OSINT Clinic: Co-designing AI-Augmented Collaborative OSINT Investigations for Vulnerability Assessment

Anirban Mukhopadhyay, Kurt Luther
{"title":"OSINT Clinic: Co-designing AI-Augmented Collaborative OSINT Investigations for Vulnerability Assessment","authors":"Anirban Mukhopadhyay, Kurt Luther","doi":"arxiv-2409.11672","DOIUrl":null,"url":null,"abstract":"Small businesses need vulnerability assessments to identify and mitigate\ncyber risks. Cybersecurity clinics provide a solution by offering students\nhands-on experience while delivering free vulnerability assessments to local\norganizations. To scale this model, we propose an Open Source Intelligence\n(OSINT) clinic where students conduct assessments using only publicly available\ndata. We enhance the quality of investigations in the OSINT clinic by\naddressing the technical and collaborative challenges. Over the duration of the\n2023-24 academic year, we conducted a three-phase co-design study with six\nstudents. Our study identified key challenges in the OSINT investigations and\nexplored how generative AI could address these performance gaps. We developed\ndesign ideas for effective AI integration based on the use of AI probes and\ncollaboration platform features. A pilot with three small businesses\nhighlighted both the practical benefits of AI in streamlining investigations,\nand limitations, including privacy concerns and difficulty in monitoring\nprogress.","PeriodicalId":501541,"journal":{"name":"arXiv - CS - Human-Computer Interaction","volume":"20 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-09-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Human-Computer Interaction","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.11672","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

Abstract

Small businesses need vulnerability assessments to identify and mitigate cyber risks. Cybersecurity clinics provide a solution by offering students hands-on experience while delivering free vulnerability assessments to local organizations. To scale this model, we propose an Open Source Intelligence (OSINT) clinic where students conduct assessments using only publicly available data. We enhance the quality of investigations in the OSINT clinic by addressing the technical and collaborative challenges. Over the duration of the 2023-24 academic year, we conducted a three-phase co-design study with six students. Our study identified key challenges in the OSINT investigations and explored how generative AI could address these performance gaps. We developed design ideas for effective AI integration based on the use of AI probes and collaboration platform features. A pilot with three small businesses highlighted both the practical benefits of AI in streamlining investigations, and limitations, including privacy concerns and difficulty in monitoring progress.
OSINT 诊所:共同设计用于漏洞评估的人工智能增强型协作 OSINT 调查
小型企业需要进行漏洞评估,以识别和降低网络风险。网络安全诊所提供了一种解决方案,在为当地组织提供免费漏洞评估的同时,还为学生提供了实践经验。为了推广这种模式,我们提出了开源情报(Open Source Intelligence,OSINT)诊所,让学生只使用公开数据进行评估。我们通过解决技术和合作方面的挑战来提高 OSINT 诊所的调查质量。在 2023-24 学年期间,我们与六名学生进行了三阶段的共同设计研究。我们的研究确定了 OSINT 调查中的关键挑战,并探索了生成式人工智能如何解决这些性能差距。我们在使用人工智能探针和协作平台功能的基础上,提出了有效整合人工智能的设计思路。在三家小型企业中进行的试点凸显了人工智能在简化调查方面的实际优势和局限性,包括隐私问题和难以监控进展。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信