网络威胁情报产品和服务选择的多属性方法

IF 1.2 4区计算机科学 Q4 AUTOMATION & CONTROL SYSTEMS

Studies in Informatics and Control Pub Date : 2022-03-30 DOI:10.24846/v31i1y202202

A. Vevera, Carmen Elena Cîrnu, C. Rădulescu

{"title":"网络威胁情报产品和服务选择的多属性方法","authors":"A. Vevera, Carmen Elena Cîrnu, C. Rădulescu","doi":"10.24846/v31i1y202202","DOIUrl":null,"url":null,"abstract":": Cyber Threat Intelligence (CTI) is a significant field in Cyber Security research. It enables organizations to share threat data and allow a proactive defence against sophisticated intrusion attempts. The wide variety in the CTI products and services offered by different providers from the market, makes it difficult for the security experts to decide which CTI provider is the most suitable according to their security program requirements. CTI products and services provider selection is a complex decision-making problem that involves multiple criteria. The aim of the present paper is to propose a multi- attribute approach based on the VIKOR method for CTI providers ranking and selection, according to a set of criteria. A case study based on the users’ evaluations reviews about the security threats intelligence providers is studied. The impact of the VIKOR user parameter variation on the CTI providers ranking is analysed. The proposed approach is a support tool for the security program leaders faced with the decision of selecting the CTI providers. It also helps the CTI service providers to improve the quality of their products and services.","PeriodicalId":49466,"journal":{"name":"Studies in Informatics and Control","volume":" ","pages":""},"PeriodicalIF":1.2000,"publicationDate":"2022-03-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"A Multi-Attribute Approach for Cyber Threat Intelligence Product and Services Selection\",\"authors\":\"A. Vevera, Carmen Elena Cîrnu, C. Rădulescu\",\"doi\":\"10.24846/v31i1y202202\",\"DOIUrl\":null,\"url\":null,\"abstract\":\": Cyber Threat Intelligence (CTI) is a significant field in Cyber Security research. It enables organizations to share threat data and allow a proactive defence against sophisticated intrusion attempts. The wide variety in the CTI products and services offered by different providers from the market, makes it difficult for the security experts to decide which CTI provider is the most suitable according to their security program requirements. CTI products and services provider selection is a complex decision-making problem that involves multiple criteria. The aim of the present paper is to propose a multi- attribute approach based on the VIKOR method for CTI providers ranking and selection, according to a set of criteria. A case study based on the users’ evaluations reviews about the security threats intelligence providers is studied. The impact of the VIKOR user parameter variation on the CTI providers ranking is analysed. The proposed approach is a support tool for the security program leaders faced with the decision of selecting the CTI providers. It also helps the CTI service providers to improve the quality of their products and services.\",\"PeriodicalId\":49466,\"journal\":{\"name\":\"Studies in Informatics and Control\",\"volume\":\" \",\"pages\":\"\"},\"PeriodicalIF\":1.2000,\"publicationDate\":\"2022-03-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Studies in Informatics and Control\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.24846/v31i1y202202\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"AUTOMATION & CONTROL SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Studies in Informatics and Control","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.24846/v31i1y202202","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"AUTOMATION & CONTROL SYSTEMS","Score":null,"Total":0}

引用次数: 1

摘要

：网络威胁情报（CTI）是网络安全研究的一个重要领域。它使组织能够共享威胁数据，并对复杂的入侵企图进行主动防御。市场上不同的提供商提供的CTI产品和服务种类繁多，这使得安全专家很难根据他们的安全计划要求来决定哪家CTI提供商最合适。CTI产品和服务提供商的选择是一个复杂的决策问题，涉及多个标准。本文的目的是在VIKOR方法的基础上，根据一组标准，提出一种多属性的CTI提供商排名和选择方法。研究了一个基于用户对安全威胁情报提供者评价的案例研究。分析了VIKOR用户参数变化对CTI提供商排名的影响。所提出的方法为面临选择CTI提供商决策的安全项目领导者提供了支持工具。它还帮助CTI服务提供商提高其产品和服务的质量。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A Multi-Attribute Approach for Cyber Threat Intelligence Product and Services Selection

: Cyber Threat Intelligence (CTI) is a significant field in Cyber Security research. It enables organizations to share threat data and allow a proactive defence against sophisticated intrusion attempts. The wide variety in the CTI products and services offered by different providers from the market, makes it difficult for the security experts to decide which CTI provider is the most suitable according to their security program requirements. CTI products and services provider selection is a complex decision-making problem that involves multiple criteria. The aim of the present paper is to propose a multi- attribute approach based on the VIKOR method for CTI providers ranking and selection, according to a set of criteria. A case study based on the users’ evaluations reviews about the security threats intelligence providers is studied. The impact of the VIKOR user parameter variation on the CTI providers ranking is analysed. The proposed approach is a support tool for the security program leaders faced with the decision of selecting the CTI providers. It also helps the CTI service providers to improve the quality of their products and services.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Studies in Informatics and Control AUTOMATION & CONTROL SYSTEMS-OPERATIONS RESEARCH & MANAGEMENT SCIENCE

CiteScore

2.70

自引率

25.00%

发文量

审稿时长

>12 weeks

期刊介绍： Studies in Informatics and Control journal provides important perspectives on topics relevant to Information Technology, with an emphasis on useful applications in the most important areas of IT. This journal is aimed at advanced practitioners and researchers in the field of IT and welcomes original contributions from scholars and professionals worldwide. SIC is published both in print and online by the National Institute for R&D in Informatics, ICI Bucharest. Abstracts, full text and graphics of all articles in the online version of SIC are identical to the print version of the Journal.