Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
4.7
2.9
Journals
Electronics
Special Issues
New Challenges on Cyber Threat Intelligence
share announcement

New Challenges on Cyber Threat Intelligence

A special issue of Electronics (ISSN 2079-9292). This special issue belongs to the section "Computer Science & Engineering".

Deadline for manuscript submissions: closed (31 December 2021) | Viewed by 53167

Special Issue Editors

Prof. Dr. Changhoon Lee

E-Mail Website
Guest Editor
Department of Computer Science & Engineering, Seoul National University of Science and Technology, Seoul, Republic of Korea
Interests: cyber threat intelligence (CTI); information security; digital forensics; IoT and Cloud security; cryptography
Special Issues, Collections and Topics in MDPI journals
Dr. Yu Chen

E-Mail Website
Guest Editor
Department of Electrical and Computer Engineering, Binghamton University, State University of New York, Binghamton, NY 13902, USA
Interests: cyber security; intelligent surveillance; IoT; cloud security and privacy
Special Issues, Collections and Topics in MDPI journals
Dr. Jake (Jaeik) Cho

E-Mail Website
Guest Editor
IBM, Dubai Internet City, Dubai, United Arab Emirates
Interests: cyber threat intelligence (CTI); enterprise security; advanced security for IoT/OT and industry network

Special Issue Information

Dear Colleagues,

Cyber threat intelligence (CTI) is a technology that has the potential to fundamentally change the defensive strategy against cyberattacks by building a security knowledge system to respond to intelligent cyberattacks preemptively. Cyber threat intelligence (CTI) organizes and shares threat information and is driving innovation in security technologies for networks and systems through threat identification, intelligent threat analysis, attacker profiling, and kill chain responses. Therefore, when applied well, threat intelligence can help security officers and teams to defend against an ever-more sophisticated threat landscape before, during, and after an attack. That is, by studying adversaries and understanding their strategies and objectives, organizations can build more effective and more robust cyber-defenses. In recent years, this CTI technology has been expanding into infrastructure environments such as SCADA, IoT, and heterogeneous networks, contributing to advances in the confidentiality, integrity, availability, privacy, and scalability of systems.

This Special Issue aims to cover the latest techniques in all aspects and challenges, including the construction, operation, and sharing of cyber-threat intelligence systems. Theoretical and practical developments in the implementation and operation of cyber threat intelligence, the latest technical reviews, and surveys on CTI systems are welcomed. The papers will be peer-reviewed and selected on the basis of their quality and relevance to the theme of this Special Issue, with only the best high-quality papers selected for publication. The topics of interest for this Special Issue include but are not limited to:

  • Design and analysis of CTI system architecture;
  • New operation strategy for CTI;
  • Data representation model for CTI;
  • Data sharing model for CTI;
  • Data analysis methodology for CTI;
  • Machine learning techniques and tools for CTI;
  • Kill-chain model and application for CTI;
  • Design and analysis of new evaluation method for CTI;
  • Automated and smart tools for data collection, feature classification, and forensic analysis;
  • Integration of incident response and digital forensic;
  • Application of cyber security and intelligence ;
  • Reliability and risk analysis methodology for CTI;
  • Cyberattack trend analysis model and system.

Prof. Dr. Changhoon Lee
Prof. Dr. Yu Chen
Dr. Jake (Jaeik) Cho
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Electronics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Published Papers (12 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

