research-article

Public Access

Crowdsourcing Cybersecurity: Cyber Attack Detection using Social Media

Authors:

Rupinder Paul Khandpur,

Naren RamakrishnanAuthors Info & Claims

CIKM '17: Proceedings of the 2017 ACM on Conference on Information and Knowledge Management

Pages 1049 - 1057

https://doi.org/10.1145/3132847.3132866

Published: 06 November 2017 Publication History

Abstract

Social media is often viewed as a sensor into various societal events such as disease outbreaks, protests, and elections. We describe the use of social media as a crowdsourced sensor to gain insight into ongoing cyber-attacks. Our approach detects a broad range of cyber-attacks (e.g., distributed denial of service (DDoS) attacks, data breaches, and account hijacking) in a weakly supervised manner using just a small set of seed event triggers and requires no training or labeled samples. A new query expansion strategy based on convolution kernels and dependency parses helps model semantic structure and aids in identifying key event characteristics. Through a large-scale analysis over Twitter, we demonstrate that our approach consistently identifies and encodes events, outperforming existing methods.

References

[1]

Farzindar Atefeh and Wael Khreich. 2015. A Survey of Techniques for Event Detection in Twitter. Comput. Intell. 31, 1 (2015), 132--164.

Digital Library

[2]

Hila Becker, Dan Iter, Mor Naaman, and Luis Gravano. 2012. Identifying Content for Planned Events Across Social Media Sites. In Proc. WSDM'12.

Digital Library

[3]

Hila Becker, Mor Naaman, and Luis Gravano. 2012. Beyond Trending Topics: Real-World Event Identification on Twitter. In Proc. ICWSM'14.

[4]

Michael Davis, Weiru Liu, Paul Miller, and George Redpath. 2011. Detecting Anomalies in Graphs with Numeric Labels. In Proc. CIKM'11.

Digital Library

[5]

Qi Ding, Natallia Katenka, Paul Barford, Eric Kolaczyk, and Mark Crovella. 2012. Intrusion As (Anti)Social Communication: Characterization and Detection. In Proc. KDD'12.

Digital Library

[6]

W. Eberle and L. Holder. 2007. Discovering Structural Anomalies in Graph-Based Data. In Proc. ICDMW'07.

Digital Library

[7]

Brendan J Frey and Delbert Dueck. 2007. Clustering by passing messages between data points. Science 315, 5814 (2007), 972--976.

[8]

Heng Ji, Ralph Grishman, et al. 2008. Refining Event Extraction through Cross- Document Inference. In Proc. ACL'08.

[9]

Rohit J Kate. 2008. A dependency-based word subsequence kernel. In Proc. EMNLP'08.

Digital Library

[10]

Rupinder P. Khandpur, Taoran Ji, Yue Ning, Liang Zhao, Chang-Tien Lu, Erik R. Smith, Christopher Adams, and Naren Ramakrishnan. 2016. Determining Relative Airport Threats from News and Social Media. In Proc. AAAI'16.

[11]

Jon Kleinberg. 2002. Bursty and Hierarchical Structure in Streams. In Proc. KDD'02.

Digital Library

[12]

Bum Jun Kwon, Jayanta Mondal, Jiyong Jang, Leyla Bilge, and Tudor Dumitras. 2015. The Dropper Effect: Insights into Malware Distribution with Downloader Graph Analytics. In Proc. CCS'15.

Digital Library

[13]

Wenke Lee and Salvatore J. Stolfo. 1998. Data Mining Approaches for Intrusion Detection. In Proc. USENIX Sec'98.

Digital Library

[14]

Frank Li, Zakir Durumeric, Jakub Czyz, Mohammad Karami, Michael Bailey, Damon McCoy, Stefan Savage, and Vern Paxson. 2016. You've Got Vulnerability: Exploring Effective Vulnerability Notifications. In Proc. USENIX Sec'16.

[15]

Xiaojing Liao, Kan Yuan, XiaoFeng Wang, Zhou Li, Luyi Xing, and Raheem Beyah. 2016. Acing the IOC Game: Toward Automatic Discovery and Analysis of Open-Source Cyber Threat Intelligence. In Proc. CCS'16.

