An Automated Platform for Gathering and Managing Open-Source Cyber Threat Intelligence
Nidal A. Al-Dmour, Mohammad Kamrul Hasan, Masood Ajmal, Muhammad Ali, Iftikhar Naseer, Atif Ali, Hussam Al Hamadi, Nasir Ali
Abstract
The community has begun paying more attention to source OSCTI Cyber Threat Intelligence to stay informed about the rapidly changing cyber threat landscape. Numerous reports from the OSCTI frequently provide Information about dangers. However, current OSCTI gathering and management tools have mainly concentrated on individual minor compromise indicators, despite the urgent need for high-quality OSCTI. The relationship between higher-level notions (including the strategies, methods, and processes) and the connections between them, which hold crucial Information about dangerous behaviors and are crucial to revealing the full dangerous situation, have been disregarded. Therefore, we present SecurityKG, an automated OSCTI collection and administration system. SecurityKG collects OSCTI to extract high-fidelity knowledge about threat behaviours to address the void. Using a mixture of AI and NLP approaches, a security know-how graph is then constructed from a wide variety of sources. To facilitate knowledge graph exploration, SecurityKG provides a user interface (UI) that supports multiple forms of interactivity.