Forecasting cyber threats through the text mining analysis of political news and security logs

Abstract

According to the Jan. 18, 2018, security news article, “Political and diplomatic situations have begun to flood cyberspace”, cyber-threat acts by Russia and North Korea have soared significantly since 2017, indicating that hackers have taken advantage of geopolitical tensions. In other words, the number of attacks by hackers involving political and diplomatic situations has increased; to prove this phenomenon, we extracted keywords that have appeared in a number of political articles published in the central newspapers of the nation. In addition, by analyzing the relationship between political issues and security attacks through text mining analysis of political news, including the log data of typical security equipment – DDoS and IPS equipment – we were able to analyze and even predict cyberattacks based on these results. Consequently, we have found a link between certain keywords and some attacks, and based on these analyses, we want to derive a proactive response through forecasting a growing number of cyberattacks in the event of similar social issues. In particular, as security threats have characterized an increasing trend of intelligent cyberattacks against specific targets, an effective preemptive defense system can be constructed by seeking ways to enhance the security capabilities of these targets.