On the assessment of completeness and timeliness of actionable cyber threat intelligence artefacts
Authors: Yucel, C., Chalkias, I., Mallis, D., Karagiannis, E., Cetinkaya, D., Katos, V.
Journal: Communications in Computer and Information Science
Publication Date: 01/01/2020
Volume: 1284 CCIS
Pages: 51-66
eISSN: 1865-0937
ISSN: 1865-0929
DOI: 10.1007/978-3-030-59000-0_5
Abstract:In this paper we propose an approach for hunting adversarial tactics, techniques and procedures by leveraging information described in structured cyber threat intelligence models. We focused on the properties of timeliness and completeness of cyber threat intelligence indicators to drive the discovery of tactics, techniques and procedures placed highly on the so-called Pyramid of Pain. We used the unit 42 playbooks dataset to evaluate the proposed approach and illustrate the limitations and opportunities of a systematic intelligence sharing process for high pain tactics, techniques and procedures discovery. We applied the Levenshtein Distance in order to present a metric between the attack vectors constructed from the kill chain phases for completeness and timeliness.
https://eprints.bournemouth.ac.uk/34259/
Source: Scopus
On the assessment of completeness and timeliness of actionable cyber threat intelligence artefacts
Authors: Yucel, C., Chalkias, I., Mallis, D., Karagiannis, E., Cetinkaya, D., Katos, V.
Conference: Multimedia Communications, Services & Security (MCSS'20)
Dates: 08/10/2020
Journal: Springer
Publication Date: 06/10/2020
https://eprints.bournemouth.ac.uk/34259/
Source: Manual
On the Assessment of Completeness and Timeliness of Actionable Cyber Threat Intelligence Artefacts.
Authors: Yucel, C., Chalkias, I., Mallis, D., Karagiannis, E., Cetinkaya, D., Katos, V.
Editors: Dziech, A., Mees, W., Czyzewski, A.
Journal: MCSS
Publication Date: 2020
Volume: 1284
Pages: 51-66
Publisher: Springer
ISBN: 978-3-030-58999-8
https://eprints.bournemouth.ac.uk/34259/
https://doi.org/10.1007/978-3-030-59000-0
Source: DBLP