Repository logo
 
Project Logo
Research Project

Untitled

Metadata only

Funder

Organizational Unit

Authors

Publications

OSINT
Publication . Alves, Fernando Baptista Leal; Bessani, Alysson Neves; Ferreira, Pedro Miguel Frazão Fernandes
Cybersecurity is a topic of growing concern as the number and gravity of cyberattacks are continuously increasing. Receiving the latest updates, patches, and news is crucial to maintaining an IT infrastructure’s high-security level. An alternative to purchasing expensive security news feeds is to collect Open Source Intelligence: a wealth of knowledge published daily by users, security companies, researchers, and hackers, among others. In particular, Twitter has become an information hub for obtaining cutting-edge information about many subjects, including cybersecurity. This thesis is focused on the collection and processing of cybersecurity-related tweets. Firstly, we conducted a qualitative and quantitative study about the security data found on Twitter and compared it to databases that publish confirmed vulnerabilities or exploits. Our study shows that Twitter is a relevant cybersecurity source. The remainder of the work is about developing a framework for collecting, processing, and delivering security tweets. Its pipeline comprises text filtering, text feature extraction, a binary classifier, clustering, and Indicator of Compromise generation. We show how to obtain a tweet classifier model following tweet characteristics and machine learning best practices. Our clustering strategy adopts the k-means algorithm to an unknown number of clusters, and to cluster and update based on a stream of tweets instead of the classical batch operation. From the clusters we generate Indicators of Compromise, which are structured data formats used in cybersecurity; this step eases the integration of our tool with existing cybersecurity tools. Finally, we showcase one such integration with the Security Information and Event Management system of a nation-wide electrical utility company.
2024-07-02Doctoral thesis Open access Show more

Organizational Units

Description

Keywords

Contributors

Funders

Funding agency

Fundação para a Ciência e a Tecnologia

Funding programme

Concurso para projetos conjuntos de investigação científica e desenvolvimento tecnológico entre equipas de investigação Portuguesas e Luxemburguesas (FCT-FNR) 2018

Funding Award Number

FCT-FNR/0002/2018

ID