A research paper co-authored by a UMD expert in software vulnerabilities will be presented at the 24th USENIX Security Symposium Aug. 12 – 14 in Washington, D.C.
“Vulnerability Disclosure in the Age of Social Media: Exploiting Twitter for Predicting Real-World Exploits,” analyzes software vulnerability-related information available on Twitter. The paper was authored by Tudor Dumitras, an assistant professor of electrical and computer engineering with appointments in UMIACS and the Maryland Cybersecurity Center (MC2), and UMD graduate students Carl Sabottke and Octavian Suciu.
In recent years, the number of software vulnerabilities discovered has significantly increased, with information about these vulnerabilities appearing online and on social media. This creates a need for prioritizing the response to new disclosures by assessing which vulnerabilities are likely to be exploited and then ruling out vulnerabilities that are not actually exploited in the real world.
The research team details how they designed a Twitter-based exploit detector and introduced a threat model to collect results.
Read more here.