Computer Science ›› 2018, Vol. 45 ›› Issue (6): 9-18.doi: 10.11896/j.issn.1002-137X.2018.06.002
• Surveys • Previous Articles Next Articles
YANG Pei-an1,2, WU Yang1,3, SU Li-ya1,3, LIU Bao-xu1,3
CLC Number:
[1]LI J H.Overview of the technologies of threat intelligence sen-sing,sharing and analysis in cyber space [J].Chinese Journal of Network and Information Security,2016,2(2):16-29.(in Chinese) 李建华.网络空间威胁情报感知、共享与分析技术综述[J].网络与信息安全学报,2016,2(2):16-29. [2]MA M H,FANG T,WANG Y.Analysis and Enlightenment of US Cybersecurity Information Sharing Mechanism [J].Journal of Intelligence,2016,35(3):17-23.(in Chinese) 马民虎,方婷,王玥.美国网络安全信息共享机制及对我国的启示[J].情报杂志,2016,35(3):17-23. [3]CNCERT/CC.2016中国移动互联网发展状况及其安全报告[R].北京:互联网应急响应中心,2016. [4]SUN Z.The Attack and Defense Technology Research of Advanced Persistent Threat[D].Shanghai:Shanghai Jiao Tong University,2015.(in Chinese) 孙增.高级持续性威胁(APT)的攻防技术研究[D].上海:上海交通大学,2015. [5]CUI Y H,YAN L S,LI S F,et al.SD-Anti-DDoS:Fast and Efficient DDoS Defense in Software-Defined Networks [J].Journal of Network and Computer Applications,2016,68:65-79. [6]YANG Z M,LI Q,LIU J R,et al.Research of Threat Intelligence Sharing and Using for Cyber Attack Attribution [J].Journal of Information Security Research,2015,1(1):31-36.(in Chinese) 杨泽明,李强,刘俊荣,等.面向攻击溯源的威胁情报共享利用研究 [J].信息安全研究,2015,1(1):31-36. [7]OASIS.stix-v2.0-csprd01-part1-stix-core[EB/OL].[2017-02-24].https://oasis-open.github.io/cti-documentation/stix/review. [8]BIANCO D J.The Pyramid of Pain:Intel-Driven Detection & Response to Increase Your Adversary’s Cost of Operations[EB/OL].http://rvasec.com/slides/2014/Bianco_Pyramid%20of%20Pain.pdf. [9]FireEye.APT28:At the Center of the Storm [EB/OL].[2017-01-11].https://www.fireeye.com/blog/threat-research/2017/01/apt28_at_the_center.html. [10]360天眼实验室.OceanLotus(海莲花)APT分析报告[EB/OL].http://bobao.360.cn/news/detail/1601.html. [11]秉泽.“暗网”:你所不了解的互联网 [J].保密工作,2016(2):47-48. [12]LI X.Research and Implementation of Identification for Tor Anonymous Communication Based on Meek[D].Beijing:Beijing Jiaotong University,2016.(in Chinese) 李响.基于Meek的Tor匿名通信识别方法的研究和实现[D].北京:北京交通大学,2016. [13]Eclectic Iq.ABOUT STIX AND TAXII[OL].https://www.eclecticiq.com/stix-taxii. [14]OASIS Cyber Threat Intelligence (CTI) TC.About STIX[EB/OL] .https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=cti-stix. [15]OASIS Cyber Threat Intelligence (CTI) TC,The MITRE Corporation.TAXII 2.0 Draft 2[OL].https://docs.google.com/document/d/1eyhS3-fOlRkDB6N39Md6KZbvbCe3CjQlampiZPg-5u4. [16]OASIS Cyber Threat Intelligence (CTI) TC.CybOX 2.1[OL].[2014-01-23].https://cyboxproject.github.io/releases/2.1. [17]BURGER E W,GOODMAN M D,KAMPANASKIS P,et al. Taxonomy Model for Cyber Threat Intelligence Information Exchange Technologies [C]//Proceedings of the 2014 ACM Workshop on Information Sharing & Collaborative Security (WISCS’14).New York:ACM,2014:51-60. [18]LIAO X J,YUAN K,WANG X F,et al.Acing the IOC Game:Toward Automatic Discovery and Analysis of Open-Source Cyber Threat Intelligence[C]//Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS’16).New York:ACM,2016:755-766. [19]MANDIANT.Sophisticated