Bipin Kumar Rai,Ravi Verma,Shiva Tiwari

DOI: https://doi.org/10.1007/s42979-021-00777-4

2021-08-07

SN Computer Science

Abstract:Open source intelligence (OSINT) refers to the gathering and retrieval of data and information from online servers or sources that are freely accessible or are open-source. OSINT has been prominent over decades, under one name or the other. With the advent of instant communication and rapid knowledge exchange, much actionable and informative knowledge can now be accessed from unclassified, public sources. OSINT can help to collect data from the web and use it according to a model's requirements and needs. A web search tool has been proposed here to look for similar advantages, explaining the tool's functionalities and development strategy, which aims to minimize target search time and use minimum input data for the same. In addition, to provide a different means for searching and data filtering so that only the best information is provided.

English Else

Peng Gao,Xiaoyuan Liu,Edward Choi,Bhavna Soman,Chinmaya Mishra,Kate Farris,Dawn Song

DOI: https://doi.org/10.48550/arXiv.2101.07769

2021-02-27

Abstract:To remain aware of the fast-evolving cyber threat landscape, open-source Cyber Threat Intelligence (OSCTI) has received growing attention from the community. Commonly, knowledge about threats is presented in a vast number of OSCTI reports. Despite the pressing need for high-quality OSCTI, existing OSCTI gathering and management platforms, however, have primarily focused on isolated, low-level Indicators of Compromise. On the other hand, higher-level concepts (e.g., adversary tactics, techniques, and procedures) and their relationships have been overlooked, which contain essential knowledge about threat behaviors that is critical to uncovering the complete threat scenario. To bridge the gap, we propose SecurityKG, a system for automated OSCTI gathering and management. SecurityKG collects OSCTI reports from various sources, uses a combination of AI and NLP techniques to extract high-fidelity knowledge about threat behaviors, and constructs a security knowledge graph. SecurityKG also provides a UI that supports various types of interactivity to facilitate knowledge graph exploration.

Cryptography and Security,Artificial Intelligence,Computation and Language,Databases

Abdallah Qusef,Hamzeh Alkilani

DOI: https://doi.org/10.7717/peerj-cs.810

2022-01-06

PeerJ Computer Science

Abstract:The Internet’s emergence as a global communication medium has dramatically expanded the volume of content that is freely accessible. Through using this information, open-source intelligence (OSINT) seeks to meet basic intelligence requirements. Although open-source information has historically been synonymous with strategic intelligence, today’s consumers range from governments to corporations to everyday people. This paper aimed to describe open-source intelligence and to show how to use a few OSINT resources. In this article, OSINT (a combination of public information, social engineering, open-source information, and internet information) was examined to define the present situation further, and suggestions were made as to what could happen in the future. OSINT is gaining prominence, and its application is spreading into different areas. The primary difficulty with OSINT is separating relevant bits from large volumes of details. Thus, this paper proposed and illustrated three OSINT alternatives, demonstrating their existence and distinguishing characteristics. The solution analysis took the form of a presentation evaluation, during which the usage and effects of selected OSINT solutions were reported and observed. The paper’s results demonstrate the breadth and dispersion of OSINT solutions. The mechanism by which OSINT data searches are returned varies greatly between solutions. Combining data from numerous OSINT solutions to produce a detailed summary and interpretation involves work and the use of multiple disjointed solutions, both of which are manual. Visualization of results is anticipated to be a potential theme in the production of OSINT solutions. Individuals’ data search and analysis abilities are another trend worth following, whether to optimize the productivity of currently accessible OSINT solutions or to create more advanced OSINT solutions in the future.

computer science, information systems, artificial intelligence, theory & methods

Jhon Francined Herrera-Cubides,Paulo Alonso Gaona-García,Salvador Sánchez-Alonso

DOI: https://doi.org/10.3390/app10217617

2020-10-29

Applied Sciences

Abstract:Given the growing application of open-source intelligence (OSINT), which has facilitated fast decision-making, this study aims to explore how research and educational material production in OSINT has evolved. For this analysis, two OSINT material sources are examined: the research dissemination databases and educational resources repositories. Considering that web information may or may not be publicly available, web Scraping and querying web interface strategies are used to metadata extraction. Finally, we suggest a findings hierarchical classification for the metadata retrieval results. Our main results: (1) Google Scholar and NewsBank are the centralizing axes of OSINT publications; (2) OSINT presents a broad development in the areas of defense and security; thus, presenting itself a promising future; (3) it is necessary both to generate educational resources that complement OSINT training processes and documenting existing resources with a metadata structure defined for this purpose; (4) pay increased attention to the last stages of the OSINT process, to use this knowledge in more assertive ways. This study allows guiding the researchers to the current state of research and education in OSINT and promotes a useful metadata description to make resources accessible and reusable in the educational environment.

English Else

Yu Liang,Chao Wu

DOI: https://doi.org/10.2298/fuee1603437l

2016-01-01

Facta universitatis - series Electronics and Energetics

Abstract:To obtain a real-time situational awareness about the specific behavior of targets-of-interest using large-scale sensory data-set, this paper presents a generic sensor-oriented information system based on Hadoop Ecosystem, which is denoted as SOIS-Hadoop for simplicity. Robotic heterogeneous sensor nodes bound by wireless sensor network are used to track things-of-interest. Hadoop Ecosystem enables highly scalable and fault-tolerant acquisition, fusion and storage, retrieval, and processing of sensory data. In addition, SOIS-Hadoop employs temporally and spatially dependent mathematical model to formulate the expected behavior of targets-of-interest, based on which the observed behavior of targets can be analyzed and evaluated. Using two real-world sensor-oriented information processing and analysis problems as examples, the mechanism of SOIS-Hadoop is also presented and validated in detail.

CHEN Yong,ZHANG Jia-ji,WU Li-de,LIU Hai-juan

DOI: https://doi.org/10.3969/j.issn.1003-3106.2009.05.008

2009-01-01

Abstract:Open source information is the information which is acquired from open or partially open sources.With the wide application of information technology and network technology,the amount of open source information has increased explosively.In this paper,the concept of open source intelligence analysis is introduced,some open source intelligence systems in American are discussed,the status of those systems is described.Finally,the architecture of open source systems is discussed and a model of open source intelligence analysis system is proposed.

Ashok Yadav,Atul Kumar,Vrijendra Singh

DOI: https://doi.org/10.1007/s10462-023-10454-y

IF: 9.588

2023-03-15

Artificial Intelligence Review

Abstract:The volume of data generated by today’s digitally connected world is enormous, and a significant portion of it is publicly available. These data sources are web archives, public databases, and social networks such as Facebook, Twitter, LinkedIn, Emails, Telegrams, etc. Open-source intelligence (OSINT) extracts information from a collection of publicly available and accessible data. OSINT can provide a solution to the challenges in extracting and gathering intelligence from various publicly available information and social networks. OSINT is currently expanding at an incredible rate, bringing new artificial intelligence-based approaches to address issues of national security, political campaign, the cyber industry, criminal profiling, and society, as well as cyber threats and crimes. In this paper, we have described the current state of OSINT tools/techniques and the state of the art for various applications of OSINT in cyber security. In addition, we have discussed the challenges and future directions to develop autonomous models. These models can provide solutions for different social network-based security, digital forensics, and cyber crime-based problems using various machine learning (ML), deep learning (DL) and artificial intelligence (AI) with OSINT.

computer science, artificial intelligence

Yusuf A. Ozkan

2024-08-08

Abstract:The Intelligence Studies Network is a comprehensive resource database for publications, events, conferences, and calls for papers in the field of intelligence studies. It offers a novel solution for monitoring, indexing, and visualising resources. Sources are automatically monitored and added to a manually curated database, ensuring the relevance of items to intelligence studies. Curated outputs are stored in a group library on Zotero, an open-source reference management tool. The metadata of items in Zotero is enriched with OpenAlex, an open access bibliographic database. Finally, outputs are listed and visualised on a Streamlit app, an open-source Python framework for building apps. This paper aims to explain the Intelligence Studies Network database and provide a detailed guide on data sources and the workflow. This study demonstrates that it is possible to create a specialised academic database by using open source tools.

