User Role Identification in Software Vulnerability Discussions over Social Networks

Abstract

Understanding and early awareness of software vulnerabilities is vital for preventing and mitigating potential impacts from cybersecurity events. One step toward early characterization of software vulnerabilities may involve analyzing discussion and spread of information in online social networks. Prior work has used information from such discussions over multiple online forums to develop dynamic networks among users followed by analysis of structure, spread, and information evolution. In this work, we advance the state-of-the-art by focusing on data-driven learning of types, roles, and transition of roles exhibited by users over time. In social networks, users take on particular roles based on their actions and structure of the network. Identifying “meaningful” roles can help separate potential users of interest from the larger community, and identify patterns in a network relevant for generating early insights into the extent of software vulnerabilities. We identify and compare roles found in online forums (e.g., Twitter) using feature-based Non-negative Matrix Factorization coupled with topological and influence-based measures of centrality. Since users’ activities change over time, we also analyze role evolution in dynamic networks.