Dynamic Threat Intelligence System for IoT and AI-Driven ICT
Explore how the CERTH 1st Stakeholders Workshop is enhancing cyber-threat intelligence through dynamic taxonomies and ontologies. Leveraging Named Entity Recognition and topic modeling, the project aims to create a knowledge repository for evolving threats targeting IoT and AI-driven systems.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
Artificial Intelligence Threat Reporting & Incidence report system Cyber-Threat Intelligence Storing and Sharing CERTH 1stStakeholders Workshop | 22 February 2023 This project has received funding from the European Union s Horizon 2020 research and innovation programme under grant agreement no 101021727. This material reflects only the authors view and European Commission is not responsible for any use that may be made of the information it contains.
IRIS Taxonomies and Ontologies Creation of a dynamic knowledge repository of evolving threats which target IoT and AI- driven ICT systems MISP will be utilized, adapted (as part of the MeliCERTes platform) and will be used for the storage of the information that will generate dynamic taxonomies and ontologies based on existing data. Techniques for generating dynamic taxonomies and ontologies in a (semi-) automatic way have been proposed utilising rule-based and machine learning-based methods Named entities, concepts of interest, and the relations on what they represent will be extracted automatically. Ontology merging techniques will be examined to facilitate the ontology maintenance generated in IRIS project. 2 This project has received funding from the European Union s Horizon 2020 research and innovation programme under grant agreement no 101021727. This material reflects only the authors view and European Commission is not responsible for any use that may be made of the information it contains. IRIS Project confidential
Taxonomies models (1/5) Name Entity Recognition (NER) Benefits: A powerful technique for term identification, extraction and classification Drawbacks: The model is as good as it s training procedures. Maybe some key terms (i.e., threats) cannot be identified or can be classified under a wrong label. Why we chose NER: NER procedure pretrained on a big Cyber Threat Intelligence (CTI) dataset 3 This project has received funding from the European Union s Horizon 2020 research and innovation programme under grant agreement no 101021727. This material reflects only the authors view and European Commission is not responsible for any use that may be made of the information it contains. IRIS Project confidential
Taxonomies models (2/5) NER Results (Examples) Sentence:It was possible to access the JBoss JMX Management Console at hyperlink Entity: Tool, Token: Jboss JMX Sentence: CWE-26447531424-616e-4ef8-a121-451bcfdd4589 JBoss Console and Web Management Misconfiguration Vulnerability - Web application abuses 2021-12-10 T09:09:00. Entity: HackOrg, Token: CWE - 26447531424 4 This project has received funding from the European Union s Horizon 2020 research and innovation programme under grant agreement no 101021727. This material reflects only the authors view and European Commission is not responsible for any use that may be made of the information it contains. IRIS Project confidential
Taxonomies models (4/5) Topic modeling BERTopic is a topic modeling technique that leverages transformers and c-TF-IDF to create dense clusters allowing for easily interpretable topics whilst keeping important words in the topic descriptions Benefits: State of the art models Drawbacks: Need for large inputs Why we chose Topic modeling: To identify terms that cannot be captured using NER 5 This project has received funding from the European Union s Horizon 2020 research and innovation programme under grant agreement no 101021727. This material reflects only the authors view and European Commission is not responsible for any use that may be made of the information it contains. IRIS Project confidential
Ontologies Identification of existing ontologies Built ontologies manually using PROT G Research on ontologies merging techniques Ontology merging and alignment Investigation of relation extraction techniques REBEL Starting investigating automate ontologies procedures using OWLready2 6 This project has received funding from the European Union s Horizon 2020 research and innovation programme under grant agreement no 101021727. This material reflects only the authors view and European Commission is not responsible for any use that may be made of the information it contains. IRIS Project confidential
Thank you for your attention! Any questions? CERTH iris-h2020.eu IRIS H2020 Project 1stStakeholders Workshop | 22 February 2023 iris_h2020 This project has received funding from the European Union s Horizon 2020 research and innovation programme under grant agreement no 101021727. This material reflects only the authors view and European Commission is not responsible for any use that may be made of the information it contains.
