| Popis: |
During the collection process of multi-source threat intelligence,it is very hard for the intelligence center to make a scientific decision to massive intelligence because the data value density is low,the intelligence repeatabil-ity is high,and the ineffective time is very short,etc.Based on those problems,a new multi-source threat intelligence confidence value evaluation method was put forward based on machine learning.First of all,according to the STIX intelligence standard format,a multi-source intelligence data standardization process was designed.Secondly,ac-cording to the characteristic of data,14 characteristics were extracted from four dimensions of publishing time,source,intelligence content and blacklist matching degree to be the basis of determining the intelligence reliability.After getting the feature encoding,an intelligence confidence value evaluation model was designed based on deep neural network algorithm and Softmax classifier.Backward propagation algorithm was also used to minimize recon-struction error.Last but not least,according to the 2 000 open source marked sample data,k-ford cross-validation method was used to evaluate the model and get an average of 91.37% macro-P rate and 84.89% macro-R rate.It was a good reference for multi-source threat intelligence confidence evaluation. |
