacks. CTI may contain critical information about the victim infrastructure, existing vulnerabilities and business processes so sharing ...
The AI-Based Cyber Threat Landscape: A Survey
Recent advancements in artificial intelligence (AI) technologies have induced tremendous growth in innovation and automation. Although these AI technologies offer significant benefits, they can be used maliciously. Highly targeted and evasive attacks in ...
Cyber threat intelligence sharing: Survey and research directions
AbstractCyber Threat Intelligence (CTI) sharing has become a novel weapon in the arsenal of cyber defenders to proactively mitigate increasing cyber attacks. Automating the process of CTI sharing, and even the basic consumption, has raised new ...
Comments
Information & Contributors
Information
Published In
July 2024
2032 pages
ISBN:9798400717185
DOI:10.1145/3664476
Copyright © 2024 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 30 July 2024
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
Conference
ARES 2024
ARES 2024: The 19th International Conference on Availability, Reliability and Security
July 30 - August 2, 2024
Vienna, Austria
Acceptance Rates
Overall Acceptance Rate 228 of 451 submissions, 51%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 29Total Downloads
- Downloads (Last 12 months)29
- Downloads (Last 6 weeks)25
Reflects downloads up to 15 Sep 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format