2021 IEEE International Conference on Cyber Security and Resilience

Full Program

Summary:

Threat Intelligence has been a key part of the success of Intrusion Detection with several trusted sources leading to wide adoption and greater understanding of new and trending threats to computer networks. Identifying potential threats and live attacks on networks is only half the battle knowing how to correctly respond to these threats and attacks requires in-depth and domain specific knowledge which may be unique to subject experts and software vendors. Network Incident Responders and Intrusion Response Systems can benefit from a similar approach to Threat Intel with a focus on potential Response actions. A qualitative comparison of current Threat Intel Sources and prominent Intrusion Response Systems is carried out to aid in the identification of key requirements to be met to enable the adoption of Response Intel. Building on these requirements a template for Response Intel is proposed which incorporates standardised models developed by MITRE.

Author(s):

Kieran Hughes    
Queen's University Belfast
United Kingdom

Kieran McLaughlin    
Queen's University Belfast
United Kingdom

Sakir Sezer    
Queen's University Belfast
United Kingdom

 


Copyright © 2021 SUMMIT-TEC GROUP LTD