{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,5,25]],"date-time":"2025-05-25T04:03:27Z","timestamp":1748145807648,"version":"3.41.0"},"publisher-location":"Cham","reference-count":38,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031893629","type":"print"},{"value":"9783031893636","type":"electronic"}],"license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2025]]},"DOI":"10.1007\/978-3-031-89363-6_4","type":"book-chapter","created":{"date-parts":[[2025,5,24]],"date-time":"2025-05-24T07:47:29Z","timestamp":1748072849000},"page":"66-85","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["CTIMiner: Cyber Threat Intelligence Mining Using Adaptive Multi-task Adversarial Active Learning"],"prefix":"10.1007","author":[{"given":"Chunyan","family":"Ma","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Zhengwei","family":"Jiang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Kai","family":"Zhang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jun","family":"Jiang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Peian","family":"Yang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Bo","family":"Xu","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Huamin","family":"Feng","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2025,5,25]]},"reference":[{"key":"4_CR1","unstructured":"Gartner: Gartner identifies the top cybersecurity trends for 2024 (2024). https:\/\/www.gartner.com\/en\/newsroom\/press-releases\/2024-02-22-gartner-identifies-top-cybersecurity-trends-for-2024"},{"key":"4_CR2","unstructured":"Securityweek: Attackers can abuse github codespaces for malware delivery (2023). https:\/\/www.securityweek.com\/attackers-can-abuse-github-codespaces-malware-delivery\/"},{"key":"4_CR3","unstructured":"Checkpoint: APT35 exploits log4j vulnerability to distribute new modular powershell toolkit (2022) . https:\/\/research.checkpoint.com\/2022\/apt35-exploits-log4j-vulnerability-to-distribute-new-modular-powershell-toolkit\/"},{"key":"4_CR4","doi-asserted-by":"crossref","unstructured":"Lee, M.: Cyber Threat Intelligence. Wiley (2023)","DOI":"10.1002\/9781119861775"},{"key":"4_CR5","doi-asserted-by":"crossref","unstructured":"Liao, X., Yuan, K., Wang, X., Li, Z., Xing, L., Beyah, R.: Acing the IOC game: toward automatic discovery and analysis of open-source cyber threat intelligence. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer And Communications Security, pp. 755\u2013766 (2016)","DOI":"10.1145\/2976749.2978315"},{"key":"4_CR6","doi-asserted-by":"publisher","unstructured":"Wang, X., et al.: A method for extracting unstructured threat intelligence based on dictionary template and reinforcement learning. In: 2021 IEEE 24th International Conference on Computer Supported Cooperative Work in Design (CSCWD), pp. 262\u2013267 (2021). https:\/\/doi.org\/10.1109\/CSCWD49262.2021.9437858","DOI":"10.1109\/CSCWD49262.2021.9437858"},{"key":"4_CR7","doi-asserted-by":"crossref","unstructured":"Luo, Y., Ao, S., Luo, N., Su, C., Yang, P., Jiang, Z.: Extracting threat intelligence relations using distant supervision and neural networks. In: Advances in Digital Forensics XVII: 17th IFIP WG 11.9 International Conference, pp. 193\u2013211. Springer (2021)","DOI":"10.1007\/978-3-030-88381-2_10"},{"key":"4_CR8","unstructured":"Iklody, A., Wagener, G., Dulaunoy, A., Mokaddem, S., Wagner, C.: Decaying indicators of compromise. arXiv preprint arXiv:1803.11052 (2018)"},{"key":"4_CR9","unstructured":"Devlin, J., Chang, M.W., Lee, K., Toutanova, K.: BERT: pre-training of deep bidirectional transformers for language understanding. arXiv preprint arXiv:1810.04805 (2018)"},{"key":"4_CR10","doi-asserted-by":"publisher","first-page":"103579","DOI":"10.1016\/j.cose.2023.103579","volume":"136","author":"K Ahmed","year":"2024","unstructured":"Ahmed, K., Khurshid, S.K., Hina, S.: CyberEntRel: joint extraction of cyber entities and relations using deep learning. Comput. Secur. 136, 103579 (2024)","journal-title":"Comput. Secur."