Tools
ToolsYucel, C., Chalkias, I., Mallis, D., Karagiannis, E., Cetinkaya, D. and Katos, V., 2020. On the assessment of completeness and timeliness of actionable cyber threat intelligence artefacts. In: Multimedia Communications, Services & Security (MCSS'20), 8-9 October 2020, Krakow, Poland.
Full text available as:
|
PDF
MCSS2020_027_v1.pdf - Accepted Version Available under License Creative Commons Attribution Non-commercial. 479kB | |
|
Copyright to original material in this document is with the original owner(s). Access to this content through BURO is granted on condition that you use it only for research, scholarly or other non-commercial purposes. If you wish to use it for any other purposes, you must contact BU via BURO@bournemouth.ac.uk. Any third party copyright material in this document remains the property of its respective owner(s). BU grants no licence for further use of that third party material. |
Abstract
In this paper we propose an approach for hunting adversarial tactics technics and procedures (TTPs) by leveraging information described in structured cyber threat intelligence (CTI) models. We focused on the properties of timeliness and completeness of CTI indicators to drive the discovery of TTPs placed highly on the so-called Pyramid of Pain (PoP). We used the unit42 playbooks dataset to evaluate the proposed approach and illustrate the limitations and opportunities of a systematic intelligence sharing process for high pain TTP discovery.
| Item Type: | Conference or Workshop Item (Paper) |
|---|---|
| Group: | Faculty of Science & Technology |
| ID Code: | 34259 |
| Deposited By: | Symplectic RT2 |
| Deposited On: | 08 Jul 2020 12:08 |
| Last Modified: | 14 Mar 2022 14:23 |
Downloads
Downloads per month over past year
| Repository Staff Only - |