面向网络威胁情报的命名实体识别方法

2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC) Pub Date : 2020-06-01 DOI:10.1109/ITNEC48623.2020.9085102

Han Wu, Xiaoyong Li, Yali Gao

{"title":"面向网络威胁情报的命名实体识别方法","authors":"Han Wu, Xiaoyong Li, Yali Gao","doi":"10.1109/ITNEC48623.2020.9085102","DOIUrl":null,"url":null,"abstract":"Traditional methods of domain named entity recognition (NER) rely on manually-defined feature templates and domain experience. Aiming at domain NER task of unstructured cyber threat intelligence (CTI), this paper proposed an approach based on BiLSTM-CRF model and domain dictionary matching correction. This approach utilizes bi-directional Long Short-Term Memory (BiLSTM) to automatically capture features of context, Conditional Random Fields (CRF) to learn label constraint rule, and an ontology-based domain dictionary for matching correction. Due to the lack of available domain dataset, this paper adopts the pre-processed unstructured CTI text as dataset for domain NER experiment. The experimental results show that the proposed approach reaches 85% in F1 score, and can significantly reduce reliance on manually-defined features.","PeriodicalId":235524,"journal":{"name":"2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"13","resultStr":"{\"title\":\"An Effective Approach of Named Entity Recognition for Cyber Threat Intelligence\",\"authors\":\"Han Wu, Xiaoyong Li, Yali Gao\",\"doi\":\"10.1109/ITNEC48623.2020.9085102\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Traditional methods of domain named entity recognition (NER) rely on manually-defined feature templates and domain experience. Aiming at domain NER task of unstructured cyber threat intelligence (CTI), this paper proposed an approach based on BiLSTM-CRF model and domain dictionary matching correction. This approach utilizes bi-directional Long Short-Term Memory (BiLSTM) to automatically capture features of context, Conditional Random Fields (CRF) to learn label constraint rule, and an ontology-based domain dictionary for matching correction. Due to the lack of available domain dataset, this paper adopts the pre-processed unstructured CTI text as dataset for domain NER experiment. The experimental results show that the proposed approach reaches 85% in F1 score, and can significantly reduce reliance on manually-defined features.\",\"PeriodicalId\":235524,\"journal\":{\"name\":\"2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"13\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ITNEC48623.2020.9085102\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ITNEC48623.2020.9085102","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 13

摘要

传统的域名实体识别方法依赖于人工定义的特征模板和领域经验。针对非结构化网络威胁情报(CTI)的领域NER任务，提出了一种基于BiLSTM-CRF模型和领域字典匹配校正的方法。该方法利用双向长短期记忆(BiLSTM)自动捕获上下文特征，利用条件随机场(CRF)学习标签约束规则，利用基于本体的领域字典进行匹配校正。由于缺乏可用的领域数据集，本文采用预处理后的非结构化CTI文本作为领域NER实验的数据集。实验结果表明，该方法F1得分达到85%，显著降低了对人工定义特征的依赖。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An Effective Approach of Named Entity Recognition for Cyber Threat Intelligence

Traditional methods of domain named entity recognition (NER) rely on manually-defined feature templates and domain experience. Aiming at domain NER task of unstructured cyber threat intelligence (CTI), this paper proposed an approach based on BiLSTM-CRF model and domain dictionary matching correction. This approach utilizes bi-directional Long Short-Term Memory (BiLSTM) to automatically capture features of context, Conditional Random Fields (CRF) to learn label constraint rule, and an ontology-based domain dictionary for matching correction. Due to the lack of available domain dataset, this paper adopts the pre-processed unstructured CTI text as dataset for domain NER experiment. The experimental results show that the proposed approach reaches 85% in F1 score, and can significantly reduce reliance on manually-defined features.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)

自引率

0.00%

发文量