{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,5]],"date-time":"2026-06-05T14:21:32Z","timestamp":1780669292768,"version":"3.54.1"},"reference-count":265,"publisher":"Association for Computing Machinery (ACM)","issue":"6","content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Comput. Surv."],"published-print":{"date-parts":[[2026,4,30]]},"abstract":"<jats:p>Multiple cyber-security-related sources, referred to as threat intelligence sources, are commonly used to counter sophisticated cyber attacks such as advanced persistent threat attacks and ransomware. In this article, in addition to describing various threat intelligence sources, we analyze research trends based on taxonomies for research purpose, research approach, and research datasets. We provide an extensive review of over 200 studies related to cyber threat intelligence published between 2001 and 2025 and examine the trends of representative research. The survey shows that there are issues related to datasets, such as the evaluation results depending on which vendors are included in the dataset. Therefore, we also conduct a measurement study to provide a detailed description of collected datasets. To the best of our knowledge, this is the first study to conduct a measurement study on a dataset to uncover insights for constructing a well-balanced dataset. We also identify open issues and challenges that need to be addressed in the future.<\/jats:p>","DOI":"10.1145\/3772280","type":"journal-article","created":{"date-parts":[[2025,10,22]],"date-time":"2025-10-22T10:50:11Z","timestamp":1761130211000},"page":"1-35","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":2,"title":["A Comprehensive Survey of Threat Intelligence Research: A Measurement-Based Study"],"prefix":"10.1145","volume":"58","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0699-5884","authenticated-orcid":false,"given":"Keisuke","family":"Furumoto","sequence":"first","affiliation":[{"name":"National Institute of Information and Communications Technology","place":["Koganei, Japan"]}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7822-3672","authenticated-orcid":false,"given":"Tomohiro","family":"Morikawa","sequence":"additional","affiliation":[{"name":"University of Hyogo","place":["Kobe, Japan"]}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8572-1266","authenticated-orcid":false,"given":"Antti","family":"Kolehmainen","sequence":"additional","affiliation":[{"name":"Tampere University","place":["Tampere, Finland"]}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6565-8776","authenticated-orcid":false,"given":"Bilhanan","family":"Silverajan","sequence":"additional","affiliation":[{"name":"Tampere University","place":["Tampere, Finland"]}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6477-7770","authenticated-orcid":false,"given":"Takeshi","family":"Takahashi","sequence":"additional","affiliation":[{"name":"National Institute of Information and Communications Technology","place":["Koganei, Japan"]}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4373-0834","authenticated-orcid":false,"given":"Daisuke","family":"Inoue","sequence":"additional","affiliation":[{"name":"National Institute of Information and Communications Technology","place":["Koganei, Japan"]}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2025,12,9]]},"reference":[{"key":"e_1_3_1_2_2","first-page":"56","volume-title":"Proceedings of the 2014 IEEE Joint Intelligence and Security Informatics Conference","author":"Abbasi Ahmed","year":"2014","unstructured":"Ahmed Abbasi, Weifeng Li, Victor Benjamin, Shiyu Hu, and Hsinchun Chen. 2014. Descriptive Analytics: Examining expert hackers in web forums. In Proceedings of the 2014 IEEE Joint Intelligence and Security Informatics Conference. 56\u201363. DOI:10.1109\/JISIC.2014.18"},{"key":"e_1_3_1_3_2","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2021.3091150"},{"key":"e_1_3_1_4_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2966760"},{"key":"e_1_3_1_5_2","doi-asserted-by":"crossref","first-page":"39","DOI":"10.1007\/978-3-031-25538-0_3","volume-title":"Proceedings of the Security and Privacy in Communication Networks.","author":"Aghaei Ehsan","year":"2023","unstructured":"Ehsan Aghaei, Xi Niu, Waseem Shadid, and Ehab Al-Shaer. 2023. SecureBERT: A domain-specific language model for cybersecurity. In Proceedings of the Security and Privacy in Communication Networks.Fengjun Li, Kaitai Liang, Zhiqiang Lin, and Sokratis K. Katsikas (Eds.), Springer Nature Switzerland, Cham, 39\u201356."},{"key":"e_1_3_1_6_2","doi-asserted-by":"publisher","unstructured":"Ehsan Aghaei Waseem Shadid and Ehab Al-Shaer. 2020. ThreatZoom: CVE2CWE using hierarchical neural network. In Springer International Publishing. 23\u201341. 10.48550\/arXiv.2009.11501","DOI":"10.48550\/arXiv.2009.11501"},{"key":"e_1_3_1_7_2","first-page":"1458","volume-title":"Proceedings of the 2022 2nd International Conference on Artificial Intelligence and Smart Energy","author":"Ahuja Kiran","year":"2022","unstructured":"Kiran Ahuja, Khushi, Dipali, and Neeraj Sharma. 2022. Cyber security threats and their connection with Twitter. In Proceedings of the 2022 2nd International Conference on Artificial Intelligence and Smart Energy. 1458\u20131463. DOI:10.1109\/ICAIS53314.2022.9742767"},{"key":"e_1_3_1_8_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103352"},{"key":"e_1_3_1_9_2","doi-asserted-by":"publisher","unstructured":"Hamad Al-Mohannadi Qublai Khan Ali Mirza Anitta Patience Namanya Irfan Awan Andrea Cullen and Jules Pagna Diss. 2016. Cyber-attack modeling analysis techniques: An overview. In 2016 IEEE 4th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW). 69\u201376. 10.1109\/W-FiCloud.2016.29","DOI":"10.1109\/W-FiCloud.2016.29"},{"key":"e_1_3_1_10_2","first-page":"50805","volume-title":"Proceedings of the Advances in Neural Information Processing Systems","author":"Alam Md Tanvirul","year":"2024","unstructured":"Md Tanvirul Alam, Dipkamal Bhusal, Le Nguyen, and Nidhi Rastogi. 2024. CTIBench: A benchmark for evaluating LLMs in cyber threat intelligence. In Proceedings of the Advances in Neural Information Processing Systems. 50805\u201350825. Retrieved from https:\/\/github.com\/aiforsec\/cti-bench"},{"key":"e_1_3_1_11_2","doi-asserted-by":"publisher","DOI":"10.1109\/TETC.2015.2397395"},{"key":"e_1_3_1_12_2","first-page":"1","volume-title":"Proceedings of the 2020 IEEE 6th World Forum on Internet of Things","author":"Alrefaei Faisal","year":"2020","unstructured":"Faisal Alrefaei. 2020. The importance of security in cyber-physical system. In Proceedings of the 2020 IEEE 6th World Forum on Internet of Things. 1\u20133. DOI:10.1109\/WF-IoT48130.2020.9221155"},{"key":"e_1_3_1_13_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.is.2020.101586"},{"key":"e_1_3_1_14_2","first-page":"5","volume-title":"Proceedings of the 2024 IEEE 25th International Symposium on a World of Wireless, Mobile and Multimedia Networks","author":"Amin Habib El","year":"2024","unstructured":"Habib El Amin, Abed Ellatif Samhat, Maroun Chamoun, Lina Oueidat, and Antoine Feghali. 2024. An enhanced threat intelligence driven hybrid model for information security risk management. In Proceedings of the 2024 IEEE 25th International Symposium on a World of Wireless, Mobile and Multimedia Networks. 5\u201312. DOI:10.1109\/WoWMoM60985.2024.00013"},{"key":"e_1_3_1_15_2","first-page":"1","volume-title":"Proceedings of the 2020 IEEE International Conference on Intelligence and Security Informatics","author":"Ampel Benjamin","year":"2020","unstructured":"Benjamin Ampel, Sagar Samtani, Hongyi Zhu, Steven Ullman, and Hsinchun Chen. 2020. Labeling hacker exploits for proactive cyber threat intelligence: A deep transfer learning approach. In Proceedings of the 2020 IEEE International Conference on Intelligence and Security Informatics. 1\u20136. DOI:10.1109\/ISI49825.2020.9280548"},{"key":"e_1_3_1_16_2","first-page":"1","volume-title":"Proceedings of the 2020 IEEE Symposium on Computers and Communications","author":"Aota Masaki","year":"2020","unstructured":"Masaki Aota, Hideaki Kanehara, Masaki Kubo, Noboru Murata, Bo Sun, and Takeshi Takahashi. 2020. Automation of vulnerability classification from its description using machine learning. In Proceedings of the 2020 IEEE Symposium on Computers and Communications. 1\u20137. DOI:10.1109\/ISCC50000.2020.9219568"},{"key":"e_1_3_1_17_2","volume-title":"Proceedings of the 2022 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events. 618\u2013623","author":"Arafune Masumi","year":"2022","unstructured":"Masumi Arafune, Sidharth Rajalakshmi, Luigi Jaldon, Zahra Jadidi, Shantanu Pal, Ernest Foo, and Nagarajan Venkatachalam. 2022. Design and development of automated threat hunting in industrial control systems. In Proceedings of the 2022 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events. 618\u2013623. DOI:10.1109\/PerComWorkshops53856.2022.9767375"},{"key":"e_1_3_1_18_2","first-page":"1","volume-title":"Proceedings of the 2016 IEEE Symposium on Technologies for Homeland Security","author":"Asgarli Elchin","year":"2016","unstructured":"Elchin Asgarli and Eric Burger. 2016. Semantic ontologies for cyber threat sharing standards. In Proceedings of the 2016 IEEE Symposium on Technologies for Homeland Security. 1\u20136. DOI:10.1109\/THS.2016.7568896"},{"key":"e_1_3_1_19_2","volume-title":"Proceedings of the 17th Symposium on Usable Privacy and Security","author":"Asiri Mohammed","year":"2021","unstructured":"Mohammed Asiri, Neetesh Saxena, and Peter Burnap. 2021. Investigating usable indicators against cyber-attacks in industrial control systems. In Proceedings of the 17th Symposium on Usable Privacy and Security. USENIX Association."},{"key":"e_1_3_1_20_2","first-page":"1","volume-title":"Proceedings of the SoutheastCon 2021","author":"Atluri Venkata","year":"2021","unstructured":"Venkata Atluri and Jeff Horne. 2021. A machine learning based threat intelligence framework for industrial control system network traffic indicators of compromise. In Proceedings of the SoutheastCon 2021. 1\u20135. DOI:10.1109\/SoutheastCon45413.2021.9401809"},{"key":"e_1_3_1_21_2","first-page":"236","volume-title":"Proceedings of the 2018 IEEE 4th International Conference on Collaboration and Internet Computing","author":"Ayoade Gbadebo","year":"2018","unstructured":"Gbadebo Ayoade, Swarup Chandra, Latifur Khan, Kevin Hamlen, and Bhavani Thuraisingham. 2018. Automated threat report classification over multi-source data. In Proceedings of the 2018 IEEE 4th International Conference on Collaboration and Internet Computing. 236\u2013245. DOI:10.1109\/CIC.2018.00040"},{"key":"e_1_3_1_22_2","first-page":"1","volume-title":"Proceedings of the 2024 2nd International Conference on Networking and Communications","author":"B Jyothsna.","year":"2024","unstructured":"Jyothsna. B and Dr. V. Jyothsna. 2024. Defending against IoT threats: A comprehensive framework with advanced models and real-time threat intelligence for DDoS detection. In Proceedings of the 2024 2nd International Conference on Networking and Communications. 1\u20137. DOI:10.1109\/ICNWC60771.2024.10537548"},{"key":"e_1_3_1_23_2","first-page":"1","volume-title":"Proceedings of the MITRE Corporation","author":"Barnum Sean","year":"2012","unstructured":"Sean Barnum. 2012. Standardizing cyber threat intelligence information with the structured threat information eXpression (STIX). In Proceedings of the MITRE Corporation. 1\u201322."},{"key":"e_1_3_1_24_2","unstructured":"beautifulsoup 2018. beautifulsoup4 PyPI. Retrieved from https:\/\/pypi.org\/project\/beautifulsoup4\/"},{"key":"e_1_3_1_25_2","unstructured":"Noam Ben-Asher Alessandro Oltramari Robert Erbacher and Cleotilde Gonzalez. 2015. Ontology-based adaptive systems of cyber defense. In Proceedings of the Tenth Conference on Semantic Technology for Intelligence Defense and Security 1523 (2015) 34\u201341."