{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,23]],"date-time":"2026-04-23T10:12:36Z","timestamp":1776939156683,"version":"3.51.4"},"reference-count":157,"publisher":"Association for Computing Machinery (ACM)","issue":"12","license":[{"start":{"date-parts":[[2023,3,2]],"date-time":"2023-03-02T00:00:00Z","timestamp":1677715200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"NSA Science of Security award","award":["H98230-17-D-0080"],"award-info":[{"award-number":["H98230-17-D-0080"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Comput. Surv."],"published-print":{"date-parts":[[2023,12,31]]},"abstract":"<jats:p>\n            Cybersecurity researchers have contributed to the automated extraction of CTI from textual sources, such as threat reports and online articles describing cyberattack strategies, procedures, and tools.\n            <jats:italic>The goal of this article is to aid cybersecurity researchers in understanding the current techniques used for cyberthreat intelligence extraction from text through a survey of relevant studies in the literature.<\/jats:italic>\n            Our work finds 11 types of extraction purposes and 7 types of textual sources for CTI extraction. We observe the technical challenges associated with obtaining available clean and labeled data for replication, validation, and further extension of the studies. We advocate for building upon the current CTI extraction work to help cybersecurity practitioners with proactive decision-making such as in threat prioritization and mitigation strategy formulation to utilize knowledge from past cybersecurity incidents.\n          <\/jats:p>","DOI":"10.1145\/3571726","type":"journal-article","created":{"date-parts":[[2022,11,22]],"date-time":"2022-11-22T11:54:25Z","timestamp":1669118065000},"page":"1-36","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":48,"title":["What Are the Attackers Doing Now? Automating Cyberthreat Intelligence Extraction from Text on Pace with the Changing Threat Landscape: A Survey"],"prefix":"10.1145","volume":"55","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-4980-7350","authenticated-orcid":false,"given":"Md Rayhanur","family":"Rahman","sequence":"first","affiliation":[{"name":"North Carolina State University, Raleigh, NC, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9761-4361","authenticated-orcid":false,"given":"Rezvan Mahdavi","family":"Hezaveh","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC, USA"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3300-6540","authenticated-orcid":false,"given":"Laurie","family":"Williams","sequence":"additional","affiliation":[{"name":"North Carolina State University, Raleigh, NC, USA"}]}],"member":"320","published-online":{"date-parts":[[2023,3,2]]},"reference":[{"key":"e_1_3_3_2_2","unstructured":"AZSecure Portal. Retrieved from www.azsecure-data.org."},{"key":"e_1_3_3_3_2","unstructured":"Cambridge crime dataset. Retrieved from www.cambridgecybercrime.uk\/."},{"key":"e_1_3_3_4_2","unstructured":"Chainsmith. Retrieved from https:\/\/ioc-chainsmith org."},{"key":"e_1_3_3_5_2","unstructured":"Cybersixgill. Retrieved from https:\/\/www.cybersixgill.com\/."},{"key":"e_1_3_3_6_2","unstructured":"Exploit Database. Retrieved from https:\/\/www.exploit-db.com\/."},{"key":"e_1_3_3_7_2","unstructured":"Featuresmith. Retrieved from http:\/\/featuresmith.org."},{"key":"e_1_3_3_8_2","unstructured":"Github aptnotes. Retrieved from https:\/\/github.com\/aptnotes\/data."},{"key":"e_1_3_3_9_2","unstructured":"Github aritter. Retrieved from https:\/\/github.com\/aritter\/twitter_nlp."},{"key":"e_1_3_3_10_2","unstructured":"Github behzadanksu. Retrieved from https:\/\/github.com\/behzadanksu\/cybertweets."},{"key":"e_1_3_3_11_2","unstructured":"Github Cybermonitor. Retrieved from https:\/\/github.com\/CyberMonitor\/APT_CyberCriminal_Campagin_Collections."},{"key":"e_1_3_3_12_2","unstructured":"Github das-lab. Retrieved from https:\/\/github.com\/das-lab\/Cyberthreat-Detection."},{"key":"e_1_3_3_13_2","unstructured":"Github DissectMalware. Retrieved from https:\/\/github.com\/DissectMalware\/IoCMiner."},{"key":"e_1_3_3_14_2","unstructured":"Github eyalmazuz. Retrieved from https:\/\/github.com\/eyalmazuz\/AttackAttributionDataset."},{"key":"e_1_3_3_15_2","unstructured":"Github HongyiZhu. Retrieved from https:\/\/github.com\/HongyiZhu."},{"key":"e_1_3_3_16_2","unstructured":"Github kbandla. Retrieved from https:\/\/github.com\/kbandla\/APTnotes."},{"key":"e_1_3_3_17_2","unstructured":"Github ksatvat. Retrieved from https:\/\/github.com\/ksatvat\/Extractor."},{"key":"e_1_3_3_18_2","unstructured":"Github luoluoluoyl. Retrieved from https:\/\/github.com\/luoluoluoyl\/relation_extract_dataset."},{"key":"e_1_3_3_19_2","unstructured":"Github ndionysus. Retrieved from https:\/\/github.com\/ndionysus\/twitter-cyberthreat-detection."},{"key":"e_1_3_3_20_2","unstructured":"Github nicholasprayogo. Retrieved from https:\/\/github.com\/nicholasprayogo\/CyberATE."},{"key":"e_1_3_3_21_2","unstructured":"Github PEASEC. Retrieved from https:\/\/github.com\/PEASEC\/CySecAlert."},{"key":"e_1_3_3_22_2","unstructured":"Github Samsung. Retrieved from https:\/\/github.com\/Samsung\/Twiti."},{"key":"e_1_3_3_23_2","unstructured":"Github scu-igroup. Retrieved from https:\/\/github.com\/scu-igroup\/Attack-Technique-Dataset."},{"key":"e_1_3_3_24_2","unstructured":"Github stucco. Retrieved from https:\/\/github.com\/stucco\/auto-labeled-corpus."},{"key":"e_1_3_3_25_2","unstructured":"Github yimingwu510. Retrieved from https:\/\/github.com\/yimingwu510\/TAG."},{"key":"e_1_3_3_26_2","unstructured":"Hackmageddon. Retrieved from https:\/\/www.hackmageddon.com\/."},{"key":"e_1_3_3_27_2","unstructured":"Indicator of compromise - CSRC - NIST Glossary. Retrieved from https:\/\/csrc.nist.gov\/glossary\/term\/indicator_of_compromise. [accessed 15-June-2022]."},{"key":"e_1_3_3_28_2","unstructured":"IOT vulnerability data. Retrieved from https:\/\/www.kaggle.com\/salevizo\/tweets-related-unrelated-to-iot-vulnerabilities."