Indicators for the Modern Threat Landscape:An Introduction to OpenIOC[EB/OL]. http://openioc.org/resources/An_Introduction_to_OpenIOC.pdf. [20]BROWN S,GOMMERS J,SERRANO O.From Cyber Security Information Sharing to Threat Management[C]//Proceedings of the 2nd ACM Workshop on Information Sharing and Collaborative Security.New York:ACM,2015:43-49. [21]FIELD J,BANGHART S,WALTERMIRE D.Resource-Oriented Lightweight Information Exchange draft-ietf-mile-rolie-01[EB/OL].(2015-12-02).https://tools.ietf.org/html/draft-ietf-mile-rolie-01. [22]STEINBERGER J,SPEROTTO A,GOLLING M,et al.How to exchange security events Overview and evaluation of formats and protocols [C]//IFIP/IEEE International Symposium on Integrated Network Management.New York:IEEE,2015:261-269. [23]STEINBERGER J,SPEROTTO A,BAIER H,et al.Collaborative attack mitigation and response:A survey[C]//IFIP/IEEE International Symposium on Integrated Network Management.New York:IEEE,2015:910-913. [24]KAMPANAKIS P,PERROS H,BEYENE T.SDN-based solutions for Moving Target Defense network protection[C]//IEEE International Symposium on World of Wireless,Mobile and Multimedia Networks.New York: IEEE,2014:1-6. [25]TAKAHASHI T,MIYAMOTO D.Structured cyber security information exchange for streamlining incident response operations[C]//NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium.New York:IEEE,2016:949-954. [26]USSATH M,JAEGER D,FENG C,et al.Pushing the Limits of Cyber Threat Intelligence:Extending STIX to Support Complex Patterns[M]// Information Technology:New Generations.New York:Springer International Publishing,2016:25-44. [27]USSATH M,FENG C,MEINEL C.Concept for a security investigation framework[C]//International Conference on New Technologies,Mobility and Security.New York:IEEE,2015:1-5. [28]ASGARLI E,BURGER E.Semantic ontologies for cyber threat sharing standards[C]//2016 IEEE Symposium on Technologies for Homeland Security (HST).Waltham:IEEE,2016:1-6. [29]ZHAO W,WHITE G.A collaborative information sharing framework for Community Cyber Security[C]//Homeland Security.New York:IEEE,2012:457-462. [30]KAMPANAKIS P.Security Automation and Threat Information-Sharing Options [J].IEEE Security & Privacy Magazine,2014,12(5):42-51. [31]VÁZQUEZ D F,ACOSTA O P,BROWN S,et al.Conceptual framework for cyber defense information sharing within trust relationships [M].New York:IEEE,2012. [32]HAASS J C,AHN G J,GRIMMELMANN F.ACTRA:A Case Study for Threat Information Sharing[C]//Proceedings of the 2nd ACM Workshop on Information Sharing and Collaborative Security(WISCS 2015).New York:ACM,2015:23-26. [33]SANDHU R,KRISHNAN R,WHITE G B.Towards Secure Information Sharing models for community Cyber Security[C]//International Conference on Collaborative Computing:Networking,Applications and Worksharing.New York:IEEE,2010:1-6. [34]TOSH D,SENGUPTA S,KAMHOUA C A,et al.Establishing evolutionary game models for cyber security information exchange (CYBEX) [J/OL].Journal of Computer & System Scien-ces,http://www.sciencedirect.com/science/article/pii/S002200001630085X?via%3Dihub. [35]KAMHOUA C,MARTIN A,TOSH