Share Email Print

Proceedings Paper

Towards building actionable indicators of compromise based on a collaboration model
Author(s): Izzat Alsmadi; Nandi Leslie; Charles Kamhoua
Format Member Price Non-Member Price
PDF $17.00 $21.00

Paper Abstract

In cyber and threat intelligence areas, Indicators of Compromise (IOC) can be used as inputs to security controls to guide defense and mitigation activities. We propose a collaboration model in certain attributes in IOC model related to the (1) seriousness of the threat that the IOC triggers and (2) the confidence in the IOC detection or prediction are built based on a community or collaborative model. In this model, users can subscribe or introduce new IOCs based on their own/systems’ exposures or analysis. They can also assess IOCs created by others and vote to continuously change IOC seriousness and confidence values.

Paper Details

Date Published: 10 May 2019
PDF: 5 pages
Proc. SPIE 11006, Artificial Intelligence and Machine Learning for Multi-Domain Operations Applications, 110061G (10 May 2019); doi: 10.1117/12.2520198
Show Author Affiliations
Izzat Alsmadi, Texas A&M Univ. (United States)
Nandi Leslie, U.S. Army Research Lab. (United States)
Charles Kamhoua, Air Force Research Lab. (United States)

Published in SPIE Proceedings Vol. 11006:
Artificial Intelligence and Machine Learning for Multi-Domain Operations Applications
Tien Pham, Editor(s)

© SPIE. Terms of Use
Back to Top
Sign in to read the full article
Create a free SPIE account to get access to
premium articles and original research
Forgot your username?