Machine Learning Sentiment Analysis in Cyber Threat Intelligence Recommendation System

  • Marastika wicaksono aji bawono aji bawono Telkom University
  • achlany Kasman Swiss german university
  • Stevani Dwi Utomo Universitas Kristen Duta Wacana
https://doi.org/10.21108/ijoict.v9i2.849
Abstract views: 300 , pdf downloads: 164
Keywords: Machine Learning, Sentiment Analysis, Cyber Threat Intelligence, Cyber Security

Abstract

The use of the digital world is increasing every day. Attacks and data theft occur on various websites, both government-owned and commercial and banking sites. Therefore, this research aims to identify the threats of frequently occurring viruses in a country. There is a considerable amount of news explaining cybercrime incidents. The problem of this research is that unstructured data such as articles and technical reports are difficult to analyze and identify the types of cybercrime attacks. Previous research attempted to semantically extract unstructured cyber threats, but there were shortcomings in previous research. The novelty of this research is the development of a Cyber Threat Intelligence (CTI) machine learning model to identify the types of virus attacks or cybercrimes that frequently occur in e-commerce transactions, so that they can take rescue actions for incident handling in the digital world using tactics, techniques, and procedures (TTP). The method involves using machine learning, taking Cyber Threat Intelligence (CTI) documents as input regarding cybersecurity threat handling steps, and then processing the data using AI TF-IDF and Bags of Words  for the identification of steps, tactics, techniques, and procedures required for each frequently occurring security incident.

Downloads

Download data is not yet available.

References

[1] Aljuhami, Amira M, Bamasoud, Doaa M. Cyber Threat Intelligence in Risk Management. International Journal of Advanced Computer Science and Applications, 2021.
[2] Https://datareportal.com/reports/digital-2021-indonesia
[3] Https://www.kominfo.go.id/index.php/content/detail/4698/Indonesia-Peringkat-ke-2-Dunia-Kasus-Kejahatan-Siber/0/sorotan_media
[4] NOOR, Umara; ANWAR, Zahid; RASHID, Zahid. An association rule mining-based framework for profiling regularities in tactics techniques and procedures of cyber threat actors. In: 2018 International Conference on Smart Computing and Electronic Enterprise (ICSCEE). IEEE, 2018. p. 1-6.
[5] Https://www.lastline.com/blog/malware- types-and-classifications/ (accessed April 18,2020)
[6] https://attack.mitre.org
[7] Noor, Umara, Zahid Anwar, and Zahid Rashid. "An association rule mining-based framework for profiling regularities in tactics techniques and procedures of cyber threat actors." 2018 International Conference on Smart Computing and Electronic Enterprise (ICSCEE). IEEE, 2018.
[8] Deliu, Isuf, Carl Leichter, and Katrin Franke. "Collecting cyber threat intelligence from hacker forums via a two-stage, hybrid process using support vector machines and latent dirichlet allocation." 2018 IEEE International Conference on Big Data (Big Data). IEEE, 2018.
[9] Ford, Vitaly, and Ambareen Siraj. "Applications of machine learning in cyber security." Proceedings of the 27th international conference on computer applications in industry and engineering. Vol. 118. Kota Kinabalu, Malaysia: IEEE Xplore, 2014.
[10] Rogers, David, et al. Real-time text classification of user-generated content on social media: Systematic review. IEEE Transactions on Computational Social Systems, 2021.
[11] Ayoade, Gbadebo, et al. Automated threat report classification over multi-source data. In: 2018 IEEE 4th International Conference on Collaboration and Internet Computing (CIC). IEEE, 2018.
[12] Https://www.lockheedmartin.com/enus/capabilities/cyber/cyber- kill- chain.html" 2019.
[13] Diamondmodelanalysis.[Online].Available:https://www.threatintel.aca demy/diamond
[14] ALLOGHANI, Mohamed, et al. Implementation of machine learning and data mining to improve cybersecurity and limit vulnerabilities to cyber attacks. Nature-inspired computation in data mining and machine learning, 2020.
[15] Shaukat, Kamran, et al. Cyber threat detection using machine learning techniques: A performance evaluation perspective. In: 2020 international conference on cyber warfare and security (ICCWS). IEEE, 2020. p. 1-6.

