The general need exists for robust threat detection methods that adapt to new and evolving cyber threats. In this paper, we propose a method that uses RDF-based knowledge graphs and AI to improve detection and classification of attacks. Our approach transforms security logs into RDF and maps them to the MITRE ATT&CK framework. We also address sensitive data concerns, such as IP addresses, by applying privacy measures. Our results show that AI-driven analysis and knowledge graphs can enhance cyber threat intelligence (CTI), while respecting privacy regulations.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Integrating AI and RDF Knowledge Graphs with MITRE ATT&CK for CTI Insights

  • Apostolos Mavridis,
  • Stergios Tegos,
  • Christos Anastasiou,
  • Maria Papoutsoglou,
  • Georgios Meditskos

摘要

The general need exists for robust threat detection methods that adapt to new and evolving cyber threats. In this paper, we propose a method that uses RDF-based knowledge graphs and AI to improve detection and classification of attacks. Our approach transforms security logs into RDF and maps them to the MITRE ATT&CK framework. We also address sensitive data concerns, such as IP addresses, by applying privacy measures. Our results show that AI-driven analysis and knowledge graphs can enhance cyber threat intelligence (CTI), while respecting privacy regulations.