The Open Source Threat Intelligence Relational Dataset and Its Optimal Implementation

Yaru Yang; Junyu Li; Ronghua Zhang; Abhishek Pratap Sah; Amit Yadav; Asif Khan

doi:10.1109/APCIT62007.2024.10673527

The Open Source Threat Intelligence Relational Dataset and Its Optimal Implementation

Yaru Yang, Junyu Li, Ronghua Zhang, Abhishek Pratap Sah, Amit Yadav, Asif Khan

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper published in Proceedings › peer-review

Abstract

Threat intelligence provides a platform for cybersecurity engineers for attack traceability, which provides substantial knowledge database logs to defend against future security threats. Threat intelligence relationship extraction based on deep learning solves the challenge of threat knowledge construction to a certain extent but still faces problems such as lack of open-source datasets and the inability of the model to accurately correlate threat entities with potential relationships. Therefore, for cybersecurity research work, this paper designs a threat ontology, constructs the threat relationship dataset TreatRE by remote supervision, and opens this dataset. The dataset contains 12000 utterances and 12 threat relations from 500 CTIs, and it performs well in multiple relation models trained on deep learning methods. Meanwhile, we propose a multisensory attention-based threat intelligence relationship extraction method MAtt, which combines location perception, self-attention perception, and neuronal memory perception to further improve the threat relationship extraction effect. Experimental results show that the trained model based on TreatRE can more accurately extract the knowledge objects and their relationships described in threat intelligence. An accuracy score of 95.4% can be obtained using the MAtt method, which is 3.48% more than the best baseline compared with the same type of relationship extraction model.

Original language	English
Title of host publication	2024 Asia Pacific Conference on Innovation in Technology, APCIT 2024
Place of Publication	New York
Publisher	IEEE, Institute of Electrical and Electronics Engineers
Pages	1-6
Number of pages	6
Edition	1
ISBN (Electronic)	9798350361537
ISBN (Print)	9798350361544
DOIs	https://doi.org/10.1109/APCIT62007.2024.10673527
Publication status	Published - Sept 2024
Event	2024 Asia Pacific Conference on Innovation in Technology, APCIT 2024 - Mysore, India Duration: 26 Jul 2024 → 27 Jul 2024

Publication series

Name	2024 Asia Pacific Conference on Innovation in Technology, APCIT 2024

Conference

Conference	2024 Asia Pacific Conference on Innovation in Technology, APCIT 2024
Country/Territory	India
City	Mysore
Period	26/07/24 → 27/07/24

Bibliographical note

Publisher Copyright:
© 2024 IEEE.

Access to Document

10.1109/APCIT62007.2024.10673527

Cite this

Yang, Y., Li, J., Zhang, R., Sah, A. P., Yadav, A., & Khan, A. (2024). The Open Source Threat Intelligence Relational Dataset and Its Optimal Implementation. In 2024 Asia Pacific Conference on Innovation in Technology, APCIT 2024 (1 ed., pp. 1-6). Article 202724 (2024 Asia Pacific Conference on Innovation in Technology, APCIT 2024). IEEE, Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/APCIT62007.2024.10673527

@inproceedings{9c34703ad518479ba146136ded4f352c,

title = "The Open Source Threat Intelligence Relational Dataset and Its Optimal Implementation",

abstract = "Threat intelligence provides a platform for cybersecurity engineers for attack traceability, which provides substantial knowledge database logs to defend against future security threats. Threat intelligence relationship extraction based on deep learning solves the challenge of threat knowledge construction to a certain extent but still faces problems such as lack of open-source datasets and the inability of the model to accurately correlate threat entities with potential relationships. Therefore, for cybersecurity research work, this paper designs a threat ontology, constructs the threat relationship dataset TreatRE by remote supervision, and opens this dataset. The dataset contains 12000 utterances and 12 threat relations from 500 CTIs, and it performs well in multiple relation models trained on deep learning methods. Meanwhile, we propose a multisensory attention-based threat intelligence relationship extraction method MAtt, which combines location perception, self-attention perception, and neuronal memory perception to further improve the threat relationship extraction effect. Experimental results show that the trained model based on TreatRE can more accurately extract the knowledge objects and their relationships described in threat intelligence. An accuracy score of 95.4% can be obtained using the MAtt method, which is 3.48% more than the best baseline compared with the same type of relationship extraction model.",

keywords = "ontologies, relation extraction open source dataset, threat intelligence",

author = "Yaru Yang and Junyu Li and Ronghua Zhang and Sah, {Abhishek Pratap} and Amit Yadav and Asif Khan",

note = "Publisher Copyright: {\textcopyright} 2024 IEEE.; 2024 Asia Pacific Conference on Innovation in Technology, APCIT 2024 ; Conference date: 26-07-2024 Through 27-07-2024",

year = "2024",

month = sep,

doi = "10.1109/APCIT62007.2024.10673527",

language = "English",

isbn = "9798350361544",

series = "2024 Asia Pacific Conference on Innovation in Technology, APCIT 2024",

publisher = "IEEE, Institute of Electrical and Electronics Engineers",

pages = "1--6",

booktitle = "2024 Asia Pacific Conference on Innovation in Technology, APCIT 2024",

address = "United States",

edition = "1",

}

Yang, Y, Li, J, Zhang, R, Sah, AP, Yadav, A & Khan, A 2024, The Open Source Threat Intelligence Relational Dataset and Its Optimal Implementation. in 2024 Asia Pacific Conference on Innovation in Technology, APCIT 2024. 1 edn, 202724, 2024 Asia Pacific Conference on Innovation in Technology, APCIT 2024, IEEE, Institute of Electrical and Electronics Engineers, New York, pp. 1-6, 2024 Asia Pacific Conference on Innovation in Technology, APCIT 2024, Mysore, India, 26/07/24. https://doi.org/10.1109/APCIT62007.2024.10673527

