Abstract
With the rapidly evolving cyber attacks, cybersecurity specialists are actively using cyber threat intelligence to identify and respond to cyber attacks in a timely manner. However, this information will be highly useful for attack detection and mitigation if we can construct structured cyber threat intelligence and accurately generate TTP Chains to understand the steps of cyber attacks. In this poster, we present our preliminary Natural Language Processing (NLP) analysis to characterize the temporal relationship of attack actions of an APT attack to extract and construct the reported TTP chains using the popular standard, MITRE ATT&CK [1], and the Structured Sharing Language, STIX 2 [2], a machine-readable language that will help automate the process of understanding and responding to the cyber attacks shared in unstructured text via blogs, emails, and social media.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 6th Annual Symposium on Hot Topics in the Science of Security, HotSoS 2019 |
| Publisher | Association for Computing Machinery |
| ISBN (Electronic) | 9781450371476 |
| DOIs | |
| State | Published - 1 Apr 2019 |
| Externally published | Yes |
| Event | 6th Annual Symposium on Hot Topics in the Science of Security, HotSoS 2019 - Nashville, United States Duration: 1 Apr 2019 → 3 Apr 2019 |
Publication series
| Name | ACM International Conference Proceeding Series |
|---|
Conference
| Conference | 6th Annual Symposium on Hot Topics in the Science of Security, HotSoS 2019 |
|---|---|
| Country/Territory | United States |
| City | Nashville |
| Period | 1/04/19 → 3/04/19 |
Bibliographical note
Publisher Copyright:© 2019 Copyright held by the owner/author(s).
ASJC Scopus subject areas
- Software
- Human-Computer Interaction
- Computer Vision and Pattern Recognition
- Computer Networks and Communications