7 Citations (Scopus)

Abstract

We introduce a system for automatically generating warnings of imminent or current cyber-threats. Our system leverages the communication of malicious actors on the darkweb, as well as activity of cyber security experts on social media platforms like Twitter. In a time period between September, 2016 and January, 2017, our method generated 661 alerts of which about 84% were relevant to current or imminent cyber-threats. In the paper, we first illustrate the rationale and workflow of our system, then we measure its performance. Our analysis is enriched by two case studies: the first shows how the method could predict DDoS attacks, and how it would have allowed organizations to prepare for the Mirai attacks that caused widespread disruption in October 2016. Second, we discuss the method's timely identification of various instances of data breaches.

Original languageEnglish (US)
Title of host publicationProceeding - 17th IEEE International Conference on Data Mining Workshops, ICDMW 2017
PublisherIEEE Computer Society
Pages667-674
Number of pages8
Volume2017-November
ISBN (Electronic)9781538614808
DOIs
StatePublished - Dec 15 2017
Event17th IEEE International Conference on Data Mining Workshops, ICDMW 2017 - New Orleans, United States
Duration: Nov 18 2017Nov 21 2017

Other

Other17th IEEE International Conference on Data Mining Workshops, ICDMW 2017
CountryUnited States
CityNew Orleans
Period11/18/1711/21/17

Fingerprint

Communication

ASJC Scopus subject areas

  • Computer Science Applications
  • Software

Cite this

Sapienza, A., Bessi, A., Damodaran, S., Shakarian, P., Lerman, K., & Ferrara, E. (2017). Early warnings of cyber threats in online discussions. In Proceeding - 17th IEEE International Conference on Data Mining Workshops, ICDMW 2017 (Vol. 2017-November, pp. 667-674). IEEE Computer Society. https://doi.org/10.1109/ICDMW.2017.94

Early warnings of cyber threats in online discussions. / Sapienza, Anna; Bessi, Alessandro; Damodaran, Saranya; Shakarian, Paulo; Lerman, Kristina; Ferrara, Emilio.

Proceeding - 17th IEEE International Conference on Data Mining Workshops, ICDMW 2017. Vol. 2017-November IEEE Computer Society, 2017. p. 667-674.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Sapienza, A, Bessi, A, Damodaran, S, Shakarian, P, Lerman, K & Ferrara, E 2017, Early warnings of cyber threats in online discussions. in Proceeding - 17th IEEE International Conference on Data Mining Workshops, ICDMW 2017. vol. 2017-November, IEEE Computer Society, pp. 667-674, 17th IEEE International Conference on Data Mining Workshops, ICDMW 2017, New Orleans, United States, 11/18/17. https://doi.org/10.1109/ICDMW.2017.94
Sapienza A, Bessi A, Damodaran S, Shakarian P, Lerman K, Ferrara E. Early warnings of cyber threats in online discussions. In Proceeding - 17th IEEE International Conference on Data Mining Workshops, ICDMW 2017. Vol. 2017-November. IEEE Computer Society. 2017. p. 667-674 https://doi.org/10.1109/ICDMW.2017.94
Sapienza, Anna ; Bessi, Alessandro ; Damodaran, Saranya ; Shakarian, Paulo ; Lerman, Kristina ; Ferrara, Emilio. / Early warnings of cyber threats in online discussions. Proceeding - 17th IEEE International Conference on Data Mining Workshops, ICDMW 2017. Vol. 2017-November IEEE Computer Society, 2017. pp. 667-674
@inproceedings{6dcca0661a664949b30f30e5b97bfb03,
title = "Early warnings of cyber threats in online discussions",
abstract = "We introduce a system for automatically generating warnings of imminent or current cyber-threats. Our system leverages the communication of malicious actors on the darkweb, as well as activity of cyber security experts on social media platforms like Twitter. In a time period between September, 2016 and January, 2017, our method generated 661 alerts of which about 84{\%} were relevant to current or imminent cyber-threats. In the paper, we first illustrate the rationale and workflow of our system, then we measure its performance. Our analysis is enriched by two case studies: the first shows how the method could predict DDoS attacks, and how it would have allowed organizations to prepare for the Mirai attacks that caused widespread disruption in October 2016. Second, we discuss the method's timely identification of various instances of data breaches.",
author = "Anna Sapienza and Alessandro Bessi and Saranya Damodaran and Paulo Shakarian and Kristina Lerman and Emilio Ferrara",
year = "2017",
month = "12",
day = "15",
doi = "10.1109/ICDMW.2017.94",
language = "English (US)",
volume = "2017-November",
pages = "667--674",
booktitle = "Proceeding - 17th IEEE International Conference on Data Mining Workshops, ICDMW 2017",
publisher = "IEEE Computer Society",

}

TY - GEN

T1 - Early warnings of cyber threats in online discussions

AU - Sapienza, Anna

AU - Bessi, Alessandro

AU - Damodaran, Saranya

AU - Shakarian, Paulo

AU - Lerman, Kristina

AU - Ferrara, Emilio

PY - 2017/12/15

Y1 - 2017/12/15

N2 - We introduce a system for automatically generating warnings of imminent or current cyber-threats. Our system leverages the communication of malicious actors on the darkweb, as well as activity of cyber security experts on social media platforms like Twitter. In a time period between September, 2016 and January, 2017, our method generated 661 alerts of which about 84% were relevant to current or imminent cyber-threats. In the paper, we first illustrate the rationale and workflow of our system, then we measure its performance. Our analysis is enriched by two case studies: the first shows how the method could predict DDoS attacks, and how it would have allowed organizations to prepare for the Mirai attacks that caused widespread disruption in October 2016. Second, we discuss the method's timely identification of various instances of data breaches.

AB - We introduce a system for automatically generating warnings of imminent or current cyber-threats. Our system leverages the communication of malicious actors on the darkweb, as well as activity of cyber security experts on social media platforms like Twitter. In a time period between September, 2016 and January, 2017, our method generated 661 alerts of which about 84% were relevant to current or imminent cyber-threats. In the paper, we first illustrate the rationale and workflow of our system, then we measure its performance. Our analysis is enriched by two case studies: the first shows how the method could predict DDoS attacks, and how it would have allowed organizations to prepare for the Mirai attacks that caused widespread disruption in October 2016. Second, we discuss the method's timely identification of various instances of data breaches.

UR - http://www.scopus.com/inward/record.url?scp=85044081894&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85044081894&partnerID=8YFLogxK

U2 - 10.1109/ICDMW.2017.94

DO - 10.1109/ICDMW.2017.94

M3 - Conference contribution

VL - 2017-November

SP - 667

EP - 674

BT - Proceeding - 17th IEEE International Conference on Data Mining Workshops, ICDMW 2017

PB - IEEE Computer Society

ER -