Thu. Mar 28th, 2024

Content Assessment: Countering Threat Actors? Using Social Network Analysis for Cyber Threat Intelligence (CCDCOE)

Information - 93%
Insight - 94%
Relevance - 92%
Objectivity - 91%
Authority - 94%

93%

Excellent

A short percentage-based assessment of the qualitative benefit of the report from the NATO CCDCOE on cyber threat intelligence.

Editor’s Note: From time to time, ComplexDiscovery highlights publicly available or privately purchasable announcements, content updates, and research from cyber, data, and legal discovery providers, research organizations, and ComplexDiscovery community members. While ComplexDiscovery regularly highlights this information, it does not assume any responsibility for content assertions.

To submit recommendations for consideration and inclusion in ComplexDiscovery’s cyber, data, and legal discovery-centric service, product, or research announcements, contact us today.


Background Note: Shared for the non-commercial educational benefit of cybersecurity, information governance, and eDiscovery professionals, this recently published research report from the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) explores the use of social network analysis for cyber threat intelligence and may be useful for cyber and legal discovery professionals seeking to better understand the cyber threats they face.

Publication from CCDCOE*

Using Social Network Analysis for Cyber Threat Intelligence

By Vasileios Anastopoulos

Overview

Cyber threat intelligence assists organizations in understanding the threats they face and helps them make educated decisions on preparing their defenses. Sharing of threat intelligence and threat information is increasingly leveraged by organizations and enterprises, and various software solutions are already available, with the open-source malware information sharing platform (MISP) being a popular one. In this work, a methodology for the production of cyber threat intelligence using the threat information stored in MISP is proposed. The methodology leverages the discipline of social network analysis and the diamond model, a model used for intrusion analysis, to produce cyber threat intelligence. The workings of the proposed methodology are demonstrated with a case study on a production MISP instance of a real organization. The paper concludes with a discussion on the proposed methodology and possible directions for further research.

Read the original post.


Complete Report: Using Social Network Analysis for Cyber Threat Intelligence (PDF) – Mouseover to Scroll

Using Social Network Analysis for Cyber Threat Intelligence - CCDCOE

Read the original publication.

*Shared with permission based on educational and non-commercial distribution.

Publication Source: NATO CCDCOE, 2022. Using Social Network Analysis for Cyber Threat Intelligence. [online] Tallinn: NATO CCDCOE Publications. Available at: <https://ccdcoe.org/uploads/2022/07/Research_paper.pdf> [Accessed 20 July 2022].


Additional Reading

Source: ComplexDiscovery

 

Generative Artificial Intelligence and Large Language Model Use

ComplexDiscovery OÜ recognizes the value of GAI and LLM tools in streamlining content creation processes and enhancing the overall quality of its research, writing, and editing efforts. To this end, ComplexDiscovery OÜ regularly employs GAI tools, including ChatGPT, Claude, Midjourney, and DALL-E, to assist, augment, and accelerate the development and publication of both new and revised content in posts and pages published (initiated in late 2022).

ComplexDiscovery also provides a ChatGPT-powered AI article assistant for its users. This feature leverages LLM capabilities to generate relevant and valuable insights related to specific page and post content published on ComplexDiscovery.com. By offering this AI-driven service, ComplexDiscovery OÜ aims to create a more interactive and engaging experience for its users, while highlighting the importance of responsible and ethical use of GAI and LLM technologies.

 

Have a Request?

If you have information or offering requests that you would like to ask us about, please let us know, and we will make our response to you a priority.

ComplexDiscovery OÜ is a highly recognized digital publication focused on providing detailed insights into the fields of cybersecurity, information governance, and eDiscovery. Based in Estonia, a hub for digital innovation, ComplexDiscovery OÜ upholds rigorous standards in journalistic integrity, delivering nuanced analyses of global trends, technology advancements, and the eDiscovery sector. The publication expertly connects intricate legal technology issues with the broader narrative of international business and current events, offering its readership invaluable insights for informed decision-making.

For the latest in law, technology, and business, visit ComplexDiscovery.com.