將網路威脅情報與多視角分析和雙聚類結合：一種多維視覺化方法

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：22

、訪客IP：18.119.116.125

姓名

陳光磊(CHEN,GUANG-LEI) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

將網路威脅情報與多視角分析和雙聚類結合：一種多維視覺化方法
(Enhancing Cyber Threat Intelligence (CTI) with Multiple-View Analysis and Biclustering: A Multi-Dimensional Visualization Approach)

相關論文

★ 在有干擾的虛擬教室環境下大人小孩的行為表現與腦神經反應的異同	★ 使用映射模型和跨資料集遷移式學習的輕量化居家衰弱症訓練系統
★ 心率生理回饋放鬆訓練對於海洛因使用疾患(HUD)生理資訊之影響分析	★ 基於深度學習模型的3D心理旋轉對認知障礙的診斷與評估
★ 評估注意力偵測之穿戴式腦電電極放置有效性	★ 建立數位地球：基於Omniverse平台的東南亞衛星雲圖與雷達圖可視化
★ 基於多維度的臺灣天氣類型機器學習臨近預報與分類系統	★ 整合檢索增強生成與大型語言模型應用於精準運動科學平台：架構與實現
★ 透過生理數據分析的VR戰車訓練系統，評估壓力對認知專注力與穩定性的影響及通過多次訓練表現驗證系統有效性	★ 基於機器學習分析ADHD亞型利用VR認知測驗同步的神經生理數據
★ FrAIlti：利用人工智慧和3D攝影技術提升老年照護的自動化衰弱評估系統	★ 自閉症譜系障礙虛擬實境訓練系統的開發與驗證
★ 智慧醫療物聯網平台之裝置管理與應用	★ 智慧醫療物聯網平台之多租戶應用
★ XRCURE：基於實證醫學的AIOT、XR和可穿戴感測器在AWS上的數位療法	★ 重複性經顱磁刺激同步虛擬實境與生理監測用於失語症創新治療與評估

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

至系統瀏覽論文 (2026-7-31以後開放)

摘要(中)

網路威脅情報（CTI）對於理解和減輕網路安全威脅至關重要。本文提出了一種新穎的方法，利用多視角分析和雙聚類技術來增強CTI資料的視覺化和理解。CTI包含各種資料類型，包括妨礙指標（IoCs）和戰術、技術與程序（TTPs），這些資料往往是非結構化和分散的，這使得網路安全專業人員的分析過程變得複雜。我們的方法整合了多視角視覺化和雙聚類技術來應對這些挑戰。多視角視覺化允許從不同的角度審視CTI，例如地理位置、攻擊類型和受影響的資產。通過將資料分成不同的視圖，分析師可以專注於特定方面，而不會被無關的資訊分散注意力，從而降低了複雜性並提高了清晰度。雙聚類技術則根據關係將相關實體分組成子集，將資料轉換為矩陣，揭示不同類型資訊之間的隱藏模式和關聯。為了進一步增強視覺化，我們開發了一個三維視覺化系統，將這些視角和雙聚類結果整合起來，減少資訊過載和線條交叉，這些都可能掩蓋關鍵見解。該系統使網路安全分析師能夠快速解釋和連接複雜的資料點，促進對漏洞和攻擊技術的早期辨識。我們的方法不僅提高了對CTI的理解和應用，還支援動態更新，使其成為一個可擴充的解決方案，以滿足持續的網路安全需求。

摘要(英)

Cyber Threat Intelligence (CTI) is essential for understanding and mitigating cybersecurity threats. This paper presents a novel approach that leverages multiple-view analysis and biclustering to enhance the visualization and comprehension of CTI data. CTI contains a variety of data types, including Indicators of Compromise and Tactics, Techniques, and Procedures, which are often unstructured and fragmented, complicating the analysis process for cybersecurity professionals. Our methodology integrates multiple-view visualization with biclustering to address these challenges. Multiple-view visualization allows the examination of CTI from different perspectives, such as geographical locations, types of attacks, and affected assets. By separating data into distinct views, analysts can focus on specific aspects without the distraction of irrelevant information, thus reducing complexity and improving clarity. Biclustering, on the other hand, groups related entities into subsets based on their relationships, transforming the data into matrices that reveal hidden patterns and correlations between different types of information. To enhance the visualization further, we developed a three-dimensional visualization system that integrates these perspectives and biclustering results, minimizing information overload and line crossings that can obscure key insights. This system enables cybersecurity analysts to quickly interpret and connect complex data points, facilitating the early identification of vulnerabilities and attack techniques. Our approach not only improves the understanding and application of CTI but also supports dynamic updates, making it a scalable solution for ongoing cybersecurity needs.

關鍵字(中)

★ 網路安全
★ 多視圖視覺化
★ 雙聚類
★ 三維視覺化

關鍵字(英)

★ Cybersecurity
★ multi-view visualization
★ Bicluster
★ 3D visualization

論文目次

摘要 i
Abstract ii
致謝 iii
Table of Contents iv
List of Figures v
List of Tables vi
Explanation of Symbol vii
I. Introduction 1
II. Related Works 10
III. Method 21
IV. Results 30
V. Conclusion and Future Works 38
Reference 41

參考文獻

Reference
[1] Chelsea Noelani Adams and Dallas H. Snider. Effective data visualization in cybersecurity. In SoutheastCon 2018, pages 1–8, 2018.
[2] Nadia Boukhelifa and Peter J. Rodgers. A model and software system for coordinated and multiple views in exploratory visualization. Information Visualization, 2:258 – 269, 2003.
[3] Fabian Bohm, Florian Menges, and G ¨ unther Pernul. Graph-based visual ¨ analytics for cyber threat intelligence. Cybersecurity, 1, 12 2018.
[4] Stuart Card, Jock Mackinlay, and Ben Shneiderman. Readings in Information Visualization: Using Vision To Think. 01 1999.
[5] Maxime Cordeil, Andrew Cunningham, Tim Dwyer, Bruce H. Thomas, and Kim Marriott. Imaxes: Immersive axes as embodied affordances for interactive multivariate data visualisation. In Proceedings of the 30th Annual ACM Symposium on User Interface Software and Technology, UIST ’17, page 71–83, New York, NY, USA, 2017. Association for Computing Machinery.
[6] Alex Endert, Patrick Fiaux, and Chris North. Semantic interaction for visual text analytics. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, CHI ’12, page 473–482, New York, NY, USA, 2012. Association for Computing Machinery.
[7] Patrick Fiaux, Maoyuan Sun, Lauren Bradel, Chris North, Naren Ramakrishnan, and Alex Endert. Bixplorer: Visual analytics with biclusters. Computer, 46(8):90–94, 2013.
[8] John R. Goodall, Eric D. Ragan, Chad A. Steed, Joel W. Reed, G. David Richardson, Kelly M.T. Huffer, Robert A. Bridges, and Jason A. Laska. Situ: Identifying and explaining suspicious behavior in networks. IEEE Transactions on Visualization and Computer Graphics, 25(1):204–214, 2019.
[9] Robert Gove. Automatic narrative summarization for visualizing cyber security logs and incident reports. In 2021 IEEE Symposium on Visualization for Cyber Security (VizSec), pages 1–9, 2021.
[10] Lihua Hao, Christopher G. Healey, and Steve E. Hutchinson. Ensemble visualization for cyber situation awareness of network security data. In 2015 IEEE Symposium on Visualization for Cyber Security (VizSec), pages 1–8, 2015.
[11] Nathalie Henry, Jean-Daniel Fekete, and Michael J. McGuffin. Nodetrix: a hybrid visualization of social networks. IEEE Transactions on Visualization and Computer Graphics, 13(6):1302–1309, 2007.
[12] Jean-Franc¸ois Im, Michael J. McGuffin, and Rock Leung. Gplom: The generalized plot matrix for visualizing multidimensional multivariate data. IEEE Transactions on Visualization and Computer Graphics, 19(12):2606–2614, 2013.
[13] Laetitia Leichtnam, Eric Totel, Nicolas Prigent, and Ludovic M ´ e. Star- ´ lord: Linked security data exploration in a 3d graph. In 2017 IEEE Symposium on Visualization for Cyber Security (VizSec), pages 1–4, 2017.
[14] Alexander Lex, Marc Streit, Ernst Kruijff, and Dieter Schmalstieg. Caleydo: Design and evaluation of a visual analysis framework for gene expression data in its biological context. In 2010 IEEE Pacific Visualization Symposium (PacificVis), pages 57–64, 2010.
[15] Fernando Maym ´ı, Robert Bixler, Randolph Jones, and Scott Lathrop. Towards a definition of cyberspace tactics, techniques and procedures. In 2017 IEEE International Conference on Big Data (Big Data), pages 4674–4679, 2017.
[16] Sebastian Peryt, Jose Andre Morales, William Casey, Aaron Volkmann, Bud Mishra, and Yang Cai. Visualizing a malware distribution network. In 2016 IEEE Symposium on Visualization for Cyber Security (VizSec) , pages 1–4, 2016.
[17] SANS. Sans. https://www.sans.org/apac/, 2024.
[18] Hadi Shiravi, Ali Shiravi, and Ali A. Ghorbani. A survey of visualization systems for network security. IEEE Transactions on Visualization and Computer Graphics, 18(8):1313–1329, 2012.
[19] John Stasko, Carsten Gorg, Zhicheng Liu, and Kanupriya Singhal. Jigsaw: Supporting investigative analysis through interactive visualization. In 2007 IEEE Symposium on Visual Analytics Science and Technology , pages 131–138, 2007.
[20] Maoyuan Sun, Abdul Rahman Shaikh, Hamed Alhoori, and Jian Zhao. Sightbi: Exploring cross-view data relationships with biclusters. IEEE Transactions on Visualization and Computer Graphics, 28(1):54–64, 2022.
[21] Wiem Tounsi and Helmi Rais. A survey on technical threat intelligence in the age of sophisticated cyber attacks. Computers Security, 72:212– 233, 2018.
[22] VERZION. 2020 dbir. https://www.verizon.com/business/resources/ reports/dbir/, 2020.
[23] Nikos Virvilis and Dimitris Gritzalis. The big four - what we did wrong in advanced persistent threat detection? In 2013 International Conference on Availability, Reliability and Security, pages 248–254, 2013.
[24] C. Weaver. Building highly-coordinated visualizations in improvise. In IEEE Symposium on Information Visualization, pages 159–166, 2004.
[25] Chris Weaver. Cross-filtered views for multidimensional visual analysis. IEEE Transactions on Visualization and Computer Graphics, 16(2):192– 204, 2010.
[26] Panpan Xu, Nan Cao, Huamin Qu, and John Stasko. Interactive visual co-cluster analysis of bipartite graphs. In 2016 IEEE Pacific Visualization Symposium (PacificVis), pages 32–39, 2016.

指導教授

葉士青吳曉光(YE,SHIH-CING WU,SIAO-GUANG)

審核日期

2024-8-13

推文