Volume 11, Number 07, May 2021
Threat Action Extraction using Information Retrieval
Authors
Chia-Mei Chen1, Jing-Yun Kan1, Ya-Hui Ou2, Zheng-Xun Cai1 and Albert Guan1, 1National Sun Yat-sen University, Taiwan, 2National Penghu University of Science and Technology, Taiwan
Abstract
To gain insight into potential cyber threats, this research proposes a novel automatic threat action retrieval system, which collects and analyzes various data sources including security news, incident analysis reports, and darknet hacker forums and develops an improved data preprocessing method to reduce feature dimension and a novel query match algorithm to capture effective threat actions automatically without manually predefined ontology applied by the past research. The experimental results illustrate that The proposed method achieves an accuracy of 94.7% and a recall rate of 95.8% and outperforms the previous research. The proposed solution can extract effective threat actions automatically and efficiently.
Keywords
Cyber Threat Intelligence, Word Vector, Information Retrieval.