An Open Source Intelligence (OSINT) Framework for Online Investigations

Abstract

Cybersecurity is an immense issue nowadays because of the damaging consequences instigated by cyber-attacks which could lead to the outflow of classified documents, infrastructure breakdown and revenues deficit. It is therefore important for security analysts to remain vigilant about every kind of security threat, by getting all relevant information about the latest patches, attacks, vulnerabilities, exploits, and security newsfeeds. They can also collect and manage Open Source Intelligence (OSINT) from numerous publicly available sources such as websites, forums, social media including resources available only on DeepWeb and DarkWeb.

In a broad perspective, the challenge is to discover chunks of information which could then be organized, integrated and examined. It is nonetheless a time-consuming task, which does not always guarantee to discover relevant information, besides having challenges concerning to the volume and verification of information. So to decrease the amount of information and subsequent time, there are various tools, techniques and frameworks which in conjunction with gathering OSINT can also process to filter significant parts of information. In this thesis, such frameworks will be reviewed, based on which a pre-configured virtual machine will be created from the perspective of conducting online investigations.