This paper discusses the development of ChronoCTI, a system designed to mine temporal attack patterns from cyberthreat intelligence reports. These patterns provide structured and actionable information on past cyberattacks, aiding security practitioners in proactive defense. Using advanced language models, natural language processing, and machine learning techniques, ChronoCTI was applied to 713 reports, identifying 124 temporal attack patterns. The most prevalent pattern was tricking users into executing malicious code. The authors recommend training users about cybersecurity best practices and leveraging the automated mining capabilities of ChronoCTI.

 

Publication date: 4 Jan 2024
Project Page: Not provided
Paper: https://arxiv.org/pdf/2401.01883