TY - GEN
T1 - Understanding cyber attack behaviors with sentiment information on social media
AU - Shu, Kai
AU - Sliva, Amy
AU - Sampson, Justin
AU - Liu, Huan
N1 - Funding Information: Acknowledgements. This material is based upon work supported by, or in part by, the ONR grant N00014-16-1-2257 and N00014-17-1-2605, and the Office of the Director of National Intelligence (ODNI) and the Intelligence Advanced Research Projects Activity (IARPA) via the Air Force Research Laboratory (AFRL) contract number FA8750-16-C-0108. The U.S. Government is authorized to reproduce and distribute reprints for Governmental purposes notwithstanding any copyright annotation thereon. Publisher Copyright: © 2018, Springer International Publishing AG, part of Springer Nature.
PY - 2018
Y1 - 2018
N2 - In today’s increasingly connected world, cyber attacks have become a serious threat with detrimental effects on individuals, businesses, and broader society. Truly mitigating the negative impacts of these attacks requires a deeper understanding of malicious cyber activities and the capability of predicting these attacks before they occur. However, detecting the occurrence of cyber attacks is non-trivial due to the anonymity of cyber attacks and the ambiguity or unavailability of network data collected within organizations. Thus, we need to explore more nuanced auxiliary information that can provide improved predictive power and insight into the behavioral factors involved in planning and executing a cyber attack. Evidence suggests that public discourse in online sources, such as social media, is strongly correlated with the occurrence of real-world behavior; we believe this same premise can provide predictive indicators of cyber attacks. For example, extreme negative sentiments towards an organization may indicate a higher probability that it will be the target of a cyber attack. In this paper, we propose to use sentiment in social media as a sensor to better understand, detect, and predict cyber attacks. We develop an effective unsupervised sentiment predictor model utilizing emotional signals, such as emoticons or punctuation, common in social media communications, and a method for using this model as part of a logistic regression predictor to correlate changes in sentiment to the probability of an attack. Experiments on real-world social media data around well-known hacktivist attacks demonstrate the efficacy of the proposed sentiment model for cyber attack understanding and prediction.
AB - In today’s increasingly connected world, cyber attacks have become a serious threat with detrimental effects on individuals, businesses, and broader society. Truly mitigating the negative impacts of these attacks requires a deeper understanding of malicious cyber activities and the capability of predicting these attacks before they occur. However, detecting the occurrence of cyber attacks is non-trivial due to the anonymity of cyber attacks and the ambiguity or unavailability of network data collected within organizations. Thus, we need to explore more nuanced auxiliary information that can provide improved predictive power and insight into the behavioral factors involved in planning and executing a cyber attack. Evidence suggests that public discourse in online sources, such as social media, is strongly correlated with the occurrence of real-world behavior; we believe this same premise can provide predictive indicators of cyber attacks. For example, extreme negative sentiments towards an organization may indicate a higher probability that it will be the target of a cyber attack. In this paper, we propose to use sentiment in social media as a sensor to better understand, detect, and predict cyber attacks. We develop an effective unsupervised sentiment predictor model utilizing emotional signals, such as emoticons or punctuation, common in social media communications, and a method for using this model as part of a logistic regression predictor to correlate changes in sentiment to the probability of an attack. Experiments on real-world social media data around well-known hacktivist attacks demonstrate the efficacy of the proposed sentiment model for cyber attack understanding and prediction.
KW - Cyber attack
KW - Sentiment analysis
KW - Social media
UR - http://www.scopus.com/inward/record.url?scp=85049773099&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85049773099&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-93372-6_41
DO - 10.1007/978-3-319-93372-6_41
M3 - Conference contribution
SN - 9783319933719
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 377
EP - 388
BT - Social, Cultural, and Behavioral Modeling - 11th International Conference, SBP-BRiMS 2018, Proceedings
A2 - Bisgin, Halil
A2 - Thomson, Robert
A2 - Hyder, Ayaz
A2 - Dancy, Christopher
PB - Springer Verlag
T2 - 11th International Conference on Social Computing, Behavioral-Cultural Modeling, and Prediction conference and Behavior Representation in Modeling and Simulation, SBP-BRiMS 2018
Y2 - 10 July 2018 through 13 July 2018
ER -