{"title":"基于语义和拓扑信息加权融合的网络威胁指标关联预测","authors":"Yansong Wang, Bo Lang, Nan Xiao, Yikai Chen","doi":"10.1145/3579654.3579690","DOIUrl":null,"url":null,"abstract":"Nowadays, Cyber Threat Intelligence (CTI) has become increasingly important for detecting and defending against cyber threats. Researchers often construct CTI heterogeneous graphs to describe threat indicators and their associations. However, most existing link prediction methods of normal heterogeneous graphs show poor performance on CTI graphs, as they mainly focus on the topological features and ignore the attributes of the threat indicators. To address this limitation, this paper proposes Ctiap, a Cyber Threat Indicators Association Prediction model based on weighted fusion of the semantic and topological information. The model firstly aims at the semantic characteristics of threat indicators and the topology of CTI graph. We collected more than 20,000 samples through open web platforms to construct a real-word heterogeneous graph dataset of threat indicators. The experimental results show that the accuracy of our model reaches 93.08%, which is better than the state-of-the-art baseline methods.","PeriodicalId":146783,"journal":{"name":"Proceedings of the 2022 5th International Conference on Algorithms, Computing and Artificial Intelligence","volume":"15 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-12-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Cyber Threat Indicators Association Prediction Based on Weighted Fusion of Semantic and Topological Information\",\"authors\":\"Yansong Wang, Bo Lang, Nan Xiao, Yikai Chen\",\"doi\":\"10.1145/3579654.3579690\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Nowadays, Cyber Threat Intelligence (CTI) has become increasingly important for detecting and defending against cyber threats. Researchers often construct CTI heterogeneous graphs to describe threat indicators and their associations. However, most existing link prediction methods of normal heterogeneous graphs show poor performance on CTI graphs, as they mainly focus on the topological features and ignore the attributes of the threat indicators. To address this limitation, this paper proposes Ctiap, a Cyber Threat Indicators Association Prediction model based on weighted fusion of the semantic and topological information. The model firstly aims at the semantic characteristics of threat indicators and the topology of CTI graph. We collected more than 20,000 samples through open web platforms to construct a real-word heterogeneous graph dataset of threat indicators. The experimental results show that the accuracy of our model reaches 93.08%, which is better than the state-of-the-art baseline methods.\",\"PeriodicalId\":146783,\"journal\":{\"name\":\"Proceedings of the 2022 5th International Conference on Algorithms, Computing and Artificial Intelligence\",\"volume\":\"15 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-12-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2022 5th International Conference on Algorithms, Computing and Artificial Intelligence\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3579654.3579690\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2022 5th International Conference on Algorithms, Computing and Artificial Intelligence","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3579654.3579690","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Cyber Threat Indicators Association Prediction Based on Weighted Fusion of Semantic and Topological Information
Nowadays, Cyber Threat Intelligence (CTI) has become increasingly important for detecting and defending against cyber threats. Researchers often construct CTI heterogeneous graphs to describe threat indicators and their associations. However, most existing link prediction methods of normal heterogeneous graphs show poor performance on CTI graphs, as they mainly focus on the topological features and ignore the attributes of the threat indicators. To address this limitation, this paper proposes Ctiap, a Cyber Threat Indicators Association Prediction model based on weighted fusion of the semantic and topological information. The model firstly aims at the semantic characteristics of threat indicators and the topology of CTI graph. We collected more than 20,000 samples through open web platforms to construct a real-word heterogeneous graph dataset of threat indicators. The experimental results show that the accuracy of our model reaches 93.08%, which is better than the state-of-the-art baseline methods.