A SURVEY ON TECHNICAL THREAT INTELLIGENCE IN THE AGE OF SOPHISTICATED CYBER ATTACKS
USER'S INSTRUCTIONS: The project work you are about to view is on "a survey on technical threat intelligence in the age of sophisticated cyber attacks". Please, sit back and study the below research material carefully. This project topic"a survey on technical threat intelligence in the age of sophisticated cyber attacks"have complete 5(five) Chapters. The complete Project Material/writeup include: Abstract + Introduction + etc + Literature Review + methodology + etc + Conclusion + Recommendation + References/Bibliography.Our aim of providing this"a survey on technical threat intelligence in the age of sophisticated cyber attacks" project research material is to reduce the stress of moving from one school library to another all in the name of searching for"a survey on technical threat intelligence in the age of sophisticated cyber attacks"research materials. We are not encouraging any form of plagiarism. This service is legal because, all institutions permit their students to read previous projects, books, articles or papers while developing their own works.
TITLE PAGE
BY
---
--/H2013/01430
DEPARTMENT OF ----
SCHOOL OF ---
INSTITUTE OF ---
APPROVAL PAGE
This is to certify that the research work,"a survey on technical threat intelligence in the age of sophisticated cyber attacks"by ---, Reg. No. --/H2007/01430 submitted in partial fulfillment of the requirement award of a Higher National Diploma on --- has been approved.
By
--- . ---
Supervisor Head of Department.
Signature………………. Signature……………….
……………………………….
---
External Invigilator
DEDICATION
This project is dedicated to Almighty God for his protection, kindness, strength over my life throughout the period and also to my --- for his financial support and moral care towards me.Also to my mentor --- for her academic advice she often gives to me. May Almighty God shield them from the peril of this world and bless their entire endeavour Amen.
ACKNOWLEDGEMENT
The successful completion of this project work could not have been a reality without the encouragement of my --- and other people. My immensely appreciation goes to my humble and able supervisor mr. --- for his kindness in supervising this project.
My warmest gratitude goes to my parents for their moral, spiritual and financial support throughout my study in this institution.
My appreciation goes to some of my lecturers among whom are Mr. ---, and Dr. ---. I also recognize the support of some of the staff of --- among whom are: The General Manager, Deputy General manager, the internal Auditor Mr. --- and the ---. Finally, my appreciation goes to my elder sister ---, my lovely friends mercy ---, ---, --- and many others who were quite helpful.
PROJECT DESCRIPTION: This work"a survey on technical threat intelligence in the age of sophisticated cyber attacks"research material is a complete and well researched project material strictly for academic purposes, which has been approved by different Lecturers from different higher institutions. We made Preliminary pages, Abstract and Chapter one of"a survey on technical threat intelligence in the age of sophisticated cyber attacks"is to be ordered for. Happy viewing!!!
Presently, cyber attacks require a new line of security defenses. The static approach of traditional security based on heuristic and signature does not match the dynamic nature of new generation of threats that are known to be evasive, resilient and complex. Organizations need to gather and share real-time cyber threat information and to transform it to threat intelligence in order to prevent attacks or at least execute timely disaster recovery. Threat Intelligence (TI) means evidence-based knowledge representing threats that can inform decisions. There is a general awareness for the need of threat intelligence while vendors today are rushing to provide a diverse array of threat intelligence products, specifically focusing on Technical Threat Intelligence (TTI). Although threat intelligence is being increasingly adopted, there is little consensus on what it actually is, or how to use it. This study covers a survey on technical threat intelligence in the age of sophisticated cyber attacks.
Keyword: threat intelligence; cyber attacks; new generation; cyber security.
1.0 Introduction
Today, the constant progress of IT infrastructure connectivity and the unending innovations in digital technologies, make systems more and more complex. As a system gets more complex, it gets less secure (Cha, 2020). This complication in digital systems has led to a change in the cyber attacks forms, functions, and sophistications from just a few years ago targeting individual end users, businesses and government agencies. Consequently, attacks designed for mischief have been replaced with dynamic, stealthy and persistent attacks, and terms like advanced malwares and Advanced Persistent Threats (APTs) appeared. Despite spending over 20 billion dollars annually on traditional security defenses (Preuveneers et al., 2021), organizations find themselves faced to this new generation of cyber attacks, which easily bypass traditional defenses such as traditional firewalls, intrusion prevention systems, anti-virus, and security gateways. Those defenses, built for a previous generation of attacks, rely heavily on static malware signature-based or list-based pattern matching technology. This approach leaves those defenses extremely vulnerable to ever evolving threats that exploit unknown and zero-day vulnerabilities. What is therefore needed is a real-time system for information and intelligence sharing, in order to identify threat agents and targeted assets rather than to perpetuate the endless cycle of signature scanning.
