Open source intelligence (OSINT) in a colombian context and sentiment analysis

Inteligencia de fuentes abierta (OSINT) para operaciones de ciberseguridad. “Aplicación de OSINT en un contexto colombiano y análisis de sentimientos”

Palabras clave: Cyberintelligence, Open source intelligence, Adversary profiling, Machine learning, Sentiment analysis, Data science (en_US)
Palabras clave: Análisis de sentimientos, aprendizaje automático, ciber inteligencia, ciencia de datos, inteligencia de fuentes abiertas, perfilamiento de adversarios (es_ES)

Resumen (en_US)

Open source intelligence (OSINT) is used to obtain and analyze information related to adversaries, so it can support risk assessments aimed to prevent damages against critical assets. This paper presents a research about different OSINT technologies and how these can be used to perform cyber intelligence tasks. One of the key components in the operation of OSINT tools are the “transforms”, which are used to establish relations between entities of information from queries to different open sources. A set of transforms addressed to the Colombian context are presented, which were implemented and contributed to the community allowing to the law enforcement agencies to develop information gathering process from Colombian open sources. Additionally, this paper shows the implementation of three machine learning models used to perform sentiment analysis over the information obtained from an adversary. Sentiment analysis can be extremely useful to understand the motivation that an adversary can have and, in this way, define proper cyber defense strategies. Finally, some challenges related to the application of OSINT techniques are identified and described.

Resumen (es_ES)

La Inteligencia de fuentes abiertas (OSINT) es una rama de la ciber inteligencia usada para obtener y analizar información relacionada a posibles adversarios, para que esta pueda apoyar evaluaciones de riesgo y ayudar a prevenir afectaciones contra activos críticos. Este artículo presenta una investigación acerca de diferentes tecnologías OSINT y como estas pueden ser usadas para desarrollar tareas de ciber inteligencia de una nación. Un conjunto de transformadas apropiadas para un contexto colombiano son presentadas y contribuidas a la comunidad, permitiendo a organismos de seguridad adelantar procesos de recolección de información de fuentes abiertas colombianas. Sin embargo, el verdadero aprovechamiento de la información recolectada se da mediante la implementación de tres modelos de aprendizaje automático usados para desarrollar análisis de sentimientos sobre dicha información, con el fin de saber la posición del adversario respecto a determinados temas y así entender la motivación que puede tener, lo cual permite definir estrategias de ciberdefensa apropiadas. Finalmente, algunos desafíos relacionados a la aplicación de técnicas OSINT también son identificados y descritos al respecto de su aplicación por agencias de seguridad del estado.

Descargas

La descarga de datos todavía no está disponible.

