EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
CLEVER: Crafting Intelligent MISP for Cyber Threat Intelligence
RISE Research Institutes of Sweden, Digital Systems, Data Science.ORCID iD: 0000-0002-2772-4661
RISE Research Institutes of Sweden, Digital Systems, Data Science.ORCID iD: 0000-0001-6116-164X
Ericsson AB, Sweden.
RISE Research Institutes of Sweden, Digital Systems, Data Science. Mälardalen University, Sweden.ORCID iD: 0000-0001-8192-0893
2024 (English)In: Proceedings - Conference on Local Computer Networks, LCN, IEEE Computer Society , 2024Conference paper, Published paper (Refereed)
Abstract [en]

Cyber Threat Intelligence (CTI) is crucial for modern cybersecurity because it provides the knowledge and insights needed to defend against a wide range of cyber threats. However, there are issues associated with incomplete and inconsistent CTI data that can lead to inaccurate threat assessments, increasing the risk of both false alarms and undetected threats. This paper introduces CLEVER, an extended version of the Malware Information Sharing Platform (MISP) platform that includes machine learning (ML) models to support the management and processing of CTI data. The models are designed to address specific challenges such as (i) prioritizing and ranking Indicators of Compromise (IoCs) based on severity and potential impact, (ii) classifying IoCs by attack type or threat, and (iii) aggregating similar IoCs into clusters. The effectiveness of the ML models employed in CLEVER has been thoroughly tested on three public CTI datasets, and the results provide encouraging outcomes in enhancing CTI management and analysis. 
Place, publisher, year, edition, pages
IEEE Computer Society , 2024.
Keywords [en]
Adversarial machine learning; Phishing; Cyber security; Cyber threats; Extended versions; Falsealarms; Information sharing platforms; Intelligence analysis; Machine learning models; Malwares; Potential impacts; Threat assessment; Cyber attacks
National Category
Computer and Information Sciences
Identifiers
URN: urn:nbn:se:ri:diva-76472DOI: 10.1109/LCN60385.2024.10639749Scopus ID: 2-s2.0-85214936871OAI: oai:DiVA.org:ri-76472DiVA, id: diva2:1932092
Conference
49th IEEE Conference on Local Computer Networks, LCN 2024. Caen. 8 October 2024 through 10 October 2024
Available from: 2025-01-28 Created: 2025-01-28 Last updated: 2025-09-23Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Wang, HanIacovazzi, AlfonsoRaza, Shahid

Search in DiVA

By author/editor
Wang, HanIacovazzi, AlfonsoRaza, Shahid
By organisation
Data Science
Computer and Information Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 57 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.47.0
|
WCAG