},{"key":"e_1_3_3_29_2","unstructured":"Leak forum. Retrieved from http:\/\/leakforums.net\/thread-719337."},{"key":"e_1_3_3_30_2","unstructured":"NVD full listing. Retrieved from https:\/\/nvd.nist.gov\/vuln\/full-listing."},{"key":"e_1_3_3_31_2","unstructured":"Privacy rights clearinghouse. Retrieved from https:\/\/privacyrights.org\/data-breaches."},{"key":"e_1_3_3_32_2","unstructured":"Secbuzzer. Retrieved from http:\/\/secbuzzer.iii.org.tw\/."},{"key":"e_1_3_3_33_2","unstructured":"Stackexchange achieve. Retrieved from https:\/\/archive.org\/details\/stackexchange."},{"key":"e_1_3_3_34_2","unstructured":"Top Publications. Retrieved from: https:\/\/scholar.google.com\/citations?view_op=top_venues&hl=en&vq=eng_computersecuritycryptography."},{"key":"e_1_3_3_35_2","unstructured":"UMBC Ebiquity. Retrieved from http:\/\/ebiquity.umbc.edu\/r\/355."},{"key":"e_1_3_3_36_2","unstructured":"What is Open Indicators of Compromise (OpenIOC) Framework?Retrieved from https:\/\/cyware.com\/educational-guides\/cyber-threat-intelligence\/what-is-open-indicators-of-compromise-openioc-framework-ed9d."},{"key":"e_1_3_3_37_2","unstructured":"Working with ATTACK. Retrieved from https:\/\/attack.mitre.org\/docs\/enterprise-attack-v11.2\/enterprise-attack-v11.2-datasources.xlsx."},{"key":"e_1_3_3_38_2","unstructured":"Bank of England. 2016. CBEST Intelligence-Led Testing-Understanding Cyber Threat Intelligence Operations . Bank of England Technical Report."},{"key":"e_1_3_3_39_2","unstructured":"Staff Contributor. 2020. What is Threat Intelligence? Retrieved from https:\/\/www.dnsstuff.com\/what-is-threat-intelligence."},{"key":"e_1_3_3_40_2","article-title":"What is cyber threat intelligence","author":"Baker Kurt","year":"2022","unstructured":"Kurt Baker. 2022. What is cyber threat intelligence. Retrieved from https:\/\/www.crowdstrike.com\/epp-101\/threat-intelligence\/.","journal-title":"Retrieved from https:\/\/www.crowdstrike.com\/epp-101\/threat-intelligence\/"},{"key":"e_1_3_3_41_2","article-title":"University of Utah pays USD 457,000 to ransomware gang","author":"Cimpanu Catalin","year":"2020","unstructured":"Catalin Cimpanu. 2020. University of Utah pays USD 457,000 to ransomware gang. Retrieved from https:\/\/www.zdnet.com\/article\/university-of-utah-pays-457000-to-ransomware-gang\/.","journal-title":"Retrieved from https:\/\/www.zdnet.com\/article\/university-of-utah-pays-457000-to-ransomware-gang\/"},{"key":"e_1_3_3_42_2","doi-asserted-by":"publisher","DOI":"10.5555\/2787903"},{"issue":"4","key":"e_1_3_3_43_2","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3409289","article-title":"Proactively identifying emerging hacker threats from the dark web: A diachronic graph embedding framework (D-GEF)","volume":"23","year":"2020","unstructured":"Sagar Samtani, Hongyi Zhu, and Hsinchun Chen. 2020. Proactively identifying emerging hacker threats from the dark web: A diachronic graph embedding framework (D-GEF). ACM Trans. Privac. Secur. 23, 4 (2020), 1\u201333.","journal-title":"ACM Trans. Privac. Secur."},{"key":"e_1_3_3_44_2","first-page":"236","volume-title":"IEEE 4th International Conference on Collaboration and Internet Computing (CIC)","year":"2018","unstructured":"Gbadebo Ayoade, Swarup Chandra, Latifur Khan, Kevin Hamlen, and Bhavani Thuraisingham. 2018. Automated threat report classification over multi-source data. In IEEE 4th International Conference on Collaboration and Internet Computing (CIC). IEEE, 236\u2013245."},{"key":"e_1_3_3_45_2","first-page":"1","volume-title":"Cyber Resilience Conference (CRC)","year":"2018","unstructured":"Mohamad Syahir Abdullah, Anazida Zainal, Mohd Aizaini Maarof, and Mohamad Nizam Kassim. 2018. Cyber-attack features for detecting cyber threat incidents from online news. In Cyber Resilience Conference (CRC). IEEE, 1\u20134."},{"issue":"1","key":"e_1_3_3_46_2","first-page":"371","article-title":"Cyber threat intelligence\u2014Issue and challenges","volume":"10","year":"2018","unstructured":"Md Sahrom Abu, Siti Rahayu Selamat, Aswami Ariffin, and Robiah Yusof. 2018. Cyber threat intelligence\u2014Issue and challenges. Indon. J. Electric. Eng. Comput. Sci. 10, 1 (2018), 371.","journal-title":"Indon. J. Electric. Eng. Comput. Sci."},{"key":"e_1_3_3_47_2","first-page":"9","volume-title":"49th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W)","year":"2019","unstructured":"Fernando Alves, Pedro Miguel Ferreira, and Alysson Bessani. 2019. Design of a classification model for a Twitter-based streaming threat monitor. In 49th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W). IEEE, 9\u201314."},{"key":"e_1_3_3_48_2","first-page":"1","volume-title":"IEEE Aerospace Conference","year":"2021","unstructured":"Ehsan Amjadian, Nicholas Prayogo, Serena McDonnell, Cathal Smyth, and Muhammad Rizwan Abid. 2021. Attended-over distributed specificity for information extraction in cybersecurity. In IEEE Aerospace Conference. IEEE, 1\u201312."},{"key":"e_1_3_3_49_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.is.2020.101586"},{"key":"e_1_3_3_50_2","first-page":"436","volume-title":"IEEE International Conference on Cyber Security and Resilience (CSR)","year":"2021","unstructured":"Sofia Alevizopoulou, Paris Koloveas, Christos Tryfonopoulos, and Paraskevi Raftopoulou. 2021. Social media monitoring for IoT cyber-threats. In IEEE International Conference on Cyber Security and Resilience (CSR). IEEE, 436\u2013441."},{"key":"e_1_3_3_51_2","first-page":"1","volume-title":"7th Symposium on Hot Topics in the Science of Security","year":"2020","unstructured":"Mohammad Al-Ramahi, Izzat Alsmadi, and Joshua Davenport. 2020. Exploring hackers assets: Topics of interest as indicators of compromise. In 7th Symposium on Hot Topics in the Science of Security. ACM, 1\u20134."},{"key":"e_1_3_3_52_2","unstructured":"Robert A. Bridges Corinne L. Jones Michael D. Iannacone Kelly M. Testa and John R. Goodall. 2014. Automatic Labeling for Entity Extraction in Cyber Security. Retrieved from http:\/\/arxiv.org\/abs\/1308.4941."},{"key":"e_1_3_3_53_2","first-page":"85","volume-title":"IEEE International Conference on Intelligence and Security Informatics (ISI)","year":"2015","unstructured":"Victor Benjamin, Weifeng Li, Thomas Holt, and Hsinchun Chen. 2015. Exploring threats and vulnerabilities in hacker web: Forums, IRC and carding shops. In IEEE International Conference on Intelligence and Security Informatics (ISI). IEEE, 85\u201390."},{"key":"e_1_3_3_54_2","first-page":"437","volume-title":"16th IEEE International Conference on Machine Learning and Applications (ICMLA)","year":"2017","unstructured":"Robert A. Bridges, Kelly M. T. Huffer, Corinne L. Jones, Michael D. Iannacone, and John R. Goodall. 2017. Cybersecurity automated information extraction techniques: Drawbacks of current methods, and enhanced extractors. In 16th IEEE International Conference on Machine Learning and Applications (ICMLA). IEEE, 437\u2013442."},{"key":"e_1_3_3_55_2","first-page":"5002","volume-title":"IEEE International Conference on Big Data (Big Data)","year":"2018","unstructured":"Vahid Behzadan, Carlos Aguirre, Avishek Bose, and William Hsu. 2018. Corpus and deep learning classifier for collection of cyber threat indicators in Twitter stream. In IEEE International Conference on Big Data (Big Data). IEEE, 5002\u20135007."},{"key":"e_1_3_3_56_2","first-page":"871","volume-title":"IEEE\/ACM International Conference on Advances in Social Networks Analysis and Mining","year":"2019","unstructured":"Avishek Bose, Vahid Behzadan, Carlos Aguirre, and William H. Hsu. 2019. A novel approach for detection and ranking of trendy and emerging cyber threat events in Twitter streams. In IEEE\/ACM International Conference on Advances in Social Networks Analysis and Mining. ACM, 871\u2013878."},{"key":"e_1_3_3_57_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-35231-8_51"},{"key":"e_1_3_3_58_2","first-page":"125","volume-title":"IEEE International Conference on Intelligence and Security Informatics","year":"2011","unstructured":"Richard Colbaugh and Kristin Glass. 2011. Proactive defense for evolving cyber threats. In IEEE International Conference on Intelligence and Security Informatics. IEEE, 125\u2013130."},{"key":"e_1_3_3_59_2","first-page":"203","volume-title":"ACM \/ IEEE International Symposium on Empirical Software Engineering and Measurement","year":"2013","unstructured":"Jeffrey C. Carver, Edgar Hassler, Elis Hernandes, and Nicholas A. Kraft. 2013. Identifying barriers to the systematic literature review process. In ACM \/ IEEE International Symposium on Empirical Software Engineering and Measurement. IEEE, 203\u2013212."},{"issue":"6","key":"e_1_3_3_60_2","first-page":"1126","article-title":"Retrieving potential cybersecurity information from hacker forums","volume":"23","year":"2021","unstructured":"Chia-Mei Chen, Dan-Wei Wen, Ya-Hui Ou, Wei-Chih Chao, and Zheng-Xun Cai. 2021. Retrieving potential cybersecurity information from hacker forums. Int. J. Netw. Secur. 23, 6 (2021), 1126\u20131138.","journal-title":"Int. J. Netw. Secur."},{"key":"e_1_3_3_61_2","first-page":"13","volume-title":"Computer Science & Information Technology (CS & IT)","year":"2021","unstructured":"Chia-Mei Chen, Jing-Yun Kan, Ya-Hui Ou, Zheng-Xun Cai, and Albert Guan. 2021. Threat action extraction using information retrieval. In Computer Science & Information Technology (CS & IT). AIRCC Publishing Corporation, 13\u201319."},{"key":"e_1_3_3_62_2","first-page":"3648","volume-title":"IEEE International Conference on Big Data (Big Data)","year":"2017","unstructured":"Isuf Deliu, Carl Leichter, and Katrin Franke. 2017. Extracting cyber threat intelligence from hacker forums: Support vector machines versus convolutional neural networks. In IEEE International Conference on Big Data (Big Data). IEEE, 3648\u20133656."},{"key":"e_1_3_3_63_2","first-page":"5008","volume-title":"IEEE International Conference on Big Data (Big Data)","year":"2018","unstructured":"Isuf Deliu, Carl Leichter, and Katrin Franke. 2018. Collecting cyber threat intelligence from hacker forums via a two-stage, hybrid process using support vector machines and latent Dirichlet allocation. In IEEE International Conference on Big Data (Big Data). IEEE, 5008\u20135013."},{"key":"e_1_3_3_64_2","first-page":"62","volume-title":"IEEE Conference on Big Data and Analytics (ICBDA)","year":"2018","unstructured":"Fangzhou Dong, Shaoxian Yuan, Haoran Ou, and Liang Liu. 2018. New cyber threat discovery from darknet marketplaces. In IEEE Conference on Big Data and Analytics (ICBDA). IEEE, 62\u201367."},{"key":"e_1_3_3_65_2","first-page":"1","volume-title":"International Joint Conference on Neural Networks (IJCNN)","year":"2019","unstructured":"Nuno Dion\u00edsio, Fernando Alves, Pedro M. Ferreira, and Alysson Bessani. 2019. Cyberthreat detection from Twitter using deep neural networks. In International Joint Conference on Neural Networks (IJCNN). IEEE, 1\u20138."},{"issue":"17","key":"e_1_3_3_66_2","doi-asserted-by":"crossref","first-page":"5922","DOI":"10.3390\/app10175922","article-title":"Detecting cyber threat event from Twitter using IDCNN and BiLSTM","volume":"10","year":"2020","unstructured":"Yong Fang, Jian Gao, Zhonglin Liu, and Cheng Huang. 2020. Detecting cyber threat event from Twitter using IDCNN and BiLSTM. Appl. Sci. 10, 17 (2020), 5922.","journal-title":"Appl. Sci."},{"issue":"2","key":"e_1_3_3_67_2","doi-asserted-by":"crossref","first-page":"220","DOI":"10.3390\/diagnostics11020220","article-title":"Two-dimensional aortic size normalcy: A novelty detection approach","volume":"11","year":"2021","unstructured":"Paolo Frasconi, Daniele Baracchi, Betti Giusti, Ada Kura, Gaia Spaziani, Antonella Cherubini, Silvia Favilli, Andrea Di Lenarda, Guglielmina Pepe, and Stefano Nistri. 2021. Two-dimensional aortic size normalcy: A novelty detection approach. Diagnostics 11, 2 (2021), 220.","journal-title":"Diagnostics"},{"key":"e_1_3_3_68_2","first-page":"13","volume-title":"IEEE International Conference on Intelligence and Security Informatics (ISI)","year":"2017","unstructured":"John Grisham, Sagar Samtani, Mark Patton, and Hsinchun Chen. 2017. Identifying mobile malware and key threat actors in online hacker forums for proactive cyber threat intelligence. In IEEE International Conference on Intelligence and Security Informatics (ISI). IEEE, 13\u201318."