Actionable Intelligence-Oriented Cyber Threat Modeling Framework

Date
2022-01-04
Authors
Shin, Bongsik
Elkins, Aaron
Larson, Lance
Cameron, Lance
Perez, Marc
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Amid the growing challenges of cybersecurity, the new paradigm of cyber threat intelligence (or CTI) has gained momentum to better deal with cyber threats. There, however, has been one fundamental and very practical problem of information overload organizations face in constructing an effective CTI program. We developed a cyber threat intelligence prototype that automatically and dynamically performs the correlation of business assets, vulnerabilities, and cyber threat information in a scoped setting to remediate the challenge of information overload. Conveniently called TIME (for Threat Intelligence Modeling Environment), it repeats the cycle of: (1) collect internal asset data; (2) gather vulnerability and threat data; (3) correlate vulnerabilities with assets; and (4) derive CTI and alerts significant internal asset-related vulnerabilities in a timely manner. For this, it takes advantage of CTI reports produced by online sites and several NIST standards intended to formalize vulnerability and threat management.
Description
Keywords
Organizational Cybersecurity: Advanced Cyber Defense, Cyber Analytics, and Security Operations, cybersecurity, cyber threat intelligence, information security, threat intelligence
Citation
Rights
Access Rights
Email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.