What is it about?
This work presents a platform to enrich the data quality of Cyber Threat Intelligence (CTI), by removing irrelevant information carried out in security events, uniformising the tags of such events through a single unified cyber threat taxonomy we propose, and enriching the resulting new events with external data, generating thus quality CTI
Featured Image
Photo by Stillness InMotion on Unsplash
Why is it important?
Nowadays, cyber security is of the utmost importance for any organisation. Providing them with quality CTI will improve their security incident response and CTI analysis faster.
Perspectives
Writing this article allowed me to reach the idea that CTI could be improved by trimming the irrelevant information it carries, for one hand, and tagging it through a single and unified cyber threat taxonomy (instead of using several taxonomies to label the same incident with different manners). Such improvements will benefit the work and effort of security analysts, as they do not need to analyze all the data contained in an event. I hope this article can help those who work in the cyber security area.
Iberia Medeiros
Faculty of Sciences of University of Lisbon
Read the Original
This page is a summary of: Generating Quality Threat Intelligence Leveraging OSINT and a Cyber Threat Unified Taxonomy, ACM Transactions on Privacy and Security, May 2022, ACM (Association for Computing Machinery),
DOI: 10.1145/3530977.
You can read the full text:
Contributors
The following have contributed to this page
