Publication:
Using CTI Data to Understand Real World Cyberattacks

Simple item page
carlosiii.embargo.liftdate2025-03-13
carlosiii.embargo.terms2025-03-13
dc.affiliation.dptoUC3M. Departamento de Ingeniería Telemáticaes
dc.affiliation.grupoinvUC3M. Grupo de Investigación: Network Technologieses
dc.contributor.authorAllegretta, Mauro
dc.contributor.authorSiracusano, Giuseppe
dc.contributor.authorGonzález Sánchez, Roberto
dc.contributor.authorVallina Rodríguez, Pelayo
dc.contributor.authorGramaglia, Marco
dc.contributor.funderEuropean Commissiones
dc.contributor.funderMinisterio de Asuntos Económicos y Transformación Digital (España)es
dc.date.accessioned2023-04-17T09:37:44Z
dc.date.issued2023-03-23
dc.descriptionProceeding of: 2023 18th Wireless On-Demand Network Systems and Services Conference (WONS), 30 January 2023 - 01 February 2023, Madonna di Campiglio, Italy.en
dc.description.abstractThe forensic analysis of Cyber Threat Intelligence (CTI) data is of capital importance for businesses and enterprises to understand what has possibly gone wrong in a cybersecurity system. Moreover, the fast evolution of the techniques used by cybercriminals requires collaboration among multiple partners to provide efficient security mechanisms. STIX has emerged as the industrial standard to share CTI data in a structured format, allowing entities from over the world to exchange information to broaden the knowledge base in the area. In this work, we shed light on the type of information contained in these datasets shared among partners. We analyze a large real-world STIX dataset and identify trends for the reporting of CTI data. Then, we deep dive into two kinds of attack patterns found in the dataset: Command & Control and Malicious Software Download. We found the data is not only useful for forensic analysis but can also be used to improve the protection against new attacks.en
dc.description.sponsorshipThe work of UC3M has been supported by the Spanish Ministry of Economic Affairs and Digital Transformation and the European Union-NextGenerationEU through the UNICO 5G I+D project 6G-RIEMANN. The work of NEC Laboratories Europe has been supported by the EU research project MARSAL (Grant Agreement 101017171).en
dc.format.extent4
dc.identifier.bibliographicCitation2023 18th Wireless On-Demand Network Systems and Services Conference (WONS). IEEE, 2023. Pp. 100-103.en
dc.identifier.doihttps://doi.org/10.23919/WONS57325.2023.10061921
dc.identifier.isbn978-3-903176-56-0
dc.identifier.publicationfirstpage100
dc.identifier.publicationlastpage103
dc.identifier.publicationtitle2023 18th Wireless On-Demand Network Systems and Services Conference (WONS)en
dc.identifier.urihttps://hdl.handle.net/10016/37100
dc.identifier.uxxiCC/0000034157
dc.language.isoengen
dc.publisherIEEEen
dc.relation.eventdate30 January 2023 - 01 February 2023en
dc.relation.eventplaceMadonna di Campiglio, Italia.it
dc.relation.eventtitleWireless On-Demand Network Systems and Services Conference (WONS 2023)en
dc.relation.projectIDGobierno de España. TSI-063000-2021-141es
dc.relation.projectIDGobierno de España. TSI-063000-2021-142es
dc.relation.projectIDGobierno de España. TSI-063000-2021-147es
dc.relation.projectIDGobierno de España. TSI-063000-2021-146es
dc.relation.projectIDinfo:eu-repo/grantAgreement/EC/H2020/101017171/MARSALen
dc.rights© 2023 International Federation for Information Processing (IFIP) / IEEE.en
dc.rights.accessRightsembargoed accessen
dc.subject.ecienciaTelecomunicacioneses
dc.subject.otherWireless communicationen
dc.subject.otherForensicsen
dc.subject.otherKnowledge based systemsen
dc.subject.otherCollaborationen
dc.subject.otherMarket researchen
dc.subject.otherMalwareen
dc.subject.otherCyber threat intelligenceen
dc.titleUsing CTI Data to Understand Real World Cyberattacksen
dc.typeconference paper*
dc.type.hasVersionAM*
dspace.entity.typePublication
Files
Original bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
using_WONS_2023_ps.pdf
Size:
278.03 KB
Format:
Adobe Portable Document Format
Download
Collections
DIT - RYSC - Comunicaciones en Conferencias Internacionales / International Conferences
DIT - RYSC - Capítulos de monografías
OpenAIRE: Open Access Infrastructure for Research in Europe