Processing tweets for cybersecurity threat awareness

作者：

Highlights：

• This paper presents SYNAPSE, a threat intelligence tool designed for use in Security Operation Centres.

• SYNAPSE accurately selects cybersecurity-relevant tweets, and aggregates them by specific threat.

• The use of stream clustering techniques provides an overview of the current threat landscape.

• SYNAPSE was integrated with Security Operation Centres used by industrial partners, and we provide highlights of one integration.

摘要

•This paper presents SYNAPSE, a threat intelligence tool designed for use in Security Operation Centres.•SYNAPSE accurately selects cybersecurity-relevant tweets, and aggregates them by specific threat.•The use of stream clustering techniques provides an overview of the current threat landscape.•SYNAPSE was integrated with Security Operation Centres used by industrial partners, and we provide highlights of one integration.

论文关键词：Threat intelligence,Threat discovery,OSINT,Twitter,Machine learning,Stream clustering

论文评审过程：Received 20 April 2020, Revised 24 June 2020, Accepted 27 June 2020, Available online 4 July 2020, Version of Record 25 August 2020.

论文官网地址：https://doi.org/10.1016/j.is.2020.101586