Understanding and early awareness of software vulnerabilities is vital for preventing and mitigating potential impacts from cybersecurity events. One step toward early characterization of software vulnerabilities may involve analyzing discussion and spread of information in online social networks.
Prior work has used information from such discussions over multiple online forums to develop dynamic networks among users followed by analysis of structure, spread, and information evolution. In this work, we advance the state-of-the-art by focusing on data-driven learning of types, roles, and transition of roles exhibited by users over time. In social networks, users
take on particular roles based on their actions and structure of the network. Identifying “meaningful” roles can help separate potential users of interest from the larger community, and identify patterns in a network. We will identify and compare roles found in online forums (e.g., Twitter) using techniques
such as feature-based Non-negative Matrix Factorization coupled with topological and influence-based measures of centrality. Since users’ activities change over time, we also analyze role evolution in dynamic networks.
Published: March 16, 2022
Citation
Jones R.D., D.C. Fortin, S. Chatterjee, D.G. Thomas, and L. Newburn. 2021.User Role Identification in Software Vulnerability Discussions over Social Networks. In IEEE International Conference on Intelligence and Security Informatics (ISI 2021), November 2-3, 2021, VIrtual, Online, 1-3. Piscataway, New Jersey:IEEE.PNNL-SA-166021.doi:10.1109/ISI53945.2021.9624857