Open Access

Visualizing Interesting Patterns in Cyber Threat Intelligence Using Machine Learning Techniques

Sarwat Ejaz
Sarwat Ejaz
, 
Umara Noor
Umara Noor
 and 
Zahid Rashid
Zahid Rashid
   | Jun 23, 2022
Cybernetics and Information Technologies's Cover Image
About this article
Previous Article
Next Article
Cite
Published Online: Jun 23, 2022
Page range: 96 - 113
Received: Sep 09, 2021
Accepted: Apr 20, 2022
DOI: https://doi.org/10.2478/cait-2022-0019
Keywords
© 2022 Sarwat Ejaz et al., published by Sciendo
This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

1. Hackmageddon: June 2021 Cyber Attack Statistics. https://www.hackmageddon.com/category/security/cyber-attacks-statistics/ Search in Google Scholar

2. Bartoli, A., A. de Lorenzo, E. Medvet, M. Faraguna, F. Tarl. A Security-Oriented Analysis of Web Inclusions in the Italian Public Administration. – Cybernetics and Information Technologies, Vol. 18, 2018, No 4, pp. 94-110.10.2478/cait-2018-0050 Search in Google Scholar

3. US-CERT: United States Computer Emergency Readiness Team. https://www.us-cert.gov/tlp Search in Google Scholar

4. OpenIOC: An Open Framework for Sharing Threat Intelligence. http://www.openioc.org/ Search in Google Scholar

5. VERIS: The Vocabulary for Event Recording and Incident Sharing. http://veriscommunity.net/ Search in Google Scholar

6. IODEF Design principles and IODEF Data Model Overview. https://www.terena.org/activities/tf-csirt/meeting5/demchenko-iodef-design-datamodel.pdf Search in Google Scholar

7. Cyber Observable eXpression: A Structured Language for Cyber Observables. https://cybox.mitre.org/ Search in Google Scholar

8. Structured Threat Information eXpression: A Structured Language for Cyber Threat Intelligence Information. http://stix.mitre.org/ Search in Google Scholar

9. Trusted Automated eXchange of Indicator Information: Enabling Cyber Threat Information Exchange. http://taxii.mitre.org/ Search in Google Scholar

10. Ten of the Best Threat Intelligence Feeds. https://d3security.com/blog/10-of-the-best-open-source-threat-intelligence-feeds/ Search in Google Scholar

11. Hail-a-Taxii. http://hailataxii.com/ Search in Google Scholar

12. ATT&CK MITRE. https://attack.mitre.org/ Search in Google Scholar

13. Venkatram, K., G. A. Mary. Review on Big Data & Analytics – Concepts, Philosophy, Process and Applications. – Cybernetics and Information Technologies, Vol. 17, 2017, No 2, pp. 3-27.10.1515/cait-2017-0013 Search in Google Scholar

14. Stixproject.github.io. (2019). About STIX | STIX Project Documentation. https://stixproject.github.io/about/ Search in Google Scholar

15. Strom, B. E., A. Applebaum, D. P. Miller, K. C. Nickels, A. G. Pennington, C. B. Thomas. Mitre att&ck: Design and Philosophy. Technical Report, 2018. Search in Google Scholar

16. IBM X Force Exchange. https://exchange.xforce.ibmcloud.com/ Search in Google Scholar

17. Symantec Cyber Security. https://www.broadcom.com/products/cyber-security Search in Google Scholar

18. Cyber Security Experts and Solution Provider. https://www.fireeye.com/ Search in Google Scholar

19. CrowdStrike: Leader in Endpoint Protection. https://www.crowdstrike.com/ Search in Google Scholar

20. Bromiley, M. Threat Intelligence: What It Is, And How to Use It Effectively. – SANS Institute InfoSec Reading Room, Vol. 15, 2016, 172.10.1515/9781400881147-004 Search in Google Scholar

21. Craig, M., A. Lakhotia, C. LeDoux, A. Newsom, V. Notani. VirusBattle: State-of-the-Art Malware Analysis for Better Cyber Threat Intelligence. – In: Proc. of 7th International Symposium on Resilient Control Systems (ISRCS’14), IEEE, 2014, pp. 1-6. Search in Google Scholar

22. STIXViz. (n.d.). Utilities & Developer Resources. http://stixproject.github.io/documentation/utilities/ Search in Google Scholar

