THREAT INTELLIGENCE SHARING PLATFORM IMPLEMENTATION USING MISP

Abstract

With the increasing number of cyber threats and malicious activities in organizational environments, effective threat detection and information sharing have become essential for maintaining cybersecurity. Traditional security systems often operate in isolation, limiting their ability to detect and respond to emerging threats in real time. This project proposes a Threat Intelligence Sharing Platform using the Malware Information Sharing Platform (MISP) to monitor, detect, and share threat information across users within an organization. The system continuously monitors user activities such as login attempts and web resource access to identify suspicious behavior, including unauthorized login attempts and access to malicious domains. When a threat is detected, the system restricts access and logs the activity. These threat logs are shared across the organization, enabling all users to stay informed about potential risks. The platform includes modules for admin and employee roles, where the admin can manage users, view threat logs, and visualize threat activities, while employees can access web resources and view shared threat intelligence. Visualization tools are used to represent threat and normal activities, improving understanding and decision-making. The integration of MISP enhances real-time threat detection and collaborative security. This system provides a proactive approach to cybersecurity by enabling early detection, prevention, and sharing of threats, thereby strengthening organizational security and awareness.