Textual data mining of open source intelligence on the Web has become an increasingly important topic across a wide range of domains such as business, law enforcement, military, and cybersecurity. Text mining efforts utilize natural language processing to transform unstructured web content into structured forms that can drive various machine learning applications and data indexing services. For example, applications for text mining in cybersecurity have produced a range of threat intelligence services that serve the IT industry. However, a less studied problem is that of automating the identification of semantic inconsistencies among various text input sources. In this paper, we introduce GapFinder, a new inconsistency checking system for identifying semantic inconsistencies within the cybersecurity domain. Specifically, we examine the problem of identifying technical inconsistencies that arise in the functional descriptions of open source malware threat reporting information. Our evaluation, using tens of thousands of relations derived from web-based malware threat reports, demonstrates the ability of GapFinder to identify the presence of inconsistencies.

中文翻译：

---

GapFinder：从非结构化文本中查找安全信息的不一致


网络上开源情报的文本数据挖掘已成为商业、执法、军事和网络安全等广泛领域中日益重要的主题。文本挖掘工作利用自然语言处理将非结构化 Web 内容转换为结构化形式，从而驱动各种机器学习应用程序和数据索引服务。例如，网络安全中的文本挖掘应用程序已经产生了一系列为 IT 行业服务的威胁情报服务。然而，一个较少研究的问题是自动识别各种文本输入源之间的语义不一致。在本文中，我们介绍了 GapFinder，这是一种新的不一致检查系统，用于识别网络安全领域内的语义不一致。具体来说，我们研究了识别开源恶意软件威胁报告信息的功能描述中出现的技术不一致的问题。我们使用从基于网络的恶意软件威胁报告中得出的数万个关系进行评估，证明了 GapFinder 识别是否存在不一致的能力。