English
Related papers

Related papers: Cybersecurity Playbook Sharing with STIX 2.1

200 papers

Modern cybersecurity threats are growing in complexity, targeting increasingly intricate & interconnected systems. To effectively defend against these evolving threats, security teams utilize automation & orchestration to enhance response…

Cryptography and Security · Computer Science 2025-10-10 Orestis Tsirakis , Konstantinos Fysarakis , Vasileios Mavroeidis , Ioannis Papaefstathiou

Motivated by the introduction of CACAO, the first open standard that harmonizes the way we document courses of action in a machine-readable format for interoperability, and the benefits for cybersecurity operations derived from utilizing,…

Cryptography and Security · Computer Science 2021-11-24 Vasileios Mavroeidis , Pavel Eis , Martin Zadnik , Marco Caselli , Bret Jordan

Cyber threat intelligence (CTI) is practical real-world information that is collected with the purpose of assessing threats in cyber-physical systems (CPS). A practical notation for sharing CTI is STIX. STIX offers facilities to create,…

Cryptography and Security · Computer Science 2022-05-13 Ricardo M. Czekster , Roberto Metere , Charles Morisset

Cyber Threat Intelligence (CTI) sharing is an important activity to reduce information asymmetries between attackers and defenders. However, this activity presents challenges due to the tension between data sharing and confidentiality, that…

As cyber systems become increasingly complex and cybersecurity threats become more prominent, defenders must prepare, coordinate, automate, document, and share their response methodologies to the extent possible. The CACAO standard was…

Cryptography and Security · Computer Science 2023-09-12 Mateusz Zych , Vasileios Mavroeidis , Konstantinos Fysarakis , Manos Athanatos

Modern electrical power grids represent complex cyber-physical systems requiring specialized cybersecurity frameworks beyond traditional IT security models. Existing threat intelligence standards such as STIX 2.1 and MITRE ATT\&CK lack…

Cryptography and Security · Computer Science 2025-11-17 Benjamin Blakely , Daniel Karcz

Existing cybersecurity playbooks are often written in heterogeneous, non-machine-readable formats, which limits their automation and interoperability across Security Orchestration, Automation, and Response platforms. This paper explores the…

Cryptography and Security · Computer Science 2025-08-06 Mehdi Akbari Gurabi , Lasse Nitz , Radu-Mihai Castravet , Roman Matzutt , Avikarsha Mandal , Stefan Decker

Sharing methods of attack and their effectiveness is a cornerstone of building robust defensive systems. Threat analysis reports, produced by various individuals and organizations, play a critical role in supporting security operations and…

Cryptography and Security · Computer Science 2025-07-23 Ahmed Lekssays , Husrev Taha Sencar , Ting Yu

The increasing cyber threats to critical infrastructure highlight the importance of private companies and government agencies in detecting and sharing information about threat activities. Although the need for improved threat information…

Cryptography and Security · Computer Science 2026-01-28 Adam Hahn , Rubin Krief , Daniel Rebori-Carretero , Rami Puzis , Aviad Elyashar , Nik Urlaub

With the proliferation of digitization and its usage in critical sectors, it is necessary to include information about the occurrence and assessment of cyber threats in an organization's threat mitigation strategy. This Cyber Threat…

Cryptography and Security · Computer Science 2024-06-21 Alfonso Iacovazzi , Han Wang , Ismail Butun , Shahid Raza

Security orchestration, automation, and response (SOAR) systems ingest alerts from security information and event management (SIEM) system, and then trigger relevant playbooks that automate and orchestrate the execution of a sequence of…

Cryptography and Security · Computer Science 2023-11-08 Ryuta Kremer , Prasanna N. Wudali , Satoru Momiyama , Toshinori Araki , Jun Furukawa , Yuval Elovici , Asaf Shabtai

Cybersecurity is an important topic which is often viewed as one that is inaccessible due to steep learning curves and a perceived requirement of needing specialist knowledge. With a constantly changing threat landscape, practical solutions…

Cryptography and Security · Computer Science 2026-02-25 Ryan Shah , Manuel Maarek , Shenando Stals , Lynne Baillie , Sheung Chi Chan , Robert Stewart , Hans-Wolfgang Loidl , Olga Chatzifoti

In the past decade, the information security and threat landscape has grown significantly making it difficult for a single defender to defend against all attacks at the same time. This called for introduc- ing information sharing, a…

Cryptography and Security · Computer Science 2017-02-03 Aziz Mohaisen , Omar Al-Ibrahim , Charles Kamhoua , Kevin Kwiat , Laurent Njilla

Security games model the confrontation between a defender protecting a set of targets and an attacker who tries to capture them. A variant of these games assumes security interdependence between targets, facilitating contagion of an attack.…

Social and Information Networks · Computer Science 2019-12-17 Marcin Waniek , Tomasz P. Michalak , Aamena Alshamsi

Distributed systems have become increasingly prevalent in the software industry. Due to their intrinsic complexity, much research has focused on the verification of their behaviour. An active research line is around behaviour models that…

Programming Languages · Computer Science 2026-04-09 Francisco Parrinha , João Mota , António Ravara

A key countermeasure in cybersecurity has been the development of standardized computational protocols for modeling and sharing cyber threat intelligence (CTI) between organizations, enabling a shared understanding of threats and…

Cryptography and Security · Computer Science 2025-03-03 Felipe Sánchez González , Javier Pastor-Galindo , José A. Ruipérez-Valiente

Technology development efforts in autonomy and cyber-defense have been evolving independently of each other, over the past decade. In this paper, we report our ongoing effort to integrate these two presently distinct areas into a single…

Computer Science and Game Theory · Computer Science 2020-02-07 Mohamadreza Ahmadi , Arun A. Viswanathan , Michel D. Ingham , Kymie Tan , Aaron D. Ames

Protecting sensitive information in data-driven collaborations, such as AI training, while meeting the diverse requirements of multiple mutually distrusted stakeholders, is both crucial and challenging. This paper presents Styx, a novel…

Cryptography and Security · Computer Science 2026-04-07 Shixuan Zhao , Weicheng Wang , Ninghui Li , Zhiqiang Lin

Cybersecurity information sharing (CIS) is envisioned to protect organizations more effectively from advanced cyber attacks. However, a completely automated CIS platform is not widely adopted. The major challenges are: (1) the absence of a…

Nowadays, both the amount of cyberattacks and their sophistication have considerably increased, and their prevention is of concern of most of organizations. Cooperation by means of information sharing is a promising strategy to address this…

Cryptography and Security · Computer Science 2016-08-01 Roberto Garrido-Pelaz , Lorena Gozalez-Manzano , Sergio Pastrana
‹ Prev 1 2 3 10 Next ›