logo SBA

ETD

Archivio digitale delle tesi discusse presso l’Università di Pisa

Tesi etd-04242024-124624


Tipo di tesi
Tesi di laurea magistrale
Autore
VITANGELI, GIACOMO
URN
etd-04242024-124624
Titolo
A Novel Cyber Threat Intelligence Engine to Enhance Security Operations Centers
Dipartimento
INGEGNERIA DELL'INFORMAZIONE
Corso di studi
CYBERSECURITY
Relatori
relatore Prof. Chessa, Stefano
correlatore Prof. Garroppo, Rosario Giuseppe
correlatore Dott. Manzi, Alessandro
Parole chiave
  • artificial intelligence
  • cyber defense
  • cyber threat intelligence
  • cybersecurity
  • incident response
  • information security
  • large language models
  • network security
  • security enhancement
  • security operations centers
  • threat detection
  • threat intelligence platform
Data inizio appello
30/05/2024
Consultabilità
Non consultabile
Data di rilascio
30/05/2094
Riassunto
The thesis focuses on advancing cyber threat intelligence (CTI) by integrating generative AI technologies into Security Operations Centers (SOCs). The research addresses the challenges posed by the increasing complexity and volume of cyber threats that undermine traditional security measures. It presents a novel engine designed to improve the precision and speed of threat detection and analysis by utilizing large language models (LLMs) for processing CTI data.
The study begins with a comprehensive survey of existing CTI practices and the role of AI in cybersecurity, setting the groundwork for the proposed innovations. It introduces an engine architecture that leverages AI to enhance data analysis capabilities within SOCs. The methodology section details the design and implementation of this engine, emphasizing the integration of generative AI for dynamic CTI analysis. Key components such as the CVE (Common Vulnerabilities and Exposures) Extractor are discussed, which automate the extraction and correlation of threat data to specific vulnerabilities.
Evaluation of the engine demonstrates its effectiveness in enhancing the operational efficiency of SOCs through faster and more accurate threat detection. The thesis concludes with reflections on the research findings and suggestions for future enhancements, including scaling the application of AI in cybersecurity operations.
File