Cyber Threat Intelligence (CTI) Correlation Analysis Project
This project aims structured CTI correlation analysis so that more meaningful intelligence could be retrieved from each CTI of cyber incidents (or events).
For the objective the novel concepts Event Relation Tree (ERT) and Event Transition Graph (ETG). Please read the first paper of the below reference for detailed concepts and construction processes.
[Reference]
- D. Kim, J. Y. Woo, H. K. Kim, "“I Know What You Did Before”: General Framework for Correlation Analysis of Cyber Threat Incidents”, IEEE 35th International Conference on Military Communications (MILCOM), Baltimore, MD, USA, 2016, pp.801-806.