Open Access

ARTICLE

Generic Attribute Scoring for Information Decay in Threat Information Sharing Platform

Mohammed Alshehri^*

Department of Information Technology, Majmaah University, Majmaah, 11952, Saudi Arabia

* Corresponding Author: Mohammed Alshehri. Email:

(This article belongs to this Special Issue: Emerging Trends in Cyber Security for Communication Networks)

Computers, Materials & Continua 2021, 67(1), 917-931. https://doi.org/10.32604/cmc.2021.014848

Received 21 October 2020; Accepted 19 November 2020; Issue published 12 January 2021

Abstract

Cyber Threat Intelligence (CTI) has gained massive attention to collect hidden knowledge for a better understanding of the various cyber-attacks and eventually paving the way for predicting the future of such attacks. The information exchange and collaborative sharing through different platforms have a significant contribution towards a global solution. While CTI and the information exchange can help a lot in focusing and prioritizing on the use of the large volume of complex information among different organizations, there exists a great challenge ineffective processing of large count of different Indicators of Threat (IoT) which appear regularly, and that can be solved only through a collaborative approach. Collaborative approach and intelligence sharing have become the mandatory element in the entire world of processing the threats. In order to covet the complete needs of having a definite standard of information exchange, various initiatives have been taken in means of threat information sharing platforms like MISP and formats such as SITX. This paper proposes a scoring model to address information decay, which is shared within TISP. The scoring model is implemented, taking the use case of detecting the Threat Indicators in a phishing data network. The proposed method calculates the rate of decay of an attribute through which the early entries are removed.

---

Keywords

---