Giovana Bilali - Academia.edu (original) (raw)
Papers by Giovana Bilali
Lecture Notes in Computer Science, 2022
This paper provides an overview of the Advanced Threat Intelligence Orchestrator in assisting org... more This paper provides an overview of the Advanced Threat Intelligence Orchestrator in assisting organizations and society's first responders in managing, prioritizing, and sharing information related to cyber security incidents. In order to accomplish this, the capabilities and benefits of security, orchestration, automation, and response (SOAR) systems, on which Orchestrator is based, were promoted. The results of this survey conducted as part of the IRIS EU-funded project to protect Internet of Things (IoT) and Artificial Intelligence (AI)-driven ICT-enabled systems from cyber threats and attacks on their privacy facilitating SOC/CSIRTs/CERTs. In this context, the tool is explored in methods of orchestrating and automating cyber security processes and routines. The open-source tool that was chosen for the creation of Advanced Threat Intelligence Orchestrator was SHUFFLE. SHUFFLE gives a wide variety of functionalities as it can be integrated with numerous tools and APIS. Furthermore, the provision of schematic workflows with action steps makes the stakeholders' interface more intuitive.
Security Technologies and Methods for Advanced Cyber Threat Intelligence, Detection and Mitigation
Εθνικό Μετσόβιο Πολυτεχνείο--Μεταπτυχιακή Εργασία. Διεπιστημονικό-Διατμηματικό Πρόγραμμα Μεταπτυχ... more Εθνικό Μετσόβιο Πολυτεχνείο--Μεταπτυχιακή Εργασία. Διεπιστημονικό-Διατμηματικό Πρόγραμμα Μεταπτυχιακών Σπουδών (Δ.Π.Μ.Σ.) “ Μαθηματική Προτυποποίηση σε Σύγχρονες Τεχνολογίες και στα Χρηματοοικονομικά
Proceedings of the 8th International Conference on Data Science, Technology and Applications, 2019
Cyber-threat intelligence (CTI) is any information that can help an organization identify, assess... more Cyber-threat intelligence (CTI) is any information that can help an organization identify, assess, monitor, and respond to cyber-threats. It relates to all cyber components of an organization such as networks, computers, and other types of information technology. In the recent years, due to the major increase of cyber-threats, CTI sharing is becoming increasingly important both as a subject of research and as a concept of providing additional security to organizations. However, selecting the proper tools and platforms for CTI sharing, is a challenging task, that pertains to a variety of aspects. In this paper, we start by overviewing the CTI procedure (threat types, categories, sources and the general CTI life-cycle). Then, we present a set of seven high-level CTI plaftorm recommendations that can be used to evaluate a platform and subsequently we survey six state-ofthe-art cyber-threat intelligence platforms. Finally, we compare and evaluate the six aforementioned platforms by means of the earlier proposed recommendations.
Security Informatics and Law Enforcement, 2021
This chapter presents the Cyber-Trust cyber-threat intelligence, detection, and mitigation platfo... more This chapter presents the Cyber-Trust cyber-threat intelligence, detection, and mitigation platform, which delivers solutions for enhancing the security of the Internet of things, showcasing its value for law enforcement agencies (LEAs) and how they will be assisted in accessing, viewing, and receiving information that potentially holds digital evidence of specific cyber-crimes against Internet service providers and smart homes, in a timely manner. We present how information from different software components (e.g. Blockchain), when integrated based on the needs of the end-users, can greatly assist in the detection and correlation of digital evidence and the collaboration between the LEAs and providers. The challenges imposed by the national and European legislation are further discussed along with possible ways to address these shortcomings via the Cyber-Trust platform.
Proceedings of the 8th International Conference on Data Science, Technology and Applications, 2019
Cyber-threat intelligence (CTI) is any information that can help an organization identify, assess... more Cyber-threat intelligence (CTI) is any information that can help an organization identify, assess, monitor, and respond to cyber-threats. It relates to all cyber components of an organization such as networks, computers, and other types of information technology. In the recent years, due to the major increase of cyber-threats, CTI sharing is becoming increasingly important both as a subject of research and as a concept of providing additional security to organizations. However, selecting the proper tools and platforms for CTI sharing, is a challenging task, that pertains to a variety of aspects. In this paper, we start by overviewing the CTI procedure (threat types, categories, sources and the general CTI life-cycle). Then, we present a set of seven high-level CTI plaftorm recommendations that can be used to evaluate a platform and subsequently we survey six state-ofthe-art cyber-threat intelligence platforms. Finally, we compare and evaluate the six aforementioned platforms by means of the earlier proposed recommendations.
