Machine Learning Can Use Tweets To Spot Critical Security Flaws (wired.com) 13
Researchers at Ohio State University, the security company FireEye, and research firm Leidos last week published a paper [PDF] describing a new system that reads millions of tweets for mentions of software security vulnerabilities, and then, using their machine-learning-trained algorithm, assessed how much of a threat they represent based on how they're described. From a report: They found that Twitter can not only predict the majority of security flaws that will show up days later on the National Vulnerability Database -- the official register of security vulnerabilities tracked by the National Institute of Standards and Technology -- but that they could also use natural language processing to roughly predict which of those vulnerabilities will be given a "high" or "critical" severity rating with better than 80 percent accuracy.
"We think of it almost like Twitter trending topics," says Alan Ritter, an Ohio State professor who worked on the research and will be presenting it at the North American Chapter of the Association for Computational Linguistics in June. "These are trending vulnerabilities." A work-in-progress prototype they've put online, for instance, surfaces tweets from the last week about a fresh vulnerability in MacOS known as "BuggyCow," as well as an attack known as SPOILER that could allow webpages to exploit deep-seated vulnerabilities in Intel chips. Neither of the attacks, which the researchers' Twitter scanner labeled "probably severe," has shown up yet in the National Vulnerability Database.
"We think of it almost like Twitter trending topics," says Alan Ritter, an Ohio State professor who worked on the research and will be presenting it at the North American Chapter of the Association for Computational Linguistics in June. "These are trending vulnerabilities." A work-in-progress prototype they've put online, for instance, surfaces tweets from the last week about a fresh vulnerability in MacOS known as "BuggyCow," as well as an attack known as SPOILER that could allow webpages to exploit deep-seated vulnerabilities in Intel chips. Neither of the attacks, which the researchers' Twitter scanner labeled "probably severe," has shown up yet in the National Vulnerability Database.
News Sites (Score:3)
The BuggyCow vulnerability was been pretty broadly covered by the news which is probably the source that people on twitter are looking at. Wouldn't scanning news sites?
Anyone who has observed or worked with NIST/Mitre would know their process is often slow so its hardly shocking that there are news stories before the CVEs are marked as disclosed.
in the US, tweets = security failure (Score:1)
at least regarding the Chief Birdplop
The other side of the blade. (Score:2)
I could use tweets to sabotage a program.
Days of Our Lives while The Truth Boots (Score:2)
The National Vulnerability Database is by design a lagging indicator: not lagging by great expanses of time, but lagging enough for the truth to pull its boots on.
A Lie Can Travel Halfway Around the World While the Truth Is Putting On Its Shoes [quoteinvestigator.com]
This is demented (Score:2)
Seriously, I get that the AI hype is good for business, but this is just plain stupid. Either it does not work at all, or it does only work long after the fact when a lot of people have been hit, making it completely worthless.
It is spotting people talk about known vulns (Score:1)
So they trained a classifier to recognize when people discuss about new vulnerabilities that have been reported. Oh wow, when will this hype about machine learning come to sense?
This is no different from N other recent machine learning applications. You label some tweets as discussing a topic, feed them to a supervised learner and ooh it can classify text. It is not finding unknown new vulnerabilities in tweets. Unless some dumbass cybercriminal masterminds discuss their zero-days public on twitter.
Is it safe? (Score:1)