D K,et al.Cyber-Threats Information Sharing in Cloud Computing:A Game Theoretic Approach[C]//IEEE CS Cloud.New York:IEEE,2015:382-389. [36]GARRIDO-PELAZ R,PASTRANA S.Shall We Collaborate?:A Model to Analyse the Benefits of Information Sharing[C]//ACM on Workshop on Information Sharing and Collaborative Security.New York:ACM,2016:15-24. [37]QIAN P,WU M,LIU Z.A Method on Homomorphic Encryption Privacy-preserving for Cloud Computing [J].Journal of Chinese Computer Systems,2015,36(4):840-844.(in Chinese) 钱萍,吴蒙,刘镇.面向云计算的同态加密隐私保护方法[J].小型微型计算机系统,2015,36(4):840-844. [38]WANG S H,HAN Z J,CHEN D W,et al.New construction of secure range query on encrypted data in cloud computing [J].Journal of Communications,2015,36(2):33-41.(in Chinese) 王少辉,韩志杰,陈丹伟,等.云环境下安全密文区间检索方案的新设计 [J].通信学报,2015,36(2):33-41. [39]CAI K,ZHANG M,FENG D G.Secure Range Query with Single Assertion on Encrypted Data [J].Chinese Journal of Computers,2011,34(11):2093-2103.(in Chinese) 蔡克,张敏,冯登国.基于单断言的安全的密文区间检索[J].计算机学报,2011,34(11):2093-2103. [40]TIAN H B,HE J J,FU L Q.A Privacy Preserving Fair Contract Signing Protocol based on Block Chains [J].Journal of Cryptologic Research,2017,4(2):187-198.(in Chinese) 田海博,何杰杰,付利青.基于公开区块链的隐私保护公平合同签署协议 [J].密码学报,2017,4(2):187-198. [41]SHEN X,PEI Q Q,LIU X F.Survey of block chain [J].Chinese Journal of Network and Information Security,2016,2(11):11-20.(in Chinese) 沈鑫,裴庆祺,刘雪峰.区块链技术综述[J].网络与信息安全学报,2016,2(11):11-20. [42]LI Y,HE J B,LI J H,et al.Research of America Cyber Threat Intelligence Sharing Frameworks and Standers [J].Secrecy Scien-ce and Technology,2016(6):16-21.(in Chinese) 李瑜,何建波,李俊华,等.美国网络威胁情报共享技术框架与标准浅析[J].保密科学技术,2016(6):16-21. [43]LIN C X,XUE L M,HAN S.Analysis of the development and application of Network Security Threat Intelligence [J].Network Security Technology and Application,2016(6):12-13.(in Chinese) 林晨希,薛丽敏,韩松.浅析网络安全威胁情报的发展与应用[J].网络安全技术与应用,2016(6):12-13. [44]ZHANG Q,LI J H.Research on real time performance analysis of information sharing model based on publish-subscribe [J].Military Operations Research and Systems Engineering,2013,27(1):33-35.(in Chinese) 张强,李建华.基于发布/订阅的信息共享模型实时性能分析研究[J].军事运筹与系统工程,2013,27(1):33-35. [45]JASPER S E U S.Cyber Threat Intelligence Sharing Frameworks[J].International Journal of Intelligence & Counterintelligence,2017,30(1):53-65. [46]QAMAR S,ANWAR Z,RAHMAN M A,et al.Data-driven analytics for cyber-threat intelligence and information sharing [J].Computers & Security,2017,67:35-58. [47]AGRAWAL R,EVFIMIEVSKI A,SRIKANT R.Information sharing across private databases[C]//Proceedings of the 2003 ACM SIGMOD International Conference on Management of Data.New York:ACM,2003:86-97. [48]APPALA S,CAM-WINGET N,MCGREW D,et al.An Actionable Threat Intelligence system using a Publish-Subscribe communications model[C]//ACM Workshop on Information Sharing and Collaborative Security.New York:ACM,2015:61-70. [49]DOG S E,TWEED A,ROUSE L R,et al.Strategic Cyber Threat Intelligence Sharing:A Case Study of IDS Logs[C]//International Conference on Computer Communication and Networks.New York:IEEE,2016:1-6. [50]KSHETRI N.Recent US Cybersecurity Policy Initiatives:Challenges and Implications [J].Computer,2015,48(7):64-69. [51]CHRISTOPHER A,AUDREY D.OCTAVESM*Threat Profiles[EB/OL].http://trygstad.rice.iit.edu:8000/Audits/octave/OCTAVEThreatProfiles(CERT).pdf. [52]SILLABER C,SAUERWEIN C,MUSSMANN A,et al.Data Quality Challenges and Future Research Directions in Threat Intelligence Sharing Practice[C]//ACM on Workshop on Informa-tion Sharing and Collaborative Security.New York:ACM,2016:65-70. |
