TTPXHunter: Actionable Threat Intelligence Extraction as TTPs form Finished Cyber Threat Reports

arXiv:2403.03267v1 Announce Type: new
Abstract: Understanding the modus operandi of adversaries aids organizations in employing efficient defensive strategies and sharing intelligence in the community. This knowledge is often present in unstructured natural language text within threat analysis reports. A translation tool is needed to interpret the modus operandi explained in the sentences of the threat report and translate it into a structured format. This research introduces a methodology named TTPXHunter for the automated extraction of threat intelligence in terms of …

actionable adversaries aids analysis arxiv community cs.cr cyber cyber threat defensive extraction intelligence knowledge language natural natural language organizations reports sharing strategies text threat threat analysis threat intelligence threat reports tool translation ttps understanding