Obtaining Cyber Threat Intelligence Data From Twitter With Deep Learning Methods

Abstract

With the increasing number of cyber attacks, cyber security has become an increasing concern for every institution/organization. Every small or large institution/organization takes precautions and invests in cyber threats. Firewalls, intrusion detection/prevention systems, antivirus, data loss prevention software, etc., are used within the scope of ensuring cyber security and preventing threats. In order to detect cyber threats, the records obtained from these devices/applications are sent to SIEM applications. It is of great importance to use cyber threat intelligence data in these devices and applications in order to accurately detect cyber threats. As hard as it is to win a war without intelligence, it is also very difficult to provide effective cyber security without cyber threat intelligence. Cyber threat intelligence can be provided by commercial software as well as from open source platforms. In this study, deep learning models were used to process the cyber security data obtained from Twitter. With recursive neural networks, the tweets in the data set are related to cyber threat intelligence, then the cyber threat intelligence (DDoS, malware, ransomware, etc.) is classified. As a result of the study, 88.64% success was achieved in terms of whether cyber threat intelligence is relevant or not, and 89.49% success was achieved in classifying the type of threat intelligence.