},{"key":"e_1_3_1_26_2","first-page":"24","volume-title":"Proceedings of the 2012 IEEE International Conference on Intelligence and Security Informatics","author":"Benjamin Victor","year":"2012","unstructured":"Victor Benjamin and Hsinchun Chen. 2012. Securing cyberspace: Identifying key actors in hacker communities. In Proceedings of the 2012 IEEE International Conference on Intelligence and Security Informatics. 24\u201329. DOI:10.1109\/ISI.2012.6283296"},{"key":"e_1_3_1_27_2","first-page":"79","volume-title":"Proceedings of the 2015 IEEE International Conference on Intelligence and Security Informatics","author":"Benjamin Victor","year":"2015","unstructured":"Victor Benjamin and Hsinchun Chen. 2015. Developing understanding of hacker language through the use of lexical semantics. In Proceedings of the 2015 IEEE International Conference on Intelligence and Security Informatics. 79\u201384. DOI:10.1109\/ISI.2015.7165943"},{"key":"e_1_3_1_28_2","first-page":"85","volume-title":"Proceedings of the 2015 IEEE International Conference on Intelligence and Security Informatics","author":"Benjamin Victor","year":"2015","unstructured":"Victor Benjamin, Weifeng Li, Thomas Holt, and Hsinchun Chen. 2015. Exploring threats and vulnerabilities in hacker web: Forums, IRC and carding shops. In Proceedings of the 2015 IEEE International Conference on Intelligence and Security Informatics. 85\u201390. DOI:10.1109\/ISI.2015.7165944"},{"key":"e_1_3_1_29_2","first-page":"390","volume-title":"Proceedings of the 2014 IEEE 8th International Symposium on Service Oriented System Engineering","author":"Bhatt Parth","year":"2014","unstructured":"Parth Bhatt, Edgar Toshiro Yano, and Per Gustavsson. 2014. Towards a framework to detect multi-stage advanced persistent threats attacks. In Proceedings of the 2014 IEEE 8th International Symposium on Service Oriented System Engineering. 390\u2013395. DOI:10.1109\/SOSE.2014.53"},{"key":"e_1_3_1_30_2","doi-asserted-by":"publisher","unstructured":"Dipkamal Bhusal Md Alam Le Nguyen Ashim Mahara Zachary Lightcap Rodney Frazier Romy Fieblinger Grace Torales and Nidhi Rastogi. 2024. SECURE: Benchmarking Generative Large Language Models for Cybersecurity Advisory. 14 Pages. DOI:10.48550\/arXiv.2405.20441","DOI":"10.48550\/arXiv.2405.20441"},{"key":"e_1_3_1_31_2","doi-asserted-by":"crossref","first-page":"813","DOI":"10.1109\/ARES.2008.33","volume-title":"Proceedings of the 2008 3rd International Conference on Availability, Reliability and Security","author":"Blanco Carlos","year":"2008","unstructured":"Carlos Blanco, Joaquin Lasheras, Rafael Valencia-Garc\u00eda, Eduardo Fern\u00e1ndez-Medina, Ambrosio Toval, and Mario Piattini. 2008. A systematic review and comparison of security ontologies. In Proceedings of the 2008 3rd International Conference on Availability, Reliability and Security. 813\u2013820. DOI:10.1109\/ARES.2008.33"},{"key":"e_1_3_1_32_2","unstructured":"BleepingComputer 2020. Dark web market Empire down for days from DDoS attack. Retrieved from https:\/\/www.bleepingcomputer.com\/news\/cryptocurrency\/dark-web-market-empire-down-for-days-from-ddos-attack\/"},{"key":"e_1_3_1_33_2","unstructured":"Botconf 2014. The Russian DDoS One: Booters to Botnets | Botconf 2021-2022. Retrieved from https:\/\/www.botconf.eu\/2014\/the-russian-ddos-one-booters-to-botnets\/"},{"key":"e_1_3_1_34_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2015.05.002"},{"key":"e_1_3_1_35_2","volume-title":"Proceedings of the 29th USENIX Conference on Security Symposium.","author":"Bouwman Xander","year":"2020","unstructured":"Xander Bouwman, Harm Griffioen, Jelle Egbers, Christian Doerr, Bram Klievink, and Michel Van Eeten. 2020. A Different Cup of TI? The Added Value of Commercial Threat Intelligence. In Proceedings of the 29th USENIX Conference on Security Symposium.USENIX Association, USA, Article 25, 18 pages."},{"key":"e_1_3_1_36_2","unstructured":"Robert Bridges Corinne Jones Michael Iannacone and John Goodall. 2013. Automatic labeling for entity extraction in cyber security. arXiv preprint (2014) 1\u201310."},{"key":"e_1_3_1_37_2","first-page":"437","volume-title":"Proceedings of the 2017 16th IEEE International Conference on Machine Learning and Applications","author":"Bridges Robert A.","year":"2017","unstructured":"Robert A. Bridges, Kelly M. T. Huffer, Corinne L. Jones, Michael D. Iannacone, and John R. Goodall. 2017. Cybersecurity automated information extraction techniques: Drawbacks of current methods, and enhanced extractors. In Proceedings of the 2017 16th IEEE International Conference on Machine Learning and Applications. 437\u2013442. DOI:10.1109\/ICMLA.2017.0-122"},{"key":"e_1_3_1_38_2","doi-asserted-by":"crossref","first-page":"51","DOI":"10.1145\/2663876.2663883","volume-title":"Proceedings of the 2014 ACM Workshop on Information Sharing amp; Collaborative Security","author":"Burger Eric W.","year":"2014","unstructured":"Eric W. Burger, Michael D. Goodman, Panos Kampanakis, and Kevin A. Zhu. 2014. Taxonomy model for cyber threat intelligence information exchange technologies. In Proceedings of the 2014 ACM Workshop on Information Sharing amp; Collaborative Security (Scottsdale, Arizona, USA). Association for Computing Machinery, New York, NY, USA, 51\u201360. DOI:10.1145\/2663876.2663883"},{"key":"e_1_3_1_39_2","doi-asserted-by":"publisher","DOI":"10.1186\/s42400-018-0017-4"},{"key":"e_1_3_1_40_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2021.3078261"},{"key":"e_1_3_1_41_2","unstructured":"Sergio Caltagirone. [n.d.]. Industrial Control Threat Intelligence -Whitepaper. Retrieved from https:\/\/www.dragos.com\/wp-content\/uploads\/Industrial-Control-Threat-Intelligence-Whitepaper.pdf"},{"key":"e_1_3_1_42_2","first-page":"1","volume-title":"Proceedings of the Center for Cyber Threat Intelligence and Threat Research, Hanover","author":"Caltagirone S.","year":"2013","unstructured":"S. Caltagirone, P. Andrew, and B. Christopher. 2013. The diamond model of intrusion analysis. In Proceedings of the Center for Cyber Threat Intelligence and Threat Research, Hanover. 1\u201322."},{"key":"e_1_3_1_43_2","doi-asserted-by":"publisher","DOI":"10.1109\/MSEC.2024.3407859"},{"key":"e_1_3_1_44_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102258"},{"key":"e_1_3_1_45_2","doi-asserted-by":"publisher","DOI":"10.3390\/su12166401"},{"key":"e_1_3_1_46_2","volume-title":"Proceedings of the 2022 IEEE International Conference on Big Data. 2578\u20132584","author":"Chan Hsin-Ju","year":"2022","unstructured":"Hsin-Ju Chan, Chin-Yuan Hsu, Ching-Chang Chien, Ji-Jie Wu, and He-Lin Ku. 2022. FeedRef2022: A named entity recognition dataset for extracting indicators of compromise. In Proceedings of the 2022 IEEE International Conference on Big Data. 2578\u20132584. DOI:10.1109\/BigData55660.2022.10020985"},{"key":"e_1_3_1_47_2","unstructured":"Yutong Cheng Osama Bajaber Saimon Amanuel Tsegai Dawn Song and Peng Gao. 2025. CTINexus: Leveraging optimized LLM in-context learning for constructing cybersecurity knowledge graphs under data scarcity. arXiv preprint (2025). arXiv:2410.21060v1."},{"key":"e_1_3_1_48_2","unstructured":"CISCO [n.d.]. What Is Threat Hunting? - Cisco. Retrieved from https:\/\/www.cisco.com\/site\/us\/en\/learn\/topics\/security\/what-is-threat-hunting.html"},{"key":"e_1_3_1_49_2","unstructured":"Copyright 1970. Copyright ActAct No. 48 of 1970. Retrieved from https:\/\/www.japaneselawtranslation.go.jp\/ja\/laws\/view\/4207#je_ch2sc3sb5at1"},{"key":"e_1_3_1_50_2","unstructured":"CrowdStrike 2023. Ransomware as a Service (RaaS) Explained | CrowdStrike. Retrieved from https:\/\/www.crowdstrike.com\/cybersecurity-101\/ransomware\/ransomware-as-a-service-raas\/"},{"key":"e_1_3_1_51_2","unstructured":"CrowdStrike 2025. What is Cyber Threat Hunting? [Proactive Guide] - CrowdStrike. Retrieved from https:\/\/www.crowdstrike.com\/en-us\/cybersecurity-101\/threat-intelligence\/threat-hunting\/"},{"key":"e_1_3_1_52_2","doi-asserted-by":"publisher","unstructured":"Yongfei Li Yuanbo Guo Chen Fang Yingze Liu and Qingli Chen. 2022. A novel threat intelligence information extraction system combining multiple models. Security and Communication Networks 2022 1 (2022) 1\u201312. 10.1155\/2022\/8477260","DOI":"10.1155\/2022\/8477260"},{"key":"e_1_3_1_53_2","unstructured":"Cyobstract 2018. GitHub - cmu-sei\/cyobstract: A tool to extract structured cyber information from incident reports.https:\/\/github.com\/cmu-sei\/cyobstract"},{"key":"e_1_3_1_54_2","unstructured":"Darknet Market Archives 2016. Darknet Market Archives (2013-2015). Retrieved from https:\/\/www.gwern.net\/DNM-archives"},{"key":"e_1_3_1_55_2","unstructured":"Darknet Stats 2019. Darknet Stats. Retrieved from https:\/\/www.darknetstats.com\/"},{"key":"e_1_3_1_56_2","unstructured":"DDIR 2019. DDIR: An Open Source Dataset for Darkweb Researc. Retrieved from https:\/\/github.com\/nenaiko-dareda\/DDIR"},{"key":"e_1_3_1_57_2","first-page":"3648","volume-title":"Proceedings of the 2017 IEEE International Conference on Big Data (Big Data)","author":"Deliu Isuf","year":"2017","unstructured":"Isuf Deliu, Carl Leichter, and Katrin Franke. 2017. Extracting cyber threat intelligence from hacker forums: Support vector machines versus convolutional neural networks. In Proceedings of the 2017 IEEE International Conference on Big Data (Big Data). 3648\u20133656. DOI:10.1109\/BigData.2017.8258359"},{"key":"e_1_3_1_58_2","first-page":"4171","volume-title":"Proceedings of the 2019 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies, NAACL-HLT 2019, Minneapolis, MN, USA, June 2-7, 2019, Volume 1 (Long and Short Papers)","author":"Devlin Jacob","year":"2019","unstructured":"Jacob Devlin, Ming-Wei Chang, Kenton Lee, and Kristina Toutanova. 2019. BERT: Pre-training of deep bidirectional transformers for language understanding. In Proceedings of the 2019 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies, NAACL-HLT 2019, Minneapolis, MN, USA, June 2-7, 2019, Volume 1 (Long and Short Papers). Association for Computational Linguistics, 4171\u20134186. DOI:10.18653\/v1\/n19-1423"},{"key":"e_1_3_1_59_2","unstructured":"Ye Dong Yan Aung Sudipta Chattopadhyay and Jianying Zhou. 2025. ChatIoT: Large language model-based security assistant for internet of things with retrieval-augmented generation. arXiv preprint (2025). arXiv:2502.09896."},{"key":"e_1_3_1_60_2","first-page":"869","volume-title":"Proceedings of the 28th USENIX Conference on Security Symposium","author":"Dong Ying","year":"2019","unstructured":"Ying Dong, Wenbo Guo, Yueqi Chen, Xinyu Xing, Yuqing Zhang, and Gang Wang. 2019. Towards the detection of inconsistencies in public security vulnerability reports. In Proceedings of the 28th USENIX Conference on Security Symposium (Santa Clara, CA, USA). USENIX Association, USA, 869\u2013885."},{"key":"e_1_3_1_61_2","volume-title":"Proceedings of the 2024 International Wireless Communications and Mobile Computing. 1483\u20131489","author":"Jaouhari Saad El","year":"2024","unstructured":"Saad El Jaouhari and Shaikh Ahmed. 2024. CTIoT: A cyber threat intelligence tool for IoT. In Proceedings of the 2024 International Wireless Communications and Mobile Computing. 1483\u20131489. DOI:10.1109\/IWCMC61514.2024.10592406"},{"key":"e_1_3_1_62_2","first-page":"255","volume-title":"Proceedings of the 2024 Annual Computer Security Applications Conference Workshops","author":"Fayyazi Reza","year":"2024","unstructured":"Reza Fayyazi, Rozhina Taghdimi, and Shanchieh Jay Yang. 2024. Advancing TTP analysis: Harnessing the power of large language models with retrieval augmented generation. In Proceedings of the 2024 Annual Computer Security Applications Conference Workshops. IEEE Computer Society, Los Alamitos, CA, USA, 255\u2013261. DOI:10.1109\/ACSACW65225.2024.00036"},{"key":"e_1_3_1_63_2","first-page":"100","volume-title":"Proceedings of the 2024 IEEE European Symposium on Security and Privacy Workshops","author":"Fieblinger Romy","year":"2024","unstructured":"Romy Fieblinger, Md Tanvirul Alam, and Nidhi Rastogi. 