Authors: Nitish, Bijender, Suraj, Himanshu
Abstract: After Action Reports ( AARs) provide intensive analysis of cyber incidents. Extraction of materials Cyber- knowledge from these sources will provide security researchers with reliable information, which. It can be used to identify or nd patterns of cyberattacks. In this paper we describe a framework to. extract information from AARs, combine similar organizations and aggregate the extracted information, and. They represent extracts from the Cybersecurity Knowledge Graph ( CKG). We remove entities by We are creating a custom named entity detector called Malware Entity Extractor ( MEE). Then we a neural network to predict how pairs of malware entities are related to each other. When we predicted For entity pairs and the relationships between them, we represent the entity-relation set in CKG. Our next one The step in the process is the consolidation of similar organizations, reforming our CKGs. This mixture helps to represent the intelligent fish Extracts from numerous papers and reports. Fused CKG is known from many AARs, as well. Inter- organizational relationships extracted from separate reports. Because of this mix, a security researcher. can handle questions and retrieve better answers on a hybrid CKG, than an unhybrid knowledge article. Wealso showcase the various logic capabilities that can be leveraged by the security analyst to bring us fused C. K. G
International Journal of Science, Engineering and Technology