A cost-efficient threat intelligence platform powered by crowdsourced OSINT.

Abstract

Cyberattacks are a primary concern for organisations of all kinds, costing billions of dollars globally each year. As more businesses begin operating online, and as attackers develop more advanced malware and evolve their modus operandi, the demand for effective cyber security measures grows exponentially. One such measure is the threat intelligence platform (TIP): a system which gathers and presents information about current cyber threats, providing actionable insight to aid security teams in employing a more proactive approach to thwarting attacks. These platforms and their accompanying intelligence feeds can be costly when purchased from a commercial vendor, creating a financial barrier for small and medium-sized enterprises. This paper explores the use of crowdsourced open-source intelligence (OSINT) as an alternative to commercial threat intelligence. A model TIP is developed using a combination of crowdsourced OSINT, freeware, and cloud services, demonstrating the feasibility and benefits of using OSINT over commercial solutions. The developed TIP is evaluated using a dataset containing 16,713 malware samples collected via the MalwareBazaar repository.