Skip to main content
Fig. 3 | Cybersecurity

Fig. 3

From: TIM: threat context-enhanced TTP intelligence mining on unstructured threat data

Fig. 3

Threat Context Enhanced TTPs Intelligence Mining Framework (TIM). The whole workflow starts with the crawling module. Via preprocessing, feature embedding, TTP classification (TCENet), and intelligence&detection rule generation modules, we finally obtain TTP intelligence in STIX 2.1 format and Sigma detection rules. We use these TTP intelligence and detection rule for intelligence sharing and defense

Back to article page