on the fly integration of soft and sensor data for enhanced situation assessment

Abstract Situation assessment is at the core of many critical tasks in the civilian and military domains: border monitoring, surveillance of areas and facilities, entity tracking and identification, all require accurate and up-to-day descriptions of the course of events. For all those applications, situations to be built are complex, dynamic and uncertain and their assessment is based on the integration of diverse sources, including sensors and their row values, images, observations, tactical information and knowledge expressed by domain experts or synthesized through discovery techniques. This paper presents a method to combine soft and sensor data to create enhanced situation assessment for a track-and-detect application. First we create a situation of entities and relationships by using only hard data provided by sensors and then we enrich this situation thanks to soft data, in the form of succinct or more complex observation reports. The system relies on semantic mediation to combine observations and sensor data by using ontologies as a common ground creating a bridge between two complementary yet incomplete representations of the world. The result is an augmented situation, having more precise, accurate or complete descriptions of entities and which is easier to analyze. This enhanced assessment allows for the situation to be understood and processed in a meaningful way by decision makers

NLP-Based Techniques for Cyber Threat Intelligence

In the digital era, threat actors employ sophisticated techniques for which, often, digital traces in the form of textual data are available. Cyber Threat Intelligence~(CTI) is related to all the solutions inherent to data collection, processing, and analysis useful to understand a threat actor's targets and attack behavior. Currently, CTI is assuming an always more crucial role in identifying and mitigating threats and enabling proactive defense strategies. In this context, NLP, an artificial intelligence branch, has emerged as a powerful tool for enhancing threat intelligence capabilities. This survey paper provides a comprehensive overview of NLP-based techniques applied in the context of threat intelligence. It begins by describing the foundational definitions and principles of CTI as a major tool for safeguarding digital assets. It then undertakes a thorough examination of NLP-based techniques for CTI data crawling from Web sources, CTI data analysis, Relation Extraction from cybersecurity data, CTI sharing and collaboration, and security threats of CTI. Finally, the challenges and limitations of NLP in threat intelligence are exhaustively examined, including data quality issues and ethical considerations. This survey draws a complete framework and serves as a valuable resource for security professionals and researchers seeking to understand the state-of-the-art NLP-based threat intelligence techniques and their potential impact on cybersecurity

Vector Representation for Sub-Graph Encoding to Resolve Entities

AbstractEntity Resolution, i.e., determining whether two mentions refer to the same entity, is a crucial step in combining evidence from multiple sources, and is a problem encountered in a wide-range of areas, from modeling causes of cancer to identifying terrorist networks. Entity mentions are represented by attributes and relations to other entities. However, entity attributes and relations from different sources often use different names and specify relationships differently, which leads to low entity resolution precision and recall. Our contribution is based on our observation that relationships are more reliable than attributes when comparison is based on relational similarity, not exact matches. Traditional graph comparison techniques rely on finding precise matches of a significant part of the graph structure, and require custom comparison functions for every type of attribute and every type of relation. This leads to a system that is difficult to maintain and enhance. We encode entity nodes and their graph neighborhoods in semantic vectors, efficiently indexing the vectors, and calculating vector similarity. Our approach is insensitive to small variations in relational graph representation. Our approach uses simple vector addition, permutation, and difference only, leading to reduced computational complexity. Our preliminary experiment shows 83.05% accuracy

Application of Biomedical Text Mining

With the enormous volume of biological literature, increasing growth phenomenon due to the high rate of new publications is one of the most common motivations for the biomedical text mining. Aiming at this massive literature to process, it could extract more biological information for mining biomedical knowledge. Using the information will help understand the mechanism of disease generation, promote the development of disease diagnosis technology, and promote the development of new drugs in the field of biomedical research. Based on the background, this chapter introduces the rise of biomedical text mining. Then, it describes the biomedical text-mining technology, namely natural language processing, including the several components. This chapter emphasizes the two aspects in biomedical text mining involving static biomedical information recognization and dynamic biomedical information extraction using instance analysis from our previous works. The aim is to provide a way to quickly understand biomedical text mining for some researchers

Developing a Framework to Identify Professional Skills Required for Banking Sector Employee in UK using Natural Language Processing (NLP) Techniques

The banking sector is changing dramatically, and new studies reveal that many financial institutions are having challenges keeping up with technology advancements and an acute shortage of skilled workers. The banking industry is changing into a dynamic field where success requires a wide range of talents. For the industry to properly analyses, match, and develop personnel, a strong skill identification process is needed. The objective of this research is to establish a framework for determining the competencies needed by banking industry experts through data extraction from job postings on UK websites.Data is extracted from job vacancy websites leveraging web-based annotation tools and Natural Language Processing (NLP) techniques. This study starts by conducting a thorough examination of the literature to investigate the theoretical underpinnings of NLP techniques, its applications in talent management and human resources within the banking industry, and its potential for skill identification. Next, textual data from job ads is processed using NLP techniques to extract and categorize talents unique to these categories. Advanced algorithms and approaches are used in the NLP-based development process to automatically extract skills from unstructured textual material, guaranteeing that the skills gathered are accurate and most relevant to the needs of the banking industry. To make sure the NLP techniques-driven skill identification is accurate and up to date, the extracted skills are verified by expert feedback. In the final phase, machine learning models are employed to predict the skills required for banking sector employees. This study delves into various machine learning techniques, which are implemented within the framework. By preprocessing and training on skills extracted from job advertisements, these models undergo evaluation to assess their effectiveness in skill prediction. The results offer a detailed analysis of each model's performance, with metrics such as recall, precision, and F1-score being used for assessment. This comprehensive examination underscores the potential of machine learning in skill identification and highlights its relevance in the banking sector.Key Words: Machine Learning, Banking Sector, Employability, Data Mining, NLP, Semantic analysis, Skill assessment, Skill Recognition, Talent managemen

Coordinated Behavior on Social Media in 2019 UK General Election

Coordinated online behaviors are an essential part of information and influence operations, as they allow a more effective disinformation's spread. Most studies on coordinated behaviors involved manual investigations, and the few existing computational approaches make bold assumptions or oversimplify the problem to make it tractable. Here, we propose a new network-based framework for uncovering and studying coordinated behaviors on social media. Our research extends existing systems and goes beyond limiting binary classifications of coordinated and uncoordinated behaviors. It allows to expose different coordination patterns and to estimate the degree of coordination that characterizes diverse communities. We apply our framework to a dataset collected during the 2019 UK General Election, detecting and characterizing coordinated communities that participated in the electoral debate. Our work conveys both theoretical and practical implications and provides more nuanced and fine-grained results for studying online information manipulation.Comment: Version accepted in Proc. AAAI Intl. Conference on Web and Social Media (ICWSM) 2021. Added dataset DO

A Framework for Improving Intrusion Detection Systems by Combining Artificial Intelligence and Situational Awareness

The vast majority of companies do not have the requisite tools and analysis to make use of the data obtained from security incidents in order to protect themselves from attacks and lower their risk. Intrusion Detection Systems (IDS) are deployed by numerous businesses to lessen the impact of network attacks. This is mostly attributable to the fact that these systems are able to provide a situational picture of network traffic regardless of the method or technology that is used to generate alerts. In this paper, a framework is proposed for improving the performance of contemporary IDSs by incorporating Artificial Intelligence (AI) into multiple layers, presenting the appropriate abstraction and accumulation of information, and generating valuable logs and metrics for security analysts to use in order to make the most informed decisions possible. This is further enabled by including Situational Awareness (SA) at the fundamental levels of the framework. Keywords: Intrusion Detection System, Machine Learning, Deep Learning, Shallow Learning, Security Operation Center, Situational Awarenes