Research Article
GroupTracer: Automatic Attacker TTP Profile Extraction and Group Cluster in Internet of Things
Table 2
Features related to IP & URL feature groups.
| # | Feature name | Description |
| 1 | Country | Describes the country to which the IP/URL belongs. | 2 | Malicious index | Leverages the VirusTotal API to determine the maliciousness of the IP/URL. | 3 | IP address type | Utilizes the RTBAsia API to classify IP/URL type. | 4 | Download (optional) | The file that the attack actor downloaded by executing the command. |
|
|