Related references
Note: Only part of the references are listed.
Article
Computer Science, Artificial Intelligence
Xiaodi Wang et al.
Summary: Due to continuous cyberattacks, a large amount of unstructured and multisource threat intelligence is generated online every day, making it difficult for security analysts to understand the implicit threat in a timely manner. This study proposes a new feature integration and entity boundary detection (FIEBD) model that incorporates a pretrained language model (PERT) and a novel neural network cell (GARU) to improve the analysis of threat intelligence in cybersecurity. The model achieves better performance than existing baseline methods by integrating different types of features and incorporating explicit interaction.
KNOWLEDGE-BASED SYSTEMS
(2023)
Review
Computer Science, Information Systems
Scott Ainslie et al.
Summary: The increasing militarization of the cyber-threat environment has driven considerable interest in understanding the role of cyber-threat intelligence (CTI) in supporting the enterprise. Despite CTI's value proposition to organizations, the rate of industry adoption has been low and localized within IT Operations. Our review of the research and practice literature on CTI shows that the discourse is heavily dominated by the technology perspective, leaving significant gaps in the knowledge of CTI.
COMPUTERS & SECURITY
(2023)
Article
Computer Science, Information Systems
Yongyan Guo et al.
Summary: With the emergence of various new attack techniques, cyber-attacks have become increasingly sophisticated and difficult to handle, posing significant threats to companies and individuals. Therefore, it is crucial to analyze attack incidents and trace the responsible attack groups. This paper proposes a threat intelligence framework that extracts, correlates, and unifies cybersecurity entity-relation triples from structured and unstructured data using a Cybersecurity Knowledge Graph (CKG).
COMPUTERS & SECURITY
(2023)
Article
Computer Science, Artificial Intelligence
Zhaoran Liu et al.
Summary: The mainstream method of end-to-end relation extraction, which jointly extracts entities and relations, may cause feature conflict. The introduction of advanced pre-trained models allows the use of separate encoders for entity recognition and relation classification, resulting in a promising pipelined approach for relation extraction. By fusing contextual semantic representation and capturing entities' location and type information, this framework achieves better performance than existing models.
EXPERT SYSTEMS WITH APPLICATIONS
(2023)
Article
Computer Science, Information Systems
Nan Sun et al.
Summary: As cyber attacks become more severe and frequent, new security defenses are needed to protect against them. Traditional security systems struggle to cope with the dynamic nature of new-generation threats. Organizations are focusing on cyber threat intelligence mining to gather real-time information and strengthen security postures.
IEEE COMMUNICATIONS SURVEYS AND TUTORIALS
(2023)
Article
Chemistry, Multidisciplinary
Ana Alves-Pinto et al.
Summary: Named entity recognition (NER) is an important step in processing unstructured text content. This study investigates the use of Conditional Random Fields (CRF) for efficient NER training in German texts through an iterative process. The combination of self-learning with manual annotation-active learning improves the model's F1-score and reduces the amount of manual annotation required to train the model. A model with an F1-score of 0.885 was trained in 11.4 hours.
APPLIED SCIENCES-BASEL
(2022)
Article
Computer Science, Information Systems
Hanieh Poostchi et al.
Summary: This paper introduces a new neural model, BiLSTM-SSVM, for named-entity recognition (NER), which is trained using structured hinge loss. The experimental results show that training with the proposed mixed hinge loss leads to consistent small improvements over cross entropy across four languages and different evaluation measures.
IEEE TRANSACTIONS ON BIG DATA
(2022)
Article
Computer Science, Information Systems
Hyeonseong Jo et al.
Summary: To address the evolving cyber threats, researchers have developed CTI systems to extract intelligence from publicly available sources. However, the reliance on indicators of compromise (IOC) has limited their ability to understand and detect threats. In this study, the authors propose Vulcan, a novel CTI system that extracts descriptive or static CTI data from unstructured text and determines their semantic relationships. Experimental results show high accuracy, and Vulcan enables the development of threat analysis applications.
COMPUTERS & SECURITY
(2022)
Article
Computer Science, Information Systems
Manling Li et al.
