Graph-based visual analytics for cyber threat intelligence
Abstract The ever-increasing amount of major security incidents has led to an emerging interest in cooperative approaches to encounter cyber threats. To enable cooperation in detecting and preventing attacks it is an inevitable necessity to have structured and standardized formats to describe an inc...
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
SpringerOpen
2018-12-01
|
Series: | Cybersecurity |
Subjects: | |
Online Access: | http://link.springer.com/article/10.1186/s42400-018-0017-4 |
id |
doaj-cd1a5510aeb649b2b3cbef687fd74246 |
---|---|
record_format |
Article |
spelling |
doaj-cd1a5510aeb649b2b3cbef687fd742462020-11-24T21:22:38ZengSpringerOpenCybersecurity2523-32462018-12-011111910.1186/s42400-018-0017-4Graph-based visual analytics for cyber threat intelligenceFabian Böhm0Florian Menges1Günther Pernul2Department of Information Systems, University of RegensburgDepartment of Information Systems, University of RegensburgDepartment of Information Systems, University of RegensburgAbstract The ever-increasing amount of major security incidents has led to an emerging interest in cooperative approaches to encounter cyber threats. To enable cooperation in detecting and preventing attacks it is an inevitable necessity to have structured and standardized formats to describe an incident. Corresponding formats are complex and of an extensive nature as they are often designed for automated processing and exchange. These characteristics hamper the readability and, therefore, prevent humans from understanding the documented incident. This is a major problem since the success and effectiveness of any security measure rely heavily on the contribution of security experts. To meet these shortcomings we propose a visual analytics concept enabling security experts to analyze and enrich semi-structured cyber threat intelligence information. Our approach combines an innovative way of persisting this data with an interactive visualization component to analyze and edit the threat information. We demonstrate the feasibility of our concept using the Structured Threat Information eXpression, the state-of-the-art format for reporting cyber security issues.http://link.springer.com/article/10.1186/s42400-018-0017-4Cyber threat intelligenceVisual analyticsUsable cybersecuritySTIX |
collection |
DOAJ |
language |
English |
format |
Article |
sources |
DOAJ |
author |
Fabian Böhm Florian Menges Günther Pernul |
spellingShingle |
Fabian Böhm Florian Menges Günther Pernul Graph-based visual analytics for cyber threat intelligence Cybersecurity Cyber threat intelligence Visual analytics Usable cybersecurity STIX |
author_facet |
Fabian Böhm Florian Menges Günther Pernul |
author_sort |
Fabian Böhm |
title |
Graph-based visual analytics for cyber threat intelligence |
title_short |
Graph-based visual analytics for cyber threat intelligence |
title_full |
Graph-based visual analytics for cyber threat intelligence |
title_fullStr |
Graph-based visual analytics for cyber threat intelligence |
title_full_unstemmed |
Graph-based visual analytics for cyber threat intelligence |
title_sort |
graph-based visual analytics for cyber threat intelligence |
publisher |
SpringerOpen |
series |
Cybersecurity |
issn |
2523-3246 |
publishDate |
2018-12-01 |
description |
Abstract The ever-increasing amount of major security incidents has led to an emerging interest in cooperative approaches to encounter cyber threats. To enable cooperation in detecting and preventing attacks it is an inevitable necessity to have structured and standardized formats to describe an incident. Corresponding formats are complex and of an extensive nature as they are often designed for automated processing and exchange. These characteristics hamper the readability and, therefore, prevent humans from understanding the documented incident. This is a major problem since the success and effectiveness of any security measure rely heavily on the contribution of security experts. To meet these shortcomings we propose a visual analytics concept enabling security experts to analyze and enrich semi-structured cyber threat intelligence information. Our approach combines an innovative way of persisting this data with an interactive visualization component to analyze and edit the threat information. We demonstrate the feasibility of our concept using the Structured Threat Information eXpression, the state-of-the-art format for reporting cyber security issues. |
topic |
Cyber threat intelligence Visual analytics Usable cybersecurity STIX |
url |
http://link.springer.com/article/10.1186/s42400-018-0017-4 |
work_keys_str_mv |
AT fabianbohm graphbasedvisualanalyticsforcyberthreatintelligence AT florianmenges graphbasedvisualanalyticsforcyberthreatintelligence AT guntherpernul graphbasedvisualanalyticsforcyberthreatintelligence |
_version_ |
1725994868031881216 |