The SAINT observatory subsystem: an open-source intelligence tool for uncovering cybersecurity threats

Data from Online Social Networks, search engines, and the World Wide Web are forms of unstructured knowledge that are not regularly used in cybersecurity systems. The main reason for the reluctance to utilize them is the difficulty to process them effectively and extract valuable information. In thi...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	International journal of information security 2022-10, Vol.21 (5), p.1091-1106
Hauptverfasser:	Vlachos, Vasileios, Stamatiou, Yannis C., Tzamalis, Pantelis, Nikoletseas, Sotiris
Format:	Artikel
Sprache:	eng
Schlagworte:	Coding and Information Theory Communications Engineering Computer Communication Networks Computer Science Cryptology Cybersecurity Intelligence gathering Management of Computing and Information Systems Networks Observatories Open source software Operating Systems Regular Contribution Search engines Social networks Structured data Subsystems Threat evaluation
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	1106
container_issue	5
container_start_page	1091
container_title	International journal of information security
container_volume	21
creator	Vlachos, Vasileios Stamatiou, Yannis C. Tzamalis, Pantelis Nikoletseas, Sotiris
description	Data from Online Social Networks, search engines, and the World Wide Web are forms of unstructured knowledge that are not regularly used in cybersecurity systems. The main reason for the reluctance to utilize them is the difficulty to process them effectively and extract valuable information. In this paper, we present the Systemic Analyzer In Network Threats (SAINT) Observatory Subsystem or SAINToS for short, a novel platform for the acquisition and analysis of Open-Source Intelligence feeds. The proposed framework integrates different information pools to create a supplementary view of the evolving cybercriminal activity. The aim of SAINToS, is to provide additional models, methodologies, and mechanisms to enrich existing cybersecurity analysis. As a significant amount of related information is not standardized in the form of structured data tables or machine-processable formats (e.g., XML or JSON), secondary data sources, such as social networks and blogs, are expected to expand the scope and effectiveness of existing approaches. The emphasis of this work, is placed on the harmonization and visualization of data from different sources. As a result, these sources can be better understood and reused. In addition, the SAINToS, besides its standalone functionality and capabilities, can provide input, in standard formats, to additional major threat intelligence platforms.
doi_str_mv	10.1007/s10207-022-00599-2
format	Article
fullrecord	<record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2717191725</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2717191725</sourcerecordid><originalsourceid>FETCH-LOGICAL-c319t-d1eed52f21db6a65f5cd948544659260237fd0dd1370e5ec7a92f78b15e2496d3</originalsourceid><addsrcrecordid>eNp9kE9PwzAMxSMEEmPwBThF4lxI3KZZuE0TfyYhODDOUds4W6euGUk6qd-ejiK4cbItvfds_wi55uyWMybvAmfAZMIAEsaEUgmckAnPuUgESHb62-dwTi5C2DIGnCk-IXa1Qfo-X76uqCsD-kMRne9p6MrQh4i7e1q01O2xTYLrfIW0biM2Tb3Gdhiicw21ztOurdwBfd2uadWX6ANWna9jT-PGYxHDJTmzRRPw6qdOycfjw2rxnLy8PS0X85ekSrmKieGIRoAFbsq8yIUVlVHZTGRZLhTkDFJpDTOGp5KhwEoWCqyclVwgZCo36ZTcjLl77z47DFFvh7PbYaUGySVXXIIYVDCqKu9C8Gj13te7wveaM33kqUeeeuCpv3lqGEzpaAr745_o_6L_cX0Bn7V5rA</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2717191725</pqid></control><display><type>article</type><title>The SAINT observatory subsystem: an open-source intelligence tool for uncovering cybersecurity threats</title><source>SpringerLink Journals</source><source>Business Source Complete</source><creator>Vlachos, Vasileios ; Stamatiou, Yannis C. ; Tzamalis, Pantelis ; Nikoletseas, Sotiris</creator><creatorcontrib>Vlachos, Vasileios ; Stamatiou, Yannis C. ; Tzamalis, Pantelis ; Nikoletseas, Sotiris</creatorcontrib><description>Data from Online Social Networks, search engines, and the World Wide Web are forms of unstructured knowledge that are not regularly used in cybersecurity systems. The main reason for the reluctance to utilize them is the difficulty to process them effectively and extract valuable information. In this paper, we present the Systemic Analyzer In Network Threats (SAINT) Observatory Subsystem or SAINToS for short, a novel platform for the acquisition and analysis of Open-Source Intelligence feeds. The proposed framework integrates different information pools to create a supplementary view of the evolving cybercriminal activity. The aim of SAINToS, is to provide