A quantitative Evaluation of Trust in the Quality of Cyber Threat Intelligence Sources

A quantitative Evaluation of Trust in the Quality of Cyber Threat Intelligence Sources

Abstract

Threat intelligence sharing has become a cornerstone of cooperative and collaborative cybersecurity. Sources providing such data have become more widespread in recent years, ranging from public entities (driven by legislatorial changes) to commercial companies and open communities that provide threat intelligence in order to help organisations and individuals to better understand and assess the cyber threat landscape putting their systems at risk. Tool support to automatically process this information is emerging concurrently. It has been observed that the quality of information received by the sources varies significantly and that in order to assess the quality of a threat intelligence source it is not sufficient to only consider qualitative indications of the source itself, but it is necessary to monitor the data provided by the source continuously to be able to draw conclusions about the quality of information provided by a source. In this paper, we propose a methodology for evaluating cyber threat information sources based on quantitative parameters. The methodology aims to facilitate trust establishment to threat intelligence sources, based on a weighted evaluation method that allows each entity to adapt it to its own needs and priorities. The approach facilitates automated tools utilising threat intelligence, since information to be considered can be prioritised based on which source is trusted the most at the time the intelligence arrives.

Grafik Top
Authors
  • Schaberreiter, Thomas
  • Kupfersberger, Veronika
  • Rantos, Konstantinos
  • Spyros, Arnolt
  • Papanikolaou, Alexandros
  • Ilioudis, Chris
  • Quirchmayr, Gerald
Grafik Top
Shortfacts
Category
Paper in Conference Proceedings or in Workshop Proceedings (Paper)
Event Title
14th International Conference on Availability, Reliability and Security (ARES 2019)
Divisions
Multimedia Information Systems
Event Location
Canterbury, UK
Event Type
Workshop
Event Dates
26-29 Aug 2019
Series Name
ARES ´19 Proceedings of the 14th International Conference on Availability, Reliability and Security
ISSN/ISBN
978-1-4503-7164-3
Date
26 August 2019
Export
Grafik Top