Quality Dimensions for Automatic Assessment of Structured Cyber Threat Intelligence Data
Cyber threat intelligence (CTI) has emerged as a promising approach to mitigating the effect of malicious activities. However, the potential usability of CTI data depends largely on their quality. The available CTI data quality assessment methods are either not fully automatic or deliver just a few...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2025-04-01
|
| Series: | Applied Sciences |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2076-3417/15/8/4327 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Cyber threat intelligence (CTI) has emerged as a promising approach to mitigating the effect of malicious activities. However, the potential usability of CTI data depends largely on their quality. The available CTI data quality assessment methods are either not fully automatic or deliver just a few dimensions. In this paper, we propose an automated CTI data quality assessment method that separately provides an assessment of CTI contents and confidence scores of CTI providers. Specifically, we introduce new dimensions to accommodate the requirements of the technical and tactical levels of CTI data. A comprehensive CTI quality assessment is proposed on CTI data provided in structured STIX 2.1 notation. Moreover, we present a visualization of the results to more easily interpret the obtained values of the quality dimensions. Extensive experiments on real datasets demonstrate that our proposed method can quantitatively and efficiently assess CTI data quality. |
|---|---|
| ISSN: | 2076-3417 |