Risk Assessment of Sharing Cyber Threat Intelligence
dc.cclicence | N/A | en |
dc.contributor.author | Boiten, Eerke Albert | |
dc.contributor.author | Smith, R. G. | |
dc.contributor.author | Albakri, Adham | |
dc.date.acceptance | 2020-07-01 | |
dc.date.accessioned | 2021-10-06T08:41:16Z | |
dc.date.available | 2021-10-06T08:41:16Z | |
dc.date.issued | 2020-09 | |
dc.description | The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link. | en |
dc.description.abstract | Sharing Cyber Threat Intelligence (CTI) is advocated to get better defence against new sophisticated cyber-attacks. CTI may contain critical information about the victim infrastructure, existing vulnerabilities and business processes so sharing CTI may carry a risk. However, evaluating the risk of sharing CTI da-tasets is challenging due to the nature of the CTI context which is associated with the evolution of the threat landscape and new cyber attacks that are difficult to evaluate. In this paper, we present a quantitative risk model to assess the risk of sharing CTI datasets enabled by sharing with different entities in various situa-tions. The model enables the identification of the threats and evaluation of the impacts of disclosing this information. We present two use cases that help to de-termine the risk level of sharing a CTI dataset and consequently the mitigation techniques to enable responsible sharing. Risk identification and evaluation have been validated using experts’ opinions. | en |
dc.funder | European Union (EU) Horizon 2020 | en |
dc.funder.other | RITICS | en |
dc.identifier.citation | Albakri, A., Boiten, E.A., Smith, R.G. (2020) Risk Assessment of Sharing Cyber Threat Intelligence. In: Boureanu, I., Drăgan, C.C., Manulis, M., Giannetsos, T., Dadoyan, C., Gouvas, P., Hallman, R.A., Li, S., Chang, V., Pallas, F., Pohle, J., Sasse, A. (Eds.) Computer Security, ESORICS 2020 International Workshops, DETIPS, DeSECSys, MPS, and SPOSE, Guildford, UK, September 17–18, 2020, Revised Selected Papers, Heidelberg: Springer. | en |
dc.identifier.doi | https://doi.org/10.1007/978-3-030-66504-3 | |
dc.identifier.isbn | 9783030665036 | |
dc.identifier.uri | https://dora.dmu.ac.uk/handle/2086/21312 | |
dc.language.iso | en | en |
dc.peerreviewed | Yes | en |
dc.projectid | 675320 | en |
dc.publisher | Springer | en |
dc.relation.ispartofseries | Lecture Notes in Computer Science;12580 | |
dc.researchinstitute | Cyber Technology Institute (CTI) | en |
dc.subject | Cyber Threat Intelligence | en |
dc.subject | Information Sharing | en |
dc.subject | Risk Assessment | en |
dc.title | Risk Assessment of Sharing Cyber Threat Intelligence | en |
dc.type | Conference | en |
Files
Original bundle
1 - 1 of 1
Loading...
- Name:
- RiskAssessmentofSharingCyberThreatIntelligence.pdf
- Size:
- 435.79 KB
- Format:
- Adobe Portable Document Format
- Description:
License bundle
1 - 1 of 1
No Thumbnail Available
- Name:
- license.txt
- Size:
- 4.2 KB
- Format:
- Item-specific license agreed upon to submission
- Description: