Mtsweni, Jabu SShozi, Nobubele AMatenche, KqwadiMutemwa, MuyowaMkhonto, NjabuloJansen van Vuuren, Joey2017-07-282017-07-282016-03Mtsweni, J.S., Shozi, N.A., Matenche, K. et al. 2016. Development of a semantic-enabled cybersecurity threat intelligence sharing model. 11th International Conference on Cyber Warfare & Security, 17 - 18 March 2016, Boston University, Boston, USA.http://hdl.handle.net/10204/937011th International Conference on Cyber Warfare & Security, 17 - 18 March 2016, Boston University, Boston, USABig Data is transforming the global technological landscape by elevating online information access required for addressing everyday challenges, such as detecting in real-time the spread of diseases within areas of interest. As the data in the cyberspace continues to grow in a gargantuan manner due to the popularity and successes of Web 2.0 technologies and social networks, amongst other reasons, organizations also continue to face the complex challenge of sifting through this data to timely detect and respond to security threats relevant to their operating domain. Traditional businesses and governmental organisations generally rely on inefficient and discrete solutions that rely on limited sources of information, signature-based and anomaly-based approaches to detect known cyber threats and attacks. On the contrary, threat agents continue to develop advanced techniques for their cyber espionage, reconnaissance missions, and ultimately devastating attacks. In addition, emerging cybersecurity intelligence solutions lack the semantic knowledge essential for automated sharing of timely and context-aware information within a specific operating domain. Moreover, existing cybersecurity information sharing solutions lack the visualization and intelligence necessary for handling the large volume of unstructured data generated by multiple sources across different sectors. In an attempt to address some of these challenges, this paper presents a preposition of a semantic-enabled sharing model for exchanging timely and relevant cybersecurity intelligence with trusted collaborators. Drawing from previous research and open source sharing platforms, such as CRITS, this model is underpinned by common information exchange standards, such as STIX and TAXII. The proposed cross-platform sharing model is evaluated by exploiting a large stream of cybersecurity-related tweets and semantic knowledge available from a variety of data sources. Preliminary results suggest that semantic knowledge is essential towards enabling collaborative and automated exchange of timely and actionable cybersecurity intelligence.enCybersecurityThreat intelligenceCrowdsourcingBig dataWeb securityVulnerabilitiesConference PresentationMtsweni, J. S., Shozi, N. A., Matenche, K., Mutemwa, M., Mkhonto, N., & Jansen van Vuuren, J. (2016). Development of a semantic-enabled cybersecurity threat intelligence sharing model. http://hdl.handle.net/10204/9370Mtsweni, Jabu S, Nobubele A Shozi, Kqwadi Matenche, Muyowa Mutemwa, Njabulo Mkhonto, and Joey Jansen van Vuuren. "Development of a semantic-enabled cybersecurity threat intelligence sharing model." (2016): http://hdl.handle.net/10204/9370Mtsweni JS, Shozi NA, Matenche K, Mutemwa M, Mkhonto N, Jansen van Vuuren J, Development of a semantic-enabled cybersecurity threat intelligence sharing model; 2016. http://hdl.handle.net/10204/9370 .TY - Conference Presentation AU - Mtsweni, Jabu S AU - Shozi, Nobubele A AU - Matenche, Kqwadi AU - Mutemwa, Muyowa AU - Mkhonto, Njabulo AU - Jansen van Vuuren, Joey AB - Big Data is transforming the global technological landscape by elevating online information access required for addressing everyday challenges, such as detecting in real-time the spread of diseases within areas of interest. As the data in the cyberspace continues to grow in a gargantuan manner due to the popularity and successes of Web 2.0 technologies and social networks, amongst other reasons, organizations also continue to face the complex challenge of sifting through this data to timely detect and respond to security threats relevant to their operating domain. Traditional businesses and governmental organisations generally rely on inefficient and discrete solutions that rely on limited sources of information, signature-based and anomaly-based approaches to detect known cyber threats and attacks. On the contrary, threat agents continue to develop advanced techniques for their cyber espionage, reconnaissance missions, and ultimately devastating attacks. In addition, emerging cybersecurity intelligence solutions lack the semantic knowledge essential for automated sharing of timely and context-aware information within a specific operating domain. Moreover, existing cybersecurity information sharing solutions lack the visualization and intelligence necessary for handling the large volume of unstructured data generated by multiple sources across different sectors. In an attempt to address some of these challenges, this paper presents a preposition of a semantic-enabled sharing model for exchanging timely and relevant cybersecurity intelligence with trusted collaborators. Drawing from previous research and open source sharing platforms, such as CRITS, this model is underpinned by common information exchange standards, such as STIX and TAXII. The proposed cross-platform sharing model is evaluated by exploiting a large stream of cybersecurity-related tweets and semantic knowledge available from a variety of data sources. Preliminary results suggest that semantic knowledge is essential towards enabling collaborative and automated exchange of timely and actionable cybersecurity intelligence. DA - 2016-03 DB - ResearchSpace DP - CSIR KW - Cybersecurity KW - Threat intelligence KW - Crowdsourcing KW - Big data KW - Web security KW - Vulnerabilities LK - https://researchspace.csir.co.za PY - 2016 T1 - Development of a semantic-enabled cybersecurity threat intelligence sharing model TI - Development of a semantic-enabled cybersecurity threat intelligence sharing model UR - http://hdl.handle.net/10204/9370 ER -