Research Article
CTI View: APT Threat Intelligence Analysis System
Table 2
Regular expressions used to extract IOC.
| IOC | Pattern |
| Mac | \b(?:[A-Za-z0-9]{2}:){5}[A-Za-z0-9]{2}\b | E-mail | (?:\b[^\@\s=][^\@\s=\,.]|\“[^\\\”]+\”) | IP | (?:(?:25[0-5]|2[0-4][0-9]|1?[0-9]{1,2})\.){3}(?:25[0-5]|2[0-4][0-9]|1?[0-9]{1,2}) | cve | CVE-[0-9]{4}-[0-9]{4,6} | Hostname | (?:[A-Za-z0-9\-]{1,64}\.) | Hash | \b[A-Fa-f0-9]{32}(?:[A-Fa-f0-9]{8})?(?:[A-Fa-f0-9]{24})?(?:[A-Fa-f0-9]{64})?\b |
|
|