{"title":"Early Warning Identity Threat and Mitigation System","authors":"Aditya Tyagi, Razieh Nokhbeh Zaeem, K. S. Barber","doi":"10.14279/TUJ.ECEASST.80.1146.1115","DOIUrl":null,"url":null,"abstract":"While many organizations share threat intelligence, there is still a lack of actionable data for organizations to proactively and effectively respond to emerging identity threats to mitigate a wide range of crimes. There currently exists no solution for organizations to access current trends and intelligence to understand emerging threats and how to appropriately respond to them. This research project delivers I-WARN to help bridge that gap. Using a wide range of open-source information, I-WARN gathers, analyzes, and reports on threats related to the theft, fraud, and abuse of Personally Identifiable Information (PII). I-WARN then maps those threats to the MITRE ATT&CK -- a framework that helps understand lateral movement of an attack -- to offer mitigation and risk reduction tactics. I-WARN aims to deliver actionable intelligence, offering early warning into threat behaviors, and mitigation responses. This paper discusses the technical details of I-WARN, non-exhaustive current solutions for threat intelligence sharing, and future work.","PeriodicalId":115235,"journal":{"name":"Electron. Commun. Eur. Assoc. Softw. Sci. Technol.","volume":"42 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-09-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Electron. Commun. Eur. Assoc. Softw. Sci. Technol.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.14279/TUJ.ECEASST.80.1146.1115","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
While many organizations share threat intelligence, there is still a lack of actionable data for organizations to proactively and effectively respond to emerging identity threats to mitigate a wide range of crimes. There currently exists no solution for organizations to access current trends and intelligence to understand emerging threats and how to appropriately respond to them. This research project delivers I-WARN to help bridge that gap. Using a wide range of open-source information, I-WARN gathers, analyzes, and reports on threats related to the theft, fraud, and abuse of Personally Identifiable Information (PII). I-WARN then maps those threats to the MITRE ATT&CK -- a framework that helps understand lateral movement of an attack -- to offer mitigation and risk reduction tactics. I-WARN aims to deliver actionable intelligence, offering early warning into threat behaviors, and mitigation responses. This paper discusses the technical details of I-WARN, non-exhaustive current solutions for threat intelligence sharing, and future work.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
