潜在Dirichlet分配
计算机科学
潜在语义分析
过程(计算)
鉴定(生物学)
政府(语言学)
搜索引擎索引
情绪分析
主题模型
情报检索
计算机安全
数据科学
人工智能
作者
Aaruni Upadhyay,Samira Eisaloo Gharghasheh,Sanaz Nakhodchi
出处
期刊:Springer International Publishing eBooks
[Springer Nature]
日期:2022-01-01
卷期号:: 239-252
标识
DOI:10.1007/978-3-030-74753-4_16
摘要
We are seeing a constant increase in the number of cyberattacks with both monetary and political motives behind them. As such it becomes crucial to identify Advanced Persistent Threats (APT) groups for future risk mitigation by both business and government. Multiple vendors like McAfee and Kaspersky periodically release reports on these APT groups that are absorbed by the security analysts worldwide. These reports identify the Tactics, Techniques, and Procedures (TTPs) used by the threat actors to carry out their operation. One important information to distill from these APT reports is the different stages of operation used by these APT groups. One such framework for classification of various stages in a cyberattack is Cyber Kill Chain (CKC) which was developed by Lockheed Martin to study and differentiate the various cyberattacks.Usually the process of identification of CKC stages in APT reports is a manual and time taking process. In this paper we have proposed the use of semantic search using Latent Semantic Indexing (LSI) and Latent Dirichlet Allocation (LDA) to automatically extract CKC stages from unstructured APT reports. We then compare our results with an existing research that has done such classification manually.
科研通智能强力驱动
Strongly Powered by AbleSci AI