Filters








114 Hits in 4.4 sec

MISP

Cynthia Wagner, Alexandre Dulaunoy, Gérard Wagener, Andras Iklody
2016 Proceedings of the 2016 ACM on Workshop on Information Sharing and Collaborative Security - WISCS'16  
This paper presents the Malware Information Sharing Platform (MISP) and threat sharing project, a trusted platform, that allows the collection and sharing of important indicators of compromise (IoC) of  ...  Enable detection via collaborative-knowledge-sharing about existing malware and other threats.  ...  Beside the various existing data formats and transport mechanisms, several technical implementations of threat intelligence platforms exist.  ... 
doi:10.1145/2994539.2994542 fatcat:vlleemc3jnfrlm7p5l4e3z4e7u

Taxonomy driven indicator scoring in MISP threat intelligence platforms [article]

Sami Mokaddem, Gerard Wagener, Alexandre Dulaunoy, Andras Iklody
2019 arXiv   pre-print
To cover the needs of having a medium for information sharing, different initiatives were taken such as the Open Source Threat Intelligence and Sharing Platform called MISP.  ...  As the MISP community members do not have the same objectives, use cases and implementations of the scoring model are discussed.  ...  For the detailed description of the design and implementation of MISP, we refer the reader to [26] .  ... 
arXiv:1902.03914v1 fatcat:zgwtcolo5zh6popqpdu3mdr4h4

What's in a Cyber Threat Intelligence sharing platform?

Borce Stojkovski, Gabriele Lenzini, Vincent Koenig, Salvador Rivas
2021 Annual Computer Security Applications Conference  
The ever-increasing scale and complexity of cyber attacks and cybercriminal activities necessitate secure and effective sharing of cyber threat intelligence (CTI) among a diverse set of stakeholders and  ...  This paper offers a unique contribution towards understanding the constraining and enabling factors of security information sharing within one of the leading platforms.  ...  ACKNOWLEDGMENTS We would like to thank the Computer Incident Response Center Luxembourg (CIRCL) for their collaboration and for facilitating this research.  ... 
doi:10.1145/3485832.3488030 fatcat:3c46rzj6srh4xicw3syvcshdaa

Context-Aware Cyber Threat Intelligence Exchange Platform

Michael Motlhabi, Phumeza Pantsi, Bokang Mangoale, Rofhiwa Netshiya, Samson Chishiri
2022 International Conference on Cyber Warfare and Security (ICIW)  
The idea behind this paper is to design a context-aware threat intelligence exchange platform that encourages collaboration and creates a federated environment amongst different industry stakeholders to  ...  The platform described in this paper, when implemented, would provide the basic building blocks for developing a highly effective cybersecurity intelligence-sharing system that can improve vulnerability  ...  Some examples of threat intelligence platforms include: State of the Art for Threat Intelligence PlatformsThe Malware Information Sharing Platform (MISP) -Open-source threat intelligence platform  ... 
doi:10.34190/iccws.17.1.42 fatcat:5h32vsewbnhwbdndmmcakasejq

On the Integration of Course of Action Playbooks into Shareable Cyber Threat Intelligence [article]

Vasileios Mavroeidis, Pavel Eis, Martin Zadnik, Marco Caselli, Bret Jordan
2021 arXiv   pre-print
We utilize the playbook metadata template to introduce functionality and integrate course of action playbooks, such as CACAO, into the MISP threat intelligence platform and the OASIS Threat Actor Context  ...  operations derived from utilizing, and coupling and sharing course of action playbooks with cyber threat intelligence, we introduce a uniform metadata template that supports managing and integrating course  ...  ACKNOWLEDGMENT The authors would like to thank Professor Audun Jøsang (University of Oslo), Jane Ginn (Cyber Threat Intelligence Network), Allan Thomson (Chief Architect Threat Defense Avast), and Francisco  ... 
arXiv:2110.10540v5 fatcat:7gjyt27zxrbcxpqcd2k5evu57e

