A Reference Model for Cyber Threat Intelligence (CTI) Systems
Georgios Sakellariou, Panagiotis Fouliras, Ioannis Mavridis, Panagiotis Sarigiannidis
Abstract
Cyber Threat Intelligence (CTI) is a new but promising field of information security, with many organizations investing in the development of proper tools and services and the integration of CTI related information. However, as a new field, there is a lack of a conceptual framework with corresponding definitions. This paper discusses CTI complexity factors, proposes a set of definitions of the CTI key concepts and an eight-layer CTI Reference Model as a base for CTI systems design. In addition, the proposed reference model is validated by applying it to three case studies, producing the respective CTI Reference Architectures.
Topics & Concepts
Reference modelComputer scienceKey (lock)Field (mathematics)Set (abstract data type)Systems engineeringComputer securitySoftware engineeringEngineeringMathematicsProgramming languagePure mathematicsInformation and Cyber SecurityAdvanced Malware Detection TechniquesNetwork Security and Intrusion Detection