A Methodology to Evaluate Standards and Platforms within Cyber Threat Intelligence

The cyber security landscape is fundamentally changing over the past years. While technology is evolving and new sophisticated applications are being developed, a new threat scenario is emerging in alarming proportions. Sophisticated threats with multi-vectored, multi-staged and polymorphic characte...

Descripción completa

Detalles Bibliográficos
Autores: de Melo e Silva, Alessandra, Costa Gondim, João José, Oliveira Albuquerque, Robson de, García Villalba, Luis Javier
Tipo de recurso: artículo
Fecha de publicación:2020
País:España
Institución:Universidad Complutense de Madrid (UCM)
Repositorio:Docta Complutense
Idioma:inglés
OAI Identifier:oai:docta.ucm.es:20.500.14352/8369
Acceso en línea:https://hdl.handle.net/20.500.14352/8369
Access Level:acceso abierto
Palabra clave:cyber security
cyber threat intelligence
threat intelligence platform
threat intelligence standard
Internet (Informática)
Seguridad informática
3325 Tecnología de las Telecomunicaciones
id ES_49ea8303203e32d741ff11895547c96c
oai_identifier_str oai:docta.ucm.es:20.500.14352/8369
network_acronym_str ES
network_name_str España
repository_id_str
spelling A Methodology to Evaluate Standards and Platforms within Cyber Threat Intelligencede Melo e Silva, AlessandraCosta Gondim, João JoséOliveira Albuquerque, Robson deGarcía Villalba, Luis Javiercyber securitycyber threat intelligencethreat intelligence platformthreat intelligence standardInternet (Informática)Seguridad informática3325 Tecnología de las TelecomunicacionesThe cyber security landscape is fundamentally changing over the past years. While technology is evolving and new sophisticated applications are being developed, a new threat scenario is emerging in alarming proportions. Sophisticated threats with multi-vectored, multi-staged and polymorphic characteristics are performing complex attacks, making the processes of detection and mitigation far more complicated. Thus, organizations were encouraged to change their traditional defense models and to use and to develop new systems with a proactive approach. Such changes are necessary because the old approaches are not effective anymore to detect advanced attacks. Also, the organizations are encouraged to develop the ability to respond to incidents in real-time using complex threat intelligence platforms. However, since the field is growing rapidly, today Cyber Threat Intelligence concept lacks a consistent definition and a heterogeneous market has emerged, including diverse systems and tools, with different capabilities and goals. This work aims to provide a comprehensive evaluation methodology of threat intelligence standards and cyber threat intelligence platforms. The proposed methodology is based on the selection of the most relevant candidates to establish the evaluation criteria. In addition, this work studies the Cyber Threat Intelligence ecosystem and Threat Intelligence standards and platforms existing in state-of-the-art.MDPIUniversidad Complutense de Madrid20202020-06-2320202020-06-23journal articlehttp://purl.org/coar/resource_type/c_6501info:eu-repo/semantics/articleapplication/pdfhttps://hdl.handle.net/20.500.14352/8369reponame:Docta Complutenseinstname:Universidad Complutense de Madrid (UCM)Inglésengopen accesshttp://purl.org/coar/access_right/c_abf2Atribución 3.0 Españahttps://creativecommons.org/licenses/by/3.0/es/info:eu-repo/semantics/openAccessoai:docta.ucm.es:20.500.14352/83692026-06-02T12:44:21Z
dc.title.none.fl_str_mv A Methodology to Evaluate Standards and Platforms within Cyber Threat Intelligence
title A Methodology to Evaluate Standards and Platforms within Cyber Threat Intelligence
spellingShingle A Methodology to Evaluate Standards and Platforms within Cyber Threat Intelligence
de Melo e Silva, Alessandra
cyber security
cyber threat intelligence
threat intelligence platform
threat intelligence standard
Internet (Informática)
Seguridad informática
3325 Tecnología de las Telecomunicaciones
