14 Scopus citations

Abstract

We introduce a system for automatically generating warnings of imminent or current cyber-threats. Our system leverages the communication of malicious actors on the darkweb, as well as activity of cyber security experts on social media platforms like Twitter. In a time period between September, 2016 and January, 2017, our method generated 661 alerts of which about 84% were relevant to current or imminent cyber-threats. In the paper, we first illustrate the rationale and workflow of our system, then we measure its performance. Our analysis is enriched by two case studies: the first shows how the method could predict DDoS attacks, and how it would have allowed organizations to prepare for the Mirai attacks that caused widespread disruption in October 2016. Second, we discuss the method's timely identification of various instances of data breaches.

Original languageEnglish (US)
Title of host publicationProceeding - 17th IEEE International Conference on Data Mining Workshops, ICDMW 2017
PublisherIEEE Computer Society
Pages667-674
Number of pages8
Volume2017-November
ISBN (Electronic)9781538614808
DOIs
StatePublished - Dec 15 2017
Event17th IEEE International Conference on Data Mining Workshops, ICDMW 2017 - New Orleans, United States
Duration: Nov 18 2017Nov 21 2017

Other

Other17th IEEE International Conference on Data Mining Workshops, ICDMW 2017
CountryUnited States
CityNew Orleans
Period11/18/1711/21/17

    Fingerprint

ASJC Scopus subject areas

  • Computer Science Applications
  • Software

Cite this

Sapienza, A., Bessi, A., Damodaran, S., Shakarian, P., Lerman, K., & Ferrara, E. (2017). Early warnings of cyber threats in online discussions. In Proceeding - 17th IEEE International Conference on Data Mining Workshops, ICDMW 2017 (Vol. 2017-November, pp. 667-674). IEEE Computer Society. https://doi.org/10.1109/ICDMW.2017.94