An Automatic Generation Approach of the Cyber Threat Intelligence Records Based on Multi-Source Information Fusion

Sun, Tianfang; Yang, Pin; Li, Mengming; Liao, Shan

doi:10.3390/fi13020040

Cited by 24 publications

(9 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…AUMA-MRL user extraction algorithm proposed in this paper can be implemented well when different networks overlap [23,24]. User interactions between new network nodes improve the power of network user interaction mining algorithms [25].…”

Section: Results and Analysismentioning

confidence: 98%

Implementation of Network Data Mining Algorithm for Associated Users Based on Multi-Information Fusion

Zhang

2022

Journal of Sensors

View full text Add to dashboard Cite

In order to accurately and effectively mine relevant users in social networks, we can stop false information and illegal activities in the network, thereby ensuring the safety and integrity of the network environment. A method is proposed for the implementation of a data mining algorithm of a user network based on the fusion of several data. AUMA-MRL (associated user mining algorithm based on multi-information representation learning) proposes an associated user mining algorithm based on node characteristics, neighborhood information, and global network structure information. The steps of the algorithm are as follows: combining each user of the social network into a node using a method where each node is installed separately and combining network user characteristics and user relationship information. A user pair is a network similarity vector that represents the similarity of users in different dimensions. Based on these similarity vectors, a corresponding user separation algorithm is formed. It examines the feasibility and efficiency of the AUMA-MRL algorithm for researching relevant users. The proportion of associated users in the network to be fused is lower than that of nonassociated users, and the prediction has little effect on improving the recall rate of nonassociated users, so the recall rate is slightly lower than the accuracy. This algorithm can quickly get the embedding of new nodes and the similarity vector between new nodes and other nodes in the network, so as to quickly mine the associated users of new nodes in the network and enhance the robustness of the network associated user mining algorithm.

show abstract

Section: Results and Analysismentioning

confidence: 98%

Implementation of Network Data Mining Algorithm for Associated Users Based on Multi-Information Fusion

Zhang

2022

Journal of Sensors

View full text Add to dashboard Cite

show abstract

“…Given these challenges, text mining approaches have been introduced, with topic modeling emerging as a prevalent method for uncovering underlying patterns in large text data sets (Vayansky & Kumar, 2020). Established techniques have found applications in forensics, particularly in cybersecurity, social media analysis, and author verification (Bérubé et al, 2020; Dutta et al, 2020; Shahbazi & Byun, 2022; T. Sun, Yang, et al, 2021).…”

Section: Topic Modeling As a New Approachmentioning

confidence: 99%

Using machine learning and topic modeling to examine manifestos of violent attackers.

Petreca,

Burgess,

Wise

et al. 2024

Journal of Threat Assessment and Management

View full text Add to dashboard Cite

“…In the context of intelligent CTI data extraction, Sun et al [4] proposes an automatic approach to generate CTI data from open-source threat intelligence publishing platforms (i.e., any platform that shares IOCs or any other useful information about threats) using machine learning and natural language processing together with known threat intelligence background in order to achieve accurate and detailed CTI data that can, for example, feed a tool such as ours in order to help cyber security analysts on threat mitigation. In Preuveneers and Joosen [6], a similar problem was considered by authors when they proposed a solution to complement the sharing of IOCs using machine learning-based threat detection, and they demonstrated their proposed solution by implementing it on state-of-practice open-source CTI sharing and incident response platforms.…”

Section: Cti Main Challenges and Technical Improvementsmentioning

confidence: 99%

“…It is known that CTI must explore the collection while filtering, sharing and analyzing vulnerabilities in intel and threat data regardless of vendor, technology or source. For that, much research has been developed to address the collection and filtering of threat intelligence [4,5], as well as sharing and using that data to mitigate threats [6,7].…”

Section: Introductionmentioning

confidence: 99%

Methodological Framework to Collect, Process, Analyze and Visualize Cyber Threat Intelligence Data

et al. 2022

View full text Add to dashboard Cite

Cyber attacks have increased in frequency in recent years, affecting small, medium and large companies, creating an urgent need for tools capable of helping the mitigation of such threats. Thus, with the increasing number of cyber attacks, we have a large amount of threat data from heterogeneous sources that needs to be ingested, processed and analyzed in order to obtain useful insights for their mitigation. This study proposes a methodological framework to collect, organize, filter, share and visualize cyber-threat data to mitigate attacks and fix vulnerabilities, based on an eight-step cyber threat intelligence model with timeline visualization of threats information and analytic data insights. We developed a tool to address needs in which the cyber security analyst can insert threat data, analyze them and create a timeline to obtain insights and a better contextualization of a threat. Results show the facilitation of understanding the context in which the threats are inserted, rendering the mitigation of vulnerabilities more effective.

show abstract

An Automatic Generation Approach of the Cyber Threat Intelligence Records Based on Multi-Source Information Fusion

Cited by 24 publications

References 20 publications

Implementation of Network Data Mining Algorithm for Associated Users Based on Multi-Information Fusion

Implementation of Network Data Mining Algorithm for Associated Users Based on Multi-Information Fusion

Using machine learning and topic modeling to examine manifestos of violent attackers.

Methodological Framework to Collect, Process, Analyze and Visualize Cyber Threat Intelligence Data

Contact Info

Product

Resources

About