Big Data Analytics in Cyber Threat Intelligence: A Comprehensive Literature Survey on Methodologies, Challenges, and Future Directions
Main Article Content
Abstract
This literature survey critically examines the integration of Big Data Analytics into Cyber Threat Intelligence (CTI) mining, illuminating its vital role in enhancing cybersecurity strategies against the backdrop of escalating cyber threats. By harnessing the power of big data analytics, the survey reveals, organizations can significantly improve the efficiency, accuracy, and predictive capabilities of CTI processes, enabling a proactive approach to cybersecurity. This integration leverages advanced analytical tools, including machine learning algorithms and statistical models, to process and analyze vast datasets, uncovering actionable insights that inform the development of robust defense mechanisms. Despite its benefits, the survey identifies inherent challenges such as managing the sheer volume of data, ensuring the accuracy of threat intelligence, and addressing privacy concerns. It suggests that overcoming these obstacles requires sophisticated technological solutions and a continuous refinement of analytical methodologies. Furthermore, the survey points out critical gaps in current research, particularly in the areas of emerging technologies, machine learning advancements, and privacy-preserving practices, highlight these as essential directions for future exploration. By providing a comprehensive overview of the current state of CTI mining enhanced by big data analytics and outlining potential research trajectories, this survey aims to serve as a cornerstone for both practitioners and researchers in the field of cybersecurity. It underscores the indispensable role of big data analytics in fortifying Cybersecurity measures, advocating for ongoing innovation and research to effectively counter the sophisticated cyber threats of the digital age.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
IJCERT Policy:
The published work presented in this paper is licensed under the Creative Commons Attribution 4.0 International (CC BY 4.0) license. This means that the content of this paper can be shared, copied, and redistributed in any medium or format, as long as the original author is properly attributed. Additionally, any derivative works based on this paper must also be licensed under the same terms. This licensing agreement allows for broad dissemination and use of the work while maintaining the author's rights and recognition.
By submitting this paper to IJCERT, the author(s) agree to these licensing terms and confirm that the work is original and does not infringe on any third-party copyright or intellectual property rights.
References
Wagner, T. D., Mahbub, K., Palomar, E., & Abdallah, A. E. (2019). Cyber threat intelligence sharing: Survey and research directions. Computers & Security, 87, 101589.
Mavroeidis, V., & Bromander, S. (2017, September). Cyber threat intelligence model: an evaluation of taxonomies, sharing standards, and ontologies within cyber threat intelligence. In 2017 European Intelligence and Security Informatics Conference (EISIC) (pp. 91-98). IEEE.
Nassar, A., & Kamal, M. (2021). Machine Learning and Big Data analytics for Cybersecurity Threat Detection: A Holistic review of techniques and case studies. Journal of Artificial Intelligence and Machine Learning in Management, 5(1), 51-63.
Shin, B., & Lowry, P. B. (2020). A review and theoretical explanation of the ‘Cyberthreat-Intelligence (CTI) capability’that needs to be fostered in information security practitioners and how this can be accomplished. Computers & Security, 92, 101761.
Gupta, M., Abdelsalam, M., Khorsandroo, S., & Mittal, S. (2020). Security and privacy in smart farming: Challenges and opportunities. IEEE access, 8, 34564-34584.
Zhang, Y., Zhang, G., Chen, H., Porter, A. L., Zhu, D., & Lu, J. (2016). Topic analysis and forecasting for science, technology and innovation: Methodology with a case study focusing on big data research. Technological forecasting and social change, 105, 179-191.
Happa, J., Glencross, M., & Steed, A. (2019). Cyber security threats and challenges in collaborative mixed-reality. Frontiers in ICT, 6, 5.
Aslan, Ö. A., & Samet, R. (2020). A comprehensive review on malware detection approaches. IEEE access, 8, 6249-6271.
Gupta, B. B., Tewari, A., Jain, A. K., & Agrawal, D. P. (2017). Fighting against phishing attacks: state of the art and future challenges. Neural Computing and Applications, 28, 3629-3654.
Beaman, C., Barkworth, A., Akande, T. D., Hakak, S., & Khan, M. K. (2021). Ransomware: Recent advances, analysis, challenges and future research directions. Computers & security, 111, 102490.
Chen, P., Desmet, L., & Huygens, C. (2014). A study on advanced persistent threats. In Communications and Multimedia Security: 15th IFIP TC 6/TC 11 International Conference, CMS 2014, Aveiro, Portugal, September 25-26, 2014. Proceedings 15 (pp. 63-72). Springer Berlin Heidelberg.
Febro, A. K. (2021). Securing the Edges of IoT Networks: a Scalable SIP DDoS Defense Framework with VNF, SDN, and Blockchain.
Moore, S. (2013). Cyber attacks and the beginnings of an international cyber treaty. NCJ Int'l L. & Com. Reg., 39, 223.
Mavroeidis, V., & Bromander, S. (2017, September). Cyber threat intelligence model: an evaluation of taxonomies, sharing standards, and ontologies within cyber threat intelligence. In 2017 European Intelligence and Security Informatics Conference (EISIC) (pp. 91-98). IEEE.
Tounsi, W., & Rais, H. (2018). A survey on technical threat intelligence in the age of sophisticated cyber attacks. Computers & security, 72, 212-233.
