Mahaini, Mohamad Imad (2024) Community analysis of cyber security experts on Online Social Networks. Doctor of Philosophy (PhD) thesis, University of Kent,. (doi:10.22024/UniKent/01.02.106482) (KAR id:106482)
PDF
Language: English
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
|
|
Download this file (PDF/9MB) |
Preview |
Official URL: https://doi.org/10.22024/UniKent/01.02.106482 |
Abstract
The advent of Online Social Networks (OSNs) has started a new era of communication and information dissemination, fundamentally altering the way individuals and organisations interact in the digital age. OSNs such as Twitter, Facebook, LinkedIn and YouTube allow billions of people across the globe to create online communities based on similar interests. With almost everyone and everything being touched by cyber space in recent times, and despite the advancement in technology and cyber security, malicious attacks are still targeting individuals, organisations and systems on a large scale and utilising new channels like social media platforms. Cyber security is a field dedicated to safeguarding computer systems, networks, and data from theft, damage, or unauthorised access. Within the complex interconnected nature of OSN users, a distinct category of accounts has gained particular attention and significance: cyber security accounts. These accounts encompass a wide spectrum of groups, such as activists, hacktivists, cyber criminals and cyber security experts.
Cyber security experts include researchers, practitioners, innovators, vendors, etc. While previous studies have explored various types of cyber security related accounts and their communities on OSNs, the activities of cyber security experts have not been sufficiently investigated. This thesis addresses this research gap by designing, developing and testing tools to support studying cyber security experts on OSNs, with a particular focus on cyber security researchers. The tools developed and tested include 1) a general cyber security taxonomy, 2) multiple Machine Learning (ML) classifiers, and 3) some generalisable methods for collecting and analysing data from OSNs. Therefore, the thesis encompasses three main studies as follows.
First, the thesis introduces a novel human-machine teaming-based process for building taxonomies. Many previous studies relied solely on manual efforts, leading to limitations in covering diverse topics and rapidly evolving concepts. The proposed process was applied to the cyber security domain as an example, which allowed human experts to collaborate with automated Natural Language Processing (NLP) and Information Retrieval (IR) tools to co-develop a general cyber security taxonomy from relevant textual sources with reasonable human effort.
Second, the thesis presents the design and development of several ML classifiers to detect the needed Twitter accounts. They include a baseline classifier for detecting cyber security related accounts in general, and four sub-classifiers for detecting other related sub-groups of accounts (individuals, hackers, academia and research). The classifiers were trained and tested using a systematic approach involving the cyber security taxonomy built earlier, real-time tweet sampling, and crowdsourcing for dataset labelling. By considering a richer set of features than previous studies, the classifiers achieved promising performance, with the Random Forest model outperforming others, with the F1-score reaching 93\% for the baseline classifier and 83-91\% for the sub-classifiers. Feature reduction analysis demonstrated that a subset of just six features maintained the same performance levels, providing efficient and effective classifiers for detecting cyber security accounts on Twitter.
Third, in the last part, the cyber security researchers were analysed as an example of a sub-group of cyber security experts. As a case study of a research community, the presence of the UK's Academic Centres of Excellence in Cyber Security Research (ACEs-CSR) on Twitter was analysed. Several machine learning classifiers were utilised to identify cyber security and research related accounts, and a social graph was constructed using the friends and followers of the ACE-CSR accounts. Then, a comprehensive analysis was carried out, including community detection, social structural analysis, influence analysis, topic modelling, and sentiment analysis, revealing interesting insights about the research community around ACEs-CSR, such as their sub-communities, top influencers, the influence distribution, the topics being discussed by cyber security researchers, and last but not least the sentiment towards the ACE-CSR programme and accounts. Twitter was used as an example in this thesis, but all the presented methodologies can be applied to other OSNs.
Item Type: | Thesis (Doctor of Philosophy (PhD)) |
---|---|
Thesis advisor: | Li, Shujun |
DOI/Identification number: | 10.22024/UniKent/01.02.106482 |
Uncontrolled keywords: | ACE-CSR; cyber security; machine learning; Online Social Network; OSN; Twitter; Social Network Analysis; SNA; Natural Language Processing; NLP; taxonomy; ontology; crowdsourcing; Cyber Threat Intelligence; Community Detection; Topic Modelling; Sentiment Analysis |
Subjects: | Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming, |
Divisions: | Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing |
Funders: | University of Kent (https://ror.org/00xkeyj56) |
SWORD Depositor: | System Moodle |
Depositing User: | System Moodle |
Date Deposited: | 03 Jul 2024 10:10 UTC |
Last Modified: | 05 Jul 2024 12:51 UTC |
Resource URI: | https://kar.kent.ac.uk/id/eprint/106482 (The current URI for this page, for reference purposes) |
- Link to SensusAccess
- Export to:
- RefWorks
- EPrints3 XML
- BibTeX
- CSV
- Depositors only (login required):