Summary: This research proposes a hierarchy-constrained link prediction method, called hTransM, which is based on knowledge graph embedding methods. By detecting hierarchical structures, hTransM can adaptively determine the optimal margin and has been proven effective through theoretical analysis and experiments.
IEEE TRANSACTIONS ON BIG DATA
(2022)
Article
Computer Science, Information Systems
Yongfei Li et al.
Summary: The increasing number of cyberattacks has highlighted the need for cyber threat intelligence to address the complex and evolving cyber environment. This paper proposes a novel threat intelligence information extraction system that combines multiple models and utilizes a knowledge graph to improve entity extraction, coreference resolution, and relation extraction. Experimental results demonstrate significant improvements in performance compared to baseline models.
SECURITY AND COMMUNICATION NETWORKS
(2022)
Article
Computer Science, Information Systems
Boyang Zhou et al.
Summary: This paper proposes a new persistent route diversification defense (PRDD) mechanism to effectively mitigate flooding attacks in computer networks and prevent attackers from probing and speculating persistent routes. Evaluated using NS-3 and Mininet, the results show that PRDD is more effective in mitigating attacked routes compared to existing solutions.
SECURITY AND COMMUNICATION NETWORKS
(2022)
Article
Computer Science, Artificial Intelligence
Zheng Chen et al.
Summary: Entity-relation extraction is the task of extracting entities and their semantic relations from unstructured text. Recent studies have shown that Machine Reading Comprehension (MRC) based methods achieve significant results in this task. However, traditional entity-first methods suffer from entity redundancy and error propagation. To address these issues, we propose a pattern-first pipeline approach.
Article
Computer Science, Hardware & Architecture
Wenhan Ge et al.
Summary: This paper introduces a multi-instance learning approach called SeqMask for extracting TTPs and behavior keywords from Cyber Threat Intelligence, as well as predicting and verifying the validity of TTPs labels.
Article
Computer Science, Information Systems
Jian Liu et al.
Summary: This research proposes a trigger-enhanced actionable CTI discovery system (TriCTI) that utilizes natural language processing (NLP) technology to generate actionable threat intelligence from cybersecurity reports. By identifying campaign stages and indicators of compromise (IOCs), the system can effectively prioritize and mitigate cyber threats throughout various stages. Compared to other models, TriCTI demonstrates better performance in classification accuracy and F1 score. It has been successfully applied to analyze a large number of cybersecurity reports and collect actionable CTI.
Article
Computer Science, Artificial Intelligence
Injy Sarhan et al.
Summary: Instant analysis of cybersecurity reports is a challenge for security experts due to the massive amount of cyber information generated daily, requiring automated tools for data extraction. Open-CyKG framework utilizes neural networks to extract valuable cyber threat information from APT reports and build a knowledge graph for queries, outperforming state-of-the-art models.
KNOWLEDGE-BASED SYSTEMS
(2021)
Article
Chemistry, Analytical
Athanasios Dimitriadis et al.
Summary: Cyber threat information sharing is crucial for collaborative security, but faces challenges such as the overwhelming amount of shared information and the need for advanced filtering methods. Research suggests that utilizing contextualized filtering can improve efficiency and automated customized threat information sharing.
Article
Multidisciplinary Sciences
Yiwei Lu et al.
Summary: A significant amount of operational information exists in textual form, and extracting this information from unstructured military text is crucial. Traditional methods have limitations such as inadequate manual features and inaccurate Chinese word segmentation in the military domain. The proposed approach combines BiGRU and MHATT to improve military relation extraction, achieving a 4% improvement in F1-score over traditional models.
Article
Computer Science, Information Systems
Feng Zhao et al.
IEEE TRANSACTIONS ON BIG DATA
(2020)
Article
Computer Science, Information Systems
Feng Yi et al.
Article
Computer Science, Information Systems
MingJian Tang et al.
IEEE TRANSACTIONS ON BIG DATA
(2019)
Article
Computer Science, Artificial Intelligence
Giannis Bekoulis et al.
EXPERT SYSTEMS WITH APPLICATIONS
(2018)