Digital Library

[16]

Yang Liu, Armin Sarabi, Jing Zhang, Parinaz Naghizadeh, Manish Karir, Michael Bailey, and Mingyan Liu. 2015. Cloudy with a Chance of Breach: Forecasting Cyber Security Incidents. In Proc. USENIX Sec'15.

Digital Library

[17]

Yang Liu, Jing Zhang, Armin Sarabi, Mingyan Liu, Manish Karir, and Michael Bailey. 2015. Predicting Cyber Security Incidents Using Feature-Based Characterization of Network-Level Malicious Activities. In Proc. IWSPA'15.

Digital Library

[18]

Qiaozhu Mei and ChengXiang Zhai. 2005. Discovering evolutionary theme patterns from text: an exploration of temporal text mining. In Proc. KDD'05.

Digital Library

[19]

A. Modi, Z. Sun, A. Panwar, T. Khairnar, Z. Zhao, A. Doup, G. J. Ahn, and P. Black. 2016. Towards Automated Threat Intelligence Fusion. In Proc. IEEE CIC'16.

[20]

Sathappan Muthiah, Bert Huang, Jaime Arredondo, David Mares, Lise Getoor, Graham Katz, and Naren Ramakrishnan. 2015. Planned Protest Modeling in News and Social Media. In Proc. AAAI'15.

Digital Library

[21]

Caleb C. Noble and Diane J. Cook. 2003. Graph-based Anomaly Detection. In Proc. KDD'03.

Digital Library

[22]

Michael Ovelgonne, Tudor Dumitras, B. Aditya Prakash, V. S. Subrahmanian, and Benjamin Wang. 2016. Understanding the Relationship between Human Behavior and Susceptibility to Cyber-Attacks: A Data-Driven Approach. In Proc. TIST'16.

[23]

J. Piskorski, H. Tanev, and A. Balahur. 2013. Exploiting Twitter for Border Security-Related Intelligence Gathering. In Proc. EISIC'13.

Digital Library

[24]

Naren Ramakrishnan et al. 2014. "Beating the News" with EMBERS: Forecasting Civil Unrest Using Open Source Indicators. In Proc. KDD'14.

Digital Library

[25]

Radim Rehurek and Petr Sojka. 2010. Software framework for topic modelling with large corpora. In Proc. LREC Workshop of NLP Frameworks.

[26]

Alan Ritter, Mausam, Oren Etzioni, and Sam Clark. 2012. Open Domain Event Extraction from Twitter. In Proc. KDD'12.

Digital Library

[27]

Alan Ritter, Evan Wright, William Casey, and Tom Mitchell. 2015. Weakly Supervised Extraction of Computer Security Events from Twitter. In Proc. WWW'15.

Digital Library

[28]

Carl Sabottke, Octavian Suciu, and Tudor Dumitras. 2015. Vulnerability Disclosure in the Age of Social Media: Exploiting Twitter for Predicting Real-World Exploits. In Proc. USENIX Sec'15.

Digital Library

[29]

Takeshi Sakaki, Makoto Okazaki, and Yutaka Matsuo. 2010. Earthquake shakes Twitter users: real-time event detection by social sensors. In Proc. WWW'10.

Digital Library

[30]

Gerard Salton and Michael J McGill. 1986. Introduction to modern information retrieval. (1986).

Digital Library

[31]

Alessio Signorini, Alberto Maria Segre, and Philip M Polgreen. 2011. The use of Twitter to track levels of disease activity and public concern in the US during the influenza A H1N1 pandemic. PloS one 6, 5 (2011), e19467.

[32]

Kyle Soska and Nicolas Christin. 2014. Automatically Detecting Vulnerable Websites Before They Turn Malicious. In Proc. USENIX Sec'14.

Digital Library

[33]

Hristo Tanev, Maud Ehrmann, Jakub Piskorski, and Vanni Zavarella. 2012. Enhancing Event Descriptions through Twitter Mining. In Proc. ICWSM'14.

[34]

Flora S. Tsai and Kap Luk Chan. 2007. Detecting Cyber Security Threats in Weblogs Using Probabilistic Models. In Proc. PAISI'07.

Digital Library

[35]

Xiaofeng Wang, Matthew S. Gerber, and Donald E. Brown. 2012. Automatic Crime Prediction Using Events Extracted from Twitter Posts. In Proc. SBP'12.

