With the diversification of cyber attacks forms and the complexity of attack methods,cyber threat intelligence(CTI)has become an important means of dealing with unknown cyber threats.To effectively solve the problem of difficulty to evaluate CTI quality due to the wide source and high repeatability,this paper proposes ISU-Measure(intelli-gent-source-user measure),a quality evaluation method of CTI based on multi-source heterogeneous data.Firstly,timeliness,activity,relevance and completeness are designed as quantitative indicators to characterize the quality of micro threat intelligence.Secondly,it is proposed to use scale,periodicity and originality as quantitative indica-tors to evaluate the overall quality of threat intelligence sources.Then,based on the differences in user needs,user indicator preferences are designed and combing with the Critic weighting method,composite weight is generated.At the same time,seven quantitative indicators are weighted to construct a quantitative evaluation model.The qual-ity evaluation results of 12 mainstream threat intelligence sources show that the composite weighting method de-signed by the ISU-Measure method is superior to the Critic weighting method and the mean method,and has signif-icant advantages in indicator coverage,acquisition difficulty and discrimination,compared with other research methods.
维普
万方数据