2024. Actionable cyber threat intelligence using knowledge graphs and large language models. In Proceedings of the 2024 IEEE European Symposium on Security and Privacy Workshops. IEEE Computer Society, Los Alamitos, CA, USA, 100\u2013111. DOI:10.1109\/EuroSPW61312.2024.00018"},{"key":"e_1_3_1_64_2","first-page":"138","volume-title":"Proceedings of the 2021 IEEE International Conferences on Internet of Things and IEEE Green Computing and Communications and IEEE Cyber, Physical and Social Computing and IEEE Smart Data and IEEE Congress on Cybermatics","author":"Furumoto Keisuke","year":"2021","unstructured":"Keisuke Furumoto, Mitsuhiro Umizaki, Akira Fujita, Takahiko Nagata, Takeshi Takahashi, and Daisuke Inoue. 2021. Extracting Threat Intelligence Related IoT Botnet From Latest Dark Web Data Collection. In Proceedings of the 2021 IEEE International Conferences on Internet of Things and IEEE Green Computing and Communications and IEEE Cyber, Physical and Social Computing and IEEE Smart Data and IEEE Congress on Cybermatics. 138\u2013145. DOI:10.1109\/iThings-GreenCom-CPSCom-SmartData-Cybermatics53846.2021.00034"},{"key":"e_1_3_1_65_2","volume-title":"Proceedings of the 1st ACM Workshop on Large AI Systems and Models with Privacy and Safety Analysis. ACM","author":"Gao Peng","year":"2024","unstructured":"Peng Gao, Xiaoyuan Liu, Edward Choi, Sibo Ma, Xinyu Yang, and Dawn Song. 2024. ThreatKG: An AI-powered system for automated open-source cyber threat intelligence gathering and management. In Proceedings of the 1st ACM Workshop on Large AI Systems and Models with Privacy and Safety Analysis. ACM."},{"key":"e_1_3_1_66_2","volume-title":"Proceedings of the 2021 International Conference on Management of Data. ACM","author":"Gao Peng","year":"2021","unstructured":"Peng Gao, Xiaoyuan Liu, Edward Choi, Bhavna Soman, Chinmaya Mishra, Kate Farris, and Dawn Song. 2021. A system for automated open-source threat intelligence gathering and management. In Proceedings of the 2021 International Conference on Management of Data. ACM. DOI:10.1145\/3448016.3452830"},{"key":"e_1_3_1_67_2","first-page":"193","volume-title":"Proceedings of the 2021 IEEE 37th International Conference on Data Engineering","author":"Gao Peng","year":"2021","unstructured":"Peng Gao, Fei Shao, Xiaoyuan Liu, Xusheng Xiao, Zheng Qin, Fengyuan Xu, Prateek Mittal, Sanjeev Kulkarni, and Dawn Song. 2021. Enabling Efficient Cyber Threat Hunting With Cyber Threat Intelligence. In Proceedings of the 2021 IEEE 37th International Conference on Data Engineering. IEEE Computer Society, Los Alamitos, CA, USA, 193\u2013204. DOI:10.1109\/ICDE51399.2021.00024"},{"key":"e_1_3_1_68_2","volume-title":"Proceedings of the 2018 IEEE International Conference on Big Data. 1272\u20131277","author":"Gao Yali","year":"2018","unstructured":"Yali Gao, Xiaoyong Li, Jirui Li, Yunquan Gao, and Ning Guo. 2018. Graph mining-based trust evaluation mechanism with multidimensional features for large-scale heterogeneous threat intelligence. In Proceedings of the 2018 IEEE International Conference on Big Data. 1272\u20131277. DOI:10.1109\/BigData.2018.8622111"},{"key":"e_1_3_1_69_2","doi-asserted-by":"publisher","DOI":"10.1109\/TKDE.2020.2987019"},{"key":"e_1_3_1_70_2","first-page":"15","volume-title":"Proceedings of the 7th ACM on Conference on Data and Application Security and Privacy","author":"Gascon Hugo","year":"2017","unstructured":"Hugo Gascon, Bernd Grobauer, Thomas Schreck, Lukas Rist, Daniel Arp, and Konrad Rieck. 2017. Mining attributed graphs for threat intelligence. In Proceedings of the 7th ACM on Conference on Data and Application Security and Privacy (Scottsdale, Arizona, USA). Association for Computing Machinery, New York, NY, USA, 15\u201322. DOI:10.1145\/3029806.3029811"},{"key":"e_1_3_1_71_2","volume-title":"Proceedings of the 2019 International Conference on Cyber Security for Emerging Technologies. 1\u20136","author":"Gasmi Houssem","year":"2019","unstructured":"Houssem Gasmi, Jannik Laval, and Abdelaziz Bouras. 2019. Cold-start cybersecurity ontology population using information extraction with LSTM. In Proceedings of the 2019 International Conference on Cyber Security for Emerging Technologies. 1\u20136. DOI:10.1109\/CSET.2019.8904905"},{"key":"e_1_3_1_72_2","first-page":"129","volume-title":"Proceedings of the 2018 International Conference on Frontiers of Information Technology","author":"Ghazi Yumna","year":"2018","unstructured":"Yumna Ghazi, Zahid Anwar, Rafia Mumtaz, Shahzad Saleem, and Ali Tahir. 2018. A supervised machine learning based approach for automatically extracting high-level threat intelligence from unstructured sources. In Proceedings of the 2018 International Conference on Frontiers of Information Technology. 129\u2013134. DOI:10.1109\/FIT.2018.00030"},{"key":"e_1_3_1_73_2","unstructured":"Nimisha Goel Mansi and Nandini Sethi. 2022. Cyber threat intelligence: A survey on progressive techniques and challenges. In International Journal of Advances in Science Engineering and Technology 10 (2022) 65\u201370."},{"key":"e_1_3_1_74_2","first-page":"31","volume-title":"Proceedings of the 2019 24th International Conference on Engineering of Complex Computer Systems","author":"Gong Xi","year":"2019","unstructured":"Xi Gong, Zhenchang Xing, Xiaohong Li, Zhiyong Feng, and Zhuobing Han. 2019. Joint prediction of multiple vulnerability characteristics through multi-task learning. In Proceedings of the 2019 24th International Conference on Engineering of Complex Computer Systems. 31\u201340. DOI:10.1109\/ICECCS.2019.00011"},{"key":"e_1_3_1_75_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jisa.2020.102715"},{"key":"e_1_3_1_76_2","first-page":"453","volume-title":"Proceedings of the 2014 IEEE 23rd International WETICE Conference","author":"Gr\u00e9gio Andr\u00e9","year":"2014","unstructured":"Andr\u00e9 Gr\u00e9gio, Rodrigo Bonacin, Olga Nabuco, Vitor Monte Afonso, Paulo L\u00edcio De Geus, and Mario Jino. 2014. Ontology for malware behavior: A core model proposal. In Proceedings of the 2014 IEEE 23rd International WETICE Conference. 453\u2013458. DOI:10.1109\/WETICE.2014.72"},{"key":"e_1_3_1_77_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.chbr.2021.100143"},{"key":"e_1_3_1_78_2","first-page":"125","volume-title":"Proceedings of the 2017 IEEE International Conference on Software Maintenance and Evolution","author":"Han Zhuobing","year":"2017","unstructured":"Zhuobing Han, Xiaohong Li, Zhenchang Xing, Hongtao Liu, and Zhiyong Feng. 2017. Learning to predict severity of software vulnerability using only vulnerability description. In Proceedings of the 2017 IEEE International Conference on Software Maintenance and Evolution. 125\u2013136. DOI:10.1109\/ICSME.2017.52"},{"key":"e_1_3_1_79_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-34647-8_11"},{"key":"e_1_3_1_80_2","doi-asserted-by":"publisher","unstructured":"Wajih Hassan Shengjian Guo Ding Li Zhengzhang Chen Kangkook Jee Zhichun Li and Adam Bates. 2019. NoDoze: Combatting threat alert fatigue with automated provenance triage. In Proceedings 2019 Network and Distributed System Security Symposium. 10.14722\/ndss.2019.23349","DOI":"10.14722\/ndss.2019.23349"},{"key":"e_1_3_1_81_2","doi-asserted-by":"crossref","first-page":"1172","DOI":"10.1109\/SP40000.2020.00096","volume-title":"Proceedings of the 2020 IEEE Symposium on Security and Privacy","author":"Hassan Wajih Ul","year":"2020","unstructured":"Wajih Ul Hassan, Adam Bates, and Daniel Marino. 2020. Tactical provenance analysis for endpoint detection and response systems. In Proceedings of the 2020 IEEE Symposium on Security and Privacy. 1172\u20131189. DOI:10.1109\/SP40000.2020.00096"},{"key":"e_1_3_1_82_2","doi-asserted-by":"crossref","first-page":"165","DOI":"10.1145\/3427228.3427255","volume-title":"Proceedings of the Annual Computer Security Applications Conference","author":"Hassan Wajih Ul","year":"2020","unstructured":"Wajih Ul Hassan, Ding Li, Kangkook Jee, Xiao Yu, Kexuan Zou, Dawei Wang, Zhengzhang Chen, Zhichun Li, Junghwan Rhee, Jiaping Gui, et\u00a0al. 2020. This is why we can\u2019t cache nice things: Lightning-fast threat hunting using suspicion-based hierarchical storage. In Proceedings of the Annual Computer Security Applications Conference (Austin, USA). Association for Computing Machinery, New York, NY, USA, 165\u2013178. DOI:10.1145\/3427228.3427255"},{"key":"e_1_3_1_83_2","first-page":"3928","volume-title":"Proceedings of the 2016 49th Hawaii International Conference on System Sciences","author":"Hermann Mario","year":"2016","unstructured":"Mario Hermann, Tobias Pentek, and Boris Otto. 2016. Design principles for industrie 4.0 scenarios. In Proceedings of the 2016 49th Hawaii International Conference on System Sciences. IEEE, 3928\u20133937."},{"key":"e_1_3_1_84_2","article-title":"Examining the social networks of malware writers and hackers","author":"Holt Thomas","year":"2012","unstructured":"Thomas Holt, Deborah Strumsky, Olga Smirnova, and Max Kilger. 2012. Examining the social networks of malware writers and hackers. International Journal of Cyber Criminology 6 (2012), 891\u2013903.","journal-title":"International Journal of Cyber Criminology"},{"key":"e_1_3_1_85_2","doi-asserted-by":"publisher","DOI":"10.1109\/TETC.2017.2756908"},{"key":"e_1_3_1_86_2","first-page":"200","volume-title":"Proceedings of the IEEE\/WIC\/ACM International Conference on Web Intelligence","author":"Horawalavithana Sameera","year":"2019","unstructured":"Sameera Horawalavithana, Abhishek Bhattacharjee, Renhao Liu, Nazim Choudhury, Lawrence O. Hall, and Adriana Iamnitchi. 2019. Mentions of security vulnerabilities on Reddit, Twitter and GitHub. In Proceedings of the IEEE\/WIC\/ACM International Conference on Web Intelligence (Thessaloniki, Greece). Association for Computing Machinery, New York, NY, USA, 200\u2013207. DOI:10.1145\/3350546.3352519"},{"key":"e_1_3_1_87_2","first-page":"487","volume-title":"Proceedings of the 26th USENIX Conference on Security Symposium","author":"Hossain Md Nahid","year":"2017","unstructured":"Md Nahid Hossain, Sadegh M. Milajerdi, Junao Wang, Birhanu Eshete, Rigel Gjomemo, R. Sekar, Scott D. Stoller, and V. N. Venkatakrishnan. 2017. SLEUTH: Real-time attack scenario reconstruction from COTS audit data. In Proceedings of the 26th USENIX Conference on Security Symposium (Vancouver, BC, Canada). USENIX Association, USA, 487\u2013504."},{"key":"e_1_3_1_88_2","doi-asserted-by":"crossref","first-page":"1139","DOI":"10.1109\/SP40000.2020.00064","volume-title":"Proceedings of the 2020 IEEE Symposium on Security and Privacy","author":"Hossain Md Nahid","year":"2020","unstructured":"Md Nahid Hossain, Sanaz Sheikhi, and R. Sekar. 2020. Combating dependence explosion in forensic analysis using alternative tag propagation semantics. In Proceedings of the 2020 IEEE Symposium on Security and Privacy. 1139\u20131155. DOI:10.1109\/SP40000.2020.00064"},{"key":"e_1_3_1_89_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2023.103999"},{"key":"e_1_3_1_90_2","volume-title":"Proceedings of the 1st Conference on Language Modeling","author":"Huang Liangyi","year":"2024","unstructured":"Liangyi Huang and Xusheng Xiao. 2024. CTIKG: LLM-powered knowledge graph construction from cyber threat intelligence. In Proceedings of the 1st Conference on Language Modeling. Retrieved from https:\/\/openreview.net\/forum?id=DOMP5AgwQz"},{"key":"e_1_3_1_91_2","first-page":"145","volume-title":"Proceedings of the 2016 IEEE Conference on Intelligence and Security Informatics","author":"Huang Shin-Ying","year":"2016","unstructured":"Shin-Ying Huang and Hsinchun Chen. 2016. Exploring the online underground marketplaces through topic-based social network and clustering. In Proceedings of the 2016 IEEE Conference on Intelligence and Security Informatics. 