Χρήση διαμοιρασμένων πληροφοριών για τον εντοπισμό άγνωστων κυβερνοαπειλών
Active cyber defence: cyber threat Intelligence
KeywordsΚυβερνοάμυνα ; Κυβερνοασφάλεια ; Ενεργή κυβερνοασφάλεια ; MISP ; LOKI ; Cyber security ; Active cyber-security
The aim of this thesis is to study how existing Cyber Threat Intelligence mechanisms can be utilized for the identification of novel threats in the context of Active Cyber Defence. We a study the various existing types of attack, of the active cyber-defence implementations, as well as of existing infrastructure security mechanisms. In addition we study the MISP tool, which is an information exchange platform for malware, as well as its integration with the LOKI tool, that can provide an effective mechanism for active cyber-defence. The basic conclusion is that although active cyber defence cannot guarantee the absolute protection from zero-day attacks, it can significantly increase the security level. In addition to this, it is important to develop and implement proper security policies, that will enhance security awareness and users’ responsibility.