To: Professor Ellis
From: Foysal Ahmed
Date:03-03-21
Subject: 500 word summary of an article about “Cyber Security.”
The following is a 500 word summary of a peer-reviewed article about quantifying the significance and relevance of cyber-security text through textual similarity and a cyber-security knowledge graph. Presenting various opportunities to socialize and business in general, these opportunities also bring different kinds of risks such as cyber-attacks, data breaches, loss of intellectual properties, financial fraud, etc. The idea of sharing threat information stems from the assumption that an adversary that attacks a specific target is also likely to attack similar targets in the near future. From the paper, we can know about quantifying the significance and relevance of the threat information applying different methods, such as the Entity Recognition (NER) model and the Cyber-security Knowledge Graph (CKG), the subjective relevance of the cyber-security text to the user, and to generate correlation features. This paper also shows that to mitigate cyber-security risks proactively, security analysts continuously monitor sources of threat information.
“While information-sharing platforms have grown in popularity, the amount of shared threat information has grown tremendously, overwhelming human analysts and undermining the efforts to share threat information.” (2)
Even though there are approaches that automatically share information between machines through structured information sharing such as Structured Threat Information Expression (STIX) and its corresponding protocol, Trusted Automated Exchange of Intelligence Information (TAXII), the need to process unstructured text reports that might be shared via email or forums still exists. For example, dark-web forums provide valuable threat information if the noise can be segregated with less effort. Also, to establish situational awareness, a security analyst has to identify cyber threat-related information specifically applicable to his environment to monitor and prevent the possible intrusion proactively and control the possible risk. To ensure those all, the research first shows why they are so willing to research on this topic; then they find the problems out to be solved and show the existing methods that could not solve the problem. They proposed their solution and then tried to prove why that solution is significantly more important than the existing ones.
Finally, it is shown that due to the constraints such as a probable lack of identifiable cyber-security named entity in test data and the uncertainty of identified Mentioned Entities to exist in CKG, the effectiveness of the proposed architecture could not be proven directly on the raw test documents; however, by simulating the controlled environment by manipulating the test document achieved a classification accuracy of 88% using the logistic regression classifier. Since it is impossible to expect the controlled environment in a real-life situation, the experiment must be improved to reconcile the simulated dataset with real-life data. We believe by improving the NER performance and extending the scope of CKG, the experiment would come closer to producing production-grade results.
Cyber protection, as we all know, is the process of shielding computers, routers, handheld devices, electronic infrastructure, networks, and documents from malicious attacks, and It is also known as information technology security or electronic information security. As the term applies in various contexts, from business to mobile computing, and can be divided into a few common categories, research on this kind of topic is a crying need for the overall development of all.
References
Received September 9, 2020, accepted September 21, 2020, date of publication September 28, 2020, date of current version October 8, 2020. Digital Object Identifier 10.1109/ACCESS.2020.3027321.
Resource center. (n.d.). Retrieved March 02, 2021, from https://www.kaspersky.com/resource-center/definitions/what-is-cyber-security.