Digital Libraries,Databases

Anirban Mukhopadhyay,Sukrit Venkatagiri,Kurt Luther

2024-01-02

Abstract:Open Source Intelligence (OSINT) investigations, which rely entirely on publicly available data such as social media, play an increasingly important role in solving crimes and holding governments accountable. The growing volume of data and complex nature of tasks, however, means there is a pressing need to scale and speed up OSINT investigations. Expert-led crowdsourcing approaches show promise but tend to either focus on narrow tasks or domains or require resource-intense, long-term relationships between expert investigators and crowds. We address this gap by providing a flexible framework that enables investigators across domains to enlist crowdsourced support for the discovery and verification of OSINT. We use a design-based research (DBR) approach to develop OSINT Research Studios (ORS), a sociotechnical system in which novice crowds are trained to support professional investigators with complex OSINT investigations. Through our qualitative evaluation, we found that ORS facilitates ethical and effective OSINT investigations across multiple domains. We also discuss broader implications of expert-crowd collaboration and opportunities for future work.

Human-Computer Interaction

Megha Chaudhary,Divya Bansal

DOI: https://doi.org/10.1002/widm.1473

2022-07-19

Abstract:Overview of OSINT extraction process from terrorism‐related textual information in three phases, that is, (i) Data Acquisition, (ii) Data Enrichment, and (iii) Knowledge Inference. In this contemporary era, where a large part of the world population is deluged by extensive use of the internet and social media, terrorists have found it a potential opportunity to execute their vicious plans. They have got a befitting medium to reach out to their targets to spread propaganda, disseminate training content, operate virtually, and further their goals. To restrain such activities, information over the internet in context of terrorism needs to be analyzed to channel it to appropriate measures in combating terrorism. Open Source Intelligence (OSINT) accounts for a felicitous solution to this problem, which is an emerging discipline of leveraging publicly accessible sources of information over the internet by effectively utilizing it to extract intelligence. The process of OSINT extraction is broadly observed to be in three phases (i) Data Acquisition, (ii) Data Enrichment, and (iii) Knowledge Inference. In the context of terrorism, researchers have given noticeable contributions in compliance with these three phases. However, a comprehensive review that delineates these research contributions into an integrated workflow of intelligence extraction has not been found. The paper presents the most current review in OSINT, reflecting how the various state‐of‐the‐art tools and techniques can be applied in extracting terrorism‐related textual information from publicly accessible sources. Various data mining and text analysis‐based techniques, that is, natural language processing, machine learning, and deep learning have been reviewed to extract and evaluate textual data. Additionally, towards the end of the paper, we discuss challenges and gaps observed in different phases of OSINT extraction. This article is categorized under: Application Areas > Government and Public Sector Commercial, Legal, and Ethical Issues > Social Considerations Fundamental Concepts of Data and Knowledge > Motivation and Emergence of Data Mining

Nihad A. Hassan,Rami Hijazi

DOI: https://doi.org/10.1007/978-1-4842-3213-2

2018-01-01

Abstract:Apply Open Source Intelligence (OSINT) techniques, methods, and tools to acquire information from publicly available online sources to support your intelligence analysis. Use the harvested data in different scenarios such as financial, crime, and terrorism investigations as well as performing business competition analysis and acquiring intelligence about individuals and other entities. This book will also improve your skills to acquire information online from both the regular Internet as well as the hidden web through its two sub-layers: the deep web and the dark web. The author includes many OSINT resources that can be used by intelligence agencies as well as by enterprises to monitor trends on a global level, identify risks, and gather competitor intelligence so more effective decisions can be made. You will discover techniques, methods, and tools that are equally used by hackers and penetration testers to gather intelligence about a specific target online. And you will be aware of how OSINT resources can be used in conducting social engineering attacks. Open Source Intelligence Methods and Tools takes a practical approach and lists hundreds of OSINT resources that can be used to gather intelligence from online public sources. The book also covers how to anonymize your digital identity online so you can conduct your searching activities without revealing your identity. What You’ll Learn: Identify intelligence needs and leverage a broad range of tools and sources to improve data collection, analysis, and decision making in your organization Use OSINT resources to protect individuals and enterprises by discovering data that is online, exposed, and sensitive and hide the data before it is revealed by outside attackers Gather corporate intelligence about business competitors and predict future market directions Conduct advanced searches to gather intelligence from social media sites such as Facebook and Twitter Understand the different layers that make up the Internet and how to search within the invisible web which contains both the deep and the dark webs

