PANSA: A Framework for Threat Knowledge Graph Construction

PANSA: A Framework for Threat Knowledge Graph Construction

연구 분야: Safety

학회: 2024 3rd International Conference on Cloud Computing, Big Data Application and Software Engineering (CBASE)

Cyber intelligence provides new prevention ideas for cyberattacks, but it is difficult to use effectively due to its multi-source heterogeneity and fragmentation. To address this problem, we propose a threat knowledge graph construction framework based on Pretrained Adversarial NER and relationship Subgraph-based Alignment called PANSA. First, the cyber threat domain ontology model is constructed in combination with the existing cyber threat intelligence standards. Secondly, SecBABC threat entity recognition model is designed, which incorporates pre-training and adversarial training modules to extract high-quality threat intelligence data. Then the Multi-Relation GAT for Entity Alignment framework (MRGEA) is designed. MRGEA considers the impact of different relationships on entities, and uses a multi-relation graph attention network to mine deep information. Finally, the cyber threat knowledge graph is visualized. Experimental results show that PANSA effectively integrates security intelligence and outperforms existing methods in knowledge extraction and entity alignment.