1. bookVolumen 22 (2022): Edición 2 (June 2022)
Detalles de la revista
License
Formato
Revista
eISSN
1314-4081
Primera edición
13 Mar 2012
Calendario de la edición
4 veces al año
Idiomas
Inglés
access type Acceso abierto

Visualizing Interesting Patterns in Cyber Threat Intelligence Using Machine Learning Techniques

Publicado en línea: 23 Jun 2022
Volumen & Edición: Volumen 22 (2022) - Edición 2 (June 2022)
Páginas: 96 - 113
Recibido: 09 Sep 2021
Aceptado: 20 Apr 2022
Detalles de la revista
License
Formato
Revista
eISSN
1314-4081
Primera edición
13 Mar 2012
Calendario de la edición
4 veces al año
Idiomas
Inglés
Abstract

In an advanced and dynamic cyber threat environment, organizations need to yield more proactive methods to handle their cyber defenses. Cyber threat data known as Cyber Threat Intelligence (CTI) of previous incidents plays an important role by helping security analysts understand recent cyber threats and their mitigations. The mass of CTI is exponentially increasing, most of the content is textual which makes it difficult to analyze. The current CTI visualization tools do not provide effective visualizations. To address this issue, an exploratory data analysis of CTI reports is performed to dig-out and visualize interesting patterns of cyber threats which help security analysts to proactively mitigate vulnerabilities and timely predict cyber threats in their networks.

Keywords

1. Hackmageddon: June 2021 Cyber Attack Statistics. https://www.hackmageddon.com/category/security/cyber-attacks-statistics/ Search in Google Scholar

2. Bartoli, A., A. de Lorenzo, E. Medvet, M. Faraguna, F. Tarl. A Security-Oriented Analysis of Web Inclusions in the Italian Public Administration. – Cybernetics and Information Technologies, Vol. 18, 2018, No 4, pp. 94-110.10.2478/cait-2018-0050 Search in Google Scholar

3. US-CERT: United States Computer Emergency Readiness Team. https://www.us-cert.gov/tlp Search in Google Scholar

4. OpenIOC: An Open Framework for Sharing Threat Intelligence. http://www.openioc.org/ Search in Google Scholar

5. VERIS: The Vocabulary for Event Recording and Incident Sharing. http://veriscommunity.net/ Search in Google Scholar

6. IODEF Design principles and IODEF Data Model Overview. https://www.terena.org/activities/tf-csirt/meeting5/demchenko-iodef-design-datamodel.pdf Search in Google Scholar

7. Cyber Observable eXpression: A Structured Language for Cyber Observables. https://cybox.mitre.org/ Search in Google Scholar

8. Structured Threat Information eXpression: A Structured Language for Cyber Threat Intelligence Information. http://stix.mitre.org/ Search in Google Scholar

9. Trusted Automated eXchange of Indicator Information: Enabling Cyber Threat Information Exchange. http://taxii.mitre.org/ Search in Google Scholar

10. Ten of the Best Threat Intelligence Feeds. https://d3security.com/blog/10-of-the-best-open-source-threat-intelligence-feeds/ Search in Google Scholar

11. Hail-a-Taxii. http://hailataxii.com/ Search in Google Scholar

12. ATT&CK MITRE. https://attack.mitre.org/ Search in Google Scholar

13. Venkatram, K., G. A. Mary. Review on Big Data & Analytics – Concepts, Philosophy, Process and Applications. – Cybernetics and Information Technologies, Vol. 17, 2017, No 2, pp. 3-27.10.1515/cait-2017-0013 Search in Google Scholar

14. Stixproject.github.io. (2019). About STIX | STIX Project Documentation. https://stixproject.github.io/about/ Search in Google Scholar

15. Strom, B. E., A. Applebaum, D. P. Miller, K. C. Nickels, A. G. Pennington, C. B. Thomas. Mitre att&ck: Design and Philosophy. Technical Report, 2018. Search in Google Scholar

16. IBM X Force Exchange. https://exchange.xforce.ibmcloud.com/ Search in Google Scholar

17. Symantec Cyber Security. https://www.broadcom.com/products/cyber-security Search in Google Scholar

18. Cyber Security Experts and Solution Provider. https://www.fireeye.com/ Search in Google Scholar

19. CrowdStrike: Leader in Endpoint Protection. https://www.crowdstrike.com/ Search in Google Scholar

20. Bromiley, M. Threat Intelligence: What It Is, And How to Use It Effectively. – SANS Institute InfoSec Reading Room, Vol. 15, 2016, 172.10.1515/9781400881147-004 Search in Google Scholar