},{"key":"e_1_3_3_69_2","first-page":"129","volume-title":"International Conference on Frontiers of Information Technology (FIT)","year":"2018","unstructured":"Yumna Ghazi, Zahid Anwar, Rafia Mumtaz, Shahzad Saleem, and Ali Tahir. 2018. A supervised machine learning based approach for automatically extracting high-level threat intelligence from unstructured sources. In International Conference on Frontiers of Information Technology (FIT). IEEE, 129\u2013134."},{"issue":"19","key":"e_1_3_3_70_2","doi-asserted-by":"crossref","first-page":"3945","DOI":"10.3390\/app9193945","article-title":"Information extraction of cybersecurity concepts: An LSTM approach","volume":"9","year":"2019","unstructured":"Houssem Gasmi, Jannik Laval, and Abdelaziz Bouras. 2019. Information extraction of cybersecurity concepts: An LSTM approach. Appl. Sci. 9, 19 (2019), 3945.","journal-title":"Appl. Sci."},{"key":"e_1_3_3_71_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-33846-6_32"},{"key":"e_1_3_3_72_2","first-page":"103","volume-title":"33rd Annual Computer Security Applications Conference","year":"2017","unstructured":"Ghaith Husari, Ehab Al-Shaer, Mohiuddin Ahmed, Bill Chu, and Xi Niu. 2017. TTPDrill: Automatic and accurate extraction of threat actions from unstructured text of CTI sources. In 33rd Annual Computer Security Applications Conference. ACM, 103\u2013115."},{"key":"e_1_3_3_73_2","first-page":"1","volume-title":"IEEE International Conference on Intelligence and Security Informatics (ISI)","year":"2018","unstructured":"Ghaith Husari, Xi Niu, Bill Chu, and Ehab Al-Shaer. 2018. Using entropy and mutual information to extract threat actions from cyber threat intelligence. In IEEE International Conference on Intelligence and Security Informatics (ISI). IEEE, 1\u20136."},{"key":"e_1_3_3_74_2","first-page":"107","volume-title":"6th Workshop on Noisy User-generated Text (W-NUT\u201920)","year":"2020","unstructured":"Jack Hughes, Seth Aycock, Andrew Caines, Paula Buttery, and Alice Hutchings. 2020. Detecting trending terms in cybersecurity forum discussions. In 6th Workshop on Noisy User-generated Text (W-NUT\u201920). Association for Computational Linguistics, 107\u2013115."},{"issue":"5","key":"e_1_3_3_75_2","doi-asserted-by":"crossref","first-page":"155014772110151","DOI":"10.1177\/15501477211015145","article-title":"HackerRank: Identifying key hackers in underground forums","volume":"17","year":"2021","unstructured":"Cheng Huang, Yongyan Guo, Wenbo Guo, and Ying Li. 2021. HackerRank: Identifying key hackers in underground forums. Int. J. Distrib. Sensor Netw. 17, 5 (2021), 155014772110151.","journal-title":"Int. J. Distrib. Sensor Netw."},{"key":"e_1_3_3_76_2","first-page":"241","volume-title":"International Conference on Frontiers of Information Technology (FIT)","year":"2018","unstructured":"Zafar Iqbal, Zahid Anwar, and Rafia Mumtaz. 2018. STIXGEN - A novel framework for automatic generation of structured cyber threat information. In International Conference on Frontiers of Information Technology (FIT). IEEE, 241\u2013246."},{"key":"e_1_3_3_77_2","first-page":"463","volume-title":"23rd International Conference on Control Systems and Computer Science (CSCS)","year":"2021","unstructured":"Denis Iorga, Dragos-Georgian Corlatescu, Octavian Grigorescu, Cristian Sandescu, Mihai Dascalu, and Razvan Rughinis. 2021. Yggdrasil - Early detection of cybernetic vulnerabilities from Twitter. In 23rd International Conference on Control Systems and Computer Science (CSCS). IEEE, 463\u2013468."},{"key":"e_1_3_3_78_2","first-page":"252","volume-title":"IEEE 7th International Conference on Semantic Computing","year":"2013","unstructured":"Arnav Joshi, Ravendar Lal, Tim Finin, and Anupam Joshi. 2013. Extracting cybersecurity related linked data from text. In IEEE 7th International Conference on Semantic Computing. IEEE, 252\u2013259."},{"key":"e_1_3_3_79_2","first-page":"1","volume-title":"10th Annual Cyber and Information Security Research Conference","year":"2015","unstructured":"Corinne L. Jones, Robert A. Bridges, Kelly M. T. Huffer, and John R. Goodall. 2015. Towards a relation extraction framework for cyber-security concepts. In 10th Annual Cyber and Information Security Research Conference. ACM, 1\u20134."},{"key":"e_1_3_3_80_2","first-page":"196","volume-title":"IEEE\/ACM International Conference on Advances in Social Networks Analysis and Mining","year":"2019","unstructured":"Taoran Ji, Xuchao Zhang, Nathan Self, Kaiqun Fu, Chang-Tien Lu, and Naren Ramakrishnan. 2019. Feature driven learning framework for cybersecurity event detection. In IEEE\/ACM International Conference on Advances in Social Networks Analysis and Mining. ACM, 196\u2013203."},{"key":"e_1_3_3_81_2","first-page":"1049","volume-title":"ACM Conference on Information and Knowledge Management","year":"2017","unstructured":"Rupinder Paul Khandpur, Taoran Ji, Steve Jan, Gang Wang, Chang-Tien Lu, and Naren Ramakrishnan. 2017. Crowdsourcing cybersecurity: Cyber attack detection using social media. In ACM Conference on Information and Knowledge Management. ACM, 1049\u20131057."},{"key":"e_1_3_3_82_2","first-page":"200","volume-title":"IEEE International Conference on Intelligence and Security Informatics (ISI)","year":"2019","unstructured":"Masashi Kadoguchi, Shota Hayashi, Masaki Hashimoto, and Akira Otsuka. 2019. Exploring the dark web for cyber threat intelligence using machine leaning. In IEEE International Conference on Intelligence and Security Informatics (ISI). IEEE, 200\u2013202."},{"key":"e_1_3_3_83_2","first-page":"10","volume-title":"3rd International Symposium of Information and Internet Technology (SYMINTECH\u201918)","year":"2019","unstructured":"Nakhyun Kim, Minseok Kim, Seulgi Lee, Hyeisun Cho, Byung-ik Kim, Jun-hyung Park, and MoonSeog Jun. 2019. Study of natural language processing for collecting cyber threat intelligence using SyntaxNet. In 3rd International Symposium of Information and Internet Technology (SYMINTECH\u201918). Springer International Publishing, 10\u201318."