CyberTwitter: Using Twitter to generate alerts for Cybersecurity Threats and Vulnerabilities

Thumbnail Image

Files

816.pd.pdf (784.49 KB)

Links to Files

https://ieeexplore.ieee.org/document/7752338

Permanent Link

10.1109/ASONAM.2016.7752338
 http://hdl.handle.net/11603/11790

Collections

UMBC Computer Science and Electrical Engineering Department
UMBC Faculty Collection
UMBC Student Collection

Author/Creator

Author/Creator ORCID

Date

2016-11-24

Type of Work

conference papers and proceedings pre-print
Text

Department

Program

Citation of Original Publication

Sudip Mittal, Prajit Kumar Das, Varish Mulwad, Anupam Joshi, and Tim Finin, CyberTwitter: Using Twitter to generate alerts for Cybersecurity Threats and Vulnerabilities, 2016 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM) , DOI: 10.1109/ASONAM.2016.7752338

Rights

This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.
© 2016 IEEE

Subjects

Computer security
twitter
social media
open-source intelligence
database management systems
security of data
semantic Web
social networking (online)
UMBC Ebiquity Research Group

Abstract

In order to secure vital personal and organizational system we require timely intelligence on cybersecurity threats and vulnerabilities. Intelligence about these threats is generally available in both overt and covert sources like the National Vulnerability Database, CERT alerts, blog posts, social media, and dark web resources. Intelligence updates about cybersecurity can be viewed as temporal events that a security analyst must keep up with so as to secure a computer system. We describe CyberTwitter, a system to discover and analyze cybersecurity intelligence on Twitter and serve as a OSINT (Open–source intelligence) source. We analyze real time information updates, in form of tweets, to extract intelligence about various possible threats. We use the Semantic Web RDF to represent the intelligence gathered and SWRL rules to reason over extracted intelligence to issue alerts for security analysts.