MISP
/
misp-website
mirror of https://github.com/MISP/misp-website
2
0
Fork 0
Code Issues Releases Wiki Activity

chg: [research-topics] ToC fixed

pull/87/head
Alexandre Dulaunoy 2023-09-11 15:37:16 +02:00
parent 57fd3275b3
commit d36e0f4a8d
No known key found for this signature in database
GPG Key ID: 09E2CD4944E6CBCD
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
content/research-topics.md
View File

@ -35,15 +35,15 @@ MISP users frequently experience performance issues when utilizing the correlati
In March 2022, the concept of protected events was introduced to cryptographically sign events, preventing data tampering [^1]. The distribution of cryptographic materials is carried out using Cerberate [^2]. In this research, these mechanisms will be analyzed in-depth, followed by an examination of cryptographic attacks and the proposal of potential solutions or improvements.
# Mis- and dis-information detection and mitigation
## Mis- and dis-information detection and mitigation
The companion tool, Cerebrate [^2], provides an overview of contributors to MISP through cryptographic verification. Nevertheless, the risk of misinformation and disinformation within MISP communities remains ever-present, with malicious users disseminating false information. The objective of this research is to assess the current mechanisms, such as warning lists[^3] and blacklisting [^4] in MISP. Subsequently, researcher could conduct a survey of detailed misinformation and disinformation techniques that could potentially impact MISP communities, followed by the development of appropriate countermeasures.
# Community analysis tools
## Community analysis tools
MISP facilitates the sharing of numerous types of objects [^5] within a sharing community. While some features provide basic statistics on the usage of these objects within a given community, the aim of this research is to comprehensively analyze these statistics, assess their advantages and limitations, and introduce novel automated methods to gain deeper insights into MISP communities, with a particular emphasis on information sharing aspects.
# MISP community rating
## MISP community rating
In the rich tapestry of MISP information sharing communities, a wealth of insights and analytical data resides, offering valuable glimpses into the diverse capabilities of organizations engaged in sharing threat intelligence. Our research endeavor seeks to assess algorithms and methodologies that can autonomously evaluate and rate organizations within a MISP community. The outcomes of this research hold the potential for seamless integration into MISP or Cerebrate, enabling the sharing of calculated organizational capabilities and ratings across the community. Such ratings can, in turn, play a pivotal role in the qualification and validation of information generated by these participating organizations. The research results can be then integrated into MISP to qualify the intelligence produced by the rated organisations.