The Open Source Threat Intelligence Relational Dataset and Its Optimal Implementation. / Yang, Yaru; Li, Junyu; Zhang, Ronghua et al.
2024 Asia Pacific Conference on Innovation in Technology, APCIT 2024. 1. ed. New York: IEEE, Institute of Electrical and Electronics Engineers, 2024. p. 1-6 202724 (2024 Asia Pacific Conference on Innovation in Technology, APCIT 2024).

Research output: Chapter in Book/Report/Conference proceeding › Conference Paper published in Proceedings › peer-review

TY - GEN

T1 - The Open Source Threat Intelligence Relational Dataset and Its Optimal Implementation

AU - Yang, Yaru

AU - Li, Junyu

AU - Zhang, Ronghua

AU - Sah, Abhishek Pratap

AU - Yadav, Amit

AU - Khan, Asif

PY - 2024/9

Y1 - 2024/9

N2 - Threat intelligence provides a platform for cybersecurity engineers for attack traceability, which provides substantial knowledge database logs to defend against future security threats. Threat intelligence relationship extraction based on deep learning solves the challenge of threat knowledge construction to a certain extent but still faces problems such as lack of open-source datasets and the inability of the model to accurately correlate threat entities with potential relationships. Therefore, for cybersecurity research work, this paper designs a threat ontology, constructs the threat relationship dataset TreatRE by remote supervision, and opens this dataset. The dataset contains 12000 utterances and 12 threat relations from 500 CTIs, and it performs well in multiple relation models trained on deep learning methods. Meanwhile, we propose a multisensory attention-based threat intelligence relationship extraction method MAtt, which combines location perception, self-attention perception, and neuronal memory perception to further improve the threat relationship extraction effect. Experimental results show that the trained model based on TreatRE can more accurately extract the knowledge objects and their relationships described in threat intelligence. An accuracy score of 95.4% can be obtained using the MAtt method, which is 3.48% more than the best baseline compared with the same type of relationship extraction model.

AB - Threat intelligence provides a platform for cybersecurity engineers for attack traceability, which provides substantial knowledge database logs to defend against future security threats. Threat intelligence relationship extraction based on deep learning solves the challenge of threat knowledge construction to a certain extent but still faces problems such as lack of open-source datasets and the inability of the model to accurately correlate threat entities with potential relationships. Therefore, for cybersecurity research work, this paper designs a threat ontology, constructs the threat relationship dataset TreatRE by remote supervision, and opens this dataset. The dataset contains 12000 utterances and 12 threat relations from 500 CTIs, and it performs well in multiple relation models trained on deep learning methods. Meanwhile, we propose a multisensory attention-based threat intelligence relationship extraction method MAtt, which combines location perception, self-attention perception, and neuronal memory perception to further improve the threat relationship extraction effect. Experimental results show that the trained model based on TreatRE can more accurately extract the knowledge objects and their relationships described in threat intelligence. An accuracy score of 95.4% can be obtained using the MAtt method, which is 3.48% more than the best baseline compared with the same type of relationship extraction model.

KW - ontologies

KW - relation extraction open source dataset

KW - threat intelligence

UR - http://www.scopus.com/inward/record.url?scp=85205568546&partnerID=8YFLogxK

U2 - 10.1109/APCIT62007.2024.10673527

DO - 10.1109/APCIT62007.2024.10673527

M3 - Conference Paper published in Proceedings

AN - SCOPUS:85205568546

SN - 9798350361544

T3 - 2024 Asia Pacific Conference on Innovation in Technology, APCIT 2024

SP - 1

EP - 6

BT - 2024 Asia Pacific Conference on Innovation in Technology, APCIT 2024

PB - IEEE, Institute of Electrical and Electronics Engineers

CY - New York

T2 - 2024 Asia Pacific Conference on Innovation in Technology, APCIT 2024

Y2 - 26 July 2024 through 27 July 2024

ER -

Yang Y, Li J, Zhang R, Sah AP, Yadav A, Khan A. The Open Source Threat Intelligence Relational Dataset and Its Optimal Implementation. In 2024 Asia Pacific Conference on Innovation in Technology, APCIT 2024. 1 ed. New York: IEEE, Institute of Electrical and Electronics Engineers. 2024. p. 1-6. 202724. (2024 Asia Pacific Conference on Innovation in Technology, APCIT 2024). doi: 10.1109/APCIT62007.2024.10673527

The Open Source Threat Intelligence Relational Dataset and Its Optimal Implementation

Abstract

Publication series

Conference

Bibliographical note

Access to Document

Other files and links

Fingerprint

Cite this