Krämer, L. (2017):
The use of Cyber Threat Intelligence approaches in the context of security monitoring in university networks
More and more frequently news channels are reporting on successful cyber-attacks. Among those affected are organizations from all areas, including education and research. Universities are vulnerable to cyber-attacks because they are characterized by a very heterogeneous and decentralized administered network and they own valuable information, such as personal data and research findings. One solution that could support organizations in combating the increasingly number of cyber-attacks is Cyber Threat Intelligence (CTI). The purpose of this thesis is to investigate the use of CTI in the context of the security monitoring of university networks. Therefore, the thesis provides an overview over the more and more popular topic of CTI and defines requirements for the use of CTI in the context of university networks. Moreover, the thesis presents a generic concept for the integration of CTI platforms into the security monitoring of higher education networks as well as a prototypical implementation of this concept.