TY - GEN
T1 - A Comprehensive Dynamic Quality Assessment Method for Cyber Threat Intelligence
AU - Wang, Menghan
AU - Yang, Libin
AU - Lou, Wei
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - Extraordinary growth of the Internet poses a great challenge for defending worldwide evolution of cyber attacks. Introducing cyber threat intelligence (CTI) is a promising approach for alleviating malicious attacks, which heavily relies on the quality of CTI themselves. However, most of current studies develop CTI quality assessment from the perspective of source or content separately, regardless of their availability in practical. In this paper, a dynamic method named CTIC to comprehensively assess CTI quality is proposed. Specifically, we propose a novel CTI feed assessing scheme by modeling the interactions of feeds as a correlation graph. An iterative algorithm is elaborated to depict the feed quality precisely. We design a CTI content assessing scheme together with a machine learning algorithm to score the availability of content from multi-dimensions. Experimental results on real data confirm our proposed mechanism can quantitatively as well as effectively assess CTI quality.
AB - Extraordinary growth of the Internet poses a great challenge for defending worldwide evolution of cyber attacks. Introducing cyber threat intelligence (CTI) is a promising approach for alleviating malicious attacks, which heavily relies on the quality of CTI themselves. However, most of current studies develop CTI quality assessment from the perspective of source or content separately, regardless of their availability in practical. In this paper, a dynamic method named CTIC to comprehensively assess CTI quality is proposed. Specifically, we propose a novel CTI feed assessing scheme by modeling the interactions of feeds as a correlation graph. An iterative algorithm is elaborated to depict the feed quality precisely. We design a CTI content assessing scheme together with a machine learning algorithm to score the availability of content from multi-dimensions. Experimental results on real data confirm our proposed mechanism can quantitatively as well as effectively assess CTI quality.
KW - Cyber threat intelligence
KW - dynamic
KW - graph
KW - machine learning
KW - quality assessment
UR - http://www.scopus.com/inward/record.url?scp=85136130366&partnerID=8YFLogxK
U2 - 10.1109/DSN-W54100.2022.00037
DO - 10.1109/DSN-W54100.2022.00037
M3 - Conference article published in proceeding or book
AN - SCOPUS:85136130366
T3 - Proceedings - 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshop Volume, DSN-W 2022
SP - 178
EP - 181
BT - Proceedings - 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshop Volume, DSN-W 2022
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 52nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshop, DSN-W 2022
Y2 - 27 June 2022 through 30 June 2022
ER -