Second Workshop on Big Data for CyberSecurity, held in conjunction with the IEEE Int. Conf. on Big Data
Extracting Rich Semantic Information about Cybersecurity Events
December 12, 2019
Articles about cybersecurity events like data breaches and ransomware attacks are common, both in general news and technical sources. Automatically extracting structured information from these can provide valuable information to inform both human analysts and computer systems. In this paper we describe how cybersecurity events can be described via semantic schemas, examined through an initial set of five event types. Using a collection of 1,000 news articles annotated with these event types, including their semantic roles, arguments, realis, and coreference, we detail a modular, deep-learning based information extraction (IE) pipeline, which extracts useful event information with high accuracy. We argue that the event argument set considered here can support many other cybersecurity events, facilitating the extension to new cybersecurity event types, such as distributed denial of service and SQL injection attacks.
Downloads: 818 downloads