Automatic Identification of Indicators of Compromise using Neural-Based Sequence Labelling

10/24/2018
by   Shengping Zhou, et al.
6

Indicators of Compromise (IOCs) are artifacts observed on a network or in an operating system that can be utilized to indicate a computer intrusion and detect cyber-attacks in an early stage. Thus, they exert an important role in the field of cybersecurity. However, state-of-the-art IOCs detection systems rely heavily on hand-crafted features with expert knowledge of cybersecurity, and require a large amount of supervised training corpora to train an IOC classifier. In this paper, we propose using a neural-based sequence labelling model to identify IOCs automatically from reports on cybersecurity without expert knowledge of cybersecurity. Our work is the first to apply an end-to-end sequence labelling to the task in IOCs identification. By using an attention mechanism and several token spelling features, we find that the proposed model is capable of identifying the low frequency IOCs from long sentences contained in cybersecurity reports. Experiments show that the proposed model outperforms other sequence labelling models, achieving over 88

READ FULL TEXT

page 1

page 2

page 3

page 4

page 5

page 6

page 8

page 9

research
07/04/2019

Collecting Indicators of Compromise from Unstructured Text of Cybersecurity Articles using Neural-Based Sequence Labelling

Indicators of Compromise (IOCs) are artifacts observed on a network or i...
research
12/07/2013

End-to-end Phoneme Sequence Recognition using Convolutional Neural Networks

Most phoneme recognition state-of-the-art systems rely on a classical ne...
research
06/01/2019

How to best use Syntax in Semantic Role Labelling

There are many different ways in which external information might be use...
research
04/20/2017

Call Attention to Rumors: Deep Attention Based Recurrent Neural Networks for Early Rumor Detection

The proliferation of social media in communication and information disse...
research
05/21/2020

Evaluating Neural Morphological Taggers for Sanskrit

Neural sequence labelling approaches have achieved state of the art resu...
research
08/28/2018

Evaluating the Utility of Hand-crafted Features in Sequence Labelling

Conventional wisdom is that hand-crafted features are redundant for deep...
research
07/06/2021

SAGE: Intrusion Alert-driven Attack Graph Extractor

Attack graphs (AG) are used to assess pathways availed by cyber adversar...

Please sign up or login with your details

Forgot password? Click here to reset