Search Icon
Register

Cyber Threat Intelligence for SOC Analysts

Nidhi Rastogi, Md Tanvirul Alam (Rochester Institute of Technology)

Cyber threat intelligence (CTI) has been valuable to SOC analysts investigating emerging and known threats and attacks. However, the reach is still limited, and the adoption could be higher. While CTI has consistently proven to be a rich source of threat indicators and patterns collected by peer security researchers, other researchers have occasionally found them helpful. Challenges include intelligence in the CTI documented in an unstructured format, embedded in a large amount of text, making it challenging to integrate them effectively with existing threat intelligence analysis tools for internal system logs. In this paper, we detail ongoing research in threat intelligence extraction, integration, and analysis at different levels of granularity from unstructured threat analysis reports. We share ongoing challenges and provide recommendations to overcome them.

Paper
Video

View More Papers

AuthentiSense: A Scalable Behavioral Biometrics Authentication Scheme using Few-Shot...

Hossein Fereidooni (Technical University of Darmstadt), Jan Koenig (University of Wuerzburg), Phillip Rieger (Technical University of Darmstadt), Marco Chilese (Technical University of Darmstadt), Bora Goekbakan (KOBIL, Germany), Moritz Finke (University of Wuerzburg), Alexandra Dmitrienko (University of Wuerzburg), Ahmad-Reza Sadeghi (Technical University of Darmstadt)

Read More

SOCs lead AI adoption: Transitioning Lessons to the C-Suite

Eric Dull, Drew Walsh, Scott Riede (Deloitte and Touche)

Read More

Cloud-Hosted Security Operations Center (SOC)

Drew Walsh, Kevin Conklin (Deloitte)

Read More

BANS: Evaluation of Bystander Awareness Notification Systems for Productivity...

Shady Mansour (LMU Munich), Pascal Knierim (Universitat Innsbruck), Joseph O’Hagan (University of Glasgow), Florian Alt (University of the Bundeswehr Munich), Florian Mathis (University of Glasgow)

Read More