Cyber Sentinel: Real-Time Monitoring and Reporting of Cybersecurity Incidents in West Virginia
The Project
The digital landscape is rapidly evolving, and with it, the frequency and complexity of cyber incidents such as ransomware attacks are increasing. While major events often make national headlines, numerous local incidents go underreported or unnoticed. This project aims to bridge this information gap by meticulously tracking and reporting cyber incidents and activities at the grassroots level in West Virginia. By leveraging a combination of digital news feeds, social media monitoring, and advanced data scraping techniques, the project will create a comprehensive, real-time news feed specifically tailored to cybersecurity events within the state. This initiative is not just about gathering information; it's about enhancing local awareness, preparedness, and response to cyber threats.
Major Steps
- Development of a Composite RSS Feed:
- Aggregate RSS feeds from various West Virginia news outlets.
- Implement advanced filtering algorithms to exclude non-local content.
- Integrate a keyword-based search mechanism focusing on cyber-related terms to refine the feed into a dedicated Cyber News Stream.
- Cybersecurity and Tech News Integration:
- Curate a specialized feed from prominent cybersecurity and technology news sources, applying filters to highlight content related to West Virginia.
- Integrate this feed with the existing West Virginia Cyber News Stream for a more comprehensive coverage.
- Social Media Monitoring:
- Employ social media listening tools across platforms like Facebook, Twitter, Reddit, and local online forums to capture real-time discussions and reports on cyber incidents.
- Utilize natural language processing (NLP) techniques to filter and validate relevant content.
- Merge these insights with the West Virginia Cyber News Stream, ensuring a broad spectrum of sources.
- Expansion to Non-RSS Capable Sources:
- Research and deploy web scraping technologies to extract information from West Virginia news outlets lacking RSS capabilities.
- Apply similar filtering and keyword search strategies as in step 1.
- Incorporate this data into the main Cyber News Stream, enriching the feed with otherwise inaccessible local content.
- Continuous Improvement and Community Engagement:
- Regularly update and refine keyword lists and filtering algorithms to keep pace with the evolving nature of cyber threats and terminology.
- Engage with local cybersecurity experts, organizations, and the public to gather feedback and ensure the news feed remains relevant and useful.
- Explore partnerships with local educational institutions and cybersecurity groups to foster a collaborative approach to cyber awareness and education.
Current Progress
- Creation of Initial Aggregate RSS Feed: Utilizing Node-RED and Full-Text RSS, the initial aggregate RSS feed has been successfully established.
- Transition from RSS-Bridge to Java for Processing: Initially, RSS-Bridge was employed for article filtering. However, given the XML nature of RSS feeds, a shift was made to Java for more efficient conversion of these feeds into processable objects.
- Local Search Implementation: A developing set of criteria is being used for local searches. This process is streamlined once the feeds are downloaded and amalgamated.
- Handling Summary-Only Feeds: Certain feeds provide only summaries. In these cases, a Docker instance of Full-Text RSS is deployed to retrieve full article texts, enhancing the feed's comprehensiveness. Alternative scraping solutions are being considered for these specific RSS providers.
- Content Filtering Strategy: Gradual implementation of filters is underway to exclude non-relevant content such as national and international news, sports, obituaries, and sponsored material. The objective is to focus on local relevance and minimize storage use.
- Expansion of West Virginia News Feed: Scrapers have been deployed for West Virginia news sites lacking native RSS, using techniques like Xpath, CSS, and sitemaps to extract articles. Most of these sites are now included, except for Java-heavy TV news stations, which pose additional challenges.
- Current Status: The result is a hyper-local West Virginia cyber news feed, alongside an unexpected byproduct – a general West Virginia news feed, stripped of typical national news content. While there's room for improvement, significant progress has been made in the project's first phase.
Overall, the project is progressing well with foundational elements in place, and efforts are ongoing to refine the feeds and enhance the relevance and quality of the gathered information.