Please use this identifier to cite or link to this item:
https://hdl.handle.net/2440/128218
Citations | ||
Scopus | Web of Science® | Altmetric |
---|---|---|
?
|
?
|
Type: | Conference paper |
Title: | Gathering cyber threat intelligence from Twitter using novelty classification |
Author: | Le, B.D. Wang, G. Nasim, M. Babar, M.A. |
Citation: | Proceedings of the 2019 International Conference on Cyberworlds (CW), 2019, pp.316-323 |
Publisher: | IEEE |
Issue Date: | 2019 |
ISBN: | 172812297X 9781728122984 |
ISSN: | 2642-357X 2642-3596 |
Conference Name: | International Conference on Cyberworlds (CW) (2 Oct 2019 - 4 Oct 2019 : Kyoto, Japan) |
Statement of Responsibility: | Ba-Dung Le, Guanhua Wang, Mehwish Nasim, M. Ali Babar |
Abstract: | Preventing organizations from Cyber exploits needs timely intelligence about Cyber vulnerabilities and attacks, referred to as threats. Cyber threat intelligence can be extracted from various sources including social media platforms where users publish the threat information in real-time. Gathering Cyber threat intelligence from social media sites is a time-consuming task for security analysts that can delay timely response to emerging Cyber threats. We propose a framework for automatically gathering Cyber threat intelligence from Twitter by using a novelty detection model. Our model learns the features of Cyber threat intelligence from the threat descriptions published in public repositories such as Common Vulnerabilities and Exposures (CVE) and classifies a new unseen tweet as either normal or anomalous to Cyber threat intelligence. We evaluate our framework using a purpose-built data set of tweets from 50 influential Cyber security-related accounts over twelve months (in 2018). Our classifier achieves the F1-score of 0.643 for classifying Cyber threat tweets and outperforms several baselines including binary classification models. Analysis of the classification results suggests that Cyber threat-relevant tweets on Twitter do not often include the CVE identifier of the related threats. Hence, it would be valuable to collect these tweets and associate them with the related CVE identifier for Cyber security applications. |
Keywords: | Cybersecurity; Cyber threat; open source intelligence; OSINT; Twitter |
Description: | Conference also known as Cyberworlds 2019 |
Rights: | ©2019 IEEE |
DOI: | 10.1109/CW.2019.00058 |
Published version: | https://ieeexplore.ieee.org/xpl/conhome/8910333/proceeding |
Appears in Collections: | Aurora harvest 8 Computer Science publications |
Files in This Item:
There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.