Vulnerability disclosure in the age of social media: exploiting twitter for predicting real-world exploits
作者: Tudor Dumitras , Carl Sabottke , Octavian Suciu
DOI:
关键词:
摘要: In recent years, the number of software vulnerabilities discovered has grown significantly. This creates a need for prioritizing response to new disclosures by assessing which are likely be exploited and quickly ruling out that not actually in real world. We conduct quantitative qualitative exploration vulnerability-related information disseminated on Twitter. then describe design Twitter-based exploit detector, we introduce threat model specific our problem. addition prioritization, detection techniques have applications risk modeling cyber-insurance they highlight value provided victims attacks.
参考文章(36)
Fabricio Benevenuto, Gabriel Magno, Tiago Rodrigues, Virg ´ ilio Almeida, Detecting Spammers on Twitter ,(2010)
Luca Allodi, Fabio Massacci, Comparing Vulnerability Severity and Exploits Using Case-Control Studies ACM Transactions on Information and System Security. ,vol. 17, pp. 1- 20 ,(2014) , 10.1145/2630069
Jacob Ratkiewicz, Alessandro Flammini, Mark Meiss, Michael D. Conover, Filippo Menczer Menczer, Bruno Goncalves, Detecting and Tracking Political Abuse in Social Media international conference on weblogs and social media. ,(2011)
Eiji Aramaki, Sachiko Maskawa, Mizuki Morita, Twitter Catches The Flu: Detecting Influenza Epidemics using Twitter empirical methods in natural language processing. pp. 1568- 1576 ,(2011)
Mehran Bozorgi, Lawrence K. Saul, Stefan Savage, Geoffrey M. Voelker, Beyond heuristics: learning to classify vulnerabilities and predict exploits knowledge discovery and data mining. pp. 105- 114 ,(2010) , 10.1145/1835804.1835821
Karen Scarfone, Peter Mell, An analysis of CVSS version 2 vulnerability scoring empirical software engineering and measurement. pp. 516- 525 ,(2009) , 10.1109/ESEM.2009.5314220
Alex Hai Wang, Don't follow me: Spam detection in Twitter international conference on security and cryptography. pp. 142- 151 ,(2010)
Sitaram Asur, Bernardo A. Huberman, Predicting the Future with Social Media web intelligence. ,vol. 1, pp. 492- 499 ,(2010) , 10.1109/WI-IAT.2010.63
David A. Broniatowski, Michael J. Paul, Mark Dredze, National and Local Influenza Surveillance through Twitter: An Analysis of the 2012-2013 Influenza Epidemic PLoS ONE. ,vol. 8, pp. e83672- ,(2013) , 10.1371/JOURNAL.PONE.0083672
Leyla Bilge, Tudor Dumitras, Before we knew it Proceedings of the 2012 ACM conference on Computer and communications security - CCS '12. pp. 833- 844 ,(2012) , 10.1145/2382196.2382284