Poopak Alaeifar , Shantanu Pal , Zahra Jadidi , Mukhtar Hussain , Ernest Foo
{"title":"网络威胁情报共享的当前方法和未来方向:调查","authors":"Poopak Alaeifar , Shantanu Pal , Zahra Jadidi , Mukhtar Hussain , Ernest Foo","doi":"10.1016/j.jisa.2024.103786","DOIUrl":null,"url":null,"abstract":"<div><p>Cyber Threat Intelligence (CTI) is essential knowledge concerning cyber and physical threats aimed at mitigating potential cyber attacks. The rapid evolution of Information and Communications Technology (ICT), the Internet of Things (IoT), and Industry 5.0 has spawned a multitude of sources regarding current or potential cyber threats against organizations. Consequently, CTI sharing among organizations holds considerable promise for facilitating swift responses to attacks and enabling mutual benefits through active participation. However, exchanging CTI among different organizations poses significant challenges, including legal and regulatory obligations, interoperability standards, and data reliability. The current CTI sharing landscape remains inadequately explored, hindering a comprehensive examination of organizations’ critical needs and the challenges they encounter during CTI sharing. This paper presents a comprehensive survey on CTI sharing, beginning with an exploration of CTI fundamentals and its advancements in assessing cyber and physical threats and threat actors from various perspectives. For instance, we discuss the benefits of CTI, its applications, and diverse CTI sharing architectures. Additionally, we extensively discuss a list of CTI sharing challenges and evaluate how available CTI sharing proposals address these challenges. Finally, we provide an inventory of unique future research directions to offer insightful guidelines for CTI sharing.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"83 ","pages":"Article 103786"},"PeriodicalIF":3.8000,"publicationDate":"2024-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2214212624000899/pdfft?md5=2ea406819c601d78af91b9fc6cd88be8&pid=1-s2.0-S2214212624000899-main.pdf","citationCount":"0","resultStr":"{\"title\":\"Current approaches and future directions for Cyber Threat Intelligence sharing: A survey\",\"authors\":\"Poopak Alaeifar , Shantanu Pal , Zahra Jadidi , Mukhtar Hussain , Ernest Foo\",\"doi\":\"10.1016/j.jisa.2024.103786\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>Cyber Threat Intelligence (CTI) is essential knowledge concerning cyber and physical threats aimed at mitigating potential cyber attacks. The rapid evolution of Information and Communications Technology (ICT), the Internet of Things (IoT), and Industry 5.0 has spawned a multitude of sources regarding current or potential cyber threats against organizations. Consequently, CTI sharing among organizations holds considerable promise for facilitating swift responses to attacks and enabling mutual benefits through active participation. However, exchanging CTI among different organizations poses significant challenges, including legal and regulatory obligations, interoperability standards, and data reliability. The current CTI sharing landscape remains inadequately explored, hindering a comprehensive examination of organizations’ critical needs and the challenges they encounter during CTI sharing. This paper presents a comprehensive survey on CTI sharing, beginning with an exploration of CTI fundamentals and its advancements in assessing cyber and physical threats and threat actors from various perspectives. For instance, we discuss the benefits of CTI, its applications, and diverse CTI sharing architectures. Additionally, we extensively discuss a list of CTI sharing challenges and evaluate how available CTI sharing proposals address these challenges. Finally, we provide an inventory of unique future research directions to offer insightful guidelines for CTI sharing.</p></div>\",\"PeriodicalId\":48638,\"journal\":{\"name\":\"Journal of Information Security and Applications\",\"volume\":\"83 \",\"pages\":\"Article 103786\"},\"PeriodicalIF\":3.8000,\"publicationDate\":\"2024-05-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://www.sciencedirect.com/science/article/pii/S2214212624000899/pdfft?md5=2ea406819c601d78af91b9fc6cd88be8&pid=1-s2.0-S2214212624000899-main.pdf\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Information Security and Applications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2214212624000899\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212624000899","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
Current approaches and future directions for Cyber Threat Intelligence sharing: A survey
Cyber Threat Intelligence (CTI) is essential knowledge concerning cyber and physical threats aimed at mitigating potential cyber attacks. The rapid evolution of Information and Communications Technology (ICT), the Internet of Things (IoT), and Industry 5.0 has spawned a multitude of sources regarding current or potential cyber threats against organizations. Consequently, CTI sharing among organizations holds considerable promise for facilitating swift responses to attacks and enabling mutual benefits through active participation. However, exchanging CTI among different organizations poses significant challenges, including legal and regulatory obligations, interoperability standards, and data reliability. The current CTI sharing landscape remains inadequately explored, hindering a comprehensive examination of organizations’ critical needs and the challenges they encounter during CTI sharing. This paper presents a comprehensive survey on CTI sharing, beginning with an exploration of CTI fundamentals and its advancements in assessing cyber and physical threats and threat actors from various perspectives. For instance, we discuss the benefits of CTI, its applications, and diverse CTI sharing architectures. Additionally, we extensively discuss a list of CTI sharing challenges and evaluate how available CTI sharing proposals address these challenges. Finally, we provide an inventory of unique future research directions to offer insightful guidelines for CTI sharing.
期刊介绍:
Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
