Risk Assessment of Sharing Cyber Threat Intelligence

Date

2020-09

Advisors

Journal Title

Journal ISSN

ISSN

Volume Title

Publisher

Springer

Type

Conference

Peer reviewed

Yes

Abstract

Sharing Cyber Threat Intelligence (CTI) is advocated to get better defence against new sophisticated cyber-attacks. CTI may contain critical information about the victim infrastructure, existing vulnerabilities and business processes so sharing CTI may carry a risk. However, evaluating the risk of sharing CTI da-tasets is challenging due to the nature of the CTI context which is associated with the evolution of the threat landscape and new cyber attacks that are difficult to evaluate. In this paper, we present a quantitative risk model to assess the risk of sharing CTI datasets enabled by sharing with different entities in various situa-tions. The model enables the identification of the threats and evaluation of the impacts of disclosing this information. We present two use cases that help to de-termine the risk level of sharing a CTI dataset and consequently the mitigation techniques to enable responsible sharing. Risk identification and evaluation have been validated using experts’ opinions.

Description

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.

Keywords

Cyber Threat Intelligence, Information Sharing, Risk Assessment

Citation

Albakri, A., Boiten, E.A., Smith, R.G. (2020) Risk Assessment of Sharing Cyber Threat Intelligence. In: Boureanu, I., Drăgan, C.C., Manulis, M., Giannetsos, T., Dadoyan, C., Gouvas, P., Hallman, R.A., Li, S., Chang, V., Pallas, F., Pohle, J., Sasse, A. (Eds.) Computer Security, ESORICS 2020 International Workshops, DETIPS, DeSECSys, MPS, and SPOSE, Guildford, UK, September 17–18, 2020, Revised Selected Papers, Heidelberg: Springer.

Rights

Research Institute

Cyber Technology Institute (CTI)