FOCUS: Fatigue-Reducing IOCs Through Prioritization and Scoring

Vinay Sachidananda; Bryson Teo; Ruitao Feng; Kwok-Yan Lam; Liu Yang

doi:10.1109/DASC/PiCom/CBDCom/Cy59711.2023.10361355.

Back

Conference proceeding

FOCUS: Fatigue-Reducing IOCs Through Prioritization and Scoring

Vinay Sachidananda, Bryson Teo, Ruitao Feng, Kwok-Yan Lam and Liu Yang

2023 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech), pp.0020-0027

The 21st IEEE International Conference on Dependable, Autonomic & Secure Computing (DASC 2023), 21st (Abu Dhabi, UAE, 14/11/2023–17/11/2023)

12/2023

DOI: https://doi.org/10.1109/DASC/PiCom/CBDCom/Cy59711.2023.10361355.

Metrics

9 Record Views

Abstract

Companies

Computer viruses

Correlation

Cyber threat intelligence

Information sharing

Intrusion detection

Real-time systems

In recent years, the field of Cyber Threat Intelligence (CTI) has undergone rapid development, primarily due to the emergence of various organizations and platforms dedicated to threat intelligence. Through automated analysis and real-time information sharing, companies can now more effectively identify and manage the risks associated with cyber threats and attacks. One of the most commonly used types of threat data is Indicators of Compromise (IOCs), which play a crucial role in early cyber intrusion detection and prevention. However, the quality of the collected data is often limited, and the sheer volume of real-time data can overwhelm security analysts, leading to IOC data fatigue. To address this challenge, a new scoring mechanism called FOCUS has been proposed. FOCUS utilizes various attributes and relationships provided by the VirusTotal online scanning engine analysis results to prioritize a set of IOCs. By concentrating on properly analyzed and ranked IOCs from a vast dataset, FOCUS can assist organizations in allocating resources and efforts more effectively. Ultimately, FOCUS can enhance the accuracy and efficiency of IOC analysis, strengthening an organization's ability to respond to cybersecurity threats.

Details

Title: FOCUS: Fatigue-Reducing IOCs Through Prioritization and Scoring
Creators: Vinay Sachidananda - Nanyang Technological University
Bryson Teo - Nanyang Technological University
Ruitao Feng - University of New South Wales (Australia, Sydney)
Kwok-Yan Lam - Nanyang Technological University,Singapore
Liu Yang - Nanyang Technological University,Singapore
Publication Details: 2023 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech), pp.0020-0027
Conference: The 21st IEEE International Conference on Dependable, Autonomic & Secure Computing (DASC 2023), 21st (Abu Dhabi, UAE, 14/11/2023–17/11/2023)
Publisher: IEEE
Number of pages: 8
Identifiers: 991013245550702368
Academic Unit: Faculty of Science and Engineering
Language: English
Resource Type: Conference proceeding

FOCUS: Fatigue-Reducing IOCs Through Prioritization and Scoring

Related links

Metrics

Abstract

Details

Southern Cross University Social media