Cyber Threat Information Classification and Life Cycle Management using Smart Contracts

Roman Graf, Ross King

Abstract

Nowadays, cyber critical infrastructures (CIs) are increasingly targeted by highly sophisticated cyber attacks and should be protected. Advances in cyber situational awareness technology lead to the creation of increasingly complex tools. Human analysts face challenges finding relevant information in large, complex data sets, when exploring data to discover patterns and insights. To be effective in identifying and defeating future cyber-attacks, cyber analysts require novel tools for incident report classification and life cycle management that can automatically analyse and share result in secure way between CI stakeholders to achieve better situation comprehension. Our goal is to provide solutions in realtime that could replace human input for cyber incident classification and management tasks to eliminate irrelevant information and to focus on important information to promptly adopt suitable countermeasures in case of an attack. Another contribution relates to the provided support for document life cycle management that should reduce the number of manual operations and save storage space. In this paper we evaluate the application of so-called “smart contracts” to an incident classification system and assess its accuracy and performance. We demonstrate how the presented techniques can be applied to support incident handling tasks performed by security operation centers (SOCs).

Download


Paper Citation


in Harvard Style

Graf R. and King R. (2018). Cyber Threat Information Classification and Life Cycle Management using Smart Contracts.In Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-282-0, pages 304-311. DOI: 10.5220/0006605203040311


in Bibtex Style

@conference{icissp18,
author={Roman Graf and Ross King},
title={Cyber Threat Information Classification and Life Cycle Management using Smart Contracts},
booktitle={Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2018},
pages={304-311},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006605203040311},
isbn={978-989-758-282-0},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Cyber Threat Information Classification and Life Cycle Management using Smart Contracts
SN - 978-989-758-282-0
AU - Graf R.
AU - King R.
PY - 2018
SP - 304
EP - 311
DO - 10.5220/0006605203040311