Application of Artificial Intelligence and Machine Learning in Producing Actionable Cyber Threat Intelligence

Reza Montasari; Fiona Carroll; Stuart Macdonald; Hamid Jahankhani; Amin Hosseinian-Far; Alireza Daneshkhah

doi:10.1007/978-3-030-60425-7_3

Application of Artificial Intelligence and Machine Learning in Producing Actionable Cyber Threat Intelligence

Reza Montasari^*, Fiona Carroll, Stuart Macdonald, Hamid Jahankhani, Amin Hosseinian-Far, Alireza Daneshkhah

^*Awdur cyfatebol y gwaith hwn

Allbwn ymchwil: Pennod mewn Llyfr/Adroddiad/Trafodion Cynhadledd › Pennod › adolygiad gan gymheiriaid

29 Dyfyniadau (Scopus)

5 Wedi eu Llwytho i Lawr (Pure)

Crynodeb

Cyber Threat Intelligence (CTI) can be used by organisations to assist their security teams in safeguarding their networks against cyber-attacks. This can be achieved by including threat data feeds into their networks or systems. However, despite being an effective Cyber Security (CS) tool, many organisations do not sufficiently utilise CTI. This is due to a number of reasons such as not fully understanding how to manage a daily flood of data filled with extraneous information across their security systems. This adds an additional layer of complexity to the tasks performed by their security teams who might not have the appropriate tools or sufficient skills to determine what information to prioritise and what information to disregard. Therefore, to help address the stated issue, this paper aims firstly to provide an in-depth understanding of what CTI is and how it can benefit organisations, and secondly to deliver a brief analysis of the application of Artificial Intelligence and Machine Learning in generating actionable CTI. The key contribution of this paper is that it assists organisations in better understanding their approach to CTI, which in turn will enable them to make informed decisions in relation to CTI.

Iaith wreiddiol	Saesneg
Teitl	Advanced Sciences and Technologies for Security Applications
Cyhoeddwr	Springer
Tudalennau	47-64
Nifer y tudalennau	18
ISBN (Electronig)	978-3-030-60425-7
ISBN (Argraffiad)	978-3-030-60424-0
Dynodwyr Gwrthrych Digidol (DOIs)	https://doi.org/10.1007/978-3-030-60425-7_3
Statws	Cyhoeddwyd - 10 Rhag 2020

Cyfres gyhoeddiadau

Enw	Advanced Sciences and Technologies for Security Applications
ISSN (Argraffiad)	1613-5113
ISSN (Electronig)	2363-9466

Mynediad at Ddogfen

10.1007/978-3-030-60425-7_3

Montasari_etal_Springer_2020_Application_of_Artificial_Intelligence_and_Machine_Learning_in_Producing_Actionable_Cyber_Threat_IntelligenceLlawysgrif awdur wedi’i dderbyn, 649 KB

Ffeiliau eraill a chysylltiadau

Dolen i’r cyhoeddiad yn Scopus

Dyfynnu hyn

Montasari, R., Carroll, F., Macdonald, S., Jahankhani, H., Hosseinian-Far, A., & Daneshkhah, A. (2020). Application of Artificial Intelligence and Machine Learning in Producing Actionable Cyber Threat Intelligence. Yn Advanced Sciences and Technologies for Security Applications (tt. 47-64). (Advanced Sciences and Technologies for Security Applications). Springer. https://doi.org/10.1007/978-3-030-60425-7_3

@inbook{2faf3498c6154d81ba178909a9c44f7b,

title = "Application of Artificial Intelligence and Machine Learning in Producing Actionable Cyber Threat Intelligence",

abstract = "Cyber Threat Intelligence (CTI) can be used by organisations to assist their security teams in safeguarding their networks against cyber-attacks. This can be achieved by including threat data feeds into their networks or systems. However, despite being an effective Cyber Security (CS) tool, many organisations do not sufficiently utilise CTI. This is due to a number of reasons such as not fully understanding how to manage a daily flood of data filled with extraneous information across their security systems. This adds an additional layer of complexity to the tasks performed by their security teams who might not have the appropriate tools or sufficient skills to determine what information to prioritise and what information to disregard. Therefore, to help address the stated issue, this paper aims firstly to provide an in-depth understanding of what CTI is and how it can benefit organisations, and secondly to deliver a brief analysis of the application of Artificial Intelligence and Machine Learning in generating actionable CTI. The key contribution of this paper is that it assists organisations in better understanding their approach to CTI, which in turn will enable them to make informed decisions in relation to CTI.",

keywords = "Artificial intelligence, Big Data, Cyber physical systems, Cyber security, Digital forensics, Machine learning, Threat intelligence",

