Risk Assessment of Sharing Cyber Threat Intelligence

dc.cclicenceN/Aen
dc.contributor.authorBoiten, Eerke Albert
dc.contributor.authorSmith, R. G.
dc.contributor.authorAlbakri, Adham
dc.date.acceptance2020-07-01
dc.date.accessioned2021-10-06T08:41:16Z
dc.date.available2021-10-06T08:41:16Z
dc.date.issued2020-09
dc.descriptionThe file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.en
dc.description.abstractSharing Cyber Threat Intelligence (CTI) is advocated to get better defence against new sophisticated cyber-attacks. CTI may contain critical information about the victim infrastructure, existing vulnerabilities and business processes so sharing CTI may carry a risk. However, evaluating the risk of sharing CTI da-tasets is challenging due to the nature of the CTI context which is associated with the evolution of the threat landscape and new cyber attacks that are difficult to evaluate. In this paper, we present a quantitative risk model to assess the risk of sharing CTI datasets enabled by sharing with different entities in various situa-tions. The model enables the identification of the threats and evaluation of the impacts of disclosing this information. We present two use cases that help to de-termine the risk level of sharing a CTI dataset and consequently the mitigation techniques to enable responsible sharing. Risk identification and evaluation have been validated using experts’ opinions.en
dc.funderEuropean Union (EU) Horizon 2020en
dc.funder.otherRITICSen
dc.identifier.citationAlbakri, A., Boiten, E.A., Smith, R.G. (2020) Risk Assessment of Sharing Cyber Threat Intelligence. In: Boureanu, I., Drăgan, C.C., Manulis, M., Giannetsos, T., Dadoyan, C., Gouvas, P., Hallman, R.A., Li, S., Chang, V., Pallas, F., Pohle, J., Sasse, A. (Eds.) Computer Security, ESORICS 2020 International Workshops, DETIPS, DeSECSys, MPS, and SPOSE, Guildford, UK, September 17–18, 2020, Revised Selected Papers, Heidelberg: Springer.en
dc.identifier.doihttps://doi.org/10.1007/978-3-030-66504-3
dc.identifier.isbn9783030665036
dc.identifier.urihttps://dora.dmu.ac.uk/handle/2086/21312
dc.language.isoenen
dc.peerreviewedYesen
dc.projectid675320en
dc.publisherSpringeren
dc.relation.ispartofseriesLecture Notes in Computer Science;12580
dc.researchinstituteCyber Technology Institute (CTI)en
dc.subjectCyber Threat Intelligenceen
dc.subjectInformation Sharingen
dc.subjectRisk Assessmenten
dc.titleRisk Assessment of Sharing Cyber Threat Intelligenceen
dc.typeConferenceen

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
RiskAssessmentofSharingCyberThreatIntelligence.pdf
Size:
435.79 KB
Format:
Adobe Portable Document Format
Description:
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
4.2 KB
Format:
Item-specific license agreed upon to submission
Description: