2020 年 28 巻 p. 1025-1029
In order to keep up with the increasing number of cyberattacks, the defense tactics require timely and accurate understanding of the threats and corresponding risks. We propose a scheme for modeling threat information to extract event information from security reports on a paragraph basis and then estimate their kill chain phases. The experimental results show that the model got an average F1-score of 0.67, the average accuracy of 65% of the cyber kill chain phases and 86% of core features can be extracted by using this method.