Michael Glassman,Min Ju Kang

DOI: https://doi.org/10.1016/j.chb.2011.11.014

IF: 9.9

2012-03-01

Computers in Human Behavior

Abstract:This paper introduces the concept of Open Source Intelligence (OSINT) as an important component for understanding human problem solving in the 21st century. OSINT is in many ways the result of changing human–information relationships resulting from the emergence and growing dominance of the Internet and the World Wide Web in everyday life. This paper suggests that the Internet/Web changes the dynamic relationship between what Cattell and Horn have identified as the two general factors of human intelligence: crystallized intelligence and fluid intelligence. The Internet/Web open up new possibilities for accessing information and transcending over-determined cultural intelligence in problem solving. This offers fluid intelligence, which often trails off in adulthood, a new vitality across the lifespan. But the diminishment of crystallized intelligence, and especially cultural intelligence, also presents a number of important problems in maintenance of cohesive, social cooperatives. The development of OSINT (using tools and ethos created by the Open Source movement of the last few decades) offers both a framework for reaching beyond the boundaries of traditional cultural intelligence and ways to create cooperative, open, problem solving communities. The Internet/Web will continue to create confusion and fear as we move deeper into this new age, but also presents extraordinary possibilities for augmenting human intellect if we can understand it and learn to harness its potential.

psychology, multidisciplinary, experimental

Darren R. Hayes,Francesco Cappa

DOI: https://doi.org/10.1016/j.bushor.2018.02.001

IF: 10.562

2018-09-01

Business Horizons

Abstract:Advances in information technology (IT) have prompted tremendous growth in security issues for companies. Increasingly, cyberattacks represent a threat to companies and national security; to prevent them, firms should routinely perform risk assessments of their IT infrastructure and employees. This article highlights the importance of open-source intelligence (OSINT) tools in conducting risk assessments to prevent cyberattacks. More specifically, we performed a vulnerability assessment on the critical infrastructure of a company operating on the U.S. electrical grid. We successfully profiled the company’s network software, hardware, and key IT personnel—using OSINT—and detailed potential vulnerabilities associated with these findings. The results of our study provide empirical evidence for the efficacy of OSINT in improving the security posture of organizations. Our research findings were subsequently used to produce tactical and strategic recommendations for organizations based on the use of OSINT to identify vulnerabilities, mitigate risks, and formulate more robust security policies to prevent cyberattacks.

business

Elliott Rheault,Mary Nerayo,Jaden Leonard,Jack Kolenbrander,Christopher Henshaw,Madison Boswell,Alan J. Michaels

DOI: https://doi.org/10.3390/jcp4030027

2024-08-13

Journal of Cybersecurity and Privacy

Abstract:In most open-source intelligence (OSINT) research efforts, the collection of information is performed in an entirely passive manner as an observer to third-party communication streams. This paper describes ongoing work that seeks to insert itself into that communication loop, fusing openly available data with requested content that is representative of what is sent to second parties. The mechanism for performing this is based on the sharing of falsified personal information through one-time online transactions that facilitate signup for newsletters, establish online accounts, or otherwise interact with resources on the Internet. The work has resulted in the real-time Use and Abuse of Personal Information OSINT collection engine that can ingest email, SMS text, and voicemail content at an enterprise scale. Foundations of this OSINT collection infrastructure are also laid to incorporate an artificial intelligence (AI)-driven interaction engine that shifts collection from a passive process to one that can effectively engage with different classes of content for improved real-world privacy experimentation and quantitative social science research.

