Research of Threat Intelligence Architecture Based on Internal Threat Intelligence

Research of Threat Intelligence Architecture Based on Internal Threat Intelligence

연구 분야: Safety

학회: ISCCN '25: Proceedings of the 2025 4th International Conference on Intelligent Systems, Communications and Computer Networks

The emergence of threat intelligence has provided a new theoretical basis for traditional security protection systems that are unable to respond effectively to long-lasting and highly stealthy cyberattacks. The existing threat intelligence systems are not widely applicable, and most of the threat intelligence data comes from third-party vendors, which does not involve Internal Threat Intelligence and is not targeted for the defence. In this paper, from the defender's internal situation, research and implementation of an Internal Threat Intelligence knowledge system based on Internal Threat Intelligence, the system breaks the defender's internal traditional direct mining of third-party vendors for the use of the model, through the construction of Internal Threat Intelligence, and Internal Threat Intelligence based on the generation of knowledge graphs, and experiments have shown that the system maintains the data conversion rate of about 0.1%, while the intelligence disposal rate of up to 85%, the results show that this system is a suitable system for the defence of the threat intelligence system. The results show that this system is an intelligence knowledge system with high adaptability, high usability and high sharing, which can help the defender to better carry out the defence.