The employment of Machine Learning (ML) algorithms and models in Cyber Threat Intelligence (CTI) system is increasingly more common since they fast-track the process of identifying entities and relationships within human crafted Cyber Threat Reports (CTRs) containing natural language text. The study conducted in this thesis aims to explore and analyze the vulnerabilities of some open source and state-of-the-art python tools available on the web and used for predicting ATT&CK Tactics and Technique from CTRs, realizing adversarial attacks, enlightening the still-present open issues regarding these tools based on Natural Language Processing (NLP) models. The final contribution given in this thesis is emphasizing the necessity to adopt adaptive and dynamic defensive system to integrate with such models in order to strengthen the capability of identify and mitigate adversarial threats commonly available on the web.
The employment of Machine Learning (ML) algorithms and models in Cyber Threat Intelligence (CTI) system is increasingly more common since they fast-track the process of identifying entities and relationships within human crafted Cyber Threat Reports (CTRs) containing natural language text. The study conducted in this thesis aims to explore and analyze the vulnerabilities of some open source and state-of-the-art python tools available on the web and used for predicting ATT&CK Tactics and Technique from CTRs, realizing adversarial attacks, enlightening the still-present open issues regarding these tools based on Natural Language Processing (NLP) models. The final contribution given in this thesis is emphasizing the necessity to adopt adaptive and dynamic defensive system to integrate with such models in order to strengthen the capability of identify and mitigate adversarial threats commonly available on the web.
VICTIM: Vulnerabilities In Cyber Threat Intelligence Models
SANTAGATI, ANDREA
2023/2024
Abstract
The employment of Machine Learning (ML) algorithms and models in Cyber Threat Intelligence (CTI) system is increasingly more common since they fast-track the process of identifying entities and relationships within human crafted Cyber Threat Reports (CTRs) containing natural language text. The study conducted in this thesis aims to explore and analyze the vulnerabilities of some open source and state-of-the-art python tools available on the web and used for predicting ATT&CK Tactics and Technique from CTRs, realizing adversarial attacks, enlightening the still-present open issues regarding these tools based on Natural Language Processing (NLP) models. The final contribution given in this thesis is emphasizing the necessity to adopt adaptive and dynamic defensive system to integrate with such models in order to strengthen the capability of identify and mitigate adversarial threats commonly available on the web.File | Dimensione | Formato | |
---|---|---|---|
Santagati_Andrea.pdf
accesso aperto
Dimensione
1.46 MB
Formato
Adobe PDF
|
1.46 MB | Adobe PDF | Visualizza/Apri |
The text of this website © Università degli studi di Padova. Full Text are published under a non-exclusive license. Metadata are under a CC0 License
https://hdl.handle.net/20.500.12608/71046