Modeling Features Threats to the Security of Information in the Process Threat Hunting

Standard

Modeling Features Threats to the Security of Information in the Process Threat Hunting. / Ponomareva, Olga a.; Stepanenko, Dmitry v.; Chernova, Olga v.
Proceedings - 2023 IEEE Ural-Siberian Conference on Biomedical Engineering, Radioelectronics and Information Technology, USBEREIT 2023: book. Institute of Electrical and Electronics Engineers Inc., 2023. p. 305-308.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Harvard

Ponomareva, OA, Stepanenko, DV & Chernova, OV 2023, Modeling Features Threats to the Security of Information in the Process Threat Hunting. in Proceedings - 2023 IEEE Ural-Siberian Conference on Biomedical Engineering, Radioelectronics and Information Technology, USBEREIT 2023: book. Institute of Electrical and Electronics Engineers Inc., pp. 305-308, 2023 IEEE Ural-Siberian Conference on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT), Екатеринбург, Russian Federation, 15/05/2023. https://doi.org/10.1109/USBEREIT58508.2023.10158844

APA

Ponomareva, O. A., Stepanenko, D. V., & Chernova, O. V. (2023). Modeling Features Threats to the Security of Information in the Process Threat Hunting. In Proceedings - 2023 IEEE Ural-Siberian Conference on Biomedical Engineering, Radioelectronics and Information Technology, USBEREIT 2023: book (pp. 305-308). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/USBEREIT58508.2023.10158844

Vancouver

Ponomareva OA, Stepanenko DV, Chernova OV. Modeling Features Threats to the Security of Information in the Process Threat Hunting. In Proceedings - 2023 IEEE Ural-Siberian Conference on Biomedical Engineering, Radioelectronics and Information Technology, USBEREIT 2023: book. Institute of Electrical and Electronics Engineers Inc. 2023. p. 305-308 doi: 10.1109/USBEREIT58508.2023.10158844

Author

Ponomareva, Olga a. ; Stepanenko, Dmitry v. ; Chernova, Olga v. / Modeling Features Threats to the Security of Information in the Process Threat Hunting. Proceedings - 2023 IEEE Ural-Siberian Conference on Biomedical Engineering, Radioelectronics and Information Technology, USBEREIT 2023: book. Institute of Electrical and Electronics Engineers Inc., 2023. pp. 305-308

BibTeX

@inproceedings{8c092d3e341044599445e67af736ce54,

title = "Modeling Features Threats to the Security of Information in the Process Threat Hunting",

abstract = "The article provides an analysis of techniques and approaches for modeling information security threats using the example of proactive search for threats that are not detected by traditional means of ensuring information security. The main stages and processes of the threat hunting method based on the basic maturity model 'Hunting Maturity Model' are considered. In addition, the MITRE ATT&CK framework is briefly reviewed using the example of 'technological domains' with a group classification of related actions, including when implementing targeted attacks on critical information infrastructure objects. The article concludes with a brief comparative review of information security threat modeling using the methodology of the Federal Service for Technical and Export Control of Russia (FSTEC of Russia) and MITRE ATT&CK matrices. In the discussion context, emphasis is placed on considering the possibility of integrating these two techniques for a more practice-oriented approach to modeling information security threats at the stage of creating information security systems and at the stage of its operation.",

author = "Ponomareva, {Olga a.} and Stepanenko, {Dmitry v.} and Chernova, {Olga v.}",

year = "2023",

month = may,

day = "15",

doi = "10.1109/USBEREIT58508.2023.10158844",

language = "English",

pages = "305--308",

booktitle = "Proceedings - 2023 IEEE Ural-Siberian Conference on Biomedical Engineering, Radioelectronics and Information Technology, USBEREIT 2023",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

address = "United States",

note = "2023 IEEE Ural-Siberian Conference on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT) ; Conference date: 15-05-2023 Through 17-05-2023",

}

RIS

TY - GEN

T1 - Modeling Features Threats to the Security of Information in the Process Threat Hunting

AU - Ponomareva, Olga a.

AU - Stepanenko, Dmitry v.

AU - Chernova, Olga v.

PY - 2023/5/15

Y1 - 2023/5/15

N2 - The article provides an analysis of techniques and approaches for modeling information security threats using the example of proactive search for threats that are not detected by traditional means of ensuring information security. The main stages and processes of the threat hunting method based on the basic maturity model 'Hunting Maturity Model' are considered. In addition, the MITRE ATT&CK framework is briefly reviewed using the example of 'technological domains' with a group classification of related actions, including when implementing targeted attacks on critical information infrastructure objects. The article concludes with a brief comparative review of information security threat modeling using the methodology of the Federal Service for Technical and Export Control of Russia (FSTEC of Russia) and MITRE ATT&CK matrices. In the discussion context, emphasis is placed on considering the possibility of integrating these two techniques for a more practice-oriented approach to modeling information security threats at the stage of creating information security systems and at the stage of its operation.

AB - The article provides an analysis of techniques and approaches for modeling information security threats using the example of proactive search for threats that are not detected by traditional means of ensuring information security. The main stages and processes of the threat hunting method based on the basic maturity model 'Hunting Maturity Model' are considered. In addition, the MITRE ATT&CK framework is briefly reviewed using the example of 'technological domains' with a group classification of related actions, including when implementing targeted attacks on critical information infrastructure objects. The article concludes with a brief comparative review of information security threat modeling using the methodology of the Federal Service for Technical and Export Control of Russia (FSTEC of Russia) and MITRE ATT&CK matrices. In the discussion context, emphasis is placed on considering the possibility of integrating these two techniques for a more practice-oriented approach to modeling information security threats at the stage of creating information security systems and at the stage of its operation.

UR - http://www.scopus.com/inward/record.url?partnerID=8YFLogxK&scp=85164911528

U2 - 10.1109/USBEREIT58508.2023.10158844

DO - 10.1109/USBEREIT58508.2023.10158844

M3 - Conference contribution

SP - 305

EP - 308

BT - Proceedings - 2023 IEEE Ural-Siberian Conference on Biomedical Engineering, Radioelectronics and Information Technology, USBEREIT 2023

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2023 IEEE Ural-Siberian Conference on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT)

Y2 - 15 May 2023 through 17 May 2023

ER -

ID: 41994768