Strategic cyber threat intelligence : Building the situational picture with emerging technologies
Voutilainen, J., & Kari, M. (2020). Strategic cyber threat intelligence : Building the situational picture with emerging technologies. In T. Eze, L. Speakman, & C. Onwubiko (Eds.), ECCWS 2020 : Proceedings of the 19th European Conference on Cyber Warfare and Security (pp. 545-553). Academic Conferences International. Proceedings of the European conference on information warfare and security. https://doi.org/10.34190/EWS.20.030
© Authors, 2020
In 2019, e-criminals adopted new tactics to demand enormous ransoms from large organizations by using ransomware, a phenomenon known as “big game hunting.” Big game hunting is an excellent example of a sophisticated and coordinated modern cyber-attack that has a significant impact on the target. Cyber threat intelligence (CTI) increases the possibilities to detect and prevent cyber-attacks and gives defenders more time to act. CTI is a combination of incident response and traditional intelligence. Intelligence modifies raw data into information for decision-making and action. CTI consists of strategic, operational, or tactical intelligence on cyber threats. Security event monitoring, event-based response, and anomaly and signature-based detection can create the basis of the situation in cyberspace. To achieve a uniform situational picture, long-term assessment is required. Strategic CTI informs broad or long-term issues and provides situation awareness as well as an analyzed overview of the threat landscape and early warning of cyber threats. This paper describes how the implementation of artificial intelligence (AI) and machine learning (ML) can be utilized in strategic CTI. The results were arrived at using the design science research methodology. We propose a solution that uses AI as a component of strategic CTI. Furthermore, the paper is a literature survey, integrating research literature on intelligence, cybersecurity, and AI. The paper presents the concept of CTI and its relation to the situational picture of cyberspace. It also addresses the possibilities of natural language understanding for large-scale content analysis and introduces a solution in which an existing enriched dataset provided valuable strategic-level information about an ongoing malicious cyber event. The paper is part of Ph.D. research concerning comprehensive CTI. Other articles in the dissertation discuss emerging technologies in operational and tactical CTI. ...
PublisherAcademic Conferences International
Parent publication ISBN978-1-912764-61-7
ConferenceEuropean Conference on Cyber Warfare and Security
Is part of publicationECCWS 2020 : Proceedings of the 19th European Conference on Cyber Warfare and Security
Publication in research information system
MetadataShow full item record
Showing items with similar title or keywords.
Vähäkainu, Petri; Lehto, Martti; Kariluoto, Antti (Peregrine Technical Solutions, 2020)Deficiency of correctly implemented and robust defence leaves Internet of Things devices vulnerable to cyber threats, such as adversarial attacks. A perpetrator can utilize adversarial examples when attacking Machine ...
Wiafe, Isaac; Koranteng, Felix N.; Obeng, Emmanuel N.; Assyne, Nana; Wiafe, Abigail; Gulliver, Stephen R. (IEEE, 2020)Due to the ever-increasing complexities in cybercrimes, there is the need for cybersecurity methods to be more robust and intelligent. This will make defense mechanisms to be capable of making real-time decisions that can ...
Artificial Intelligence in Protecting Smart Building’s Cloud Service Infrastructure from Cyberattacks Vähäkainu, Petri; Lehto, Martti; Kariluoto, Antti; Ojalainen, Anniina (Springer, 2020)Gathering and utilizing stored data is gaining popularity and has become a crucial component of smart building infrastructure. The data collected can be stored, for example, into private, public, or hybrid cloud service ...
Vähäkainu, Petri; Lehto, Martti (Academic Conferences International, 2019)Artificial Intelligence (AI) is intelligence exhibited by machines. Any system that perceives its environment and takes actions that maximize its chance of success at some goal may be defined as AI. The family of AI ...
Voutilainen, Janne (2019)Vihamieliseen kyberilmiöön viittavan indikaation löytäminen avoimista lähteistä on vaativa tehtävä. Tieto, jota strateginen kybertiedustelu tuottaa, mahdollistaa suurten yritysten varautumisen kyberhyökkayksiin. Tutkimuksessa ...