Academy & Industry Research Collaboration Center (AIRCC)

Volume 11, Number 07, May 2021

Threat Action Extraction using Information Retrieval

  Authors

Chia-Mei Chen1, Jing-Yun Kan1, Ya-Hui Ou2, Zheng-Xun Cai1 and Albert Guan1, 1National Sun Yat-sen University, Taiwan, 2National Penghu University of Science and Technology, Taiwan

  Abstract

To gain insight into potential cyber threats, this research proposes a novel automatic threat action retrieval system, which collects and analyzes various data sources including security news, incident analysis reports, and darknet hacker forums and develops an improved data preprocessing method to reduce feature dimension and a novel query match algorithm to capture effective threat actions automatically without manually predefined ontology applied by the past research. The experimental results illustrate that The proposed method achieves an accuracy of 94.7% and a recall rate of 95.8% and outperforms the previous research. The proposed solution can extract effective threat actions automatically and efficiently.

  Keywords

Cyber Threat Intelligence, Word Vector, Information Retrieval.