You are here
Ohio State Researchers Use Natural Language Processing to Identify Critical Security Vulnerabilities
A team of researchers from Ohio State University, Leidos and the security firm FireEye published a paper last week, describing a system that reads millions of tweets discussing software vulnerabilities and analyzes users' opinions about their severity. The study, which was covered by WIRED, showed users opinions online can provide a reliable early indicator for severe software vulnerabilities that show up later in the National Vulnerability Database, the official database of software vulnerabilities managed by the National Institute of Standards and Technology. The research resulted in a prototype system that acts as an aggregator of fresh information and could one day help security practitioners to stay ahead of adversaries and keep their systems protected.