145\u2013150. DOI:10.1109\/ISI.2016.7745458"},{"key":"e_1_3_1_92_2","doi-asserted-by":"publisher","DOI":"10.1109\/TNSM.2024.3401200"},{"key":"e_1_3_1_93_2","doi-asserted-by":"crossref","first-page":"103","DOI":"10.1145\/3134600.3134646","volume-title":"Proceedings of the 33rd Annual Computer Security Applications Conference","author":"Husari Ghaith","year":"2017","unstructured":"Ghaith Husari, Ehab Al-Shaer, Mohiuddin Ahmed, Bill Chu, and Xi Niu. 2017. TTPDrill: Automatic and accurate extraction of threat actions from unstructured text of CTI sources. In Proceedings of the 33rd Annual Computer Security Applications Conference (Orlando, FL, USA). Association for Computing Machinery, New York, NY, USA, 103\u2013115. DOI:10.1145\/3134600.3134646"},{"key":"e_1_3_1_94_2","first-page":"1","volume-title":"Proceedings of the 2018 IEEE International Conference on Intelligence and Security Informatics","author":"Husari Ghaith","year":"2018","unstructured":"Ghaith Husari, Xi Niu, Bill Chu, and Ehab Al-Shaer. 2018. Using entropy and mutual information to extract threat actions from cyber threat intelligence. In Proceedings of the 2018 IEEE International Conference on Intelligence and Security Informatics. 1\u20136. DOI:10.1109\/ISI.2018.8587343"},{"key":"e_1_3_1_95_2","article-title":"Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains","volume":"1","author":"Hutchins Eric","year":"2011","unstructured":"Eric Hutchins, Michael Cloppert, and Rohan Amin. 2011. Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Leading Issues in Information Warfare and Security Research 1, 1 (2011), 80.","journal-title":"Leading Issues in Information Warfare and Security Research"},{"key":"e_1_3_1_96_2","volume-title":"Proceedings of the 10th Annual Cyber and Information Security Research Conference","author":"Iannacone Michael","year":"2015","unstructured":"Michael Iannacone, Shawn Bohn, Grant Nakamura, John Gerth, Kelly Huffer, Robert Bridges, Erik Ferragut, and John Goodall. 2015. Developing an ontology for cyber security knowledge graphs. In Proceedings of the 10th Annual Cyber and Information Security Research Conference (Oak Ridge, TN, USA). Association for Computing Machinery, New York, NY, USA, Article 12, 4 pages. DOI:10.1145\/2746266.2746278"},{"key":"e_1_3_1_97_2","unstructured":"IBM 2025. What Is Threat Hunting? - IBM. https:\/\/www.ibm.com\/think\/topics\/threat-hunting"},{"key":"e_1_3_1_98_2","unstructured":"Imperva 2016. DDoS for Hire | Booter Stresser and DDoSer | Imperva. Retrieved from https:\/\/www.imperva.com\/learn\/ddos\/booters-stressers-ddosers\/"},{"key":"e_1_3_1_99_2","doi-asserted-by":"publisher","DOI":"10.1587\/transinf.2017ICP0015"},{"key":"e_1_3_1_100_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2021.3133260"},{"issue":"1","key":"e_1_3_1_101_2","doi-asserted-by":"crossref","first-page":"16","DOI":"10.1049\/cce:20040104","article-title":"Ethernet: EtherCAT","volume":"15","author":"Jansen Dirk","year":"2004","unstructured":"Dirk Jansen and Holger Buttner. 2004. Ethernet: EtherCAT. Computing and Control Engineering 15, 1 (2004), 16\u201321.","journal-title":"Computing and Control Engineering"},{"key":"e_1_3_1_102_2","doi-asserted-by":"crossref","unstructured":"Hangyuan Ji Jian Yang Linzheng Chai Chaoren Wei Liqun Yang Yunlong Duan Yunli Wang Tianzhen Sun Hongcheng Guo Tongliang Li Changyu Ren and Zhoujun Li. 2024. SevenLLM: Benchmarking eliciting and enhancing abilities of large language models in cyber threat intelligence. arXiv preprint (2024). arXiv:2405.03446.","DOI":"10.18653\/v1\/2024.findings-acl.878"},{"key":"e_1_3_1_103_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.eng.2018.01.004"},{"key":"e_1_3_1_104_2","doi-asserted-by":"crossref","unstructured":"Yin Jiao Mingjian Tang Jinli Cao and Hua Wang. 2020. Adaptive online learning for vulnerability exploitation time prediction. 252\u2013266.","DOI":"10.1007\/978-3-030-62008-0_18"},{"key":"e_1_3_1_105_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2020.3003570"},{"key":"e_1_3_1_106_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.102763"},{"key":"e_1_3_1_107_2","first-page":"252","volume-title":"Proceedings of the 2013 IEEE 7th International Conference on Semantic Computing","author":"Joshi Arnav","year":"2013","unstructured":"Arnav Joshi, Ravendar Lal, Tim Finin, and Anupam Joshi. 2013. Extracting cybersecurity related linked data from text. In Proceedings of the 2013 IEEE 7th International Conference on Semantic Computing. 252\u2013259. DOI:10.1109\/ICSC.2013.50"},{"key":"e_1_3_1_108_2","unstructured":"JVN 2007. Japan Vulnerability Notes JVN. Retrieved from https:\/\/jvn.jp\/report\/index.html"},{"key":"e_1_3_1_109_2","doi-asserted-by":"publisher","DOI":"10.12783\/dtcse\/cmee2017\/20039"},{"key":"e_1_3_1_110_2","volume-title":"Proceedings of the 2017 IEEE International Conference on Computational Intelligence and Computing Research. 1\u20134","author":"Keerthi Ch. Krishna","year":"2017","unstructured":"Ch. Krishna Keerthi, M. A. Jabbar, and B. Seetharamulu. 2017. Cyber physical systems(CPS):Security issues, challenges and solutions. In Proceedings of the 2017 IEEE International Conference on Computational Intelligence and Computing Research. 1\u20134. DOI:10.1109\/ICCIC.2017.8524312"},{"key":"e_1_3_1_111_2","doi-asserted-by":"crossref","first-page":"1049","DOI":"10.1145\/3132847.3132866","volume-title":"Proceedings of the 2017 ACM on Conference on Information and Knowledge Management","author":"Khandpur Rupinder Paul","year":"2017","unstructured":"Rupinder Paul Khandpur, Taoran Ji, Steve Jan, Gang Wang, Chang-Tien Lu, and Naren Ramakrishnan. 2017. Crowdsourcing cybersecurity: Cyber attack detection using social media. In Proceedings of the 2017 ACM on Conference on Information and Knowledge Management (Singapore, Singapore). Association for Computing Machinery, New York, NY, USA, 1049\u20131057. DOI:10.1145\/3132847.3132866"},{"key":"e_1_3_1_112_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jocs.2017.10.020"},{"key":"e_1_3_1_113_2","doi-asserted-by":"publisher","DOI":"10.1109\/TITS.2021.3122368"},{"key":"e_1_3_1_114_2","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2022.3142030"},{"key":"e_1_3_1_115_2","doi-asserted-by":"crossref","first-page":"687","DOI":"10.1145\/3359789.3359808","volume-title":"Proceedings of the 35th Annual Computer Security Applications Conference","author":"Kurogome Yuma","year":"2019","unstructured":"Yuma Kurogome, Yuto Otsuki, Yuhei Kawakoya, Makoto Iwamura, Syogo Hayashi, Tatsuya Mori, and Koushik Sen. 2019. EIGER: Automated IOC generation for accurate and interpretable endpoint malware detection. In Proceedings of the 35th Annual Computer Security Applications Conference (San Juan, Puerto Rico, USA). Association for Computing Machinery, New York, NY, USA, 687\u2013701. DOI:10.1145\/3359789.3359808"},{"key":"e_1_3_1_116_2","first-page":"371","volume-title":"Proceedings of the 16th International Conference on Mining Software Repositories","author":"Le Triet Huynh Minh","year":"2019","unstructured":"Triet Huynh Minh Le, Bushra Sabir, and M. Ali Babar. 2019. Automated software vulnerability assessment with concept drift. In Proceedings of the 16th International Conference on Mining Software Repositories (Montreal, Quebec, Canada). IEEE Press, 371\u2013382. DOI:10.1109\/MSR.2019.00063"},{"key":"e_1_3_1_117_2","first-page":"1","volume-title":"Proceedings of the Position Paper for NSF Workshop on Cyber-physical Systems: Research Motivation, Techniques and Roadmap","author":"Lee Edward A.","year":"2006","unstructured":"Edward A. Lee. 2006. Cyber-physical systems-are computing foundations adequate. In Proceedings of the Position Paper for NSF Workshop on Cyber-physical Systems: Research Motivation, Techniques and Roadmap. 1\u20139."},{"key":"e_1_3_1_118_2","first-page":"363","volume-title":"Proceedings of the 2008 11th IEEE International Symposium on Object and Component-oriented Real-time Distributed Computing.","author":"Lee Edward A.","year":"2008","unstructured":"Edward A. Lee. 2008. Cyber physical systems: Design challenges. In Proceedings of the 2008 11th IEEE International Symposium on Object and Component-oriented Real-time Distributed Computing.IEEE, 363\u2013369."},{"key":"e_1_3_1_119_2","doi-asserted-by":"publisher","DOI":"10.1007\/s00500-016-2265-0"},{"key":"e_1_3_1_120_2","volume-title":"Proceedings of the 2018 International Conference on Platform Technology and Service. 1\u20136","author":"Lee Seulgi","year":"2018","unstructured":"Seulgi Lee, Hyeisun Cho, Nakhyun Kim, Byungik Kim, and Junhyung Park. 2018. Managing cyber threat intelligence in a graph database: Methods of analyzing intrusion sets, threat actors, and campaigns. In Proceedings of the 2018 International Conference on Platform Technology and Service. 1\u20136. DOI:10.1109\/PlatCon.2018.8472752"},{"key":"e_1_3_1_121_2","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2020.3023430"},{"key":"e_1_3_1_122_2","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2021.3130944"},{"key":"e_1_3_1_123_2","first-page":"147","volume-title":"Proceedings of the 2019 15th International Conference on Computational Intelligence and Security","author":"Li Tao","year":"2019","unstructured":"Tao Li, Yuanbo Guo, and Ankang Ju. 2019. A self-attention-based approach for named entity recognition in cybersecurity. In Proceedings of the 2019 15th International Conference on Computational Intelligence and Security. 147\u2013150. DOI:10.1109\/CIS.2019.00039"},{"key":"e_1_3_1_124_2","first-page":"64","volume-title":"Proceedings of the 2014 IEEE Joint Intelligence and Security Informatics Conference","author":"Li Weifeng","year":"2014","unstructured":"Weifeng Li and Hsinchun Chen. 2014. Identifying top sellers in underground economy using deep learning-based sentiment analysis. In Proceedings of the 2014 IEEE Joint Intelligence and Security Informatics Conference. 64\u201367. DOI:10.1109\/JISIC.2014.19"},{"key":"e_1_3_1_125_2","doi-asserted-by":"publisher","unstructured":"Zhenyuan Li Jun Zeng Yan Chen and Zhenkai Liang. 2021. AttacKG: Constructing technique knowledge graph from cyber threat intelligence reports. In European Symposium on Research in Computer Security (Copenhagen Denmark). 589\u2013609. 10.1007\/978-3-031-17140-6_29","DOI":"10.1007\/978-3-031-17140-6_29"},{"key":"e_1_3_1_126_2","doi-asserted-by":"crossref","first-page":"755","DOI":"10.1145\/2976749.2978315","volume-title":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","author":"Liao Xiaojing","year":"2016","unstructured":"Xiaojing Liao, Kan Yuan, XiaoFeng Wang, Zhou Li, Luyi Xing, and Raheem Beyah. 2016. Acing the IOC game: Toward automatic discovery and analysis of open-source cyber threat intelligence. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (Vienna, Austria). Association for Computing Machinery, New York, NY, USA, 755\u2013766. DOI:10.1145\/2976749.2978315"},{"key":"e_1_3_1_127_2","unstructured":"Xiaoqun Liu Jiacheng Liang Qiben Yan Muchao Ye Jinyuan Jia and Zhaohan Xi. 2025. Cyber defense reinvented: Large language models as threat intelligence copilots. arXiv preprint (2025). arXiv:2502.20791v1."},{"key":"e_1_3_1_128_2","first-page":"2728","volume-title":"Proceedings of the 2024 27th International Conference on Computer Supported Cooperative Work in Design","author":"Liu Yang","year":"2024","unstructured":"Yang Liu, Xiaohui Han, Wenbo Zuo, Haiqing Lv, and Jing Guo. 2024. CTI-JE: A joint extraction framework of entities and relations in unstructured cyber threat intelligence. In Proceedings of the 2024 27th International Conference on Computer Supported Cooperative Work in Design. 2728\u20132733. DOI:10.1109\/CSCWD61410.2024.10580210"},{"key":"e_1_3_1_129_2","volume-title":"Proceedings of the Network and Distributed System Security Symposium","author":"Liu Yushan","year":"2018","unstructured":"Yushan Liu, Mu Zhang, Ding Li, Kangkook Jee, Zhichun Li, Zhenyu Wu, Junghwan John Rhee, and Prateek Mittal. 