The Quest for the Appropriate Cyber-threat Intelligence Sharing Platform (original) (raw)

2019, Proceedings of the 8th International Conference on Data Science, Technology and Applications

Cyber-threat intelligence (CTI) is any information that can help an organization identify, assess, monitor, and respond to cyber-threats. It relates to all cyber components of an organization such as networks, computers, and other types of information technology. In the recent years, due to the major increase of cyber-threats, CTI sharing is becoming increasingly important both as a subject of research and as a concept of providing additional security to organizations. However, selecting the proper tools and platforms for CTI sharing, is a challenging task, that pertains to a variety of aspects. In this paper, we start by overviewing the CTI procedure (threat types, categories, sources and the general CTI life-cycle). Then, we present a set of seven high-level CTI plaftorm recommendations that can be used to evaluate a platform and subsequently we survey six state-ofthe-art cyber-threat intelligence platforms. Finally, we compare and evaluate the six aforementioned platforms by means of the earlier proposed recommendations.