OSINT 诊所：共同设计用于漏洞评估的人工智能增强型协作 OSINT 调查

arXiv - CS - Human-Computer Interaction Pub Date : 2024-09-18 DOI:arxiv-2409.11672

Anirban Mukhopadhyay, Kurt Luther

{"title":"OSINT 诊所：共同设计用于漏洞评估的人工智能增强型协作 OSINT 调查","authors":"Anirban Mukhopadhyay, Kurt Luther","doi":"arxiv-2409.11672","DOIUrl":null,"url":null,"abstract":"Small businesses need vulnerability assessments to identify and mitigate\ncyber risks. Cybersecurity clinics provide a solution by offering students\nhands-on experience while delivering free vulnerability assessments to local\norganizations. To scale this model, we propose an Open Source Intelligence\n(OSINT) clinic where students conduct assessments using only publicly available\ndata. We enhance the quality of investigations in the OSINT clinic by\naddressing the technical and collaborative challenges. Over the duration of the\n2023-24 academic year, we conducted a three-phase co-design study with six\nstudents. Our study identified key challenges in the OSINT investigations and\nexplored how generative AI could address these performance gaps. We developed\ndesign ideas for effective AI integration based on the use of AI probes and\ncollaboration platform features. A pilot with three small businesses\nhighlighted both the practical benefits of AI in streamlining investigations,\nand limitations, including privacy concerns and difficulty in monitoring\nprogress.","PeriodicalId":501541,"journal":{"name":"arXiv - CS - Human-Computer Interaction","volume":"20 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-09-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"OSINT Clinic: Co-designing AI-Augmented Collaborative OSINT Investigations for Vulnerability Assessment\",\"authors\":\"Anirban Mukhopadhyay, Kurt Luther\",\"doi\":\"arxiv-2409.11672\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Small businesses need vulnerability assessments to identify and mitigate\\ncyber risks. Cybersecurity clinics provide a solution by offering students\\nhands-on experience while delivering free vulnerability assessments to local\\norganizations. To scale this model, we propose an Open Source Intelligence\\n(OSINT) clinic where students conduct assessments using only publicly available\\ndata. We enhance the quality of investigations in the OSINT clinic by\\naddressing the technical and collaborative challenges. Over the duration of the\\n2023-24 academic year, we conducted a three-phase co-design study with six\\nstudents. Our study identified key challenges in the OSINT investigations and\\nexplored how generative AI could address these performance gaps. We developed\\ndesign ideas for effective AI integration based on the use of AI probes and\\ncollaboration platform features. A pilot with three small businesses\\nhighlighted both the practical benefits of AI in streamlining investigations,\\nand limitations, including privacy concerns and difficulty in monitoring\\nprogress.\",\"PeriodicalId\":501541,\"journal\":{\"name\":\"arXiv - CS - Human-Computer Interaction\",\"volume\":\"20 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-09-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"arXiv - CS - Human-Computer Interaction\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/arxiv-2409.11672\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Human-Computer Interaction","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.11672","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

小型企业需要进行漏洞评估，以识别和降低网络风险。网络安全诊所提供了一种解决方案，在为当地组织提供免费漏洞评估的同时，还为学生提供了实践经验。为了推广这种模式，我们提出了开源情报（Open Source Intelligence，OSINT）诊所，让学生只使用公开数据进行评估。我们通过解决技术和合作方面的挑战来提高 OSINT 诊所的调查质量。在 2023-24 学年期间，我们与六名学生进行了三阶段的共同设计研究。我们的研究确定了 OSINT 调查中的关键挑战，并探索了生成式人工智能如何解决这些性能差距。我们在使用人工智能探针和协作平台功能的基础上，提出了有效整合人工智能的设计思路。在三家小型企业中进行的试点凸显了人工智能在简化调查方面的实际优势和局限性，包括隐私问题和难以监控进展。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

OSINT Clinic: Co-designing AI-Augmented Collaborative OSINT Investigations for Vulnerability Assessment

Small businesses need vulnerability assessments to identify and mitigate cyber risks. Cybersecurity clinics provide a solution by offering students hands-on experience while delivering free vulnerability assessments to local organizations. To scale this model, we propose an Open Source Intelligence (OSINT) clinic where students conduct assessments using only publicly available data. We enhance the quality of investigations in the OSINT clinic by addressing the technical and collaborative challenges. Over the duration of the 2023-24 academic year, we conducted a three-phase co-design study with six students. Our study identified key challenges in the OSINT investigations and explored how generative AI could address these performance gaps. We developed design ideas for effective AI integration based on the use of AI probes and collaboration platform features. A pilot with three small businesses highlighted both the practical benefits of AI in streamlining investigations, and limitations, including privacy concerns and difficulty in monitoring progress.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

arXiv - CS - Human-Computer Interaction

自引率

0.00%

发文量