2018. Towards a timely causality analysis for enterprise security. In Proceedings of the Network and Distributed System Security Symposium."},{"key":"e_1_3_1_130_2","volume-title":"Proceedings of the 2015 IEEE\/ACM International Conference on Advances in Social Networks Analysis and Mining. 926\u2013933","author":"Macdonald Mitch","year":"2015","unstructured":"Mitch Macdonald, Richard Frank, Joseph Mei, and Bryan Monk. 2015. Identifying digital threats in a hacker web forum. In Proceedings of the 2015 IEEE\/ACM International Conference on Advances in Social Networks Analysis and Mining. 926\u2013933. DOI:10.1145\/2808797.2808878"},{"key":"e_1_3_1_131_2","first-page":"187","volume-title":"Proceedings of the 2016 IEEE Conference on Intelligence and Security Informatics","author":"Marin Ericsson","year":"2016","unstructured":"Ericsson Marin, Ahmad Diab, and Paulo Shakarian. 2016. Product offerings in malicious hacker markets. In Proceedings of the 2016 IEEE Conference on Intelligence and Security Informatics. 187\u2013189. DOI:10.1109\/ISI.2016.7745465"},{"key":"e_1_3_1_132_2","volume-title":"Proceedings of the 13th USENIX Workshop on Cyber Security Experimentation and Test","author":"Mashima Daisuke","year":"2020","unstructured":"Daisuke Mashima, Derek Kok, Wei Lin, Muhammad Hazwan, and Alvin Cheng. 2020. On design and enhancement of smart grid honeypot system for practical collection of threat intelligence. In Proceedings of the 13th USENIX Workshop on Cyber Security Experimentation and Test. USENIX Association. Retrieved from https:\/\/www.usenix.org\/conference\/cset20\/presentation\/mashima"},{"key":"e_1_3_1_133_2","first-page":"91","volume-title":"Proceedings of the 2017 European Intelligence and Security Informatics Conference","author":"Mavroeidis Vasileios","year":"2017","unstructured":"Vasileios Mavroeidis and Siri Bromander. 2017. Cyber threat intelligence model: An evaluation of taxonomies, sharing standards, and ontologies within cyber threat intelligence. In Proceedings of the 2017 European Intelligence and Security Informatics Conference. 91\u201398. DOI:10.1109\/EISIC.2017.20"},{"key":"e_1_3_1_134_2","first-page":"63","volume-title":"Proceedings of the International Symposium on Privacy Enhancing Technologies Symposium, vol.5134","author":"McCoy Damon","year":"2008","unstructured":"Damon McCoy, Kevin Bauer, Dirk Grunwald, Tadayoshi Kohno, and Douglas Sicker. 2008. Shining light in dark places: Understanding the tor network. In Proceedings of the International Symposium on Privacy Enhancing Technologies Symposium, vol.5134. 63\u201376."},{"key":"e_1_3_1_135_2","doi-asserted-by":"crossref","first-page":"60","DOI":"10.1109\/ICMLA.2013.106","volume-title":"Proceedings of the 2013 12th International Conference on Machine Learning and Applications","volume":"2","author":"McNeil Nikki","year":"2013","unstructured":"Nikki McNeil, Robert A. Bridges, Michael D. Iannacone, Bogdan Czejdo, Nicolas Perez, and John R. Goodall. 2013. PACE: Pattern accurate computationally efficient bootstrapping for timely discovery of cyber-security concepts. In Proceedings of the 2013 12th International Conference on Machine Learning and Applications, Vol. 2. 60\u201365. DOI:10.1109\/ICMLA.2013.106"},{"key":"e_1_3_1_136_2","first-page":"396","volume-title":"Proceedings of the 2019 IEEE 43rd Annual Computer Software and Applications Conference","author":"Mendsaikhan Otgonpurev","year":"2019","unstructured":"Otgonpurev Mendsaikhan, Hirokazu Hasegawa, Yukiko Yamaguchi, and Hajime Shimada. 2019. Identification of cybersecurity specific content using the Doc2Vec language model. In Proceedings of the 2019 IEEE 43rd Annual Computer Software and Applications Conference. 396\u2013401. DOI:10.1109\/COMPSAC.2019.00064"},{"key":"e_1_3_1_137_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.3027321"},{"key":"e_1_3_1_138_2","volume-title":"Proceedings of the 16th International Conference on Availability, Reliability and Security","author":"Merah Yazid","year":"2021","unstructured":"Yazid Merah and Tayeb Kenaza. 2021. Ontology-Based Cyber Risk Monitoring Using Cyber Threat Intelligence. In Proceedings of the 16th International Conference on Availability, Reliability and Security (Vienna, Austria). Association for Computing Machinery, New York, NY, USA, Article 88, 8 pages. DOI:10.1145\/3465481.3470024"},{"key":"e_1_3_1_139_2","doi-asserted-by":"publisher","unstructured":"Emanuele Mezzi Fabio Massacci and Katja Tuma. 2025. Large Language Models are Unreliable for Cyber Threat Intelligence. In Availability Reliability and Security. 343\u2013364. 10.48550\/arXiv.2503.23175","DOI":"10.48550\/arXiv.2503.23175"},{"key":"e_1_3_1_140_2","unstructured":"Microsoft 2012. Microsoft Build (Security Bulletins). Retrieved from https:\/\/docs.microsoft.com\/ja-jp\/security-updates\/securitybulletins\/securitybulletins"},{"key":"e_1_3_1_141_2","doi-asserted-by":"crossref","first-page":"1795","DOI":"10.1145\/3319535.3363217","volume-title":"Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security","author":"Milajerdi Sadegh M.","year":"2019","unstructured":"Sadegh M. Milajerdi, Birhanu Eshete, Rigel Gjomemo, and V. N. Venkatakrishnan. 2019. POIROT: Aligning attack behavior with kernel audit records for cyber threat hunting. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (London, United Kingdom). Association for Computing Machinery, New York, NY, USA, 1795\u20131812. DOI:10.1145\/3319535.3363217"},{"key":"e_1_3_1_142_2","doi-asserted-by":"crossref","first-page":"1137","DOI":"10.1109\/SP.2019.00026","volume-title":"Proceedings of the 2019 IEEE Symposium on Security and Privacy","author":"Milajerdi Sadegh M.","year":"2019","unstructured":"Sadegh M. Milajerdi, Rigel Gjomemo, Birhanu Eshete, R. Sekar, and V. N. Venkatakrishnan. 2019. HOLMES: Real-time APT detection through correlation of suspicious information flows. In Proceedings of the 2019 IEEE Symposium on Security and Privacy. 1137\u20131152. DOI:10.1109\/SP.2019.00026"},{"key":"e_1_3_1_143_2","unstructured":"MITRE ATT&CK 2024. Techniques - ICS | MITRE ATT&CK. Retrieved from https:\/\/attack.mitre.org\/techniques\/ics\/"},{"key":"e_1_3_1_144_2","volume-title":"Proceedings of the 2016 IEEE\/ACM International Conference on Advances in Social Networks Analysis and Mining. 860\u2013867","author":"Mittal Sudip","year":"2016","unstructured":"Sudip Mittal, Prajit Kumar Das, Varish Mulwad, Anupam Joshi, and Tim Finin. 2016. CyberTwitter: Using twitter to generate alerts for cybersecurity threats and vulnerabilities. In Proceedings of the 2016 IEEE\/ACM International Conference on Advances in Social Networks Analysis and Mining. 860\u2013867. DOI:10.1109\/ASONAM.2016.7752338"},{"key":"e_1_3_1_145_2","first-page":"408","volume-title":"Proceedings of the 2016 IEEE 2nd International Conference on Collaboration and Internet Computing","author":"Modi Ajay","year":"2016","unstructured":"Ajay Modi, Zhibo Sun, Anupam Panwar, Tejas Khairnar, Ziming Zhao, Adam Doup\u00e9, Gail-Joon Ahn, and Paul Black. 2016. Towards automated threat intelligence fusion. In Proceedings of the 2016 IEEE 2nd International Conference on Collaboration and Internet Computing. 408\u2013416. DOI:10.1109\/CIC.2016.060"},{"key":"e_1_3_1_146_2","doi-asserted-by":"crossref","first-page":"71","DOI":"10.1145\/2068816.2068824","volume-title":"Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference","author":"Motoyama Marti","year":"2011","unstructured":"Marti Motoyama, Damon McCoy, Kirill Levchenko, Stefan Savage, and Geoffrey M. Voelker. 2011. An Analysis of Underground Forums. In Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference (Berlin, Germany). Association for Computing Machinery, New York, NY, USA, 71\u201380. DOI:10.1145\/2068816.2068824"},{"key":"e_1_3_1_147_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2018.2844794"},{"key":"e_1_3_1_148_2","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2021.3111028"},{"key":"e_1_3_1_149_2","first-page":"919","volume-title":"Proceedings of the 27th USENIX Conference on Security Symposium","author":"Mu Dongliang","year":"2018","unstructured":"Dongliang Mu, Alejandro Cuevas, Limin Yang, Hang Hu, Xinyu Xing, Bing Mao, and Gang Wang. 2018. Understanding the reproducibility of crowd-reported security vulnerabilities. In Proceedings of the 27th USENIX Conference on Security Symposium (Baltimore, MD, USA). USENIX Association, USA, 919\u2013936."},{"key":"e_1_3_1_150_2","first-page":"257","volume-title":"Proceedings of the 2011 IEEE\/WIC\/ACM International Conferences on Web Intelligence and Intelligent Agent Technology","author":"Mulwad Varish","year":"2011","unstructured":"Varish Mulwad, Wenjia Li, Anupam Joshi, Tim Finin, and Krishnamurthy Viswanathan. 2011. Extracting information about security vulnerabilities from web text. In Proceedings of the 2011 IEEE\/WIC\/ACM International Conferences on Web Intelligence and Intelligent Agent Technology. 257\u2013260. DOI:10.1109\/WI-IAT.2011.26"},{"key":"e_1_3_1_151_2","doi-asserted-by":"publisher","DOI":"10.2197\/ipsjjip.27.802"},{"key":"e_1_3_1_152_2","doi-asserted-by":"publisher","DOI":"10.1587\/transinf.2020DAL0002"},{"key":"e_1_3_1_153_2","doi-asserted-by":"publisher","DOI":"10.1587\/transinf.2018OFL0006"},{"key":"e_1_3_1_154_2","first-page":"354","volume-title":"Proceedings of the 2018 IEEE 4th International Conference on Collaboration and Internet Computing","author":"Narayanan Sandeep Nair","year":"2018","unstructured":"Sandeep Nair Narayanan, Ashwinkumar Ganesan, Karuna Joshi, Tim Oates, Anupam Joshi, and Tim Finin. 2018. Early detection of cybersecurity threats using collaborative cognition. In Proceedings of the 2018 IEEE 4th International Conference on Collaboration and Internet Computing. 354\u2013363. DOI:10.1109\/CIC.2018.00054"},{"issue":"11","key":"e_1_3_1_155_2","doi-asserted-by":"crossref","first-page":"1332","DOI":"10.1016\/j.conengprac.2006.10.004","article-title":"Communication in industrial automation\u2013what is going on?","volume":"15","author":"Neumann Peter","year":"2007","unstructured":"Peter Neumann. 2007. Communication in industrial automation\u2013what is going on? Control Engineering Practice 15, 11 (2007), 1332\u20131347.","journal-title":"Control Engineering Practice"},{"key":"e_1_3_1_156_2","unstructured":"NIST 2002. National Vulnerability Database NVD. Retrieved from https:\/\/nvd.nist.gov\/"},{"key":"e_1_3_1_157_2","volume-title":"Proceedings of the 2022 31st Conference of Open Innovations Association. 214\u2013219","author":"Nkodia Daniela-Kler","year":"2022","unstructured":"Daniela-Kler Nkodia, Alexander Menshchikov, and Dmitriy Tatarov. 2022. Processing of unstructured information about software vulnerabilities. In Proceedings of the 2022 31st Conference of Open Innovations Association. 214\u2013219. DOI:10.23919\/FRUCT54823.2022.9770888"},{"key":"e_1_3_1_158_2","series-title":"Handbook of Statistics","doi-asserted-by":"crossref","first-page":"117","DOI":"10.1016\/bs.host.2016.07.001","volume-title":"Proceedings of the Cognitive Computing: Theory and Applications.","volume":"35","author":"Noel S.","year":"2016","unstructured":"S. Noel, E. Harley, K. H. Tam, M. Limiero, and M. Share. 2016. CyGraph: Graph-based analytics and visualization for cybersecurity. In Proceedings of the Cognitive Computing: Theory and Applications.Venkat N. Gudivada, Vijay V. Raghavan, Venu Govindaraju, and C. R. Rao (Eds.), Handbook of Statistics, Vol. 35, Elsevier, 117\u2013167. DOI:10.1016\/bs.host.2016.07.001"},{"key":"e_1_3_1_159_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.future.2019.01.022"},{"key":"e_1_3_1_160_2","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2023.3299519"},{"key":"e_1_3_1_161_2","first-page":"7","volume-title":"Proceedings of the 2016 IEEE Conference on Intelligence and Security Informatics","author":"Nunes Eric","year":"2016","unstructured":"Eric Nunes, Ahmad Diab, Andrew Gunn, Ericsson Marin, Vineet Mishra, Vivin Paliath, John Robertson, Jana Shakarian, Amanda Thart, and Paulo Shakarian. 