Paper published in a book (Scientific congresses, symposiums and conference proceedings)
What's in a Cyber Threat Intelligence sharing platform?: A mixed-methods user experience investigation of MISP
Stojkovski, Borce; Lenzini, Gabriele; Koenig, Vincent et al.
2021In Annual Computer Security Applications Conference (ACSAC ’21)
Peer reviewed
 

Files


Full Text
ACSAC21-MISP.pdf
Publisher postprint (1.29 MB)
Download

All documents in ORBilu are protected by a user license.

Send to



Details



Keywords :
user studies; user experience; usability; cyber threat intelligence; information sharing; sharing platforms
Abstract :
[en] The ever-increasing scale and complexity of cyber attacks and cyber-criminal activities necessitate secure and effective sharing of cyber threat intelligence (CTI) among a diverse set of stakeholders and communities. CTI sharing platforms are becoming indispensable tools for cooperative and collaborative cybersecurity. Nevertheless, despite the growing research in this area, the emphasis is often placed on the technical aspects, incentives, or implications associated with CTI sharing, as opposed to investigating challenges encountered by users of such platforms. To date, user experience (UX) aspects remain largely unexplored. This paper offers a unique contribution towards understanding the constraining and enabling factors of security information sharing within one of the leading platforms. MISP is an open source CTI sharing platform used by more than 6,000 organizations worldwide. As a technically-advanced CTI sharing platform it aims to cater for a diverse set of security information workers with distinct needs and objectives. In this respect, MISP has to pay an equal amount of attention to the UX in order to maximize and optimize the quantity and quality of threat information that is contributed and consumed. Using mixed methods we shed light on the strengths and weaknesses of MISP from an end-users’ perspective and discuss the role UX could play in effective CTI sharing. We conclude with an outline of future work and open challenges worth further exploring in this nascent, yet highly important socio-technical context.
Research center :
- Interdisciplinary Centre for Security, Reliability and Trust (SnT) > Other
Disciplines :
Computer science
Author, co-author :
Stojkovski, Borce ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > IRiSC
Lenzini, Gabriele ;  University of Luxembourg > Interdisciplinary Centre for Security, Reliability and Trust (SNT) > IRiSC
Koenig, Vincent ;  University of Luxembourg > Faculty of Humanities, Education and Social Sciences (FHSE) > Department of Behavioural and Cognitive Sciences (DBCS)
Rivas, Salvador  ;  University of Luxembourg > Faculty of Humanities, Education and Social Sciences (FHSE) > LUCET
External co-authors :
no
Language :
English
Title :
What's in a Cyber Threat Intelligence sharing platform?: A mixed-methods user experience investigation of MISP
Publication date :
December 2021
Event name :
Annual Computer Security Applications Conference (ACSAC ’21)
Event organizer :
ACM
Event place :
Virtual Event, United States
Event date :
6/12/2021 to 10/12/2021
Audience :
International
Main work title :
Annual Computer Security Applications Conference (ACSAC ’21)
Publisher :
ACM, New York, NY, United States
ISBN/EAN :
978-1-4503-8579-4
Collection name :
ACSAC
Pages :
385–398
Peer reviewed :
Peer reviewed
Focus Area :
Security, Reliability and Trust
FnR Project :
FNR10621687 - Security And Privacy For System Protection, 2015 (01/01/2017-30/06/2023) - Sjouke Mauw
Funders :
FNR - Fonds National de la Recherche [LU]
Available on ORBilu :
since 01 October 2021

Statistics


Number of views
461 (31 by Unilu)
Number of downloads
497 (16 by Unilu)

Scopus citations®
 
5
Scopus citations®
without self-citations
5
OpenCitations
 
2

Bibliography


Similar publications



Contact ORBilu