Existing web and social media content when treated as research data, allow high-impact, data-driven research. Online anonymity, multilingual challenges, hacker community culture, and the sheer volume of online messages contributed by the diverse cyber citizens all make cyber content analysis an essential yet strenuous research endeavor.
- Continuous data/events from
- application and network layer
- Technology configuration data
- P2P Monitoring
- Human Intelligence
- Email threats
- Vulnerability data
- Security alert data
- Fraud data
- Real-time Criminal surveillance
- Social Media and Open Source data
- Hash database
- Intelligence community database
- Deep dark Web database
- Web crawling
- GeoIP data
Advanced Distribution Intelligence
Researchers in the AI Lab have developed techniques for the automated collection of multilingual hacker forums, Internet Relay Chat (IRC) from international (U.S., Russian and Chinese) hacker communities and geopolitical information (e.g., locations). We have also deployed scalable honeypot platforms to collect malware in the wild and generate feature representation for malware attribution. We leveraged our extensive experience in social media analytics from Dark Web research.
Manual collection methods are deployed for emerging cybersecurity research and news and other security vectors. Collected data is scrubbed and transformed for usage in a various analysis.
This integrated computational framework and its associated algorithms and software allow researchers and practitioners to:
- Detect, classify, measure and track the concepts in cyber attacker social media communication
- Identify important and influential cyber criminals and their interests, intent, sentiment, and opinions in online discourses
- Deduce and recognize hacker identities, online profiles/styles, communication genres, and interaction patterns
The ADI(Advanced Distribution Intelligence) platform then alerts Unified threat Vault365, Audit and compliance platforms and/or any 3rd party security platforms with detailed information regarding the threat.