Towards an Evaluation Framework for Threat Intelligence Sharing Platforms
| dc.contributor.author | Bauer, Sara | |
| dc.contributor.author | Fischer, Daniel | |
| dc.contributor.author | Sauerwein, Clemens | |
| dc.contributor.author | Latzel, Simon | |
| dc.contributor.author | Stelzer, Dirk | |
| dc.contributor.author | Breu, Ruth | |
| dc.date.accessioned | 2020-01-04T07:32:58Z | |
| dc.date.available | 2020-01-04T07:32:58Z | |
| dc.date.issued | 2020-01-07 | |
| dc.description.abstract | Threat intelligence sharing is an important countermeasure against the increasing number of security threats to which companies and governments are exposed. Its objective is the cross-organizational exchange of information about actual and potential threats. In recent years, a heterogeneous market of threat intelligence sharing platforms (TISPs) has emerged. These platforms are inter-organizational systems that support collaborative collection, aggregation, analysis and dissemination of threat-related information. Organizations that consider using TISPs are often faced with the challenge of selecting suitable platforms. To facilitate the evaluation of threat intelligence sharing platforms, we present a framework for analyzing and comparing relevant TISPs. Our framework provides a set of 25 functional and non-functional criteria that support potential users in selecting suitable platforms. We demonstrate the applicability of our evaluation framework by assessing three platforms: MISP, OTX and ThreatQ. We describe common features and differences between the three platforms. | |
| dc.format.extent | 10 pages | |
| dc.identifier.doi | 10.24251/HICSS.2020.239 | |
| dc.identifier.isbn | 978-0-9981331-3-3 | |
| dc.identifier.uri | http://hdl.handle.net/10125/63978 | |
| dc.language.iso | eng | |
| dc.relation.ispartof | Proceedings of the 53rd Hawaii International Conference on System Sciences | |
| dc.rights | Attribution-NonCommercial-NoDerivatives 4.0 International | |
| dc.rights.uri | https://creativecommons.org/licenses/by-nc-nd/4.0/ | |
| dc.subject | Cybersecurity and Privacy in Government | |
| dc.subject | evaluation framework | |
| dc.subject | information security | |
| dc.subject | security information sharing | |
| dc.subject | threat intelligence sharing | |
| dc.subject | threat intelligence sharing platform | |
| dc.title | Towards an Evaluation Framework for Threat Intelligence Sharing Platforms | |
| dc.type | Conference Paper | |
| dc.type.dcmi | Text |
Files
Original bundle
1 - 1 of 1