University of Twente Student Theses
IOCMonitor: Automatic extraction of cyber threat intelligence from open source data using NLP and Machine Learning
García-Mauriño Taboada, Migue (2021) IOCMonitor: Automatic extraction of cyber threat intelligence from open source data using NLP and Machine Learning.
PDF
3MB |
Abstract: | In cyber security, having reliable, updated information, in the form of indicators of compomise, is critical for enhancing security and resilience. This information can be found on publicly available sources such as social media and blog publications. However, those publications are meant for other people to read, thus they are written in natural language and cannot be easily parsed by a piece of software. Indicators of compromise usually have a specific format that allows using regular expressions to find them, at the cost of a large amount of false positives. This work presents IoCMonitor, a software system for IoC extraction that takes in account the text in which the IoC is presented and uses the context to validate it, in order to minimize the false positives. Experimental results show IoCMonitor performs well, with a high precision above 95%. |
Item Type: | Essay (Master) |
Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
Subject: | 54 computer science |
Programme: | Computer Science MSc (60300) |
Link to this item: | https://purl.utwente.nl/essays/88657 |
Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Repository Staff Only: item control page