Quarterly journal published in SPbPU
and edited by prof. Dmitry Zegzhda
Peter the Great St. Petersburg Polytechnic University
Institute of computer sciences and technologies
information security of computer systems
Information Security Problems. Computer Systems
Published since 1999.
ISSN 2071-8217
ASSESSMENT OF THE DESCRIPTIVE ABILITY OF MODERN DATA SOURCES FOR ANALYZING CYBER SECURITY THREATS
N. V. Polosukhin Peter the Great St. Petersburg Polytechnic University
Annotation: This article proposes a classification of attributes of cybersecurity threats. A statistical study of the descriptive power of an open and closed threat dataset is presented. An expert study of an advanced persistent threat was also conducted using open reports as an example. The completeness of the threat description, as well as the ability of modern tools and protocols to describe such a threat, are assessed. The main conclusion is that current approaches to describing cybersecurity threats have shortcomings that prevent the most effective use of such information in operational activities
Keywords: cybersecurity threats, "pyramid of pain", tactics, techniques and procedures, threat description protocols
Pages 129-145