21. Craig, M., A. Lakhotia, C. LeDoux, A. Newsom, V. Notani. VirusBattle: State-of-the-Art Malware Analysis for Better Cyber Threat Intelligence. – In: Proc. of 7th International Symposium on Resilient Control Systems (ISRCS’14), IEEE, 2014, pp. 1-6. Search in Google Scholar

22. STIXViz. (n.d.). Utilities & Developer Resources. http://stixproject.github.io/documentation/utilities/ Search in Google Scholar

23. Noel, S. Interactive Visualization and Text Mining for the Capec Cyber Attack Catalog. – In: Proc. of ACM Intelligent User Interfaces Workshop on Visual Text Analytics, 2015, pp. 1-8. Search in Google Scholar

24. Zoomable Sunburst. https://bl.ocks.org/mbostock/4348373 Search in Google Scholar

25. Pebbles – Using Circular Treemaps to Visualize Disk Usage. http://lip.sourceforge.net/ctreemap.html. Search in Google Scholar

26. FoamTree: Interactive Voronoi Treemap (n.d.). https://carrotsearch.com/foamtree Search in Google Scholar

27. Zhao, H., L. Lu. Variational Circular Treemaps for Interactive Visualization of Hierarchical Data. – In: Proc. of IEEE Pacific Visualization Symposium (PacificVis’15), IEEE, 2015. pp. 81-85. Search in Google Scholar

28. Daniel, B., M., A. Endert, D. Kidwell. 7 Key Challenges for Visualization in Cyber Network Defense. – In: Proc. of 11th Workshop on Visualization for Cyber Security, 2014, pp. 33-40. Search in Google Scholar

29. Cawthon, N., A. V. Moere. The Effect of Aesthetic on the Usability of Data Visualization. – In: Proc. of 11th International Conference Information Visualization (IV’07), IEEE, 2007, pp. 637-648.10.1109/IV.2007.147 Search in Google Scholar

30. Bronwyn, W., S. J. Perl, B. Lindauer. Data Mining for Efficient Collaborative Information Discovery. – In: Proc. of 2nd ACM Workshop on Information Sharing and Collaborative Security, 2015, pp. 3-12. Search in Google Scholar

31. Singh, N., S. S. Khurmi. Malware Analysis, Clustering and Classification: A Literature Review. – Int. J. Comput. Sci. Technol., Vol. 6, 2015, No 1, pp. 68-72. Search in Google Scholar

32. Zahra, B., H. Hashemi, S. M. H. Fard, A. Hamzeh. A Survey on Heuristic Malware Detection Techniques. – In: Proc. of 5th Conference on Information and Knowledge Technology, IEEE, 2013, pp. 113-120. Search in Google Scholar

33. Kyle, O’M., D. Shick, J. Spring, E. Stoner. Malware Capability Development Patterns Respond to Defenses: Two Case Studies. White Paper, Software Engineering Institute, Carnegie Mellon University, 2016. Search in Google Scholar

34. Saeed, I. A., A. Selamat, A. M. Abuagoub. A Survey on Malware and Malware Detection Systems. – International Journal of Computer Applications, Vol. 67, 2013, No 16.10.5120/11480-7108 Search in Google Scholar

35. Abedelaziz, M., O. Alrawi. Unveiling Zeus: Automated Classification of Malware Samples. – In: Proc. of 22nd International Conference on World Wide Web, 2013, pp. 829-832. Search in Google Scholar

36. Han, J., M. Kamber. Data Mining. Concepts and Techniques. – In: Morgan Kaufmann. Vol. 340. 2012. 744 p. Search in Google Scholar

37. Ikram, S. T., A. K. Cherukuri, B. Poorva, P. S. Ushasree, Y. Zhang, X. Liu, G. Li. Anomaly Detection Using XGBoost Ensemble of Deep Neural Network Models. – Cybernetics and Information Technologies, Vol. 21, 2021, No 3, pp. 175-188.10.2478/cait-2021-0037 Search in Google Scholar

38. ANOMAL STAXX. https://www.anomali.com/resources/staxx Search in Google Scholar

39. Noor, U., Z. Anwar, A. W. Malik, S. Khan, S. Saleem. A Machine Learning Framework for Investigating Data Breaches Based on Semantic Analysis of Adversary’s Attack Patterns in Threat Intelligence Repositories. – Future Generation Computer Systems, Vol. 95, 2019, pp. 467-487.10.1016/j.future.2019.01.022 Search in Google Scholar

40. UmaraNoor/CTI-Visualizations-Using-R. https://github.com/UmaraNoor/CTI-Visualizations-Using-R- Search in Google Scholar

Artículos recomendados de Trend MD

Planifique su conferencia remota con Sciendo