Panos Panagiotou; Christos Iliou; Konstantinos Apostolou; Theodora Tsikrika; Stefanos Vrochidis; Periklis Chatzimisios; Ioannis Kompatsiaris
2021 IEEE International Conference on Cyber Security and Resilience (CSR)
cyber security, cyber threat intelligence, content selection, text classification, machine learning, NER
Nowadays, there is an increasing need for cyber security professionals to make use of tools that automatically extract Cyber Threat Intelligence (CTI) relying on information collected from relevant blogs and news sources that are publicly available. When such sources are used, an important part of the CTI extraction process is content selection, in which pages that do not contain CTI-related information should be filtered out. For this task, we apply supervised machine learning-based text classification techniques, trained on a new dataset created for the purposes of this work. Furthermore, we show in practice the importance of a good content selection process in a commonly used CTI extraction pipeline, by inspecting the results of the Named Entity Recognition (NER) process that normally follows.