关键词: 网络安全, 威胁情报, 多源情报, 量化评估, Critic 权重法

Abstract: With the diversification of cyber attacks forms and the complexity of attack methods, cyber threat intelligence (CTI)
has become an important means of dealing with unknown cyber threats. To effectively solve the problem of difficulty
to evaluate CTI quality due to the wide source and high repeatability, this paper proposes ISU-Measure (intelligent-source-user measure), a quality evaluation method of CTI based on multi-source heterogeneous data. Firstly,
timeliness, activity, relevance and completeness are designed as quantitative indicators to characterize the quality
of micro threat intelligence. Secondly, it is proposed to use scale, periodicity and originality as quantitative indicators to evaluate the overall quality of threat intelligence sources. Then, based on the differences in user needs, user
indicator preferences are designed and combing with the Critic weighting method, composite weight is generated.
At the same time, seven quantitative indicators are weighted to construct a quantitative evaluation model. The quality evaluation results of 12 mainstream threat intelligence sources show that the composite weighting method designed by the ISU-Measure method is superior to the Critic weighting method and the mean method, and has significant advantages in indicator coverage, acquisition difficulty and discrimination, compared with other research
methods.

Key words: cyber security, threat intelligence, multi-source intelligence, quantitative evaluation, Critic weighting method