Content Assessment: Countering Threat Actors? Using Social Network Analysis for Cyber Threat Intelligence (CCDCOE)
Information - 93%
Insight - 94%
Relevance - 92%
Objectivity - 91%
Authority - 94%
A short percentage-based assessment of the qualitative benefit of the report from the NATO CCDCOE on cyber threat intelligence.
Editor’s Note: From time to time, ComplexDiscovery highlights publicly available or privately purchasable announcements, content updates, and research from cyber, data, and legal discovery providers, research organizations, and ComplexDiscovery community members. While ComplexDiscovery regularly highlights this information, it does not assume any responsibility for content assertions.
To submit recommendations for consideration and inclusion in ComplexDiscovery’s cyber, data, and legal discovery-centric service, product, or research announcements, contact us today.
Background Note: Shared for the non-commercial educational benefit of cybersecurity, information governance, and eDiscovery professionals, this recently published research report from the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) explores the use of social network analysis for cyber threat intelligence and may be useful for cyber and legal discovery professionals seeking to better understand the cyber threats they face.
Publication from CCDCOE*
Using Social Network Analysis for Cyber Threat Intelligence
By Vasileios Anastopoulos
Cyber threat intelligence assists organizations in understanding the threats they face and helps them make educated decisions on preparing their defenses. Sharing of threat intelligence and threat information is increasingly leveraged by organizations and enterprises, and various software solutions are already available, with the open-source malware information sharing platform (MISP) being a popular one. In this work, a methodology for the production of cyber threat intelligence using the threat information stored in MISP is proposed. The methodology leverages the discipline of social network analysis and the diamond model, a model used for intrusion analysis, to produce cyber threat intelligence. The workings of the proposed methodology are demonstrated with a case study on a production MISP instance of a real organization. The paper concludes with a discussion on the proposed methodology and possible directions for further research.
Using Social Network Analysis for Cyber Threat Intelligence - CCDCOE
*Shared with permission based on educational and non-commercial distribution.
Publication Source: NATO CCDCOE, 2022. Using Social Network Analysis for Cyber Threat Intelligence. [online] Tallinn: NATO CCDCOE Publications. Available at: <https://ccdcoe.org/uploads/2022/07/Research_paper.pdf> [Accessed 20 July 2022].
- [Annual Update] International Cyber Law in Practice: Interactive Toolkit
- Defining Cyber Discovery? A Definition and Framework
Have a Request?
If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.
ComplexDiscovery is an online publication that highlights cyber, data, and legal discovery insight and intelligence ranging from original research to aggregated news for use by cybersecurity, information governance, and eDiscovery professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding cyber, data, and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.
ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of cyber, data, and legal discovery organizations. Focused primarily on supporting the ComplexDiscovery publication, the company is registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world. The company operates virtually worldwide to deliver marketing consulting and services.