A Comprehensive Dynamic Quality Assessment Method for Cyber Threat Intelligence

2022 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W) Pub Date : 2022-06-01 DOI:10.1109/dsn-w54100.2022.00037

Menghan Wang, Libin Yang, W. Lou

{"title":"A Comprehensive Dynamic Quality Assessment Method for Cyber Threat Intelligence","authors":"Menghan Wang, Libin Yang, W. Lou","doi":"10.1109/dsn-w54100.2022.00037","DOIUrl":null,"url":null,"abstract":"Extraordinary growth of the Internet poses a great challenge for defending worldwide evolution of cyber attacks. Introducing cyber threat intelligence (CTI) is a promising approach for alleviating malicious attacks, which heavily relies on the quality of CTI themselves. However, most of current studies develop CTI quality assessment from the perspective of source or content separately, regardless of their availability in practical. In this paper, a dynamic method named CTIC to comprehensively assess CTI quality is proposed. Specifically, we propose a novel CTI feed assessing scheme by modeling the interactions of feeds as a correlation graph. An iterative algorithm is elaborated to depict the feed quality precisely. We design a CTI content assessing scheme together with a machine learning algorithm to score the availability of content from multi-dimensions. Experimental results on real data confirm our proposed mechanism can quantitatively as well as effectively assess CTI quality.","PeriodicalId":349937,"journal":{"name":"2022 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/dsn-w54100.2022.00037","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Extraordinary growth of the Internet poses a great challenge for defending worldwide evolution of cyber attacks. Introducing cyber threat intelligence (CTI) is a promising approach for alleviating malicious attacks, which heavily relies on the quality of CTI themselves. However, most of current studies develop CTI quality assessment from the perspective of source or content separately, regardless of their availability in practical. In this paper, a dynamic method named CTIC to comprehensively assess CTI quality is proposed. Specifically, we propose a novel CTI feed assessing scheme by modeling the interactions of feeds as a correlation graph. An iterative algorithm is elaborated to depict the feed quality precisely. We design a CTI content assessing scheme together with a machine learning algorithm to score the availability of content from multi-dimensions. Experimental results on real data confirm our proposed mechanism can quantitatively as well as effectively assess CTI quality.

查看原文本刊更多论文

网络威胁情报综合动态质量评估方法

互联网的飞速发展对防御全球范围内网络攻击的演变提出了巨大挑战。引入网络威胁情报(CTI)是缓解恶意攻击的一种很有前途的方法，但这在很大程度上依赖于CTI本身的质量。然而，目前的研究大多是从来源或内容的角度单独开展CTI质量评估，而没有考虑其在实际中的可用性。本文提出了一种综合评价CTI质量的动态方法CTIC。具体而言，我们提出了一种新的CTI馈送评估方案，该方案将馈送之间的相互作用建模为相关图。提出了一种精确描述进给质量的迭代算法。我们设计了CTI内容评估方案和机器学习算法，从多维度对内容的可用性进行评分。在实际数据上的实验结果表明，本文提出的机制能够定量、有效地评价CTI质量。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2022 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W)

自引率

0.00%

发文量