pic

Unified Threat Intel &

ADI Dataflow

Existing web and social media content when treated as research data, allow high-impact, data-driven research. Online anonymity, multilingual challenges, hacker community culture, and the sheer volume of online messages contributed by the diverse cyber citizens all make cyber content analysis an essential yet strenuous research endeavor.

  • Malware
  • Honeypots
  • Continuous data/events from
  • application and network layer
  • Technology configuration data
  • P2P Monitoring
Proactive Measure Feeds
  • Sandboxes
  • Human Intelligence
  • Email threats
  • Vulnerability data
  • Security alert data
  • Fraud data
Internal threat feeds
  • Real-time Criminal surveillance
  • Social Media and Open Source data
  • Hash database
  • Intelligence community database
  • Deep dark Web database
  • Web crawling
  • GeoIP data
External threat feeds

Advanced Distribution Intelligence

Vault365 platform
3rd Party security platforms
IOE Authenticity and Integrity
DDoS
IoT
APT
Malware
Ransomware & Fraud
Risk scoring & detailed alerts
Audit and Compliance

Researchers in the AI Lab have developed techniques for the automated collection of multilingual hacker forums, Internet Relay Chat (IRC) from international (U.S., Russian and Chinese) hacker communities and geopolitical information (e.g., locations). We have also deployed scalable honeypot platforms to collect malware in the wild and generate feature representation for malware attribution. We leveraged our extensive experience in social media analytics from Dark Web research.

Manual collection methods are deployed for emerging cybersecurity research and news and other security vectors. Collected data is scrubbed and transformed for usage in a various analysis.

This integrated computational framework and its associated algorithms and software allow researchers and practitioners to:

  • Detect, classify, measure and track the concepts in cyber attacker social media communication
  • Identify important and influential cyber criminals and their interests, intent, sentiment, and opinions in online discourses
  • Deduce and recognize hacker identities, online profiles/styles, communication genres, and interaction patterns

The ADI(Advanced Distribution Intelligence) platform then alerts Unified threat Vault365, Audit and compliance platforms and/or any 3rd party security platforms with detailed information regarding the threat.