City Research Online

Follow the blue bird: A study on threat data published on Twitter

Alves, F., Andongabo, A, Gashi, I. ORCID: 0000-0002-8017-3184 , Ferreira, P. M. & Bessani, A. (2020). Follow the blue bird: A study on threat data published on Twitter. Paper presented at the 25th European Symposium on Research in Computer Security (ESORICS) 2020, 14-18 Sep 2020, Guildford, UK.


Open Source Intelligence (OSINT) has taken the interest of cybersecurity practitioners due to its completeness and timeliness. In particular, Twitter has proven to be a discussion hub regarding the latest vulnerabilities and exploits. In this paper, we present a study comparing vulnerability databases between themselves and against Twitter. Although there is evidence of OSINT advantages, no methodological studies have addressed the quality and benefits of the sources available. We compare the publishing dates of more than nine-thousand vulnerabilities in the sources considered. We show that NVD is not the most timely or the most complete vulnerability database, that Twitter provides timely and impactful security alerts, that using diverse OSINT sources provides better completeness and timeliness of vulnerabilities, and provide insights on how to capture cybersecurity-relevant tweets.

Publication Type: Conference or Workshop Item (Paper)
Additional Information: The final authenticated version will be available online at
Publisher Keywords: OSINT, Twitter, Vulnerabilities
Subjects: H Social Sciences > HM Sociology
Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Departments: School of Science & Technology > Computer Science > Software Reliability
[thumbnail of CameraReady.pdf]
Text - Accepted Version
Download (314kB) | Preview


Add to AnyAdd to TwitterAdd to FacebookAdd to LinkedinAdd to PinterestAdd to Email


Downloads per month over past year

View more statistics

Actions (login required)

Admin Login Admin Login