{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,1]],"date-time":"2026-02-01T08:24:17Z","timestamp":1769934257863,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":44,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,9,30]],"date-time":"2024-09-30T00:00:00Z","timestamp":1727654400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0\/"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,9,30]]},"DOI":"10.1145\/3678890.3678903","type":"proceedings-article","created":{"date-parts":[[2024,9,29]],"date-time":"2024-09-29T22:23:36Z","timestamp":1727648616000},"page":"337-352","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["The \"Big Beast to Tackle\": Practices in Quality Assurance for Cyber Threat Intelligence"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-9761-1243","authenticated-orcid":false,"given":"Thomas","family":"Geras","sequence":"first","affiliation":[{"name":"HM Munich University of Applied Sciences, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8960-6986","authenticated-orcid":false,"given":"Thomas","family":"Schreck","sequence":"additional","affiliation":[{"name":"HM Munich University of Applied Sciences, Germany"}]}],"member":"320","published-online":{"date-parts":[[2024,9,30]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1177\/1468794107085301"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/2808128.2808133"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/platcon.2018.8472733"},{"key":"e_1_3_2_1_4_1","volume-title":"Elite and Expert Interviewing: Best Practice Guidance 03_Version 4.0","author":"Central University Research Ethics\u00a0Committee (CUREC). 2020.","unstructured":"Central University Research Ethics\u00a0Committee (CUREC). 2020. Elite and Expert Interviewing: Best Practice Guidance 03_Version 4.0. University of Oxford."},{"key":"e_1_3_2_1_5_1","unstructured":"ENISA. 2013. Detect share protect\u2014Solutions for improving threat data exchange among CERTs. (2013)."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/3576915.3623144"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/tii.2018.2857213"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.24251\/HICSS.2019.859"},{"key":"e_1_3_2_1_10_1","article-title":"The Admiralty Code: A cognitive tool for self-directed learning","volume":"14","author":"Hanson M.","year":"2015","unstructured":"James\u00a0M. Hanson. 2015. The Admiralty Code: A cognitive tool for self-directed learning. International Journal of Learning, Teaching and Educational Research 14, 1 (2015).","journal-title":"International Journal of Learning, Teaching and Educational Research"},{"key":"e_1_3_2_1_11_1","volume-title":"Die Qualit\u00e4t qualitativer Daten (The quality of qualitative data). Vol.\u00a04","author":"Helfferich Cornelia","unstructured":"Cornelia Helfferich. 2011. Die Qualit\u00e4t qualitativer Daten (The quality of qualitative data). Vol.\u00a04. Springer, Germany."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-150"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1109\/sibcon56144.2022.10002962"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/3609230"},{"key":"e_1_3_2_1_15_1","volume-title":"Qualitative interviewforschung (Qualitative interview research)","author":"Kruse Jan","unstructured":"Jan Kruse and Christian Schmieder. 2014. Qualitative interviewforschung (Qualitative interview research). Beltz Juventa, Germany."},{"key":"e_1_3_2_1_16_1","unstructured":"Udo Kuckartz. 2007. Einf\u00fchrung in die computergest\u00fctzte Analyse qualitativer Daten (Introduction to computer-assisted analysis of qualitative data)."},{"key":"e_1_3_2_1_17_1","volume-title":"Computerunterst\u00fctzung","author":"Kuckartz Udo","unstructured":"Udo Kuckartz. 2018. Qualitative Inhaltsanalyse. Methoden, Praxis, Computerunterst\u00fctzung, 4. Aufl. (Qualitative content analysis. Methods, Practice, Computer Support, 4th ed.) Beltz Juventa.","edition":"4"},{"key":"e_1_3_2_1_18_1","volume-title":"Research in Attacks","author":"K\u00fchrer Marc","unstructured":"Marc K\u00fchrer, Christian Rossow, and Thorsten Holz. 2014. Paint It Black: Evaluating the Effectiveness of Malware Blacklists. In Research in Attacks, Intrusions and Defenses, Angelos Stavrou, Herbert Bos, and Georgios Portokalidis (Eds.). Springer International Publishing, Cham, 1\u201321."},{"key":"e_1_3_2_1_19_1","volume-title":"28th USENIX Security Symposium (USENIX Security 19)","author":"Li Vector\u00a0Guo","year":"2019","unstructured":"Vector\u00a0Guo Li, Matthew Dunn, Paul Pearce, Damon McCoy, Geoffrey\u00a0M. Voelker, and Stefan Savage. 2019. Reading the Tea leaves: A Comparative Analysis of Threat Intelligence. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 851\u2013867. https:\/\/www.usenix.org\/conference\/usenixsecurity19\/presentation\/li"},{"key":"e_1_3_2_1_20_1","unstructured":"Adobe Systems Software\u00a0Ireland Limited. 2022. Audio and video editing software Version 22.5 (Build 62). https:\/\/www.adobe.com\/"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1080\/08874417.2013.11645667"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1109\/csr51186.2021.9527975"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/pac.2017.39"},{"key":"e_1_3_2_1_24_1","volume-title":"Taxonomy driven indicator scoring in MISP threat intelligence platforms. arXiv","author":"Mokaddem Sami","year":"2019","unstructured":"Sami Mokaddem, Gerard Wagener, Alexandre Dulaunoy, and Andras Iklody. 2019. Taxonomy driven indicator scoring in MISP threat intelligence platforms. arXiv (2019)."},{"key":"e_1_3_2_1_25_1","volume-title":"Cyber threat intelligence: A product without a process?International Journal of Intelligence and CounterIntelligence 34, 2","author":"Oosthoek Kris","year":"2021","unstructured":"Kris Oosthoek and Christian Doerr. 2021. Cyber threat intelligence: A product without a process?International Journal of Intelligence and CounterIntelligence 34, 2 (2021), 300\u2013315."},{"key":"e_1_3_2_1_26_1","unstructured":"Pawlinski and Kompanek. 2016. Evaluating Threat Intelligence Feeds. https:\/\/www.first.org\/resources\/papers\/munich2016\/kompanek-pawlinski-evaluating-threat-ntelligence-feeds.pdf"},{"key":"e_1_3_2_1_27_1","unstructured":"Alex Pinto and Kyle Maxwell. 2015. Defcon22 - Measuring the IQ of your Threat Intelligence feeds. https:\/\/www.youtube.com\/watch?v=uMJSOYA9xoM"},{"key":"e_1_3_2_1_28_1","unstructured":"MISP project. 2019. Decaying of indicators. https:\/\/www.misp-project.org\/2019\/09\/12\/Decaying-Of-Indicators.html\/"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/trustcom"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2018.12.011"},{"key":"e_1_3_2_1_31_1","volume-title":"Shadow cyber threat intelligence and its use in information security and risk management processes. Multikonferenz Wirtschaftsinformatik (MKWI 2018)","author":"Sauerwein Clemens","year":"2018","unstructured":"Clemens Sauerwein, Christian Sillaber, and Ruth Breu. 2018. Shadow cyber threat intelligence and its use in information security and risk management processes. Multikonferenz Wirtschaftsinformatik (MKWI 2018) (2018), 1333\u20131344."},{"key":"e_1_3_2_1_32_1","unstructured":"Clemens Sauerwein Christian Sillaber Andrea Mussmann and Ruth Breu. 2017. Threat intelligence sharing platforms: An exploratory study of software vendors and research perspectives. (2017)."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-020-00490-y"},{"key":"e_1_3_2_1_34_1","doi-asserted-by":"publisher","DOI":"10.1145\/2994539.2994546"},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-30592-4_7"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2016.04.003"},{"key":"e_1_3_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.48550\/ARXIV.2307.16852"},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2017.09.001"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1108\/ics-06-2020-0100"},{"key":"e_1_3_2_1_40_1","unstructured":"VirusTotal. 2024. YARA. virustotal.github.io\/yara\/"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN-W54100.2022.00037"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-59000-0_5"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/3484202"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/3339252.3340528"},{"key":"e_1_3_2_1_45_1","first-page":"10","article-title":"Video conferencing software","volume":"5","author":"Inc. Zoom Video\u00a0Communications.","year":"2022","unstructured":"Inc. Zoom Video\u00a0Communications. 2022. Video conferencing software, Version 5.10.6 (5889). http:\/\/zoom.us\/","journal-title":"Version"}],"event":{"name":"RAID '24: The 27th International Symposium on Research in Attacks, Intrusions and Defenses","location":"Padua Italy","acronym":"RAID '24"},"container-title":["The 27th International Symposium on Research in Attacks, Intrusions and Defenses"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3678890.3678903","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3678890.3678903","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T01:18:00Z","timestamp":1750295880000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3678890.3678903"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,9,30]]},"references-count":44,"alternative-id":["10.1145\/3678890.3678903","10.1145\/3678890"],"URL":"https:\/\/doi.org\/10.1145\/3678890.3678903","relation":{},"subject":[],"published":{"date-parts":[[2024,9,30]]},"assertion":[{"value":"2024-09-30","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}