A Reliability Comparison Method for OSINT Validity Analysis

Gong, Seonghyeon; Cho, Jae-Ik; Lee, Chang‐Hoon

doi:10.1109/tii.2018.2857213

Cited by 19 publications

(19 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The trustworthiness and authority of the information are indeed the key for successful OSINT investigations [41]. Ideally, the collected data should come from authoritative, reviewed and trusted sources (official documents, scientific reports, reliable communication media) [39].…”

Section: ) Data Sources Reliabilitymentioning

confidence: 99%

The Not Yet Exploited Goldmine of OSINT: Opportunities, Open Challenges and Future Trends

et al. 2020

View full text Add to dashboard Cite

The amount of data generated by the current interconnected world is immeasurable, and a large part of such data is publicly available, which means that it is accessible by any user, at any time, from anywhere in the Internet. In this respect, Open Source Intelligence (OSINT) is a type of intelligence that actually benefits from that open natureby collecting, processing and correlating points of the whole cyberspace to generate knowledge. In fact, recent advances in technology are causing OSINT to currently evolve at a dizzying rate, providing innovative data-driven and AI-powered applications for politics, economy or society, but also offering new lines of action against cyberthreats and cybercrime. The paper at hand describes the current state of OSINT and makes a comprehensive review of the paradigm, focusing on the services and techniques enhancing the cybersecurity field. On the one hand, we analyze the strong points of this methodology and propose numerous ways to apply it to cybersecurity. On the other hand, we cover the limitations when adopting it. Considering there is a lot left to explore in this ample field, we also enumerate some open challenges to be addressed in the future. Additionally, we study the role of OSINT in the public sphere of governments, which constitute an ideal landscape to exploit open data.

show abstract

Section: ) Data Sources Reliabilitymentioning

confidence: 99%

The Not Yet Exploited Goldmine of OSINT: Opportunities, Open Challenges and Future Trends

et al. 2020

View full text Add to dashboard Cite

show abstract

“…When the data is collected from various data channels, the validity and reliability of the data must be considered. In our previous study [34], we proposed a model for determining the reliability of data collected from open source intelligence (OSINT). In [35], they show that CTI data analysis using machine learning technology may be vulnerable to data poisoning attacks.…”

Section: State Of the Artmentioning

confidence: 99%

“…Traceability, as an essential element to verify the context and validity of the data, means the tracing of data from generation to the analysis process and applications [34]. For the traceability of CTI data, metainformation of data-collection channels, environmental characteristics, and threat information should be configured together with enough strength of integrity fo the data.…”

Section: Traceabilitymentioning

confidence: 99%

“…A CTI system that uses open sources as the data-collection channel has the risk of noise data. Noise data are defined as useless or unusable data or data intentionally modified by an attacker [34]. This definition of noise data means that the malicious contribution through noise data could be conducted not only by the attacker, but also occasionally by the normal user.…”

Section: Normal and Malicious Contributormentioning

confidence: 99%

See 1 more Smart Citation

BLOCIS: Blockchain-Based Cyber Threat Intelligence Sharing Framework for Sybil-Resistance

Gong

Lee

2020

Electronics

Self Cite

View full text Add to dashboard Cite

The convergence of fifth-generation (5G) communication and the Internet-of-Things (IoT) has dramatically increased the diversity and complexity of the network. This change diversifies the attacker’s attack vectors, increasing the impact and damage of cyber threats. Cyber threat intelligence (CTI) technology is a proof-based security system which responds to these advanced cyber threats proactively by analyzing and sharing security-related data. However, the performance of CTI systems can be significantly compromised by creating and disseminating improper security policies if an attacker intentionally injects malicious data into the system. In this paper, we propose a blockchain-based CTI framework that improves confidence in the source and content of the data and can quickly detect and eliminate inaccurate data for resistance to a Sybil attack. The proposed framework collects CTI by a procedure validated through smart contracts and stores information about the metainformation of data in a blockchain network. The proposed system ensures the validity and reliability of CTI data by ensuring traceability to the data source and proposes a system model that can efficiently operate and manage CTI data in compliance with the de facto standard. We present the simulation results to prove the effectiveness and Sybil-resistance of the proposed framework in terms of reliability and cost to attackers.

show abstract

“…Bu analiz belirli ağ algoritmaları üzerinden sınıflandırma yaparak ağ sistemini grafiklere dökerek hangi düğümün belirlenmesi gerektiğini tespit eder. Ayrıca karşılaştırma yaparak en önemli düğüm tespit edilir [20]. Bu en önemli düğüm tespiti çeşitli ağ algoritmaları kullanılarak hesaplanmaktadır.…”

Section: Abstract: Open Source Intelligence Security Osint Attack unclassified

Açık Kaynak İstihbaratı Üzerinden Siber Saldırı Tespiti Yöntemleri

Ekşim¹,

Kara²

2019

Düzce Üniversitesi Bilim Ve Teknoloji Dergisi

View full text Add to dashboard Cite

Son yıllarda siber suçun gittikçe büyüyen etkisi, siber tehditlerin üstesinden gelmek için dünya çapında istihbarat ve kanun uygulayıcı kurumlar ortaya çıkartmıştır. Tüm kurum ve kuruluşlar siber suçla en iyi şekilde nasıl mücadele edileceğini öğrenmeye çalışmaktadır. İnternet ağ teknolojilerinin gelişmesi ve genişlemesi ile siber saldırıları engellemek gittikçe zorlaşmaktadır. Ağdaki tehlikeli hedeflerin kapsamlı bir analizini oluşturmak için internette açık halde bulunan verileri toplayarak istihbarat elde etmek, istihbarat birimleri için önemli bir araç olarak hızla gelişmektedir. İnternetteki mevcut açık kaynakların miktarı hızla arttıkça, siber suçla mücadele gelişen açık kaynak istihbaratı yani OSINT yöntemleri çerçevesinde daha etkin olmaktadır. Buna bağlı olarak bilginin etkili ve verimli bir şekilde toplanması ve işlenmesi için gelişmiş yazılım araçları ve teknikleri daha da gelişmektedir. Bu çalışmada, OSINT kavramı siber saldırı tespiti için her açıdan ele alınmıştır. OSINT kavramını internet ortamında kamuya açık paylaşılan veriler üzerinden tarama, bulma, toplama, çıkarma, kullanma, doğrulama ve analiz yaparak elde etme amaçlı destek yöntemleri detaylandırılarak anlatılmıştır. Siber tehditlere karşı geliştiren araştırmalar için açık kaynak verilerinin kullanılmasına yönelik mevcut çabalar gözden geçirilmiş ve detaylı bir şekilde incelenmiştir. Bunlara ek olarak, siber suçlarla etkin mücadele için siber suç soruşturma çerçevesi önerilmiştir.

show abstract

A Reliability Comparison Method for OSINT Validity Analysis

Cited by 19 publications

References 12 publications

The Not Yet Exploited Goldmine of OSINT: Opportunities, Open Challenges and Future Trends

The Not Yet Exploited Goldmine of OSINT: Opportunities, Open Challenges and Future Trends

BLOCIS: Blockchain-Based Cyber Threat Intelligence Sharing Framework for Sybil-Resistance

Açık Kaynak İstihbaratı Üzerinden Siber Saldırı Tespiti Yöntemleri

Contact Info

Product

Resources

About