additional models, methodologies, and mechanisms to enrich existing cybersecurity analysis. As a significant amount of related information is not standardized in the form of structured data tables or machine-processable formats (e.g., XML or JSON), secondary data sources, such as social networks and blogs, are expected to expand the scope and effectiveness of existing approaches. The emphasis of this work, is placed on the harmonization and visualization of data from different sources. As a result, these sources can be better understood and reused. In addition, the SAINToS, besides its standalone functionality and capabilities, can provide input, in standard formats, to additional major threat intelligence platforms.</description><identifier>ISSN: 1615-5262</identifier><identifier>EISSN: 1615-5270</identifier><identifier>DOI: 10.1007/s10207-022-00599-2</identifier><language>eng</language><publisher>Berlin/Heidelberg: Springer Berlin Heidelberg</publisher><subject>Coding and Information Theory ; Communications Engineering ; Computer Communication Networks ; Computer Science ; Cryptology ; Cybersecurity ; Intelligence gathering ; Management of Computing and Information Systems ; Networks ; Observatories ; Open source software ; Operating Systems ; Regular Contribution ; Search engines ; Social networks ; Structured data ; Subsystems ; Threat evaluation</subject><ispartof>International journal of information security, 2022-10, Vol.21 (5), p.1091-1106</ispartof><rights>The Author(s), under exclusive licence to Springer-Verlag GmbH, DE 2022. Springer Nature or its licensor holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c319t-d1eed52f21db6a65f5cd948544659260237fd0dd1370e5ec7a92f78b15e2496d3</citedby><cites>FETCH-LOGICAL-c319t-d1eed52f21db6a65f5cd948544659260237fd0dd1370e5ec7a92f78b15e2496d3</cites><orcidid>0000-0002-8925-9427</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://link.springer.com/content/pdf/10.1007/s10207-022-00599-2$$EPDF$$P50$$Gspringer$$H</linktopdf><linktohtml>$$Uhttps://link.springer.com/10.1007/s10207-022-00599-2$$EHTML$$P50$$Gspringer$$H</linktohtml><link.rule.ids>314,780,784,27924,27925,41488,42557,51319</link.rule.ids></links><search><creatorcontrib>Vlachos, Vasileios</creatorcontrib><creatorcontrib>Stamatiou, Yannis C.</creatorcontrib><creatorcontrib>Tzamalis, Pantelis</creatorcontrib><creatorcontrib>Nikoletseas, Sotiris</creatorcontrib><title>The SAINT observatory subsystem: an open-source intelligence tool for uncovering cybersecurity threats</title><title>International journal of information security</title><addtitle>Int. J. Inf. Secur</addtitle><description>Data from Online Social Networks, search engines, and the World Wide Web are forms of unstructured knowledge that are not regularly used in cybersecurity systems. The main reason for the reluctance to utilize them is the difficulty to process them effectively and extract valuable information. In this paper, we present the Systemic Analyzer In Network Threats (SAINT) Observatory Subsystem or SAINToS for short, a novel platform for the acquisition and analysis of Open-Source Intelligence feeds. The proposed framework integrates different information pools to create a supplementary view of the evolving cybercriminal activity. The aim of SAINToS, is to provide additional models, methodologies, and mechanisms to enrich existing cybersecurity analysis. As a significant amount of related information is not standardized in the form of structured data tables or machine-processable formats (e.g., XML or JSON), secondary data sources, such as social networks and blogs, are expected to expand the scope and effectiveness of existing approaches. The emphasis of this work, is placed on the harmonization and visualization of data from different sources. As a result, these sources can be better understood and reused. In addition, the SAINToS, besides its standalone functionality and capabilities, can provide input, in standard formats, to additional major threat intelligence platforms.