DeepSec 2022 Talk: Machine Learning Use in OSINT – Giorgi Iashvili

Sanna/ September 5, 2022/ Conference

Open source intelligence is one of the important aspects of cyber security activities as it relies on the publicly available sources, such as social networks, websites, blogs, etc. This includes data mining and gathering techniques, as well as data extraction and data analysis activities. Open source intelligence is widely used in different fields today. Mainly, this process runs manually and is fully managed by humans. Moving from a manual to automated processes in OSINT is vital, especially that we work with real-world operations. Different components must build a relevant system to provide automated open source-based activities together with training simulations for the Machine Learning.

The structure of the ML approach is the following:

  • Requirements: Information used from previous user experience;
  • Collection: Web crawlers or / and scrapers;
  • Processing exploration: Pattern recognition, Detection of the events, Vision of the automated system;
  • Analysis: Matching the pattern, Visualization process, Data analysis;
  • Dissemination: Automated responses, Automated Error messages

The processes will be performed by the machine using automated processes mechanisms.

We asked Giorgi a few more questions about his talk.

Please tell us the top facts about your talk.

Data gathering is one of the most important steps of pen-testing. Automation approaches in this field are not widely known today. Techno giants such as Google actively use data gathering automation processes in their products.

How did you come up with it? Was there something like an initial spark that set your mind on creating this talk?

Based on my job, I have an experience working with OSINT a lot and some processes are really time-consuming. The idea of the automation of some events during information gathering was very motivational for me and I went deeper into this field.

Why do you think this is an important topic?

Information gathering is the most important aspect in the pen-test process, and automation of it can play a key role in achieving results.

Is there something you want everybody to know – some good advice for our readers maybe?

To understand the information-gathering process from the point of view of automatization, it’s good to know the working mechanisms of some approaches like very-high-resolution satellite imagery (also used to automate some processes).

A prediction for the future – what do you think will be the next innovations or future downfalls when it comes to your field of expertise / the topic of your talk in particular?

More efficient and fast automation approaches. I think that’s a suitable area of research and a future development will be more effective pattern recognition approaches in OSINT.

 

Giorgi Iashvili has a Ph.D. in informatics and is an associate professor at Caucasus University. Prof. Iashvili is a Deputy director of the CyberSecurity Center at Caucasus University. He is also the technical director at the Scientific Cyber Security Association (SCSA). Giorgi Iashvili is the author of many scientific papers. The topics of the papers are cyber security, cryptography, OSINT, hardware security, and AI.

 

 

Share this Post