English
Related papers

Related papers: AttacKG: Constructing Technique Knowledge Graph fr…

200 papers

The construction of attack technique knowledge graphs aims to transform various types of attack knowledge into structured representations for more effective attack procedure modeling. Existing methods typically rely on textual data, such as…

Cryptography and Security · Computer Science 2024-11-14 Jian Wang , Tiantian Zhu , Chunlin Xiong , Yan Chen

Attack knowledge graph construction seeks to convert textual cyber threat intelligence (CTI) reports into structured representations, portraying the evolutionary traces of cyber attacks. Even though previous research has proposed various…

Cryptography and Security · Computer Science 2024-05-09 Yongheng Zhang , Tingwen Du , Yunshan Ma , Xiang Wang , Yi Xie , Guozheng Yang , Yuliang Lu , Ee-Chien Chang

Cyber Threat Intelligence (CTI) parsing aims to extract key threat information from massive data, transform it into actionable intelligence, enhance threat detection and defense efficiency, including attack graph construction, intelligence…

Cryptography and Security · Computer Science 2025-06-23 Yongheng Zhang , Xinyun Zhao , Yunshan Ma , Haokai Ma , Yingxiao Guan , Guozheng Yang , Yuliang Lu , Xiang Wang

Cybersecurity Knowledge Graphs (CKGs) unify diverse Cyber Threat Intelligence (CTI) sources into structured, queryable formats, offering scalable solutions for automating proactive and real-time security responses. Their increasing adoption…

Machine Learning · Computer Science 2026-05-18 Inoussa Mouiche , sherif Saad

Cyber Threat Intelligence (CTI) reports are factual records compiled by security analysts through their observations of threat events or their own practical experience with attacks. In order to utilize CTI reports for attack detection,…

Cryptography and Security · Computer Science 2024-10-16 Wenrui Cheng , Tiantian Zhu , Tieming Chen , Qixuan Yuan , Jie Ying , Hongmei Li , Chunlin Xiong , Mingda Li , Mingqi Lv , Yan Chen

Textual descriptions in cyber threat intelligence (CTI) reports, such as security articles and news, are rich sources of knowledge about cyber threats, crucial for organizations to stay informed about the rapidly evolving threat landscape.…

Cryptography and Security · Computer Science 2025-04-22 Yutong Cheng , Osama Bajaber , Saimon Amanuel Tsegai , Dawn Song , Peng Gao

Open-source cyber threat intelligence (OSCTI) has become essential for keeping up with the rapidly changing threat landscape. However, current OSCTI gathering and management solutions mainly focus on structured Indicators of Compromise…

Cryptography and Security · Computer Science 2024-11-01 Peng Gao , Xiaoyuan Liu , Edward Choi , Sibo Ma , Xinyu Yang , Dawn Song

Over the last years, threat intelligence sharing has steadily grown, leading cybersecurity professionals to access increasingly larger amounts of heterogeneous data. Among those, cyber attacks' Tactics, Techniques and Procedures (TTPs) have…

Cryptography and Security · Computer Science 2020-04-30 Valentine Legoy , Marco Caselli , Christin Seifert , Andreas Peter

Threat intelligence on malware attacks and campaigns is increasingly being shared with other security experts for a cost or for free. Other security analysts use this intelligence to inform them of indicators of compromise, attack…

Cryptography and Security · Computer Science 2023-01-20 Nidhi Rastogi , Sharmishtha Dutta , Mohammed J. Zaki , Alex Gittens , Charu Aggarwal

To remain aware of the fast-evolving cyber threat landscape, open-source Cyber Threat Intelligence (OSCTI) has received growing attention from the community. Commonly, knowledge about threats is presented in a vast number of OSCTI reports.…

Cryptography and Security · Computer Science 2021-03-02 Peng Gao , Xiaoyuan Liu , Edward Choi , Bhavna Soman , Chinmaya Mishra , Kate Farris , Dawn Song

High-level natural language knowledge in CTI reports, such as the ATT&CK framework, is beneficial to counter APT attacks. However, how to automatically apply the high-level knowledge in CTI reports in realistic attack detection systems,…

Cryptography and Security · Computer Science 2025-09-09 Yuhan Meng , Shaofei Li , Jiaping Gui , Peng Jiang , Ding Li

Cyber threat intelligence (CTI) analysts must answer complex questions over large collections of narrative security reports. Retrieval-augmented generation (RAG) systems help language models access external knowledge, but traditional vector…

Artificial Intelligence · Computer Science 2026-04-14 Dzenan Hamzic , Florian Skopik , Max Landauer , Markus Wurzenberger , Andreas Rauber

This work evaluates the performance of Cyber Threat Intelligence (CTI) extraction methods in identifying attack techniques from threat reports available on the web using the MITRE ATT&CK framework. We analyse four configurations utilising…

Cryptography and Security · Computer Science 2025-05-07 Hoang Cuong Nguyen , Shahroz Tariq , Mohan Baruwal Chhetri , Bao Quoc Vo

Cyber threats are constantly evolving. Extracting actionable insights from unstructured Cyber Threat Intelligence (CTI) data is essential to guide cybersecurity decisions. Increasingly, organizations like Microsoft, Trend Micro, and…

Cryptography and Security · Computer Science 2024-07-04 Romy Fieblinger , Md Tanvirul Alam , Nidhi Rastogi

Cyber threat intelligence (CTI) is a crucial tool to prevent sophisticated, organized, and weaponized cyber attacks. However, few studies have focused on the credibility assessment of CTI, and this work still requires manual analysis by…

Cryptography and Security · Computer Science 2025-07-28 Zongzong Wu , Fengxiao Tang , Ming Zhao , Yufeng Li

Cyber Threat Intelligence (CTI) plays a crucial role in assessing risks and enhancing security for organizations. However, the process of extracting relevant information from unstructured text sources can be expensive and time-consuming.…

Context: Cybersecurity vendors often publish cyber threat intelligence (CTI) reports, referring to the written artifacts on technical and forensic analysis of the techniques used by the malware in APT attacks. Objective: The goal of this…

Cryptography and Security · Computer Science 2024-01-04 Md Rayhanur Rahman , Setu Kumar Basak , Rezvan Mahdavi Hezaveh , Laurie Williams

Large-scale cyberattacks, referred to as campaigns, are documented across multiple CTI reports from diverse sources, with some providing a high-level overview of attack techniques and others providing technical details. Extracting attack…

Software Engineering · Computer Science 2026-04-10 Md Nazmul Haque , Sivana Hamer , Brandon Wroblewski , Md Rayhanur Rahman , Laurie Williams

The knowledge on attacks contained in Cyber Threat Intelligence (CTI) reports is very important to effectively identify and quickly respond to cyber threats. However, this knowledge is often embedded in large amounts of text, and therefore…

Cryptography and Security · Computer Science 2021-04-20 Kiavash Satvat , Rigel Gjomemo , V. N. Venkatakrishnan

The cyberthreat landscape is continuously evolving. Hence, continuous monitoring and sharing of threat intelligence have become a priority for organizations. Threat reports, published by cybersecurity vendors, contain detailed descriptions…

Cryptography and Security · Computer Science 2022-10-07 Md Rayhanur Rahman , Laurie Williams
‹ Prev 1 2 3 10 Next ›