Advanced Real-Time Detection of Cyber Threat Information from Tweets

Advanced Real-Time Detection of Cyber Threat Information from Tweets

연구 분야: Safety

학회: International Symposium on Foundations and Practice of Security

The exponential increase in cyberattacks in recent years has underscored the limitations of current detection mechanisms and the urgent need for more effective predictive models and methods in Cyber Threat Intelligence (CTI). In fact, many cybersecurity systems rely on threat intelligence to design their defense strategies and identify potential attacks at an early stage. However, threat information used in threat intelligence, often collected from Open Source Intelligence (OSINT), is manually analyzed to determine if it is relevant for proactive defense. Unfortunately, this approach is time-consuming and error-prone due to the large volume of daily shared data. To address these challenges, it is imperative to automate the process of threat information detection and analysis from OSINT sources such as Twitter, where vast amounts of data are continuously generated. In this paper, we propose an artificial intelligence based system for real-time analysis and detection of threat information within tweets. Our system leverages the capabilities of the Bidirectional Encoder Representations from Transformers (BERT) to analyze tweets and optimize a reinforcement learning algorithm, specifically, a Deep Q-Network (DQN), to make decisions on whether a tweet contains relevant threat information or not. The experimental results demonstrate that our system achieves high performance in terms of precision, recall, and F1 score, demonstrating its effectiveness in improving threat information detection on Twitter.