Abstract
Among the issues the information system security community has to fix, the security of both data and algorithms is a concern. The security of algorithms is dependent on the reliability of the input data. This reliability is questioned, especially when the data is generated by humans (or bots operated by humans), such as in online social networks. Event detection algorithms are an example of technology using this type of data, but the question of the security is not systematically considered in this literature. We propose in this paper a first contribution to a threat model to overcome this problem. This threat model is composed of a description of the subject we are modelling, assumptions made, potential threats and defence strategies. This threat model includes an attack classification and defensive strategies which can be useful for anyone who wants to create a resilient event detection algorithm using online social networks.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
COSMIN Taxonomy of Measurement Properties \(\bullet \) COSMIN. https://www.cosmin.nl/tools/cosmin-taxonomy-measurement-properties/
Abkenar, S.B., Kashani, M.H., Akbari, M., Mahdipour, E.: Twitter Spam Detection: A Systematic Review. arXiv:2011.14754 [cs] (2020). version: 2
Alsmadi, I., et al.: Adversarial Attacks and Defenses for Social Network Text Processing Applications: Techniques, Challenges and Future Research Directions. arXiv:2110.13980 [cs] (2021). http://arxiv.org/abs/2110.13980
Amigó, E., Gonzalo, J., Artiles, J., Verdejo, F.: A comparison of extrinsic clustering evaluation metrics based on formal constraints. Inf. Retr. 12(4), 461–486 (2009). https://doi.org/10.1007/s10791-008-9066-8
Atefeh, F., Khreich, W.: A Survey of techniques for event detection in Twitter. Comput. Intell. 31(1), 132–164 (2015). https://doi.org/10.1111/coin.12017
Biggio, B., Fumera, G., Roli, F.: Design of robust classifiers for adversarial environments. In: 2011 IEEE International Conference on Systems, Man, and Cybernetics, pp. 977–982 (2011). https://doi.org/10.1109/ICSMC.2011.6083796, ISSN: 1062-922X
Brückner, M., Kanzow, C., Scheffer, T.: Static prediction games for adversarial learning problems. J. Mach. Lear. Res. 13(1), 2617–2654 (2012)
de Casanove, O., Sèdes, F.: Apprentissage adverse et algorithmes de détection d’évènements : une première typologie. In: Rendez-vous de la Recherche et de l’Enseignement de la Sécurité des Systèmes d’Information (RESSI 2022) (2022). https://hal.archives-ouvertes.fr/hal-03668829, poster
Chan, P.P.K., Yang, C., Yeung, D.S., Ng, W.W.Y.: Spam filtering for short messages in adversarial environment. Neurocomputing 155, 167–176 (2015). https://doi.org/10.1016/j.neucom.2014.12.034
Duddu, V.: A survey of adversarial machine learning in cyber warfare. Def. Sci. J. 68(4), 356 (2018)
Hasan, M., Orgun, M.A., Schwitter, R.: A survey on real-time event detection from the Twitter data stream. J. Inf. Sci. 44(4), 443–463 (2018). https://doi.org/10.1177/0165551517698564
Hasan, M., Orgun, M.A., Schwitter, R.: Real-time event detection from the Twitter data stream using the TwitterNews+ Framework. Inf. Process. Manage. 56(3), 1146–1165 (2019). https://doi.org/10.1016/j.ipm.2018.03.001
Imam, N.H., Vassilakis, V.G.: A survey of attacks against Twitter spam detectors in an adversarial environment. Robotics 8(3), 50 (2019). https://doi.org/10.3390/robotics8030050
Khandpur, R.P., Ji, T., Jan, S., Wang, G., Lu, C.T., Ramakrishnan, N.: Crowdsourcing cybersecurity: cyber attack detection using social media. In: Proceedings of the 2017 ACM on Conference on Information and Knowledge Management, pp. 1049–1057 (2017)
Kumar, S., Liu, H., Mehta, S., Subramaniam, L.V.: From Tweets to Events: Exploring a Scalable Solution for Twitter Streams. arXiv:1405.1392 [cs] (2014)
