HinCTI: A Cyber Threat Intelligence Modeling and Identification System Based on Heterogeneous Information Network


Recent years have seen a rise in the sophistication, pervasiveness, organization, and armed nature of cyberattacks. As a result of this circumstance, an increasing number of organizations all over the world are demonstrating a growing willingness to leverage the open exchange of cyber threat intelligence (CTI) in order to obtain a complete picture of the rapidly evolving cyber threat situation and to protect themselves from cyber-attacks. However, modeling CTI is difficult because of the explicit and implicit relationships that exist between CTI as well as the heterogeneity of the cyber-threat infrastructure nodes that are a part of CTI. It is difficult to automatically identify the threat type of infrastructure nodes for early warning because there are only a limited number of labels assigned to cyber threat infrastructure nodes that are involved in CTI. In order to overcome these obstacles, a practical system known as HinCTI has been developed. This system is used for modeling cyber threat intelligence and determining the types of threats. In the first step of this process, we develop a threat intelligence meta-schema to depict the semantic relatedness of infrastructure nodes. After that, we model cyber threat intelligence on a heterogeneous information network (HIN), which is a network that can integrate many different kinds of infrastructure nodes as well as rich relations between them. Following this, we define a meta-path and meta-graph instances-based threat Infrastructure similarity (MIIS) measure between threat infrastructure nodes and present a MIIS measure-based heterogeneous graph convolutional network (GCN) approach to identify the threat types of infrastructure nodes involved in CTI. Both of these measures are based on the meta-path and meta-graph instances that connect threat infrastructure nodes. In addition, by utilizing a hierarchical regularization strategy, our model is able to mitigate the issue of overfitting and achieve satisfactory outcomes in the process of identifying the threat type posed by infrastructure nodes. This work is, as far as we are aware, the first to model CTI on HIN for the purpose of threat identification and to propose a heterogeneous GCN-based approach for the identification of threat types in infrastructure nodes. Extensive tests are run with HinCTI on real-world datasets, and the results of these tests show that our proposed approach has the potential to significantly improve the performance of threat type identification in comparison to the existing state-of-the-art baseline methods. Our work is useful because it significantly reduces the amount of heavy analysis work that security analysts have to do and improves the efficiency with which organizations are protected against cyberattacks.

Did you like this research project?

To get this research project Guidelines, Training and Code... Click Here

PROJECT TITLE : Multi-tier Workload Consolidations in the Cloud Profiling, Modeling and Optimization ABSTRACT: It is becoming increasingly important to cut down on tail latency in order to improve the experience that users have
PROJECT TITLE :Modeling, Limits and Baseline of Voltage Interharmonics Generation in Andean Wind FarmsABSTRACT:The subsequent study focuses on the analysis of voltage interharmonics based mostly on power quality experimental information
PROJECT TITLE :Modeling, Measuring, and Compensating Color Weak VisionABSTRACT:We tend to use strategies from Riemann geometry to investigate transformations between the colour spaces of color-normal and color-weak observers.
PROJECT TITLE :Modeling, Analysis, and Scheduling of Cluster Tools With Two Independent ArmsABSTRACT:Twin-armed cluster tools for semiconductor manufacturing sometimes have had two arms fixed in opposite directions. Recently,
PROJECT TITLE :Modeling, Analysis, and Detection of Internal Winding Faults in Power TransformersABSTRACT:The winding interturn fault is critical in power transformers since its result is not simply comprehensible at lower magnitude

Ready to Complete Your Academic MTech Project Work In Affordable Price ?

Project Enquiry