Author:
Sahrom Abu Md,Rahayu Selamat Siti,Ariffin Aswami,Yusof Robiah
Abstract
Today threat landscape evolving at the rapid rate with many organization continuously face complex and malicious cyber threats. Cybercriminal equipped by better skill, organized and well-funded than before. Cyber Threat Intelligence (CTI) has become a hot topic and being under consideration for many organization to counter the rise of cyber-attacks. The aim of this paper is to review the existing research related to CTI. Through the literature review process, the most basic question of what CTI is examines by comparing existing definitions to find common ground or disagreements. It is found that both organization and vendors lack a complete understanding of what information is considered to be CTI, hence more research is needed in order to define CTI. This paper also identified current CTI product and services that include threat intelligence data feeds, threat intelligence standards and tools that being used in CTI. There is an effort by specific industry to shared only relevance threat intelligence data feeds such as Financial Services Information Sharing and Analysis Center (FS-ISAC) that collaborate on critical security threats facing by global financial services sector only. While research and development center such as MITRE working in developing a standards format (e.g.; STIX, TAXII, CybOX) for threat intelligence sharing to solve interoperability issue between threat sharing peers. Based on the review for CTI definition, standards and tools, this paper identifies four research challenges in cyber threat intelligence and analyses contemporary work carried out in each. With an organization flooded with voluminous of threat data, the requirement for qualified threat data analyst to fully utilize CTI and turn the data into actionable intelligence become more important than ever. The data quality is not a new issue but with the growing adoption of CTI, further research in this area is needed.
Publisher
Institute of Advanced Engineering and Science
Subject
Electrical and Electronic Engineering,Control and Optimization,Computer Networks and Communications,Hardware and Architecture,Information Systems,Signal Processing
Cited by
41 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. FOCUS: Fatigue-Reducing IOCs Through Prioritization and Scoring;2023 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech);2023-11-14
2. Risk Management in the Current Digital Reality of Organizations;Contemporary Challenges for Cyber Security and Data Privacy;2023-10-16
3. Explainable cyber threat behavior identification based on self-adversarial topic generation;Computers & Security;2023-09
4. Correlating Decision Theory with Cyber Threat Intelligence: Novel Perspectives;IRO Journal on Sustainable Wireless Systems;2023-09
5. An Exploratory Study on the Use of Threat Intelligence Sharing Platforms in Germany, Austria and Switzerland;Proceedings of the 18th International Conference on Availability, Reliability and Security;2023-08-29