STIX Generator

Project Description: A key reason for the lack of high value TTP in cyber threat intelligence is that it is difficult to generate them automatically. Often cyber threat intelligence is available in free format texts. A high quality TTP often need to piece together information from multiple sources. Analysis is required to derive key information for TTP based on lower level indicators such as logs. The objective of this project is to automatically generate higher-level cyber threat information, including TTPs, in SITX format. We will focus on issues such as course of action, conflicts of recommendations, semantics disambiguation, fusion of multiple views, and logic inferences based on available facts.