Biografía del autor/a

Martin Jose Hernandez Mediná, Escuela Colombiana de Ingeniería Julio Garavito
Martín José Hernández Medina is a systems engineering student at the Colombian School of Engineering Julio Garavito. He has participated in software development projects, information security, open source software and business architecture. During 2015-2016 he participated in programming marathons as part of the MC^2 group of the Colombian School of Engineering Julio Garavito. In November 2017, he participated in the VII Information Security Conference in the Colombian School of Engineering Julio Garavito with a lecture about security in Internet of Things for Agriculture. In May 2018 he participated in the VIII Information Security Conference in the Colombian School of Engineering Julio Garavito with a lecture about Open Source Intelligence.
Cristian Camilo Pinzón Hernández, Escuela Colombiana de Ingeniería Julio Garavito
Ricardo Andres Pinto Rico is a systems engineering student at the Colombian School of Engineering Julio Garavito. He has participated in software development projects, information security, open source software and business architecture. During 2014-2016 he participated in programming marathons as representant of the Colombian School of Engineering Julio Garavito. In April 2017, he participated in the VI Information Security Conference in the Colombian School of Engineering Julio Garavito with a lecture about risks in insecure m-Health applications. In November 2017 he participated in the VII Information Security Conference in the Colombian School of Engineering Julio Garavito with a lecture about hacking IoT devices. In May 2018 he participated in the VIII Information Security Conference in the Colombian School of Engineering Julio Garavito with a lecture about Open Source Intelligence.
Daniel Orlando Díaz López, Escuela Colombiana de Ingeniería Julio Garavito
Cristian Camilo Pinzón Hernández is a systems engineering student at the Colombian School of Engineering Julio Garavito. He has participated in software development projects, information security, open source software and business architecture. During 2015-2017 he participated in programming marathons as part of the C^3 and MC^2 groups of the Colombian School of Engineering Julio Garavito. In November 2017, he participated in the VII Information Security Conference in the Colombian School of Engineering Julio Garavito with a lecture about security in Internet of Things for Agriculture. In May 2018 he participated in the VIII Information Security Conference in the Colombian School of Engineering Julio Garavito with a lecture about Open Source Intelligence.
Juan Carlos Garcia Ruiz, Armada Nacional
Juan Carlos Camilo García is a Systems Engineer, specialist in Computer Security and candidate for a Master in Cybersecurity and Cyberdefense from the War Superior School, with 16 years of experience in the IT area, development, implementation and management of digital security projects. Developer for informix 4GL and certified as Ethical Hacker V8. Passionate about technical problems and  challenges generated from the cyberspace. He has served as chief of operations of the Cybernetic Joint Command of the Colombian Military Forces, Chief of the Cyberdefense Division of the National Navy. Researcher, associate professor and head of the research group in the Cybernetic Joint Command of the Colombian Military Forces. His main areas of interest are related to the development of research TI projects supported by open source platforms, cybersecurity and cyberdefense for naval infrastructures and small and medium industry.
Ricardo Andrés Pinto Rico, Escuela Colombiana de Ingeniería Julio Garavito

Daniel Díaz López is Ph.D. in computer engineering
from the University of Murcia, Spain. His research
interests include cyber defense, cyber intelligence,
security in the software development process, ethical
hacking and security for IoT. He is researcher and assistant professor in the Colombian School of Engineering Julio Garavito, Colombia. He received an M.Sc. in computer
engineering from the University of Murcia, Spain.

Referencias

M. Glassman and M. J. Kang, “Intelligence in the internet age: The emergence and evolution of Open Source Intelligence (OSINT)”, Computers in Human Behavior, vol. 28, no. 2, pp. 673–682, 2012, https://doi.org/10.1016/j.chb.2011.11.014

L. Brotherston and A. Berlin, “Defensive security handbook: best practices for securing infrastructure”. O’Reilly Media, 2017.

W. Alcorn, C. Frichot, and M. Orrù, “The Browser hacker’s handbook”, New Jersey: John Wiley and Sons, 2014.

M. Gregg, “Certified Ethical Hacker (CEH) Version 9 Cert Guide” London: Pearson Education, 2017.

P. Engebretson, “The basics of hacking and penetration testing” Syngressr Publishing, 2013.

D. Bradbury, “In plain view: open source intelligence”, Computers in Human Behavior, no. 4, pp. 5–9, 2011.

B. de S. G. Rodrigues, “Open-source intelligence em sistemas SIEM” Lisboa: Universidade de Lisboa, 2015.

C. Pérez, “Minería de datos: técnicas y herramientas” Paraninfo Cengage Learning, 2007.

G. Subramanian, “R Data analysis projects: build end to end analytics systems to get deeper insights from your data”, Birmingham: Packt Publishing, 2017.

L. Zhang and B. Liu, “Sentiment Analysis and Opinion Mining”. in Encyclopedia of Machine Learning and Data Mining, Boston: Springer, 2017, pp. 1152–1161, https://doi.org/10.1007/978-1-4899-7687-1_907

E. Cambria, B. Schuller, Y. Xia, and C. Havasi, “New Avenues in Opinion Mining and Sentiment Analysis”, IEEE Intelligent Systems, vol. 28, no. 2, pp. 15–21, 2013, https://doi.org/10.1109/MIS.2013.30

A. Ortony, G. L. Clore, and A. Collins, “The cognitive structure of emotions” Cambridge: Cambridge University Press, 1988, https://doi.org/10.1017/CBO9780511571299

R. A. Stevenson, J. A. Mikels, and T. W. James, “Characterization of the Affective Norms for English Words by discrete emotional categories”, Behavior Research Methods, vol. 39, no. 4, pp. 1020–1024, 2007, https://doi.org/10.3758/BF03192999

P. D. Turney, “Thumbs Up or Thumbs Down? Semantic Orientation Applied to Unsupervised Classification of Reviews”, In Proceedings of the 40th Annual Meeting of the Association for Computational Linguistics (ACL), Philadelphia, july 2002, pp. 417-424.