computer science, information systems, interdisciplinary applications, software engineering

Gautam S. Thakur,Budhendra L. Bhaduri,Jesse O. Piburn,Kelly M. Sims,Robert N. Stewart,Marie L. Urban

DOI: https://doi.org/10.48550/arXiv.1507.05245

2015-07-19

Abstract:Geospatial intelligence has traditionally relied on the use of archived and unvarying data for planning and exploration purposes. In consequence, the tools and methods that are architected to provide insight and generate projections only rely on such datasets. Albeit, if this approach has proven effective in several cases, such as land use identification and route mapping, it has severely restricted the ability of researchers to inculcate current information in their work. This approach is inadequate in scenarios requiring real-time information to act and to adjust in ever changing dynamic environments, such as evacuation and rescue missions. In this work, we propose PlanetSense, a platform for geospatial intelligence that is built to harness the existing power of archived data and add to that, the dynamics of real-time streams, seamlessly integrated with sophisticated data mining algorithms and analytics tools for generating operational intelligence on the fly. The platform has four main components - i. GeoData Cloud - a data architecture for storing and managing disparate datasets; ii. Mechanism to harvest real-time streaming data; iii. Data analytics framework; iv. Presentation and visualization through web interface and RESTful services. Using two case studies, we underpin the necessity of our platform in modeling ambient population and building occupancy at scale.

Computers and Society,Social and Information Networks

Bert-Jaap Koops,Jaap-Henk Hoepman,Ronald Leenes

DOI: https://doi.org/10.1016/j.clsr.2013.09.005

2013-12-01

Abstract:As demonstrated by other papers on this issue, open-source intelligence (OSINT) by state authorities poses challenges for privacy protection and intellectual-property enforcement. A possible strategy to address these challenges is to adapt the design of OSINT tools to embed normative requirements, in particular legal requirements. The experience of the VIRTUOSO platform will be used to illustrate this strategy. Ideally, the technical development process of OSINT tools is combined with legal and ethical safeguards in such a way that the resulting products have a legally compliant design, are acceptable within society (social embedding), and at the same time meet in a sufficiently flexible way the varying requirements of different end-user groups. This paper uses the analytic framework of privacy design strategies (minimise, separate, aggregate, hide, inform, control, enforce, and demonstrate), arguing that two approaches for embedding legal compliance seem promising to explore in particular. One approach is the concept of revocable privacy with spread responsibility. The other approach uses a policy mark-up language to define Enterprise Privacy Policies, which determine appropriate data handling.Both approaches are tested against three requirements that seem particularly suitable for a ‘compliance by design’ approach in OSINT: purpose specification; collection and use limitation and data minimisation; and data quality (up-to-dateness). For each requirement, the paper analyses whether and to what extent the approach could work to build in the requirement in the system. The paper concludes that legal requirements cannot be embedded fully in OSINT systems. However, it is possible to embed functionalities that facilitate compliance in allowing end-users to determine to what extent they adopt a ‘privacy-by-design’ approach when procuring an OSINT platform, extending it with plug-ins, and fine-tuning it to their needs. The paper argues that developers of OSINT platforms and networks have a responsibility to make sure that end-users are enabled to use privacy by design, by allowing functionalities such as revocable privacy and a policy-enforcement language.

law

Sudip Mittal,Anupam Joshi,Tim Finin

DOI: https://doi.org/10.48550/arXiv.1905.02895

2019-05-07

Abstract:Keeping up with threat intelligence is a must for a security analyst today. There is a volume of information present in `the wild' that affects an organization. We need to develop an artificial intelligence system that scours the intelligence sources, to keep the analyst updated about various threats that pose a risk to her organization. A security analyst who is better `tapped in' can be more effective. In this paper we present, Cyber-All-Intel an artificial intelligence system to aid a security analyst. It is a system for knowledge extraction, representation and analytics in an end-to-end pipeline grounded in the cybersecurity informatics domain. It uses multiple knowledge representations like, vector spaces and knowledge graphs in a 'VKG structure' to store incoming intelligence. The system also uses neural network models to pro-actively improve its knowledge. We have also created a query engine and an alert system that can be used by an analyst to find actionable cybersecurity insights.

