Cyber Threat Intelligence

Capstone Project Title

Cyber threat intelligence: techniques for predictive cybersecurity

Capstone Project Brief

In an era dominated by digital transformations such as supply chain digitisation and the advent of remote work, the need for advanced cybersecurity measures has never been more pressing. This Capstone Project is designed to equip you with an understanding of the cutting-edge methods used in cyber threat intelligence, diving deep into the proactive approach of predicting and pre-emptively countering cyber threats. These methods might include predictive analysis, criminal profiling and attribution, deep and dark web analysis, and the use of Large Language Models (LLM’s) and Large Action Models (LAMs). With the guidance of your supervisor, the Capstone Project aims to position you to make innovative suggestions and observations that will help to place you at the forefront of cybersecurity innovation.

Key Learning Objectives:

• Understanding cyber threats: Gain a comprehensive understanding of the current threat landscape, including various types of cyber threats and actors.
• Intelligence gathering and analysis: Learn techniques for collecting, analysing, and interpreting data to identify potential cyber threats.
• Predictive modelling in cybersecurity: Explore how to use predictive analytics and modelling to foresee and mitigate future cyber-attacks.
• Strategic implementation of threat intelligence: Understand how to effectively integrate threat intelligence into an organisation’s cybersecurity strategy.
• Enhancing cyber defence mechanisms: Develop strategies for making cybersecurity measures more proactive, responsive and resilient.

Methodologies and Approach:

• Understand the application of machine learning algorithms, relying on practical assessments of the ingestion of data, to identify expected deviations. 
• Application of behavioural analytics: Examine ‘normal’ user behaviour, and develop an understanding of criminal motivations, learning to identify typical ‘patterns’ (IoC’s or indicators of compromise) of criminal behaviour. 
• The adoption of simulated attack scenarios that embraces a range of practical (social engineering) and advanced (threat hunting with AI and machine learning) tools. 
• Consider real-world criminal attitudes to risk and profit, and how these attitudes might inform our activity and approach. 
• Develop awareness of typical open source, community, and subscription threat intelligence services, and evaluate the practicalities of applying them for actionable improvements in cyber risk management. 
• This Capstone Project is part of a wider initiative and will delve deeper into such techniques and methodologies for predictive cybersecurity using data sets and case studies.

The specific research focus of your Capstone Project will be determined and confirmed with guidance from your supervisor at the outset to tailor it to you, your background, and interests as far as possible within the framework described.

Intended Audience

This Capstone Project is ideal for students in cybersecurity, criminology, computer science, law and related fields. It is equally valuable for those curious about understanding and combating cyber threats from a fresh and unconventional angle that combines understanding of businesses, common sense, and an appropriate mix of practical approaches appropriately supported by new methods and technologies. The Capstone Project promises to not only broaden your understanding of the cyber underworld but also equip you with innovative tools to consider wider cultural, behavioural, and business risk issues associated with the core subject area. The Capstone Project is best suited for:

• Aspiring cybersecurity and computer science professionals: Understand the technical aspects of cyber threats and learn techniques such as predictive analytics to pre-emptively counter cyber threats.
• For future policy-makers and legal experts: Gain insights into the mechanisms of cybercrime, aiding in the development of informed policies and regulations.
• For researchers and academicians: Explore how some organisations have been responding to cyber threats in real-time and learn about innovative techniques that may offer fertile ground for further research.

Previous Knowledge and Prerequisites

This Capstone Project is designed not only for those with a background in cybersecurity or computer science but for anyone interested in understanding how to protect and strengthen organisations in the digital age. The Capstone Project is structured to build your understanding from the ground up, explaining concepts in a way that is accessible to everyone. A working knowledge of computers and the internet would be advantageous.

General Prerequisites:

• Interest in organisational risk, cybersecurity and strategy: A keen interest in learning about risk management and organisational strategy contextualised by the core subject area of cybersecurity is more important than technical expertise.
• Basic understanding of business or IT concepts: While not mandatory, some familiarity with basic business or IT concepts can be beneficial. This could be from your studies, work experience, or general interest. Such non-exhaustive IT concepts with which you should be familiar include:
  - Network topology and how networks are the data-rich arteries, veins and capillaries of corporate communications, and familiarity with VPN, DDoS and other network-related acronyms. 
  - Routers and Firewalls, and how rules and filters are the critical signposts and gateways of IT.
  - A basic awareness of the technology stack with physical networking at the bottom and intermediate layers of middleware, applications, moving up towards the ability of good IT to allow interaction between users from devices over networks. 
  - Cloud Computing and how that distinguishes itself from legacy IT. 
  - Common cyber definitions such as malware, encryption, and authentication.
• Behavioural, criminal, legal aspects: Appetite to learn about and discuss ethical considerations, human behaviour, and legal or policy implications surrounding cybersecurity and the associated criminality.
• Access to publicly available information from specialist threat intelligence, specialist news, academic and research sites. A non-exhaustive list of such sites might include 
  - Virus Total -Analyses files and URLs for and malicious content detected by antivirus engines and website scanners
  - Alien Vault open threat exchange - A crowd-sourced platform where security researchers and practitioners share threat data.
  - Crowdstrike intelligence insights into adversary tactics, techniques, and procedures (TTP’s)
  - Recorded future real-time threat intelligence with insights into emerging threats
  - Dark Reading – a wide range of topics but including vulnerability and threat analysis and security research.

Transferable Knowledge and Skills

The Capstone Project is also intended to develop skills and knowledge that are not only relevant in the field of cybersecurity but are also highly transferable to other areas of business, technology, behavioural sciences and management. With the guidance of the supervisor, the Capstone Project is designed to prepare students for leadership roles and enhance their capability to tackle complex challenges in a digitally driven world.

• Strategic planning and decision-making skills: Make informed decisions based on cybersecurity trends and data, and balance the application of risk and cybersecurity strategy with overall business objectives. 
• Technical knowledge: Gain a broad understanding of cybersecurity technologies and practices, as well as the impact of latest trends.
• Problem-solving abilities: Enhance analytical thinking to solve complex cybersecurity challenges with solution-oriented approaches.
• Legal and ethical understanding: Gain knowledge of legal, regulatory, compliance and ethical considerations associated with cybersecurity within organisations.  

Assessment

Capstone Project Report (expected to be between 6,000-8,000 words) – 100% of the final mark.