Distributed Security Framework for Reliable Threat Intelligence Sharing

Davy Preuveneers, Wouter Joosen, Jorge Bernal Bernabe, Antonio Skarmeta
2020 Security and Communication Networks  
We have implemented and evaluated the feasibility of our distributed framework on top of the Malware Information Sharing Platform (MISP) solution, and we evaluate the performance impact using real-world  ...  The effectiveness of threat intelligence platforms heavily depends on the willingness to share among organizations and the responsible use of sensitive information that may potentially harm the reputation  ...  Acknowledgments is research was partially funded by the Research Fund of KU Leuven.  ... 
doi:10.1155/2020/8833765 fatcat:ircv5kio5ffennfm2u7sporsmq

Sharing Machine Learning Models as Indicators of Compromise for Cyber Threat Intelligence

Davy Preuveneers, Wouter Joosen
2021 Journal of Cybersecurity and Privacy  
Cyber threat intelligence (CTI) sharing is the collaborative effort of sharing information about cyber attacks to help organizations gain a better understanding of threats and proactively defend their  ...  We implemented our solution on top of MISP, TheHive, and Cortex—three state-of-practice open source CTI sharing and incident response platforms—to incrementally improve the accuracy of these ML models,  ...  Acknowledgments: We gratefully acknowledge the support of NVIDIA Corporation with the donation of the Titan V GPU used for this research.  ... 
doi:10.3390/jcp1010008 fatcat:ji5mezy7kbhf5b6zgjgchw5sra

Decaying Indicators of Compromise [article]

Andras Iklody, Gerard Wagener, Alexandre Dulaunoy, Sami Mokaddem, Cynthia Wagner
2018 arXiv   pre-print
In this paper, the open-source threat intelligence platform MISP is used to implement and showcase a generic scoring model for decaying IoCs shared within MISP communities matching their heterogeneous  ...  To ease the evaluation of IoCs as well as to harness the combined analysis capabilities, threat intelligence sharing platforms were introduced in order to foster collaboration on a community level.  ...  For a detailed description of the design and implementation of MISP, we refer the reader to article [25] .  ... 
arXiv:1803.11052v1 fatcat:aazegw6ykfaffcpvq3vdf4dmeq

Sharing of Cyber Threat Intelligence between States

Philipp Kuehn, Thea Riebe, Lynn Apelt, Max Jansen, Christian Reuter
2020 S+F. Sicherheit und Frieden. Security and Peace  
Instead of in a laboratory, this transformation takes place in the environment.  ...  Novel environmental invasive biotechnologies, such as gene drives and Horizontal Environmental Genetic Alteration Agents exceed the classical applications of genetically modified organisms.  ...  Hence, there is a growing demand for cyber threat intelligence (CTI) sharing and IT peace research by experts to support the management of threat indicators within organizations and the IT security community  ... 
doi:10.5771/0175-274x-2020-1-22 fatcat:nzurdrq5wjdrzphezqhbj4eddi

A Methodology to Evaluate Standards and Platforms within Cyber Threat Intelligence

Alessandra de Melo e Silva, João Costa Gondim, Robson de Oliveira de Oliveira Albuquerque, Luis Javier García Villalba
2020 Future Internet  
This work aims to provide a comprehensive evaluation methodology of threat intelligence standards and cyber threat intelligence platforms.  ...  In addition, this work studies the Cyber Threat Intelligence ecosystem and Threat Intelligence standards and platforms existing in state-of-the-art.  ...  Another work, Reference [26] proposed a threat intelligence platform with an architecture based on state-of-the-art systems like Malware Information Sharing Platform (MISP) and Collaborative Research  ... 
doi:10.3390/fi12060108 fatcat:ucbb5kjjgjdhpjs6cjpv77txrq

