A Representation of Business Oriented Cyber Threat Intelligence and the Objects Assembly

Cyber threat intelligence (CTI) is an effective approach to improving cyber security of businesses. CTI provides information of business contexts affected by cyber threats and the corresponding countermeasures. If businesses can identify relevant CTI, they can take defensive actions before the threats, described in the relevant CTI, take place. However, businesses still lack knowledge to help identify relevant CTI. Furthermore, information in real-world systems is usually vague, imprecise, inconsistent and incomplete. This paper defines a business object that is a business context surrounded by CTI. A business object models the connection knowledge for CTI onto the business. To assemble the business objects, this paper proposes a novel representation of business oriented CTI and a system used for constructing and extracting the business objects. Generalised grey numbers, fuzzy sets and rough sets are used for the representation, and set approximations are used for the extraction of the business objects. We develop a prototype of the system and use a case study to demonstrate how the system works. We then conclude the paper together with the future research directions.

[1]  Krassimir T. Atanassov,et al.  Intuitionistic fuzzy sets , 1986 .

[2]  A. R. Roy,et al.  Soft set theory , 2003 .

[3]  Yingjie Yang,et al.  A Business Process Oriented Dynamic Cyber Threat Intelligence Model , 2019, 2019 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computing, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI).

[4]  Theresa Beaubouef,et al.  Rough Sets , 2019, Lecture Notes in Computer Science.

[5]  Robert LIN,et al.  NOTE ON FUZZY SETS , 2014 .

[6]  Jerry M. Mendel,et al.  Type-2 fuzzy sets made simple , 2002, IEEE Trans. Fuzzy Syst..

[7]  Robert Ivor John,et al.  Grey sets and greyness , 2012, Inf. Sci..

[8]  Zhigeng Fang,et al.  General grey numbers and their operations , 2012 .

[9]  Воробьев Антон Александрович Анализ уязвимостей вычислительных систем на основе алгебраических структур и потоков данных National Vulnerability Database , 2013 .

[10]  Lotfi A. Zadeh,et al.  Fuzzy Logic , 2009, Encyclopedia of Complexity and Systems Science.

[11]  Ehab Al-Shaer,et al.  Data-driven analytics for cyber-threat intelligence and information sharing , 2017, Comput. Secur..

[12]  Eric W. Burger,et al.  Taxonomy Model for Cyber Threat Intelligence Information Exchange Technologies , 2014, WISCS '14.