CyNER: A Cybersecurity Domain Specific Dataset for Named Entity Recognition

Thumbnail Image

Files

CyberEnt Poster.pdf (502.52 KB)

Links to Files

https://ebiquity.umbc.edu/paper/html/id/1022/CyNER-A-Cybersecurity-Domain-Specific-Dataset-for-Named-Entity-Recognition
 https://umbc.voicethread.com/share/19813519/

Permanent Link

http://hdl.handle.net/11603/25006

Collections

UMBC Computer Science and Electrical Engineering Department
UMBC Faculty Collection
UMBC Student Collection

Author/Creator

Author/Creator ORCID

https://orcid.org/0000-0002-6593-1792
 https://orcid.org/0000-0002-8641-3193

Date

2022-04-18

Type of Work

posters
audio recordings
Sound
Text

Department

Program

Citation of Original Publication

Rights

This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.

Subjects

UMBC Undergraduate Research and Creative Achievement Day
UMBC Ebiquity Research Group

Abstract

Named Entity Recognition (NER) is a critical component of automated knowledge extraction. It allows Natural Language Processing (NLP) models to label instances of real-world entities that are important in the context of the text. To be able to accomplish this, the NLP model needs to be trained on large corpora of human-annotated text. There are examples of general, domain-agonistic text corpora available, but they are not suited for fields such as cybersecurity, that require domain-specific text for downstream tasks such as malware analysis. NLP for cybersecurity is an emerging field, and there is a large need to develop community-accessible datasets to train existing AI-based cybersecurity pipelines to extract meaningful insights from Cyber Threat Intelligence (CTI). There are terabytes of CTI data that are disclosed on a daily basis, making it nearly impossible for human-analysts to manually sift through. The cybersecurity domain has limited training datasets available, as opposed to other domains such as Medicine or Law. We have created a large CTI corpus and are actively using it to train and test supervised and semi-supervised cybersecurity NER models using the SpaCy NLP Framework. In addition, we also aim to develop methods that allow continuous integration of incoming, up-to-date CTI information.