S. M. Kim and E. Hovy, “Identifying and Analyzing Judgment Opinions”, Association for Computational Linguistics Stroudsburg, pp. 200–207, 2006, https://doi.org/10.3115/1220835.1220861

Liangxiao Jiang, H. Zhang, and Zhihua Cai, “A Novel Bayes Model: Hidden Naive Bayes”, IEEE Transactions on Knowledge and Data Engineering, vol. 21, no. 10, pp. 1361–1371, 2009, https://doi.org/10.1109/TKDE.2008.234

Y. Yang and G. I. Webb, “A Comparative Study of Discretization Methods for Naive-Bayes Classifiers”, J. Res., vol. 2, p. 267-324, 2007.

M. A. Hearst, S. T. Dumais, E. Osuna, J. Platt, and B. Scholkopf, “Support vector machines”, IEEE Intelligent Systems and their Applications, vol. 13, no. 4, pp. 18–28, 1998, https://doi.org/10.1109/5254.708428

F. Sebastiani, “Machine Learning in Automated Text Categorization”, ACM Computing Surveys, vol. 34, no. 1, pp. 1–47, 1999, https://doi.org/10.1145/505282.505283

B. Pang and L. Lee, “A Sentimental Education: Sentiment Analysis Using Subjectivity Summarization Based on Minimum Cuts”, Proceedings of ACL, pp. 271-278, 2004, https://doi.org/10.3115/1218955.1218990

T. Wilson, J. Wiebe, and P. Hoffmann, “Recognizing contextual polarity in phrase-level sentiment analysis”, Proceedings of the conference on Human Language Technology and Empirical Methods in Natural Language Processing, pp. 347–354, 2005, https://doi.org/10.3115/1220575.1220619

H. Wang, D. Can, A. Kazemzadeh, F. Bar and S. Narayanan, “A System for Real-time Twitter Sentiment Analysis of 2012 U.S. Presidential Election Cycl,”. In 50th Annual Meeting of the Association for Computational Linguistics, Jeju Island, july, 2012.

C-SPAN, “Robert Mueller on Cybersecurity” [En línea] Disponible en: https://www.c-span.org/video/?319726-3/robert-mueller-cybersecurity&start=1876

Departamento Nacional de Planeación, “CONPES 3701 - Lineamientos de Política para Ciberseguridad y Ciberdefensa. Colombia”. Consejo Nacional de Política Económica y Social, 2011.

R. Rodríguez, “Guerra Asimétrica”. [En línea]. Disponible en: https://dialnet.unirioja.es/descarga/articulo/4602435.pdf

J. Nye, “Bound to Lead: The Changing Nature of American Power” Hachette U. Basic Books, 2016.

G. S. Medero, “Ciberespacio y el crimen organizado. Los nuevos desafíos del siglo XXI”, Revista Enfoques, vol.10, no. 16, pp. 71–87, 2012.

R. Langner, “Stuxnet: Dissecting a cyberwarfare weapon”, IEEE Security and Privacy, vol. 9, no. 3, pp. 49–51, 2011, https://doi.org/10.1109/MSP.2011.67

G. Friedman, “The next 100 years: a forecast for the 21st century”, Knopf Doubleday Publishing Group, 2009, pp. 193–212.

R. Steele, “Handbook of Intelligence Studies” London: Routledge, 2007.

Cómo citar
[1]
M. J. Hernandez Mediná, C. C. Pinzón Hernández, D. O. Díaz López, J. C. Garcia Ruiz, y R. A. Pinto Rico, «Inteligencia de fuentes abierta (OSINT) para operaciones de ciberseguridad. “Aplicación de OSINT en un contexto colombiano y análisis de sentimientos”», Rev. vínculos, vol. 15, n.º 2, pp. 195-214, nov. 2018.
Publicado: 2018-11-22
Sección
Actualidad Tecnológica