Starting from observing that cyber attackers often target similar types of organizations (Preuveneers et al., 2021) (i.e., an incident at one location can be succeeded by an attack at another similar location), a knowledge about a threat can be distributed across individual defenders. This leads to what is commonly named Threat Intelligence (TI). We deal with TI as an actionable defense to reduce the gap between advanced attacks and organization defenses means. Despite its prevalence, many problems exist with technical threat intelligence. This is mainly related to the quality of IOC (i.e., IP addresses lifetime, malware signatures) and the massive repositories of threat data given by provider's databases which overwhelms their consumers (e.g., threat analysts) with not always useful data, that should be essential for generating intelligence. In many cases, threat feeds can simply amount to faster signatures that still fail to reach the attackers. Specific malicious payloads, URLs and IP addresses are so ephemeral that they may only be used once in the case of a true targeted attack.
To date, few analyzes are made on different types of TI and specifically on technical threat intelligence. There is also little research surveys on how new techniques and trends try to overcome TTI problems. Most existing literature reveals technical reports exposing periodic statistics regarding the use of threat intelligence (Serketzis et al., 2019), and interesting empirical investigations for specific threat analyzes techniques (Serketzis et al., 2019). In order to develop effective defense strategies, organizations can save time and bypass confusions if they start defining what threat intelligence actually is, and how to use it and mitigate its problems given its different sub-categories.
Cyber Threat intelligence (CTI) is information that an organization uses in order to understand all the threats and minimize their impact. The CTI information is used to identify and prevent cyber threats from taking advantage of the sensitive data. It can be understood as the skill/experience-based knowledge and information about the physical and cyber threats, threat assessments and actors that help in mitigating malicious incidents and potential attacks in cyberspace. The implementation of intelligence is commercially a very well-known discipline. There are many definitions of intelligence. Regardless of the accurate role of an organization and the frequency of its opinions, it is very clear that these definitions identify the product of intelligence as an understanding that helps in the decision-making process.
The CTI information is used to identify and prevent cyber threats from taking advantage of the sensitive data. It can be understood as the skill/experience-based knowledge and information about the physical and cyber threats, threat assessments and actors that help in mitigating malicious incidents and potential attacks in cyberspace. The implementation of intelligence is commercially a very well-known discipline. There are many definitions of intelligence. Regardless of the accurate role of an organization and the frequency of its opinions, it is very clear that these definitions identify the product of intelligence as an understanding that helps in the decision-making process. It provides analyzed and organized information about the present, past and future potential attacks that may be a security threat to the enterprise and delivers the in-depth information such as files, IP addresses, domain names and URLs that are often used in executing attacks. CTI enables us to make more informed and faster data-backed security decisions and changes its behavior from reactive to proactive in the fight against the threat actors. This work aims to give a clear idea about threat intelligence and how literature subdivides it given its multiple sources, the gathering methods, the information lifespan and who consumes the resulted intelligence. It helps to classify and make distinction among existing threat intelligence types to better exploit them.
1.1 New Generation Cybersecurity Threats
In new generation cybersecurity threats, attackers are armed with the latest zero-day vulnerabilities and social engineering techniques. They utilize advanced tactics such as polymorphic threats and blended threats (Landauer et al., 2019), which are personalized to appear unknown to signature-based tools and yet authentic enough to bypass spam filters. Below are some examples of these new generation threats.
Advanced persistent threats (APTs)
APTs are examples of multi-vectored and multi-staged threats. They are defined as sophisticated network attacks (Landauer et al., 2019) in which an attacker keeps trying until they gain access to a network and stay undetected for a long period of time. The intention of an APT is to steal data rather than to cause damage to the network. APTs target organizations in sectors with high-value information, such as government agencies and financial industries.
