Crowdsourcing cybersecurity: Cyber attack detection using social media

Published in Conference on Information and Knowledge Management, 2017

Abstract-Social media is often viewed as a sensor into various societal events such as disease outbreaks, protests, and elections. We describe the use of social media as a crowdsourced sensor to gain insight into ongoing cyber-attacks. Our approach detects a broad range of cyber-attacks (e.g., distributed denial of service (DDoS) attacks, data breaches, and account hijacking) in a weakly supervised manner using just a small set of seed event triggers and requires no training or labeled samples. A new query expansion strategy based on convolution kernels and dependency parses helps model semantic structure and aids in identifying key event characteristics. Through a large-scale analysis over Twitter, we demonstrate that our approach consistently identifies and encodes events, outperforming existing methods.

Download paper here

Recommended citation:

@inproceedings{khandpur2017crowdsourcing,
    title={Crowdsourcing cybersecurity: Cyber attack detection using social media},
    author={Khandpur, Rupinder Paul and Ji, Taoran and Jan, Steve and Wang, Gang and Lu, Chang-Tien and Ramakrishnan, Naren},
    booktitle={Proceedings of the 2017 ACM on Conference on Information and Knowledge Management},
    pages={1049--1057},
    year={2017},
    organization={ACM}
}