A Framework for Developing Strategic Cyber Threat Intelligence from Advanced Persistent Threat Analysis Reports Using Graph-Based Algorithms DOI Open Access
Burak Gülbay, Mehmet Demirci

Published: July 17, 2024

Advanced persistent threat (APT) attacks are sophisticated and organized commonly motivated by political, financial, strategic objectives. In order to comprehend their tactics, techniques, procedures (TTP) indicators, APT reports valuable sources. While blue teams typically rely on server logs, firewall rules user authorizations managed in database tables, attackers have a graph-based mindset. this work, we propose framework for discovering evaluating APTs using algorithms. Cyber intelligence (CTI) was extracted from 40,358 pages of transformed into graph. Centrality, community, similarity analyses were executed the As result, critical influential groups indicators compromise (IoC) discovered. Similar revealed. Analysis results interpreted create new CTI that can be utilized future security operations.

Language: Английский

Multi-domain fusion for cargo UAV fault diagnosis knowledge graph construction DOI Creative Commons

Ao Xiao,

Wei Yan, Xumei Zhang

et al.

Autonomous Intelligent Systems, Journal Year: 2024, Volume and Issue: 4(1)

Published: June 21, 2024

Abstract The fault diagnosis of cargo UAVs (Unmanned Aerial Vehicles) is crucial to ensure the safety logistics distribution. In context smart logistics, new trend utilizing knowledge graph (KG) for gradually emerging, bringing opportunities improve efficiency and accuracy in era Industry 4.0. operating environment complex, their faults are typically closely related it. However, available data only considers maintenance data, making it difficult diagnose accurately. Moreover, existing KG suffers from problem confusing entity boundaries during extraction process, which leads lower efficiency. Therefore, a (FDKG) constructed based on multi-domain fusion incorporating an attention mechanism proposed. Firstly, ontology modeling realized concept analysis expression model multi-dimensional similarity calculation method UAVs. Secondly, multi-head added BERT-BILSTM-CRF network extraction, relationship performed through ERNIE, extracted triples stored Neo4j database. Finally, DJI UAV failure taken as example validation, results show that better than traditional model, precision rate, recall F1 value can reach 87.52%, 90.47%, 88.97%, respectively.

Language: Английский

Citations

2
A Framework for Developing Strategic Cyber Threat Intelligence from Advanced Persistent Threat Analysis Reports Using Graph-Based Algorithms DOI Open Access
Burak Gülbay, Mehmet Demirci

Published: July 17, 2024

Advanced persistent threat (APT) attacks are sophisticated and organized commonly motivated by political, financial, strategic objectives. In order to comprehend their tactics, techniques, procedures (TTP) indicators, APT reports valuable sources. While blue teams typically rely on server logs, firewall rules user authorizations managed in database tables, attackers have a graph-based mindset. this work, we propose framework for discovering evaluating APTs using algorithms. Cyber intelligence (CTI) was extracted from 40,358 pages of transformed into graph. Centrality, community, similarity analyses were executed the As result, critical influential groups indicators compromise (IoC) discovered. Similar revealed. Analysis results interpreted create new CTI that can be utilized future security operations.

Language: Английский

Citations

0