A Study on Building a Cyber At tack Database using Open Source Intelligence (OSINT)

Shin, Kyuyong; 컴퓨터과학과, 육군사관학교; Yoo, Jincheol; Han, Changhee; Kim, KyoungMin; Kang, Seol-Jung; Moon, Myung-Sang; Lee, Jongkwan

doi:10.33778/kcsa.2019.19.2.113

Cited by 3 publications

(3 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Regarding cybersecurity, the aspect of using data collected by OSINT could be viewed as a two-edged sword [25]. If the data collected by OSINT were used in the positive aspect, a considerable amount of data could be obtained compared to secret intelligence data, and on this basis, trends and situations of enemy countries or countries where there were no spies could be examined [2,3]. Furthermore, if data collected by OSINT were used properly in the security aspect, cybercrimes, such as cyber security threats and cyber terrorism activities, that might occur in cyberspace could be prevented in advance.…”

Section: Importance Of Osint For Cybersecuritymentioning

confidence: 99%

See 1 more Smart Citation

Current Status and Security Trend of OSINT

Hwang

Lee

Kim

et al. 2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

Recently, users have used open-source intelligence (OSINT) to gather and obtain information regarding the data of interest. The advantage of using data gathered by OSINT is that security threats arising in cyberspace can be addressed. However, if a user uses data collected by OSINT for malicious purposes, information regarding the target of an attack can be gathered, which may lead to various cybercrimes, such as hacking, malware, and a denial-of-service attack. Therefore, from a cybersecurity point of view, it is important to positively use the data gathered by OSINT in a positive manner. If exploited in a negative manner, it is important to prepare countermeasures that can minimize the damage caused by cybercrimes. In this paper, the current status and security trends of OSINT will be explained. Specifically, we present security threats and cybercrimes that may occur if data gathered by OSINT are exploited by malicious users. Furthermore, to solve this problem, we propose security requirements that can be applied to the OSINT environment. The proposed security requirements are necessary for securely gathering and storing data in the OSINT environment and for securely accessing and using the data collected by OSINT. The goal of the proposed security requirements is to minimize the damage when cybercrimes occur in the OSINT environment.

show abstract

Section: Importance Of Osint For Cybersecuritymentioning

confidence: 99%

“…(ii) On the negative side, data gathered by OSINT becomes the basis for attackers to create cybersecurity threats. In other words, an attacker can set a target to attack based on data, and after gathering related information, they can engage in various cybercrimes, such as hacking, malware, and denial-of-service (DoS) attacks [3].…”

Section: Introductionmentioning

confidence: 99%

Current Status and Security Trend of OSINT

Hwang

Lee

Kim

et al. 2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

show abstract

“…After opening a malicious code distribution site, the attacker hacks the website of the destination and inserts the distribution site URL to infect the malicious code by inducing the visitor to access the destination to the distribution site without knowing. Detection of stopovers is becoming increasingly difficult because they mainly target websites with high user visits, such as portals, blogs, and bulletin boards, and obfuscate and conceal malicious code within the stopover hacked by the attacker [1]. As a result, there is an increasing demand for measuring the security threat of websites.…”

Section: Introductionmentioning

confidence: 99%

A Study on the Measuring Methods of Website Security Risk Rate

Lee

2023

Applied Sciences

View full text Add to dashboard Cite

Traditionally, website security risks are measured using static analysis based on patterns and dynamic analysis by accessing websites with user devices. Recently, similarity hash-based website security risk analysis and machine learning-based website security risk analysis methods have been proposed. In this study, we propose a technique to measure website risk by collecting public information on the Internet. Publicly available DNS information, IP information, and website reputation information were used to measure security risk. Website reputation information includes global traffic rankings, malware distribution history, and HTTP access status. In this study, we collected public information on a total of 2000 websites, including 1000 legitimate domains and 1000 malicious domains, to assess their security risk. We evaluated 11 categories of public information collected by the Korea Internet & Security Agency, an international domain registrar. Through this study, public information about websites can be collected and used to measure website security risk.

show abstract

A Study on the Measuring Methods of Websites Security Risk Rate

Lee

2023

Preprint

View full text Add to dashboard Cite

Static and dynamic analysis of website security risks is generally used for website security meas-urements. The website security measurements method recently proposed includes similarity hash-based website security risk analysis and machine learning-based website security risk anal-ysis. In this study, a method that can be performed through information disclosed on the Internet was proposed to measure the risk of a website. DNS information, IP information, and website history information are required to measure the risk of a website. In addition, global traffic rank-ing, malicious code distribution history, and HTTP access status can be checked in the website history information. In this study, information related to the security risk of websites in a total of 2,000 domains was collected and analyzed in 1,000 normal and malicious domains. Through the experiment results, 11 open information collection items were selected to measure the security risk of the website. This study presented the possibility of using public information collection to measure website security risk.

show abstract

A Study on Building a Cyber At tack Database using Open Source Intelligence (OSINT)

Cited by 3 publications

References 0 publications

Current Status and Security Trend of OSINT

Current Status and Security Trend of OSINT

A Study on the Measuring Methods of Website Security Risk Rate

A Study on the Measuring Methods of Websites Security Risk Rate

Contact Info

Product

Resources

About