Time for aCTIon: Automated Analysis of Cyber Threat Intelligence in the Wild

Cyber Threat Intelligence (CTI) plays a crucial role in assessing risks and enhancing security for organizations. However, the process of extracting relevant information from unstructured text sources can be expensive and time-consuming. Our empirical experience shows that existing tools for automated structured CTI extraction have performance limitations. Furthermore, the community lacks a common benchmark to quantitatively assess their performance. We fill these gaps providing a new large open benchmark dataset and aCTIon, a structured CTI information extraction tool. The dataset includes 204 real-world publicly available reports and their corresponding structured CTI information in STIX format. Our team curated the dataset involving three independent groups of CTI analysts working over the course of several months. To the best of our knowledge, this dataset is two orders of magnitude larger than previously released open source datasets. We then design aCTIon, leveraging recently introduced large language models (GPT3.5) in the context of two custom information extraction pipelines. We compare our method with 10 solutions presented in previous work, for which we develop our own implementations when open-source implementations were lacking. Our results show that aCTIon outperforms previous work for structured CTI extraction with an improvement of the F1-score from 10%points to 50%points across all tasks

Science with the Daksha High Energy Transients Mission

We present the science case for the proposed Daksha high energy transients mission. Daksha will comprise of two satellites covering the entire sky from 1~keV to $>1$~MeV. The primary objectives of the mission are to discover and characterize electromagnetic counterparts to gravitational wave source; and to study Gamma Ray Bursts (GRBs). Daksha is a versatile all-sky monitor that can address a wide variety of science cases. With its broadband spectral response, high sensitivity, and continuous all-sky coverage, it will discover fainter and rarer sources than any other existing or proposed mission. Daksha can make key strides in GRB research with polarization studies, prompt soft spectroscopy, and fine time-resolved spectral studies. Daksha will provide continuous monitoring of X-ray pulsars. It will detect magnetar outbursts and high energy counterparts to Fast Radio Bursts. Using Earth occultation to measure source fluxes, the two satellites together will obtain daily flux measurements of bright hard X-ray sources including active galactic nuclei, X-ray binaries, and slow transients like Novae. Correlation studies between the two satellites can be used to probe primordial black holes through lensing. Daksha will have a set of detectors continuously pointing towards the Sun, providing excellent hard X-ray monitoring data. Closer to home, the high sensitivity and time resolution of Daksha can be leveraged for the characterization of Terrestrial Gamma-ray Flashes.Comment: 19 pages, 7 figures. Submitted to ApJ. More details about the mission at https://www.dakshasat.in