},{"key":"4_CR11","unstructured":"Bianco, D.: The pyramid of pain (2013). https:\/\/detect-respond.blogspot.com\/2013\/03\/the-pyramid-of-pain.html"},{"key":"4_CR12","doi-asserted-by":"crossref","unstructured":"Wang, X., Xiong, M., Luo, Y., Li, N., Jiang, Z., Xiong, Z.: Joint learning for document-level threat intelligence relation extraction and coreference resolution based on GCN. In: 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 584\u2013591. IEEE (2020)","DOI":"10.1109\/TrustCom50675.2020.00083"},{"key":"4_CR13","doi-asserted-by":"crossref","unstructured":"Wang, X., et al.: FSSRE: fusing semantic feature and syntactic dependencies feature for threat intelligence relation extraction. In: SEKE, pp. 79\u201385 (2021)","DOI":"10.18293\/SEKE2021-088"},{"issue":"1","key":"4_CR14","doi-asserted-by":"publisher","first-page":"8","DOI":"10.1186\/s42400-022-00110-3","volume":"5","author":"J Liu","year":"2022","unstructured":"Liu, J., et al.: TriCTI: an actionable cyber threat intelligence discovery system via trigger-enhanced neural network. Cybersecurity 5(1), 8 (2022)","journal-title":"Cybersecurity"},{"key":"4_CR15","doi-asserted-by":"publisher","first-page":"102763","DOI":"10.1016\/j.cose.2022.102763","volume":"120","author":"H Jo","year":"2022","unstructured":"Jo, H., Lee, Y., Shin, S.: Vulcan: automatic extraction and analysis of cyber threat intelligence from unstructured text. Comput. Secur. 120, 102763 (2022)","journal-title":"Comput. Secur."},{"key":"4_CR16","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1155\/2022\/2566681","volume":"2022","author":"Y Zhou","year":"2022","unstructured":"Zhou, Y., Tang, Y., Yi, M., Xi, C., Lu, H.: CTI view: APT threat intelligence analysis system. Secur. Commun. Networks 2022, 1\u201315 (2022)","journal-title":"Secur. Commun. Networks"},{"key":"4_CR17","doi-asserted-by":"publisher","first-page":"103371","DOI":"10.1016\/j.cose.2023.103371","volume":"132","author":"Y Guo","year":"2023","unstructured":"Guo, Y., et al.: A framework for threat intelligence extraction and fusion. Comput. Secur. 132, 103371 (2023)","journal-title":"Comput. Secur."},{"key":"4_CR18","doi-asserted-by":"publisher","first-page":"110114","DOI":"10.1016\/j.knosys.2022.110114","volume":"260","author":"X Wang","year":"2023","unstructured":"Wang, X., Liu, J.: A novel feature integration and entity boundary detection for named entity recognition in cybersecurity. Knowl.-Based Syst. 260, 110114 (2023)","journal-title":"Knowl.-Based Syst."},{"key":"4_CR19","doi-asserted-by":"publisher","first-page":"449","DOI":"10.1016\/j.procs.2023.01.027","volume":"218","author":"S Srivastava","year":"2023","unstructured":"Srivastava, S., Paul, B., Gupta, D.: Study of word embeddings for enhanced cyber security named entity recognition. Procedia Comput. Sci. 218, 449\u2013460 (2023)","journal-title":"Procedia Comput. Sci."},{"key":"4_CR20","doi-asserted-by":"crossref","unstructured":"Sun, S., Huang, C., Wu, T., Shen, Y.: SecTKG: a knowledge graph for open-source security tools. Int. J. Intell. Syst. 2023 (2023)","DOI":"10.1155\/2023\/4464974"},{"key":"4_CR21","unstructured":"Malwarebytes: North Korea\u2019s lazarus apt leverages windows update client, GitHub in latest campaign (2022). https:\/\/www.malwarebytes.com\/blog\/threat-intelligence\/2022\/01\/north-koreas-lazarus-apt-leverages-windows-update-client-github-in-latest-campaign"},{"key":"4_CR22","doi-asserted-by":"crossref","unstructured":"Deng, Y., Chen, K., Shen, Y., Jin, H.: Adversarial active learning for sequences labeling and generation. In: IJCAI, pp. 4012\u20134018 (2018)","DOI":"10.24963\/ijcai.2018\/558"},{"key":"4_CR23","unstructured":"Reichart, R., Tomanek, K., Hahn, U., Rappoport, A.: Multi-task active learning for linguistic annotations. In: Proceedings of ACL-08: HLT, pp. 861\u2013869 (2008)"},{"key":"4_CR24","doi-asserted-by":"crossref","unstructured":"Erdmann, A., et al.: Practical, efficient, and customizable active learning for named entity recognition in the digital humanities, pp. 2223\u20132234. Association for Computational Linguistics (2019)","DOI":"10.18653\/v1\/N19-1231"},{"key":"4_CR25","doi-asserted-by":"publisher","first-page":"34","DOI":"10.1016\/j.eswa.2018.07.032","volume":"114","author":"G Bekoulis","year":"2018","unstructured":"Bekoulis, G., Deleu, J., Demeester, T., Develder, C.: Joint entity recognition and relation extraction as a multi-head selection problem. Expert Syst. Appl. 114, 34\u201345 (2018)","journal-title":"Expert Syst. Appl."},{"key":"4_CR26","doi-asserted-by":"crossref","unstructured":"Yuan, Y., Zhou, X., Pan, S., Zhu, Q., Song, Z., Guo, L.: A relation-specific attention network for joint entity and relation extraction. In: International Joint Conference on Artificial Intelligence, pp. 4054\u20134060 (2021)","DOI":"10.24963\/ijcai.2020\/561"},{"key":"4_CR27","doi-asserted-by":"crossref","unstructured":"Bidirectional recurrent neural networks. IEEE Trans. Signal Process. 