Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

Towards an automated dissemination process of cyber threat intelligence data using STIX

Briliyant, Obrina Candra ORCID: https://orcid.org/0000-0002-1054-8112, Tirsa, Nusranto Pratama and Hasditama, Maulana Andika 2021. Towards an automated dissemination process of cyber threat intelligence data using STIX. Presented at: 6th International Workshop on Big Data and Information Security (IWBIS), Depok, Indonesia, 23-25 October 2021. 2021 6th International Workshop on Big Data and Information Security (IWBIS). IEEE, pp. 109-114. 10.1109/IWBIS53353.2021.9631850

Full text not available from this repository.

Abstract

Cyber Threat Intelligence (CTI) is an actionable, evidence-based knowledge management system of cyber threats data. CTI consists of 3 (three) major parts, namely information gathering, analysis, and dissemination. To carry out dissemination in CTI, Structured Threat Information Expression (STIX) and Trusted Automated Exchange of Intelligence Information (TAXII) have been developed as open and interoperable standards for the CTI dissemination. An effective CTI is a CTI that can be integrated into the organization's security operations processes. Many organizations today runs CTI with a mechanism for reporting and distributing information in the dissemination process or known as cyber threat information sharing which has significant effects on security operations performance. In this study, user requirements analysis and design of cyber threat information sharing processes were carried out. From the results of the requirement analysis, a suitable business process re-engineering were proposed to accelerate the automation of CTI, especially in the information sharing part. Lastly, the designed processes were tested by simulating the processes using STIX and TAXII-based platform. The results of this study indicate that the designed processes can be run on STIX and TAXII-based platforms, ergo a step toward to a fully automated CTI.

Item Type: Conference or Workshop Item - published (Paper)
Date Type: Publication
Status: Published
Schools: Schools > Computer Science & Informatics
Publisher: IEEE
ISBN: 978-1-6654-2452-3
Last Modified: 19 Jan 2026 16:15
URI: https://orca.cardiff.ac.uk/id/eprint/183946

Actions (repository staff only)

Edit Item Edit Item
Dimensions
Altmetric
CORE (COnnecting REpositories)


Maintained by Cardiff University IT