},{"key":"e_1_3_3_84_2","doi-asserted-by":"publisher","DOI":"10.3390\/electronics10070818"},{"key":"e_1_3_3_85_2","first-page":"755","volume-title":"ACM SIGSAC Conference on Computer and Communications Security","year":"2016","unstructured":"Xiaojing Liao, Kan Yuan, XiaoFeng Wang, Zhou Li, Luyi Xing, and Raheem Beyah. 2016. Acing the IOC game: Toward automatic discovery and analysis of open-source cyber threat intelligence. In ACM SIGSAC Conference on Computer and Communications Security. ACM, 755\u2013766."},{"key":"e_1_3_3_86_2","doi-asserted-by":"publisher","DOI":"10.1007\/s00500-016-2265-0"},{"key":"e_1_3_3_87_2","first-page":"1","volume-title":"12th International Conference on Availability, Reliability and Security","year":"2017","unstructured":"Quentin Le Sceller, ElMouatez Billah Karbab, Mourad Debbabi, and Farkhund Iqbal. 2017. SONAR: Automatic detection of cyber security events over the Twitter stream. In 12th International Conference on Availability, Reliability and Security. ACM, 1\u201311."},{"key":"e_1_3_3_88_2","first-page":"741","volume-title":"IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computing, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld\/SCALCOM\/UIC\/ATC\/CBDCom\/IOP\/SCI)","year":"2018","unstructured":"Ke Li, Hui Wen, Hong Li, Hongsong Zhu, and Limin Sun. 2018. Security OSIF: Toward automatic discovery and analysis of event based cyber threat intelligence. In IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computing, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation (SmartWorld\/SCALCOM\/UIC\/ATC\/CBDCom\/IOP\/SCI). IEEE, 741\u2013747."},{"key":"e_1_3_3_89_2","first-page":"1","volume-title":"International Joint Conference on Neural Networks (IJCNN)","year":"2019","unstructured":"Zi Long, Lianzhi Tan, Shengping Zhou, Chaoyang He, and Xin Liu. 2019. Collecting indicators of compromise from unstructured text of cybersecurity articles using neural-based sequence labelling. In International Joint Conference on Neural Networks (IJCNN). IEEE, 1\u20138."},{"key":"e_1_3_3_90_2","first-page":"428","volume-title":"2nd International Conference on Safety Produce Informatization (IICSPI)","year":"2019","unstructured":"Mengming Li, Rongfeng Zheng, Liang Liu, and Pin Yang. 2019. Extraction of threat actions from threat-related articles using multi-label machine learning classification method. In 2nd International Conference on Safety Produce Informatization (IICSPI). IEEE, 428\u2013431."},{"key":"e_1_3_3_91_2","first-page":"316","volume-title":"International Conference on Cyberworlds (CW)","year":"2019","unstructured":"Ba Dung Le, Guanhua Wang, Mehwish Nasim, and Ali Babar. 2019. Gathering cyber threat intelligence from Twitter using novelty classification. In International Conference on Cyberworlds (CW). IEEE, 316\u2013323."},{"key":"e_1_3_3_92_2","volume-title":"Retrieving ATT&CK tactics and techniques in cyber threat reports","year":"2019","unstructured":"Valentine Solange Marine Legoy. 2019. Retrieving ATT&CK tactics and techniques in cyber threat reports. Master\u2019s thesis. University of Twente. Retrieved from http:\/\/essay.utwente.nl\/80012\/."},{"key":"e_1_3_3_93_2","first-page":"1","volume-title":"29th International Conference on Computer Communications and Networks (ICCCN)","year":"2020","unstructured":"Dong Li, Xiao Zhou, and Ao Xue. 2020. Open source threat intelligence discovery based on topic detection. In 29th International Conference on Computer Communications and Networks (ICCCN). IEEE, 1\u20134."},{"key":"e_1_3_3_94_2","first-page":"193","volume-title":"Advances in Digital Forensics XVII","year":"2021","unstructured":"Yali Luo, Shengqin Ao, Ning Luo, Changxin Su, Peian Yang, and Zhengwei Jiang. 2021. Extracting threat intelligence relations using distant supervision and neural networks. In Advances in Digital Forensics XVII. Vol. 612. Springer International Publishing, 193\u2013211."},{"key":"e_1_3_3_95_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2021.102784"},{"key":"e_1_3_3_96_2","first-page":"257","volume-title":"IEEE\/WIC\/ACM International Conferences on Web Intelligence and Intelligent Agent Technology","year":"2011","unstructured":"Varish Mulwad, Wenjia Li, Anupam Joshi, Tim Finin, and Krishnamurthy Viswanathan. 2011. Extracting information about security vulnerabilities from web text. In IEEE\/WIC\/ACM International Conferences on Web Intelligence and Intelligent Agent Technology. IEEE, 257\u2013260."},{"key":"e_1_3_3_97_2","first-page":"926","volume-title":"IEEE\/ACM International Conference on Advances in Social Networks Analysis and Mining","year":"2015","unstructured":"Mitch Macdonald, Richard Frank, Joseph Mei, and Bryan Monk. 2015. Identifying digital threats in a hacker web forum. In IEEE\/ACM International Conference on Advances in Social Networks Analysis and Mining. ACM, 926\u2013933."},{"key":"e_1_3_3_98_2","first-page":"860","volume-title":"IEEE\/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM)","year":"2016","unstructured":"Sudip Mittal, Prajit Kumar Das, Varish Mulwad, Anupam Joshi, and Tim Finin. 2016. CyberTwitter: Using Twitter to generate alerts for cybersecurity threats and vulnerabilities. In IEEE\/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM). IEEE, 860\u2013867."},{"key":"e_1_3_3_99_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2016.02.048"},{"key":"e_1_3_3_100_2","first-page":"7","volume-title":"IEEE Conference on Intelligence and Security Informatics (ISI)","year":"2016","unstructured":"Eric Nunes, Ahmad Diab, Andrew Gunn, Ericsson Marin, Vineet Mishra, and Vivin Paliath, John Robertson, Jana Shakarian, Amanda Thart, and Paulo Shakarian. 2016. Darknet and deepnet mining for proactive cybersecurity threat intelligence. In IEEE Conference on Intelligence and Security Informatics (ISI). IEEE, 7\u201312."},{"key":"e_1_3_3_101_2","first-page":"7","volume-title":"IEEE International Conference on Intelligence and Security Informatics (ISI)","year":"2018","unstructured":"Lorenzo Neil, Sudip Mittal, and Anupam Joshi. 2018. Mining threat intelligence about open-source projects and libraries from code repository issues and bug reports. In IEEE International Conference on Intelligence and Security Informatics (ISI). IEEE, 7\u201312."},{"key":"e_1_3_3_102_2","first-page":"2995","volume-title":"IEEE International Conference on Big Data (Big Data)","year":"2018","unstructured":"Amirreza Niakanlahiji, Jinpeng Wei, and Bei-Tseng Chu. 2018. A natural language processing based trend analysis of advanced persistent threat techniques. In IEEE International Conference on Big Data (Big Data). IEEE, 2995\u20133000."},{"key":"e_1_3_3_103_2","first-page":"4747","volume-title":"IEEE International Conference on Big Data (Big Data)","year":"2019","unstructured":"Amirreza Niakanlahiji, Lida Safarnejad, Reginald Harper, and Bei-Tseng Chu. 2019. IoCMiner: Automatic extraction of indicators of compromise from Twitter. In IEEE International Conference on Big Data (Big Data). IEEE, 4747\u20134754."},{"key":"e_1_3_3_104_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2019.02.013"},{"key":"e_1_3_3_105_2","doi-asserted-by":"publisher","DOI":"10.2197\/ipsjjip.27.802"},{"key":"e_1_3_3_106_2","volume-title":"Actionable Information for Security Incident Response","year":"2014","unstructured":"Pawe\u0142 Pawlinski, Przemylaw Jaroszewski, Piotr Kijewski, Lukasz Siewierski, Pawel Jacewicz, Przemyslaw Zielony, and Radoslaw Zuber. 2014. Actionable Information for Security Incident Response. Technical Report. European Union Agency for Network and Information Security."},{"key":"e_1_3_3_107_2","first-page":"80","volume-title":"IEEE International Conference on Intelligence and Security Informatics (ISI)","year":"2019","unstructured":"Lior Perry, Bracha Shapira, and Rami Puzis. 2019. NO-DOUBT: Attack attribution based on threat intelligence reports. In IEEE International Conference on Intelligence and Security Informatics (ISI). IEEE, 80\u201385."},{"key":"e_1_3_3_108_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.3039234"},{"key":"e_1_3_3_109_2","first-page":"354","volume-title":"IEEE International Conference on Cyber Security and Resilience (CSR)","year":"2021","unstructured":"Panos Panagiotou, Christos Iliou, Konstantinos Apostolou, Theodora Tsikrika, Stefanos Vrochidis, Periklis Chatzimisios, and Ioannis Kompatsiaris. 2021. Towards selecting informative content for cyber threat intelligence. In IEEE International Conference on Cyber Security and Resilience (CSR). IEEE, 354\u2013359."},{"key":"e_1_3_3_110_2","first-page":"41","volume-title":"4th International Conference on Cyber-technologies and Cyber-systems","year":"2019","unstructured":"Andrei Lima Queiroz, Susan Mckeever, and Brian Keegan. 2019. Eavesdropping hackers: Detecting software vulnerability communication on social media using text mining. In 4th International Conference on Cyber-technologies and Cyber-systems. 41\u201348."},{"key":"e_1_3_3_111_2","first-page":"896","volume-title":"24th International Conference on World Wide Web","year":"2015","unstructured":"Alan Ritter, Evan Wright, William Casey, and Tom Mitchell. 2015. Weakly supervised extraction of computer security events from Twitter. In 24th International Conference on World Wide Web. International World Wide Web Conferences Steering Committee, 896\u2013905."},{"key":"e_1_3_3_112_2","first-page":"181","volume-title":"10th Innovations in Software Engineering Conference","year":"2017","unstructured":"Roshni R. Ramnani, Karthik Shivaram, and Shubhashis Sengupta. 2017. Semi-automated Information extraction from unstructured threat advisories. In 10th Innovations in Software Engineering Conference. ACM, 181\u2013187."},{"key":"e_1_3_3_113_2","first-page":"516","volume-title":"International Conference on Data Mining Workshops (ICDMW)","year":"2020","unstructured":"Md Rayhanur Rahman, Rezvan Mahdavi-Hezaveh, and Laurie Williams. 2020. A literature review on mining cyberthreat intelligence from unstructured texts. In International Conference on Data Mining Workshops (ICDMW). IEEE, 516\u2013525."},{"key":"e_1_3_3_114_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-86890-1_24"},{"key":"e_1_3_3_115_2","first-page":"31","volume-title":"IEEE International Conference on Intelligence and Security Informatics (ISI)","year":"2015","unstructured":"Sagar Samtani, Ryan Chinn, and Hsinchun Chen. 2015. Exploring hacker assets in underground forums. In IEEE International Conference on Intelligence and Security Informatics (ISI). IEEE, 31\u201336."},{"key":"e_1_3_3_116_2","first-page":"1041","volume-title":"24th USENIX Security Symposium (USENIX\u201915)","year":"2015","unstructured":"Carl Sabottke, Octavian Suciu, and Tudor Dumitra\u015f. 2015. Vulnerability disclosure in the age of social media: Exploiting Twitter for predicting real-world exploits. In 24th USENIX Security Symposium (USENIX\u201915). USENIX, 1041\u20131056."},{"key":"e_1_3_3_117_2","first-page":"19","volume-title":"IEEE Conference on Intelligence and Security Informatics (ISI)","year":"2016","unstructured":"Sagar Samtani, Kory Chinn, Cathy Larson, and Hsinchun Chen. 2016. AZSecure hacker assets portal: Cyber threat intelligence and malware analysis. In IEEE Conference on Intelligence and Security Informatics (ISI). IEEE, 19\u201324."},{"key":"e_1_3_3_118_2","unstructured":"Zareen Syed Ankur Padia Timothy W. Finin Lisa Mathews and Anupam Joshi. 2016. UCO: A unified cybersecurity ontology. In Proceeding of the AAAI Workshop: Artificial Intelligence for Cyber Security ."},{"key":"e_1_3_3_119_2","first-page":"667","volume-title":"IEEE International Conference on Data Mining Workshops (ICDMW)","year":"2017","unstructured":"Anna Sapienza, Alessandro Bessi, Saranya Damodaran, Paulo Shakarian, Kristina Lerman, and Emilio Ferrara. 2017. Early warnings of cyber threats in online discussions. In IEEE International Conference on Data Mining Workshops (ICDMW). IEEE, 667\u2013674."