| Title | Threat Intelligence Sharing Community: A Countermeasure Against Advanced Persistent Threat |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Chandel, Sonali, Yan, Mengdi, Chen, Shaojun, Jiang, Huan, Ni, Tian-Yi |
| Conference Name | 2019 IEEE Conference on Multimedia Information Processing and Retrieval (MIPR) |
| Keywords | advanced attacking skills, advanced persistent threat, analyzing malicious behavior, APT, APT attack, business data processing, Computer crime, Conferences, cyber attack, cyber-attacks, data sharing, Human Behavior, information processing, intelligence information, low-quality shared intelligence, Metrics, persistent attacking skills, pubcrawl, resilience, Resiliency, Scalability, Sharing Community, threat intelligence, threat intelligence sharing community |
| Abstract | Advanced Persistent Threat (APT) having focused target along with advanced and persistent attacking skills under great concealment is a new trend followed for cyber-attacks. Threat intelligence helps in detecting and preventing APT by collecting a host of data and analyzing malicious behavior through efficient data sharing and guaranteeing the safety and quality of information exchange. For better protection, controlled access to intelligence information and a grading standard to revise the criteria in diagnosis for a security breach is needed. This paper analyses a threat intelligence sharing community model and proposes an improvement to increase the efficiency of sharing by rethinking the size and composition of a sharing community. Based on various external environment variables, it filters the low-quality shared intelligence by grading the trust level of a community member and the quality of a piece of intelligence. We hope that this research can fill in some security gaps to help organizations make a better decision in handling the ever-increasing and continually changing cyber-attacks. |
| DOI | 10.1109/MIPR.2019.00070 |
| Citation Key | chandel_threat_2019 |
Threat Intelligence Sharing Community: A Countermeasure Against Advanced Persistent Threat