An Innovative Self-Healing Approach with STIX Data Utilisation

Arnolnt Spyros; Konstantinos Rantos; Alexandros Papanikolaou; Christos Ilioudis

doi:10.5220/0009893306450651

An Innovative Self-Healing Approach with STIX Data Utilisation

Arnolnt Spyros, Konstantinos Rantos, Alexandros Papanikolaou, Christos Ilioudis

2020

Abstract

Organisations nowadays devote many resources in maintaining a robust security posture against emerging cyber-threats. This typically requires rapid response against newly identified or shared threat information so that appropriate countermeasures are immediately deployed to eliminate these threats or reduce the associated risks. For many shared indicators, like malicious IPs or URLs, such a response might only require minor modifications to the configuration of security appliances. Self-Healing systems are the mechanism that allows a system to discover any misconfigurations and apply the necessary corrections in an automated or semiautomated manner. This paper proposes such a mechanism that can be deployed within large organisations that either do not have the resources to devote in security and therefore automation is one of their main priorities, or they outsource their infrastructure’s protection. The use of such a mechanism can relax the increased need for human resources and can also reduce response times in confronting emerging threats. The architecture and the details of a reference implementation for local public administrations is also provided.

Download

Paper Citation

in Harvard Style

Spyros A., Rantos K., Papanikolaou A. and Ilioudis C. (2020). An Innovative Self-Healing Approach with STIX Data Utilisation.In Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT, ISBN 978-989-758-446-6, pages 645-651. DOI: 10.5220/0009893306450651

in Bibtex Style

@conference{secrypt20,
author={Arnolnt Spyros and Konstantinos Rantos and Alexandros Papanikolaou and Christos Ilioudis},
title={An Innovative Self-Healing Approach with STIX Data Utilisation},
booktitle={Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT,},
year={2020},
pages={645-651},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0009893306450651},
isbn={978-989-758-446-6},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 17th International Joint Conference on e-Business and Telecommunications - Volume 3: SECRYPT,
TI - An Innovative Self-Healing Approach with STIX Data Utilisation
SN - 978-989-758-446-6
AU - Spyros A.
AU - Rantos K.
AU - Papanikolaou A.
AU - Ilioudis C.
PY - 2020
SP - 645
EP - 651
DO - 10.5220/0009893306450651