Abstract
Cyber Threat Intelligence (CTI) is the emerging strategy of cyber defense which helps organizations to combat the latest and more sophisticated cyber threats. Gathering this threat information, analyzing and communicating it between the security teams is very difficult and challenging because of the heterogeneous aspects involved. The necessity of sharing the intelligence related data collected by organizations is increasing day by day to counter the ever changing and highly dynamic threat landscape. In this paper an attempt is made to understand CTI concept and how it is collected and analyzed to form useful actionable intelligence are observed. The importance of Threat intelligence sharing, and various standards working in the area of TIS are also mentioned. Finally the primary challenges in TIS are given a light in a broad view
Highlights
The defense systems which are used by most organizations are built for previous generation attacks and works mostly on signature based pattern matching techniques for detection and prevention
There are many vendors and platforms already existing in the market which provides threat intelligence but majority of them are focusing on only collecting the data rather than analyzing the collected data
Analyzing the threat data and sharing threat information in an effective way requires common representation, standard formats and protocols required for sharing
Summary
The defense systems which are used by most organizations are built for previous generation attacks and works mostly on signature based pattern matching techniques for detection and prevention. With the growing complexity of networks, zero-day exploit markets, vulnerabilities in the systems, outdated security policies many organizations are becoming the targets for the novel attacks. There is a need for a system which works in collecting the almost real-time information about latest threats and attacks, generates intelligence from the Information collected, and which can be used by the organizations for making decisions. The primary objective of threat intelligence would be to shorten the time gap between a compromise and its detection
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: Turkish Journal of Computer and Mathematics Education (TURCOMAT)
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
