Security and Communication Networks

Research Article

CTI View: APT Threat Intelligence Analysis System

Table 2

Regular expressions used to extract IOC.
IOCPattern
Mac\b(?:[A-Za-z0-9]{2}:){5}[A-Za-z0-9]{2}\b
E-mail(?:\b[^\@\s=][^\@\s=\,.]|\“[^\\\”]+\”)
IP(?:(?:25[0-5]|2[0-4][0-9]|1?[0-9]{1,2})\.){3}(?:25[0-5]|2[0-4][0-9]|1?[0-9]{1,2})
cveCVE-[0-9]{4}-[0-9]{4,6}
Hostname(?:[A-Za-z0-9\-]{1,64}\.)
Hash\b[A-Fa-f0-9]{32}(?:[A-Fa-f0-9]{8})?(?:[A-Fa-f0-9]{24})?(?:[A-Fa-f0-9]{64})?\b