Analysis of Trending Topics and Text-based Channels of Information Delivery in Cybersecurity

@article{Wu2020AnalysisOT,
  title={Analysis of Trending Topics and Text-based Channels of Information Delivery in Cybersecurity},
  author={Tingmin Wu and Wanlun Ma and Sheng Wen and Xin Xia and Cecile Paris and Surya Nepal and Yang Xiang},
  journal={ACM Transactions on Internet Technology (TOIT)},
  year={2020},
  volume={22},
  pages={1 - 27}
}
Computer users are generally faced with difficulties in making correct security decisions. While an increasingly fewer number of people are trying or willing to take formal security training, online sources including news, security blogs, and websites are continuously making security knowledge more accessible. Analysis of cybersecurity texts from this grey literature can provide insights into the trending topics and identify current security issues as well as how cyber attacks evolve over time… 
1 Citations

References

SHOWING 1-10 OF 162 REFERENCES

What risk? I don't understand. An Empirical Study on Users' Understanding of the Terms Used in Security Texts

A framework to build a user-oriented security-centric dictionary from multiple sources was developed and a tool as a service to detect technical terms and explain their meanings to the user in pop-ups showed that it could increase users' ability to understand security articles by 30%.

Acing the IOC Game: Toward Automatic Discovery and Analysis of Open-Source Cyber Threat Intelligence

By correlating the IOCs mined from the articles published over a 13-year span, this study sheds new light on the links across hundreds of seemingly unrelated attack instances, particularly their shared infrastructure resources, as well as the impacts of such open-source threat intelligence on security protection and evolution of attack strategies.

"If It's Important It Will Be A Headline": Cybersecurity Information Seeking in Older Adults

A cybersecurity information access framework is developed that finds that older users prioritise social resources based on availability, rather than cybersecurity expertise, and that they avoid using the Internet for cybersecurity information searches despite using it for other domains.

Detecting Denial-of-Service Attacks from Social Media Text: Applying NLP to Computer Security

This paper describes a novel application of NLP models to detect denial of service attacks using only social media as evidence, and presents experiments on the largest twitter DDoS corpus to date, and concludes with an analysis of public reactions based on the learned model’s output.

Cyber Threat Intelligence – Issue and Challenges

It is found that both organization and vendors lack a complete understanding of what information is considered to be CTI, hence more research is needed in order to define CTI.

"...No one Can Hack My Mind": Comparing Expert and Non-Expert Security Practices

A study which aims to identify which practices people do that they consider most important at protecting their security online, and shows a discrepancy between the security practices that experts and non-experts report taking.

How I Learned to be Secure: a Census-Representative Survey of Security Advice Sources and Behavior

Evidence of a "digital divide" in security is found: the advice sources of users with higher skill levels and socioeconomic status differ from those with fewer resources, which may add to the vulnerability of already disadvantaged users.
...