Author
Panos Panagiotou; Christos Iliou; Konstantinos Apostolou; Theodora Tsikrika; Stefanos Vrochidis; Periklis Chatzimisios; Ioannis Kompatsiaris
Published in
2021 IEEE International Conference on Cyber Security and Resilience (CSR)
Keywords
cyber security, cyber threat intelligence, content selection, text classification, machine learning, NER
Open Access
YES
Abstract
Nowadays, there is an increasing need for cyber security professionals to make use of tools that automatically extract Cyber Threat Intelligence (CTI) relying on information collected from relevant blogs and news sources that are publicly available. When such sources are used, an important part of the CTI extraction process is content selection, in which pages that do not contain CTI-related information should be filtered out. For this task, we apply supervised machine learning-based text classification techniques, trained on a new dataset created for the purposes of this work. Furthermore, we show in practice the importance of a good content selection process in a commonly used CTI extraction pipeline, by inspecting the results of the Named Entity Recognition (NER) process that normally follows.