Towards Cyber Threat Intelligence for the IoT

• URL: http://arxiv.org/abs/2406.13543v1
• Date: Wed, 19 Jun 2024 13:30:01 GMT
• Title: Towards Cyber Threat Intelligence for the IoT
• Authors: Alfonso Iacovazzi, Han Wang, Ismail Butun, Shahid Raza,
• Abstract summary: This paper presents a taxonomy and analysis of the Cyber Threat Intelligence (CTI) frameworks and CTI exchange platforms available today. It proposes a new CTI architecture relying on the MISP Threat Intelligence Sharing Platform customized and focusing on IoT environment. The proposed CTI architecture will be very beneficial for securing IoT networks, especially the ones working in harsh and adversarial environments.
• Score: 4.17685888727818
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: With the proliferation of digitization and its usage in critical sectors, it is necessary to include information about the occurrence and assessment of cyber threats in an organization's threat mitigation strategy. This Cyber Threat Intelligence (CTI) is becoming increasingly important, or rather necessary, for critical national and industrial infrastructures. Current CTI solutions are rather federated and unsuitable for sharing threat information from low-power IoT devices. This paper presents a taxonomy and analysis of the CTI frameworks and CTI exchange platforms available today. It proposes a new CTI architecture relying on the MISP Threat Intelligence Sharing Platform customized and focusing on IoT environment. The paper also introduces a tailored version of STIX (which we call tinySTIX), one of the most prominent standards adopted for CTI data modeling, optimized for low-power IoT devices using the new lightweight encoding and cryptography solutions. The proposed CTI architecture will be very beneficial for securing IoT networks, especially the ones working in harsh and adversarial environments.

