Abstract
As the form of cyber threats becomes more complex, which leads to a widespread concern about how to promote network security active defense system by using the exploding cyber threat intelligence. Basing on the content analysis method, introduces the precision, recall rate and timely rate on the basis of the change of time dimension, and analyzes the threat intelligence provider from three aspects. The validity of this method is verified by the test of massive source of threat data, which improves the efficiency of CIF analysis and makes it easy to analyze and extract the threat intelligence information quickly.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Fan, J.: The threat intelligence in the big data age. J. Libr. Inf. Serv. 6, 15–20 (2016)
Farnham, G., Leune, K.: Tools and Standards for Cyber Threat Intelligence Projects. SANS Institute InfoSec Reading Room (2013)
Paul Poputa-Clean.: Automated Defense – Using Threat Intelligence to Augment. https://www.sans.org/reading-room/whitepapers/threats/automated-defense-threat-intelligence-augment-35692
Li, J.: Overview of the technologies of threat intelligence sensing, sharing and analysis in cyber space. J. Chin. J. Netw. Inf. Secur. 2(2), 17–29 (2016)
Mi, Y., Mi, C., Liu, W.: Research advance on related technology of massive data mining process. J. Front. Comput. Sci. Technol. 9(6), 641–659 (2015)
Paul Poputa-Clean.: Automated Defense-Using Threat Intelligence to Augment Security. SANS Institute InfoSec Reading Room (2015)
CSIRT Gadgets Foundation. Collective Intelligence Framework. http://csirtgadgets.org/collective-intelligence-framework
RSA-sponsored SBIC.: When Advanced Persistent Threats Go Mainstream. http://www.emc.com/collateral/industry-overview/sbic-rpt.pdf.2011.08.02
Shackleford, D.: Who’s Using Cyberthreat Intelligence and How?. SANS Institute InfoSec Reading Room (2015)
Elasticsearch.elasticsearch-definitive-guide. https://github.com/elastic/elasticsearch-definitive guide/blob/master/010_Intro/05_What_is_it.asciidoc
Li, T., Liu, Z., Zhou, Y.: Application-driven big data mining. J. ZTE Technol. J. 22(02), 49–52 (2016)
Li, G., Hua, B.: Relationship between big data analysis and intelligence analysis. J. Libr. Sci. China 40(213), 14–22 (2014)
Mishra, B.K., Jha, N.: SEIQRS model for the transmission of malicious objects in computer network. J. Appl. Math. Model. 34(3), 710–715 (2010)
Zhao, X., Zhou, A.: Research on the fundamental value and reliability assessment of open source intelligence. J. Intell. 30(10), 16–20 (2011)
Chen, M., Mao, S., Liu, Y.: Big data: a survey. J. Mob. Netw. Appl. 19(2), 171–209 (2014)
Wu, X., Kumar, V., Quinlan, J.R., et al.: Top 10 algorithms in data mining. J. Knowl. Inf. Syst. 14(1), 1–37 (2008)
Dong, C., Chen, L., Wen, Z.: When private set intersection meets big data: an efficient and scalable protocol. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & communications security, pp. 789–800. ACM (2013)
Chaiken, R., Jenkins, B., Larson, P.Å., et al.: SCOPE: easy and efficient parallel processing of massive data sets. J. Proc. VLDB Endow. 1(2), 1265–1276 (2008)
Agrawal, R., Kadadi, A., Dai, X., et al.: Challenges and opportunities with big data visualization. In: Proceedings of the 7th International Conference on Management of computational and collective intElligence in Digital EcoSystems, pp. 169–173. ACM (2015)
Pan, A.: Research on A Rule-Based Approach to Network Security Event Correlation. Huazhong University of Science and Technology, Wuhan (2007)
Haass, J.C., Ahn, G.J., Grimmelmann, F.: Actra: a case study for threat intelligence sharing. In: Proceedings of the 2nd ACM Workshop on Information Sharing and Collaborative Security, pp. 23–26. ACM (2015)
Burger, E.W., Goodman, M.D., Kampanakis, P., et al.: Taxonomy model for cyber threat intelligence information exchange technologies. In: Proceedings of the 2014 ACM Workshop on Information Sharing & Collaborative Security, pp. 51–60. ACM (2014)
Acknowledgment
This paper is supported by two projects:
1. The National Science Foundation of China (Grant No: 61103074), the International Scientific Cooperation Foundation of Tianjin(Grant No: 14RcGFGX000847).
2. The Research Plan in Application Foundation and Advanced Technologies in Tianjin (14JCQNJC00700), the Open Project of the State Key Laboratory of Computer Architecture, Institute of Computing Technology, Chinese Academy of Sciences (CARCH201604).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Liu, R., Zhao, Z., Sun, C., Yang, X., Gong, X., Zhang, J. (2017). A Research and Analysis Method of Open Source Threat Intelligence Data. In: Zou, B., Li, M., Wang, H., Song, X., Xie, W., Lu, Z. (eds) Data Science. ICPCSEE 2017. Communications in Computer and Information Science, vol 727. Springer, Singapore. https://doi.org/10.1007/978-981-10-6385-5_30
Download citation
DOI: https://doi.org/10.1007/978-981-10-6385-5_30
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-6384-8
Online ISBN: 978-981-10-6385-5
eBook Packages: Computer ScienceComputer Science (R0)