Abstract

Many people involved in malicious cyber activity rely on online environments to improve their hacking skills and capabilities, among which, darkweb marketplaces are one of the most prevalent. Vendors advertise and sell their wares worldwide on those markets, generating communities of like-minded individuals focused on sub fields of hacking. As there is no direct communication between vendors in these environments, identifying the communities formed by them becomes challenging; especially with the absence of ground truth knowledge to validate the results. In this paper, we develop a method based on Machine Learning and Social Network Analysis (SNA) to identify and validate communities of malware and exploit vendors, using product offerings in 20 different marketplaces on the darkweb. To validate the viability of our approach, we cross-validate the community assignments of common individuals selling their products on two mutually exclusive sets of marketplaces, demonstrating how the multiplexity of social ties can be used to detect and validate communities of malware and exploit vendors.

Original languageEnglish (US)
Title of host publicationProceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages81-84
Number of pages4
ISBN (Electronic)9781538657621
DOIs
StatePublished - May 25 2018
Event1st International Conference on Data Intelligence and Security, ICDIS 2018 - South Padre Island, United States
Duration: Apr 8 2018Apr 10 2018

Other

Other1st International Conference on Data Intelligence and Security, ICDIS 2018
CountryUnited States
CitySouth Padre Island
Period4/8/184/10/18

Fingerprint

Electric network analysis
Learning systems
Sales
Communication
Malware

Keywords

  • Community Finding
  • Cybersecurity
  • Machine Learning
  • Malware
  • Social Network Analysis
  • Vendors

ASJC Scopus subject areas

  • Artificial Intelligence
  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality

Cite this

Marin, E., Almukaynizi, M., Nunes, E., & Shakarian, P. (2018). Community finding of malware and exploit vendors on darkweb marketplaces. In Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018 (pp. 81-84). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICDIS.2018.00019

Community finding of malware and exploit vendors on darkweb marketplaces. / Marin, Ericsson; Almukaynizi, Mohammed; Nunes, Eric; Shakarian, Paulo.

Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018. Institute of Electrical and Electronics Engineers Inc., 2018. p. 81-84.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Marin, E, Almukaynizi, M, Nunes, E & Shakarian, P 2018, Community finding of malware and exploit vendors on darkweb marketplaces. in Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018. Institute of Electrical and Electronics Engineers Inc., pp. 81-84, 1st International Conference on Data Intelligence and Security, ICDIS 2018, South Padre Island, United States, 4/8/18. https://doi.org/10.1109/ICDIS.2018.00019
Marin E, Almukaynizi M, Nunes E, Shakarian P. Community finding of malware and exploit vendors on darkweb marketplaces. In Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018. Institute of Electrical and Electronics Engineers Inc. 2018. p. 81-84 https://doi.org/10.1109/ICDIS.2018.00019
Marin, Ericsson ; Almukaynizi, Mohammed ; Nunes, Eric ; Shakarian, Paulo. / