Few-shot relation extraction approach for threat intelligence based on multi-level attention mechanism and hybrid prototypical network

Few-shot relation extraction approach for threat intelligence based on multi-level attention mechanism and hybrid prototypical network

With the increasing complexity of cyberattacks, the frequency and severity of cybersecurity incidents have escalated dramatically. Cyber Threat Intelligence (CTI) relation extraction plays a critical role in cybersecurity event analysis by identifying semantic relationships between security-related...

Full description

Saved in:
Bibliographic Details
Main Authors: Yushun Xie, Junchi Bao, Rui Zong, Zhaoquan Gu, Haiyan Wang
Format: Article
Language:English
Published: Elsevier 2025-07-01
Series:Array
Subjects:
Relation extraction
Few-shot learning
Cyber Threat Intelligence
Multi-level attention mechanism
Hybrid prototypical network
Meta-learning
Online Access:http://www.sciencedirect.com/science/article/pii/S2590005625000323
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:With the increasing complexity of cyberattacks, the frequency and severity of cybersecurity incidents have escalated dramatically. Cyber Threat Intelligence (CTI) relation extraction plays a critical role in cybersecurity event analysis by identifying semantic relationships between security-related entities, thereby converting unstructured information into structured data formats. Nevertheless, within the domain of CTI, labeled datasets are limited, and the process of manual labeling incurs substantial costs, rendering it impractical on a large scale. To address these challenges, we propose a novel few-shot relation extraction method for small-scale threat intelligence data, termed RETI-MA-HP, which is based on a multi-level attention mechanism and a hybrid prototypical network. By integrating these advanced techniques, the RETI-MA-HP model is capable of learning from limited data and rapidly generalize to new relation classification tasks. To enhance the representational capacity of feature vectors, RETI-MA-HP incorporates a self-training module to refine the BERT-based encoder. Meanwhile, to mitigate misclassification arising from syntactically similar sentences, RETI-MA-HP employ contrastive learning to strengthen the hybrid prototypical network. Furthermore, we constructed a dedicated CTI dataset. Extensive experiments demonstrate that RETI-MA-HP achieves excellent performance across multiple tasks, attaining a maximum relation extraction accuracy of 75.44%, which constitutes a 15.5% improvement over compared models. These results prove that the effectiveness of RETI-MA-HP for relation extraction within the CTI domain.
ISSN:2590-0056

Similar Items