Interoperability Challenges in the Cybersecurity Information Sharing Ecosystem

Konstantinos Rantos, Arnolnt Spyros, Alexandros Papanikolaou, Antonios Kritsas, Christos Ilioudis, Vasilios Katos
2020 Computers  
Threat intelligence helps businesses and organisations make the right decisions in their fight against cyber threats, and strategically design their digital defences for an optimised and up-to-date security  ...  Combined with advanced security analysis, threat intelligence helps reduce the time between the detection of an attack and its containment.  ...  Threat Intelligence Sharing Platform (MISP) [27] : A data model composed of "events", which usually represent threats or incidents, which in turn are composed of a list of "attributes", such as IP addresses  ... 
doi:10.3390/computers9010018 fatcat:sc6vpaekdnav3gxnhvyzt7lx2y

Incidents Information Sharing Platform for Distributed Attack Detection

Konstantina Fotiadou, Terpsichori-Helen Velivassaki, Artemis Voulkidis, Konstantinos Railis, Panagiotis Trakadas, Theodore Zahariadis
2020 IEEE Open Journal of the Communications Society  
In this work, we propose the I2SP prototype, which is a novel Information Sharing Platform, able to gather, pre-process, model, and distribute network-traffic information.  ...  To the best of our knowledge, we are the first that combine the MISP-API in order to construct an information sharing mechanism that supports multiple novel deep feature learning architectures for intrusion  ...  MALWARE INFORMATION SHARING PLATFORM (MISP) MISP is an open-source threat information sharing platform, where users from various communities are able to share all kind of cyber-threats, indicators of compromise  ... 
doi:10.1109/ojcoms.2020.2989925 fatcat:fvqtfq7etnenflwvgcwof5ncxu

Overcoming information-sharing challenges in cyber defence exercises

Agnė Brilingaitė, Linas Bukauskas, Aušrius Juozapavičius, Eduardas Kutka
2022 Journal of Cybersecurity  
However, threat intelligence highly depends on security specialists' ability to share incident data on threat information-sharing platforms.  ...  This research aims to improve threat information sharing by focusing on the educational aspect of the problem and analysing the attitude of cybersecurity specialists during cyber defence exercises (CDX  ...  Acknowledgements The authors of the paper would like to express their gratitude to the organizers, participants and the evaluation team of the international cybersecurity exercises Amber Mist 2018-2020  ... 
doi:10.1093/cybsec/tyac001 fatcat:nztq3g6ktvd37fkf6rmq7m5cou

Operational security, threat intelligence & distributed computing: the WLCG Security Operations Center Working Group

David Crooks, Liviu Vâlsan, Kashif Mohammad, Shawn McKee, Paul Clark, Adam Boutcher, Adam Padée, Michał Wójcik, Henryk Giemza, Bas Kreukniet, A. Forti, L. Betev (+3 others)
2019 EPJ Web of Conferences  
The strategy of the group is to identify necessary components - starting with threat intelligence (MISP [2]) and network intrusion detection (Bro [3]), building a working model over time.  ...  The nature of these threats is such that the most effective method for dealing with them is to work collaboratively, both within the HEP community and with partners further afield - these can, and should  ...  threats is via collaboration and the sharing of threat intelligence.  ... 
doi:10.1051/epjconf/201921403029 fatcat:yf3tiwn6dfhzngqubxxcijo5c4

inTIME: A Machine Learning-Based Framework for Gathering and Leveraging Web Data to Cyber-Threat Intelligence

Paris Koloveas, Thanasis Chantzios, Sofia Alevizopoulou, Spiros Skiadopoulos, Christos Tryfonopoulos
2021 Electronics  
The sheer volume and variety of the different operating systems, the device particularities, the various usage domains and the accessibility-ready nature of the platforms creates a vast and complex threat  ...  processes, (iv) leverage the identified intelligence to actionable items by semi-automatic entity disambiguation, linkage and correlation, and (v) manage, share or collaborate on the stored intelligence  ...  Acknowledgments: We would like to thank our colleagues in Mathema S.R.L. for implementing part of the UI of the platform, and especially Emanuele Bellini and Simone Naldini for the technical and Alessandro  ... 
doi:10.3390/electronics10070818 fatcat:iegvfymfj5f7nbrdasqzcc2t6e
« Previous Showing results 1 — 15 out of 114 results