{"title":"基于众包OSINT的低成本威胁情报平台","authors":"Alexander Khalil Daou, Fudong Li, S. Shiaeles","doi":"10.1109/CSR57506.2023.10225008","DOIUrl":null,"url":null,"abstract":"Cyberattacks are a primary concern for organisations of all kinds, costing billions of dollars globally each year. As more businesses begin operating online, and as attackers develop more advanced malware and evolve their modus operandi, the demand for effective cyber security measures grows exponentially. One such measure is the threat intelligence platform (TIP): a system which gathers and presents information about current cyber threats, providing actionable insight to aid security teams in employing a more proactive approach to thwarting attacks. These platforms and their accompanying intelligence feeds can be costly when purchased from a commercial vendor, creating a financial barrier for small and medium-sized enterprises. This paper explores the use of crowdsourced open-source intelligence (OSINT) as an alternative to commercial threat intelligence. A model TIP is developed using a combination of crowdsourced OSINT, freeware, and cloud services, demonstrating the feasibility and benefits of using OSINT over commercial solutions. The developed TIP is evaluated using a dataset containing 16,713 malware samples collected via the MalwareBazaar repository.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"210 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Cost-Efficient Threat Intelligence Platform Powered by Crowdsourced OSINT\",\"authors\":\"Alexander Khalil Daou, Fudong Li, S. Shiaeles\",\"doi\":\"10.1109/CSR57506.2023.10225008\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cyberattacks are a primary concern for organisations of all kinds, costing billions of dollars globally each year. As more businesses begin operating online, and as attackers develop more advanced malware and evolve their modus operandi, the demand for effective cyber security measures grows exponentially. One such measure is the threat intelligence platform (TIP): a system which gathers and presents information about current cyber threats, providing actionable insight to aid security teams in employing a more proactive approach to thwarting attacks. These platforms and their accompanying intelligence feeds can be costly when purchased from a commercial vendor, creating a financial barrier for small and medium-sized enterprises. This paper explores the use of crowdsourced open-source intelligence (OSINT) as an alternative to commercial threat intelligence. A model TIP is developed using a combination of crowdsourced OSINT, freeware, and cloud services, demonstrating the feasibility and benefits of using OSINT over commercial solutions. The developed TIP is evaluated using a dataset containing 16,713 malware samples collected via the MalwareBazaar repository.\",\"PeriodicalId\":354918,\"journal\":{\"name\":\"2023 IEEE International Conference on Cyber Security and Resilience (CSR)\",\"volume\":\"210 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-07-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 IEEE International Conference on Cyber Security and Resilience (CSR)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSR57506.2023.10225008\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSR57506.2023.10225008","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Cost-Efficient Threat Intelligence Platform Powered by Crowdsourced OSINT
Cyberattacks are a primary concern for organisations of all kinds, costing billions of dollars globally each year. As more businesses begin operating online, and as attackers develop more advanced malware and evolve their modus operandi, the demand for effective cyber security measures grows exponentially. One such measure is the threat intelligence platform (TIP): a system which gathers and presents information about current cyber threats, providing actionable insight to aid security teams in employing a more proactive approach to thwarting attacks. These platforms and their accompanying intelligence feeds can be costly when purchased from a commercial vendor, creating a financial barrier for small and medium-sized enterprises. This paper explores the use of crowdsourced open-source intelligence (OSINT) as an alternative to commercial threat intelligence. A model TIP is developed using a combination of crowdsourced OSINT, freeware, and cloud services, demonstrating the feasibility and benefits of using OSINT over commercial solutions. The developed TIP is evaluated using a dataset containing 16,713 malware samples collected via the MalwareBazaar repository.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
