Near-Real Time, Semi-Automated Threat Assessment of Information Environments
Abstract
Threat assessment is a crucial process for monitoring and defending against potential threats in an organization’s information environment and business operations. Ensuring the security of information infrastructure requires effective information security practices. However, existing models and methodologies often fall short of addressing the dynamic and evolving nature of cyberattacks. Moreover, critical threat intelligence extracted from the threat agents lacks the ability to capture essential attributes such as motivation, opportunity, and capability (M, O, C).
This contribution to knowledge clarification introduces a semi-automatic threat assessment model that can handle situational awareness data or live acquired data stream from networks, incorporating information security techniques, protocols, and real-time monitoring of specific network types. Additionally, it focuses on analysing and implementing network traffic within a specific real-time information environment.
To develop the semi-automatic threat assessment model, the study identifies unique attributes of threat agents by analysing Packet Capture Application Programming Interface (PCAP) files and data stream collected between 2012 and 2019. The study utilizes both hypothetical and real-world examples of threat agents to evaluate the three key factors: motivation, opportunity, and capability. This evaluation serves as a basis for designing threat profiles, critical threat intelligence, and assessing the complexity of process. These aspects are currently overlooked in existing threat agent taxonomies, models, and methodologies.
By addressing the limitations of traditional threat assessment approaches, this research contributes to advancing the field of cybersecurity. The proposed semi-automatic threat assessment model offers improved awareness and timely detection of threats, providing organizations with a more robust defence against evolving cyberattacks. This research enhances the understanding of threat agents’ attributes and assists in developing proactive strategies to mitigate the risks associated with cybersecurity in the modern information environment.
Publication date
2023-11-19Published version
https://doi.org/10.18745/th.27417https://doi.org/10.18745/th.27417
Funding
Default funderDefault project
Other links
http://hdl.handle.net/2299/27417Metadata
Show full item recordThe following license files are associated with this item:
Except where otherwise noted, this item's license is described as info:eu-repo/semantics/openAccess
Related items
Showing items related by title, author, creator and subject.
-
Cognitive Processing of Threat Information in Female Eating Disorder Patients: The Role of Attentional Bias and Cognitive Avoidance
Sporle, Diana Maria (2008-02-12)This study considers and explores the relationship between eating disorders and the cognitive processes of attentional bias and cognitive avoidance. These processes are also considered in terms of their contribution to ... -
Is High-Frequency Trading a Threat to Financial Stability?
Gianluca, Virgilio (2017-07-07)The purpose of this thesis is: (i) to produce an in-depth data analysis and computer-based simulations of the market environment to investigate whether financial stability is affected by the presence of High-Frequency ... -
Recent advances to address European Union Health Security from cross border chemical health threats
Duarte-Davidson, R.; Orford, R.; Wyke, S.; Griffiths, M.; Amlôt, R.; Chilcott, Robert (2014-11)The European Union (EU) Decision (1082/2013/EU) on serious cross border threats to health was adopted by the European Parliament in November 2013, in recognition of the need to strengthen the capacity of Member States to ...