Nidhi Rastogi (Rochester Institute of Technology)

Cyber threat intelligence (CTI) has been valuable to SOC analysts investigating emerging and known threats and attacks. However, the reach is still limited, and the adoption could be higher. While CTI has consistently proven to be a rich source of threat indicators and patterns collected by peer security researchers, other researchers have occasionally found them helpful. Challenges include intelligence in the CTI documented in an unstructured format, embedded in a large amount of text, making it challenging to integrate them effectively with existing threat intelligence analysis tools for internal system logs. In this paper, we detail ongoing research in threat intelligence extraction, integration, and analysis at different levels of granularity from unstructured threat analysis reports. We share ongoing challenges and provide recommendations to overcome them.

View More Papers

Accurate Compiler and Optimization Independent Function Identification Using Program...

Derrick McKee (Purdue University), Nathan Burow (MIT Lincoln Laboratory), Mathias Payer (EPFL)

Read More

SynthDB: Synthesizing Database via Program Analysis for Security Testing...

An Chen (University of Georgia), Jiho Lee (University of Virginia), Basanta Chaulagain (University of Georgia), Yonghwi Kwon (University of Virginia),...

Read More

Adventures in Wonderland: Automotive Cyber beyond the CAN Bus

Michael Westra (In-Vehicle Cyber Security Technical Manager, Ford)

Read More