Università degli Studi di Cagliari
partially_open
Maria Paola Castelli
A model for automated cybersecurity threat remediation and sharing
Regano L.;
2023-01-01
Abstract
This paper presents an approach to the automatic remediation of threats reported by Cyber Threat Intelligence. Remediation strategies, named Recipes, are expressed in a close-to-natural language for easy validation. Thanks to the developed models, they are interpreted, contextualized, and then translated into CACAO Security playbooks, a standard format ready for automatic enforcement, without human intervention. The presented approach also allows sharing of remediation procedures on threat-sharing platforms (e.g. MISP) which improves the overall security posture. The effectiveness of the approach has been tested in the context of two EC-funded projects.
File in questo prodotto:
| File | Dimensione | Formato | |
|---|---|---|---|
| A_Model_for_Automated_Cybersecurity_Threat_Remediation_and_Sharing.pdf Solo gestori archivio
Descrizione: VoR
Tipologia: versione editoriale (VoR)
Dimensione 184.86 kB
Formato Adobe PDF
|
184.86 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
| A_Model_for_Automated_Cybersecurity_Iris.pdf accesso aperto
Descrizione: AAM
Tipologia: versione post-print (AAM)
Dimensione 806.82 kB
Formato Adobe PDF
|
806.82 kB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.