论文标题
Cyner:一个用于网络安全的Python图书馆,名为“实体识别”
CyNER: A Python Library for Cybersecurity Named Entity Recognition
论文作者
论文摘要
开放网络威胁智能(OpenTCTI)信息可从互联网上的异构来源以非结构化格式获得。我们提出了Cyner,这是一个名为“实体识别”(NER)的网络安全库。 Cyner结合了用于提取网络安全相关实体的基于变压器的模型,用于提取不同折衷指标的启发式方法以及通用实体类型的公开可用的NER模型。我们提供了对用户可以随时使用的多种语料库进行培训的模型。事件被描述为先前研究中的类-Malont2.0(Christian等,2021)和Malont(Rastogi等,2020),并从威胁智能语料库中提取了广泛的恶意软件攻击细节。用户可以将来自多种不同方法的预测结合在一起,以适应其需求。图书馆可公开可用。
Open Cyber threat intelligence (OpenCTI) information is available in an unstructured format from heterogeneous sources on the Internet. We present CyNER, an open-source python library for cybersecurity named entity recognition (NER). CyNER combines transformer-based models for extracting cybersecurity-related entities, heuristics for extracting different indicators of compromise, and publicly available NER models for generic entity types. We provide models trained on a diverse corpus that users can readily use. Events are described as classes in previous research - MALOnt2.0 (Christian et al., 2021) and MALOnt (Rastogi et al., 2020) and together extract a wide range of malware attack details from a threat intelligence corpus. The user can combine predictions from multiple different approaches to suit their needs. The library is made publicly available.
