Vendor-Conditioned Contrastive Learning for Predicting Organizational Cyber Threat Targets

This paper presents TRACE, a model that reads exploit posts from hacker forums and exploit databases to predict which kind of organization an attack targets. By tailoring its learning to the software vendor involved and testing on data from later time periods than it trained on, TRACE stays accurate as threats evolve, reaching a 97% macro F1-score and beating a wide range of traditional and deep learning baselines. It is the substantially expanded successor to the earlier HackER "Predicting Organizational Cybersecurity Risk" preprint.