Machine Learning Can Use Tweets To Automatically Spot Critical Security Flaws


At the endless booths of this week's RSA security trade show in San Francisco, an overflowing industry of vendors will offer any visitor an ad nauseam array of "threat intelligence" and "vulnerability management" systems. But it turns out that there's already a decent, free feed of vulnerability information that can tell systems administrators what bugs they really need to patch, updated 24/7: Twitter. And one group of researchers has not only measured the value of Twitter's stream of bug data, but is also building a piece of free software that automatically tracks it to pull out hackable software flaws and rate their severity. Researchers at Ohio State University, the security company FireEye, and research firm Leidos last week published a paper describing a new system that reads millions of tweets for mentions of software security vulnerabilities, and then, using their machine-learning-trained algorithm, assessed how much of a threat they represent based on how they're described. They found that Twitter can not only predict the majority of security flaws that will show up days later on the National Vulnerability Database--the official register of security vulnerabilities tracked by the National Institute of Standards and Technology--but that they could also use natural language processing to roughly predict which of those vulnerabilities will be given a "high" or "critical" severity rating with better than 80 percent accuracy.