Go to DBLP homepageSemi-Automated Information Extraction from Unstructured Threat Advisories
Abstract: One of the fundamental challenges for information officers of most organizations today is the growing number of cyber security threats. This has led to an emerging field of Cyber Threat Intelligence, which is a mechanism to acquire, categorize and prioritize information regarding impending security threats from disparate online sources, enabling organizations to take the necessary steps to avoid compromising client data and protecting their hardware and software resources. Such information is published as formal security advisories which are largely in the form of unstructured or semi structured data. In this work we describe an approach to read large volume of such unstructured data and automatically extract useful nuggets of information like the exploit targets, techniques for the exploitation and recommended prevention guidelines. We use natural language processing techniques and a pattern identification framework to extract these information nuggets. We present some early results and observations.
Loading