Understanding Attack Trends from Security Blog Posts Using Guided-topic Model

抄録

Organizations are plagued by sophisticated and diversified cyber attacks. In order to prevent such attacks, it is necessary to understand threat trends and to take measures to protect their assets. Security vendors publish reports which contain threat trends or analysis of malware. These reports are useful for help in responding to a cyber security incident. However, it is difficult to collect threat information from multiple sources such as security blog posts. In this paper, we propose a method to efficiently collect information from the relationship between words using SeededLDA. In our case studies, we visualize the relationship between the words from security blog posts which were published in 2017 by eight security vendors, and demonstrate how our method helps to understand threat trends in the IoT industry and financial institutions.