DeepSec 2022 Talk: Machine Learning Use in OSINT – Giorgi Iashvili
Open source intelligence is one of the important aspects of cyber security activities as it relies on the publicly available sources, such as social networks, websites, blogs, etc. This includes data mining and gathering techniques, as well as data extraction and data analysis activities. Open source intelligence is widely used in different fields today. Mainly, this process runs manually and is fully managed by humans. Moving from a manual to automated processes in OSINT is vital, especially that we work with real-world operations. Different components must build a relevant system to provide automated open source-based activities together with training simulations for the Machine Learning.
The structure of the ML approach is the following:
- Requirements: Information used from previous user experience;
- Collection: Web crawlers or / and scrapers;
- Processing exploration: Pattern recognition, Detection of the events, Vision of the automated system;
- Analysis: Matching the pattern, Visualization process, Data analysis;
- Dissemination: Automated responses, Automated Error messages
The processes will be performed by the machine using automated processes mechanisms.
We asked Giorgi a few more questions about his talk.
Please tell us the top facts about your talk.
Data gathering is one of the most important steps of pen-testing. Automation approaches in this field are not widely known today. Techno giants such as Google actively use data gathering automation processes in their products.
How did you come up with it? Was there something like an initial spark that set your mind on creating this talk?
Why do you think this is an important topic?
Information gathering is the most important aspect in the pen-test process, and automation of it can play a key role in achieving results.
Is there something you want everybody to know – some good advice for our readers maybe?
A prediction for the future – what do you think will be the next innovations or future downfalls when it comes to your field of expertise / the topic of your talk in particular?
Giorgi Iashvili has a Ph.D. in informatics and is an associate professor at Caucasus University. Prof. Iashvili is a Deputy director of the CyberSecurity Center at Caucasus University. He is also the technical director at the Scientific Cyber Security Association (SCSA). Giorgi Iashvili is the author of many scientific papers. The topics of the papers are cyber security, cryptography, OSINT, hardware security, and AI.