Skip to Main content Skip to Navigation
New interface
Conference papers

The Tweet Advantage: An Empirical Analysis of 0-Day Vulnerability Information Shared on Twitter

Abstract : In the last couple of years, the number of software vulnerabilities and corresponding incidents increased significantly. In order to stay up-to-date about these new emerging threats, organizations have demonstrated an increased willingness to exchange information and knowledge about vulnerabilities, threats, incidents and countermeasures. Apart from dedicated sharing platforms or databases, information on vulnerabilities is frequently shared on Twitter and other social media platforms. So far, little is known about the obtainable time advantage of vulnerability information shared on social media platforms. To close this gap, we identified 709,880 relevant Tweets and subsequently analyzed them. We found that information with high relevance for affected organizations is shared on Twitter often long before any official announcement or patch has been made available by vendors. Twitter is used as a crowdsourcing platform by security experts aggregating vulnerability information and referencing a multitude of public available webpages in their Tweets. Vulnerability information shared on Twitter can improve organizations reaction to newly discovered vulnerabilities and therefore help mitigating threats.
Document type :
Conference papers
Complete list of metadata

Cited literature [41 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Thursday, February 21, 2019 - 3:25:51 PM
Last modification on : Thursday, February 21, 2019 - 3:27:37 PM
Long-term archiving on: : Wednesday, May 22, 2019 - 4:28:22 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Clemens Sauerwein, Christian Sillaber, Michael M. Huber, Andrea Mussmann, Ruth Breu. The Tweet Advantage: An Empirical Analysis of 0-Day Vulnerability Information Shared on Twitter. 33th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), Sep 2018, Poznan, Poland. pp.201-215, ⟨10.1007/978-3-319-99828-2_15⟩. ⟨hal-02023722⟩



Record views


Files downloads