author = "Reza Montasari and Fiona Carroll and Stuart Macdonald and Hamid Jahankhani and Amin Hosseinian-Far and Alireza Daneshkhah",

note = "Publisher Copyright: {\textcopyright} 2021, Springer Nature Switzerland AG.",

year = "2020",

month = dec,

day = "10",

doi = "10.1007/978-3-030-60425-7_3",

language = "English",

isbn = "978-3-030-60424-0",

series = "Advanced Sciences and Technologies for Security Applications",

publisher = "Springer",

pages = "47--64",

booktitle = "Advanced Sciences and Technologies for Security Applications",

}

Montasari, R, Carroll, F, Macdonald, S, Jahankhani, H, Hosseinian-Far, A & Daneshkhah, A 2020, Application of Artificial Intelligence and Machine Learning in Producing Actionable Cyber Threat Intelligence. yn Advanced Sciences and Technologies for Security Applications. Advanced Sciences and Technologies for Security Applications, Springer, tt. 47-64. https://doi.org/10.1007/978-3-030-60425-7_3

Application of Artificial Intelligence and Machine Learning in Producing Actionable Cyber Threat Intelligence. / Montasari, Reza; Carroll, Fiona; Macdonald, Stuart et al.
Advanced Sciences and Technologies for Security Applications. Springer, 2020. t. 47-64 (Advanced Sciences and Technologies for Security Applications).

Allbwn ymchwil: Pennod mewn Llyfr/Adroddiad/Trafodion Cynhadledd › Pennod › adolygiad gan gymheiriaid

TY - CHAP

T1 - Application of Artificial Intelligence and Machine Learning in Producing Actionable Cyber Threat Intelligence

AU - Montasari, Reza

AU - Carroll, Fiona

AU - Macdonald, Stuart

AU - Jahankhani, Hamid

AU - Hosseinian-Far, Amin

AU - Daneshkhah, Alireza

PY - 2020/12/10

Y1 - 2020/12/10

N2 - Cyber Threat Intelligence (CTI) can be used by organisations to assist their security teams in safeguarding their networks against cyber-attacks. This can be achieved by including threat data feeds into their networks or systems. However, despite being an effective Cyber Security (CS) tool, many organisations do not sufficiently utilise CTI. This is due to a number of reasons such as not fully understanding how to manage a daily flood of data filled with extraneous information across their security systems. This adds an additional layer of complexity to the tasks performed by their security teams who might not have the appropriate tools or sufficient skills to determine what information to prioritise and what information to disregard. Therefore, to help address the stated issue, this paper aims firstly to provide an in-depth understanding of what CTI is and how it can benefit organisations, and secondly to deliver a brief analysis of the application of Artificial Intelligence and Machine Learning in generating actionable CTI. The key contribution of this paper is that it assists organisations in better understanding their approach to CTI, which in turn will enable them to make informed decisions in relation to CTI.

AB - Cyber Threat Intelligence (CTI) can be used by organisations to assist their security teams in safeguarding their networks against cyber-attacks. This can be achieved by including threat data feeds into their networks or systems. However, despite being an effective Cyber Security (CS) tool, many organisations do not sufficiently utilise CTI. This is due to a number of reasons such as not fully understanding how to manage a daily flood of data filled with extraneous information across their security systems. This adds an additional layer of complexity to the tasks performed by their security teams who might not have the appropriate tools or sufficient skills to determine what information to prioritise and what information to disregard. Therefore, to help address the stated issue, this paper aims firstly to provide an in-depth understanding of what CTI is and how it can benefit organisations, and secondly to deliver a brief analysis of the application of Artificial Intelligence and Machine Learning in generating actionable CTI. The key contribution of this paper is that it assists organisations in better understanding their approach to CTI, which in turn will enable them to make informed decisions in relation to CTI.

KW - Artificial intelligence

KW - Big Data

KW - Cyber physical systems

KW - Cyber security

KW - Digital forensics

KW - Machine learning

KW - Threat intelligence

UR - http://www.scopus.com/inward/record.url?scp=85097529786&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-60425-7_3

DO - 10.1007/978-3-030-60425-7_3

M3 - Chapter

AN - SCOPUS:85097529786

SN - 978-3-030-60424-0

T3 - Advanced Sciences and Technologies for Security Applications

SP - 47

EP - 64

BT - Advanced Sciences and Technologies for Security Applications

PB - Springer

ER -

Montasari R, Carroll F, Macdonald S, Jahankhani H, Hosseinian-Far A, Daneshkhah A. Application of Artificial Intelligence and Machine Learning in Producing Actionable Cyber Threat Intelligence. Yn Advanced Sciences and Technologies for Security Applications. Springer. 2020. t. 47-64. (Advanced Sciences and Technologies for Security Applications). doi: 10.1007/978-3-030-60425-7_3