Cyber-Threat Information-Sharing Standards: A Review of Evaluation Literature
DOI:
https://doi.org/10.23962/10539/29191Keywords:
cybersecurity, cyber-threats, information-sharing, standards, protocols, harmonisation, computer security incident response teams (CSIRTs), ontologies, use cases, semantic elements, syntactic elements, privacy, information securityAbstract
Cyber-threat information-sharing tools, through which cybersecurity teams share threat information, are essential to combatting today's increasingly frequent and sophisticated cyber-attacks. Several cyber-threat information-sharing standards exist, but there is at present no single standard or set of standards widely adopted by organisations and by computer security incident response teams (CSIRTs) operating at organisational, sectoral, national, and international levels. This introduces an interoperability problem in respect of communication across the various organisations and CSIRTs. Harmonised adoption of threat information-sharing standards would be of great benefit to cybersecurity efforts. In an effort to support harmonised use of cyber-threat information-sharing standards, this article provides findings from a review of the extant literature on such standards.
References
Albakri, A., Boiten, E., & De Lemos, R. (2018). Risks of sharing cyber incident information. In Proceedings of the 13th International Conference on Availability, Reliability and Security (pp. 1–10). Association for Computing Machinery (ACM). https://doi.org/10.1145/3230833.3233284 DOI: https://doi.org/10.1145/3230833.3233284
Asgarli, E., & Burger, E. (2016). Semantic ontologies for cyber threat sharing standards. In 2016 IEEE Symposium on Technologies for Homeland Security (HST) (pp. 1–6). Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/ths.2016.7568896 DOI: https://doi.org/10.1109/THS.2016.7568896
Burger, E. W., Goodman, M. D., Kampanakis, P., & Zhu, K. A. (2014). Taxonomy model for cyber threat intelligence information exchange technologies. In Proceedings of the 2014 ACM Workshop on Information Sharing C Collaborative Security (pp. 51–60). Association for Computing Machinery (ACM). https://doi.org/10.1145/2663876.2663883 DOI: https://doi.org/10.1145/2663876.2663883
Fenz, S., Ekelhart, A., & Weippl, E. (2008). Semantic potential of existing security advisory standards. In Proceedings of the FIRST 2008 Conference-Forum of Incident Response and Security Teams. https://doi.org/10.1109/aina.2008.69 DOI: https://doi.org/10.1109/AINA.2008.69
Johnson, C., Badger, L., Waltermire, D., Snyder, J., & Skorupka, C. (2016). Guide to cyber threat information sharing. NIST Special Publication 800-150. https://doi.org/10.6028/nist.sp.800-150 DOI: https://doi.org/10.6028/NIST.SP.800-150
Kampanakis, P. (2014). Security automation and threat information-sharing options. IEEE Security C Privacy, 12(5), 42–51. https://doi.org/10.1109/msp.2014.99 DOI: https://doi.org/10.1109/MSP.2014.99
Mavroeidis, V., & Bromander, S. (2017). Cyber threat intelligence model: An evaluation of taxonomies, sharing standards, and ontologies within cyber threat intelligence. In Intelligence and Security Informatics Conference (EISIC), 2017 European (pp. 91–98). Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/eisic.2017.20 DOI: https://doi.org/10.1109/EISIC.2017.20
Menges,F.,& Pernul,G.(2018).A comparative analysis of incident reporting formats.Computers C Security, 73(March), 87–101. https://doi.org/10.1016/j.cose.2017.10.009 Mohaisen,A.,Al-Ibrahim, O., Kamhoua, C., Kwiat, K., & Njilla, L. (2017, October). Rethinking information sharing for threat intelligence. In Proceedings of the Fifth ACM/IEEE Workshop on Hot Topics in Web Systems and Technologies (pp. 1–7). Association for Computing Machinery (ACM). https://doi.org/10.1145/3132465.3132468 DOI: https://doi.org/10.1145/3132465.3132468
NIST. (2013). Improving Critical Infrastructure Cybersecurity Executive Order 13636: Preliminary Cybersecurity Framework. https://doi.org/10.1002/9781119369141.app3 DOI: https://doi.org/10.1002/9781119369141.app3
Rantos, K., Spyros, A., Papanikolaou, A., Kritsas, A., Ilioudis, C., & Katos, V. (2020). Interoperability challenges in the cybersecurity information sharing ecosystem. Computers, 9(1), 18. https://doi.org/10.3390/computers9010018 DOI: https://doi.org/10.3390/computers9010018
Steinberger, J., Sperotto, A., Golling, M., & Baier, H. (2015). How to exchange security events? Overview and evaluation of formats and protocols. In Integrated Network Management (IM), 2015 IFIP/IEEE International Symposium on Integrated Network Management (pp. 261–269). Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/inm.2015.7140300 DOI: https://doi.org/10.1109/INM.2015.7140300
Downloads
Published
Issue
Section
License
Copyright (c) 2020 https://creativecommons.org/licenses/by/4.0
This work is licensed under a Creative Commons Attribution 4.0 International License.
How to Cite
- Abstract 489
- pdf 262
.png){kind=spacer}