[16] Chismon David; RUKS, Martyn. Threat intelligence: Collecting, analysing, evaluating. MWR InfoSecurity Ltd, 2015.
[17] Legoy, Valentine Solange Marine. Retrieving att&ck tactics and techniques in cyber threat reports. MS thesis. University of Twente, 2019.
[18] Noor Umara; Anwar, Zahid; Rashid, Zahid. An association rule mining-based framework for profiling regularities in tactics techniques and procedures of cyber threat actors. In: 2018 International Conference on Smart Computing and Electronic Enterprise (ICSCEE). IEEE, 2018.
[19] Adversarial Tactics, Techniques and Common Knowledge, 2018 [Online]. Available: https://github.com/mitre/cti, 2018.
[20] Gupta, M., Shagun, Choudhary, B., & Rani, M. (2022). Transforming Business Through Digitalization: A Bibliometric Analysis Using VOS viewer. 8th International Conference on Advanced Computing and Communication Systems, ICACCS 2022.
[21] Hair, Joseph F.; Ringle, Christian M.; Sarstedt, Marko. Partial least squares: the better approach to structural equation modeling. Long range planning, 2012.
[22] Davision, A. C.; Kuneon, Diego. An introduction to the bootstrap with applications in R. Statistical computing & Statistical graphics newsletter, 2002.
[23] Sarstedt, Marko, et al. Partial least squares structural equation modeling (PLS-SEM): A useful tool for family business researchers. Journal of family business strategy, 2014.
[24] Richter, Nicole Franziska, et al. European management research using partial least squares structural equation modeling (PLS-SEM). European Management Journal, 34 (6), 589-597, 2016.
[26] HENSELER, Jörg; HUBONA, Geoffrey; RAY, Pauline Ash. Using PLS path modeling in new technology research: updated guidelines. Industrial management & data systems, 2016.
[27] Axelos, ITIL Foundation?: ITIL 4 edition. The Stationery Office, 2019
[28] TSAI, Chia-En; YANG, Cheng-Lin; CHEN, Chong-Kuan. CTI ANT: Hunting for Chinese threat intelligence. In: 2020 IEEE International Conference on Big Data (Big Data). IEEE, 2020.
[29] Suryotrisongko, Hatma, et al. Topic Modeling for Cyber Threat Intelligence (CTI). In: 2022 Seventh
International Conference on Informatics and Computing (ICIC). IEEE, 2022. p. 1-7.
[30] Wolf, Shaya, et al. Data Collection and Exploratory Analysis for Cyber Threat Intelligence Machine
Learning Processes. In: 2022 9th Swiss Conference on Data Science (SDS). IEEE, 2022. p. 7-12.
[31] Irfan, Ahmad Naim, et al. Taxonomy of Cyber Threat Intelligence Framework. In: 2022 13th International Conference on Information and Communication Technology Convergence (ICTC). IEEE, 2022.
[32] Pambudhi, Heru Dias; AJI, Rizal Fathoni. Evaluation of Cyber Threat Intelligence Maturity Models: A Comparison Based on Maturity Model Design Principles. In: 2022 2nd International Conference on Intelligent Cybernetics Technology & Applications (ICICyTA). IEEE, 2022.
[33] Rani, Nanda, et al. "TTPHunter: Automated Extraction of Actionable Intelligence as TTPs from Narrative Threat Reports." Proceedings of the 2023 Australasian Computer Science Week. 2023.
[34] WU, Yiming, et al. Price tag: towards semi-automatically discovery tactics, techniques and procedures
of E-commerce cyber threat intelligence. IEEE Transactions on Dependable and Secure Computing,
2021.
[35] U. Noor, Z. Anwar, and Z. Rashid, "An Association Rule Mining-Based Framework for Profiling
Regularities in Tactics Techniques and Procedures of Cyber Threat Actors," 2018 Int. Conf. Smart
Compute. Electron. Enter. ICSCEE 2018, pp. 1–6, 2018
[36] Rogers, D., Preece, A., Innes, M., & Spasi?, I. (2022). Real-Time Text Classification of User-
Generated Content on Social Media: Systematic Review. IEEE Transactions on Computational Social
Systems, 9(4), 1154–1166. https://doi.org/10.1109/TCSS.2021.3120138
[37] Alloghani, Mohamed, et al. Implementation of machine learning and data mining to improve
cybersecurity and limit vulnerabilities to cyber attacks. Nature-inspired computation in data mining and
machine learning, 2020.
Published
2023-12-14
How to Cite
aji bawono, M. wicaksono aji bawono, Kasman , S., & Dwi Utomo , S. (2023). Machine Learning Sentiment Analysis in Cyber Threat Intelligence Recommendation System . International Journal on Information and Communication Technology (IJoICT), 9(2), 75-85. https://doi.org/10.21108/ijoict.v9i2.849
Issue
Vol. 9 No. 2 (2023): Vol.9 No. 2 Dec 2023
Section
Data Science
Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Manuscript submitted to IJoICT has to be an original work of the author(s), contains no element of plagiarism, and has never been published or is not being considered for publication in other journals. Author(s) shall agree to assign all copyright of published article to IJoICT. Requests related to future re-use and re-publication of major or substantial parts of the article must be consulted with the editors of IJoICT.