A Methodology to Evaluate Standards and Platforms within Cyber Threat Intelligence
The cyber security landscape is fundamentally changing over the past years. While technology is evolving and new sophisticated applications are being developed, a new threat scenario is emerging in alarming proportions. Sophisticated threats with multi-vectored, multi-staged and polymorphic characte...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2020-06-01
|
| Series: | Future Internet |
| Subjects: | |
| Online Access: | https://www.mdpi.com/1999-5903/12/6/108 |
| _version_ | 1827714310170738688 |
|---|---|
| author | Alessandra de Melo e Silva João José Costa Gondim Robson de Oliveira Albuquerque Luis Javier García Villalba |
| author_facet | Alessandra de Melo e Silva João José Costa Gondim Robson de Oliveira Albuquerque Luis Javier García Villalba |
| author_sort | Alessandra de Melo e Silva |
| collection | DOAJ |
| description | The cyber security landscape is fundamentally changing over the past years. While technology is evolving and new sophisticated applications are being developed, a new threat scenario is emerging in alarming proportions. Sophisticated threats with multi-vectored, multi-staged and polymorphic characteristics are performing complex attacks, making the processes of detection and mitigation far more complicated. Thus, organizations were encouraged to change their traditional defense models and to use and to develop new systems with a proactive approach. Such changes are necessary because the old approaches are not effective anymore to detect advanced attacks. Also, the organizations are encouraged to develop the ability to respond to incidents in real-time using complex threat intelligence platforms. However, since the field is growing rapidly, today Cyber Threat Intelligence concept lacks a consistent definition and a heterogeneous market has emerged, including diverse systems and tools, with different capabilities and goals. This work aims to provide a comprehensive evaluation methodology of threat intelligence standards and cyber threat intelligence platforms. The proposed methodology is based on the selection of the most relevant candidates to establish the evaluation criteria. In addition, this work studies the Cyber Threat Intelligence ecosystem and Threat Intelligence standards and platforms existing in state-of-the-art. |
| first_indexed | 2024-03-10T18:55:59Z |
| format | Article |
| id | doaj.art-12e8b2ace6904b9c887f691e98497ef2 |
| institution | Directory Open Access Journal |
| issn | 1999-5903 |
| language | English |
| last_indexed | 2024-03-10T18:55:59Z |
| publishDate | 2020-06-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Future Internet |
| spelling | doaj.art-12e8b2ace6904b9c887f691e98497ef22023-11-20T04:45:27ZengMDPI AGFuture Internet1999-59032020-06-0112610810.3390/fi12060108A Methodology to Evaluate Standards and Platforms within Cyber Threat IntelligenceAlessandra de Melo e Silva0João José Costa Gondim1Robson de Oliveira Albuquerque2Luis Javier García Villalba3Post Graduation in Electrical Engineering (PPEE), Department of Electrical Engineering, University of Brasília, Brasília 70910-900, BrazilPost Graduation in Electrical Engineering (PPEE), Department of Electrical Engineering, University of Brasília, Brasília 70910-900, BrazilPost Graduation in Electrical Engineering (PPEE), Department of Electrical Engineering, University of Brasília, Brasília 70910-900, BrazilGroup of Analysis, Security and Systems (GASS), Department of Software Engineering and Artificial Intelligence (DISIA), Faculty of Computer Science and Engineering, Office 431, Universidad Complutense de Madrid (UCM), Calle Profesor José García Santesmases, 9, Ciudad Universitaria, 28040 Madrid, SpainThe cyber security landscape is fundamentally changing over the past years. While technology is evolving and new sophisticated applications are being developed, a new threat scenario is emerging in alarming proportions. Sophisticated threats with multi-vectored, multi-staged and polymorphic characteristics are performing complex attacks, making the processes of detection and mitigation far more complicated. Thus, organizations were encouraged to change their traditional defense models and to use and to develop new systems with a proactive approach. Such changes are necessary because the old approaches are not effective anymore to detect advanced attacks. Also, the organizations are encouraged to develop the ability to respond to incidents in real-time using complex threat intelligence platforms. However, since the field is growing rapidly, today Cyber Threat Intelligence concept lacks a consistent definition and a heterogeneous market has emerged, including diverse systems and tools, with different capabilities and goals. This work aims to provide a comprehensive evaluation methodology of threat intelligence standards and cyber threat intelligence platforms. The proposed methodology is based on the selection of the most relevant candidates to establish the evaluation criteria. In addition, this work studies the Cyber Threat Intelligence ecosystem and Threat Intelligence standards and platforms existing in state-of-the-art.https://www.mdpi.com/1999-5903/12/6/108cyber securitycyber threat intelligencethreat intelligence platformthreat intelligence standard |
| spellingShingle | Alessandra de Melo e Silva João José Costa Gondim Robson de Oliveira Albuquerque Luis Javier García Villalba A Methodology to Evaluate Standards and Platforms within Cyber Threat Intelligence Future Internet cyber security cyber threat intelligence threat intelligence platform threat intelligence standard |
| title | A Methodology to Evaluate Standards and Platforms within Cyber Threat Intelligence |
| title_full | A Methodology to Evaluate Standards and Platforms within Cyber Threat Intelligence |
| title_fullStr | A Methodology to Evaluate Standards and Platforms within Cyber Threat Intelligence |
| title_full_unstemmed | A Methodology to Evaluate Standards and Platforms within Cyber Threat Intelligence |
| title_short | A Methodology to Evaluate Standards and Platforms within Cyber Threat Intelligence |
| title_sort | methodology to evaluate standards and platforms within cyber threat intelligence |
| topic | cyber security cyber threat intelligence threat intelligence platform threat intelligence standard |
| url | https://www.mdpi.com/1999-5903/12/6/108 |
| work_keys_str_mv | AT alessandrademeloesilva amethodologytoevaluatestandardsandplatformswithincyberthreatintelligence AT joaojosecostagondim amethodologytoevaluatestandardsandplatformswithincyberthreatintelligence AT robsondeoliveiraalbuquerque amethodologytoevaluatestandardsandplatformswithincyberthreatintelligence AT luisjaviergarciavillalba amethodologytoevaluatestandardsandplatformswithincyberthreatintelligence AT alessandrademeloesilva methodologytoevaluatestandardsandplatformswithincyberthreatintelligence AT joaojosecostagondim methodologytoevaluatestandardsandplatformswithincyberthreatintelligence AT robsondeoliveiraalbuquerque methodologytoevaluatestandardsandplatformswithincyberthreatintelligence AT luisjaviergarciavillalba methodologytoevaluatestandardsandplatformswithincyberthreatintelligence |