Masterarbeit Nicolai Koukal: Design and Evaluation of a Security Advisory Content Retrieval and Extraction System to Enhance Cyber Situational Awareness

Abstract: Computer emergency response teams (CERTs) of the public sector provide advisory, preventive, and reactive cybersecurity services for authorities, citizens, and enterprises. However, their tasks of monitoring, analysing, and communicating threats to establish cyber situational awareness are getting more complex due to the increasing information volume and varying information quality disseminated through public channels. Besides the time-consuming data collection for incident handling and daily reporting, CERTs are often confronted with irrelevant, redundant, or incredible information, exacerbating the time-critical prevention of and response to cyber threats. Based on a literature review and empirical requirements analysis, this thesis presents the design and evaluation of a security advisory content retrieval and extraction system, which facilitates the multi-source gathering and analysis of security advisories by means of (1) CSAF and (2) RSS feeds as well as (3) HTML extraction. The thesis concludes with a discussion of design science research contributions and implications.

Betreuer: Dr. Marc-André Kaufhold

Prüfer: Prof. Dr. Dr. Christian Reuter