45(11), 2673\u20132681 (1997)","DOI":"10.1109\/78.650093"},{"key":"4_CR28","unstructured":"MITRE: MITRE ATT and CK (2023). https:\/\/attack.mitre.org\/"},{"issue":"1","key":"4_CR29","doi-asserted-by":"publisher","first-page":"98","DOI":"10.2307\/3213263","volume":"14","author":"A Lawrance","year":"1977","unstructured":"Lawrance, A., Lewis, P.: An exponential moving-average sequence and point process (EMA1). J. Appl. Probab. 14(1), 98\u2013113 (1977)","journal-title":"J. Appl. Probab."},{"key":"4_CR30","doi-asserted-by":"crossref","unstructured":"Zhang, Z., Strubell, E., Hovy, E.: A survey of active learning for natural language processing. In: Proceedings of the 2022 Conference on Empirical Methods in Natural Language Processing, pp. 6166\u20136190 (2022)","DOI":"10.18653\/v1\/2022.emnlp-main.414"},{"issue":"0704","key":"4_CR31","first-page":"1","volume":"298","author":"S Caltagirone","year":"2013","unstructured":"Caltagirone, S., Pendergast, A., Betz, C.: The diamond model of intrusion analysis. Threat Connect 298(0704), 1\u201361 (2013)","journal-title":"Threat Connect"},{"key":"4_CR32","doi-asserted-by":"crossref","unstructured":"Zhou, P., et al.: Attention-based bidirectional long short-term memory networks for relation classification. In: Proceedings of the 54th Annual Meeting of the Association for Computational Linguistics (Volume 2: Short Papers), pp. 207\u2013212 (2016)","DOI":"10.18653\/v1\/P16-2034"},{"key":"4_CR33","unstructured":"Zeng, D., Liu, K., Lai, S., Zhou, G., Zhao, J.: Relation classification via convolutional deep neural network. In: Proceedings of COLING 2014, the 25th International Conference on Computational Linguistics: Technical Papers, pp. 2335\u20132344 (2014)"},{"key":"4_CR34","unstructured":"Jiang, X., Wang, Q., Li, P., Wang, B.: Relation extraction with multi-instance multi-label convolutional neural networks. In: Proceedings of COLING 2016, the 26th International Conference on Computational Linguistics: Technical Papers, pp. 1471\u20131480 (2016)"},{"key":"4_CR35","doi-asserted-by":"crossref","unstructured":"Feng, J., Huang, M., Zhao, L., Yang, Y., Zhu, X.: Reinforcement learning for relation classification from noisy data. In: Proceedings of the AAAI Conference on Artificial Intelligence, pp. 5779\u20135786 (2018)","DOI":"10.1609\/aaai.v32i1.12063"},{"key":"4_CR36","doi-asserted-by":"crossref","unstructured":"Lin, Y., Shen, S., Liu, Z., Luan, H., Sun, M.: Neural relation extraction with selective attention over instances. In: Proceedings of the 54th Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers), pp. 2124\u20132133 (2016)","DOI":"10.18653\/v1\/P16-1200"},{"key":"4_CR37","doi-asserted-by":"crossref","unstructured":"Zhang, Y., Qi, P., Manning, C.D.: Graph convolution over pruned dependency trees improves relation extraction. In: Proceedings of the 2018 Conference on Empirical Methods in Natural Language Processing, pp. 2205\u20132215 (2018)","DOI":"10.18653\/v1\/D18-1244"},{"key":"4_CR38","doi-asserted-by":"crossref","unstructured":"Guo, Z., Zhang, Y., Lu, W.: Attention guided graph convolutional networks for relation extraction. In: Proceedings of the 57th Annual Meeting of the Association for Computational Linguistics, pp. 241\u2013251 (2019)","DOI":"10.18653\/v1\/P19-1024"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Digital Forensics and Cyber Crime"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-89363-6_4","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,5,24]],"date-time":"2025-05-24T07:47:37Z","timestamp":1748072857000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-89363-6_4"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025]]},"ISBN":["9783031893629","9783031893636"],"references-count":38,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-89363-6_4","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"value":"1867-8211","type":"print"},{"value":"1867-822X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025]]},"assertion":[{"value":"25 May 2025","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ICDF2C","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Digital Forensics and Cyber Crime","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Dubrovnik","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Croatia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2024","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"9 October 2024","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10 October 2024","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icdf2c2024","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/icdf2c.eai-conferences.org\/2024\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}