Abstract:
Cyberattacks are more organized, persistent, and weaponized. Faced with this situation, a growing number of organizations worldwide are willing to leverage the open exchange of cyber threat intelligence (CTI) to get a full picture of the fast-evolving cyber threat situation and protect themselves from cyberattacks.
CTI’s explicit and implicit relationships and heterogeneity of cyber-threat infrastructure nodes make modeling difficult. Automatically identifying the threat type of CTI cyber threat infrastructure nodes for early warning is difficult due to their limited labels. HinCTI models cyber threat intelligence and classifies threats to address these issues.
To show infrastructure node semantic relatedness, we create a threat intelligence meta-schema. We model cyber threat intelligence on heterogeneous information network (HIN), which can integrate different infrastructure nodes and rich relations between them.
Next, we define a meta-path and meta-graph instances-based threat Infrastructure similarity (MIIS) measure between threat infrastructure nodes and present a heterogeneous graph convolutional network (GCN) approach to identify CTI threat types. Our hierarchical regularization strategy reduces overfitting and improves infrastructure node threat type identification.
To our knowledge, this is the first to model CTI on HIN for threat identification and propose a heterogeneous GCN-based approach for infrastructure node threat type identification. Comprehensive experiments on real-world datasets show that HinCTI can significantly improve threat type identification compared to state-of-the-art baseline methods. Our work saves security analysts time and protects companies from cyberattacks.
Note: Please discuss with our team before submitting this abstract to the college. This Abstract or Synopsis varies based on student project requirements.
Did you like this final year project?
To download this project Code with thesis report and project training... Click Here
