Cyberattack detection model using community detection and text analysis on social media

Online social media such as Twitter has been used as an important source for predicting, detecting, or analyzing critical social phenomena such as elections, disease outbreaks, and cyberattacks. In this study, we propose a cyberattack detection model on social media. First, we conduct community dete...

Full description

Bibliographic Details
Main Authors: Jeong-Ha Park, Hyuk-Yoon Kwon
Format: Article
Language:English
Published: Elsevier 2022-12-01
Series:ICT Express
Subjects:
Online Access:http://www.sciencedirect.com/science/article/pii/S2405959521001685
Description
Summary:Online social media such as Twitter has been used as an important source for predicting, detecting, or analyzing critical social phenomena such as elections, disease outbreaks, and cyberattacks. In this study, we propose a cyberattack detection model on social media. First, we conduct community detection of users related to cyberattacks on Twitter to identify the most relevant group to the cyberattacks. Second, to effectively identify the tweets related to cyberattacks, we conduct a textual similarity analysis between the tweet and the cyberattack relevant keywords, which overcomes the limitation of lexical analysis of tweets such as keyword-based filtering and frequency of keywords. Finally, we propose a novel cyberattack detection model by integrating both text- and graph-based models. Our methodology has a distinguishing feature from the existing studies in that we incorporate the semantics in Tweets to evaluate the relevance with cyberattacks and employ community detection to identify the most relevant group to the cyberattacks. Through extensive experiments, we show the effectiveness of the proposed model. First, we show that the text analysis in the proposed model outperforms detection accuracy of the keyword frequency-based analysis by up to 29.46%. Second, the community detection improves the detection accuracy by 28.89∼35.56% compared to the baseline criteria to select relevant users to the cyberattacks. Through two experiments to measure the relevancy of detected communities to the cyberattack, the results consistently show that the highest relevant community by our community detection shows the highest relevancy.
ISSN:2405-9595