Qoi: Assessing Participation In Threat Information Sharing

Creator

Jemon Park, University of Central Florida
Hisham Alasmary, University of Central Florida
Omar Al-Ibrahim, University of Central Florida
Charlies Kamhoua, Air Force Research Laboratory
Kevin Kwiat, U.S. Army Research Laboratory

Keywords

QoI; Sharing; Threat intelligence

Abstract

We introduce the notion of Quality of Indicator (QoI) to assess the level of contribution by participants in threat intelligence sharing. We exemplify QoI by metrics of the correctness, relevance, utility, and uniqueness of indicators. We build a system that extrapolates the metrics using a machine learning process over a reference set of indicators. We compared these results against a model that only considers the volume of information as a metric for contribution, and unveiled various observations, including the ability to spot low-quality contributions that are synonymous to free-riding.

Publication Date

9-10-2018

Publication Title

ICASSP, IEEE International Conference on Acoustics, Speech and Signal Processing - Proceedings

Volume

2018-April

Number of Pages

6951-6955

Document Type

Article; Proceedings Paper

Personal Identifier

scopus

DOI Link

https://doi.org/10.1109/ICASSP.2018.8462036

Copyright Status

Unknown

Socpus ID

85054275994 (Scopus)

Source API URL

https://api.elsevier.com/content/abstract/scopus_id/85054275994

STARS Citation

Park, Jemon; Alasmary, Hisham; Al-Ibrahim, Omar; Kamhoua, Charlies; and Kwiat, Kevin, "Qoi: Assessing Participation In Threat Information Sharing" (2018). Scopus Export 2015-2019. 10529.
https://stars.library.ucf.edu/scopus2015/10529