网络安全领域的事件抽取研究综述  

作　　者：汤萌萌 罗鹏 方晨[1] 郭渊博[1] TANG Mengmeng;LUO Peng;FANG Chen;GUO Yuanbo(Information Engineering University,Zhengzhou 450001,China;The College of Computer,Qinghai Normal University,Xining 810016,China;The State Key Laboratory of Tibetan Intelligent Information Processing and Application,Xining 810008,China)

机构地区：[1]信息工程大学,河南郑州450001 [2]青海师范大学计算机学院,青海西宁810016 [3]省部共建藏语智能信息处理及应用国家重点实验室,青海西宁810008

出　　处：《信息工程大学学报》2025年第2期224-230,共7页Journal of Information Engineering University

基　　金：国家自然科学基金(62276091);河南省重大公益专项(201300311200)。

摘　　要：随着互联网技术的高速发展,网络安全信息急剧增长,网络犯罪频发,对个人隐私和企业安全构成巨大威胁。为有效分析和利用网络安全数据,事件抽取技术应运而生。系统地总结和比较了当前用于网络安全事件抽取的多种方法,深入分析这些方法所依赖的数据来源、采用的检测技术及其各自的优势与局限。首先界定事件抽取的相关定义,并介绍CASIE和CySecED等常用数据集。接着,详细探讨基于有触发词和无触发词的事件检测方法,以及句子级和篇章级的事件论元抽取方法。最后,展望大模型在网络安全事件抽取中的应用前景,指出当前研究面临的挑战和未来发展方向,为网络安全领域的事件抽取研究提供新视角。With the rapid development of internet technology,cybersecurity information has been surging dramatically,and cybercrimes have been occurring frequently,thereby posing significant threats to personal privacy and enterprise security.To effectively analyze and utilize cybersecurity data,event extraction technology has emerged.Various methods currently employed for event extraction in cybersecurity have been systematically summarized and compared in this review,with an in-depth analysis provided on the data sources these methods rely on,the detection techniques adopted,and their respective strengths and limitations.Relevant concepts of event extraction have been defined first,and commonly used datasets such as CASIE and CySecED have been introduced.Subsequently,event detection methods based on triggered and triggerless approaches,as well as sentence-level and documentlevel event argument extraction methods,have been explored in detail.Finally,the application prospects of large models in cybersecurity event extraction have been looked ahead to,the challenges faced by current research have been highlighted,and future directions have been outlined,offering a new perspective for event extraction research in the cybersecurity field.

关 键 词：网络安全 自然语言处理 事件抽取 事件语料库 大模型 

分 类 号：TP393.08[自动化与计算机技术—计算机应用技术]