Search: id:"swepub:oai:DiVA.org:uu-511773" >
MAS-CTI :
MAS-CTI : Machine Learning Assisted System for Cyber Threat Intelligence
-
- Wang, Han (author)
- RISE Research Institutes of Sweden
-
- Iacovazzi, Alfonso (author)
- RISE Research Institutes of Sweden
-
- Kim, Seonghyun (author)
- Ericsson AB
-
show more...
-
- Raza, Shahid, 1980- (author)
- RISE Research Institutes of Sweden
-
show less...
-
(creator_code:org_t)
- English.
- Related links:
-
https://urn.kb.se/re...
Abstract
Subject headings
Close
- Cyber Threat Intelligence (CTI) is a critical component of modern cybersecurity, providing organizations with essential information to detect, prevent, and respond to cyber threats. However, CTI data is often non-uniform, incomplete, and inconsistent, making it challenging to analyze and manage effectively. Machine Learning (ML) models offer a powerful solution to overcome these challenges, providing advanced tools for data processing, sharing, and analysis. In this paper, we present MAS-CTI, an extended version of the popular CTI platform MISP, leveraging the power of ML for CTI processing. In particular, we address three key challenges in the CTI domain: event type identification, threat ranking, and IoC correlation. Additionally, to address concerns regarding IoC confidentiality, we explore the application of Federated Learning (FL) for event identification. We have conducted extensive testing of the models on three public CTI datasets, and the results obtained demonstrate the potential of ML models to enhance CTI processing and analysis, with only a few exceptions.
Subject headings
- TEKNIK OCH TEKNOLOGIER -- Elektroteknik och elektronik (hsv//swe)
- ENGINEERING AND TECHNOLOGY -- Electrical Engineering, Electronic Engineering, Information Engineering (hsv//eng)
Keyword
- Machine Learning
- Cyber Threat Intelligence
- Federated Learning
- Learning to Rank
- MISP
Publication and Content Type
- vet (subject category)
- ovr (subject category)
To the university's database