[1] | LI Rong-fan, ZHONG Ting, WU Jin, ZHOU Fan, KUANG Ping. Spatio-Temporal Attention-based Kriging for Land Deformation Data Interpolation [J]. Computer Science, 2022, 49(8): 33-39. |
[2] | YAO Xiao-ming, DING Shi-chang, ZHAO Tao, HUANG Hong, LUO Jar-der, FU Xiao-ming. Big Data-driven Based Socioeconomic Status Analysis:A Survey [J]. Computer Science, 2022, 49(4): 80-87. |
[3] | KONG Yu-ting, TAN Fu-xiang, ZHAO Xin, ZHANG Zheng-hang, BAI Lu, QIAN Yu-rong. Review of K-means Algorithm Optimization Based on Differential Privacy [J]. Computer Science, 2022, 49(2): 162-173. |
[4] | MA Dong, LI Xin-yuan, CHEN Hong-mei, XIAO Qing. Mining Spatial co-location Patterns with Star High Influence [J]. Computer Science, 2022, 49(1): 166-174. |
[5] | ZHANG Ya-di, SUN Yue, LIU Feng, ZHU Er-zhou. Study on Density Parameter and Center-Replacement Combined K-means and New Clustering Validity Index [J]. Computer Science, 2022, 49(1): 121-132. |
[6] | XU Hui-hui, YAN Hua. Relative Risk Degree Based Risk Factor Analysis Algorithm for Congenital Heart Disease in Children [J]. Computer Science, 2021, 48(6): 210-214. |
[7] | ZHANG Yan-jin, BAI Liang. Fast Symbolic Data Clustering Algorithm Based on Symbolic Relation Graph [J]. Computer Science, 2021, 48(4): 111-116. |
[8] | ZHANG Han-shuo, YANG Dong-ju. Technology Data Analysis Algorithm Based on Relational Graph [J]. Computer Science, 2021, 48(3): 174-179. |
[9] | ZOU Cheng-ming, CHEN De. Unsupervised Anomaly Detection Method for High-dimensional Big Data Analysis [J]. Computer Science, 2021, 48(2): 121-127. |
[10] | LIU Xin-bin, WANG Li-zhen, ZHOU Li-hua. MLCPM-UC:A Multi-level Co-location Pattern Mining Algorithm Based on Uniform Coefficient of Pattern Instance Distribution [J]. Computer Science, 2021, 48(11): 208-218. |
[11] | LIU Xiao-nan, SONG Hui-chao, WANG Hong, JIANG Duo, AN Jia-le. Survey on Improvement and Application of Grover Algorithm [J]. Computer Science, 2021, 48(10): 315-323. |
[12] | ZHANG Yu, LU Yi-hong, HUANG De-cai. Weighted Hesitant Fuzzy Clustering Based on Density Peaks [J]. Computer Science, 2021, 48(1): 145-151. |
[13] | YOU Lan, HAN Xue-wei, HE Zheng-wei, XIAO Si-yu, HE Du, PAN Xiao-meng. Improved Sequence-to-Sequence Model for Short-term Vessel Trajectory Prediction Using AIS Data Streams [J]. Computer Science, 2020, 47(9): 169-174. |
[14] | DENG Tian-tian, XIONG Yin-qiao and HE Xian-hao. Novel Clustering Algorithm Based on Timing-featured Alarms [J]. Computer Science, 2020, 47(6A): 440-443. |
[15] | LI Li. Classification Algorithm of Distributed Data Mining Based on Judgment Aggregation [J]. Computer Science, 2020, 47(6A): 450-456. |
|