A Study on a Cyber Threat Intelligence Analysis (CTI) Platform for the Proactive Detection of Cyber Attacks Based on Automated Analysis

Abstract

This paper proposes an automated cyberattack analysis platform that is designed to analyze and respond to cyberattacks, which are becoming ever more intelligent and advanced. The ICT information generated during previous cyberattacks will be collected to analyze cyberattacks automatically, and the relationship between the collected information, level of re-exploitation, and similar ICT information among cyberattacks will be automatically analyzed. If the values that are currently being monitored are entered into the developed platform, the most similar cyberattacks in the past and the current phase of attacks will be provided to the analyst. In addition, a system capable of blocking attacks in advance before damages are caused could be developed by providing response/analysis guideline information on the potential future attack inflow.