},{"key":"e_1_3_3_120_2","doi-asserted-by":"publisher","DOI":"10.1080\/07421222.2017.1394049"},{"key":"e_1_3_3_121_2","first-page":"837","volume-title":"13th International Conference on Wirtschaftsinformatik (WI\u201917)","year":"2017","unstructured":"Clemens Sauerwein, Christian Sillaber, Andrea Mussmann, and Ruth Breu. 2017. Threat intelligence sharing platforms: An exploratory study of software vendors and research perspectives. In 13th International Conference on Wirtschaftsinformatik (WI\u201917). 837\u2013851."},{"key":"e_1_3_3_122_2","first-page":"983","volume-title":"the Web Conference","year":"2018","unstructured":"Anna Sapienza, Sindhu Kiranmai Ernala, Alessandro Bessi, Kristina Lerman, and Emilio Ferrara. 2018. DISCOVER: Mining online chatter for emerging cyber threats. In the Web Conference. ACM Press, 983\u2013990."},{"key":"e_1_3_3_123_2","doi-asserted-by":"publisher","DOI":"10.3390\/electronics9091527"},{"key":"e_1_3_3_124_2","first-page":"598","volume-title":"IEEE European Symposium on Security and Privacy (EuroS&P)","year":"2021","unstructured":"Kiavash Satvat, Rigel Gjomemo, and V. N. Venkatakrishnan. 2021. Extractor: Extracting attack behavior from threat reports. In IEEE European Symposium on Security and Privacy (EuroS&P). IEEE, 598\u2013615."},{"key":"e_1_3_3_125_2","first-page":"92","volume-title":"the Web Conference","year":"2021","unstructured":"Hyejin Shin, WooChul Shim, Saebom Kim, Sol Lee, Yong Goo Kang, and Yong Ho Hwang. 2021. #Twiti: Social listening for threat intelligence. In the Web Conference. ACM, 92\u2013104."},{"key":"e_1_3_3_126_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2017.09.001"},{"key":"e_1_3_3_127_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jss.2018.06.073"},{"key":"e_1_3_3_128_2","first-page":"5381","volume-title":"Conference on Empirical Methods in Natural Language Processing (EMNLP)","year":"2020","unstructured":"Hieu Man Duc Trong, Duc-Trong Le, Amir Pouran Ben Veyseh, Thu\u00e2t Nguy\u00ean, and Thien Huu Nguyen. 2020. Introducing a new dataset for event detection in cybersecurity texts. In Conference on Empirical Methods in Natural Language Processing (EMNLP). Association for Computational Linguistics, 5381\u20135390."},{"key":"e_1_3_3_129_2","first-page":"82","volume-title":"5th International Symposium on Multidisciplinary Studies and Innovative Technologies (ISMSIT)","year":"2021","unstructured":"U\u011fur Tekin and Ercan Nurcan Yilmaz. 2021. Obtaining cyber threat intelligence data from Twitter with deep learning methods. In 5th International Symposium on Multidisciplinary Studies and Innovative Technologies (ISMSIT). IEEE, 82\u201386."},{"key":"e_1_3_3_130_2","volume-title":"Handbook of Big Data Analytics and Forensics","unstructured":"Aaruni Upadhyay, Samira Eisaloo Gharghasheh, and Sanaz Nakhodchi. Mapping CKC model through NLP modelling for APT groups reports. In Handbook of Big Data Analytics and Forensics. Springer International Publishing."},{"key":"e_1_3_3_131_2","volume-title":"Experimentation in Software Engineering","year":"2012","unstructured":"Claes Wohlin, Per Runeson, Martin H\u00f6st, Magnus C. Ohlsson, Bj\u00f6rn Regnell, and Anders Wessl\u00e9n. 2012. Experimentation in Software Engineering. Springer Berlin."},{"key":"e_1_3_3_132_2","first-page":"94","volume-title":"IEEE International Conference on Intelligence and Security Informatics (ISI)","year":"2018","unstructured":"Ryan Williams, Sagar Samtani, Mark Patton, and Hsinchun Chen. 2018. Incremental hacker forum exploit collection and classification for proactive cyber threat intelligence: An exploratory study. In IEEE International Conference on Intelligence and Security Informatics (ISI). IEEE, 94\u201399."},{"key":"e_1_3_3_133_2","first-page":"197","volume-title":"IEEE International Conference on Intelligence and Security Informatics (ISI)","year":"2019","unstructured":"Tianyi Wang and Kam Pui Chow. 2019. Automatic tagging of cyber threat intelligence unstructured data using semantics extraction. In IEEE International Conference on Intelligence and Security Informatics (ISI). IEEE, 197\u2013199."},{"key":"e_1_3_3_134_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.101589"},{"key":"e_1_3_3_135_2","first-page":"262","volume-title":"IEEE 24th International Conference on Computer Supported Cooperative Work in Design (CSCWD)","year":"2021","unstructured":"Xuren Wang, Rong Chen, Binghua Song, Jie Yang, Zhengwei Jiang, Xiaoqing Zhang, Xiaomeng Li, and Shengqin Ao. 2021. A method for extracting unstructured threat intelligence based on dictionary template and reinforcement learning. In IEEE 24th International Conference on Computer Supported Cooperative Work in Design (CSCWD). IEEE, 262\u2013267."},{"key":"e_1_3_3_136_2","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1109\/TDSC.2021.3120415","article-title":"Price TAG: Towards semi-automatically discovery tactics, techniques and procedures of e-Commerce cyber threat intelligence","year":"2021","unstructured":"Yiming Wu, Qianjun Liu, Xiaojing Liao, Shouling Ji, Peng Wang, Xiaofeng Wang, Chunming Wu, and Zhao Li. 2021. Price TAG: Towards semi-automatically discovery tactics, techniques and procedures of e-Commerce cyber threat intelligence. IEEE Trans. Depend. Secure Comput. (2021), 1\u20131.","journal-title":"IEEE Trans. Depend. Secure Comput."},{"key":"e_1_3_3_137_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.03.010"},{"key":"e_1_3_3_138_2","doi-asserted-by":"crossref","unstructured":"Expert Syst. Applic. 2019 120 FAST2: An intelligent assistant for finding relevant papers","DOI":"10.1016\/j.eswa.2018.11.021"},{"key":"e_1_3_3_139_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-41579-2_9"},{"key":"e_1_3_3_140_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2010.12.010"},{"key":"e_1_3_3_141_2","first-page":"767","volume-title":"ACM SIGSAC Conference on Computer and Communications Security","year":"2016","unstructured":"Ziyun Zhu and Tudor Dumitra\u015f. 2016. FeatureSmith: Automatically engineering features for malware detection by mining the security literature. In ACM SIGSAC Conference on Computer and Communications Security. ACM, 767\u2013778."