Jump to: Review

31 pages, 557 KiB  
Article
Can I Sleep Safely in My Smarthome? A Novel Framework on Automating Dynamic Risk Assessment in IoT Environments
by Anastasija Collen and Niels Alexander Nijdam
Electronics 2022, 11(7), 1123; https://0-doi-org.brum.beds.ac.uk/10.3390/electronics11071123 - 01 Apr 2022
Cited by 4 | Viewed by 2105
Abstract
Fully automated homes, equipped with the latest Internet of Things (IoT) devices, aiming to drastically improve the quality of lives of those inhabiting such homes, is it not a perfect setting for cyber threats? More than that, this is a fear of many [...] Read more.
Fully automated homes, equipped with the latest Internet of Things (IoT) devices, aiming to drastically improve the quality of lives of those inhabiting such homes, is it not a perfect setting for cyber threats? More than that, this is a fear of many regular citizens and a trending topic for researchers to apply Cyber Threat Intelligence (CTI) for seamless cyber security. This paper focuses on the Risk Assessment (RA) methodology for smarthome environments, targeting to include all types of IoT devices. Unfortunately, existing approaches mostly focus on the manual or periodic formal RA, or individual device-specific cyber security solutions. This paper presents a Dynamic Risk Assessment Framework (DRAF), aiming to automate the identification of ongoing attacks and the evaluation of the likelihood of associated risks. Moreover, DRAF dynamically proposes mitigation strategies when full automation of the decision making is not possible. The theoretical model of DRAF was implemented and tested in smarthome testbeds deployed in several European countries. The resulting data indicate strong promises for the automation of decision making to control the tightly coupled balance between cyber security and privacy compromise in terms of the embedded services’ usability, end-users’ expectations and their level of cyber concerns. Full article
(This article belongs to the Special Issue New Challenges on Cyber Threat Intelligence)
Show Figures

Graphical abstract

10 pages, 285 KiB  
Article
Distributed Online Risk Assessment in the National Cyberspace
by Andrzej Karbowski
Electronics 2022, 11(5), 741; https://0-doi-org.brum.beds.ac.uk/10.3390/electronics11050741 - 28 Feb 2022
Cited by 2 | Viewed by 1579
Abstract
The paper presents a distributed approach to online cyber risk assessment across the country, taking into account cyber threats and vulnerabilities identified by local services operators. It consists in distributed, asynchronous calculations of possible failure scenarios. They are a solution of a set [...] Read more.
The paper presents a distributed approach to online cyber risk assessment across the country, taking into account cyber threats and vulnerabilities identified by local services operators. It consists in distributed, asynchronous calculations of possible failure scenarios. They are a solution of a set of nonlinear, nonsmooth equations with locally assessed risk activation functions as inputs. These functions indicate whether a given threat is expected in some future period. The convergence condition of the mentioned algorithm is given in the theorem form. At the end, a case study concerning a system consisting of four entities is presented. Full article
(This article belongs to the Special Issue New Challenges on Cyber Threat Intelligence)
Show Figures

Figure 1

20 pages, 402 KiB  
Article
Key Requirements for the Detection and Sharing of Behavioral Indicators of Compromise
by Antonio Villalón-Huerta, Ismael Ripoll-Ripoll and Hector Marco-Gisbert
Electronics 2022, 11(3), 416; https://0-doi-org.brum.beds.ac.uk/10.3390/electronics11030416 - 29 Jan 2022
Cited by 3 | Viewed by 6066
Abstract
Cyber threat intelligence feeds the focus on atomic and computed indicators of compromise. These indicators are the main source of tactical cyber intelligence most organizations benefit from. They are expressed in machine-readable formats, and they are easily loaded into security devices in order [...] Read more.
Cyber threat intelligence feeds the focus on atomic and computed indicators of compromise. These indicators are the main source of tactical cyber intelligence most organizations benefit from. They are expressed in machine-readable formats, and they are easily loaded into security devices in order to protect infrastructures. However, their usefulness is very limited, specially in terms of time of life. These indicators can be useful when dealing with non-advanced actors, but they are easily avoided by advanced ones. To detect advanced actor’s activities, an analyst must deal with behavioral indicators of compromise, which represent tactics, techniques and procedures that are not as common as the atomic and computed ones. In this paper, we analyze why these indicators are not widely used, and we identify key requirements for successful behavioral IOC detection, specification and sharing. We follow the intelligence cycle as the arranged sequence of steps for a defensive team to work, thereby providing a common reference for these teams to identify gaps in their capabilities. Full article
(This article belongs to the Special Issue New Challenges on Cyber Threat Intelligence)
Show Figures

