2021 IEEE International Conference on Cyber Security and Resilience

Full Program

Summary:

The continuous increase in sophistication of threat actors over the years has made the use of actionable threat intelligence a critical part of the defence against them. Such Cyber Threat intelligence (CTI) is published daily on several online sources including vulnerability databases CERT feeds and social media as well as on forums and web pages from the Surface and the Dark Web. Named Entity Recognition (NER) techniques can be used to extract the aforementioned information in an actionable form from such sources. In this paper we investigate how the latest advances in the NER domain and in particular transformer-based models can facilitate this process. To this end the data set for NER in Threat Intelligence (DNRTI) containing more than 300 pieces of threat intelligence reports from the open source threat
intelligence websites is used. Our experimental results demonstrate that such techniques are very effective in extracting cybersecurity- related named entities by

Author(s):

Pavlos Evangelatos    
Information Technologies Institute, CERTH
Greece

Christos Iliou    
Information Technologies Institute, CERTH
Greece

Thanassis Mavropoulos    
Information Technologies Institute, CERTH
Greece

Konstantinos Apostolou    
Information Technologies Institute, CERTH
Greece

Theodora Tsikrika    
Information Technologies Institute, CERTH
Greece

Stefanos Vrochidis    
Information Technologies Institute, CERTH
Greece

Ioannis Kompatsiaris    
Information Technologies Institute, CERTH
Greece

 


Copyright © 2021 SUMMIT-TEC GROUP LTD