Security information sharing via Twitter: 'Heartbleed' as a case study

Jeske, Debora; McNeill, Andrew; Coventry, Lynne; Briggs, Pam

doi:10.1504/ijwbc.2017.084384

Cited by 2 publications

(2 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This would make Stegaid far more secure in that data is hidden but if discovered, still encrypted. Given recent developments with the Heartbleed bug in OpenSSL (Jeske et al, 2017;Harran et al, 2017) it makes sense to have an additional level of security beyond encryption.…”

Section: Discussionmentioning

confidence: 99%

Text based steganography

Lockwood

Curran

2017

IJIPSI

View full text Add to dashboard Cite

Steganography is the art of hiding information within other less conspicuous information to prevent eavesdropping by way of hiding its existence in the first place. Image based steganography is the most common form but text based steganography can also be used. Text based steganography can be generally classified as format based, linguistic and random/statistical generation. In general, random and statistical generated methods create a cover text but do not necessarily make semantic sense; that is, the subject matter of each sentence has little or no relation to the next sentence. Linguistic steganography can use natural language processing to hide information but again is still subject to analysis particularly if the basis for the cover text is an existing document. Here, we examine the leading methods of text based steganography. We evaluate a variety of steganographic techniques including open space encoding, synonym replacement, UK/US English translation algorithm and Wayner's Mimic Functions using five benchmarks which compare speed, capacity, complexity, compromisability and size. We find that the best methods to hide information should not use a single scheme, but a hybrid of many schemes. In order to further hide information, text should be compressed, encrypted and then hidden in a cover document.

show abstract

Section: Discussionmentioning

confidence: 99%

Text based steganography

Lockwood

Curran

2017

IJIPSI

View full text Add to dashboard Cite

show abstract

“…Apart from spam abuse and security information detection, Twitter was used as an information source for empirical investigations in the field of information security. For example, Jeske et al [17] examined the extent to which specific communities of Twitter users were engaged in the debate about the Heartbleed security bug. Moreover, Syed et al [34] conducted an empirical study to identify the major content categories contained in vulnerability discussions on Twitter and what factors impact the Re-tweeting of these contents.…”

Section: Related Workmentioning

confidence: 99%

The Tweet Advantage: An Empirical Analysis of 0-Day Vulnerability Information Shared on Twitter

Sauerwein

Sillaber

Huber

et al. 2018

ICT Systems Security and Privacy Protection

View full text Add to dashboard Cite

In the last couple of years, the number of software vulnerabilities and corresponding incidents increased significantly. In order to stay up-to-date about these new emerging threats, organizations have demonstrated an increased willingness to exchange information and knowledge about vulnerabilities, threats, incidents and countermeasures. Apart from dedicated sharing platforms or databases, information on vulnerabilities is frequently shared on Twitter and other social media platforms. So far, little is known about the obtainable time advantage of vulnerability information shared on social media platforms. To close this gap, we identified 709,880 relevant Tweets and subsequently analyzed them. We found that information with high relevance for affected organizations is shared on Twitter often long before any official announcement or patch has been made available by vendors. Twitter is used as a crowdsourcing platform by security experts aggregating vulnerability information and referencing a multitude of public available webpages in their Tweets. Vulnerability information shared on Twitter can improve organizations reaction to newly discovered vulnerabilities and therefore help mitigating threats.

show abstract

Security information sharing via Twitter: 'Heartbleed' as a case study

Cited by 2 publications

References 26 publications

Text based steganography

Text based steganography

The Tweet Advantage: An Empirical Analysis of 0-Day Vulnerability Information Shared on Twitter

Contact Info

Product

Resources

About