Actionable threat intelligence for digital forensics readiness-Reference-Cited by-同舟云学术

Actionable threat intelligence for digital forensics readiness

Published:2019-06-12 Issue:2 Volume:27 Page:273-291
ISSN:2056-4961
Container-title:Information & Computer Security
language:en
Short-container-title:ICS

Author:

Serketzis Nikolaos,Katos Vasilios,Ilioudis Christos,Baltatzis Dimitrios,Pangalos George J.

Abstract

PurposeThe purpose of this paper is to formulate a novel model for enhancing the effectiveness of existing digital forensic readiness (DFR) schemes by leveraging the capabilities of cyber threat information sharing.Design/methodology/approachThis paper uses a quantitative methodology to identify the most popular cyber threat intelligence (CTI) elements and introduces a lightweight approach to correlate those with potential forensic value, resulting in the quick and accurate triaging and identification of patterns of malicious activities.FindingsWhile threat intelligence exchange steadily becomes a common practice for the prevention or detection of security incidents, the proposed approach highlights its usefulness for the digital forensics (DF) domain.Originality/valueThe proposed model can help organizations to improve their DFR posture, and thus minimize the time and cost of cybercrime incidents.

Publisher

Emerald

Subject

Management of Technology and Innovation,Information Systems and Management,Computer Networks and Communications,Information Systems,Software,Management Information Systems

Reference43 articles.

1. Blasco, J. (2009), “Malware: Exploring mutex objects”, Alienvault, available at: www.alienvault.com/blogs/labs-research/malware-exploring-mutex-objects (accessed 11 May 2018).

2. Danyliw, L. Meijer, J. and Demchenko, Y. (2007), “RFC 5070. The incident object description exchange format”, available at: https://tools.ietf.org/html/rfc5070

3. Exploring the opportunities and limitations of current threat intelligence platforms;ENISA,2017

Cited by 11 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. A Systematic Literature Review on Cyber Threat Intelligence for Organizational Cybersecurity Resilience;Sensors;2023-08-19

2. Enhancing Microsoft 365 Security: Integrating Digital Forensics Analysis to Detect and Mitigate Adversarial Behavior Patterns;Forensic Sciences;2023-07-19

3. A comparative study of selected machine learning algorithms for cyber threat detection in open source data;2023 International Conference on Science, Engineering and Business for Sustainable Development Goals (SEB-SDG);2023-04-05

4. SmartValidator: A framework for automatic identification and classification of cyber threat data;Journal of Network and Computer Applications;2022-06

5. FoRePlan: Supporting Digital Forensics Readiness Planning for Internet of Vehicles;25th Pan-Hellenic Conference on Informatics;2021-11-26