A Web Semantic Mining Method for Fake Cybersecurity Threat Intelligence in Open Source Communities

International Journal on Semantic Web and Information Systems Pub Date : 2024-08-08 DOI:10.4018/ijswis.350095

Zhihua Li, Xinye Yu, Yukai Zhao

{"title":"A Web Semantic Mining Method for Fake Cybersecurity Threat Intelligence in Open Source Communities","authors":"Zhihua Li, Xinye Yu, Yukai Zhao","doi":"10.4018/ijswis.350095","DOIUrl":null,"url":null,"abstract":"In order to overcome the challenges of inadequate classification accuracy in existing fake cybersecurity threat intelligence mining methods and the lack of high-quality public datasets for training classification models, we propose a novel approach that significantly advances the field. We improved the attention mechanism and designed a generative adversarial network based on the improved attention mechanism to generate fake cybersecurity threat intelligence. Additionally, we refine text tokenization techniques and design a detection model to detect fake cybersecurity threats intelligence. Using our STIX-CTIs dataset, our method achieves a remarkable accuracy of 96.1%, outperforming current text classification models. Through the utilization of our generated fake cybersecurity threat intelligence, we successfully mimic data poisoning attacks within open-source communities. When paired with our detection model, this research not only improves detection accuracy but also provides a powerful tool for enhancing the security and integrity of open-source ecosystems.","PeriodicalId":508238,"journal":{"name":"International Journal on Semantic Web and Information Systems","volume":"22 2","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-08-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal on Semantic Web and Information Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/ijswis.350095","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

In order to overcome the challenges of inadequate classification accuracy in existing fake cybersecurity threat intelligence mining methods and the lack of high-quality public datasets for training classification models, we propose a novel approach that significantly advances the field. We improved the attention mechanism and designed a generative adversarial network based on the improved attention mechanism to generate fake cybersecurity threat intelligence. Additionally, we refine text tokenization techniques and design a detection model to detect fake cybersecurity threats intelligence. Using our STIX-CTIs dataset, our method achieves a remarkable accuracy of 96.1%, outperforming current text classification models. Through the utilization of our generated fake cybersecurity threat intelligence, we successfully mimic data poisoning attacks within open-source communities. When paired with our detection model, this research not only improves detection accuracy but also provides a powerful tool for enhancing the security and integrity of open-source ecosystems.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

开源社区中虚假网络安全威胁情报的网络语义挖掘方法

为了克服现有虚假网络安全威胁情报挖掘方法分类准确性不足和缺乏高质量公共数据集来训练分类模型的难题，我们提出了一种新方法，大大推动了该领域的发展。我们改进了注意力机制，并在改进的注意力机制基础上设计了生成式对抗网络，以生成虚假网络安全威胁情报。此外，我们还改进了文本标记化技术，并设计了一个检测模型来检测虚假网络安全威胁情报。利用 STIX-CTIs 数据集，我们的方法取得了 96.1% 的显著准确率，优于当前的文本分类模型。通过利用我们生成的虚假网络安全威胁情报，我们成功地模仿了开源社区内的数据中毒攻击。当与我们的检测模型搭配使用时，这项研究不仅提高了检测准确率，还为增强开源生态系统的安全性和完整性提供了强有力的工具。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

International Journal on Semantic Web and Information Systems

自引率

0.00%

发文量