Sökning: onr:"swepub:oai:DiVA.org:uu-511773" >
MAS-CTI :
MAS-CTI : Machine Learning Assisted System for Cyber Threat Intelligence
-
- Wang, Han (författare)
- RISE Research Institutes of Sweden
-
- Iacovazzi, Alfonso (författare)
- RISE Research Institutes of Sweden
-
- Kim, Seonghyun (författare)
- Ericsson AB
-
visa fler...
-
- Raza, Shahid, 1980- (författare)
- RISE Research Institutes of Sweden
-
visa färre...
-
(creator_code:org_t)
- Engelska.
- Relaterad länk:
-
https://urn.kb.se/re...
Abstract
Ämnesord
Stäng
- Cyber Threat Intelligence (CTI) is a critical component of modern cybersecurity, providing organizations with essential information to detect, prevent, and respond to cyber threats. However, CTI data is often non-uniform, incomplete, and inconsistent, making it challenging to analyze and manage effectively. Machine Learning (ML) models offer a powerful solution to overcome these challenges, providing advanced tools for data processing, sharing, and analysis. In this paper, we present MAS-CTI, an extended version of the popular CTI platform MISP, leveraging the power of ML for CTI processing. In particular, we address three key challenges in the CTI domain: event type identification, threat ranking, and IoC correlation. Additionally, to address concerns regarding IoC confidentiality, we explore the application of Federated Learning (FL) for event identification. We have conducted extensive testing of the models on three public CTI datasets, and the results obtained demonstrate the potential of ML models to enhance CTI processing and analysis, with only a few exceptions.
Ämnesord
- TEKNIK OCH TEKNOLOGIER -- Elektroteknik och elektronik (hsv//swe)
- ENGINEERING AND TECHNOLOGY -- Electrical Engineering, Electronic Engineering, Information Engineering (hsv//eng)
Nyckelord
- Machine Learning
- Cyber Threat Intelligence
- Federated Learning
- Learning to Rank
- MISP
Publikations- och innehållstyp
- vet (ämneskategori)
- ovr (ämneskategori)