This work presents some activities performed within the SoBigData.it research project, with the purpose of ad- dressing some critical challenges of Named Entity Recognition (NER) in the cybersecurity domain, by introducing a specific explainability framework. In detail, explainability techniques based on the Captum library have been experimented to deepen the analysis of model behaviour, revealing critical insights into feature importance and layer-wise contributions for entities like Malware, Vulnerability, and Indicators, showing a promising path for the adoption of similar approaches.
Towards explainability framework for cybersecurity domain: a case study using NER
Stefano Silvestri
;Emanuele Damiano;Raffaele Guarasci;Mario Ciampi
2025
Abstract
This work presents some activities performed within the SoBigData.it research project, with the purpose of ad- dressing some critical challenges of Named Entity Recognition (NER) in the cybersecurity domain, by introducing a specific explainability framework. In detail, explainability techniques based on the Captum library have been experimented to deepen the analysis of model behaviour, revealing critical insights into feature importance and layer-wise contributions for entities like Malware, Vulnerability, and Indicators, showing a promising path for the adoption of similar approaches.File in questo prodotto:
| File | Dimensione | Formato | |
|---|---|---|---|
|
Ital-IA_2025_paper_69-2.pdf
accesso aperto
Tipologia:
Versione Editoriale (PDF)
Licenza:
Creative commons
Dimensione
1.22 MB
Formato
Adobe PDF
|
1.22 MB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
