University of Twente Student Theses

Login

IOCMonitor: Automatic extraction of cyber threat intelligence from open source data using NLP and Machine Learning

García-Mauriño Taboada, Migue (2021) IOCMonitor: Automatic extraction of cyber threat intelligence from open source data using NLP and Machine Learning.

[img] PDF
3MB
Abstract:In cyber security, having reliable, updated information, in the form of indicators of compomise, is critical for enhancing security and resilience. This information can be found on publicly available sources such as social media and blog publications. However, those publications are meant for other people to read, thus they are written in natural language and cannot be easily parsed by a piece of software. Indicators of compromise usually have a specific format that allows using regular expressions to find them, at the cost of a large amount of false positives. This work presents IoCMonitor, a software system for IoC extraction that takes in account the text in which the IoC is presented and uses the context to validate it, in order to minimize the false positives. Experimental results show IoCMonitor performs well, with a high precision above 95%.
Item Type:Essay (Master)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science MSc (60300)
Link to this item:http://purl.utwente.nl/essays/88657
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page