Digital Library

[36]

David J. Weller-Fahy. 2017. Towards Finding Malicious Cyber Discussions in Social Media. In Proc. AICS'17.

[37]

Liang Zhao, Feng Chen, Jing Dai, Ting Hua, Chang-Tien Lu, and Naren Ramakrishnan. 2014. Unsupervised spatial event detection in targeted domains with applications to civil unrest modeling. PloS one 9, 10 (2014), e110206.

[38]

Xiangmin Zhou and Lei Chen. 2014. Event detection over twitter social media streams. The VLDB Journal 23, 3 (2014), 381--400.

Digital Library

[39]

Ziyun Zhu and Tudor Dumitras. 2016. FeatureSmith: Automatically Engineering Features for Malware Detection by Mining the Security Literature. In Proc. CCS'16.

Digital Library

Cited By

Shah IJhanjhi NRay S(2024)Artificial Intelligence Applications in the Context of the Security Framework for the Logistics IndustryAdvances in Explainable AI Applications for Smart Cities10.4018/978-1-6684-6361-1.ch011(297-316)Online publication date: 18-Jan-2024
https://doi.org/10.4018/978-1-6684-6361-1.ch011
Ahmed YAzad MAsyhari T(2024)Rapid Forecasting of Cyber Events Using Machine Learning-Enabled FeaturesInformation10.3390/info1501003615:1(36)Online publication date: 11-Jan-2024
https://doi.org/10.3390/info15010036
Chatterjee SMitra ASarkar B(2024)Crowdsourcing-based Automated Model for Unprecedented Cyber-attacks Detection and Application of It in LawSSRN Electronic Journal10.2139/ssrn.4652351Online publication date: 2024
https://doi.org/10.2139/ssrn.4652351
Show More Cited By

Index Terms

Crowdsourcing Cybersecurity: Cyber Attack Detection using Social Media
1. Computing methodologies
  1. Artificial intelligence
    1. Natural language processing
      1. Information extraction
2. Information systems
  1. Information retrieval
    1. Information retrieval query processing
    2. Retrieval models and ranking
      1. Similarity measures
  2. Information systems applications
    1. Data mining

Recommendations

Government regulations in cyber security: Framework, standards and recommendations
Abstract
Cyber security refers to the protection of Internet-connected systems, such as hardware, software as well as data (information) from cyber attacks (adversaries). A cyber security regulation is needed in order to protect information ...
Highlights
- We list and discuss the cyber attacks, security requirements and measures. We then discuss the cyber security incident management framework and its various ...
The Role of Human Operators' Suspicion in the Detection of Cyber Attacks

Despite the importance that human error in the cyber domain has had in recent reports, cyber warfare research to date has largely focused on the effects of cyber attacks on the target computer system. In contrast, there is little empirical work on the ...
Machine Learning–based Cyber Attacks Targeting on Controlled Information: A Survey

Stealing attack against controlled information, along with the increasing number of information leakage incidents, has become an emerging cyber security threat in recent years. Due to the booming development and deployment of advanced analytics solutions,...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CIKM '17: Proceedings of the 2017 ACM on Conference on Information and Knowledge Management

November 2017

2604 pages

ISBN:9781450349185

DOI:10.1145/3132847

General Chairs:
Ee-Peng Lim
Singapore Management University, Singapore
,
Marianne Winslett
University of Illinois at Urbana-Champaign, USA, and Advanced Digital Sciences Center, Singapore
,
Program Chairs:
Mark Sanderson
RMIT, Australia
,
Ada Fu
Chinese University of Hong Kong, Hong Kong
,
Jimeng Sun
Georgia Tech, USA
,
Shane Culpepper
RMIT, Australia
,
Eric Lo
Chinese University of Hong Kong, Hong Kong
,
Joyce Ho
Emory University, USA
,
Debora Donato
Mix Tech, Inc., USA
,
Rakesh Agrawal
Data Insights Laboratories, USA
,
Yu Zheng
Microsoft Research Asia, China
,
Carlos Castillo
Qatar Computing Research Institute, Qatar
,
Aixin Sun
Nanyang Technological University, Singapore
,
Vincent S. Tseng
National Cheng Kung University, Taiwan
,
Chenliang Li
Wuhan University, China