2016. Darknet and deepnet mining for proactive cybersecurity threat intelligence. In Proceedings of the 2016 IEEE Conference on Intelligence and Security Informatics. 7\u201312. DOI:10.1109\/ISI.2016.7745435"},{"key":"e_1_3_1_162_2","volume-title":"Proceedings of the Semantic Technologies for Intelligence, Defense, and Security","author":"Obrst Leo","year":"2012","unstructured":"Leo Obrst, Penny Chase, and Richard Markeloff. 2012. Developing an ontology of the cyber security domain. In Proceedings of the Semantic Technologies for Intelligence, Defense, and Security."},{"key":"e_1_3_1_163_2","unstructured":"OffSec 2003. Exploits Database by Offensive Security. Retrieved from https:\/\/www.exploit-db.com\/"},{"key":"e_1_3_1_164_2","first-page":"54","article-title":"Building an ontology of cyber security","volume":"1304","author":"Oltramari A.","year":"2014","unstructured":"A. Oltramari, L.F. Cranor, R. J. Walls, and P. McDaniel. 2014. Building an ontology of cyber security. CEUR Workshop Proceedings 1304 (2014), 54\u201361.","journal-title":"CEUR Workshop Proceedings"},{"key":"e_1_3_1_165_2","first-page":"318","volume-title":"Proceedings of the 2015 IEEE Military Communications Conference","author":"Oltramari Alessandro","year":"2015","unstructured":"Alessandro Oltramari, Lorrie Faith Cranor, Robert J. Walls, and Patrick McDaniel. 2015. Computational ontology of network operations. In Proceedings of the 2015 IEEE Military Communications Conference. 318\u2013323. DOI:10.1109\/MILCOM.2015.7357462"},{"key":"e_1_3_1_166_2","doi-asserted-by":"publisher","DOI":"10.1007\/s12243-022-00928-5"},{"key":"e_1_3_1_167_2","unstructured":"Pastebin 2012. Pastebin. Retrieved from https:\/\/pastebin.pl\/"},{"key":"e_1_3_1_168_2","first-page":"207","volume-title":"Proceedings of the 21nd International Symposium on Research in Attacks, Intrusions and Defenses","author":"Pastrana Sergio","year":"2018","unstructured":"Sergio Pastrana, Alice Hutchings, Andrew Caines, and Buttery Paula. 2018. Characterizing eve: Analysing cybercrime actors in a large underground forum. In Proceedings of the 21nd International Symposium on Research in Attacks, Intrusions and Defenses. 207\u2013227."},{"key":"e_1_3_1_169_2","doi-asserted-by":"publisher","unstructured":"Kexin Pei Zhongshu Gu Brendan Saltaformaggio Ma Shiqing Fei Wang Zhiwei Zhang Luo Si Xiangyu Zhang and Dongyan Xu. 2016. HERCULE: Attack story reconstruction via community discovery on correlated log graph. In Association for Computing Machinery. 583\u2013595. 10.1145\/2991079.2991122","DOI":"10.1145\/2991079.2991122"},{"key":"e_1_3_1_170_2","doi-asserted-by":"publisher","unstructured":"Wei Peng Junmei Ding Wei Wang Lei Cui Wei Cai Zhiyu Hao and Xiaochun Yun. 2024. CTISum: A new benchmark dataset for cyber threat intelligence summarization. DOI:10.48550\/arXiv.2408.06576","DOI":"10.48550\/arXiv.2408.06576"},{"key":"e_1_3_1_171_2","doi-asserted-by":"crossref","first-page":"879","DOI":"10.1145\/3341161.3343519","volume-title":"Proceedings of the 2019 IEEE\/ACM International Conference on Advances in Social Networks Analysis and Mining","author":"Pingle Aditya","year":"2019","unstructured":"Aditya Pingle, Aritran Piplai, Sudip Mittal, Anupam Joshi, James Holt, and Richard Zak. 2019. RelExt: Relation extraction using deep learning approaches for cybersecurity knowledge graph improvement. In Proceedings of the 2019 IEEE\/ACM International Conference on Advances in Social Networks Analysis and Mining. 879\u2013886. DOI:10.1145\/3341161.3343519"},{"key":"e_1_3_1_172_2","unstructured":"John Pinkston Jeffrey Undercoffer Anupam Joshi and Tim Finin. 2004. A target-centric ontology for intrusion detection. In International Joint Conference on Artificial Intelligence. 47\u201358."},{"key":"e_1_3_1_173_2","doi-asserted-by":"publisher","unstructured":"Nikolaos Pitropakis Marios Logothetis Gennady Andrienko Jason Stefanatos Eirini Karapistoli and Costas Lambrinoudakis. 2019. Towards The Creation of A Threat Intelligence Framework for Maritime Infrastructures. In Computer Security. 10.13140\/RG.2.2.14520.70403","DOI":"10.13140\/RG.2.2.14520.70403"},{"key":"e_1_3_1_174_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2017.02.005"},{"key":"e_1_3_1_175_2","volume-title":"Proceedings of the 2020 8th International Conference on Information Technology and Multimedia. 144\u2013149","author":"Qassim Qais Saif","year":"2020","unstructured":"Qais Saif Qassim, Norziana Jamil, Mohammed Najah Mahdi, and Azril Azam Abdul Rahim. 2020. Towards SCADA threat intelligence based on intrusion detection systems - a short review. In Proceedings of the 2020 8th International Conference on Information Technology and Multimedia. 144\u2013149. DOI:10.1109\/ICIMU49871.2020.9243337"},{"key":"e_1_3_1_176_2","first-page":"868","volume-title":"Proceedings of the 12th International Workshop on Semantic Evaluation","author":"R Manikandan","year":"2018","unstructured":"Manikandan R, Krishna Madgula, and Snehanshu Saha. 2018. TeamDL at semeval-2018 task 8: Cybersecurity text analysis using convolutional neural network and conditional random fields. In Proceedings of the 12th International Workshop on Semantic Evaluation. Association for Computational Linguistics, New Orleans, Louisiana, 868\u2013873. DOI:10.18653\/v1\/S18-1140"},{"key":"e_1_3_1_177_2","first-page":"1","volume-title":"Proceedings of the 2019 18th RoEduNet Conference: Networking in Education and Research","author":"Radu Raluca Elena","year":"2019","unstructured":"Raluca Elena Radu, Octavian Grigorescu, and R\u0103zvan Victor Rughini\u015f.2019. Security news aggregator. In Proceedings of the 2019 18th RoEduNet Conference: Networking in Education and Research. 1\u20138. DOI:10.1109\/ROEDUNET.2019.8909609"},{"key":"e_1_3_1_178_2","doi-asserted-by":"crossref","first-page":"181","DOI":"10.1145\/3021460.3021482","volume-title":"Proceedings of the 10th Innovations in Software Engineering Conference","author":"Ramnani Roshni R.","year":"2017","unstructured":"Roshni R. Ramnani, Karthik Shivaram, Shubhashis Sengupta, and Annervaz K. M.2017. Semi-automated information extraction from unstructured threat advisories. In Proceedings of the 10th Innovations in Software Engineering Conference (Jaipur, India). Association for Computing Machinery, New York, NY, USA, 181\u2013187. DOI:10.1145\/3021460.3021482"},{"key":"e_1_3_1_179_2","first-page":"3334","volume-title":"Proceedings of the 2021 IEEE International Conference on Big Data","author":"Ranade Priyanka","year":"2021","unstructured":"Priyanka Ranade, Aritran Piplai, Anupam Joshi, and Tim Finin. 2021. CyBERT: Contextualized embeddings for the cybersecurity domain. In Proceedings of the 2021 IEEE International Conference on Big Data. 3334\u20133342. DOI:10.1109\/BigData52589.2021.9671824"},{"key":"e_1_3_1_180_2","first-page":"1","article-title":"Generating fake cyber threat intelligence using transformer-based models","author":"Ranade Priyanka","year":"2021","unstructured":"Priyanka Ranade, Aritran Piplai, Sudip Mittal, Anupam Joshi, and Tim Finin. 2021. Generating fake cyber threat intelligence using transformer-based models. 2021 International Joint Conference on Neural Networks(2021), 1\u20139.","journal-title":"2021 International Joint Conference on Neural Networks"},{"key":"e_1_3_1_181_2","doi-asserted-by":"publisher","unstructured":"Victor Raskin Christian Hempelmann Katrina Triezenberg and Sergei Nirenburg. 2001. Ontology in information security: A useful theoretical foundation and methodological tool. In Association for Computing Machinery. 53\u201359. 10.1145\/508171.508180","DOI":"10.1145\/508171.508180"},{"key":"e_1_3_1_182_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-59621-7_2"},{"key":"e_1_3_1_183_2","first-page":"1","volume-title":"Proceedings of the 2024 International Conference on Advances in Modern Age Technologies for Health and Engineering Science","author":"Rathor Ketan","year":"2024","unstructured":"Ketan Rathor, Dhananjayamurthy B. V., Abdul Jaleel D., Subharun Pal, Bhavani P., and Neerav Nishant. 2024. Temporal threat recognition in supply chains: Integrating hidden markov models for proactive security with ai-driven automated threat hunting. In Proceedings of the 2024 International Conference on Advances in Modern Age Technologies for Health and Engineering Science. 1\u20136. DOI:10.1109\/AMATHE61652.2024.10582202"},{"key":"e_1_3_1_184_2","unstructured":"Reddit 2005. reddit. Retrieved from https:\/\/www.reddit.com\/"},{"key":"e_1_3_1_185_2","doi-asserted-by":"publisher","unstructured":"Owen Redwood Joshua Lawrence and Mike Burmester. 2015. A symbolic honeynet framework for SCADA system threat intelligence. In Critical Infrastructure Protection IX. 103\u2013118. 10.1007\/978-3-319-26567-4_7","DOI":"10.1007\/978-3-319-26567-4_7"},{"key":"e_1_3_1_186_2","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-019-00433-2"},{"key":"e_1_3_1_187_2","doi-asserted-by":"crossref","first-page":"896","DOI":"10.1145\/2736277.2741083","volume-title":"Proceedings of the 24th International Conference on World Wide Web","author":"Ritter Alan","year":"2015","unstructured":"Alan Ritter, Evan Wright, William Casey, and Tom Mitchell. 2015. Weakly supervised extraction of computer security events from twitter. In Proceedings of the 24th International Conference on World Wide Web (Florence, Italy). International World Wide Web Conferences Steering Committee, Republic and Canton of Geneva, CHE, 896\u2013905. DOI:10.1145\/2736277.2741083"},{"key":"e_1_3_1_188_2","unstructured":"Carl Sabottke Octavian Suciu and Tudor Dumitra\u015f. 2015. Vulnerability disclosure in the age of social media: Exploiting twitter for predicting real-world exploits.In Proceedings of the 24th USENIX Security Symposium. USENIX Association USA 1041\u20131056."},{"key":"e_1_3_1_189_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-90307-1_8-1"},{"key":"e_1_3_1_190_2","first-page":"319","volume-title":"Proceedings of the 2016 IEEE Conference on Intelligence and Security Informatics","author":"Samtani Sagar","year":"2016","unstructured":"Sagar Samtani and Hsinchun Chen. 2016. Using social network analysis to identify key hackers for keylogging tools in hacker forums. In Proceedings of the 2016 IEEE Conference on Intelligence and Security Informatics. 319\u2013321. DOI:10.1109\/ISI.2016.7745500"},{"key":"e_1_3_1_191_2","first-page":"19","volume-title":"Proceedings of the 2016 IEEE Conference on Intelligence and Security Informatics","author":"Samtani Sagar","year":"2016","unstructured":"Sagar Samtani, Kory Chinn, Cathy Larson, and Hsinchun Chen. 2016. AZSecure Hacker Assets Portal: Cyber threat intelligence and malware analysis. In Proceedings of the 2016 IEEE Conference on Intelligence and Security Informatics. 19\u201324. DOI:10.1109\/ISI.2016.7745437"},{"key":"e_1_3_1_192_2","first-page":"31","volume-title":"Proceedings of the 2015 IEEE International Conference on Intelligence and Security Informatics","author":"Samtani Sagar","year":"2015","unstructured":"Sagar Samtani, Ryan Chinn, and Hsinchun Chen. 2015. Exploring hacker assets in underground forums. In Proceedings of the 2015 IEEE International Conference on Intelligence and Security Informatics. 31\u201336. DOI:10.1109\/ISI.2015.7165935"},{"key":"e_1_3_1_193_2","doi-asserted-by":"publisher","DOI":"10.1080\/07421222.2017.1394049"},{"key":"e_1_3_1_194_2","first-page":"667","volume-title":"Proceedings of the 2017 IEEE International Conference on Data Mining Workshops","author":"Sapienza Anna","year":"2017","unstructured":"Anna Sapienza, Alessandro Bessi, Saranya Damodaran, Paulo Shakarian, Kristina Lerman, and Emilio Ferrara. 2017. Early warnings of cyber threats in online discussions. In Proceedings of the 2017 IEEE International Conference on Data Mining Workshops. 