Analysis and Implementation of Threat Agents Profiles in Semi-Automated Manner for a Network Traffic in Real-Time Information Environment
| Autor: | Niharika Anand, Stilianos Vidalis, Somesh Kumar, Gaurav Sharma, Catherine Menon |
|---|---|
| Jazyk: | angličtina |
| Rok vydání: | 2021 |
| Předmět: |
Situation awareness
TK7800-8360 Computer Networks and Communications Process (engineering) National Information Infrastructure Computer science 0211 other engineering and technologies 02 engineering and technology Computer security computer.software_genre 01 natural sciences Threat real-time user monitoring threat agents motivation 0103 physical sciences Electrical and Electronic Engineering opportunity complexity threat agent 010303 astronomy & astrophysics user profiling 021103 operations research capability modeling Information security threat assessment Hardware and Architecture Control and Systems Engineering Software security assurance Signal Processing Packet analyzer implicit Electronics computer Threat assessment |
| Zdroj: | Electronics, Vol 10, Iss 1849, p 1849 (2021) Electronics Volume 10 Issue 15 |
| ISSN: | 2079-9292 |
| Popis: | Threat assessment is the continuous process of monitoring the threats identified in the network of the real-time informational environment of an organisation and the business of the companies. The sagacity and security assurance for the system of an organisation and company’s business seem to need that information security exercise to unambiguously and effectively handle the threat agent’s attacks. How is this unambiguous and effective way in the present-day state of information security practice working? Given the prevalence of threats in the modern information environment, it is essential to guarantee the security of national information infrastructure. However, the existing models and methodology are not addressing the attributes of threats like motivation, opportunity, and capability (C, M, O), and the critical threat intelligence (CTI) feed to the threat agents during the penetration process is ineffective, due to which security assurance arises for an organisation and the business of companies. This paper proposes a semi-automatic information security model, which can deal with situational awareness data, strategies prevailing information security activities, and protocols monitoring specific types of the network next to the real-time information environment. This paper looks over analyses and implements the threat assessment of network traffic in one particular real-time informational environment. To achieve this, we determined various unique attributes of threat agents from the Packet Capture Application Programming Interface (PCAP files/DataStream) collected from the network between the years 2012 and 2019. We used hypothetical and real-world examples of a threat agent to evaluate the three different factors of threat agents, i.e., Motivation, Opportunity, and Capability (M, O, C). Based on this, we also designed and determined the threat profiles, critical threat intelligence (CTI), and complexity of threat agents that are not addressed or covered in the existing threat agent taxonomies models and methodologies. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|