Automatic Classification of APT Attack Scenarios using Heterogeneous Graph Transformer(HGT)
Jun Ho Choi
Korean Institute of Smart Media
Problems Identified (4)
Heterogeneous APT Pattern Modeling: APT attack scenarios have structurally distinct patterns that homogeneous graph approaches fail to adequately capture.
APT Scenario Auto-Classification Gap: Research on automatic classification of APT attack scenarios is nearly absent.
Heterogeneous APT Pattern Modeling: APT attack scenarios have structurally distinct patterns that homogeneous graph approaches fail to adequately capture.
APT Scenario Auto-Classification Gap: Research on automatic classification of APT attack scenarios is nearly absent.
Proposed Solutions (4)
APT Heterogeneous Knowledge Graph Construction: The study automatically constructs heterogeneous knowledge graphs from APT reports using SecureBERT-based entity extraction and rule-based relation extraction.
HGT-Based APT Scenario Classification: The study classifies APT scenarios using a Heterogeneous Graph Transformer with meta-relation-based attention to learn scenario-specific structural patterns.
APT Heterogeneous Knowledge Graph Construction: The study automatically constructs heterogeneous knowledge graphs from APT reports using SecureBERT-based entity extraction and rule-based relation extraction.
HGT-Based APT Scenario Classification: The study classifies APT scenarios using a Heterogeneous Graph Transformer with meta-relation-based attention to learn scenario-specific structural patterns.
Results (3)
High APT Classification Performance:
Outperforms GNN Baselines:
High APT Classification Performance:
Research Domain
Cybersecurity / APT attack scenario classification