Towards the adoption of automated cyber threat intelligence information sharing with integrated risk assessment

Valeria Valdés Ríos, Fatiha Zaidi, Ana Rosa Cavalli, Angel Rego

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

In the domain of cybersecurity, effective threat intelligence and information sharing are critical operations for ensuring appropriate and timely response against threats, but limited in automation, standardization, and ease of use in current platforms. This paper introduces a Cyber Threat Intelligence (CTI) Information Sharing platform, designed for critical infrastructures and cyber-physical systems. Our platform integrates existing cybersecurity tools and leverages digital twin technology, enhancing threat analysis and mitigation capabilities. It features an automated process for disseminating standardized and structured intelligence, utilizing the Malware Information Sharing Platform (MISP) for effective dissemination. A significant enhancement is the integration of risk assessment tools, which enriches the shared intelligence with detailed risk information, supporting an informed decision-making. The platform encompasses a user-friendly dashboard and a robust backend, streamlining the threat intelligence cycle and transforming raw data coming from diverse sources into actionable insights. Overall the CTI4BC platform presents a solution to overcome challenges in the CTI sharing, contributing to a more resilient cybersecurity domain.

Original languageEnglish
Title of host publicationARES 2024 - 19th International Conference on Availability, Reliability and Security, Proceedings
PublisherAssociation for Computing Machinery
ISBN (Electronic)9798400717185
DOIs
Publication statusPublished - 30 Jul 2024
Event19th International Conference on Availability, Reliability and Security, ARES 2024 - Vienna, Austria
Duration: 30 Jul 20242 Aug 2024

Publication series

NameACM International Conference Proceeding Series

Conference

Conference19th International Conference on Availability, Reliability and Security, ARES 2024
Country/TerritoryAustria
CityVienna
Period30/07/242/08/24

Keywords

  • Automation
  • Cyber Threat Intelligence
  • Cyber-Physical Systems
  • Cybersecurity
  • Information Sharing
  • Standardized Threat Intelligence

Fingerprint

Dive into the research topics of 'Towards the adoption of automated cyber threat intelligence information sharing with integrated risk assessment'. Together they form a unique fingerprint.

Cite this