Development of Cyber Threat Intelligence System in a SOC Environment for Real Time Environment

Abstract

Now a days, Information Communication Technology (ICT) plays an important role in the world. In IT, Cyber Security holds a vast place. Cyber Threat Intelligence (CTI) leads the significant place within Cyber Security, as many Cyber Threats need to be faced every day by a particular organization. Security Operation Center (SOC) helps to monitor and analyze an organization’s security position in Real Time. This paper proposes about the Cyber Threat Intelligence framework in a SOC Environment in Real Time. The proposed framework contains of three layers, which are built above Security Onion. The Layer 1 comprises of input data from online and offline sources. In Layer 2, implemented two components namely Filter data and Cut down data, which receive the data from Layer 1. Finally, in Layer 3 delivers a detailed report. As the input for the Layer 1, Financial Datasets is used. These Financial Datasets, which helps in order to detect the Financial Frauds. Machine Learning is used to train the model. By implementing CTI System in an organization, it helps to gain predictive output regarding the upcoming threats. Also, it helps to ensure the reputation of an organization by establishing trust between the users. Helps to increase the number of customers to an organization. The above are the advantages gained by a particular organization by having a CTI System.