Threat Information Analysis System Based on Diamond Model for Threat Intelligence
-
- ITO Daiki
- PwC Cyber Services LLC
-
- NAGAI Tatsuya
- Kobe University
-
- NOMURA Kenta
- PwC Cyber Services LLC
-
- KONDO Hidenori
- Kobe University
-
- KAMIZONO Masaki
- PwC Cyber Services LLC
-
- SHIRAISHI Yoshiaki
- Kobe University
-
- FURUMOTO Keisuke
- Kobe University
-
- TAKITA Makoto
- Kobe University
-
- MOHRI Masami
- Gifu University
-
- TAKANO Yasuhiro
- Kobe University
-
- MORII Masakatu
- Kobe University
Bibliographic Information
- Other Title
-
- スレットインテリジェンスのためのダイアモンドモデルに基づく脅威情報分析システム
Description
Cyber attacks aiming specific targets implement various attack strategies from multiple intrusion routes. Threat Intelligence (TI) is useful to combat such diversified cyber attacks. Recently, the TI attracts much attention since it helps to capture attack activity models from vulnerability information reported in the past, so that we can efficiently analyze and cope with attacks being suffered at present. We have previously proposed an integrated analysis method to infer similarity between the attackers and/or correlation among their strategy from the modeled threat information. Note that the analyzed attack models have to be determined uniquely being independent of analysts' skill. Hence, this paper studies a new database creation method to uniquely format the threat information models. We investigate, moreover, a new analysis system to search threat information that matches given queries. The verification shown in this paper confirms that the new system can register actual incident reports into the database correctly and can provide useful analysis results obtained by the search function.
Journal
-
- 電子情報通信学会論文誌D 情報・システム
-
電子情報通信学会論文誌D 情報・システム J101-D (10), 1427-1437, 2018-10-01
The Institute of Electronics, Information and Communication Engineers
- Tweet
Details 詳細情報について
-
- CRID
- 1390845713001699328
-
- ISSN
- 18810225
- 18804535
-
- Text Lang
- ja
-
- Data Source
-
- JaLC
-
- Abstract License Flag
- Disallowed