Threat Action Extraction using Information Retrieval

Chia-Mei Chen; Jing-Yun Kan; Ya-Hui Ou; Zheng-Xun Cai; Albert Guan; Chia-Mei Chen; Jing-Yun Kan; Ya-Hui Ou; Zheng-Xun Cai; Albert Guan

doi:10.5121/csit.2021.110702

Volume 11, Number 07, May 2021

Threat Action Extraction using Information Retrieval

Authors

Chia-Mei Chen¹, Jing-Yun Kan¹, Ya-Hui Ou², Zheng-Xun Cai¹ and Albert Guan¹, ¹National Sun Yat-sen University, Taiwan, ²National Penghu University of Science and Technology, Taiwan

Abstract

To gain insight into potential cyber threats, this research proposes a novel automatic threat action retrieval system, which collects and analyzes various data sources including security news, incident analysis reports, and darknet hacker forums and develops an improved data preprocessing method to reduce feature dimension and a novel query match algorithm to capture effective threat actions automatically without manually predefined ontology applied by the past research. The experimental results illustrate that The proposed method achieves an accuracy of 94.7% and a recall rate of 95.8% and outperforms the previous research. The proposed solution can extract effective threat actions automatically and efficiently.

Keywords

Cyber Threat Intelligence, Word Vector, Information Retrieval.

Subscription Membership AIRCC CSCP Contact Us
All Rights Reserved ® AIRCC