{"paper":{"title":"Decaying Indicators of Compromise","license":"http://creativecommons.org/licenses/by-sa/4.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Alexandre Dulaunoy, Andras Iklody, Cynthia Wagner, Gerard Wagener, Sami Mokaddem","submitted_at":"2018-03-29T13:35:26Z","abstract_excerpt":"The steady increase in the volume of indicators of compromise (IoC) as well as their volatile nature makes their processing challenging. Once compromised infrastructures are cleaned up, threat actors are moving to on to other target infrastructures or simply changing attack strategies. To ease the evaluation of IoCs as well as to harness the combined analysis capabilities, threat intelligence sharing platforms were introduced in order to foster collaboration on a community level. In this paper, the open-source threat intelligence platform MISP is used to implement and showcase a generic scorin"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1803.11052","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"}