Open Source Intelligence (OSInt)
OSInt is a program analysis/big data analytics project that aims to gather information about vulnerabilities in third party libraries from various sources on the internet.
Open Source Intelligence (OSInt)
Open Source Intelligence (OSInt)
OSInt is a program analysis/big data analytics project that aims to gather information about vulnerabilities in third party libraries from various sources on the internet.
Project Overview
OSInt is a program analysis/big data analytics project that aims to gather information about vulnerabilities in third party libraries from various sources on the internet, such as the National Vulnerability Database (NVD), GitHub, etc., and transform it into valuable and actionable security intelligence for end users. The project aims to help end users with both identification and remediation of security vulnerabilities.
How it works
OSInt systematically collects and processes (extract, transform and load) large volumes of data, in the range of terabytes, from a variety of sources on the internet to gather relevant and actionable information for end users through building security knowledge base.
Key challenge
Due to the scale at which we operate, keeping up-to-date with the latest changes in libraries is a key challenge. For instance, NVD data feeds are updated approximately every two hours and we have to process this information and update relevant libraries in real-time to reflect the changes.
Principal Investigator
Principal Researcher
Mahin Chandramohan is leading the machine learning efforts in Intelligent Application Security group at Oracle Labs, Australia.
His research areas of interest include:
• Open Source Intelligence (OSINT)
• Threat intelligence
• Malware analysis and binary reverse engineering
• Machine learning for program analysis and bug detection (MLonCode).
Education:
* PhD in Computer Science, Nanyang Technological University, Singapore
* B.Eng. in Computer Engineering, Nanyang Technological University, Singapore