Chen, P., Desmet, L., & Huygens, C. (2014). A study on advanced persistent threats. In Communications and Multimedia Security: 15th IFIP TC 6/TC 11 International Conference, CMS 2014, Aveiro, Portugal, September 25-26, 2014. Proceedings 15 (pp. 63-72). Springer Berlin Heidelberg.
Anderson, H., Topolski, R., Leibrecht, B. C., Green, C., Crabb, B. T., & Lickteig, C. (2010). Methods and measures for communicating tactics, techniques, and procedures. ARI Research Report 1930). Arlington, VA: US Army Research Institute for the Behavioral and Social Sciences.
Abu, M. S., Selamat, S. R., Ariffin, A., & Yusof, R. (2018). Cyber threat intelligence–issue and challenges. Indonesian Journal of Electrical Engineering and Computer Science, 10(1), 371-379.
Akpakwu, G. A., Silva, B. J., Hancke, G. P., & Abu-Mahfouz, A. M. (2017). A survey on 5G networks for the Internet of Things: Communication technologies and challenges. IEEE access, 6, 3619-3647.
Williams, C. P. (2010). Explorations in quantum computing. Springer Science & Business Media.
de Azevedo, R. C. N. C. (2019). Leveraging OSINT to Improve Threat Intelligence Quality (Doctoral dissertation, Universidade de Lisboa (Portugal)).
Unver, A. (2018). Digital open source intelligence and international security: a primer. EDAM Research Reports, Cyber Governance and Digital Democracy, 8.
Fanelli, R. (2015). On the role of malware analysis for technical intelligence in active cyber defense. Journal of Information Warfare, 14(2), 69-81.
Zhong, C., Yen, J., Liu, P., & Erbacher, R. F. (2016, April). Automate Cybersecurity Data Triage by Leveraging Human Analysts' Cognitive Process. In 2016 IEEE 2nd International Conference on big data security on cloud (BigDataSecurity), IEEE International Conference on high performance and smart computing (HPSC), and IEEE International Conference on intelligent data and security (IDS) (pp. 357-363). IEEE.
Shin, B., & Lowry, P. B. (2020). A review and theoretical explanation of the ‘Cyberthreat-Intelligence (CTI) capability’that needs to be fostered in information security practitioners and how this can be accomplished. Computers & Security, 92, 101761.
Chi, H., Martin, A. R., & Scarlett, C. Y. (2018). Data Analytics for Cyber Threat Intelligence. Analytics and Knowledge Management, 407-431.
Kumar, G. R., Gunasekaran, S., Nivetha, R., & Shanthini, G. (2019). URL Phishing Data Analysis and Detecting Phishing Attacks Using Machine Learning In NLP. International Journal of Engineering Applied Sciences and Technology-2019, 3(10).
Alshamrani, A., Myneni, S., Chowdhary, A., & Huang, D. (2019). A survey on advanced persistent threats: Techniques, solutions, challenges, and research opportunities. IEEE Communications Surveys & Tutorials, 21(2), 1851-1877.
Jabar, T., & Mahinderjit Singh, M. (2022). Exploration of mobile device behavior for mitigating advanced persistent threats (APT): a systematic literature review and conceptual framework. Sensors, 22(13), 4662.
Hejase, H. J., Fayyad-Kazan, H. F., & Moukadem, I. (2020). Advanced persistent threats (apt): an awareness review. Journal of Economics and Economic Education Research, 21(6), 1-8.
Doak, J. E., Ingram, J. B., Mulder, S. A., Naegle, J. H., Cox, J. A., Aimone, J. B., ... & Follett, D. R. (2017, December). Tracking Cyber Adversaries with Adaptive Indicators of Compromise. In 2017 International Conference on Computational Science and Computational Intelligence (CSCI) (pp. 7-12). IEEE.
Deliu, I., Leichter, C., & Franke, K. (2017, December). Extracting cyber threat intelligence from hacker forums: Support vector machines versus convolutional neural networks. In 2017 IEEE International Conference on Big Data (Big Data) (pp. 3648-3656). IEEE.
Deliu, I., Leichter, C., & Franke, K. (2018, December). Collecting cyber threat intelligence from hacker forums via a two-stage, hybrid process using support vector machines and latent dirichlet allocation. In 2018 IEEE International Conference on Big Data (Big Data) (pp. 5008-5013). IEEE.
Deliu, I., Leichter, C., & Franke, K. (2017, December). Extracting cyber threat intelligence from hacker forums: Support vector machines versus convolutional neural networks. In 2017 IEEE International Conference on Big Data (Big Data) (pp. 3648-3656). IEEE.
Kristiansen, L. M., Agarwal, V., Franke, K., & Shah, R. S. (2020, December). CTI-Twitter: gathering cyber threat intelligence from twitter using integrated supervised and unsupervised learning. In 2020 IEEE International Conference on Big Data (Big Data) (pp. 2299-2308). IEEE.
Bionda, D., Kräuchi, P., Plüss, I., Schröcker, M., & AG, G. Building energy simulation of the thermal performance of translucent PCM exposed to different climates.
Wang, X., Chen, R., Song, B., Yang, J., Jiang, Z., Zhang, X., ... & Ao, S. (2021, May). A method for extracting unstructured threat intelligence based on dictionary template and reinforcement learning. In 2021 IEEE 24th International Conference on Computer Supported Cooperative Work in Design (CSCWD) (pp. 262-267). IEEE.