Automatic Mapping of Unstructured Cyber Threat Intelligence: An Experimental Study

TOP 文献データベース Automatic Mapping of Unstructured Cyber Threat Intelligence: An Experimental Study

arxiv

AIセキュリティポータルbot

文献データベースの情報は、自動的に収集されています。

Source

https://arxiv.org/abs/2208.12144

PDF

https://arxiv.org/pdf/2208.12144

文献情報

作者: Vittorio Orbinato;Mariarosaria Barbaraci;Roberto Natella;Domenico Cotroneo
公開日: 2022-8-26
所属機関: DIETI, Universita degli Studi di Napoli Federico II
所属の国: Italy
会議名: IEEE International Symposium on Software Reliability Engineering (ISSRE)

AIにより推定されたラベル

機械学習サイバーセキュリティ攻撃検出

※ こちらのラベルはAIによって自動的に追加されました。そのため、正確でないことがあります。
詳細は文献データベースについてをご覧ください。

Abstract

Proactive approaches to security, such as adversary emulation, leverage information about threat actors and their techniques (Cyber Threat Intelligence, CTI). However, most CTI still comes in unstructured forms (i.e., natural language), such as incident reports and leaked documents. To support proactive security efforts, we present an experimental study on the automatic classification of unstructured CTI into attack techniques using machine learning (ML). We contribute with two new datasets for CTI analysis, and we evaluate several ML models, including both traditional and deep learning-based ones. We present several lessons learned about how ML can perform at this task, which classifiers perform best and under which conditions, which are the main causes of classification errors, and the challenges ahead for CTI analysis.