23. Noel, S. Interactive Visualization and Text Mining for the Capec Cyber Attack Catalog. – In: Proc. of ACM Intelligent User Interfaces Workshop on Visual Text Analytics, 2015, pp. 1-8. Search in Google Scholar

24. Zoomable Sunburst. https://bl.ocks.org/mbostock/4348373 Search in Google Scholar

25. Pebbles – Using Circular Treemaps to Visualize Disk Usage. http://lip.sourceforge.net/ctreemap.html. Search in Google Scholar

26. FoamTree: Interactive Voronoi Treemap (n.d.). https://carrotsearch.com/foamtree Search in Google Scholar

27. Zhao, H., L. Lu. Variational Circular Treemaps for Interactive Visualization of Hierarchical Data. – In: Proc. of IEEE Pacific Visualization Symposium (PacificVis’15), IEEE, 2015. pp. 81-85. Search in Google Scholar

28. Daniel, B., M., A. Endert, D. Kidwell. 7 Key Challenges for Visualization in Cyber Network Defense. – In: Proc. of 11th Workshop on Visualization for Cyber Security, 2014, pp. 33-40. Search in Google Scholar

29. Cawthon, N., A. V. Moere. The Effect of Aesthetic on the Usability of Data Visualization. – In: Proc. of 11th International Conference Information Visualization (IV’07), IEEE, 2007, pp. 637-648.10.1109/IV.2007.147 Search in Google Scholar

30. Bronwyn, W., S. J. Perl, B. Lindauer. Data Mining for Efficient Collaborative Information Discovery. – In: Proc. of 2nd ACM Workshop on Information Sharing and Collaborative Security, 2015, pp. 3-12. Search in Google Scholar

31. Singh, N., S. S. Khurmi. Malware Analysis, Clustering and Classification: A Literature Review. – Int. J. Comput. Sci. Technol., Vol. 6, 2015, No 1, pp. 68-72. Search in Google Scholar

32. Zahra, B., H. Hashemi, S. M. H. Fard, A. Hamzeh. A Survey on Heuristic Malware Detection Techniques. – In: Proc. of 5th Conference on Information and Knowledge Technology, IEEE, 2013, pp. 113-120. Search in Google Scholar

33. Kyle, O’M., D. Shick, J. Spring, E. Stoner. Malware Capability Development Patterns Respond to Defenses: Two Case Studies. White Paper, Software Engineering Institute, Carnegie Mellon University, 2016. Search in Google Scholar

34. Saeed, I. A., A. Selamat, A. M. Abuagoub. A Survey on Malware and Malware Detection Systems. – International Journal of Computer Applications, Vol. 67, 2013, No 16.10.5120/11480-7108 Search in Google Scholar

35. Abedelaziz, M., O. Alrawi. Unveiling Zeus: Automated Classification of Malware Samples. – In: Proc. of 22nd International Conference on World Wide Web, 2013, pp. 829-832. Search in Google Scholar

36. Han, J., M. Kamber. Data Mining. Concepts and Techniques. – In: Morgan Kaufmann. Vol. 340. 2012. 744 p. Search in Google Scholar

37. Ikram, S. T., A. K. Cherukuri, B. Poorva, P. S. Ushasree, Y. Zhang, X. Liu, G. Li. Anomaly Detection Using XGBoost Ensemble of Deep Neural Network Models. – Cybernetics and Information Technologies, Vol. 21, 2021, No 3, pp. 175-188.10.2478/cait-2021-0037 Search in Google Scholar

38. ANOMAL STAXX. https://www.anomali.com/resources/staxx Search in Google Scholar

39. Noor, U., Z. Anwar, A. W. Malik, S. Khan, S. Saleem. A Machine Learning Framework for Investigating Data Breaches Based on Semantic Analysis of Adversary’s Attack Patterns in Threat Intelligence Repositories. – Future Generation Computer Systems, Vol. 95, 2019, pp. 467-487.10.1016/j.future.2019.01.022 Search in Google Scholar

40. UmaraNoor/CTI-Visualizations-Using-R. https://github.com/UmaraNoor/CTI-Visualizations-Using-R- Search in Google Scholar

eISSN:
1314-4081
Language:
English
Publication timeframe:
4 times per year
Journal Subjects:
Computer Sciences, Information Technology
Journal RSS Feed