| dc.description.abstract | Cyber Threat Intelligence (CTI) is essential for understanding and mitigating cybersecurity threats. This paper presents a novel approach that leverages multiple-view analysis and biclustering to enhance the visualization and comprehension of CTI data. CTI contains a variety of data types, including Indicators of Compromise and Tactics, Techniques, and Procedures, which are often unstructured and fragmented, complicating the analysis process for cybersecurity professionals. Our methodology integrates multiple-view visualization with biclustering to address these challenges. Multiple-view visualization allows the examination of CTI from different perspectives, such as geographical locations, types of attacks, and affected assets. By separating data into distinct views, analysts can focus on specific aspects without the distraction of irrelevant information, thus reducing complexity and improving clarity. Biclustering, on the other hand, groups related entities into subsets based on their relationships, transforming the data into matrices that reveal hidden patterns and correlations between different types of information. To enhance the visualization further, we developed a three-dimensional visualization system that integrates these perspectives and biclustering results, minimizing information overload and line crossings that can obscure key insights. This system enables cybersecurity analysts to quickly interpret and connect complex data points, facilitating the early identification of vulnerabilities and attack techniques. Our approach not only improves the understanding and application of CTI but also supports dynamic updates, making it a scalable solution for ongoing cybersecurity needs. | en_US |