Recognizing and Extracting Cybersecurtity-relevant Entities from Text
Casey Hanks, Michael Maiden, Priyanka Ranade, Tim Finin, Anupam Joshi
TL;DR
This paper presents the creation of a new unstructured CTI corpus and explores NLP methods for recognizing and linking cybersecurity entities to enhance AI-driven cyber defense systems.
Contribution
It introduces an initial CTI dataset and investigates spaCy-based models and self-learning techniques for cybersecurity entity recognition and linking.
Findings
Developed a new CTI corpus from open sources
Evaluated spaCy models for cybersecurity entity recognition
Explored entity linking with Wikidata
Abstract
Cyber Threat Intelligence (CTI) is information describing threat vectors, vulnerabilities, and attacks and is often used as training data for AI-based cyber defense systems such as Cybersecurity Knowledge Graphs (CKG). There is a strong need to develop community-accessible datasets to train existing AI-based cybersecurity pipelines to efficiently and accurately extract meaningful insights from CTI. We have created an initial unstructured CTI corpus from a variety of open sources that we are using to train and test cybersecurity entity models using the spaCy framework and exploring self-learning methods to automatically recognize cybersecurity entities. We also describe methods to apply cybersecurity domain entity linking with existing world knowledge from Wikidata. Our future work will survey and test spaCy NLP tools and create methods for continuous integration of new information…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsMisinformation and Its Impacts · Topic Modeling · Terrorism, Counterterrorism, and Political Violence
MethodsTest · Self-Learning