Temporal Understanding of Cybersecurity Threats

As cybersecurity-related threats continue to increase, understanding how the field is changing over time can give insight into combating new threats and understanding historical events. We show how to apply dynamic topic models to a set of cybersecurity documents to understand how the concepts found in them are changing over time. We correlate two different data sets, the first relates to specific exploits and the second relates to cybersecurity research. We use Wikipedia concepts to provide a basis for performing concept phrase extraction and show how using concepts to provide context improves the quality of the topic model. We represent the results of the dynamic topic model as a knowledge graph that could be used for inference or information discovery.

[1]  B. Aditya Prakash Prediction Using Propagation: From Flu Trends to Cybersecurity , 2016, IEEE Intelligent Systems.

[2]  Timothy W. Finin,et al.  Extracting Cybersecurity Related Linked Data from Text , 2013, 2013 IEEE Seventh International Conference on Semantic Computing.

[3]  Lech J. Janczewski,et al.  Clustering and Topic Modelling: A New Approach for Analysis of National Cyber security Strategies , 2017, PACIS.

[4]  V. S. Subrahmanian,et al.  Ensemble Models for Data-driven Prediction of Malware Infections , 2016, WSDM.

[5]  Michael I. Jordan,et al.  Latent Dirichlet Allocation , 2001, J. Mach. Learn. Res..

[6]  Andreea Bendovschi,et al.  Cyber-Attacks – Trends, Patterns and Security Countermeasures☆ , 2015 .

[7]  Yoshinori Kawasaki,et al.  Forecasting Financial Market Volatility Using a Dynamic Topic Model , 2016, Asia-Pacific Financial Markets.

[8]  Timothy W. Finin,et al.  Detecting Botnets using a Collaborative Situational-aware IDPS , 2016, ICISSP.

[9]  Oded Shmueli,et al.  Using Word Embedding to Enable Semantic Queries in Relational Databases , 2017, DEEM@SIGMOD.

[10]  Daphna Weinshall,et al.  Modeling Musical Influence with Topic Models , 2013, ICML.

[11]  Jens Lehmann,et al.  DBpedia: A Nucleus for a Web of Open Data , 2007, ISWC/ASWC.

[12]  Timothy W. Finin,et al.  CyberTwitter: Using Twitter to generate alerts for cybersecurity threats and vulnerabilities , 2016, 2016 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM).

[13]  Peter G. Neumann,et al.  Toward a safer and more secure cyberspace , 2007, CACM.

[14]  Julian Jang,et al.  A survey of emerging threats in cybersecurity , 2014, J. Comput. Syst. Sci..

[15]  Tim Finin,et al.  Gazetteer Generation for Neural Named Entity Recognition , 2020, FLAIRS Conference.

[16]  Timothy W. Finin,et al.  Modeling the Evolution of Climate Change Assessment Research Using Dynamic Topic Models and Cross-Domain Divergence Maps , 2017, AAAI Spring Symposia.

[17]  John D. Lafferty,et al.  Dynamic topic models , 2006, ICML.

[18]  Timothy W. Finin,et al.  Dynamic Topic Modeling to Infer the Influence of Research Citations on IPCC Assessment Reports , 2016 .

[19]  Timothy W. Finin,et al.  Ontology-Grounded Topic Modeling for Climate Science Research , 2018, SW4SG@ISWC.

[20]  Bin Li,et al.  Modeling the evolution of development topics using Dynamic Topic Models , 2015, 2015 IEEE 22nd International Conference on Software Analysis, Evolution, and Reengineering (SANER).

[21]  Tim Oates,et al.  Early Detection of Cybersecurity Threats Using Collaborative Cognition , 2018, 2018 IEEE 4th International Conference on Collaboration and Internet Computing (CIC).