Feature Representation Models for Cyber Attack Event Extraction

Qiu, Xinying; Lin, Xiaoxin; Qiu, Likun

doi:10.1109/wiw.2016.020

Cited by 13 publications

(6 citation statements)

References 1 publication

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Besides, work [24] concentrated on extracting security components related to malware. Moreover, some existing work [14], [48] conducted a proof-of-concept to demonstrate that their approaches could cover more than one security event type. However, the security detail hidden in the text was not specified, which is hard to facilitate users' further genuine understanding of the security component.…”

Section: Rq1: What Is the Coverage Of Cybersecurity Pragmatics In Ter...mentioning

confidence: 99%

Cyber Information Retrieval Through Pragmatics Understanding and Visualization

Sun

Zhang

Gao

et al. 2023

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

The amount of cybersecurity-related information is extraordinarily increasing, given the fast-growing number of cybersecurity attacks and the significant influence brought by them. How to efficiently obtain and precisely understand the relevant knowledge in the sea of information on cybersecurity becomes a challenge. In this paper, we propose an innovative cybersecurity retrieval scheme that supports automatic indexing and searching of cybersecurity information based on semantic contents and hidden metadata. The proposed scheme leverages a customized neural model that incorporates new linguistic features and word embedding by identifying the entities related to cybersecurity incidents from the text. We implement a novel cybersecurity search engine to demonstrate effective, understandable and pragmatic cybersecurity information retrieval based on the proposed schema. Comprehensive performance evaluation over real-world datasets has been conducted to validate the new algorithms and techniques developed for cybersecurity information retrieval. The new engine makes it possible to conduct augmented search, cybersecurity analytics, and visualization, with the ultimate goal of providing direct and efficient results to help people obtain and truly understand cybersecurity information.

show abstract

Section: Rq1: What Is the Coverage Of Cybersecurity Pragmatics In Ter...mentioning

confidence: 99%

Cyber Information Retrieval Through Pragmatics Understanding and Visualization

Sun

Zhang

Gao

et al. 2023

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

show abstract

“…Finally, ED has been extensively studied in the literature (Liao and Grishman, 2010;Li et al, 2013;Grishman, 2015, 2016e;Chen et al, 2015;Nguyen et al, 2016g;Lu and Nguyen, 2018;Liu et al, 2016bLiu et al, , 2017Hong et al, 2018;Lai et al, 2020b), partly due to the availability of the large evaluation datasets (i.e., the ACE and TAC KBP datasets (Walker et al, 2006;Mitamura et al, 2015) for the general domains, and the BioNLP datasets (Kim et al, 2009) for the biomedical domain). The closest works to our in the cybersecurity domain involve (Qiu et al, 2016) to extract events on Chinese news, (Khandpur et al, 2017) to perform cyberattack detection on Twitter, and (Satyapanich et al, 2019;Satyapanich et al, 2020) to present the CASIE dataset for event extraction. However, these datasets contain less event types and cannot support the document-level information for the models as CySecED.…”

Section: Related Workmentioning

confidence: 99%

Introducing a New Dataset for Event Detection in Cybersecurity Texts

Trong¹,

Le²,

Veyseh³

et al. 2020

Proceedings of the 2020 Conference on Empirical Methods in Natural Language Processing (EMNLP)

View full text Add to dashboard Cite

Detecting cybersecurity events is necessary to keep us informed about the fast growing number of such events reported in text. In this work, we focus on the task of event detection (ED) to identify event trigger words for the cybersecurity domain. In particular, to facilitate the future research, we introduce a new dataset for this problem, characterizing the manual annotation for 30 important cybersecurity event types and a large dataset size to develop deep learning models. Comparing to the prior datasets for this task, our dataset involves more event types and supports the modeling of document-level information to improve the performance. We perform extensive evaluation with the current state-of-the-art methods for ED on the proposed dataset. Our experiments reveal the challenges of cybersecurity ED and present many research opportunities in this area for the future work.

show abstract

“…Kang et al [27] propose a network assessment framework to help cyber defenders better understand the global situation. Qiu et al [28] thoroughly analyze the relevant features of sentences to classify cyber attacks. They also pointed out that the trigger matching method is most suitable for event type detection, and the performance of the embedded word feature model trained with a large corpus is much better than other models.…”

Section: Cyber Threat Event Detectionmentioning

confidence: 99%

Detecting Cyber Threat Event from Twitter Using IDCNN and BiLSTM

et al. 2020

View full text Add to dashboard Cite

In the context of increasing cyber threats and attacks, monitoring and analyzing network security incidents in a timely and effective way is the key to ensuring network infrastructure security. As one of the world’s most popular social media sites, users post all kinds of messages on Twitter, from daily life to global news and political strategy. It can aggregate a large number of network security-related events promptly and provide a source of information flow about cyber threats. In this paper, for detecting cyber threat events on Twitter, we present a multi-task learning approach based on the natural language processing technology and machine learning algorithm of the Iterated Dilated Convolutional Neural Network (IDCNN) and Bidirectional Long Short-Term Memory (BiLSTM) to establish a highly accurate network model. Furthermore, we collect a network threat-related Twitter database from the public datasets to verify our model’s performance. The results show that the proposed model works well to detect cyber threat events from tweets and significantly outperform several baselines.

show abstract

Feature Representation Models for Cyber Attack Event Extraction

Cited by 13 publications

References 1 publication

Cyber Information Retrieval Through Pragmatics Understanding and Visualization

Cyber Information Retrieval Through Pragmatics Understanding and Visualization

Introducing a New Dataset for Event Detection in Cybersecurity Texts

Detecting Cyber Threat Event from Twitter Using IDCNN and BiLSTM

Contact Info

Product

Resources

About