Skip to content


Mining and Visualizing YouTube Metadata for Threat Models

For several years I’ve been working on ways to pull metadata from online video viewers into threat models. In terms of early-warning systems or general trends, metadata may be a useful input on what people are learning and thinking about.

Here’s a recent example of a relationship model between viewers that I just noticed:

A 3D map (from a company so clever they have managed to present software advertisements as legitimate TED talks) indicates that self-reporting young viewers care more about sewage and energy than they care about food or recycling.

The graph also suggests video viewers who self-identify as women watch videos on food rather than energy and sewage. Put young viewers and women viewers together and you have a viewing group that cares very little about energy technology.

I recommend you watch the video. However, I ask that you please first setup an account with false gender to poison their data. No don’t do that. Yes, do…no don’t.

Actually what the TED talk reveals, if you will allow me to get meta for a minute, is that TED talks often are about a narrow band of topics despite claiming to host a variety of presenters. Agenda? There seem to be extremely few outliers or innovative subjects, according to the visualization. Perhaps this is a result of how the visual was created — categories of talks were a little too broad. For example, if you present a TED talk on password management and sharks and I present on reversing hardware and sharks, that’s both just interest in nature, right?

The visualization obscures many of the assumptions made by those who painted it. And because it is a TED talk we give up 7 minutes of our lives yet never get details below the surface. Nonetheless, this type of analysis and visualization is where we all are going. Below is an example from one of my past presentations, where I discussed capturing and showing high-level video metadata on attack types and specific vulnerabilities/tools. If you are not doing it already, you may want to think about this type of input when discussing threat models.

Here I show the highest concentrations of people in the world who are watching video tutorials on how to use SQL injection:

Posted in Energy, Food, Security.


0 Responses

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.



Some HTML is OK

or, reply to this post via trackback.