Cyber threat intelligence through triad investigation approach on dynamic analysis technique of malware
Cyber Security is an interchange between attackers and defenders, a non-static bal- ancing force. Since increasing trend of novel security threat and security incident seems not to be stopping then the needs to additional line of security defenders are urgently required. This issue is also because the risk management and risk detection has become virtually impossible due to the limited access towards user data and the variations of modern threat taxonomies. The traditional strategy of self-discovery and signature de- tection which has a static nature is no longer able in facing the new dynamic generation threats which which are resilient, complex, and evasive. Therefore, this thesis discusses the use of MISP and The Triad Investigation approach to share the Indicator of Com- promise on Cyber Intelligence Sharing Platform to be able to address the new threats. In this study, the researcher analyzes the behavior of four banking malware families such as Emotet, Trickbot, Dridex, and Gootkit. Those malware families have medium to high risk level based on CVSS-based score.
No other version available