Automatic Mapping of Unstructured Cyber Threat Intelligence: An Experimental Study. (arXiv:2208.12144v1 [cs.CR])

Proactive approaches to security, such as adversary emulation, leverage
information about threat actors and their techniques (Cyber Threat
Intelligence, CTI). However, most CTI still comes in unstructured forms (i.e.,
natural language), such as incident reports and leaked documents. To support
proactive security efforts, we present an experimental study on the automatic
classification of unstructured CTI into attack techniques using machine
learning (ML). We contribute with two new datasets for CTI analysis, and we
evaluate several ML models, including both traditional …

arxiv cyber cyber threat experimental intelligence mapping study threat intelligence