667\u2013674. DOI:10.1109\/ICDMW.2017.94"},{"key":"e_1_3_1_195_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.knosys.2021.107524"},{"key":"e_1_3_1_196_2","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1007\/978-3-030-42500-5_1","article-title":"Industrial networks and IIoT: Now and future trends","author":"Sari Alparslan","year":"2020","unstructured":"Alparslan Sari, Alexios Lekidis, and Ismail Butun. 2020. Industrial networks and IIoT: Now and future trends. Industrial IoT: Challenges, Design Principles, Applications, and Security, 3\u201355.","journal-title":"Industrial IoT: Challenges, Design Principles, Applications, and Security"},{"key":"e_1_3_1_197_2","doi-asserted-by":"publisher","unstructured":"Kiavash Satvat Rigel Gjomemo and V. N. Venkatakrishnan. 2021. Extractor: Extracting attack behavior from threat reports. In 2021 IEEE European Symposium on Security and Privacy (EuroSP). 598\u2013615. 10.1109\/EuroSP51992.2021.00046","DOI":"10.1109\/EuroSP51992.2021.00046"},{"key":"e_1_3_1_198_2","volume-title":"Proceedings of the 2017 3rd IEEE International Conference on Cybernetics. 1\u20137","author":"Settanni Giuseppe","year":"2017","unstructured":"Giuseppe Settanni, Yegor Shovgenya, Florian Skopik, Roman Graf, Markus Wurzenberger, and Roman Fiedler. 2017. Acquiring cyber threat intelligence through security information correlation. In Proceedings of the 2017 3rd IEEE International Conference on Cybernetics. 1\u20137. DOI:10.1109\/CYBConf.2017.7985754"},{"key":"e_1_3_1_199_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.eswa.2024.125509"},{"key":"e_1_3_1_200_2","unstructured":"Sharing Datasets 2025. Guidelines for CTI Datasets. Retrieved from https:\/\/github.com\/keisukefurumoto\/Guidelines-for-CTI-Datasets"},{"key":"e_1_3_1_201_2","volume-title":"Proceedings of the 2024 International Conference on Intelligent Systems for Cybersecurity . 1\u20136","year":"2024","unstructured":"Simran, Sonu Kumar, and Aarti Hans. 2024. The AI shield and red AI framework: Machine learning solutions for cyber threat intelligence(CTI). In Proceedings of the 2024 International Conference on Intelligent Systems for Cybersecurity . 1\u20136. DOI:10.1109\/ISCS61804.2024.10581195"},{"key":"e_1_3_1_202_2","first-page":"1981","volume-title":"Proceedings of the 2021 3rd International Conference on Advances in Computing, Communication Control and Networking","author":"Singh Kulvinder","year":"2021","unstructured":"Kulvinder Singh and Sudan Jha. 2021. Cyber threat analysis and prediction using machine learning. In Proceedings of the 2021 3rd International Conference on Advances in Computing, Communication Control and Networking. 1981\u20131985. DOI:10.1109\/ICAC3N53548.2021.9725445"},{"key":"e_1_3_1_203_2","doi-asserted-by":"publisher","unstructured":"Giuseppe Siracusano Davide Sanvito Roberto Gonzalez Manikantan Srinivasan Sivakaman Kamatchi Wataru Takahashi Masaru Kawakita Takahiro Kakumaru and Roberto Bifulco. 2023. Time for aCTIon: Automated analysis of cyber threat intelligence in the wild. ArXiv (07 2023). 10.48550\/arXiv.2307.10214","DOI":"10.48550\/arXiv.2307.10214"},{"key":"e_1_3_1_204_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2016.04.003"},{"key":"e_1_3_1_205_2","unstructured":"Slashdot 1997. Slashdot. Retrieved from https:\/\/slashdot.org\/"},{"key":"e_1_3_1_206_2","unstructured":"Joseph Slowik. [n.d.]. Evolution of ICS Attacks and the Prospects for Future Disruptive Events. Retrieved from https:\/\/www.dragos.com\/wp-content\/uploads\/Evolution-of-ICS-Attacks-and-the-Prospects-for-Future-Disruptive-Events-Joseph-Slowik-1.pdf"},{"key":"e_1_3_1_207_2","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2024.3413351"},{"key":"e_1_3_1_208_2","unstructured":"Stack Exchange 2008. Information Security Stack Exchange. Retrieved from https:\/\/security.stackexchange.com\/"},{"key":"e_1_3_1_209_2","unstructured":"Stack Overflow 2008. Stack Overflow. Retrieved from https:\/\/stackoverflow.com\/"},{"issue":"82","key":"e_1_3_1_210_2","first-page":"16","article-title":"Guide to industrial control systems (ICS) security","volume":"800","author":"Stouffer Keith","year":"2011","unstructured":"Keith Stouffer, Joe Falco, Karen Scarfone, et\u00a0al. 2011. Guide to industrial control systems (ICS) security. NIST Special Publication 800, 82 (2011), 16\u201316.","journal-title":"NIST Special Publication"},{"key":"e_1_3_1_211_2","unstructured":"Sabah Suhail Raja Jurdak Raimundas Matulevi\u010dius and Choong Seon Hong. 2021. Securing Cyber-Physical Systems Through Blockchain-Based Digital Twins and Threat Intelligence. ArXiv abs\/2105.08886 (2021)."},{"key":"e_1_3_1_212_2","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2023.3273282"},{"key":"e_1_3_1_213_2","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2018.2885561"},{"key":"e_1_3_1_214_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2018.2821095"},{"key":"e_1_3_1_215_2","volume-title":"Workshops of the 13th AAAI Conference on Artificial Intelligence Artificial Intelligence for Cyber Security: Technical Report WS-16-03","author":"Syed Zareen","year":"2016","unstructured":"Zareen Syed, Ankur Padia, Tim Finin, Lisa Mathews, and Anupam Joshi. 2016. UCO: A unified cybersecurity ontology. In Workshops of the 13th AAAI Conference on Artificial Intelligence Artificial Intelligence for Cyber Security: Technical Report WS-16-03."},{"key":"e_1_3_1_216_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.compeleceng.2022.108261"},{"key":"e_1_3_1_217_2","doi-asserted-by":"publisher","DOI":"10.1007\/s10586-017-0813-8"},{"key":"e_1_3_1_218_2","unstructured":"TAXII 2018. Introduction to TAXII. Retrieved from https:\/\/oasis-open.github.io\/cti-documentation\/taxii\/intro.html"},{"key":"e_1_3_1_219_2","doi-asserted-by":"publisher","DOI":"10.2197\/ipsjjip.28.1025"},{"key":"e_1_3_1_220_2","first-page":"296","volume-title":"Proceedings of the 2024 IEEE International Conference on Cyber Security and Resilience","author":"Tihanyi Norbert","year":"2024","unstructured":"Norbert Tihanyi, Mohamed Amine Ferrag, Ridhi Jain, Tamas Bisztray, and Merouane Debbah. 2024. CyberMetric: A benchmark dataset based on retrieval-augmented generation for evaluating LLMs in cybersecurity knowledge. In Proceedings of the 2024 IEEE International Conference on Cyber Security and Resilience. 296\u2013302. DOI:10.1109\/CSR61664.2024.10679494"},{"key":"e_1_3_1_221_2","unstructured":"Tor 2005. Tor Project: Anonymity online. Retrieved from https:\/\/www.torproject.org\/"},{"key":"e_1_3_1_222_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2017.09.001"},{"key":"e_1_3_1_223_2","volume-title":"Proceedings of the 2015 7th International Conference on New Technologies, Mobility and Security. 1\u20137","author":"Trabelsi Slim","year":"2015","unstructured":"Slim Trabelsi, Henrik Plate, Amine Abida, M. Marouane Ben Aoun, Anis Zouaoui, Chedy Missaoui, Sofien Gharbi, and Alaeddine Ayari. 2015. Mining social networks for software vulnerabilities monitoring. In Proceedings of the 2015 7th International Conference on New Technologies, Mobility and Security. 1\u20137. DOI:10.1109\/NTMS.2015.7266506"},{"key":"e_1_3_1_224_2","unstructured":"Trend Micro 2015. Threat Encyclopedia - Trend Micro. Retrieved from https:\/\/www.trendmicro.com\/vinfo\/no\/threat-encyclopedia\/"},{"key":"e_1_3_1_225_2","unstructured":"Trendmicro 2016. Ransomware-as-a-Service: Ransomware Operators Find Ways to Bring in Business. Retrieved from https:\/\/www.trendmicro.com\/vinfo\/es\/security\/news\/cybercrime-and-digital-threats\/ransomware-as-a-service-ransomware-operators-find-ways-to-bring-in-business"},{"key":"e_1_3_1_226_2","volume-title":"Proceedings of the 2020 IEEE International Conference on Big Data. 1847\u20131852","author":"Tsai Chia-En","year":"2020","unstructured":"Chia-En Tsai, Cheng-Lin Yang, and Chong-Kuan Chen. 2020. CTI ANT: Hunting for chinese threat intelligence. In Proceedings of the 2020 IEEE International Conference on Big Data. 1847\u20131852. DOI:10.1109\/BigData50022.2020.9378125"},{"key":"e_1_3_1_227_2","first-page":"46","volume-title":"Proceedings of the 2007 Pacific Asia Conference on Intelligence and Security Informatics","author":"Tsai Flora S.","year":"2007","unstructured":"Flora S. Tsai and Kap Luk Chan. 2007. Detecting cyber security threats in weblogs using probabilistic models. In Proceedings of the 2007 Pacific Asia Conference on Intelligence and Security Informatics (Chengdu, China). Springer-Verlag, Berlin, Heidelberg, 46\u201357."},{"key":"e_1_3_1_228_2","volume-title":"Proceedings of the 29th USENIX Conference on Security Symposium.","author":"Tseng Emily","year":"2020","unstructured":"Emily Tseng, Rosanna Bellini, Nora McDonald, Matan Danos, Rachel Greenstadt, Damon McCoy, Nicola Dell, and Thomas Ristenpart. 2020. The tools and tactics used in intimate partner surveillance: An analysis of online infidelity forums. In Proceedings of the 29th USENIX Conference on Security Symposium.USENIX Association, USA, Article 107, 17 pages."},{"key":"e_1_3_1_229_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2019.101589"},{"key":"e_1_3_1_230_2","first-page":"262","volume-title":"Proceedings of the 2021 IEEE 24th International Conference on Computer Supported Cooperative Work in Design","author":"Wang Xuren","year":"2021","unstructured":"Xuren Wang, Rong Chen, Binghua Song, Jie Yang, Zhengwei Jiang, Xiaoqing Zhang, Xiaomeng Li, and Shengqin Ao. 2021. A method for extracting unstructured threat intelligence based on dictionary template and reinforcement learning. In Proceedings of the 2021 IEEE 24th International Conference on Computer Supported Cooperative Work in Design. 262\u2013267. DOI:10.1109\/CSCWD49262.2021.9437858"},{"key":"e_1_3_1_231_2","first-page":"584","volume-title":"Proceedings of the 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications","author":"Wang Xuren","year":"2020","unstructured":"Xuren Wang, Mengbo Xiong, Yali Luo, Ning Li, Zhengwei Jiang, and Zihan Xiong. 2020. Joint learning for document-level threat intelligence relation extraction and coreference resolution based on gcn. In Proceedings of the 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications. 584\u2013591. DOI:10.1109\/TrustCom50675.2020.00083"},{"key":"e_1_3_1_232_2","doi-asserted-by":"crossref","first-page":"356","DOI":"10.1007\/978-3-319-17040-4_24","volume-title":"Proceedings of the International Symposium on Foundations and Practice of Security","author":"Weerawardhana Sachini","year":"2015","unstructured":"Sachini Weerawardhana, Subhojeet Mukherjee, Indrajit Ray, and Adele Howe. 2015. Automated extraction of vulnerability information for home computer security. In Proceedings of the International Symposium on Foundations and Practice of Security. 356\u2013366. DOI:10.1007\/978-3-319-17040-4_24"},{"key":"e_1_3_1_233_2","first-page":"3","volume-title":"Proceedings of the International Conference on Security and Privacy in Communication Systems","author":"Wei Renzheng","year":"2021","unstructured":"Renzheng Wei, Lijun Cai, Aimin Yu, and Dan Meng. 2021. DeepHunter: A graph neural network based approach for robust cyber threat hunting. In Proceedings of the International Conference on Security and Privacy in Communication Systems. 3\u201324."},{"key":"e_1_3_1_234_2","first-page":"94","volume-title":"Proceedings of the 2018 IEEE International Conference on Intelligence and Security Informatics","author":"Williams Ryan","year":"2018","unstructured":"Ryan Williams, Sagar Samtani, Mark Patton, and Hsinchun Chen. 2018. Incremental hacker forum exploit collection and classification for proactive cyber threat intelligence: An exploratory study. In Proceedings of the 2018 IEEE International Conference on Intelligence and Security Informatics. 94\u201399. DOI:10.1109\/ISI.2018.8587336"},{"key":"e_1_3_1_235_2","first-page":"1370","volume-title":"Proceedings of the 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference","author":"Wu Han","year":"2020","unstructured":"Han Wu, Xiaoyong Li, and Yali Gao. 2020. An effective approach of named entity recognition for cyber threat intelligence. In Proceedings of the 2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference. 