利用黑客漏洞标签创建前瞻性网络威胁情报:深度迁移学习方法

IF 7 2区 管理学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS
Benjamin M. Ampel, Sagar Samtani, Hongyi Zhu, Hsinchun Chen
{"title":"利用黑客漏洞标签创建前瞻性网络威胁情报:深度迁移学习方法","authors":"Benjamin M. Ampel, Sagar Samtani, Hongyi Zhu, Hsinchun Chen","doi":"10.25300/misq/2023/17316","DOIUrl":null,"url":null,"abstract":"<style>#html-body [data-pb-style=YM00THS]{justify-content:flex-start;display:flex;flex-direction:column;background-position:left top;background-size:cover;background-repeat:no-repeat;background-attachment:scroll}</style>The rapid proliferation of complex information systems has been met by an ever-increasing quantity of exploits that can cause irreparable cyber breaches. To mitigate these cyber threats, academia and industry have placed a significant focus on proactively identifying and labeling exploits developed by the international hacker community. However, prevailing approaches for labeling exploits in hacker forums do not leverage metadata from exploit darknet markets or public exploit repositories to enhance labeling performance. In this study, we adopted the computational design science paradigm to develop a novel information technology artifact, the deep transfer learning exploit labeler (DTL-EL). DTL-EL incorporates a pre-initialization design, multi-layer deep transfer learning (DTL), and a self-attention mechanism to automatically label exploits in hacker forums. We rigorously evaluated the proposed DTL-EL against state-of-the-art non-DTL benchmark methods based in classical machine learning and deep learning. Results suggest that the proposed DTL-EL significantly outperforms benchmark methods based on accuracy, precision, recall, and F1-score. Our proposed DTL-EL framework provides important practical implications for key stakeholders such as cybersecurity managers, analysts, and educators.","PeriodicalId":49807,"journal":{"name":"Mis Quarterly","volume":"66 4 1","pages":""},"PeriodicalIF":7.0000,"publicationDate":"2024-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Creating Proactive Cyber Threat Intelligence with Hacker Exploit Labels: A Deep Transfer Learning Approach\",\"authors\":\"Benjamin M. Ampel, Sagar Samtani, Hongyi Zhu, Hsinchun Chen\",\"doi\":\"10.25300/misq/2023/17316\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<style>#html-body [data-pb-style=YM00THS]{justify-content:flex-start;display:flex;flex-direction:column;background-position:left top;background-size:cover;background-repeat:no-repeat;background-attachment:scroll}</style>The rapid proliferation of complex information systems has been met by an ever-increasing quantity of exploits that can cause irreparable cyber breaches. To mitigate these cyber threats, academia and industry have placed a significant focus on proactively identifying and labeling exploits developed by the international hacker community. However, prevailing approaches for labeling exploits in hacker forums do not leverage metadata from exploit darknet markets or public exploit repositories to enhance labeling performance. In this study, we adopted the computational design science paradigm to develop a novel information technology artifact, the deep transfer learning exploit labeler (DTL-EL). DTL-EL incorporates a pre-initialization design, multi-layer deep transfer learning (DTL), and a self-attention mechanism to automatically label exploits in hacker forums. We rigorously evaluated the proposed DTL-EL against state-of-the-art non-DTL benchmark methods based in classical machine learning and deep learning. Results suggest that the proposed DTL-EL significantly outperforms benchmark methods based on accuracy, precision, recall, and F1-score. Our proposed DTL-EL framework provides important practical implications for key stakeholders such as cybersecurity managers, analysts, and educators.\",\"PeriodicalId\":49807,\"journal\":{\"name\":\"Mis Quarterly\",\"volume\":\"66 4 1\",\"pages\":\"\"},\"PeriodicalIF\":7.0000,\"publicationDate\":\"2024-03-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Mis Quarterly\",\"FirstCategoryId\":\"91\",\"ListUrlMain\":\"https://doi.org/10.25300/misq/2023/17316\",\"RegionNum\":2,\"RegionCategory\":\"管理学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Mis Quarterly","FirstCategoryId":"91","ListUrlMain":"https://doi.org/10.25300/misq/2023/17316","RegionNum":2,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

#html-body[data-pb-style=YM00THS]{justify-content:flex-start;display:flex;flex-direction:column;background-position:left-top;background-size:cover;background-repeat:no-repeat;background-attachment:scroll}随着复杂信息系统的迅速发展,可造成不可挽回的网络漏洞的漏洞数量也在不断增加。为了减轻这些网络威胁,学术界和工业界都非常重视主动识别和标记国际黑客社区开发的漏洞。然而,对黑客论坛中的漏洞进行标注的主流方法并没有利用漏洞暗网市场或公共漏洞库中的元数据来提高标注性能。在本研究中,我们采用计算设计科学范式开发了一种新型信息技术工具--深度转移学习漏洞利用标签器(DTL-EL)。DTL-EL 融合了预初始化设计、多层深度迁移学习(DTL)和自我关注机制,可自动标记黑客论坛中的漏洞。我们对照基于经典机器学习和深度学习的最先进的非DTL基准方法,对所提出的DTL-EL进行了严格评估。结果表明,基于准确度、精确度、召回率和 F1 分数,拟议的 DTL-EL 明显优于基准方法。我们提出的 DTL-EL 框架为网络安全管理人员、分析师和教育工作者等关键利益相关者提供了重要的实际意义。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Creating Proactive Cyber Threat Intelligence with Hacker Exploit Labels: A Deep Transfer Learning Approach
The rapid proliferation of complex information systems has been met by an ever-increasing quantity of exploits that can cause irreparable cyber breaches. To mitigate these cyber threats, academia and industry have placed a significant focus on proactively identifying and labeling exploits developed by the international hacker community. However, prevailing approaches for labeling exploits in hacker forums do not leverage metadata from exploit darknet markets or public exploit repositories to enhance labeling performance. In this study, we adopted the computational design science paradigm to develop a novel information technology artifact, the deep transfer learning exploit labeler (DTL-EL). DTL-EL incorporates a pre-initialization design, multi-layer deep transfer learning (DTL), and a self-attention mechanism to automatically label exploits in hacker forums. We rigorously evaluated the proposed DTL-EL against state-of-the-art non-DTL benchmark methods based in classical machine learning and deep learning. Results suggest that the proposed DTL-EL significantly outperforms benchmark methods based on accuracy, precision, recall, and F1-score. Our proposed DTL-EL framework provides important practical implications for key stakeholders such as cybersecurity managers, analysts, and educators.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Mis Quarterly
Mis Quarterly 工程技术-计算机:信息系统
CiteScore
13.30
自引率
4.10%
发文量
36
审稿时长
6-12 weeks
期刊介绍: Journal Name: MIS Quarterly Editorial Objective: The editorial objective of MIS Quarterly is focused on: Enhancing and communicating knowledge related to: Development of IT-based services Management of IT resources Use, impact, and economics of IT with managerial, organizational, and societal implications Addressing professional issues affecting the Information Systems (IS) field as a whole Key Focus Areas: Development of IT-based services Management of IT resources Use, impact, and economics of IT with managerial, organizational, and societal implications Professional issues affecting the IS field as a whole
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信