Efficient Collection and Processing of Cyber Threat Intelligence from Partner Feeds

Sharing of threat intelligence between organizations and companies in the cyber security industry is a crucial part of proactive defense against security threats. Even though some standardization efforts exist, most publishers of cyber security feeds use their own approach and provide data in varying formats, schemata, compression algorithms, through differing APIs etc. This makes every feed unique and complicates their automated collection and processing.Furthermore, the published data may contain a lot of irrelevant records, such as duplicates or data about very exotic files or websites, which are not useful. In this work, we present Feed Automation, a cloud-based system for fully automatic collection and processing of cyber threat intelligence from a variety of online feeds. The system provides two means for reduction of noise in the data: a smart deduplication service based on a sliding window technique, which is able to remove just the duplicates with no important changes in the metadata; and efficient rules, easily configurable by the malware analysts, to remove records, which are not useful for us. Additionally, we propose a filtering solution based on machine learning, which is able to predict how useful a record is for our backend systems based on historic data. We demonstrate how this system can help to unify the feed collection, processing, and data noise reduction into one automated system, speeding up development, simplifying maintenance, and reducing the load for the backend systems

Enhancing feedback and improving feedback: subjective perceptions, psychological consequences and behavioral outcomes

Three experiments examined subjective perceptions, psychological consequences, and behavioral outcomes of enhancing versus improving feedback. Across experiments, feedback delivery and assessment were sequential (i.e., at each testing juncture) or cumulative (i.e., at the end of the testing session). Although enhancing feedback was seen as more satisfying than useful, and improving feedback was not seen as more useful than satisfying, perceptions differed as a function of short-term versus long-term feedback delivery and assessment. Overall, however, enhancing feedback was more impactful psychologically and behaviorally. Enhancing feedback engendered greater success consistency, overall satisfaction and usefulness, optimism, state self-esteem, perceived ability, and test persistence intentions; improving feedback, on the other hand, engendered greater state improvement. The findings provide the fodder for theory development and applications