A Comprehensive Study on Threat Intelligence Platform

A Comprehensive Study on Threat Intelligence Platform

연구 분야: Safety

학회: 2022 International Conference on Communication, Computing and Internet of Things (IC3IoT)

Cyber security has become one of the most significant industries in the digital world as securing information has become one of the most difficult tasks in today's world. Because numerous types of cyberattacks are posing a threat to global enterprises, it is critical to safeguard all types of data against theft. Cyberthreat intelligence data can be used as an assistant tool for companies in focusing and prioritizing the huge amount of complex databases they encounter today. Although there is still an organized and standardized representation of this data to make it computable. The concept of Threat Intelligence Platforms (TIPs) was created to combat cybercrime. TIPs examine historical data and correlate it with real-time data, allowing for better prioritization and faster event identification. TIPs collect indications of compromise (IoCs) from a variety of open-source feeds, like AlienVault OTX and others, to make up the majority of threat intelligence. TIPs then use complicated processes and data gathered from other sources to collect the threat score. Security analysts and incident responders can benefit from this processed information. TIPs generate graphs and visualizations based on the threat data which is used by an organization to analyze them and prevent the incident. This paper deals with the numerous aspects of cybersecurity, from the basics of collection of threat intelligence data to the information produced by Threat Intelligence Platforms (TIPs). This paper also sheds light on the current approaches and the evaluation criteria used by current Threat Intelligence Platforms (TIPs).