Description: This presentation will take a look at data mining social-media and version control systems for vulnerability references. There are two projects that will be demonstrated with three main goals with this work: 1. Leverage social media to help enrich public vulnerability feeds with valuable information and technical research, 2. Sift through day to day social-media activity from the security community and provide a data source for trending IT security data, and 3. Leverage version control data to build metrics and analytics capabilities for open-source bug hunters.
The social-media mining portion of the talk will demonstrate identifying vulnerabilities with heavy activity over the past 18 months, distinguishing between community hype and solid technical research, and demographic specific trends. There will then be a demo for leveraging this mined data to identify general trending IT security information that can act as a news feed for researchers.
The version control mining portion of the talk will demonstrate providing code analytics for bug-hunters, with test-case projects such as the linux kernel. Example functionality that will be discussed and demonstrated includes activity heat-maps, dormancy vs. code density analysis, and historical vulnerability tainting.
MATT J BIO
Matt is an Australian security researcher with current interests in vulnerability analysis, machine learning, and security visualisation. He runs Volvent Security performing code audits for major vendors to security assessments and consulting for a mix of organisations. On the side he helps out organising the Ruxcon and Breakpoint security conferences.
Tags: securitytube , hacking , hackers , information security , convention , computer security , ruxcon-2012 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.