A multi-source threat intelligence confidence value evaluation method based on machine learning
During the collection process of multi-source threat intelligence,it is very hard for the intelligence center to make a scientific decision to massive intelligence because the data value density is low,the intelligence repeatabil-ity is high,and the ineffective time is very short,etc.Based on those...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | zho |
| Published: |
Beijing Xintong Media Co., Ltd
2020-01-01
|
| Series: | Dianxin kexue |
| Subjects: | |
| Online Access: | http://www.telecomsci.com/zh/article/doi/10.11959/j.issn.1000-0801.2020010/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841530602025648128 |
|---|---|
| author | Hansheng LIU Hongyu TANG Mingxia BO Jianfeng NIU Tianbo LI Lingxiao LI |
| author_facet | Hansheng LIU Hongyu TANG Mingxia BO Jianfeng NIU Tianbo LI Lingxiao LI |
| author_sort | Hansheng LIU |
| collection | DOAJ |
| description | During the collection process of multi-source threat intelligence,it is very hard for the intelligence center to make a scientific decision to massive intelligence because the data value density is low,the intelligence repeatabil-ity is high,and the ineffective time is very short,etc.Based on those problems,a new multi-source threat intelligence confidence value evaluation method was put forward based on machine learning.First of all,according to the STIX intelligence standard format,a multi-source intelligence data standardization process was designed.Secondly,ac-cording to the characteristic of data,14 characteristics were extracted from four dimensions of publishing time,source,intelligence content and blacklist matching degree to be the basis of determining the intelligence reliability.After getting the feature encoding,an intelligence confidence value evaluation model was designed based on deep neural network algorithm and Softmax classifier.Backward propagation algorithm was also used to minimize recon-struction error.Last but not least,according to the 2 000 open source marked sample data,k-ford cross-validation method was used to evaluate the model and get an average of 91.37% macro-P rate and 84.89% macro-R rate.It was a good reference for multi-source threat intelligence confidence evaluation. |
| format | Article |
| id | doaj-art-7f56d051363c45afb0e64b5855aa77ff |
| institution | Kabale University |
| issn | 1000-0801 |
| language | zho |
| publishDate | 2020-01-01 |
| publisher | Beijing Xintong Media Co., Ltd |
| record_format | Article |
| series | Dianxin kexue |
| spelling | doaj-art-7f56d051363c45afb0e64b5855aa77ff2025-01-15T03:01:21ZzhoBeijing Xintong Media Co., LtdDianxin kexue1000-08012020-01-013611912659585297A multi-source threat intelligence confidence value evaluation method based on machine learningHansheng LIUHongyu TANGMingxia BOJianfeng NIUTianbo LILingxiao LIDuring the collection process of multi-source threat intelligence,it is very hard for the intelligence center to make a scientific decision to massive intelligence because the data value density is low,the intelligence repeatabil-ity is high,and the ineffective time is very short,etc.Based on those problems,a new multi-source threat intelligence confidence value evaluation method was put forward based on machine learning.First of all,according to the STIX intelligence standard format,a multi-source intelligence data standardization process was designed.Secondly,ac-cording to the characteristic of data,14 characteristics were extracted from four dimensions of publishing time,source,intelligence content and blacklist matching degree to be the basis of determining the intelligence reliability.After getting the feature encoding,an intelligence confidence value evaluation model was designed based on deep neural network algorithm and Softmax classifier.Backward propagation algorithm was also used to minimize recon-struction error.Last but not least,according to the 2 000 open source marked sample data,k-ford cross-validation method was used to evaluate the model and get an average of 91.37% macro-P rate and 84.89% macro-R rate.It was a good reference for multi-source threat intelligence confidence evaluation.http://www.telecomsci.com/zh/article/doi/10.11959/j.issn.1000-0801.2020010/information safetythreat intelligenceconfidence evaluationdeep neural network |
| spellingShingle | Hansheng LIU Hongyu TANG Mingxia BO Jianfeng NIU Tianbo LI Lingxiao LI A multi-source threat intelligence confidence value evaluation method based on machine learning Dianxin kexue information safety threat intelligence confidence evaluation deep neural network |
| title | A multi-source threat intelligence confidence value evaluation method based on machine learning |
| title_full | A multi-source threat intelligence confidence value evaluation method based on machine learning |
| title_fullStr | A multi-source threat intelligence confidence value evaluation method based on machine learning |
| title_full_unstemmed | A multi-source threat intelligence confidence value evaluation method based on machine learning |
| title_short | A multi-source threat intelligence confidence value evaluation method based on machine learning |
| title_sort | multi source threat intelligence confidence value evaluation method based on machine learning |
| topic | information safety threat intelligence confidence evaluation deep neural network |
| url | http://www.telecomsci.com/zh/article/doi/10.11959/j.issn.1000-0801.2020010/ |
| work_keys_str_mv | AT hanshengliu amultisourcethreatintelligenceconfidencevalueevaluationmethodbasedonmachinelearning AT hongyutang amultisourcethreatintelligenceconfidencevalueevaluationmethodbasedonmachinelearning AT mingxiabo amultisourcethreatintelligenceconfidencevalueevaluationmethodbasedonmachinelearning AT jianfengniu amultisourcethreatintelligenceconfidencevalueevaluationmethodbasedonmachinelearning AT tianboli amultisourcethreatintelligenceconfidencevalueevaluationmethodbasedonmachinelearning AT lingxiaoli amultisourcethreatintelligenceconfidencevalueevaluationmethodbasedonmachinelearning AT hanshengliu multisourcethreatintelligenceconfidencevalueevaluationmethodbasedonmachinelearning AT hongyutang multisourcethreatintelligenceconfidencevalueevaluationmethodbasedonmachinelearning AT mingxiabo multisourcethreatintelligenceconfidencevalueevaluationmethodbasedonmachinelearning AT jianfengniu multisourcethreatintelligenceconfidencevalueevaluationmethodbasedonmachinelearning AT tianboli multisourcethreatintelligenceconfidencevalueevaluationmethodbasedonmachinelearning AT lingxiaoli multisourcethreatintelligenceconfidencevalueevaluationmethodbasedonmachinelearning |