Recognizing and Extracting Cybersecurity Entities from Text

Thumbnail Image

Files

1152.pdf (485.37 KB)

Links to Files

https://arxiv.org/abs/2208.01693

Permanent Link

http://hdl.handle.net/11603/25196
 https://doi.org/10.48550/arXiv.2208.01693

Collections

UMBC Computer Science and Electrical Engineering Department
UMBC Faculty Collection
UMBC Student Collection

Author/Creator

Author/Creator ORCID

https://orcid.org/0000-0002-6593-1792
 https://orcid.org/0000-0002-8641-3193

Date

2022-08-02

Type of Work

conference papers and proceedings
preprints
Text

Department

Program

Citation of Original Publication

Rights

This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.
Attribution 4.0 International (CC BY 4.0)
https://creativecommons.org/licenses/by/4.0/

Subjects

UMBC Ebiquity Research Group

Abstract

Cyber Threat Intelligence (CTI) is information describing threat vectors, vulnerabilities, and attacks and is often used as training data for AI-based cyber defense systems such as Cybersecurity Knowledge Graphs (CKG). There is a strong need to develop community-accessible datasets to train existing AI-based cybersecurity pipelines to efficiently and accurately extract meaningful insights from CTI. We have created an initial unstructured CTI corpus from a variety of open sources that we are using to train and test cybersecurity entity models using the spaCy framework and exploring self-learning methods to automatically recognize cybersecurity entities. We also describe methods to apply cybersecurity domain entity linking with existing world knowledge from Wikidata. Our future work will survey and test spaCy NLP tools, and create methods for continuous integration of new information extracted from text.