Related papers

• Leveraging Machine Learning Techniques in Intrusion Detection Systems for Internet of Things [11.185300073739098]
  Traditional Intrusion Detection Systems (IDS) often fall short in managing the dynamic and large-scale nature of IoT networks. This paper explores how Machine Learning (ML) and Deep Learning (DL) techniques can significantly enhance IDS performance in IoT environments.
  arXiv  Detail & Related papers  (2025-04-09T18:52:15Z)
• Federated Learning-Driven Cybersecurity Framework for IoT Networks with Privacy-Preserving and Real-Time Threat Detection Capabilities [0.0]
  Traditional centralized security methods often struggle to balance privacy preservation and real-time threat detection in IoT networks. This study proposes a Federated Learning-Driven Cybersecurity Framework designed specifically for IoT environments. Secure aggregation of locally trained models is achieved using homomorphic encryption, allowing collaborative learning without exposing sensitive information.
  arXiv  Detail & Related papers  (2025-02-14T23:11:51Z)
• Enhancing Cybersecurity in IoT Networks: A Deep Learning Approach to Anomaly Detection [0.0]
  The proliferation of the Internet and smart devices has led to a rise in cybercrimes. This paper introduces a deep learning model incorporating LSTM and attention mechanisms, a pivotal strategy in combating cybercrime in IoT networks.
  arXiv  Detail & Related papers  (2024-12-11T11:31:05Z)
• RITA: Automatic Framework for Designing of Resilient IoT Applications [0.0]
  We propose RITA, an automated, open-source framework that uses a fine-tuned RoBERTa-based Named Entity Recognition (NER) model. RITA operates entirely offline and can be deployed on-site, safeguarding sensitive information. In our empirical evaluation, RITA outperformed ChatGPT in four of seven ICO categories.
  arXiv  Detail & Related papers  (2024-11-27T13:24:52Z)
• CTINEXUS: Leveraging Optimized LLM In-Context Learning for Constructing Cybersecurity Knowledge Graphs Under Data Scarcity [49.657358248788945]
  Textual descriptions in cyber threat intelligence (CTI) reports are rich sources of knowledge about cyber threats. Current CTI extraction methods lack flexibility and generalizability, often resulting in inaccurate and incomplete knowledge extraction. We propose CTINexus, a novel framework leveraging optimized in-context learning (ICL) of large language models.
  arXiv  Detail & Related papers  (2024-10-28T14:18:32Z)
• Towards Threat Modelling of IoT Context-Sharing Platforms [4.098759138493994]
  We propose a framework for threat modelling and security analysis of a generic IoT context-sharing solution. We identify significant security challenges in the design of IoT context-sharing platforms. Our threat modelling provides an in-depth analysis of the techniques and sub-techniques adversaries may use to exploit these systems.
  arXiv  Detail & Related papers  (2024-08-22T02:41:06Z)
• SeCTIS: A Framework to Secure CTI Sharing [13.251593345960265]
  The rise of IT-dependent operations in modern organizations has heightened their vulnerability to cyberattacks. Current information-sharing methods lack privacy safeguards, leaving organizations vulnerable to leaks of both proprietary and confidential data. We design a novel framework called SeCTIS (Secure Cyber Threat Intelligence Sharing) to enable businesses to collaborate, preserving the privacy of their CTI data.
  arXiv  Detail & Related papers  (2024-06-20T08:34:50Z)
• A Cutting-Edge Deep Learning Method For Enhancing IoT Security [0.0]
  This paper proposes an innovative design of the Internet of Things (IoT) Environment Intrusion Detection System (or IDS) using Deep Learning-integrated Convolutional Neural Networks (CNN) and Long Short-Term Memory (LSTM) networks. Our model, based on the CICIDS 2017 dataset, achieved an accuracy of 99.52% in classifying network traffic as either benign or malicious.
  arXiv  Detail & Related papers  (2024-06-18T08:42:51Z)
• The Security and Privacy of Mobile Edge Computing: An Artificial Intelligence Perspective [64.36680481458868]
  Mobile Edge Computing (MEC) is a new computing paradigm that enables cloud computing and information technology (IT) services to be delivered at the network's edge. This paper provides a survey of security and privacy in MEC from the perspective of Artificial Intelligence (AI) We focus on new security and privacy issues, as well as potential solutions from the viewpoints of AI.
  arXiv  Detail & Related papers  (2024-01-03T07:47:22Z)
• Classification of cyber attacks on IoT and ubiquitous computing devices [49.1574468325115]
  This paper provides a classification of IoT malware. Major targets and used exploits for attacks are identified and referred to the specific malware. The majority of current IoT attacks continue to be of comparably low effort and level of sophistication and could be mitigated by existing technical measures.
  arXiv  Detail & Related papers  (2023-12-01T16:10:43Z)
• Towards Artificial General Intelligence (AGI) in the Internet of Things (IoT): Opportunities and Challenges [55.82853124625841]
  Artificial General Intelligence (AGI) possesses the capacity to comprehend, learn, and execute tasks with human cognitive abilities. This research embarks on an exploration of the opportunities and challenges towards achieving AGI in the context of the Internet of Things. The application spectrum for AGI-infused IoT is broad, encompassing domains ranging from smart grids, residential environments, manufacturing, and transportation to environmental monitoring, agriculture, healthcare, and education.
  arXiv  Detail & Related papers  (2023-09-14T05:43:36Z)
• Navigating the IoT landscape: Unraveling forensics, security issues, applications, research challenges, and future [6.422895251217666]
  This paper reviews forensic and security issues associated with IoT in different fields. Most IoT devices are vulnerable to attacks due to a lack of standardized security measures. To fulfil the security-conscious needs of consumers, IoT can be used to develop a smart home system.
  arXiv  Detail & Related papers  (2023-09-06T04:41:48Z)
• ThreatKG: An AI-Powered System for Automated Open-Source Cyber Threat Intelligence Gathering and Management [65.0114141380651]
  ThreatKG is an automated system for OSCTI gathering and management. It efficiently collects a large number of OSCTI reports from multiple sources. It uses specialized AI-based techniques to extract high-quality knowledge about various threat entities.
  arXiv  Detail & Related papers  (2022-12-20T16:13:59Z)
• Machine and Deep Learning for IoT Security and Privacy: Applications, Challenges, and Future Directions [0.0]
  The integration of the Internet of Things (IoT) connects a number of intelligent devices with a minimum of human interference. Current security approaches can also be improved to protect the IoT environment effectively. Deep learning (DL)/ machine learning (ML) methods are essential to turn IoT systems protection from simply enabling safe contact between IoT systems to intelligence systems in security.
  arXiv  Detail & Related papers  (2022-10-24T19:02:27Z)
• A System for Automated Open-Source Threat Intelligence Gathering and Management [53.65687495231605]
  SecurityKG is a system for automated OSCTI gathering and management. It uses a combination of AI and NLP techniques to extract high-fidelity knowledge about threat behaviors.
  arXiv  Detail & Related papers  (2021-01-19T18:31:35Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.