Table 6 Overview of goals and additional specifications of CTI discovery
From: TriCTI: an actionable cyber threat intelligence discovery system via trigger-enhanced neural network
Goal | Public available | Campaign stages | IOC types | Related work |
|---|---|---|---|---|
Interdependent relationships among heterogeneous IOCs | ✔ | ✗ | ✔ | Zhao et al. (2020) |
IOC extraction | ✗ | ✗ | ✔ | |
IOC extraction | ✔ | ✗ | Partially-compliant | Kim et al. (2020) |
IOC extraction | ✔ | ✗ | ✔ | Kim et al. (2019) |
IOC extraction and part of the campaign stages classification | ✗ | Partially-compliant | Partially-compliant | Zhu and Dumitras (2018) |
Extraction of Threat Actions | ✗ | ✔ | ✔ | Husari et al. (2017) |
Actionable CTI | ✔ | ✔ | ✔ | Our work |