Knowledge Resource Center for Ecological Environment in Arid Area
| DOI | 10.1007/978-3-030-01177-2_49 |
| Barriers to Adopting Interoperability Standards for Cyber Threat Intelligence Sharing: An Exploratory Study | |
| Gong, Nicole | |
| 通讯作者 | Gong, N (corresponding author), MITRE Corp, Syst Engn Tech Ctr, Mclean, VA 22102 USA. |
| 会议名称 | Computing Conference |
| 会议日期 | JUL 10-12, 2018 |
| 会议地点 | London, ENGLAND |
| 英文摘要 | Cyber Threat Intelligence Sharing (CTIS) is one of the most promising strategies in cyber defense. This study examined two of the most viable cutting-edge interoperability standards for CTIS, exploring barriers to their adoption and providing insights into the development and utilization of Structured Threat Information Expression (STIXT) and Trusted Automated eXchange of Indicator Information (TAXIIT). Following their introduction in May of 2015, an exploratory mixed methods study was conducted within the cyber community to investigate barriers to adopting STIX and TAXII. Using semi-structured SkypeT interviews, qualitative data were collected from a purposeful sample composed of 10 standard makers and frontier adopters in the Organization for the Advancement of Structured Information Standards (OASIS) community. Thematic analysis of the qualitative data obtained from these interviews was used to develop a quantitative web-based survey using QuestionPro. Some 70 responses were collected in this follow-on survey, which was opened to several cyber threat intelligence communities worldwide, including experts from the SANS Institute, a for-profit U.S. private company that specializes in information and cybersecurity. The results indicated that STIX and TAXII had attracted interest in 18 countries. Specific barriers for adoption emerging from the interviews validated by the follow-on survey included: initial setup and learning curve; organizational compatibility and maturity; understanding of cyber threat vocabulary; and lack of conformity in notating data. Specific benefits of adoption were: enhanced sharing of structured relationship data; data restriction enabling; structured documentation markup; and improved interoperability. |
| 英文关键词 | Cyber Threat Intelligence (CTI) Cyber Threat Intelligence Sharing (CTIS) Interoperability standards STIX TAXII Cybersecurity Cyber attack Cyber threat information sharing Mixed methods |
| 来源出版物 | INTELLIGENT COMPUTING, VOL 2 |
| ISSN | 2194-5357 |
| EISSN | 2194-5365 |
| 出版年 | 2019 |
| 卷号 | 857 |
| 页码 | 666-684 |
| ISBN | 978-3-030-01177-2; 978-3-030-01176-5 |
| 出版者 | SPRINGER INTERNATIONAL PUBLISHING AG |
| 类型 | Proceedings Paper |
| 语种 | 英语 |
| 收录类别 | CPCI-S |
| WOS记录号 | WOS:000591560300049 |
| WOS类目 | Computer Science, Artificial Intelligence ; Computer Science, Interdisciplinary Applications |
| WOS研究方向 | Computer Science |
| 资源类型 | 会议论文 |
| 条目标识符 | http://119.78.100.177/qdio/handle/2XILL650/369973 |
| 作者单位 | [Gong, Nicole] MITRE Corp, Syst Engn Tech Ctr, Mclean, VA 22102 USA |
| 推荐引用方式 GB/T 7714 | Gong, Nicole. Barriers to Adopting Interoperability Standards for Cyber Threat Intelligence Sharing: An Exploratory Study[C]:SPRINGER INTERNATIONAL PUBLISHING AG,2019:666-684. |
| 条目包含的文件 | 条目无相关文件。 | |||||
| 个性服务 |
| 推荐该条目 |
| 保存到收藏夹 |
| 导出为Endnote文件 |
| 谷歌学术 |
| 谷歌学术中相似的文章 |
| [Gong, Nicole]的文章 |
| 百度学术 |
| 百度学术中相似的文章 |
| [Gong, Nicole]的文章 |
| 必应学术 |
| 必应学术中相似的文章 |
| [Gong, Nicole]的文章 |
| 相关权益政策 |
| 暂无数据 |
| 收藏/分享 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