Polymorphic threats
Polymorphic threats are cyberattacks, such as viruses, worms that constantly change ("morph") (Landauer et al., 2019), making it nearly impossible to detect them using signature-based defenses. Evolution of polymorphic threats can occur in different ways (e.g. file name changes and file compression). Despite the changing appearance of the code in a polymorphic threat after each mutation, the essential function usually remains the same. For example, a malware intended to act as a key logger will continue to perform that function even though its signature has changed. The evolution of polymorphic threats has made them nearly impossible to detect using signature-based defenses. Vendors that manufacture signature-based security products are constantly creating and distributing new threat signatures (Landauer et al., 2019), while clients are constantly deploying the signatures provided by their security vendors. It is a vicious cycle which goes to the advantage of the attacker.
Zero-day threats
Zero-day threats are cyber threats on a publicly unknown vulnerability of an operating system or application. It is so named because the attack was launched on "day zero" or before public awareness of the vulnerability and, in many cases, before even the vendor was aware (Landauer et al., 2019). In some cases, the vendor is already aware of the vulnerability, but has not disclosed it publicly because the vulnerability has not yet been patched. Zero-day attacks are extremely effective because they can go undetected for long periods (i.e. for months, if not years), and when they are finally identified, patching the vulnerability still takes days or even weeks.
Threat Intelligence is evidence-based information about cyber attacks that cyber security experts organize and analyze. This information may include:
- Mechanisms of an attack
- How to identify that an attack is happening
- Ways different types of attacks might affect the business
- Action-oriented advice about how to defend against attacks
Cyber Threat Intelligence (CTI) helps organizations stay informed about new threats so that they can protect themselves. Cyber security experts organize, analyze, and refine the information they gather about attacks to learn from and use it to protect businesses better.
Threat intelligence also helps stop or mitigate an attack that is in progress. The more an IT team understands about an attack, the better they will be able to make an informed decision about how to combat it.
1.2.1 Strategic Threat Intelligence
Strategic threat intelligence is a type of threat intelligence which is a high-level information that puts the threat in context. It is non-technical information that an organization could present to a board of directors. An example of strategic threat intelligence is the risk analysis of how a business decision might make the organization vulnerable to cyber attacks.
CHAPTER TWO: The chapter one of this work has been displayed above. The complete chapter two of"a survey on technical threat intelligence in the age of sophisticated cyber attacks"is also available. Order full work to download. Chapter two of"a survey on technical threat intelligence in the age of sophisticated cyber attacks"consists of the literature review. In this chapter all the related work on"a survey on technical threat intelligence in the age of sophisticated cyber attacks"was reviewed.
CHAPTER THREE: The complete chapter three of"a survey on technical threat intelligence in the age of sophisticated cyber attacks"is available. Order full work to download. Chapter three of"a survey on technical threat intelligence in the age of sophisticated cyber attacks"consists of the methodology. In this chapter all the method used in carrying out this work was discussed.
CHAPTER FOUR: The complete chapter four of"a survey on technical threat intelligence in the age of sophisticated cyber attacks"is available. Order full work to download. Chapter four of"a survey on technical threat intelligence in the age of sophisticated cyber attacks" consists of all the test conducted during the work and the result gotten after the whole work
CHAPTER FIVE: The complete chapter five of"a survey on technical threat intelligence in the age of sophisticated cyber attacks" is available. Order full work to download. Chapter five of"a survey on technical threat intelligence in the age of sophisticated cyber attacks" consist of conclusion, recommendation and references.
To "DOWNLOAD" the complete material on this particular topic above click "HERE"
Do you want our Bank Accounts? please click HERE
To view other related topics click HERE
To "SUMMIT" new topic(s), develop a new topic OR you did not see your topic on our site but want to confirm the availiability of your topic click HERE
Do you want us to research your new topic? if yes, click "HERE"
Do you have any question concerning our post/services? click HERE for answers to your questions
For more information contact us through any of the following means:
Mobile No 
:+2348146561114 or +2347015391124 [Mr. Innocent]
Email address 
:engr4project@gmail.com
Watsapp No 
:+2348146561114
COUNTRIES THAT FOUND OUR SERVICES USEFUL
Australia, Botswana, Canada, Europe, Ghana, Ireland, India, Kenya, Liberia, Malaysia, Namibia, New Zealand, Nigeria, Pakistan, Philippines, Singapore, Sierra Leone, South Africa, Uganda, United States, United Kindom, Zambia, Zimbabwe, etc
Support: +234 8146561114 or +2347015391124
Watsapp No :+2348146561114
Email Address :engr4project@gmail.com
FOLLOW / VISIT US VIA:
