Efficient Data Noise-Reduction for Cyber Threat Intelligence System

Seonghyeon Gong; Changhoon Lee

doi:10.1007/978-981-15-9343-7_83

Efficient Data Noise-Reduction for Cyber Threat Intelligence System

Seonghyeon Gong, Changhoon Lee

Dept. of Computer Science and Engineering

Seoul National University of Science and Technology (SNUST)

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

2 Scopus citations

Abstract

Preemptive respondents on cyber threats have become an essential part of cybersecurity. Cyber Threat Intelligence (CTI) is an evidence-based threat detection and prevention system. CTI system analyzes and shares the security data to mitigate evolving cyber threats using security-related data. However, to gather enough amount of data for analysis, the CTI system uses various data collection channels. The reliability of data collected from these channels is a critical issue because the inaccurate and vast amount of information could degrade the performance of threat detection. Thus, proper filtering is needed to remove the noise data. In this paper, we propose a data noise-reduction algorithm. The proposed algorithm reflects the contextual characteristics of CTI data and reduces noise data in the CTI dataset. Noise-reduced dataset increases the performance of machine learning and deep learning-based attack prediction models. In our experiment, we conducted a cyber-attack classification using a noise-reduced CTI dataset. As a result, we improve the accuracy of classification from 84 to 96% and reduce the volume of the dataset by 70%.

Original language	English
Title of host publication	Advances in Computer Science and Ubiquitous Computing - CSA-CUTE 2019
Editors	James J. Park, Simon James Fong, Yi Pan, Yunsick Sung
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	591-597
Number of pages	7
ISBN (Print)	9789811593420
DOIs	https://doi.org/10.1007/978-981-15-9343-7_83
State	Published - 2021
Event	11th International Conference on Computer Science and its Applications, CSA 2019 and 14th KIPS International Conference on Ubiquitous Information Technologies and Applications, CUTE 2019 - Macao, China Duration: 18 Dec 2019 → 20 Dec 2019

Publication series

Name	Lecture Notes in Electrical Engineering
Volume	715
ISSN (Print)	1876-1100
ISSN (Electronic)	1876-1119

Conference

Conference	11th International Conference on Computer Science and its Applications, CSA 2019 and 14th KIPS International Conference on Ubiquitous Information Technologies and Applications, CUTE 2019
Country/Territory	China
City	Macao
Period	18/12/19 → 20/12/19

Keywords

Cyber attack
Cyber threat intelligence
Machine learning
Noise reduction

Access to Document

10.1007/978-981-15-9343-7_83

Cite this

Gong, S., & Lee, C. (2021). Efficient Data Noise-Reduction for Cyber Threat Intelligence System. In J. J. Park, S. J. Fong, Y. Pan, & Y. Sung (Eds.), Advances in Computer Science and Ubiquitous Computing - CSA-CUTE 2019 (pp. 591-597). (Lecture Notes in Electrical Engineering; Vol. 715). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-981-15-9343-7_83

@inproceedings{ff4fa2a91b5e4eb6b0ebc0812ddaac6c,

title = "Efficient Data Noise-Reduction for Cyber Threat Intelligence System",

abstract = "Preemptive respondents on cyber threats have become an essential part of cybersecurity. Cyber Threat Intelligence (CTI) is an evidence-based threat detection and prevention system. CTI system analyzes and shares the security data to mitigate evolving cyber threats using security-related data. However, to gather enough amount of data for analysis, the CTI system uses various data collection channels. The reliability of data collected from these channels is a critical issue because the inaccurate and vast amount of information could degrade the performance of threat detection. Thus, proper filtering is needed to remove the noise data. In this paper, we propose a data noise-reduction algorithm. The proposed algorithm reflects the contextual characteristics of CTI data and reduces noise data in the CTI dataset. Noise-reduced dataset increases the performance of machine learning and deep learning-based attack prediction models. In our experiment, we conducted a cyber-attack classification using a noise-reduced CTI dataset. As a result, we improve the accuracy of classification from 84 to 96% and reduce the volume of the dataset by 70%.",

keywords = "Cyber attack, Cyber threat intelligence, Machine learning, Noise reduction",

author = "Seonghyeon Gong and Changhoon Lee",

note = "Publisher Copyright: {\textcopyright} 2021, Springer Nature Singapore Pte Ltd.; 11th International Conference on Computer Science and its Applications, CSA 2019 and 14th KIPS International Conference on Ubiquitous Information Technologies and Applications, CUTE 2019 ; Conference date: 18-12-2019 Through 20-12-2019",

year = "2021",

doi = "10.1007/978-981-15-9343-7_83",

language = "English",

isbn = "9789811593420",

series = "Lecture Notes in Electrical Engineering",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "591--597",

editor = "Park, {James J.} and Fong, {Simon James} and Yi Pan and Yunsick Sung",

booktitle = "Advances in Computer Science and Ubiquitous Computing - CSA-CUTE 2019",

}

Gong, S & Lee, C 2021, Efficient Data Noise-Reduction for Cyber Threat Intelligence System. in JJ Park, SJ Fong, Y Pan & Y Sung (eds), Advances in Computer Science and Ubiquitous Computing - CSA-CUTE 2019. Lecture Notes in Electrical Engineering, vol. 715, Springer Science and Business Media Deutschland GmbH, pp. 591-597, 11th International Conference on Computer Science and its Applications, CSA 2019 and 14th KIPS International Conference on Ubiquitous Information Technologies and Applications, CUTE 2019, Macao, China, 18/12/19. https://doi.org/10.1007/978-981-15-9343-7_83

Efficient Data Noise-Reduction for Cyber Threat Intelligence System. / Gong, Seonghyeon; Lee, Changhoon.
Advances in Computer Science and Ubiquitous Computing - CSA-CUTE 2019. ed. / James J. Park; Simon James Fong; Yi Pan; Yunsick Sung. Springer Science and Business Media Deutschland GmbH, 2021. p. 591-597 (Lecture Notes in Electrical Engineering; Vol. 715).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Efficient Data Noise-Reduction for Cyber Threat Intelligence System

AU - Gong, Seonghyeon

AU - Lee, Changhoon

PY - 2021

Y1 - 2021

N2 - Preemptive respondents on cyber threats have become an essential part of cybersecurity. Cyber Threat Intelligence (CTI) is an evidence-based threat detection and prevention system. CTI system analyzes and shares the security data to mitigate evolving cyber threats using security-related data. However, to gather enough amount of data for analysis, the CTI system uses various data collection channels. The reliability of data collected from these channels is a critical issue because the inaccurate and vast amount of information could degrade the performance of threat detection. Thus, proper filtering is needed to remove the noise data. In this paper, we propose a data noise-reduction algorithm. The proposed algorithm reflects the contextual characteristics of CTI data and reduces noise data in the CTI dataset. Noise-reduced dataset increases the performance of machine learning and deep learning-based attack prediction models. In our experiment, we conducted a cyber-attack classification using a noise-reduced CTI dataset. As a result, we improve the accuracy of classification from 84 to 96% and reduce the volume of the dataset by 70%.

AB - Preemptive respondents on cyber threats have become an essential part of cybersecurity. Cyber Threat Intelligence (CTI) is an evidence-based threat detection and prevention system. CTI system analyzes and shares the security data to mitigate evolving cyber threats using security-related data. However, to gather enough amount of data for analysis, the CTI system uses various data collection channels. The reliability of data collected from these channels is a critical issue because the inaccurate and vast amount of information could degrade the performance of threat detection. Thus, proper filtering is needed to remove the noise data. In this paper, we propose a data noise-reduction algorithm. The proposed algorithm reflects the contextual characteristics of CTI data and reduces noise data in the CTI dataset. Noise-reduced dataset increases the performance of machine learning and deep learning-based attack prediction models. In our experiment, we conducted a cyber-attack classification using a noise-reduced CTI dataset. As a result, we improve the accuracy of classification from 84 to 96% and reduce the volume of the dataset by 70%.

KW - Cyber attack

KW - Cyber threat intelligence

KW - Machine learning

KW - Noise reduction

UR - http://www.scopus.com/inward/record.url?scp=85101504342&partnerID=8YFLogxK

U2 - 10.1007/978-981-15-9343-7_83

DO - 10.1007/978-981-15-9343-7_83

M3 - Conference contribution

AN - SCOPUS:85101504342

SN - 9789811593420

T3 - Lecture Notes in Electrical Engineering

SP - 591

EP - 597

BT - Advances in Computer Science and Ubiquitous Computing - CSA-CUTE 2019

A2 - Park, James J.

A2 - Fong, Simon James

A2 - Pan, Yi

A2 - Sung, Yunsick

PB - Springer Science and Business Media Deutschland GmbH

T2 - 11th International Conference on Computer Science and its Applications, CSA 2019 and 14th KIPS International Conference on Ubiquitous Information Technologies and Applications, CUTE 2019

Y2 - 18 December 2019 through 20 December 2019

ER -

Efficient Data Noise-Reduction for Cyber Threat Intelligence System

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this