Text Mining in Cybersecurity: Exploring Threats and Opportunities

Text Mining in Cybersecurity: Exploring Threats and Opportunities

The number of cyberattacks on organizations is growing. To increase cyber resilience, organizations need to obtain foresight to anticipate cybersecurity vulnerabilities, developments, and potential threats. This paper describes a tool that combines state of the art text mining and information retrie...

Full description

Bibliographic Details
Main Authors: Maaike H. T. de Boer, Babette J. Bakker, Erik Boertjes, Mike Wilmer, Stephan Raaijmakers, Rick van der Kleij
Format: Article
Language:English
Published: MDPI AG 2019-09-01
Series:Multimodal Technologies and Interaction
Subjects:
information retrieval
foresight
digital crime
cyber security
cyber resilience
trend analysis
Online Access:https://www.mdpi.com/2414-4088/3/3/62
id doaj-8f44bc2dca134886a79c2ecaf7d8c698
record_format Article
spelling doaj-8f44bc2dca134886a79c2ecaf7d8c6982020-11-25T01:30:59ZengMDPI AGMultimodal Technologies and Interaction2414-40882019-09-01336210.3390/mti3030062mti3030062Text Mining in Cybersecurity: Exploring Threats and OpportunitiesMaaike H. T. de Boer0Babette J. Bakker1Erik Boertjes2Mike Wilmer3Stephan Raaijmakers4Rick van der Kleij5Data Science, TNO, 2592 DA The Hague, The NetherlandsStrategy and Policy, TNO, 2592 DA The Hague, The NetherlandsBloomingData, 2512 XA The Hague, The NetherlandsData Science, TNO, 2592 DA The Hague, The NetherlandsData Science, TNO, 2592 DA The Hague, The NetherlandsHuman Behavior and Organisational Innovations, TNO, P.O. Box 23, 3769 ZG Soesterberg, The NetherlandsThe number of cyberattacks on organizations is growing. To increase cyber resilience, organizations need to obtain foresight to anticipate cybersecurity vulnerabilities, developments, and potential threats. This paper describes a tool that combines state of the art text mining and information retrieval techniques to explore the opportunities of using these techniques in the cybersecurity domain. Our tool, the Horizon Scanner, can scrape and store data from websites, blogs and PDF articles, and search a database based on a user query, show textual entities in a graph, and provide and visualize potential trends. The aim of the Horizon Scanner is to help experts explore relevant data sources for potential threats and trends and to speed up the process of foresight. In a requirements session and user evaluation of the tool with cyber experts from the Dutch Defense Cyber Command, we explored whether the Horizon Scanner tool has the potential to fulfill its aim in the cybersecurity domain. Although the overall evaluation of the tool was not as good as expected, some aspects of the tool were found to have added value, providing us with valuable insights into how to design decision support for forecasting analysts.https://www.mdpi.com/2414-4088/3/3/62information retrievalforesightdigital crimecyber securitycyber resiliencetrend analysis
collection DOAJ
language English
format Article
sources DOAJ
author Maaike H. T. de Boer
Babette J. Bakker
Erik Boertjes
Mike Wilmer
Stephan Raaijmakers
Rick van der Kleij
spellingShingle Maaike H. T. de Boer
Babette J. Bakker
Erik Boertjes
Mike Wilmer
Stephan Raaijmakers
Rick van der Kleij
Text Mining in Cybersecurity: Exploring Threats and Opportunities
Multimodal Technologies and Interaction
information retrieval
foresight
digital crime
cyber security
cyber resilience
trend analysis
author_facet Maaike H. T. de Boer
Babette J. Bakker
Erik Boertjes
Mike Wilmer
Stephan Raaijmakers
Rick van der Kleij
author_sort Maaike H. T. de Boer
title Text Mining in Cybersecurity: Exploring Threats and Opportunities
title_short Text Mining in Cybersecurity: Exploring Threats and Opportunities
title_full Text Mining in Cybersecurity: Exploring Threats and Opportunities
title_fullStr Text Mining in Cybersecurity: Exploring Threats and Opportunities
title_full_unstemmed Text Mining in Cybersecurity: Exploring Threats and Opportunities
title_sort text mining in cybersecurity: exploring threats and opportunities
publisher MDPI AG
series Multimodal Technologies and Interaction
issn 2414-4088
publishDate 2019-09-01
description The number of cyberattacks on organizations is growing. To increase cyber resilience, organizations need to obtain foresight to anticipate cybersecurity vulnerabilities, developments, and potential threats. This paper describes a tool that combines state of the art text mining and information retrieval techniques to explore the opportunities of using these techniques in the cybersecurity domain. Our tool, the Horizon Scanner, can scrape and store data from websites, blogs and PDF articles, and search a database based on a user query, show textual entities in a graph, and provide and visualize potential trends. The aim of the Horizon Scanner is to help experts explore relevant data sources for potential threats and trends and to speed up the process of foresight. In a requirements session and user evaluation of the tool with cyber experts from the Dutch Defense Cyber Command, we explored whether the Horizon Scanner tool has the potential to fulfill its aim in the cybersecurity domain. Although the overall evaluation of the tool was not as good as expected, some aspects of the tool were found to have added value, providing us with valuable insights into how to design decision support for forecasting analysts.
topic information retrieval
foresight
digital crime
cyber security
cyber resilience
trend analysis
url https://www.mdpi.com/2414-4088/3/3/62
work_keys_str_mv AT maaikehtdeboer textminingincybersecurityexploringthreatsandopportunities
AT babettejbakker textminingincybersecurityexploringthreatsandopportunities
AT erikboertjes textminingincybersecurityexploringthreatsandopportunities
AT mikewilmer textminingincybersecurityexploringthreatsandopportunities
AT stephanraaijmakers textminingincybersecurityexploringthreatsandopportunities
AT rickvanderkleij textminingincybersecurityexploringthreatsandopportunities
_version_ 1725088525386252288

Similar Items