Selected issues of threat management in cyberspace

Barczak, Andrzej; Barczak, Michał

doi:10.34739/si.2023.28.01

Artykuł - szczegóły

Tytuł artykułu

Selected issues of threat management in cyberspace

Autorzy

Barczak Andrzej , Barczak Michał

Treść / Zawartość

Pełne teksty:

Barczak_A_Barczak_M_Selected_issues_of_threat_management_in_cyberspace_SISI_Vol.1_28__2023.pdf

Pobierz

Identyfikatory

DOI

10.34739/si.2023.28.01

Warianty tytułu

Języki publikacji

Abstrakty

The paper describes the cyber threat management system. Three essential components of such a system are presented. With reference to such documents as ISO 2700, the NIST Cyber Security Framework, U.S. presidential executive orders, European Union regulations or STIX and TAXIS standards, norms, legal and standards regulations for managing cyber threats are described. The cyber threat management model is presented. Kill Chain and MITRE ATT&CK threat description methods are presented. A toolkit to support various stages of the cyber threat management process is also described.

Słowa kluczowe

cybersecurity threat management cyber threat intelligence

Wydawca

Wydawnictwo Uniwersytetu Przyrodniczo-Humanistycznego w Siedlcach

Czasopismo

Studia Informatica : systems and information technology

Rocznik

2023

Tom

Vol. 1(28)

Strony

5--28

Opis fizyczny

Bibliogr. 44 poz., rys., wykr.

Twórcy

autor

Barczak Andrzej

Siedlce University of Natural Sciences and Humanities, ul. 3 Maja 54, 08-110 Siedlce, Poland