Figure 1

16 pages, 937 KiB  
Article
Memory Layout Extraction and Verification Method for Reliable Physical Memory Acquisition
by Seungwon Jung, Seunghee Seo, Yeog Kim and Changhoon Lee
Electronics 2021, 10(12), 1380; https://0-doi-org.brum.beds.ac.uk/10.3390/electronics10121380 - 09 Jun 2021
Cited by 1 | Viewed by 3062
Abstract
Physical memory acquisition is a prerequisite when performing memory forensics, referring to a set of techniques for acquiring and analyzing traces associated with user activity information, malware analysis, cyber incident response, and similar areas when the traces remain in the physical RAM. However, [...] Read more.
Physical memory acquisition is a prerequisite when performing memory forensics, referring to a set of techniques for acquiring and analyzing traces associated with user activity information, malware analysis, cyber incident response, and similar areas when the traces remain in the physical RAM. However, certain types of malware have applied anti-memory forensics techniques to evade memory analysis strategies or to make the acquisition process impossible. To disturb the acquisition process of physical memory, an attacker hooks the kernel API, which returns a map of the physical memory spaces, and modifies the return value of the API, specifically that typically used by memory acquisition tools. Moreover, an attacker modifies the kernel object referenced by the kernel API. This causes the system to crash during the memory acquisition process or causes the memory acquisition tools to incorrectly proceed with the acquisition. Even with a modification of one byte, called a one-byte modification attack, some tools fail to acquire memory. Therefore, specialized countermeasure techniques are needed for these anti-memory forensics techniques. In this paper, we propose a memory layout acquisition method which is robust to kernel API hooking and the one-byte modification attack on NumberOfRuns, the kernel object used to construct the memory layout in Windows. The proposed acquisition method directly accesses the memory, extracts the byte array, and parses it in the form of a memory layout. When we access the memory, we extract the _PHYSICAL_MEMORY_DESCRIPTOR structure, which is the basis of the memory layout without using the existing memory layout acquisition API. Furthermore, we propose a verification method that selects a reliable memory layout. We realize the verification method by comparing NumberOfRuns and the memory layout acquired via the kernel API, the registry, and the proposed method. The proposed verification method guarantees the reliability of the memory layout and helps secure memory image acquisition through a comparative verification with existing memory layout acquisition methods. We also conduct experiments to prove that the proposed method is resistant to anti-memory forensics techniques, confirming that there are no significant differences in time compared to the existing tools. Full article
(This article belongs to the Special Issue New Challenges on Cyber Threat Intelligence)
Show Figures

