Abstract
This paper proposes semantic approach to manage cyber threat intelligence (CTI). The economic rational is presented as well as functional needs. Several cases of domain standards, tools and practices are modeled as a representation of the CTI sub-domain. This work focuses on the technical and operational CTI that is common to most organizations.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Shackleford, D.: Who’s Using Cyberthreat Intelligence and How ? (2015)
Brown, S., Gommers, J., Serrano, O.: From cyber security information sharing to threat management. In: Proceedings of the 2nd ACM Workshop on Information Sharing and Collaborative Security, pp. 43–49 (2015)
Goel, S.: Cyberwarfare: connecting the dots in cyber intelligence. Commun. ACM 54, 132 (2011)
Chimson, D., Ruks, M.: Threat Intelligence: Collecting, Analysing, Evaluating (2015)
Berners-Lee, T., Hendler, J., Lassila, O.: The semantic web. Sci. Am. 284, 34–43 (2001)
Connolly, J., Davidson, M., Matt, R., Clem, S.: The Trusted Automated eXchange of Indicator Information (TAXII) (2012)
Porche, I.: Emerging cyber threats and implications. Rand Corp. 8, 14 (2016)
Johnson, C., Badger, L., Waltermire, D., Snyder, J., Skorupka, C.: Guide to Cyber Threat Information Sharing NIST Special Publication 800-150 Guide to Cyber Threat Information Sharing (2016)
Lee, R.M., Bianco, D.: Generating Hypotheses for Successful Threat Hunting (2016)
CERT-UK, CISCP: An Introduction to threat intelligence. Searchsecurity Buyers Guide 7 (2016)
Barnum, S.: STIX Whitepaper
Paterva: Maltego. https://www.paterva.com/web7/
Hayes, D.R., Cappa, F.: Open-source intelligence for risk assessment. Bus. Horiz. 61, 689–697 (2018)
Quick, D., Choo, K.-K.R.: Digital forensic intelligence: data subsets and open source intelligence (DFINT + OSINT): a timely and cohesive mix. Futur. Gener. Comput. Syst. 78, 558–567 (2018)
Shadbolt, N., Berners-Lee, T., Hall, W.: The semantic web revisited. IEEE Intell. Syst. 21, 96–101 (2006)
Kim, N., Kim, B., Lee, S., Cho, H., Park, J.: Design of a cyber threat intelligence. Int. J. Innov. Res. Technol. Sci. 5 (2017)
Aviad, A., Węcel, K., Abramowicz, W.: A semantic approach to modelling of cybersecurity domain. J. Inf. Warf. 15, 91–102 (2016)
Hevner, A.R., March, S.T., Park, J., Ram, S.: Design science in information systems research. MIS Q. 28, 75–105 (2004)
Kaplanski, P., Weichbroth, P.: Cognitum ontorion: knowledge representation and reasoning system. Stud. Comput. Intell. 658, 27–43 (2017)
Clark, R.M.: Intelligence Analysis: A Target-centric Approach. CQ Press, Washington (2013)
Antoniou, G., Van Harmelen, F.: A Semantic Web Primer (2008)
Verizon: 2016 Data Breach Investigations Report (2016)
Michel, F., Montagnat, J., Faron-Zucker, C.: A survey of RDB to RDF translation approaches and tools. Informatique, Signaux Et Systèmes, p. 23 (2014)
Hert, M., Reif, G., Gall, H.: A comparison of RDB-to-RDF mapping languages. In: Proceedings of the 7th International Conference on Semantic Systems- I-Semantics, pp. 25–32 (2011)
The White House, Office of the Press Secretary: Cyber Threat Intelligence Integration Center
Kirillov, I.A., Chase, P., Beck, D., Martin, R.: Malware Attribute Enumeration and Characterization (2016)
MITRE: CAPEC - About CAPEC
OWASP: OWASP Top 10 – 2013 (2003)
WASC: The WASC Threat Classification v2.0
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Aviad, A., Węcel, K. (2019). Cyber Treat Intelligence Modeling. In: Abramowicz, W., Corchuelo, R. (eds) Business Information Systems. BIS 2019. Lecture Notes in Business Information Processing, vol 353. Springer, Cham. https://doi.org/10.1007/978-3-030-20485-3_28
Download citation
DOI: https://doi.org/10.1007/978-3-030-20485-3_28
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-20484-6
Online ISBN: 978-3-030-20485-3
eBook Packages: Computer ScienceComputer Science (R0)