title_short A Methodology to Evaluate Standards and Platforms within Cyber Threat Intelligence
title_full A Methodology to Evaluate Standards and Platforms within Cyber Threat Intelligence
title_fullStr A Methodology to Evaluate Standards and Platforms within Cyber Threat Intelligence
title_full_unstemmed A Methodology to Evaluate Standards and Platforms within Cyber Threat Intelligence
title_sort A Methodology to Evaluate Standards and Platforms within Cyber Threat Intelligence
dc.creator.none.fl_str_mv de Melo e Silva, Alessandra
Costa Gondim, João José
Oliveira Albuquerque, Robson de
García Villalba, Luis Javier
author de Melo e Silva, Alessandra
author_facet de Melo e Silva, Alessandra
Costa Gondim, João José
Oliveira Albuquerque, Robson de
García Villalba, Luis Javier
author_role author
author2 Costa Gondim, João José
Oliveira Albuquerque, Robson de
García Villalba, Luis Javier
author2_role author
author
author
dc.contributor.none.fl_str_mv Universidad Complutense de Madrid
dc.subject.none.fl_str_mv cyber security
cyber threat intelligence
threat intelligence platform
threat intelligence standard
Internet (Informática)
Seguridad informática
3325 Tecnología de las Telecomunicaciones
topic cyber security
cyber threat intelligence
threat intelligence platform
threat intelligence standard
Internet (Informática)
Seguridad informática
3325 Tecnología de las Telecomunicaciones
description The cyber security landscape is fundamentally changing over the past years. While technology is evolving and new sophisticated applications are being developed, a new threat scenario is emerging in alarming proportions. Sophisticated threats with multi-vectored, multi-staged and polymorphic characteristics are performing complex attacks, making the processes of detection and mitigation far more complicated. Thus, organizations were encouraged to change their traditional defense models and to use and to develop new systems with a proactive approach. Such changes are necessary because the old approaches are not effective anymore to detect advanced attacks. Also, the organizations are encouraged to develop the ability to respond to incidents in real-time using complex threat intelligence platforms. However, since the field is growing rapidly, today Cyber Threat Intelligence concept lacks a consistent definition and a heterogeneous market has emerged, including diverse systems and tools, with different capabilities and goals. This work aims to provide a comprehensive evaluation methodology of threat intelligence standards and cyber threat intelligence platforms. The proposed methodology is based on the selection of the most relevant candidates to establish the evaluation criteria. In addition, this work studies the Cyber Threat Intelligence ecosystem and Threat Intelligence standards and platforms existing in state-of-the-art.
publishDate 2020
dc.date.none.fl_str_mv 2020
2020-06-23
2020
2020-06-23
dc.type.none.fl_str_mv journal article
http://purl.org/coar/resource_type/c_6501
dc.type.openaire.fl_str_mv info:eu-repo/semantics/article
format article
dc.identifier.none.fl_str_mv https://hdl.handle.net/20.500.14352/8369
url https://hdl.handle.net/20.500.14352/8369
dc.language.none.fl_str_mv Inglés
eng
language_invalid_str_mv Inglés
language eng
dc.rights.none.fl_str_mv open access
http://purl.org/coar/access_right/c_abf2
Atribución 3.0 España
https://creativecommons.org/licenses/by/3.0/es/
dc.rights.openaire.fl_str_mv info:eu-repo/semantics/openAccess
rights_invalid_str_mv open access
http://purl.org/coar/access_right/c_abf2
Atribución 3.0 España
https://creativecommons.org/licenses/by/3.0/es/
eu_rights_str_mv openAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv MDPI
publisher.none.fl_str_mv MDPI
dc.source.none.fl_str_mv reponame:Docta Complutense
instname:Universidad Complutense de Madrid (UCM)
instname_str Universidad Complutense de Madrid (UCM)
reponame_str Docta Complutense
collection Docta Complutense
repository.name.fl_str_mv
repository.mail.fl_str_mv
_version_ 1869407453642227712
score 15.300719