1370\u20131374. DOI:10.1109\/ITNEC48623.2020.9085102"},{"key":"e_1_3_1_236_2","doi-asserted-by":"publisher","DOI":"10.1145\/3483332"},{"key":"e_1_3_1_237_2","unstructured":"X Corp 2006. X(Twitter). Retrieved from https:\/\/x.com\/"},{"key":"e_1_3_1_238_2","first-page":"2161","volume-title":"Proceedings of the 2017 13th International Conference on Natural Computation, Fuzzy Systems and Knowledge Discovery","author":"Xiao Zhifeng","year":"2017","unstructured":"Zhifeng Xiao. 2017. Towards a two-phase unsupervised system for cybersecurity concepts extraction. In Proceedings of the 2017 13th International Conference on Natural Computation, Fuzzy Systems and Knowledge Discovery. 2161\u20132168. DOI:10.1109\/FSKD.2017.8393106"},{"key":"e_1_3_1_239_2","unstructured":"Ming Xu Hongtai Wang Jiahao Liu Yun Lin Chenyang Liu Hoon Lim and Jin Dong. 2024. IntelEX: A LLM-driven attack-level threat intelligence extraction framework. arXiv preprint (2024). arXiv:2412.10872."},{"key":"e_1_3_1_240_2","doi-asserted-by":"publisher","DOI":"10.1007\/s10207-021-00545-8"},{"key":"e_1_3_1_241_2","doi-asserted-by":"publisher","unstructured":"Tarun Yadav and Arvind Rao. 2015. Technical Aspects of Cyber Kill Chain. In Security in Computing and Communications. 438\u2013452. 10.1007\/978-3-319-22915-7_40","DOI":"10.1007\/978-3-319-22915-7_40"},{"key":"e_1_3_1_242_2","first-page":"1366","volume-title":"Proceedings of the 2019 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies, Volume 1 (Long and Short Papers)","author":"Yagcioglu Semih","year":"2019","unstructured":"Semih Yagcioglu, Mehmet Saygin Seyfioglu, Begum Citamak, Batuhan Bardak, Seren Guldamlasioglu, Azmi Yuksel, and Emin Islam Tatli. 2019. Detecting cybersecurity events from noisy short text. In Proceedings of the 2019 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies, Volume 1 (Long and Short Papers). Association for Computational Linguistics, Minneapolis, Minnesota, 1366\u20131372. DOI:10.18653\/v1\/N19-1138"},{"key":"e_1_3_1_243_2","volume-title":"Proceedings of the 2022 12th International Congress on Advanced Applied Informatics. 653\u2013656","author":"Yamagishi Rei","year":"2022","unstructured":"Rei Yamagishi, Takahiro Katayama, Nobutaka Kawaguchi, and Tomohiro Shigemoto. 2022. HOUND: Log analysis support for threat hunting by log visualization. In Proceedings of the 2022 12th International Congress on Advanced Applied Informatics. 653\u2013656. DOI:10.1109\/IIAIAAI55812.2022.00130"},{"key":"e_1_3_1_244_2","volume-title":"Proceedings of the 2020 International Signal Processing, Communications and Engineering Management Conference. 240\u2013243","author":"Yan Zhihao","year":"2020","unstructured":"Zhihao Yan and Jingju Liu. 2020. A review on application of knowledge graph in cybersecurity. In Proceedings of the 2020 International Signal Processing, Communications and Engineering Management Conference. 240\u2013243. DOI:10.1109\/ISPCEM52197.2020.00055"},{"key":"e_1_3_1_245_2","volume-title":"Proceedings of the International Conference on Software Engineering and Knowledge Engineering","author":"Yang Jie","year":"2020","unstructured":"Jie Yang, Qiuyun Wang, Chang Su, and Xuren Wang. 2020. Threat intelligence relationship extraction based on distant supervision and reinforcement learning. In Proceedings of the International Conference on Software Engineering and Knowledge Engineering."},{"key":"e_1_3_1_246_2","first-page":"945","volume-title":"Proceedings of the 2014 4th International Conference on Instrumentation and Measurement, Computer, Communication and Control","author":"Yang Ming","year":"2014","unstructured":"Ming Yang and Guang Li. 2014. Analysis of PROFINET IO communication protocol. In Proceedings of the 2014 4th International Conference on Instrumentation and Measurement, Computer, Communication and Control. IEEE, 945\u2013949."},{"key":"e_1_3_1_247_2","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2020.2984582"},{"key":"e_1_3_1_248_2","doi-asserted-by":"publisher","DOI":"10.1007\/s11280-021-00909-z"},{"key":"e_1_3_1_249_2","first-page":"943","volume-title":"Proceedings of the 2021 36th IEEE\/ACM International Conference on Automated Software Engineering","author":"Yitagesu Sofonias","year":"2021","unstructured":"Sofonias Yitagesu, Zhenchang Xing, Xiaowang Zhang, Zhiyong Feng, Xiaohong Li, and Linyi Han. 2021. Unsupervised labeling and extraction of phrase-based concepts in vulnerability descriptions. In Proceedings of the 2021 36th IEEE\/ACM International Conference on Automated Software Engineering. 943\u2013954. DOI:10.1109\/ASE51524.2021.9678638"},{"key":"e_1_3_1_250_2","unstructured":"Javier Yong Haokai Ma Yunshan Ma Anis Yusof Zhenkai Liang and Ee-Chien Chang. 2025. AttackSeqBench: Benchmarking large language models\u2019 understanding of sequential patterns in cyber attacks. arXiv preprint (2025). arXiv:2503.03170."},{"key":"e_1_3_1_251_2","first-page":"1687","volume-title":"Proceedings of the 2024 27th International Conference on Computer Supported Cooperative Work in Design","author":"You Yizhe","year":"2024","unstructured":"Yizhe You, Zhengwei Jiang, Kai Zhang, Huamin Feng, Jun Jiang, and Peian Yang. 2024. TiGNet: Joint entity and relation triplets extraction for APT campaign threat intelligence. In Proceedings of the 2024 27th International Conference on Computer Supported Cooperative Work in Design. 1687\u20131694. DOI:10.1109\/CSCWD61410.2024.10580395"},{"key":"e_1_3_1_252_2","first-page":"1027","volume-title":"Proceedings of the 27th USENIX Conference on Security Symposium","author":"Yuan Kan","year":"2018","unstructured":"Kan Yuan, Haoran Lu, Xiaojing Liao, and Xiaofeng Wang. 2018. Reading thieves\u2019 cant: Automatically identifying and understanding dark jargons from cybercrime marketplaces. In Proceedings of the 27th USENIX Conference on Security Symposium (Baltimore, MD, USA). USENIX Association, USA, 1027\u20131041."},{"key":"e_1_3_1_253_2","volume-title":"Proceedings of the 28th Annual Network and Distributed System Security Symposium, NDSS 2021, virtually, February 21-25, 2021","author":"Zeng Jun","year":"2021","unstructured":"Jun Zeng, Zheng Leong Chua, Yinfang Chen, Kaihang Ji, Zhenkai Liang, and Jian Mao. 2021. WATSON: Abstracting behaviors from audit logs via aggregation of contextual semantics. In Proceedings of the 28th Annual Network and Distributed System Security Symposium, NDSS 2021, virtually, February 21-25, 2021. The Internet Society. Retrieved from https:\/\/www.ndss-symposium.org\/ndss-paper\/watson-abstracting-behaviors-from-audit-logs-via-aggregation-of-contextual-semantics\/"},{"key":"e_1_3_1_254_2","doi-asserted-by":"crossref","first-page":"489","DOI":"10.1109\/SP46214.2022.9833669","volume-title":"Proceedings of the 2022 IEEE Symposium on Security and Privacy.","author":"Zengy Jun","year":"2022","unstructured":"Jun Zengy, Xiang Wang, Jiahao Liu, Yinfang Chen, Zhenkai Liang, Tat-Seng Chua, and Zheng Leong Chua. 2022. SHADEWATCHER: Recommendation-guided cyber threat analysis using system audit records. In Proceedings of the 2022 IEEE Symposium on Security and Privacy.489\u2013506. DOI:10.1109\/SP46214.2022.9833669"},{"key":"e_1_3_1_255_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2024.104220"},{"key":"e_1_3_1_256_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2020.101867"},{"key":"e_1_3_1_257_2","volume-title":"Proceedings of the International Symposium on Recent Advances in Intrusion Detection","author":"Zhao Jun","year":"2020","unstructured":"Jun Zhao, Qiben Yan, Xudong Liu, Bo Hu Li, and Guangsheng Zuo. 2020. Cyber threat intelligence modeling based on heterogeneous graph convolutional network. In Proceedings of the International Symposium on Recent Advances in Intrusion Detection."},{"key":"e_1_3_1_258_2","first-page":"97","volume-title":"Proceedings of the 2016 IEEE Conference on Intelligence and Security Informatics","author":"Zhao Kangzhi","year":"2016","unstructured":"Kangzhi Zhao, Yong Zhang, Chunxiao Xing, Weifeng Li, and Hsinchun Chen. 2016. Chinese underground market jargon analysis based on unsupervised learning. In Proceedings of the 2016 IEEE Conference on Intelligence and Security Informatics. 97\u2013102. DOI:10.1109\/ISI.2016.7745450"},{"key":"e_1_3_1_259_2","doi-asserted-by":"publisher","DOI":"10.1155\/2022\/9875199"},{"key":"e_1_3_1_260_2","first-page":"316","volume-title":"Proceedings of the 2021 IEEE 6th International Conference on Big Data Analytics","author":"Zhou Shieheng","year":"2021","unstructured":"Shieheng Zhou, Jingju Liu, Xiaofeng Zhong, and Wendian Zhao. 2021. Named entity recognition using BERT with whole world masking in cybersecurity domain. In Proceedings of the 2021 IEEE 6th International Conference on Big Data Analytics. 316\u2013320. DOI:10.1109\/ICBDA51983.2021.9403180"},{"key":"e_1_3_1_261_2","volume-title":"Proceedings of the 32nd Pacific Asia Conference on Language, Information and Computation","author":"Zhou Shengping","year":"2018","unstructured":"Shengping Zhou, Zi Long, Lianzhi Tan, and Hao Guo. 2018. Automatic identification of indicators of compromise using neural-based sequence labelling. In Proceedings of the 32nd Pacific Asia Conference on Language, Information and Computation. Association for Computational Linguistics, Hong Kong. Retrieved from https:\/\/aclanthology.org\/Y18-1098"},{"key":"e_1_3_1_262_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSUSC.2023.3240411"},{"key":"e_1_3_1_263_2","first-page":"767","volume-title":"Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security","author":"Zhu Ziyun","year":"2016","unstructured":"Ziyun Zhu and Tudor Dumitra\u015f. 2016. FeatureSmith: Automatically engineering features for malware detection by mining the security literature. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (Vienna, Austria). Association for Computing Machinery, New York, NY, USA, 767\u2013778. DOI:10.1145\/2976749.2978304"},{"key":"e_1_3_1_264_2","volume-title":"Proceedings of the 2018 IEEE European Symposium on Security and Privacy . 458\u2013472","author":"Zhu Ziyun","year":"2018","unstructured":"Ziyun Zhu and Tudor Dumitras. 2018. ChainSmith: Automatically learning the semantics of malicious campaigns by mining threat intelligence reports. In Proceedings of the 2018 IEEE European Symposium on Security and Privacy . 458\u2013472. DOI:10.1109\/EuroSP.2018.00039"},{"key":"e_1_3_1_265_2","doi-asserted-by":"publisher","DOI":"10.14778\/2856318.2856320"},{"key":"e_1_3_1_266_2","first-page":"204","volume-title":"Proceedings of the 2022 7th International Conference on Big Data Analytics","author":"Zuo Junjia","year":"2022","unstructured":"Junjia Zuo, Yali Gao, Xiaoyong Li, and Jie Yuan. 2022. An end-to-end entity and relation joint extraction model for cyber threat intelligence. In Proceedings of the 2022 7th International Conference on Big Data Analytics. 204\u2013209. DOI:10.1109\/ICBDA55095.2022.9760342"}],"container-title":["ACM Computing Surveys"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3772280","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,12,9]],"date-time":"2025-12-09T15:21:08Z","timestamp":1765293668000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3772280"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,12,9]]},"references-count":265,"journal-issue":{"issue":"6","published-print":{"date-parts":[[2026,4,30]]}},"alternative-id":["10.1145\/3772280"],"URL":"https:\/\/doi.org\/10.1145\/3772280","relation":{},"ISSN":["0360-0300","1557-7341"],"issn-type":[{"value":"0360-0300","type":"print"},{"value":"1557-7341","type":"electronic"}],"subject":[],"published":{"date-parts":[[2025,12,9]]},"assertion":[{"value":"2024-10-17","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-10-13","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2025-12-09","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}