Browse wiki

From Navigators

Jump to: navigation, search
Publication:TrustCom19 pure
Abstract Cybersecurity has become a top priori Cybersecurity has become a top priority for mostorganizations. To more aptly protect themselves, organizationsare moving from reactive to proactive defensive measures. Theyare investing in cyber threat intelligence (CTI) to provide themforewarning about the risks they face, as well as to acceleratetheir response times in the detection of attacks. A mean toobtain CTI is the collection of open source intelligence (OSINT)information via threat intelligence platforms and their repre-sentation as indicators of compromise (IoC). However, most ofthese platforms are providing threat information with little tono processing, presenting thus limitations on generating usefulquality data. This work presents an approach for improvingOSINT processing to generatethreat intelligence of qualityinthe form ofenriched IoCs. This improved intelligence is obtainedby correlating and combining IoCs coming from different OSINTfeeds that contain information about the same threat, aggregatingthem into clusters, and then representing the threat informationcontained within those clusters in a singleenriched IoC. Theapproach was implemented in the PURE platform and evaluatedwith 34 OSINT feeds, which allowed the creation of enrichedIoCs that permitted the identification of attacks not previouslypossible by analyzing the IoCs individuall ble by analyzing the IoCs individuall
Author Rui Azevedo + , Ibéria Medeiros + , Alysson Bessani +
Booktitle In Proceedings of IEEE TrustCom  +
Key TrustCom19 pure  +
Month aug  +
NumPubDate 2,019.08  +
Project Project:DiSIEM +
ResearchLine Fault and Intrusion Tolerance in Open Distributed Systems (FIT) +
Title PURE: Generating Quality Threat Intelligence by Clustering and Correlating OSINT  +
Type inproceedings  +
Year 2019  +
Has improper value forThis property is a special property in this wiki. Url  +
Categories Publication  +
Modification dateThis property is a special property in this wiki. 18 September 2019 00:32:52  +
hide properties that link here 
  No properties link to this page.
 

 

Enter the name of the page to start browsing from.
Views
Personal tools
Toolbox
Navigators toolbox