Indicators of compromise (IOCs) data fatigue and prioritization
Over the past few years, Cyber Threat Intelligence (CTI) has rapidly evolved, thanks to various threat intelligence platforms and organizations around the world. Through automated analysis and the real-time sharing of threat intelligence information, orga- nizations are better equipped to mitigate t...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
Nanyang Technological University
2023
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/165879 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-165879 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-1658792023-04-14T15:37:36Z Indicators of compromise (IOCs) data fatigue and prioritization Teo, Bryson Yuan Harn Liu Yang School of Computer Science and Engineering yangliu@ntu.edu.sg Engineering::Computer science and engineering Over the past few years, Cyber Threat Intelligence (CTI) has rapidly evolved, thanks to various threat intelligence platforms and organizations around the world. Through automated analysis and the real-time sharing of threat intelligence information, orga- nizations are better equipped to mitigate the risks posed by cyber threats and attacks. Indicators of Compromise (IOCs) are one of the most widely analyzed and shared threat data used to generate actionable threat intelligence. They are considered one of the most fundamental threat data that are utilized to detect and prevent cyber intrusions at an early stage. However, much of the collected IOC data is limited in quality, and the amount and type of real-time threat data collected can be overwhelming for security analysts, leading to IOC data fatigue. To address this issue, a new scoring mechanism has been proposed to prioritize a set of IOCs. The mechanism utilizes various IOC attributes and relationships provided by the VirusTotal online scanning engine analysis results. By prioritizing the IOCs that are properly analyzed and ranked from a large dataset, the scoring mechanism can help allocate resources and efforts more effectively. Overall, this approach can enhance the accuracy and efficiency of IOC analysis and improve the ability of organizations to respond to cybersecurity threats. Bachelor of Engineering (Computer Science) 2023-04-14T03:21:52Z 2023-04-14T03:21:52Z 2023 Final Year Project (FYP) Teo, B. Y. H. (2023). Indicators of compromise (IOCs) data fatigue and prioritization. Final Year Project (FYP), Nanyang Technological University, Singapore. https://hdl.handle.net/10356/165879 https://hdl.handle.net/10356/165879 en SCSE22-0583 application/pdf Nanyang Technological University |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
NTU Library |
| collection |
DR-NTU |
| language |
English |
| topic |
Engineering::Computer science and engineering |
| spellingShingle |
Engineering::Computer science and engineering Teo, Bryson Yuan Harn Indicators of compromise (IOCs) data fatigue and prioritization |
| description |
Over the past few years, Cyber Threat Intelligence (CTI) has rapidly evolved, thanks to various threat intelligence platforms and organizations around the world. Through automated analysis and the real-time sharing of threat intelligence information, orga- nizations are better equipped to mitigate the risks posed by cyber threats and attacks. Indicators of Compromise (IOCs) are one of the most widely analyzed and shared threat data used to generate actionable threat intelligence. They are considered one of the most fundamental threat data that are utilized to detect and prevent cyber intrusions at an early stage. However, much of the collected IOC data is limited in quality, and the amount and type of real-time threat data collected can be overwhelming for security analysts, leading to IOC data fatigue.
To address this issue, a new scoring mechanism has been proposed to prioritize a set of IOCs. The mechanism utilizes various IOC attributes and relationships provided by the VirusTotal online scanning engine analysis results. By prioritizing the IOCs that are properly analyzed and ranked from a large dataset, the scoring mechanism can help allocate resources and efforts more effectively. Overall, this approach can enhance the accuracy and efficiency of IOC analysis and improve the ability of organizations to respond to cybersecurity threats. |
| author2 |
Liu Yang |
| author_facet |
Liu Yang Teo, Bryson Yuan Harn |
| format |
Final Year Project |
| author |
Teo, Bryson Yuan Harn |
| author_sort |
Teo, Bryson Yuan Harn |
| title |
Indicators of compromise (IOCs) data fatigue and prioritization |
| title_short |
Indicators of compromise (IOCs) data fatigue and prioritization |
| title_full |
Indicators of compromise (IOCs) data fatigue and prioritization |
| title_fullStr |
Indicators of compromise (IOCs) data fatigue and prioritization |
| title_full_unstemmed |
Indicators of compromise (IOCs) data fatigue and prioritization |
| title_sort |
indicators of compromise (iocs) data fatigue and prioritization |
| publisher |
Nanyang Technological University |
| publishDate |
2023 |
| url |
https://hdl.handle.net/10356/165879 |
| _version_ |
1764208133576589312 |