Community finding of malware and exploit vendors on darkweb marketplaces

Ericsson Marin; Mohammed Almukaynizi; Eric Nunes; Paulo Shakarian

doi:10.1109/ICDIS.2018.00019

Community finding of malware and exploit vendors on darkweb marketplaces

Ericsson Marin, Mohammed Almukaynizi, Eric Nunes, Paulo Shakarian

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

15 Scopus citations

Abstract

Many people involved in malicious cyber activity rely on online environments to improve their hacking skills and capabilities, among which, darkweb marketplaces are one of the most prevalent. Vendors advertise and sell their wares worldwide on those markets, generating communities of like-minded individuals focused on sub fields of hacking. As there is no direct communication between vendors in these environments, identifying the communities formed by them becomes challenging; especially with the absence of ground truth knowledge to validate the results. In this paper, we develop a method based on Machine Learning and Social Network Analysis (SNA) to identify and validate communities of malware and exploit vendors, using product offerings in 20 different marketplaces on the darkweb. To validate the viability of our approach, we cross-validate the community assignments of common individuals selling their products on two mutually exclusive sets of marketplaces, demonstrating how the multiplexity of social ties can be used to detect and validate communities of malware and exploit vendors.

Original language	English (US)
Title of host publication	Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	81-84
Number of pages	4
ISBN (Electronic)	9781538657621
DOIs	https://doi.org/10.1109/ICDIS.2018.00019
State	Published - May 25 2018
Event	1st International Conference on Data Intelligence and Security, ICDIS 2018 - South Padre Island, United States Duration: Apr 8 2018 → Apr 10 2018

Other

Other	1st International Conference on Data Intelligence and Security, ICDIS 2018
Country/Territory	United States
City	South Padre Island
Period	4/8/18 → 4/10/18

Keywords

Community Finding
Cybersecurity
Machine Learning
Malware
Social Network Analysis
Vendors

ASJC Scopus subject areas

Artificial Intelligence
Computer Networks and Communications
Safety, Risk, Reliability and Quality

Access to Document

10.1109/ICDIS.2018.00019

Cite this

Community finding of malware and exploit vendors on darkweb marketplaces. / Marin, Ericsson; Almukaynizi, Mohammed; Nunes, Eric et al.
Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018. Institute of Electrical and Electronics Engineers Inc., 2018. p. 81-84.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Marin, E, Almukaynizi, M, Nunes, E & Shakarian, P 2018, Community finding of malware and exploit vendors on darkweb marketplaces. in Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018. Institute of Electrical and Electronics Engineers Inc., pp. 81-84, 1st International Conference on Data Intelligence and Security, ICDIS 2018, South Padre Island, United States, 4/8/18. https://doi.org/10.1109/ICDIS.2018.00019

@inproceedings{78a6b489b42b403698b9480929a860bf,

title = "Community finding of malware and exploit vendors on darkweb marketplaces",

abstract = "Many people involved in malicious cyber activity rely on online environments to improve their hacking skills and capabilities, among which, darkweb marketplaces are one of the most prevalent. Vendors advertise and sell their wares worldwide on those markets, generating communities of like-minded individuals focused on sub fields of hacking. As there is no direct communication between vendors in these environments, identifying the communities formed by them becomes challenging; especially with the absence of ground truth knowledge to validate the results. In this paper, we develop a method based on Machine Learning and Social Network Analysis (SNA) to identify and validate communities of malware and exploit vendors, using product offerings in 20 different marketplaces on the darkweb. To validate the viability of our approach, we cross-validate the community assignments of common individuals selling their products on two mutually exclusive sets of marketplaces, demonstrating how the multiplexity of social ties can be used to detect and validate communities of malware and exploit vendors.",

keywords = "Community Finding, Cybersecurity, Machine Learning, Malware, Social Network Analysis, Vendors",

author = "Ericsson Marin and Mohammed Almukaynizi and Eric Nunes and Paulo Shakarian",

year = "2018",

month = may,

day = "25",

doi = "10.1109/ICDIS.2018.00019",

language = "English (US)",

pages = "81--84",

booktitle = "Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

note = "1st International Conference on Data Intelligence and Security, ICDIS 2018 ; Conference date: 08-04-2018 Through 10-04-2018",

}

TY - GEN

T1 - Community finding of malware and exploit vendors on darkweb marketplaces

AU - Marin, Ericsson

AU - Almukaynizi, Mohammed

AU - Nunes, Eric

AU - Shakarian, Paulo

PY - 2018/5/25

Y1 - 2018/5/25

N2 - Many people involved in malicious cyber activity rely on online environments to improve their hacking skills and capabilities, among which, darkweb marketplaces are one of the most prevalent. Vendors advertise and sell their wares worldwide on those markets, generating communities of like-minded individuals focused on sub fields of hacking. As there is no direct communication between vendors in these environments, identifying the communities formed by them becomes challenging; especially with the absence of ground truth knowledge to validate the results. In this paper, we develop a method based on Machine Learning and Social Network Analysis (SNA) to identify and validate communities of malware and exploit vendors, using product offerings in 20 different marketplaces on the darkweb. To validate the viability of our approach, we cross-validate the community assignments of common individuals selling their products on two mutually exclusive sets of marketplaces, demonstrating how the multiplexity of social ties can be used to detect and validate communities of malware and exploit vendors.

AB - Many people involved in malicious cyber activity rely on online environments to improve their hacking skills and capabilities, among which, darkweb marketplaces are one of the most prevalent. Vendors advertise and sell their wares worldwide on those markets, generating communities of like-minded individuals focused on sub fields of hacking. As there is no direct communication between vendors in these environments, identifying the communities formed by them becomes challenging; especially with the absence of ground truth knowledge to validate the results. In this paper, we develop a method based on Machine Learning and Social Network Analysis (SNA) to identify and validate communities of malware and exploit vendors, using product offerings in 20 different marketplaces on the darkweb. To validate the viability of our approach, we cross-validate the community assignments of common individuals selling their products on two mutually exclusive sets of marketplaces, demonstrating how the multiplexity of social ties can be used to detect and validate communities of malware and exploit vendors.

KW - Community Finding

KW - Cybersecurity

KW - Machine Learning

KW - Malware

KW - Social Network Analysis

KW - Vendors

UR - http://www.scopus.com/inward/record.url?scp=85048519305&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85048519305&partnerID=8YFLogxK

U2 - 10.1109/ICDIS.2018.00019

DO - 10.1109/ICDIS.2018.00019

M3 - Conference contribution

AN - SCOPUS:85048519305

SP - 81

EP - 84

BT - Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 1st International Conference on Data Intelligence and Security, ICDIS 2018

Y2 - 8 April 2018 through 10 April 2018

ER -

Community finding of malware and exploit vendors on darkweb marketplaces

Abstract

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this