Artificial Intelligence,Computation and Language,Cryptography and Security

Heloise Pieterse,Carien Van 't Wout,Zubeida Kahn,Chris Serfontein

DOI: https://doi.org/10.34190/iccws.17.1.16

2022-03-02

International Conference on Cyber Warfare and Security

Abstract:The 21st century witnessed the rise of the digital age via the evolution of the Internet. A direct result of the established digital era is the growth of digital media. Although traditional media, such as print and broadcasting, remains relevant, the low accessibility and limited reach impact the effectiveness of such media. In comparison, digital media, such as social media, provides access to vast collections of open-source information. The open-source information available on digital media platforms is current and easily accessible. However, conversion of open-source information into intelligence becomes a time-consuming and quite ineffective process due to the large quantities of information available. Open-source intelligence (OSINT) tools attempt to address such limitations by offering technological solutions that provide access to up to date, as well as easily searchable digital information. Thus, OSINT tools, such as Shodan and Maltego, streamline the conversion of open-source information into intelligence. This paper introduces the design of a new but specialised media monitoring tool to assist with the monitoring of open-source information towards enabling situational awareness. The key design feature of this new media monitoring tool is to offer versatility by guiding the collection of open-source information. Controlling the amount of information gathered in turn improves the efficiency of the processes used to extract intelligence. The obtained intelligence, thus, enables the observation of situational awareness of chosen aspects within a secure environment. Also discussed in this paper is the motivation behind the design of the specialised media monitoring tool, as well as various design considerations, are taken to ensure effective usage of the tool. The paper concludes by discussing the various benefits offered by the specialised media monitoring tool concerning observing situational awareness.

Thomas Oakley Browne,Mohammad Abedin,Mohammad Jabed Morshed Chowdhury

DOI: https://doi.org/10.1007/s10207-024-00868-2

2024-06-07

International Journal of Information Security

Abstract:This paper presents a systematic review to identify research combining artificial intelligence (AI) algorithms with Open source intelligence (OSINT) applications and practices. Currently, there is a lack of compilation of these approaches in the research domain and similar systematic reviews do not include research that post dates the year 2019. This systematic review attempts to fill this gap by identifying recent research. The review used the preferred reporting items for systematic reviews and meta-analyses and identified 163 research articles focusing on OSINT applications leveraging AI algorithms. This systematic review outlines several research questions concerning meta-analysis of the included research and seeks to identify research limitations and future directions in this area. The review identifies that research gaps exist in the following areas: Incorporation of pre-existing OSINT tools with AI, the creation of AI-based OSINT models that apply to penetration testing, underutilisation of alternate data sources and the incorporation of dissemination functionality. The review additionally identifies future research directions in AI-based OSINT research in the following areas: Multi-lingual support, incorporation of additional data sources, improved model robustness against data poisoning, integration with live applications, real-world use, the addition of alert generation for dissemination purposes and incorporation of algorithms for use in planning.

computer science, information systems, theory & methods, software engineering

Daniel Trottier

DOI: https://doi.org/10.1177/1367549415577396

2015-06-16

European Journal of Cultural Studies

Abstract:This article considers how recent developments in open source intelligence impact the inclusion of social media data in policing, and how these changes are a reflection of technological affordances by platform developers and private third-party companies, as well as police cultural and institutional constraints. It explores the institutional contexts in which social media open source intelligence is trialled in Europe by drawing on interviews with police officials and privacy advocates from 13 European Union member states. Respondents considered their adoption of open source social media monitoring technologies in their jurisdiction, locating this uptake within a context of technological scepticism. While open source intelligence infused with social media data enables an immediate access to social life for investigators, so too do they provoke a preoccupation with the origins and circulations of this content. This tension dovetails with institutional concerns, including a lack of specialised staff, budget constraints, along with a lack of clear legal and procedural protocols.

cultural studies