The general need exists for robust threat detection methods that adapt to new and evolving cyber threats. In this paper, we propose a method that uses RDF-based knowledge graphs and AI to improve detection and classification of attacks. Our approach transforms security logs into RDF and maps them to the MITRE ATT&CK framework. We also address sensitive data concerns, such as IP addresses, by applying privacy measures. Our results show that AI-driven analysis and knowledge graphs can enhance cyber threat intelligence (CTI), while respecting privacy regulations. |
*** Title, author list and abstract as submitted during Camera-Ready version delivery. Small changes that may have occurred during processing by Springer may not appear in this window.