The increased sophistication of cyber-attacks has created a technology arm race between attackers and defenders. However, this arm race is not fought in equal terms. Defenders are falling behind due to lack of manpower coupled with an overwhelming number of sophisticated attacks, e.g. advanced persistent threats, making cyber defense extremely difficult. This is also due to lack of collaboration among the network security solutions, e.g., intrusion detection systems and honeypots, which are in possession of different organizations across the globe.

In the recent years, organizations like CERTs, NRENs, as well as industry organizations are moving towards proactive detection capabilities leveraging Cyber Threat Intelligence (CTI) platforms. These platforms aim at advanced alert aggregation, correlation, and prioritization considering the asset criticality of organizations as well as the quality of shared threat intelligence. The goal of CyberTIM is to bring the industry practitioners, researchers, engineers, and academic researchers together from the domain of network security, network measurements, cyber incident monitoring, trust & risk management, cyber situational awareness, security analytics, and security visualization.

TOPICS OF INTEREST INCLUDE, BUT ARE NOT LIMITED TO

Network Intrusions
Cyber threat detection
Cyber threat prediction
End-to-End threat intelligence
Threat Intelligence sharing
Collaborative Intrusion Detection
Blockchain-based TI sharing
Cyber situational awareness
Cyber threat analytics
Cyber threat sharing community
Trust management in/for Cyber Threat Intelligence
Cyber threat visualization
Cyber threat monitoring
Botnet monitoring
Cyber threat correlation techniques
Cyber threat prioritization techniques
Cyber threat sharing platforms
Alert exchange formats
Alert exchange protocols
Cyber-crime forensics
Cyber-crime risk management
Incident response
Automotive threat intelligence (backend and on-board)