Published July 28, 2021 | Version v1
Conference paper Open

Towards Selecting Informative Content for Cyber Threat Intelligence

Creators

  • 1. Information Technologies Institute, CERTH, Thessaloniki, Greece, School of Science & Technology, International Hellenic University, Thessaloniki, Greece
  • 2. Information Technologies Institute, CERTH, Thessaloniki, Greece
  • 3. School of Science & Technology, International Hellenic University, Thessaloniki, Greece

Description

Nowadays, there is an increasing need for cyber security professionals to make use of tools that automatically extract Cyber Threat Intelligence (CTI) relying on information collected from relevant blogs and news sources that are publicly available. When such sources are used, an important part of the CTI extraction process is content selection, in which pages that do not contain CTI-related information should be filtered out. For this task, we apply supervised machine learning-based text classification techniques, trained on a new dataset created for the purposes of this work. Furthermore, we show in practice the importance of a good content selection process in a commonly used CTI extraction pipeline, by inspecting the results of the Named Entity Recognition (NER) process that normally follows.

Notes

This is the accepted version of the paper. The final version of the paper can be found at https://ieeexplore.ieee.org/abstract/document/9527909

Files

2021_IEEE_CSR_ACTI_Towards_Selecting_Informative_Content_for_CTI.pdf

Files (155.6 kB)

Additional details

Funding

European Commission
FORESIGHT – Advanced cyber-security simulation platform for preparedness training in Aviation, Naval and Power-grid environments 833673
European Commission
ECHO – European network of Cybersecurity centres and competence Hub for innovation and Operations 830943