Figure 1

19 pages, 243 KiB  
Article
Cyber Third-Party Risk Management: A Comparison of Non-Intrusive Risk Scoring Reports
by Omer F. Keskin, Kevin Matthe Caramancion, Irem Tatar, Owais Raza and Unal Tatar
Electronics 2021, 10(10), 1168; https://0-doi-org.brum.beds.ac.uk/10.3390/electronics10101168 - 13 May 2021
Cited by 11 | Viewed by 7372
Abstract
Cybersecurity is a concern for organizations in this era. However, strengthening the security of an organization’s internal network may not be sufficient since modern organizations depend on third parties, and these dependencies may open new attack paths to cybercriminals. Cyber Third-Party Risk Management [...] Read more.
Cybersecurity is a concern for organizations in this era. However, strengthening the security of an organization’s internal network may not be sufficient since modern organizations depend on third parties, and these dependencies may open new attack paths to cybercriminals. Cyber Third-Party Risk Management (C-TPRM) is a relatively new concept in the business world. All vendors or partners possess a potential security vulnerability and threat. Even if an organization has the best cybersecurity practice, its data, customers, and reputation may be at risk because of a third party. Organizations seek effective and efficient methods to assess their partners’ cybersecurity risks. In addition to intrusive methods to assess an organization’s cybersecurity risks, such as penetration testing, non-intrusive methods are emerging to conduct C-TPRM more easily by synthesizing the publicly available information without requiring any involvement of the subject organization. In this study, the existing methods for C-TPRM built by different companies are presented and compared to discover the commonly used indicators and criteria for the assessments. Additionally, the results of different methods assessing the cybersecurity risks of a specific organization were compared to examine reliability and consistency. The results showed that even if there is a similarity among the results, the provided security scores do not entirely converge. Full article
(This article belongs to the Special Issue New Challenges on Cyber Threat Intelligence)
22 pages, 1898 KiB  
Article
The Influences of Feature Sets on the Detection of Advanced Persistent Threats
by Katharina Hofer-Schmitz, Ulrike Kleb and Branka Stojanović
Electronics 2021, 10(6), 704; https://0-doi-org.brum.beds.ac.uk/10.3390/electronics10060704 - 17 Mar 2021
Cited by 9 | Viewed by 2489
Abstract
This paper investigates the influences of different statistical network traffic feature sets on detecting advanced persistent threats. The selection of suitable features for detecting targeted cyber attacks is crucial to achieving high performance and to address limited computational and storage costs. The evaluation [...] Read more.
This paper investigates the influences of different statistical network traffic feature sets on detecting advanced persistent threats. The selection of suitable features for detecting targeted cyber attacks is crucial to achieving high performance and to address limited computational and storage costs. The evaluation was performed on a semi-synthetic dataset, which combined the CICIDS2017 dataset and the Contagio malware dataset. The CICIDS2017 dataset is a benchmark dataset in the intrusion detection field and the Contagio malware dataset contains real advanced persistent threat (APT) attack traces. Several different combinations of datasets were used to increase variety in background data and contribute to the quality of results. For the feature extraction, the CICflowmeter tool was used. For the selection of suitable features, a correlation analysis including an in-depth feature investigation by boxplots is provided. Based on that, several suitable features were allocated into different feature sets. The influences of these feature sets on the detection capabilities were investigated in detail with the local outlier factor method. The focus was especially on attacks detected with different feature sets and the influences of the background on the detection capabilities with respect to the local outlier factor method. Based on the results, we could determine a superior feature set, which detected most of the malicious flows. Full article
(This article belongs to the Special Issue New Challenges on Cyber Threat Intelligence)
Show Figures

Figure 1

17 pages, 1147 KiB  
Article
Magniber v2 Ransomware Decryption: Exploiting the Vulnerability of a Self-Developed Pseudo Random Number Generator
by Sehoon Lee, Myungseo Park and Jongsung Kim
Electronics 2021, 10(1), 16; https://0-doi-org.brum.beds.ac.uk/10.3390/electronics10010016 - 24 Dec 2020
Cited by 3 | Viewed by 5135
Abstract
With the rapid increase in computer storage capabilities, user data has become increasingly important. Although user data can be maintained by various protection techniques, its safety has been threatened by the advent of ransomware, defined as malware that encrypts user data, such as [...] Read more.
With the rapid increase in computer storage capabilities, user data has become increasingly important. Although user data can be maintained by various protection techniques, its safety has been threatened by the advent of ransomware, defined as malware that encrypts user data, such as documents, photographs and videos, and demands money to victims in exchange for data recovery. Ransomware-infected files can be recovered only by obtaining the encryption key used to encrypt the files. However, the encryption key is derived using a Pseudo Random Number Generator (PRNG) and is recoverable only by the attacker. For this reason, the encryption keys of malware are known to be difficult to obtain. In this paper, we analyzed Magniber v2, which has exerted a large impact in the Asian region. We revealed the operation process of Magniber v2 including PRNG and file encryption algorithms. In our analysis, we found a vulnerability in the PRNG of Magniber v2 developed by the attacker. We exploited this vulnerability to successfully recover the encryption keys, which was by verified the result in padding verification and statistical randomness tests. To our knowledge, we report the first recovery result of Magniber v2-infected files. Full article
(This article belongs to the Special Issue New Challenges on Cyber Threat Intelligence)
Show Figures