</description><subject>Coding and Information Theory</subject><subject>Communications Engineering</subject><subject>Computer Communication Networks</subject><subject>Computer Science</subject><subject>Cryptology</subject><subject>Cybersecurity</subject><subject>Intelligence gathering</subject><subject>Management of Computing and Information Systems</subject><subject>Networks</subject><subject>Observatories</subject><subject>Open source software</subject><subject>Operating Systems</subject><subject>Regular Contribution</subject><subject>Search engines</subject><subject>Social networks</subject><subject>Structured data</subject><subject>Subsystems</subject><subject>Threat evaluation</subject><issn>1615-5262</issn><issn>1615-5270</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2022</creationdate><recordtype>article</recordtype><sourceid>ABUWG</sourceid><sourceid>AFKRA</sourceid><sourceid>AZQEC</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><sourceid>GNUQQ</sourceid><recordid>eNp9kE9PwzAMxSMEEmPwBThF4lxI3KZZuE0TfyYhODDOUds4W6euGUk6qd-ejiK4cbItvfds_wi55uyWMybvAmfAZMIAEsaEUgmckAnPuUgESHb62-dwTi5C2DIGnCk-IXa1Qfo-X76uqCsD-kMRne9p6MrQh4i7e1q01O2xTYLrfIW0biM2Tb3Gdhiicw21ztOurdwBfd2uadWX6ANWna9jT-PGYxHDJTmzRRPw6qdOycfjw2rxnLy8PS0X85ekSrmKieGIRoAFbsq8yIUVlVHZTGRZLhTkDFJpDTOGp5KhwEoWCqyclVwgZCo36ZTcjLl77z47DFFvh7PbYaUGySVXXIIYVDCqKu9C8Gj13te7wveaM33kqUeeeuCpv3lqGEzpaAr745_o_6L_cX0Bn7V5rA</recordid><startdate>20221001</startdate><enddate>20221001</enddate><creator>Vlachos, Vasileios</creator><creator>Stamatiou, Yannis C.</creator><creator>Tzamalis, Pantelis</creator><creator>Nikoletseas, Sotiris</creator><general>Springer Berlin Heidelberg</general><general>Springer Nature B.V</general><scope>AAYXX</scope><scope>CITATION</scope><scope>0-V</scope><scope>3V.</scope><scope>7SC</scope><scope>7WY</scope><scope>7WZ</scope><scope>7XB</scope><scope>87Z</scope><scope>88F</scope><scope>8AL</scope><scope>8AM</scope><scope>8AO</scope><scope>8FD</scope><scope>8FE</scope><scope>8FG</scope><scope>8FK</scope><scope>8FL</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ALSLI</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BEZIV</scope><scope>BGLVJ</scope><scope>BGRYB</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>FRNLG</scope><scope>F~G</scope><scope>GNUQQ</scope><scope>HCIFZ</scope><scope>JQ2</scope><scope>K60</scope><scope>K6~</scope><scope>K7-</scope><scope>K7.</scope><scope>L.-</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>M0C</scope><scope>M0N</scope><scope>M0O</scope><scope>M1Q</scope><scope>P5Z</scope><scope>P62</scope><scope>PQBIZ</scope><scope>PQBZA</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>Q9U</scope><orcidid>https://orcid.org/0000-0002-8925-9427</orcidid></search><sort><creationdate>20221001</creationdate><title>The SAINT observatory subsystem: an open-source intelligence tool for uncovering cybersecurity threats</title><author>Vlachos, Vasileios ; Stamatiou, Yannis C. ; Tzamalis, Pantelis ; Nikoletseas, Sotiris</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c319t-d1eed52f21db6a65f5cd948544659260237fd0dd1370e5ec7a92f78b15e2496d3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2022</creationdate><topic>Coding and Information Theory</topic><topic>Communications Engineering</topic><topic>Computer Communication Networks</topic><topic>Computer Science</topic><topic>Cryptology</topic><topic>Cybersecurity</topic><topic>Intelligence gathering</topic><topic>Management of Computing and Information Systems</topic><topic>Networks</topic><topic>Observatories</topic><topic>Open source software</topic><topic>Operating Systems</topic><topic>Regular Contribution</topic><topic>Search engines</topic><topic>Social networks</topic><topic>Structured data</topic><topic>Subsystems</topic><topic>Threat evaluation</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Vlachos, Vasileios</creatorcontrib><creatorcontrib>Stamatiou, Yannis C.</creatorcontrib><creatorcontrib>Tzamalis, Pantelis</creatorcontrib><creatorcontrib>Nikoletseas, Sotiris</creatorcontrib><collection>CrossRef</collection><collection>ProQuest Social Sciences Premium Collection</collection><collection>ProQuest Central (Corporate)</collection><collection>Computer and Information Systems Abstracts</collection><collection>ABI/INFORM Collection</collection><collection>ABI/INFORM Global (PDF only)</collection><collection>ProQuest Central (purchase pre-March 2016)</collection><collection>ABI/INFORM Global (Alumni Edition)</collection><collection>Military Database (Alumni Edition)</collection><collection>Computing Database (Alumni Edition)</collection><collection>Criminal Justice Database (Alumni Edition)</collection><collection>ProQuest Pharma Collection</collection><collection>Technology Research Database</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>ProQuest Central (Alumni) (purchase pre-March 2016)</collection><collection>ABI/INFORM Collection (Alumni Edition)</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>Social Science Premium Collection</collection><collection>Advanced Technologies & Aerospace Collection</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Business Premium Collection</collection><collection>Technology Collection</collection><collection>Criminology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>Business Premium Collection (Alumni)</collection><collection>ABI/INFORM Global (Corporate)</collection><collection>ProQuest Central Student</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Computer Science Collection</collection><collection>ProQuest Business Collection (Alumni Edition)</collection><collection>ProQuest Business Collection</collection><collection>Computer Science Database</collection><collection>ProQuest Criminal Justice (Alumni)</collection><collection>ABI/INFORM Professional Advanced</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>ABI/INFORM Global</collection><collection>Computing Database</collection><collection>Criminal Justice Database</collection><collection>Military Database</collection><collection>Advanced Technologies & Aerospace Database</collection><collection>ProQuest Advanced Technologies & Aerospace Collection</collection><collection>ProQuest One Business</collection><collection>ProQuest One Business (Alumni)</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central Basic</collection><jtitle>International journal of information security</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Vlachos, Vasileios</au><au>Stamatiou, Yannis C.</au><au>Tzamalis, Pantelis</au><au>Nikoletseas, Sotiris</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>The SAINT observatory subsystem: an open-source intelligence tool for uncovering cybersecurity threats</atitle><jtitle>International journal of information security</jtitle><stitle>Int. J. Inf. Secur</stitle><date>2022-10-01</date><risdate>2022</risdate><volume>21</volume><issue>5</issue><spage>1091</spage><epage>1106</epage><pages>1091-1106</pages><issn>1615-5262</issn><eissn>1615-5270</eissn><abstract>Data from Online Social Networks, search engines, and the World Wide Web are forms of unstructured knowledge that are not regularly used in cybersecurity systems. The main reason for the reluctance to utilize them is the difficulty to process them effectively and extract valuable information. In this paper, we present the Systemic Analyzer In Network Threats (SAINT) Observatory Subsystem or SAINToS for short, a novel platform for the acquisition and analysis of Open-Source Intelligence feeds. The proposed framework integrates different information pools to create a supplementary view of the evolving cybercriminal activity. The aim of SAINToS, is to provide additional models, methodologies, and mechanisms to enrich existing cybersecurity analysis. As a significant amount of related information is not standardized in the form of structured data tables or machine-processable formats (e.g., XML or JSON), secondary data sources, such as social networks and blogs, are expected to expand the scope and effectiveness of existing approaches. The emphasis of this work, is placed on the harmonization and visualization of data from different sources. As a result, these sources can be better understood and reused. In addition, the SAINToS, besides its standalone functionality and capabilities, can provide input, in standard formats, to additional major threat intelligence platforms.</abstract><cop>Berlin/Heidelberg</cop><pub>Springer Berlin Heidelberg</pub><doi>10.1007/s10207-022-00599-2</doi><tpages>16</tpages><orcidid>https://orcid.org/0000-0002-8925-9427</orcidid></addata></record>
fulltext	fulltext
identifier	ISSN: 1615-5262
ispartof	International journal of information security, 2022-10, Vol.21 (5), p.1091-1106
issn	1615-5262 1615-5270
language	eng
recordid	cdi_proquest_journals_2717191725
source	SpringerLink Journals; Business Source Complete
subjects	Coding and Information Theory Communications Engineering Computer Communication Networks Computer Science Cryptology Cybersecurity Intelligence gathering Management of Computing and Information Systems Networks Observatories Open source software Operating Systems Regular Contribution Search engines Social networks Structured data Subsystems Threat evaluation
title	The SAINT observatory subsystem: an open-source intelligence tool for uncovering cybersecurity threats
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-05T01%3A55%3A31IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=The%20SAINT%20observatory%20subsystem:%20an%20open-source%20intelligence%20tool%20for%20uncovering%20cybersecurity%20threats&rft.jtitle=International%20journal%20of%20information%20security&rft.au=Vlachos,%20Vasileios&rft.date=2022-10-01&rft.volume=21&rft.issue=5&rft.spage=1091&rft.epage=1106&rft.pages=1091-1106&rft.issn=1615-5262&rft.eissn=1615-5270&rft_id=info:doi/10.1007/s10207-022-00599-2&rft_dat=%3Cproquest_cross%3E2717191725%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2717191725&rft_id=info:pmid/&rfr_iscdi=true