Journal
INFORMATION SYSTEMS FRONTIERS
Volume 23, Issue 4, Pages 883-896Publisher
SPRINGER
DOI: 10.1007/s10796-020-10103-7
Keywords
Cyber Threat Intelligence (CTI); Structured Threat Information Expression (STIX); Trusted Automated Exchange of Intelligence Information (TAXII); Relationship Based Access Control (ReBAC); OpenStack
Funding
- DoD ARO Grant [W911NF-15-1-0518]
- NSF CREST Grant [HRD-1736209]
- NSF CAREER Grant [CNS-1553696]
Ask authors/readers for more resources
Cyber threat sharing is crucial for timely defense against cyber attacks. This paper emphasizes the importance of sharing threat intelligence in a controlled and automated manner, and proposes Relationship Based Access Control (ReBAC) as a suitable model. By developing an automated approach for threat detection and sharing, along with implementing an Automated Cyber Defense System in a cloud based environment, effective mitigation of cyber threats can be achieved.
Cyber Threat sharing helps with defending against cyber attacks in a timely manner. Many frameworks have been proposed for CTI sharing such as Structured Threat Information Expression (STIX) and Trusted Automated Exchange of Intelligence Information (TAXII). However, CTI sharing in a controlled and automated manner is critical. In this paper, we demonstrate Relationship Based Access Control (ReBAC) as an appropriate model for CTI sharing. We also develop an approach for automated threat detection, generation and sharing of structured CTI and taking course of actions to mitigate cyber threats. Finally, we implement an Automated Cyber Defense System in a cloud based environment.
Authors
I am an author on this paper
Click your name to claim this paper and add it to your profile.
Reviews
Recommended
No Data Available