Actionable Intelligence-Oriented Cyber Threat Modeling Framework

Shin, Bongsik
Elkins, Aaron
Larson, Lance
Cameron, Lance
Perez, Marc
Journal Title
Journal ISSN
Volume Title
Amid the growing challenges of cybersecurity, the new paradigm of cyber threat intelligence (or CTI) has gained momentum to better deal with cyber threats. There, however, has been one fundamental and very practical problem of information overload organizations face in constructing an effective CTI program. We developed a cyber threat intelligence prototype that automatically and dynamically performs the correlation of business assets, vulnerabilities, and cyber threat information in a scoped setting to remediate the challenge of information overload. Conveniently called TIME (for Threat Intelligence Modeling Environment), it repeats the cycle of: (1) collect internal asset data; (2) gather vulnerability and threat data; (3) correlate vulnerabilities with assets; and (4) derive CTI and alerts significant internal asset-related vulnerabilities in a timely manner. For this, it takes advantage of CTI reports produced by online sites and several NIST standards intended to formalize vulnerability and threat management.
Organizational Cybersecurity: Advanced Cyber Defense, Cyber Analytics, and Security Operations, cybersecurity, cyber threat intelligence, information security, threat intelligence
Access Rights
Email if you need this content in ADA-compliant format.