From Words to Intelligence: Leveraging the Cyber Operation Constraint Principle, Natural Language Understanding, and Association Rules for Cyber Threat Analysis

Botconf 2023
2023-04-22 | 09:30 – 09:55

Ronan Mouchoux 🗣 | François Moerman 🗣

This presentation describes a system ingesting natural language threat report using Natural Language Processing to generate a graph-based model using the STIXv2 structured language and a relational database. The natural language expressions are normalized using MITRE structured vocabularies and industry recognized threat actor catalogs. To uncover potentially missing threat report information, we apply the association rule learning Apriori algorithm on a threat report based on the structured knowledge we model.

Slides Icon


Paper Link Icon

Scroll to Top