Relation Extraction Techniques in Cyber Threat Intelligence

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216208%3A11320%2F25%3AJQI322CG" target="_blank" >RIV/00216208:11320/25:JQI322CG - isvavai.cz</a>

Výsledek na webu

<a href="https://www.scopus.com/inward/record.uri?eid=2-s2.0-85205348424&doi=10.1007%2f978-3-031-70239-6_24&partnerID=40&md5=18066e24e82a217d1272c0a3ba676677" target="_blank" >https://www.scopus.com/inward/record.uri?eid=2-s2.0-85205348424&doi=10.1007%2f978-3-031-70239-6_24&partnerID=40&md5=18066e24e82a217d1272c0a3ba676677</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1007/978-3-031-70239-6_24" target="_blank" >10.1007/978-3-031-70239-6_24</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Relation Extraction Techniques in Cyber Threat Intelligence

Popis výsledku v původním jazyce

Cyber Threat Intelligence (CTI) provides a structured and interconnected model for threat information through Cybersecurity Knowledge Graphs. This allows researchers and practitioners to represent and organize complex relationships and entities in a more coherent form. Above all, the discovery of hidden relationships between different CTI entities, such as threat actors, malware, infrastructure, and attacks, is becoming a crucial task in this domain, facilitating proactive defense measures and helping to identify Tactics, Techniques, and Procedures (TTPs) employed by malicious parties. In this paper, we provide a Systematization of Knowledge (SoK) to analyze the existing literature and give insights into the important CTI task of Relation Extraction. In particular, we design a categorization of the relations used in CTI; we analyze the techniques employed for their extraction, the emerging trends and open issues in this context, and the main future directions. This work provides a novel and fresh perspective that can help the reader understand how relationships among entities can be schematized to provide a better view of the cyber threat landscape. © The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.

Název v anglickém jazyce

Relation Extraction Techniques in Cyber Threat Intelligence

Popis výsledku anglicky

Cyber Threat Intelligence (CTI) provides a structured and interconnected model for threat information through Cybersecurity Knowledge Graphs. This allows researchers and practitioners to represent and organize complex relationships and entities in a more coherent form. Above all, the discovery of hidden relationships between different CTI entities, such as threat actors, malware, infrastructure, and attacks, is becoming a crucial task in this domain, facilitating proactive defense measures and helping to identify Tactics, Techniques, and Procedures (TTPs) employed by malicious parties. In this paper, we provide a Systematization of Knowledge (SoK) to analyze the existing literature and give insights into the important CTI task of Relation Extraction. In particular, we design a categorization of the relations used in CTI; we analyze the techniques employed for their extraction, the emerging trends and open issues in this context, and the main future directions. This work provides a novel and fresh perspective that can help the reader understand how relationships among entities can be schematized to provide a better view of the cyber threat landscape. © The Author(s), under exclusive license to Springer Nature Switzerland AG 2024.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

—

Návaznosti

—

Rok uplatnění

2024

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Lect. Notes Comput. Sci.

ISBN

978-303170238-9

ISSN

0302-9743

e-ISSN

—

Počet stran výsledku

16

Strana od-do

348-363

Název nakladatele

Springer Science and Business Media Deutschland GmbH

Místo vydání

—

Místo konání akce

Turin, Italy

Datum konání akce

1. 1. 2025

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—