A DECEPTICON and AUTOBOT walk into a bar: Python for enhanced OPSEC
2020-09-04, 16:30–17:10, Main stream

When we see the terms Natural Language Processing (NLP) or Machine Learning (ML), often, our guts are correct, and it is vendor marketing material, frequently containing FUD. As someone who unapologetically loses their mind at vendor FUD and buzzword bingo, I was reluctant to use those terms in a submission. After tinkering with various libraries in Python and R with the use of some OSINT and SOCMINT techniques, I have found a use for NLP and ML that is 100% FUD free.

Topics that I have frequently spoken about in past years is disinformation, deception, OSINT, and OPSEC in a framework I often call DECEPTICON. When working through learning NLP and ML in Python, it dawned on me: marry these technologies with DECEPTICON for good. Enter the DECEPTICON bot. The DECEPTICON bot is a python-based tool that connects to social media via APIs to read posts/tweets to determine patterns of posting intervals and content then takes over to autonomously post for the user. What is the application you ask: people who are trying to enhance their OPSEC and abandon social media accounts that have been targeted without setting off alarms to their adversaries. Use case scenarios include public figures, executives, and, most importantly – domestic violence and trafficking victims.


Abstract:
When we see the terms Natural Language Processing (NLP) or Machine Learning (ML), often, our guts are correct, and it is vendor marketing material, frequently containing FUD. After tinkering with various libraries in Python and R with the use of some OSINT and SOCMINT techniques, I have found a use for NLP and ML that is 100% FUD free.

Topics that I have frequently spoken about in past years is disinformation, deception, OSINT, and OPSEC in a framework I often call DECEPTICON. When working through learning NLP and ML in Python, it dawned on me: marry these technologies with DECEPTICON for good. Enter the DECEPTICON bot. The DECEPTICON bot is a python* based tool that connects to social media via APIs to read posts/tweets to determine patterns of posting intervals and content then takes over to autonomously post for the user. What is the application you ask: people who are trying to enhance their OPSEC and abandon social media accounts that have been targeted without setting off alarms to their adversaries. Use case scenarios include public figures, executives, and, most importantly – domestic violence and trafficking victims.

Outline:

  • Intro (1:00)
  • Basis for Research (3:00)
    • Why the initial research?
    • Preconceived notions
  • Crash Course into Infosec BS Buzzword Bingo (7:00)
    • OSINT
    • SOCMINT
    • Machine Learning
    • Natural Language Processing
  • Existing “Iterations” (10:00)
    • Marketing
    • SEO
    • Government
    • Sentiment Analysis
    • OSINT
  • The idea of incorporating with DECEPTICON (15:00)
    • Overview of DECEPTICON
    • Limitations
    • Use cases
  • The process of writing the code for the tool (20:00)
    • My python and R competencies starting out
    • Books used
    • Tools built along the way
    • Realization of outcome of initial preconceived notions
  • Beginning of implementation for test run (23:00)
    • Methods for determining frequency of:
      • Posting/Tweeting (Macro level; days, weeks, months)
      • Posting/Tweeting (Micro level; frequency of posts during times posted)
      • Sentiment of posts
      • Grammar and spelling rhythm and heuristics
      • Topics posted about
      • Locations Checked into
  • Failures and causes (25:00)
    • Instances where algorithms or learning techniques were wrong
    • Instances where the learning was improperly monitored
    • Instances where dataset was too large or too small (overfitting or underfitting)
  • Refinement process (33:00)
    • Changes to design where applicable
  • Accounts used (35:00)
    • Explanation of metrics and design for test account
  • Code and Demo (37:00)
    • Demo
  • Questions (40:00)