- Title
- A sharing platform for Indicators of Compromise
- Creator
- Rudman, Lauren, Irwin, Barry V W
- Date
- 2016
- Type
- text
- Type
- article
- Identifier
- http://hdl.handle.net/10962/427831
- Identifier
- vital:72465
- Identifier
- https://www.researchgate.net/profile/Barry-Ir-win/publication/327622961_A_sharing_platform_for_Indicators_of_Compromise/links/5b9a1ad1a6fdcc59bf8dfe51/A-sharing-platform-for-Indicators-of-Compromise.pdf
- Description
- In this paper, we will describe the functionality of a proof of concept sharing platform for sharing cyber threat information. Information is shared in the Structured Threat Information eXpression (STIX) language displayed in HTML. We focus on the sharing of network Indicators of Compromise generated by malware samples. Our work is motivated by the need to provide a platform for exchanging comprehensive network level Indicators. Accordingly we demonstrate the functionality of our proof of concept project. We will discuss how to use some functions of the platform, such as sharing STIX Indicators, navigating around and downloading defense mechanisims. It will be shown how threat information can be converted into different formats to allow them to be used in firewall and Intrusion Detection System (IDS) rules. This is an extension to the sharing platform and makes the creation of network level defense mechanisms efficient. Two API functions of the platform will be successfully tested and are useful because this can allow for the bulk sharing and of threat information.
- Format
- 5 pages, pdf
- Language
- English
- Relation
- Proceedings of Southern African Telecommunication Networks and Applications Conference (SATNAC), Rudman, L. and Irwin, B., 2016. A sharing platform for Indicators of Compromise. In Fancourt, George, Southern Africa Telecommunication Networks and Applications Conference (SATNAC), Proceedings of Southern African Telecommunication Networks and Applications Conference (SATNAC) volume 2016 number 1 1 5 2016 Conference
- Rights
- Publisher
- Rights
- Use of this resource is governed by the terms and conditions of the Southern Africa Telecommunication Networks and Applications Conference (SA TNAC) Statement (https://www.satnac.org.za/)
- Hits: 72
- Visitors: 76
- Downloads: 6
Collections
Irwin, Barry V W (Prof)
RU Department of Computer Science
SDG 09. Industry, Innovation and Infrastructure
| Thumbnail | File | Description | Size | Format | |||
|---|---|---|---|---|---|---|---|
| View Details Download | SOURCE1 | A sharing platform for Indicators of Compromise.pdf | 457 KB | Adobe Acrobat PDF | View Details Download |