Mazoyer, B., Cagé, J., Hervé, N., Hudelot, C.: A French corpus for event detection on Twitter. In: Proceedings of the 12th Language Resources and Evaluation Conference, pp. 6220–6227. European Language Resources Association, Marseille, France (2020)
Mazurczyk, W., Drobniak, S., Moore, S.: Towards a systematic view on cybersecurity ecology. In: Akhgar, B., Brewster, B. (eds.) Combatting Cybercrime and Cyberterrorism. ASTSA, pp. 17–37. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-38930-1_2
McMinn, A.J., Jose, J.M.: Real-time entity-based event detection for Twitter. In: Mothe, J., et al. (eds.) CLEF 2015. LNCS, vol. 9283, pp. 65–77. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24027-5_6
OWASP: Threat modeling (2022). https://owasp.org/www-community/Threat_Modeling
Petrović, S., Osborne, M., Lavrenko, V.: Streaming first story detection with application to Twitter. In: Human Language Technologies: The 2010 Annual Conference of the north American Chapter of the Association For Computational Linguistics, pp. 181–189 (2010)
Ritter, A., Wright, E., Casey, W., Mitchell, T.: Weakly supervised extraction of computer security events from Twitter. In: Proceedings of the 24th International Conference on World Wide Web, pp. 896–905. WWW 2015, International World Wide Web Conferences Steering Committee, Republic and Canton of Geneva, CHE (2015). https://doi.org/10.1145/2736277.2741083
Sabottke, C., Suciu, O., Dumitras, T.: Vulnerability disclosure in the age of social media: exploiting twitter for predicting real-world exploits. In: 24th USENIX Security Symposium (USENIX Security 15), pp. 1041–1056. USENIX Association, Washington, D.C. (2015), https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/sabottke
Samonas, S., Coss, D.: The CIA strikes back: redefining confidentiality, integrity and availability in security. J. Inf. Syst. Sec. 10(3), 1–25 (2014)
Vamvoudakis, K.G., Hespanha, J.P., Sinopoli, B., Mo, Y.: Adversarial detection as a zero-sum game. In: 2012 IEEE 51st IEEE Conference on Decision and Control (CDC), pp. 7133–7138 (2012). https://doi.org/10.1109/CDC.2012.6426383
Wang, X., Li, J., Kuang, X., Tan, Y.A., Li, J.: The security of machine learning in an adversarial setting: a survey. J. Parallel Distrib. Comput. 130, 12–23 (2019). https://doi.org/10.1016/j.jpdc.2019.03.003, https://www.sciencedirect.com/science/article/pii/S0743731518309183
Wu, C., Li, X., Pan, W., Liu, J., Wu, L.: Zero-sum game-based optimal secure control under actuator attacks. IEEE Trans. Autom. Control 66(8), 3773–3780 (2021). https://doi.org/10.1109/TAC.2020.3029342
Zhou, R., Lin, J., Liu, L., Ye, M., Wei, S.: Analysis of SDN attack and defense strategy based on zero-sum game. In: Ren, J., et al. (eds.) BICS 2019. LNCS (LNAI), vol. 11691, pp. 479–485. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-39431-8_46
Zhou, Y., Kantarcioglu, M., Xi, B.: A game theoretic perspective on adversarial machine learning and related cybersecurity applications. In: Game Theory and Machine Learning for Cyber Security, Chapter 13, pp. 231–269. John Wiley & Sons, Ltd (2021). https://onlinelibrary.wiley.com/doi/abs/10.1002/9781119723950.ch13
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Casanove, O.d., Sèdes, F. (2023). Malicious Human Behaviour in Information System Security: Contribution to a Threat Model for Event Detection Algorithms. In: Jourdan, GV., Mounier, L., Adams, C., Sèdes, F., Garcia-Alfaro, J. (eds) Foundations and Practice of Security. FPS 2022. Lecture Notes in Computer Science, vol 13877. Springer, Cham. https://doi.org/10.1007/978-3-031-30122-3_13
Download citation
DOI: https://doi.org/10.1007/978-3-031-30122-3_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-30121-6
Online ISBN: 978-3-031-30122-3
eBook Packages: Computer ScienceComputer Science (R0)