Cyber threat intelligence for improving cyber supply chain security

Yeboah-Ofori, Abel ORCID: https://orcid.org/0000-0001-8055-9274, Islam, Shareeful and Yeboah-Boateng, Ezer (2019) Cyber threat intelligence for improving cyber supply chain security. In: 2019 International Conference on Cyber Security and Internet of Things (ICSIoT), 29-31 May 2019, Accra, Ghana.

[thumbnail of Cyber Threat Intelligence for Improving Cyber Supply Chain Security.pdf]
Preview
PDF
Cyber Threat Intelligence for Improving Cyber Supply Chain Security.pdf - Accepted Version

Download (343kB) | Preview

Abstract

Cyber supply chain (CSC) systems provide operational efficiency and business continuity due to the integrated nature of various network system nodes. Such integration has made the overall system vulnerable to various cyber attacks and malware propagation is one of the common attacks for CSC. Cyber threat intelligence (CTI) provides an organization the capability to identify, gather, analyze threats and the associated risks so that CSC organization can forecast the existing and future threat trends and manage the cybersecurity risk in a proactive manner. A threat actor may attack the system and propagate a malware. The purpose is to manipulate, alter, or change delivery mechanisms. It is imperative to integrate CTI into the existing cybersecurity practice to detect and understand the threat actor's intents and motive. In our previous paper, we used threat analysis gathering to provide us an understanding of the adversaries' capabilities, actions, and intents. This paper contributes to improving the cybersecurity of CSC by using CTI. In particular, we extend our previous work which identifies and analysis CSC attacks and adopts CTI approach to understand the attack trends so that appropriate control can determine proactively. We use the malware a smart grid case study as CSC context to demonstrate our approach. The result demonstrations how CTI approach is applied to assist in preventing cyberattacks and to disseminate threat information sharing.

Item Type: Conference or Workshop Item (Paper)
ISBN: 9781728174174
Identifier: 10.1109/ICSIoT47925.2019.00012
Page Range: pp. 28-33
Identifier: 10.1109/ICSIoT47925.2019.00012
Additional Information: © 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Keywords: Cyber Threat Intelligence, Cyber Supply Chain, Tactics Techniques Procedure, Cyber Security, Threat Modelling
Subjects: Computing > Information security > Cyber security
Related URLs:
Depositing User: Dr Abel Yeboah-Ofori
Date Deposited: 24 Jun 2021 13:33
Last Modified: 28 Aug 2021 07:15
URI: https://repository.uwl.ac.uk/id/eprint/8026

Downloads

Downloads per month over past year

Actions (login required)

View Item View Item

Menu