Figure 1

15 pages, 2093 KiB  
Article
Quantifiable Interactivity of Malicious URLs and the Social Media Ecosystem
by Chun-Ming Lai, Hung-Jr Shiu and Jon Chapman
Electronics 2020, 9(12), 2020; https://0-doi-org.brum.beds.ac.uk/10.3390/electronics9122020 - 30 Nov 2020
Cited by 4 | Viewed by 2033
Abstract
Online social network (OSN) users are increasingly interacting with each other via articles, comments, and responses. When access control mechanisms are weak or absent, OSNs are perceived by attackers as rich environments for influencing public opinions via fake news posts or influencing commercial [...] Read more.
Online social network (OSN) users are increasingly interacting with each other via articles, comments, and responses. When access control mechanisms are weak or absent, OSNs are perceived by attackers as rich environments for influencing public opinions via fake news posts or influencing commercial transactions via practices such as phishing. This has led to a body of research looking at potential ways to predict OSN user behavior using social science concepts such as conformity and the bandwagon effect. In this paper, we address the question of how social recommendation systems affect the occurrence of malicious URLs on Facebook, based on the assumption that there are no differences among recommendation systems in terms of delivering either legitimate or harmful information to users. Next, we use temporal features to build a prediction framework with >75% accuracy to predict increases in certain user group behaviors. Our effort involves the demarcation of URL classes, from malicious URLs viewed as causing significant damage to annoying spam messages and advertisements. We offer this analysis to better understand OSN user sensors reactions to various categories of malicious URLs in order to mitigate their effects. Full article
(This article belongs to the Special Issue New Challenges on Cyber Threat Intelligence)
Show Figures

Figure 1

18 pages, 6862 KiB  
Article
Effective DGA-Domain Detection and Classification with TextCNN and Additional Features
by Chanwoong Hwang, Hyosik Kim, Hooki Lee and Taejin Lee
Electronics 2020, 9(7), 1070; https://0-doi-org.brum.beds.ac.uk/10.3390/electronics9071070 - 30 Jun 2020
Cited by 7 | Viewed by 4296
Abstract
Malicious codes, such as advanced persistent threat (APT) attacks, do not operate immediately after infecting the system, but after receiving commands from the attacker’s command and control (C&C) server. The system infected by the malicious code tries to communicate with the C&C server [...] Read more.
Malicious codes, such as advanced persistent threat (APT) attacks, do not operate immediately after infecting the system, but after receiving commands from the attacker’s command and control (C&C) server. The system infected by the malicious code tries to communicate with the C&C server through the IP address or domain address of the C&C server. If the IP address or domain address is hard-coded inside the malicious code, it can analyze the malicious code to obtain the address and block access to the C&C server through security policy. In order to circumvent this address blocking technique, domain generation algorithms are included in the malware to dynamically generate domain addresses. The domain generation algorithm (DGA) generates domains randomly, so it is very difficult to identify and block malicious domains. Therefore, this paper effectively detects and classifies unknown DGA domains. We extract features that are effective for TextCNN-based label prediction, and add additional domain knowledge-based features to improve our model for detecting and classifying DGA-generated malicious domains. The proposed model achieved 99.19% accuracy for DGA classification and 88.77% accuracy for DGA class classification. We expect that the proposed model can be applied to effectively detect and block DGA-generated domains. Full article
(This article belongs to the Special Issue New Challenges on Cyber Threat Intelligence)
Show Figures

Figure 1

21 pages, 5208 KiB  
Article
Anomaly Based Unknown Intrusion Detection in Endpoint Environments
by Sujeong Kim, Chanwoong Hwang and Taejin Lee
Electronics 2020, 9(6), 1022; https://0-doi-org.brum.beds.ac.uk/10.3390/electronics9061022 - 20 Jun 2020
Cited by 21 | Viewed by 4833
Abstract
According to a study by Cybersecurity Ventures, cybercrime is expected to cost $6 trillion annually by 2021. Most cybersecurity threats access internal networks through infected endpoints. Recently, various endpoint environments such as smartphones, tablets, and Internet of things (IoT) devices have been configured, [...] Read more.
According to a study by Cybersecurity Ventures, cybercrime is expected to cost $6 trillion annually by 2021. Most cybersecurity threats access internal networks through infected endpoints. Recently, various endpoint environments such as smartphones, tablets, and Internet of things (IoT) devices have been configured, and security issues caused by malware targeting them are intensifying. Event logs-based detection technology for endpoint security is detected using rules or patterns. Therefore, known attacks can respond, but unknown attacks can be difficult to respond to immediately. To solve this problem, in this paper, local outlier factor (LOF) and Autoencoder detect suspicious behavior that deviates from normal behavior. It also detects threats and shows the corresponding threats when suspicious events corresponding to the rules created through the attack profile are constantly occurring. Experimental results detected eight new suspicious processes that were not previously detected, and four malicious processes and one suspicious process were judged using Hybrid Analysis and VirusTotal. Based on the experiment results, it is expected that the use of operational policies such as allowlists in the proposed model will significantly improve performance by minimizing false positives. Full article
(This article belongs to the Special Issue New Challenges on Cyber Threat Intelligence)
Show Figures