},{"key":"e_1_3_3_142_2","first-page":"458","volume-title":"IEEE European Symposium on Security and Privacy (EuroS&P)","year":"2018","unstructured":"Ziyun Zhu and Tudor Dumitras. 2018. ChainSmith: Automatically learning the semantics of malicious campaigns by mining threat intelligence reports. In IEEE European Symposium on Security and Privacy (EuroS&P). IEEE, 458\u2013472."},{"key":"e_1_3_3_143_2","first-page":"1","volume-title":"IEEE Symposium on Computers and Communications (ISCC)","year":"2019","unstructured":"Panpan Zhang, Jing Ya, Tingwen Liu, Quangang Li, Jinqiao Shi, and Zhaojun Gu. 2019. iMCircle: Automatic mining of indicators of compromise from the web. In IEEE Symposium on Computers and Communications (ISCC). IEEE, 1\u20136."},{"key":"e_1_3_3_144_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101867"},{"key":"e_1_3_3_145_2","first-page":"1","article-title":"EX-action: Automatically extracting threat actions from cyber threat intelligence report based on multimodal learning","volume":"121","year":"2021","unstructured":"Huixia Zhang, Guowei Shen, Chun Guo, Yunhe Cui, and Chaohui Jiang. 2021. EX-action: Automatically extracting threat actions from cyber threat intelligence report based on multimodal learning. Secur. Commun. Netw. 121 (2021), 1\u201312.","journal-title":"Secur. Commun. Netw."},{"key":"e_1_3_3_146_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2021.3128070"},{"key":"e_1_3_3_147_2","article-title":"New Group of Hackers Targeting Businesses with Financially Motivated Cyber Attacks","author":"Khandelwal Swati","year":"2019","unstructured":"Swati Khandelwal. 2019. New Group of Hackers Targeting Businesses with Financially Motivated Cyber Attacks. Retrieved from https:\/\/thehackernews.com\/2019\/11\/financial-cyberattacks.html.","journal-title":"Retrieved from https:\/\/thehackernews.com\/2019\/11\/financial-cyberattacks.html"},{"key":"e_1_3_3_148_2","doi-asserted-by":"crossref","first-page":"276","DOI":"10.11613\/BM.2012.031","article-title":"Interrater reliability: The kappa statistic","author":"McHugh Marry L.","year":"2012","unstructured":"Marry L. McHugh. 2012. Interrater reliability: The kappa statistic. Biochem. Medica 22, 3 (2012), 276\u2013282.","journal-title":"Biochem. Medica"},{"key":"e_1_3_3_149_2","article-title":"Definition: Threat intelligence","author":"McMillan Rob","year":"2013","unstructured":"Rob McMillan. 2013. Definition: Threat intelligence. Retrieved from https:\/\/www.gartner.com\/en\/documents\/2487216.","journal-title":"Retrieved from https:\/\/www.gartner.com\/en\/documents\/2487216"},{"key":"e_1_3_3_150_2","unstructured":"Tomas Mikolov Kai Chen Greg Corrado and Jeffrey Dean. 2013. Efficient estimation of word representations in vector space. DOI:DOI:https:\/\/doi.org\/10.48550\/arXiv.1301.3781"},{"key":"e_1_3_3_151_2","volume-title":"Exchanging Cyber Threat Intelligence: There Has to Be a Better Way","author":"Ponemon Larry","year":"2014","unstructured":"Larry Ponemon. 2014. Exchanging Cyber Threat Intelligence: There Has to Be a Better Way. Technical Report. Ponemon Institute Research Report, Ponemon Institute LLC."},{"key":"e_1_3_3_152_2","article-title":"Amazon says it mitigated the largest DDoS attack ever recorded","author":"Porter Jon","year":"2020","unstructured":"Jon Porter. 2020. Amazon says it mitigated the largest DDoS attack ever recorded. Retrieved from https:\/\/www.theverge.com\/2020\/6\/18\/21295337\/amazon-aws-biggest-ddos-attack-ever-2-3-tbps-shield-github-netscout-arbor.","journal-title":"Retrieved from https:\/\/www.theverge.com\/2020\/6\/18\/21295337\/amazon-aws-biggest-ddos-attack-ever-2-3-tbps-shield-github-netscout-arbor"},{"key":"e_1_3_3_153_2","volume-title":"The Coding Manual for Qualitative Researchers","author":"Salda\u00f1a Johnny","year":"2015","unstructured":"Johnny Salda\u00f1a. 2015. The Coding Manual for Qualitative Researchers. Sage."},{"key":"e_1_3_3_154_2","doi-asserted-by":"publisher","DOI":"10.1145\/3430360"},{"key":"e_1_3_3_155_2","unstructured":"Bruce Schneier. 1998. Security pitfalls in cryptography. In Proceeding of the EDI FORUM-OAK PARK- Vol. 11 THE EDI GROUP LTD. 65\u201369."},{"key":"e_1_3_3_156_2","volume-title":"Who\u2019s Using Cyberthreat Intelligence and How?","author":"Shackleford Dave","year":"2015","unstructured":"Dave Shackleford. 2015. Who\u2019s Using Cyberthreat Intelligence and How?Technical Report. SANS Institute."},{"key":"e_1_3_3_157_2","volume-title":"Card Sorting: Designing Usable Categories","author":"Spencer Donna","year":"2009","unstructured":"Donna Spencer. 2009. Card Sorting: Designing Usable Categories. Rosenfeld Media."},{"key":"e_1_3_3_158_2","article-title":"Threat intelligence needs to grow up","author":"Zurkus K.","year":"2015","unstructured":"K. Zurkus. 2015. Threat intelligence needs to grow up. Retrieved from https:\/\/www.csoonline.com\/article\/2969275\/threat-intelligence-needs-to-grow-up.html.","journal-title":"Retrieved from https:\/\/www.csoonline.com\/article\/2969275\/threat-intelligence-needs-to-grow-up.html"}],"container-title":["ACM Computing Surveys"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3571726","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3571726","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T17:49:33Z","timestamp":1750182573000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3571726"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,3,2]]},"references-count":157,"journal-issue":{"issue":"12","published-print":{"date-parts":[[2023,12,31]]}},"alternative-id":["10.1145\/3571726"],"URL":"https:\/\/doi.org\/10.1145\/3571726","relation":{},"ISSN":["0360-0300","1557-7341"],"issn-type":[{"value":"0360-0300","type":"print"},{"value":"1557-7341","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,3,2]]},"assertion":[{"value":"2021-06-04","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2022-10-17","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2023-03-02","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}