Cláudio Martins (LASIGE’s former MSc’ student) and Ibéria Medeiros, LASIGE’s integrated researcher, have published work for improving the quality of cyber threat intelligence in the ACM Transactions on Privacy and Security. The paper, titled “Generating Quality Threat Intelligence Leveraging OSINT and a Cyber Threat Unified Taxonomy”, reflects his master thesis work, on Master in Information Security.
The goal of the work was to present an approach that deals with the limitations of threat intelligence platforms (TIPs) and several public cyber threat taxonomies for classifying open-source intelligence (OSINT) in order to improve the quality of threat intelligence by classifying it accordingly a single unified taxonomy. The approach employs similarity and correlation methods to process OSINT from diverse sources and generates new and improved cyber threat intelligence, which later can be used in defense mechanisms of threats detection.
It was implemented in the AECCP platform and evaluated experimentally with different OSINT datasets and other platforms.
The paper is available here.