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 November 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

CIKM '17

Sponsor:

CIKM '17: ACM Conference on Information and Knowledge Management

November 6 - 10, 2017

Singapore, Singapore

Acceptance Rates

CIKM '17 Paper Acceptance Rate 171 of 855 submissions, 20%;

Overall Acceptance Rate 1,861 of 8,427 submissions, 22%

Upcoming Conference

CIKM '25

Sponsor:
sigir
sigir

The 34th ACM International Conference on Information and Knowledge Management

November 10 - 14, 2025

Seoul , Republic of Korea

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

84
Total Citations
View Citations
3,781
Total Downloads

Downloads (Last 12 months)683
Downloads (Last 6 weeks)82

Reflects downloads up to 06 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Shah IJhanjhi NRay S(2024)Artificial Intelligence Applications in the Context of the Security Framework for the Logistics IndustryAdvances in Explainable AI Applications for Smart Cities10.4018/978-1-6684-6361-1.ch011(297-316)Online publication date: 18-Jan-2024
https://doi.org/10.4018/978-1-6684-6361-1.ch011
Ahmed YAzad MAsyhari T(2024)Rapid Forecasting of Cyber Events Using Machine Learning-Enabled FeaturesInformation10.3390/info1501003615:1(36)Online publication date: 11-Jan-2024
https://doi.org/10.3390/info15010036
Chatterjee SMitra ASarkar B(2024)Crowdsourcing-based Automated Model for Unprecedented Cyber-attacks Detection and Application of It in LawSSRN Electronic Journal10.2139/ssrn.4652351Online publication date: 2024
https://doi.org/10.2139/ssrn.4652351
NAKANO HCHIBA DKOIDE TFUKUSHI NYAGI THARIU TYOSHIOKA KMATSUMOTO T(2024)Understanding Characteristics of Phishing Reports from Experts and Non-Experts on TwitterIEICE Transactions on Information and Systems10.1587/transinf.2023EDP7221E107.D:7(807-824)Online publication date: 1-Jul-2024
https://doi.org/10.1587/transinf.2023EDP7221
Alketbi SBinAmro MAlhammadi AKaddoura S(2024)A Comparative Study of Machine Learning Models for Classification and Detection of Cybersecurity Threat in Hacking Forum2024 15th Annual Undergraduate Research Conference on Applied Computing (URC)10.1109/URC62276.2024.10604519(1-6)Online publication date: 24-Apr-2024
https://doi.org/10.1109/URC62276.2024.10604519
Smolyakova SKhodayarseresht EMajumdar S(2024)Traditional IOCs Meet Dynamic App–Device Interactions for IoT-Specific Threat IntelligenceIEEE Internet of Things Journal10.1109/JIOT.2024.341335111:19(30571-30593)Online publication date: 1-Oct-2024
https://doi.org/10.1109/JIOT.2024.3413351
Ivory DLoukas GGan D(2024)Enabling the Human-as-a-Security-Sensor Paradigm in the Internet of ThingsSecurity and Privacy in Smart Environments10.1007/978-3-031-66708-4_4(75-97)Online publication date: 29-Oct-2024
https://doi.org/10.1007/978-3-031-66708-4_4
Abualkas YBhaskari D(2023)Methodologies for Predicting Cybersecurity IncidentsIndian Journal of Cryptography and Network Security10.54105/ijcns.F3677.0531233:1(1-8)Online publication date: 30-May-2023
https://doi.org/10.54105/ijcns.F3677.053123
Sufi F(2023)Social Media Analytics on Russia–Ukraine Cyber War with Natural Language Processing: Perspectives and ChallengesInformation10.3390/info1409048514:9(485)Online publication date: 31-Aug-2023
https://doi.org/10.3390/info14090485
Alkulaib LAlhamadani ASarkar SLu CRokne JWang D(2023)Hypergraph Text Classification for Mental Health Misleading AdviceProceedings of the International Conference on Advances in Social Networks Analysis and Mining10.1145/3625007.3627500(522-529)Online publication date: 6-Nov-2023
https://dl.acm.org/doi/10.1145/3625007.3627500
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents