TY - GEN
T1 - Study and Analysis of Threat Assessment Model and Methodology in Real-Time Informational Environment
AU - Sharma, Gaurav
AU - Vidalis, Stilianos
AU - Menon, Catherine
AU - Anand, Niharika
AU - Pourmoafi, Seyedali
N1 - © 2021 IEEE.
PY - 2021/11/20
Y1 - 2021/11/20
N2 - The threat assessment model and methodology are developed based on the study and analysis of threat agents found in the real-time informational network. These models and methodology are dynamic system frameworks designed to understand the assets of an organization and threats to the business. The key findings and conclusion of threat assessment rely on the information extracted from the identified threat agents, using several attributes like threat profiling, critical threat intelligence (CTI), and determining the impact based on motivation, opportunity, and capability of the threat an organization/business. However, threat models and methodology enable us to perform a proactive cybersecurity threats assessment in an informational environment. The further investigation of the threat agent's incident also reveals different approaches followed by several existing models and methodologies. This research will present the existing risk assessment model's weaknesses and limitations and show how the current models and methodology fail to cover a comprehensive pattern analysis of captured packets from the network. In reflecting on this work, we use hypothetical and real-world examples of threat agents and analyze the threat agent's attributes (motivation, capability, and opportunity) that are not covering in standard threat agent taxonomies.
AB - The threat assessment model and methodology are developed based on the study and analysis of threat agents found in the real-time informational network. These models and methodology are dynamic system frameworks designed to understand the assets of an organization and threats to the business. The key findings and conclusion of threat assessment rely on the information extracted from the identified threat agents, using several attributes like threat profiling, critical threat intelligence (CTI), and determining the impact based on motivation, opportunity, and capability of the threat an organization/business. However, threat models and methodology enable us to perform a proactive cybersecurity threats assessment in an informational environment. The further investigation of the threat agent's incident also reveals different approaches followed by several existing models and methodologies. This research will present the existing risk assessment model's weaknesses and limitations and show how the current models and methodology fail to cover a comprehensive pattern analysis of captured packets from the network. In reflecting on this work, we use hypothetical and real-world examples of threat agents and analyze the threat agent's attributes (motivation, capability, and opportunity) that are not covering in standard threat agent taxonomies.
KW - Capability
KW - Critical Threat intelligence (CTI)
KW - Motivation
KW - Opportunity
KW - Profiling
KW - Risk Assessment
KW - Threat Agents
UR - http://www.scopus.com/inward/record.url?scp=85125054089&partnerID=8YFLogxK
U2 - 10.1109/IBSSC53889.2021.9673486
DO - 10.1109/IBSSC53889.2021.9673486
M3 - Conference contribution
AN - SCOPUS:85125054089
T3 - 2021 IEEE Bombay Section Signature Conference, IBSSC 2021
BT - 2021 IEEE Bombay Section Signature Conference, IBSSC 2021
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 3rd IEEE Bombay Section Signature Conference, IBSSC 2021
Y2 - 18 November 2021 through 20 November 2021
ER -