A Business Process Oriented Dynamic Cyber Threat Intelligence Model

Date

2020-04-09

Advisors

Journal Title

Journal ISSN

ISSN

Volume Title

Publisher

IEEE

Type

Conference

Peer reviewed

Yes

Abstract

Cyber threat intelligence (CTI) is a method for strengthening information security. CTI provides information on threats and the countermeasures. Businesses can benefit from the defensive knowledge if the relevant CTI is found. However, business environments involve miscellaneous dynamics of the business processes that can dynamically change the contexts. Correspondingly, threats associated with the contextual risk factors can change dynamically at the same time. Every time the contextual changes take place, CTI-based defensive strategies for businesses may not be useful and effective any more. However, the existing connection strategies between CTI and business risk contexts are still somewhat static. This paper proposes a business process oriented dynamic CTI model. The model can observe and capture the dynamics from the business environments. Every time the dynamics are captured, the model will then trigger adjustments of the connection strategies within the model. We use a case study to illustrate the use of the model and present how the model adjusts the connection strategies according to the dynamics. We then conclude the paper with future directions of the research.

Description

The Publisher's final version can be found by following the DOI link.

Keywords

cyber threat intelligence, business process, CTI mapping, similarity computation, dynamic representation

Citation

Xu, Y., Yang, Y. and He, Y. (2020) A Business Process Oriented Dynamic Cyber Threat Intelligence Model. Proceedings of 2019 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computing, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation, Leicester, UK, August 2019, pp.648-653.

Rights

Research Institute

Institute of Artificial Intelligence (IAI)