From Event: SPIE Defense + Commercial Sensing, 2019
In cyber and threat intelligence areas, Indicators of Compromise (IOC) can be used as inputs to security controls to guide defense and mitigation activities. We propose a collaboration model in certain attributes in IOC model related to the (1) seriousness of the threat that the IOC triggers and (2) the confidence in the IOC detection or prediction are built based on a community or collaborative model. In this model, users can subscribe or introduce new IOCs based on their own/systems’ exposures or analysis. They can also assess IOCs created by others and vote to continuously change IOC seriousness and confidence values.
© (2019) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
Izzat Alsmadi, Nandi Leslie, and Charles Kamhoua, "Towards building actionable indicators of compromise based on a collaboration model," Proc. SPIE 11006, Artificial Intelligence and Machine Learning for Multi-Domain Operations Applications, 110061G (Presented at SPIE Defense + Commercial Sensing: April 17, 2019; Published: 10 May 2019); https://doi.org/10.1117/12.2520198.