Social Media Monitoring for IoT Cyber-Threats

The rapid development of IoT applications and their use in various fields of everyday life has resulted in an escalated number of different possible cyber-threats, and has consequently raised the need of securing IoT devices. Collecting Cyber-Threat Intelligence (e.g., zero-day vulnerabilities or trending exploits) from various online sources and utilizing it to proactively secure IoT systems or prepare mitigation scenarios has proven to be a promising direction. In this work, we focus on social media monitoring and investigate real-time Cyber-Threat Intelligence detection from the Twitter stream. Initially, we compare and extensively evaluate six different machine-learning based classification alternatives trained with vulnerability descriptions and tested with real-world data from the Twitter stream to identify the best-fitting solution. Subsequently, based on our findings, we propose a novel social media monitoring system tailored to the IoT domain; the system allows users to identify recent/trending vulnerabilities and exploits on IoT devices. Finally, to aid research on the field and support the reproducibility of our results we publicly release all annotated datasets created during this process.

[1]  Tudor Dumitras,et al.  Vulnerability Disclosure in the Age of Social Media: Exploiting Twitter for Predicting Real-World Exploits , 2015, USENIX Security Symposium.

[2]  Ruth Breu,et al.  The Tweet Advantage: An Empirical Analysis of 0-Day Vulnerability Information Shared on Twitter , 2018, SEC.

[3]  Mohammad Zulkernine,et al.  An Automatic Software Vulnerability Classification Framework , 2017, 2017 International Conference on Software Security and Assurance (ICSSA).

[4]  Alysson Neves Bessani,et al.  Processing Tweets for Cybersecurity Threat Awareness , 2019, Inf. Syst..

[5]  Eric R. Ziegel,et al.  Generalized Linear Models , 2002, Technometrics.

[6]  H T Waaler,et al.  Bayes' Theorem , 2017, Encyclopedia of Machine Learning and Data Mining.

[7]  Gaël Varoquaux,et al.  Scikit-learn: Machine Learning in Python , 2011, J. Mach. Learn. Res..

[8]  J. Ross Quinlan,et al.  Induction of Decision Trees , 1986, Machine Learning.

[9]  Christopher D. Manning,et al.  Introduction to Information Retrieval , 2010, J. Assoc. Inf. Sci. Technol..

[10]  Paulo Shakarian,et al.  Early Warnings of Cyber Threats in Online Discussions , 2017, 2017 IEEE International Conference on Data Mining Workshops (ICDMW).

[11]  Gregory A. Witte,et al.  The National Vulnerability Database (NVD): Overview | NIST , 2013 .

[12]  Christoph Meinel,et al.  Automatic Vulnerability Classification Using Machine Learning , 2017, CRiSIS.

[13]  Jeffrey M. Keisler,et al.  What it takes to get retweeted: An analysis of software vulnerability messages , 2018, Comput. Hum. Behav..

[14]  Timothy W. Finin,et al.  CyberTwitter: Using Twitter to generate alerts for cybersecurity threats and vulnerabilities , 2016, 2016 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM).

[15]  Haifeng Li,et al.  Automatic classification for vulnerability based on machine learning , 2013, 2013 IEEE International Conference on Information and Automation (ICIA).

[16]  N. Altman An Introduction to Kernel and Nearest-Neighbor Nonparametric Regression , 1992 .

[17]  Thomas J. Watson,et al.  An empirical study of the naive Bayes classifier , 2001 .

[18]  Brian Keegan,et al.  Predicting Software Vulnerability Using Security Discussion in Social Media , 2017 .

[19]  Leo Breiman,et al.  Random Forests , 2001, Machine Learning.

[20]  Spiros Skiadopoulos,et al.  inTIME: A Machine Learning-Based Framework for Gathering and Leveraging Web Data to Cyber-Threat Intelligence , 2021, Electronics.

[21]  Milos Manic,et al.  Vulnerability identification and classification via text mining bug databases , 2014, IECON 2014 - 40th Annual Conference of the IEEE Industrial Electronics Society.

[22]  Jiadong Ren,et al.  Automatic Classification Method for Software Vulnerability Based on Deep Neural Network , 2019, IEEE Access.

[23]  Paweł Piotrowski,et al.  CVE based classification of vulnerable IoT systems , 2020, ArXiv.

[24]  Corinna Cortes,et al.  Support-Vector Networks , 1995, Machine Learning.

[25]  Sang Peter Chin,et al.  Automated software vulnerability detection with machine learning , 2018, ArXiv.

[26]  Spiros Skiadopoulos,et al.  A Crawler Architecture for Harvesting the Clear, Social, and Dark Web for IoT-Related Cyber-Threat Intelligence , 2019, 2019 IEEE World Congress on Services (SERVICES).

[27]  Muhammad Ali Babar,et al.  Gathering Cyber Threat Intelligence from Twitter Using Novelty Classification , 2019, 2019 International Conference on Cyberworlds (CW).