https://orcid.org/0000-0002-3473-4585

autor

Barczak Michał

Mettler Toledo, ul. Poleczki 21d, 02-822 Warszawa, Poland

https://orcid.org/0009-0005-8628-1791

Bibliografia

1. Barczak A., Barczak M., Bazy danych w chmurze obliczeniowej, pages 25-27, Wydawnictwo Naukowe UPH, Siedlce, 2022.
2. Borges D., Adversial Tradecraft in Cybersecurity: pages 211-224, Packt Publishing, Birmingham, 2021.
3. Bravo C., Mastering Defensive Security, Packt Publishing, Birmingham, pp. 353-369, 2022.
4. Brotherson L., Berlin A., Defensive Security Handbook, O'Reilly Media, Sebastopol California, pages 185-221, 2017.
5. Customize your Maltego solution according to your investigative needs, https://www .maltego.com/pricing-plans [accessed: 01.03.2023].
6. Cyber threat Intelligence: How to Stay Ahead of Threats, https://www.agari.com /blog/what-is-cyber-threat-intelligence [accessed: 12.02.2023].
7. DIRECTIVE (EU) 2016/1148 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union, https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016L1148&from=BG [accessed: 10.03.2023].
8. Executive Order on Improving the Nation’s Cybersecurity, https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/ [accessed: 10.03.2023].
9. Framework for Improving Critical Infrastructure Cybersecurity, https://nvlpubs.nist.gov /nistpubs/CSWP/NIST.CSWP.04162018.pdf [accessed: 10.03.2023].
10. How Kiwi Syslog Server rules work, https://documentation.solarwinds.com/en/ success_center /kss/content/kss_gsg_about_rules.htm [accessed: 20.03.2023].
11. How an APT is carried out, https://accedian.com/blog/what-are-advanced-persistent-threats/ [accessed: 12.02.2023].
12. https://learn.microsoft.com/en-us/azure/architecture/hybrid/images/hybrid-security-monitoring.png [accessed: 20.03.2023].
13. https://learn.microsoft.com/en-us/azure/sentinel/media/investigate-cases/map-timeline.png [accessed: 20.03.2023].
14. Hutchins E. M., Cloppert M. J., Amin R. M., Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains, 2011.
15. Introduction to TAXII, https://oasis-open.github.io/cti-documentation/taxii/intro.html [accessed: 12.03.2023].
16. Johnson C., Badger M., Waltermire D., Snyder J., Skorupka C., Guide to Cyber threat Information Sharing, https://csrc.nist.gov/publications/detail/sp/800-150/final, 2016 [accessed: 20.03.2023].
17. Kaiser F., Muff J. Schultmann F., Wiens M., Attack Forecast and Prediction C&ESAR 21 - Computers & Electronics Security Applications Rendez-vous, 2021.
18. Kim P., The hacker playbook, pages 23-50, Createspace Independent Publishing Platform, South California 2014.
19. Kohnfelder L., Designing Secure Software, No Starch Press Inc., San Francisco, pages 49-70, 2022.
20. McCarhy B., Cyberjutsu, No Starch Press, San Francisco, pp.15-31, 2021.
21. MISP https://github.com/MISP/MISP [accessed: 20.03.2023].
22. MISP Sharing https://www.circl.lu/doc/misp/sharing/ [accessed: 20.03.2023].
23. MITRE Att&Ck https://attack.mitre.org/ [accessed: 12.02.2023].
24. Muliński T., ICT security in revenue administration – incidents, security incidents – detection, response, resolve, Studia Informatica Systems and Information Technology No 2, Vol. 27, pp. 75-94, 2022.
25. Muliński T., ICT security in tax administation –Rapid7 Nexpose vulnerabiliy analysis, Studia Informatica. Systems and Information Technology. No 1-2, Vol. 25, pp. 101-121, 2021.
26. Muliński T., Rapid Nexpose Vulnerability DetectionSolution, Inteligent Systems and information Technologies. [in:] Theory and Application of Artificial Inteligence Methods, [ed.: J. Tchórzewski, P. Świtalski], Wydawnictwo Naukowe UPH, Siedlce, pages 147-171, 2022.
27. Nexpose Quick Start Guide, https://docs.rapid7.com/nexpose/ [accessed: 01.04.2023].
28. Nweke L.O, Wolthusen S., Legal Issues Related to Cyber threat Information Sharing Among Private Entities for Critical Infrastructure Protection, 12th International Conference on Cyber Conflict, 2020.
29. Olejnik Ł. Kirasiński A., Filozofia cyberbezpieczeństwa, Wydawnictwo Naukowe PWN SA, Warszawa, pages 32-42 2022.
30. Ramsdale A., Shiaeles S., Kolokotronis N., A Comparative Analysis of Cyber-Threat Intelligence Sources, Formats and Languages, Electronics, 2020.
31. REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), https://eur-lex.europa. eu/legal-content/EN/TXT/?uri=CELEX%3A32016R0679&qid=1679292943633 [accessed: 10.03.2023].
32. REGULATION (EU) 2019/881 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 17 April 2019 on ENISA (the European Union Agency for Cybersecurity) and on information and communications technology cybersecurity certification and repealing Regulation (EU) No 526/2013 (Cybersecurity Act), https://eur-lex.europa.eu/eli/reg/2019/881/oj [accessed: 10.03.2023].
33. Rehberger J., Cybersecurity Attacks – Red Team Strategies, pages 137-142, Packt Publishing, Birmingham, 2021.
34. Rule Actions https://documentation.solarwinds.com/en/success_center/kss/content/kss_adminguide_add_action.htm [accessed: 20.03.2023].
35. Sakellariou G., Fouliras P., Mavridis I., Sarigiannidis P., A Reference Model for Cyber threat Intelligence (CTI) Systems, Electronics, 2022.
36. Tamimi M., SECURITY REVIEW BASED ON ISO 27000/ ISO 27001/ ISO 27002 STANDARDS:A CASE STUDY RESEARCH, International Journal of Management and Applied Science, 2019.
37. Tanner N.H, Cybersecurity Blue Team Toolkit, pages 139-150, John Wiley & Sos Inc., Indianapolis, 2021.
38. Understand security coverage by the MITRE ATT&CK® Framework, https://learn. microsoft.com /en-us/azure/sentinel/mitre-coverage [accessed: 22.03.2023].
39. Venkatesh V., Design of Cybersecurity Risk Assessment Tool for Small and Medium Sized Businesses using the NIST Cybersecurity Framework, KSU Proceedings on Cybersecurity Education, Research and Practice, 2018.
40. Weidman G., Penetration Testing, No Starch Press, San Francico, pp. 159-166, 2014.
41. What is a site?, https://docs.rapid7.com/nexpose/what-is-a-site [accessed: 01.04.2023].
42. What is Cyber threat Intelligence, https://www.cisecurity.org/insights/blog/what-is-cyber-threat-intelligence [accessed: 12.02.2023].
43. What is Microsoft Sentinel?, https://learn.microsoft.com/en-us/azure/sentinel/overview [accessed: 22.03.2023].
44. What is the Pyramid of Pain? https://www.attackiq.com/glossary/pyramid-of-pain/ [accessed: 12.02.2023].

Uwagi

Opracowanie rekordu ze środków MNiSW, umowa nr SONP/SP/546092/2022 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2024)

Typ dokumentu

Bibliografia

Identyfikator YADDA

bwmeta1.element.baztech-cc360054-9606-48e4-83ad-991c58d55961