Managing Cyber Threat Intelligence in a Graph Database: Methods of Analyzing Intrusion Sets, Threat Actors, and Campaigns

机译：在图形数据库中管理网络威胁情报：分析入侵集，威胁参与者和战役的方法

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Efforts to cope jointly with the ever-increasing number of breach incidents have resulted in the establishment of the standard format and protocol and given birth to many consultative groups. In addition, various channels that distribute Cyber Threat Intelligence information free of charge have emerged, and studies on utilizing such channels have spread. As the market for sharing information professionally is expanding, the need to manage the shared information in various ways in order to achieve better result has arisen. This paper proposes a standardized management structure and method based on the standardized format and a meaning and standard of Cyber Threat Intelligence that can be shared outside when loading OSINT information collected from various channels into the graph database. This paper also proposes a method of supporting the detection provided by existing security equipment with the information saved in the graph database and an effective method of analysis. Lastly, the paper discusses the advantages that can be expected from saving cyber threat information in the graph database developed using information collected from the outside.

机译：与不断增加的违规事件共同应对的努力导致标准格式和协议的建立，并催生了许多咨询小组。此外，已经出现了许多免费分发网络威胁情报信息的渠道，并且有关利用这种渠道的研究也得到了广泛传播。随着专业共享信息的市场不断扩大，已经出现了以各种方式管理共享信息以达到更好效果的需求。本文提出了一种基于标准化格式以及网络威胁情报的含义和标准的标准化管理结构和方法，当从各种渠道收集的OSINT信息加载到图形数据库中时可以在外部共享。本文还提出了一种利用图数据库中存储的信息来支持现有安全设备提供的检测的方法以及一种有效的分析方法。最后，本文讨论了将网络威胁信息保存在使用从外部收集的信息开发的图形数据库中可以预期的优势。

著录项

来源
《International Conference on Platform Technology and Service》|2018年|1-6|共6页
会议地点
作者
Seulgi Lee; Hyeisun Cho; Nakhyun Kim; Byungik Kim; Junhyung Park;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Databases; Malware; Correlation; Tools; Data mining; Cyberattack;

机译：数据库;恶意软件;关联;工具;数据挖掘;网络攻击;

相似文献

外文文献
中文文献
专利

1. Cybersecurity threat intelligence knowledge exchange based on blockchain Proposal of a new incentive model based on blockchain and Smart contracts to foster the cyber threat and risk intelligence exchange of information [J] . Riesco R., Larriva-Novo X., Villagra V. A. Telecommunication systems: Modeling, Analysis, Design and Management . 2020,第2期

机译：网络安全威胁情报知识交流基于区块链提案，基于区块链和智能合同，促进网络威胁和风险智能交流信息
2. SPCTA: An Analytical Framework for Analyzing Cyber Threats by Non-State Actors [J] . Harry Brown Ⅲ International Journal of Cyber Warfare and Terrorism . 2016,第2期

机译：SPCTA：分析非国家行为者网络威胁的分析框架
3. TIMiner: Automatically extracting and analyzing categorized cyber threat intelligence from social data [J] . Jun Zhao, Qiben Yan, Jianxin Li, Computers & Security . 2020,第Auga期

机译：TIMINER：自动提取和分析社交数据中分类的网络威胁情报
4. Managing Cyber Threat Intelligence in a Graph Database: Methods of Analyzing Intrusion Sets, Threat Actors, and Campaigns [C] . Seulgi Lee, Hyeisun Cho, Nakhyun Kim, International Conference on Platform Technology and Service . 2018

机译：在图表数据库中管理网络威胁情报：分析入侵套装，威胁演员和广告系列的方法
5. Barriers and Impacts to Adopting Interoperability Standards for Cyber Threat Intelligence Sharing: A Mixed Methods Study. [D] . Gong, Nicole Xiao. 2017

机译：网络威胁情报共享采用互操作性标准的障碍和影响：混合方法研究。
6. Analyzing Cyber-Physical Threats on Robotic Platforms [O] . Khalil M. Ahmad Yousef, Anas AlMajali, Salah Abu Ghalyon, 2018

机译：分析机器人平台上的网络物理威胁
7. Cyber Threat Intelligence Model: An Evaluation of Taxonomies, Sharing Standards, and Ontologies within Cyber Threat Intelligence [O] . Mavroeidis, Vasileios, Bromander, Siri 2017

机译：网络威胁情报模型：网络威胁情报中的分类标准，共享标准和本体评估

Managing Cyber Threat Intelligence in a Graph Database: Methods of Analyzing Intrusion Sets, Threat Actors, and Campaigns

摘要

著录项

相似文献

相关主题

期刊订阅