'I know what you did before': General framework for correlation analysis of cyber threat incidents

Proceedings - IEEE Military Communications Conference MILCOM

Volumn , Issue , 2016, Pages 782-787

  Kim, Daegeon ^a   Woo, Jiyoung ^b   Kim, Huy Kang ^a  

^a Korea University   (South Korea)

^b Soonchunhyang University   (South Korea)

Author keywords

Correlation Analysis; Cyber Threat Intelligence (CTI); Event Relation Tree (ERT); Event Transition Graph (ETG)

Indexed keywords

CORRELATION METHODS; FORESTRY; INTERNATIONAL COOPERATION; TREES (MATHEMATICS);

CASE-STUDIES; CORRELATION ANALYSIS; CYBER THREATS; EVENT RELATION TREE (ERT); EVENT TRANSITIONS; INTERNATIONAL COLLABORATIONS; MULTIPLE SOURCE; TREE STRUCTURES;

MILITARY COMMUNICATIONS;

EID: 85011891525     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/MILCOM.2016.7795424     Document Type: Conference Paper

References (18)

1. R. McMillan, "Definition: Threat intelligence, " Gartner, 2013.
2. The White House, "FACT SHEET: President Xi Jinpings State Visit to the United States, " 2015.
3. Council on Foreign Relations, "Senate Resolution 754, Cybersecurity Information Sharing Act of 2015 (CISA), " 2015.
4. C. V. Zhou, C. Leckie, S. Karunasekera, "A survey of coordinated attacks, collaborative intrusion detection, " Computers, Security, vol. 29, no. 1, pp. 124-140, 2010.
5. E. Damiani, S. De Capitani Di Vimercati, S. Paraboschi, P. Samarati, "P2P-based collaborative spam detection, filtering, " 4th International Conference on Peer-to-Peer Computing, pp. 176-183, 2004.
6. A. Gray, M. Haahr, "Personalised , Collaborative Spam Filtering, " CEAS, pp. 1-8, 2004.
7. A. J. . ODonnell, V. V. Prakash, "No Applying collaborative antispam techniques to the anti-virus problem, " 2006.
8. C. Fung, "Collaborative intrusion detection networks, insider attacks, " Journal of Wireless Mobile Networks, Ubiquitous Computing, Dependable Applications, vol. 2, no. 1, pp. 63-74, 2011.
9. A. Houmansadr, N. Borisov, "BotMosaic: Collaborative network watermark for the detection of IRC-based botnets, " Journal of Systems, Software, vol. 86, no. 3, pp. 707-715, 2013.
10. The MITRE cybersecurity standards. [Online]. Available: https://www.mitre.org/capabilities/cybersecurity/overview/cybersecurityresources/standards
11. The OpenIOC Framework. [Online]. Available: http://http://www.openioc.org
12. The MISP project. [Online]. Available: http://www.misp-project.org/
13. The MANTIS Cyber-Intelligence Management Framework. [Online]. Available: https://github.com/siemens/django-mantis
14. Collective Intelligence Framework. [Online]. Available: http://csirtgadgets.org/collective-intelligence-framework
15. R. Chiesa, "To be , think, live as a hacker : the Hacker ' s Profiling Project of the United Nations (UNICRI), " Danish Crime Prevention Day, 2015.
16. VirusTotal. [Online]. Available: https://www.virustotal.com
17. YARA. [Online]. Available: https://plusvic.github.io/yara
18. Novetta, "Operation Blockbuster: Unraveling the Long Thread of the Sony Attack, " 2015.