A Survey on Threat Intelligence Techniques for Constructing, Detecting, and Reacting to Advanced Intrusion Campaigns

Abstract

The rise of intrusion has increased the need for cybersecurity in various organizations. A set of these intrusions by an adversary against a particular organization are called intrusion campaigns. Threat intelligence techniques help detect and respond to intrusion attempts and help organizations set up a framework that can secure their services and interests. This chapter surveys different parameters and resources required to construct such a threat intelligence technique for an organization. Furthermore, the chapter discusses the various cases and models of an Intrusion Detection System (IDS) and Intrusion Response System (IRS) along with their comparison using the security resources collected during the construction of a Threat Intelligence model. All of this combined forms the threat intelligence technique. © 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.