1st Edition

Collaborative Cyber Threat Intelligence Detecting and Responding to Advanced Cyber Attacks at the National Level

Edited By Florian Skopik Copyright 2018
    446 Pages
    by Auerbach Publications

    446 Pages 10 B/W Illustrations
    by Auerbach Publications

    446 Pages 10 B/W Illustrations
    by Auerbach Publications

    Threat intelligence is a surprisingly complex topic that goes far beyond the obvious technical challenges of collecting, modelling and sharing technical indicators. Most books in this area focus mainly on technical measures to harden a system based on threat intel data and limit their scope to single organizations only. This book provides a unique angle on the topic of national cyber threat intelligence and security information sharing. It also provides a clear view on ongoing works in research laboratories world-wide in order to address current security concerns at national level. It allows practitioners to learn about upcoming trends, researchers to share current results, and decision makers to prepare for future developments.

    1. Introduction. 2. A Systematic Study and Comparison of Attack Scenarios and Involved Threat Actors. 3. From Monitoring, Logging, and Network Analysis to Threat Intelligence Extraction. 4. The Importance of Information Sharing and Its Numerous Dimensions to Circumvent Incidents and Mitigate Cyber Threats. 5. Cyber Threat Intelligence Sharing through National and Sector-Oriented Communities. 6. Situational Awareness for Strategic Decision Making on a National Level. 7. Legal Implications of Information Sharing. 8. Implementation Issues and Obstacles from a Legal Perspective. 9. Real-World Implementation of an Information Sharing Network: Lessons Learned from the Large-Scale European Research Project ECOSSIAN.

    Biography

    Florian Skopik currently works in the ICT Security Research Team at the Austrian Institute of Technology (AIT) as Senior Scientist, where he is responsible for national and international research projects (in course of the EU FP7). The main topics of these projects are centered around smart grid security, security of critical infrastructures, and national cyber security and defense. Due to this research focus, the ICT Security Research Team works in close collaboration with national authorities, such as the Minstry of the Interior and the Ministry of Defense. Before joining AIT, Florian was with the Distributed Systems Group at the Vienna University of Technology as a research assistant and post-doctoral research scientist from 2007 to 2011, where he was involved in a number of international research projects dealing with cross-organizational collaboration over the Web. In context of these projects, he also finished his PhD studies. Florian further spent a sabbatical at IBM Research India in Bangalore for several months. He published around 75 scientific conference papers and journal articles, and is member of various conference program committees and editorial boards. In parallel to his studies, he was working in the industry as firmware developer for microcontroller systems for more than 10 years. Florian is IEEE Senior Member and Member of the Association for Computing Machinery (ACM).