https://scholars.lib.ntu.edu.tw/handle/123456789/629921
Title: | Building Cybersecurity Ontology for Understanding and Reasoning Adversary Tactics and Techniques | Authors: | Huang, Chiao Cheng Huang, Pei Yu Kuo, Ying Ren Wong, Guo Wei Huang, Yi Ting YEALI SUN Chang Chen, Meng |
Keywords: | Cybersecurity | MITRE ATT&CK | Natural Language Processing | Ontology | OSINT | Issue Date: | 17-Dec-2022 | Publisher: | Institute of Electrical and Electronics Engineers Inc. | Start page/Pages: | 4266 - 4274 | Source: | Proceedings - 2022 IEEE International Conference on Big Data, Big Data 2022 | Conference: | 2022 IEEE International Conference on Big Data, 17-20 December 2022 | Abstract: | Cyber threats have become more prevalent than ever. Cyber Threat Intelligence (CTI) reports and MITRE ATTCK® framework play an imperative role in helping experts and organizations assess current and potential attacks, such as Advanced Persistent Threats (APT). However, the task of extracting valuable information from unstructured texts remains an ongoing challenge. In this work, we present a framework for understanding and reasoning adversary tactics and techniques. We construct an ontology structure and propose an automatic information extraction method that is capable of integrating the parsed information from CTI reports into each instance. The ontology is represented in the Web Ontology Language (OWL) accessible with the SPARQL query language. Our evaluation shows that the proposed information extraction method outperforms other state-of-the-art neural network-based methods in terms of precision. Furthermore, our framework can effectively infer adversary information, which efficiently supports security analysts recognize tactics and techniques. |
Description: | Conference Location: Osaka, Japan |
URI: | https://scholars.lib.ntu.edu.tw/handle/123456789/629921 | ISBN: | 9781665480451 | DOI: | 10.1109/BigData55660.2022.10021134 |
Appears in Collections: | 資訊管理學系 |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.