Proceedings of the 15th International Conference on Availability, Reliability and Security
Lecture Notes in Computer Science, 2022
This paper provides an overview of the Advanced Threat Intelligence Orchestrator in assisting org... more This paper provides an overview of the Advanced Threat Intelligence Orchestrator in assisting organizations and society's first responders in managing, prioritizing, and sharing information related to cyber security incidents. In order to accomplish this, the capabilities and benefits of security, orchestration, automation, and response (SOAR) systems, on which Orchestrator is based, were promoted. The results of this survey conducted as part of the IRIS EU-funded project to protect Internet of Things (IoT) and Artificial Intelligence (AI)-driven ICT-enabled systems from cyber threats and attacks on their privacy facilitating SOC/CSIRTs/CERTs. In this context, the tool is explored in methods of orchestrating and automating cyber security processes and routines. The open-source tool that was chosen for the creation of Advanced Threat Intelligence Orchestrator was SHUFFLE. SHUFFLE gives a wide variety of functionalities as it can be integrated with numerous tools and APIS. Furthermore, the provision of schematic workflows with action steps makes the stakeholders' interface more intuitive.
Security Technologies and Methods for Advanced Cyber Threat Intelligence, Detection and Mitigation
Εθνικό Μετσόβιο Πολυτεχνείο--Μεταπτυχιακή Εργασία. Διεπιστημονικό-Διατμηματικό Πρόγραμμα Μεταπτυχ... more Εθνικό Μετσόβιο Πολυτεχνείο--Μεταπτυχιακή Εργασία. Διεπιστημονικό-Διατμηματικό Πρόγραμμα Μεταπτυχιακών Σπουδών (Δ.Π.Μ.Σ.) “ Μαθηματική Προτυποποίηση σε Σύγχρονες Τεχνολογίες και στα Χρηματοοικονομικά
Proceedings of the 8th International Conference on Data Science, Technology and Applications, 2019
Cyber-threat intelligence (CTI) is any information that can help an organization identify, assess... more Cyber-threat intelligence (CTI) is any information that can help an organization identify, assess, monitor, and respond to cyber-threats. It relates to all cyber components of an organization such as networks, computers, and other types of information technology. In the recent years, due to the major increase of cyber-threats, CTI sharing is becoming increasingly important both as a subject of research and as a concept of providing additional security to organizations. However, selecting the proper tools and platforms for CTI sharing, is a challenging task, that pertains to a variety of aspects. In this paper, we start by overviewing the CTI procedure (threat types, categories, sources and the general CTI life-cycle). Then, we present a set of seven high-level CTI plaftorm recommendations that can be used to evaluate a platform and subsequently we survey six state-ofthe-art cyber-threat intelligence platforms. Finally, we compare and evaluate the six aforementioned platforms by means of the earlier proposed recommendations.
Security Informatics and Law Enforcement, 2021
This chapter presents the Cyber-Trust cyber-threat intelligence, detection, and mitigation platfo... more This chapter presents the Cyber-Trust cyber-threat intelligence, detection, and mitigation platform, which delivers solutions for enhancing the security of the Internet of things, showcasing its value for law enforcement agencies (LEAs) and how they will be assisted in accessing, viewing, and receiving information that potentially holds digital evidence of specific cyber-crimes against Internet service providers and smart homes, in a timely manner. We present how information from different software components (e.g. Blockchain), when integrated based on the needs of the end-users, can greatly assist in the detection and correlation of digital evidence and the collaboration between the LEAs and providers. The challenges imposed by the national and European legislation are further discussed along with possible ways to address these shortcomings via the Cyber-Trust platform.
Proceedings of the 8th International Conference on Data Science, Technology and Applications, 2019
Cyber-threat intelligence (CTI) is any information that can help an organization identify, assess... more Cyber-threat intelligence (CTI) is any information that can help an organization identify, assess, monitor, and respond to cyber-threats. It relates to all cyber components of an organization such as networks, computers, and other types of information technology. In the recent years, due to the major increase of cyber-threats, CTI sharing is becoming increasingly important both as a subject of research and as a concept of providing additional security to organizations. However, selecting the proper tools and platforms for CTI sharing, is a challenging task, that pertains to a variety of aspects. In this paper, we start by overviewing the CTI procedure (threat types, categories, sources and the general CTI life-cycle). Then, we present a set of seven high-level CTI plaftorm recommendations that can be used to evaluate a platform and subsequently we survey six state-ofthe-art cyber-threat intelligence platforms. Finally, we compare and evaluate the six aforementioned platforms by means of the earlier proposed recommendations.
Proceedings of the 15th International Conference on Availability, Reliability and Security