- -

Key Requirements for the Detection and Sharing of Behavioral Indicators of Compromise

RiuNet: Repositorio Institucional de la Universidad Politécnica de Valencia

Compartir/Enviar a

Citas

Estadísticas

  • Estadisticas de Uso

Key Requirements for the Detection and Sharing of Behavioral Indicators of Compromise

Mostrar el registro sencillo del ítem

Ficheros en el ítem

Thumbnail
Nombre: Villalon-HuertaRi ...
Tamaño: 402.2Kb
Formato: PDF
Descripción: Versión editorial
Abrir
dc.contributor.author Villalón-Huerta, Antonio es_ES
dc.contributor.author Ripoll-Ripoll, Ismael es_ES
dc.contributor.author Marco-Gisbert, Héctor es_ES
dc.date.accessioned 2023-05-26T18:01:41Z
dc.date.available 2023-05-26T18:01:41Z
dc.date.issued 2022-02 es_ES
dc.identifier.uri http://hdl.handle.net/10251/193625
dc.description.abstract [EN] Cyber threat intelligence feeds the focus on atomic and computed indicators of compromise. These indicators are the main source of tactical cyber intelligence most organizations benefit from. They are expressed in machine-readable formats, and they are easily loaded into security devices in order to protect infrastructures. However, their usefulness is very limited, specially in terms of time of life. These indicators can be useful when dealing with non-advanced actors, but they are easily avoided by advanced ones. To detect advanced actor¿s activities, an analyst must deal with behavioral indicators of compromise, which represent tactics, techniques and procedures that are not as common as the atomic and computed ones. In this paper, we analyze why these indicators are not widely used, and we identify key requirements for successful behavioral IOC detection, specification and sharing. We follow the intelligence cycle as the arranged sequence of steps for a defensive team to work, thereby providing a common reference for these teams to identify gaps in their capabilities. es_ES
dc.language Inglés es_ES
dc.publisher MDPI AG es_ES
dc.relation.ispartof Electronics es_ES
dc.rights Reconocimiento (by) es_ES
dc.subject Cyber threat intelligence es_ES
dc.subject Indicator of compromise es_ES
dc.subject IOC es_ES
dc.subject TTP es_ES
dc.subject MITRE ATT&CK es_ES
dc.subject.classification ARQUITECTURA Y TECNOLOGIA DE COMPUTADORES es_ES
dc.title Key Requirements for the Detection and Sharing of Behavioral Indicators of Compromise es_ES
dc.type Artículo es_ES
dc.identifier.doi 10.3390/electronics11030416 es_ES
dc.rights.accessRights Abierto es_ES
dc.contributor.affiliation Universitat Politècnica de València. Escola Tècnica Superior d'Enginyeria Informàtica es_ES
dc.description.bibliographicCitation Villalón-Huerta, A.; Ripoll-Ripoll, I.; Marco-Gisbert, H. (2022). Key Requirements for the Detection and Sharing of Behavioral Indicators of Compromise. Electronics. 11(3):1-20. https://doi.org/10.3390/electronics11030416 es_ES
dc.description.accrualMethod S es_ES
dc.relation.publisherversion https://doi.org/10.3390/electronics11030416 es_ES
dc.description.upvformatpinicio 1 es_ES
dc.description.upvformatpfin 20 es_ES
dc.type.version info:eu-repo/semantics/publishedVersion es_ES
dc.description.volume 11 es_ES
dc.description.issue 3 es_ES
dc.identifier.eissn 2079-9292 es_ES
dc.relation.pasarela S\454498 es_ES
dc.contributor.funder Universitat Politècnica de València es_ES
dc.subject.ods 03.- Garantizar una vida saludable y promover el bienestar para todos y todas en todas las edades es_ES
dc.subject.ods 09.- Desarrollar infraestructuras resilientes, promover la industrialización inclusiva y sostenible, y fomentar la innovación es_ES
dc.subject.ods 11.- Conseguir que las ciudades y los asentamientos humanos sean inclusivos, seguros, resilientes y sostenibles es_ES
dc.subject.ods 16.- Promover sociedades pacíficas e inclusivas para el desarrollo sostenible, facilitar acceso a la justicia para todos y crear instituciones eficaces, responsables e inclusivas a todos los niveles es_ES


Este ítem aparece en la(s) siguiente(s) colección(ones)

Mostrar el registro sencillo del ítem