Figure 1

20 pages, 966 KiB  
Article
BLOCIS: Blockchain-Based Cyber Threat Intelligence Sharing Framework for Sybil-Resistance
by Seonghyeon Gong and Changhoon Lee
Electronics 2020, 9(3), 521; https://0-doi-org.brum.beds.ac.uk/10.3390/electronics9030521 - 21 Mar 2020
Cited by 31 | Viewed by 5685
Abstract
The convergence of fifth-generation (5G) communication and the Internet-of-Things (IoT) has dramatically increased the diversity and complexity of the network. This change diversifies the attacker’s attack vectors, increasing the impact and damage of cyber threats. Cyber threat intelligence (CTI) technology is a proof-based [...] Read more.
The convergence of fifth-generation (5G) communication and the Internet-of-Things (IoT) has dramatically increased the diversity and complexity of the network. This change diversifies the attacker’s attack vectors, increasing the impact and damage of cyber threats. Cyber threat intelligence (CTI) technology is a proof-based security system which responds to these advanced cyber threats proactively by analyzing and sharing security-related data. However, the performance of CTI systems can be significantly compromised by creating and disseminating improper security policies if an attacker intentionally injects malicious data into the system. In this paper, we propose a blockchain-based CTI framework that improves confidence in the source and content of the data and can quickly detect and eliminate inaccurate data for resistance to a Sybil attack. The proposed framework collects CTI by a procedure validated through smart contracts and stores information about the metainformation of data in a blockchain network. The proposed system ensures the validity and reliability of CTI data by ensuring traceability to the data source and proposes a system model that can efficiently operate and manage CTI data in compliance with the de facto standard. We present the simulation results to prove the effectiveness and Sybil-resistance of the proposed framework in terms of reliability and cost to attackers. Full article
(This article belongs to the Special Issue New Challenges on Cyber Threat Intelligence)
Show Figures

Figure 1

Review

Jump to: Research

26 pages, 848 KiB  
Review
A Systematic Mapping Study on Cyber Security Indicator Data
by Per Håkon Meland, Shukun Tokas, Gencer Erdogan, Karin Bernsmed and Aida Omerovic
Electronics 2021, 10(9), 1092; https://0-doi-org.brum.beds.ac.uk/10.3390/electronics10091092 - 05 May 2021
Cited by 5 | Viewed by 4508
Abstract
A security indicator is a sign that shows us what something is like or how a situation is changing and can aid us in making informed estimations on cyber risks. There are many different breeds of security indicators, but, unfortunately, they are not [...] Read more.
A security indicator is a sign that shows us what something is like or how a situation is changing and can aid us in making informed estimations on cyber risks. There are many different breeds of security indicators, but, unfortunately, they are not always easy to apply due to a lack of available or credible sources of data. This paper undertakes a systematic mapping study on the academic literature related to cyber security indicator data. We identified 117 primary studies from the past five years as relevant to answer our research questions. They were classified according to a set of categories related to research type, domain, data openness, usage, source, type and content. Our results show a linear growth of publications per year, where most indicators are based on free or internal technical data that are domain independent. While these indicators can give valuable information about the contemporary cyber risk, the increasing usage of unconventional data sources and threat intelligence feeds of more strategic and tactical nature represent a more forward-looking trend. In addition, there is a need to take methods and techniques developed by the research community from the conceptual plane and make them practical enough for real-world application. Full article
(This article belongs to the Special Issue New Challenges on Cyber Threat Intelligence)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-12
Back to TopTop