Social Media Monitoring for IoT Cyber-Threats
This work addresses the need for proactive security in IoT systems by leveraging social media for cyber-threat intelligence, though it is incremental as it builds on existing machine learning methods applied to a new data source.
The paper tackled the problem of detecting IoT cyber-threats in real-time by monitoring Twitter streams, proposing a novel social media monitoring system that identifies recent vulnerabilities and exploits, and publicly releasing annotated datasets to support reproducibility.
The rapid development of IoT applications and their use in various fields of everyday life has resulted in an escalated number of different possible cyber-threats, and has consequently raised the need of securing IoT devices. Collecting Cyber-Threat Intelligence (e.g., zero-day vulnerabilities or trending exploits) from various online sources and utilizing it to proactively secure IoT systems or prepare mitigation scenarios has proven to be a promising direction. In this work, we focus on social media monitoring and investigate real-time Cyber-Threat Intelligence detection from the Twitter stream. Initially, we compare and extensively evaluate six different machine-learning based classification alternatives trained with vulnerability descriptions and tested with real-world data from the Twitter stream to identify the best-fitting solution. Subsequently, based on our findings, we propose a novel social media monitoring system tailored to the IoT domain; the system allows users to identify recent/trending vulnerabilities and exploits on IoT devices. Finally, to aid research on the field and support the reproducibility of our results we publicly release all annotated datasets created during this process.