基于BBNN的网络攻击文本自动化分类方法

基于描述文本的网络攻击自动化分类是实现APT攻击知识智能抽取的重要基础。针对网络攻击文本专业词汇多、难识别，语义上下文依赖强、难判断等问题提出一种基于上下文语义分析的文本词句特征自动抽取方法，通过构建BERT与BiLSTM的混合神经网络模型BBNN(BERT and BiLSTM Neural Network)，计算得到网络攻击文本的初步分类结果，再利用方差过滤器对分类结果进行自动筛选。在CAPEC(Common Attack Pattern Enumeration and Classification)攻击知识库上的实验结果显示，该方法的准确率达到了79.17%，相较于单一的BERT模型和BiLSTM模型的分类结果分别提高了7.29%和3.00%，实现了更好的网络攻击文本自动化分类。

Document Classification in Cyberattack Text Based on BBNN Model

The document classification in cyberattack text is fundamental to automatic knowledge extraction from APT attack information. In this paper,an automatic method based on context analysis is proposed to tackle the problems rooted in cyberattack,such as having too many terminologies,being hard to distinguish and classify,over-relying on context,etc.,by extracting text features in words level and sentences level respectively. This method,BBNN( BERT and BiLSTM Neural Network) model,synthesized BERT and BiLSTM Neural Network,can compute the preliminary classification results of cyberattack,and automatically filter the classification results of the text via variance. The experiment results from the attack knowledge base of CAPEC( Common Attack Pattern Enumeration and Classification) suggests this method can reach a 79. 17% accuracy,which is increased by 7. 29% and 3. 00% compared to singular BERT or BiLSTM models,and thus achieve a better automatic classification of cyberattack.