网络威胁情报共享的当前方法和未来方向:调查

IF 3.8 2区 计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS Journal of Information Security and Applications Pub Date : 2024-05-17 DOI:10.1016/j.jisa.2024.103786
Poopak Alaeifar , Shantanu Pal , Zahra Jadidi , Mukhtar Hussain , Ernest Foo
{"title":"网络威胁情报共享的当前方法和未来方向:调查","authors":"Poopak Alaeifar ,&nbsp;Shantanu Pal ,&nbsp;Zahra Jadidi ,&nbsp;Mukhtar Hussain ,&nbsp;Ernest Foo","doi":"10.1016/j.jisa.2024.103786","DOIUrl":null,"url":null,"abstract":"<div><p>Cyber Threat Intelligence (CTI) is essential knowledge concerning cyber and physical threats aimed at mitigating potential cyber attacks. The rapid evolution of Information and Communications Technology (ICT), the Internet of Things (IoT), and Industry 5.0 has spawned a multitude of sources regarding current or potential cyber threats against organizations. Consequently, CTI sharing among organizations holds considerable promise for facilitating swift responses to attacks and enabling mutual benefits through active participation. However, exchanging CTI among different organizations poses significant challenges, including legal and regulatory obligations, interoperability standards, and data reliability. The current CTI sharing landscape remains inadequately explored, hindering a comprehensive examination of organizations’ critical needs and the challenges they encounter during CTI sharing. This paper presents a comprehensive survey on CTI sharing, beginning with an exploration of CTI fundamentals and its advancements in assessing cyber and physical threats and threat actors from various perspectives. For instance, we discuss the benefits of CTI, its applications, and diverse CTI sharing architectures. Additionally, we extensively discuss a list of CTI sharing challenges and evaluate how available CTI sharing proposals address these challenges. Finally, we provide an inventory of unique future research directions to offer insightful guidelines for CTI sharing.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"83 ","pages":"Article 103786"},"PeriodicalIF":3.8000,"publicationDate":"2024-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2214212624000899/pdfft?md5=2ea406819c601d78af91b9fc6cd88be8&pid=1-s2.0-S2214212624000899-main.pdf","citationCount":"0","resultStr":"{\"title\":\"Current approaches and future directions for Cyber Threat Intelligence sharing: A survey\",\"authors\":\"Poopak Alaeifar ,&nbsp;Shantanu Pal ,&nbsp;Zahra Jadidi ,&nbsp;Mukhtar Hussain ,&nbsp;Ernest Foo\",\"doi\":\"10.1016/j.jisa.2024.103786\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>Cyber Threat Intelligence (CTI) is essential knowledge concerning cyber and physical threats aimed at mitigating potential cyber attacks. The rapid evolution of Information and Communications Technology (ICT), the Internet of Things (IoT), and Industry 5.0 has spawned a multitude of sources regarding current or potential cyber threats against organizations. Consequently, CTI sharing among organizations holds considerable promise for facilitating swift responses to attacks and enabling mutual benefits through active participation. However, exchanging CTI among different organizations poses significant challenges, including legal and regulatory obligations, interoperability standards, and data reliability. The current CTI sharing landscape remains inadequately explored, hindering a comprehensive examination of organizations’ critical needs and the challenges they encounter during CTI sharing. This paper presents a comprehensive survey on CTI sharing, beginning with an exploration of CTI fundamentals and its advancements in assessing cyber and physical threats and threat actors from various perspectives. For instance, we discuss the benefits of CTI, its applications, and diverse CTI sharing architectures. Additionally, we extensively discuss a list of CTI sharing challenges and evaluate how available CTI sharing proposals address these challenges. Finally, we provide an inventory of unique future research directions to offer insightful guidelines for CTI sharing.</p></div>\",\"PeriodicalId\":48638,\"journal\":{\"name\":\"Journal of Information Security and Applications\",\"volume\":\"83 \",\"pages\":\"Article 103786\"},\"PeriodicalIF\":3.8000,\"publicationDate\":\"2024-05-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://www.sciencedirect.com/science/article/pii/S2214212624000899/pdfft?md5=2ea406819c601d78af91b9fc6cd88be8&pid=1-s2.0-S2214212624000899-main.pdf\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Information Security and Applications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2214212624000899\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212624000899","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

网络威胁情报 (CTI) 是有关网络和物理威胁的基本知识,旨在减轻潜在的网络攻击。信息与通信技术 (ICT)、物联网 (IoT) 和工业 5.0 的快速发展催生了大量有关组织当前或潜在网络威胁的信息来源。因此,组织之间共享 CTI 有助于快速应对攻击,并通过积极参与实现互惠互利。然而,在不同组织之间交换 CTI 面临着巨大的挑战,包括法律和监管义务、互操作性标准和数据可靠性。目前对 CTI 共享情况的探索仍不充分,这阻碍了对组织的关键需求以及在 CTI 共享过程中遇到的挑战进行全面研究。本文对 CTI 共享进行了全面调查,首先探讨了 CTI 的基本原理及其在从不同角度评估网络和物理威胁以及威胁行为者方面的进展。例如,我们讨论了 CTI 的优势、应用和各种 CTI 共享架构。此外,我们还广泛讨论了 CTI 共享面临的一系列挑战,并评估了现有的 CTI 共享建议如何应对这些挑战。最后,我们列出了独特的未来研究方向,为 CTI 共享提供有见地的指导。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Current approaches and future directions for Cyber Threat Intelligence sharing: A survey

Cyber Threat Intelligence (CTI) is essential knowledge concerning cyber and physical threats aimed at mitigating potential cyber attacks. The rapid evolution of Information and Communications Technology (ICT), the Internet of Things (IoT), and Industry 5.0 has spawned a multitude of sources regarding current or potential cyber threats against organizations. Consequently, CTI sharing among organizations holds considerable promise for facilitating swift responses to attacks and enabling mutual benefits through active participation. However, exchanging CTI among different organizations poses significant challenges, including legal and regulatory obligations, interoperability standards, and data reliability. The current CTI sharing landscape remains inadequately explored, hindering a comprehensive examination of organizations’ critical needs and the challenges they encounter during CTI sharing. This paper presents a comprehensive survey on CTI sharing, beginning with an exploration of CTI fundamentals and its advancements in assessing cyber and physical threats and threat actors from various perspectives. For instance, we discuss the benefits of CTI, its applications, and diverse CTI sharing architectures. Additionally, we extensively discuss a list of CTI sharing challenges and evaluate how available CTI sharing proposals address these challenges. Finally, we provide an inventory of unique future research directions to offer insightful guidelines for CTI sharing.

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Journal of Information Security and Applications
Journal of Information Security and Applications Computer Science-Computer Networks and Communications
CiteScore
10.90
自引率
5.40%
发文量
206
审稿时长
56 days
期刊介绍: Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.
期刊最新文献
Towards an intelligent and automatic irrigation system based on internet of things with authentication feature in VANET A novel blockchain-based anonymous roaming authentication scheme for VANET IDPriU: A two-party ID-private data union protocol for privacy-preserving machine learning A step-by-step definition of a reference architecture for cyber ranges Fed-LSAE: Thwarting poisoning attacks against federated cyber threat detection system via Autoencoder-based latent space inspection
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1