Partition-then-Overlap Method for Labeling Cyber Threat Intelligence Reports by Topics over Time

Ryusei NAGASAWA  Keisuke FURUMOTO  Makoto TAKITA  Yoshiaki SHIRAISHI  Takeshi TAKAHASHI  Masami MOHRI  Yasuhiro TAKANO  Masakatu MORII  

Publication
IEICE TRANSACTIONS on Information and Systems   Vol.E104-D   No.5   pp.556-561
Publication Date: 2021/05/01
Publicized: 2021/02/24
Online ISSN: 1745-1361
DOI: 10.1587/transinf.2020DAL0002
Type of Manuscript: Special Section LETTER (Special Section on Data Engineering and Information Management)
Category: 
Keyword: 
topic model,  cyber threat intelligence,  text mining,  multi-labeling,  security blog posts,  

Full Text: PDF(2.8MB)>>
Buy this Article




Summary: 
The Topics over Time (TOT) model allows users to be aware of changes in certain topics over time. The proposed method inputs the divided dataset of security blog posts based on a fixed period using an overlap period to the TOT. The results suggest the extraction of topics that include malware and attack campaign names that are appropriate for the multi-labeling of cyber threat intelligence reports.