A scheme for the sticky policy representation supporting secure cyber-threat intelligence analysis and sharing. (25th September 2019)
- Record Type:
- Journal Article
- Title:
- A scheme for the sticky policy representation supporting secure cyber-threat intelligence analysis and sharing. (25th September 2019)
- Main Title:
- A scheme for the sticky policy representation supporting secure cyber-threat intelligence analysis and sharing
- Authors:
- Osliak, Oleksii
Saracino, Andrea
Martinelli, Fabio - Abstract:
- Abstract : Purpose: This paper aims to propose a structured threat information expression (STIX)-based data representation for privacy-preserving data analysis to report format and semantics of specific data types and to represent sticky policies in the format of embedded human-readable data sharing agreements (DSAs). More specifically, the authors exploit and extend the STIX standard to represent in a structured way analysis-ready pieces of data and the attached privacy policies. Design/methodology/approach: The whole scheme is designed to be completely compatible with the STIX 2.0 standard for cyber-threat intelligence (CTI) representation. The proposed scheme will be implemented in this work by defining the complete scheme for representing an email, which is more expressive than the standard one defined for STIX, designed specifically for spam email analysis. Findings: Moreover, the paper provides a new scheme for general DSA representation that has been practically applied for the process of encoding specific attributes in different CTI reports. Research limitations/implications: Because of the chosen approach, the research results may have limitations. Specifically, current practice for entity recognition has the limitation that was discovered during the research. However, its effect on process time was minimized and the way for improvement was proposed. Originality/value: This paper has covered the existing gap including the lack of generality in DSA representation forAbstract : Purpose: This paper aims to propose a structured threat information expression (STIX)-based data representation for privacy-preserving data analysis to report format and semantics of specific data types and to represent sticky policies in the format of embedded human-readable data sharing agreements (DSAs). More specifically, the authors exploit and extend the STIX standard to represent in a structured way analysis-ready pieces of data and the attached privacy policies. Design/methodology/approach: The whole scheme is designed to be completely compatible with the STIX 2.0 standard for cyber-threat intelligence (CTI) representation. The proposed scheme will be implemented in this work by defining the complete scheme for representing an email, which is more expressive than the standard one defined for STIX, designed specifically for spam email analysis. Findings: Moreover, the paper provides a new scheme for general DSA representation that has been practically applied for the process of encoding specific attributes in different CTI reports. Research limitations/implications: Because of the chosen approach, the research results may have limitations. Specifically, current practice for entity recognition has the limitation that was discovered during the research. However, its effect on process time was minimized and the way for improvement was proposed. Originality/value: This paper has covered the existing gap including the lack of generality in DSA representation for privacy-preserving analysis of structured CTI. Therefore, the new model for DSA representation was introduced, as well as its practical implementation. … (more)
- Is Part Of:
- Information and computer security. Volume 27:Number 5(2019)
- Journal:
- Information and computer security
- Issue:
- Volume 27:Number 5(2019)
- Issue Display:
- Volume 27, Issue 5 (2019)
- Year:
- 2019
- Volume:
- 27
- Issue:
- 5
- Issue Sort Value:
- 2019-0027-0005-0000
- Page Start:
- 687
- Page End:
- 710
- Publication Date:
- 2019-09-25
- Subjects:
- Cyber-threat intelligence -- Data sharing agreement -- Privacy-preserving -- Threat information sharing
Computer security -- Management -- Periodicals
Computer networks -- Security measures -- Periodicals
Data protection -- Management -- Periodicals
658.47 - Journal URLs:
- http://www.emeraldinsight.com/loi/ics ↗
http://www.emeraldinsight.com/ ↗ - DOI:
- 10.1108/ICS-01-2019-0011 ↗
- Languages:
- English
- ISSNs:
- 2056-4961
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 4481.796000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 22091.xml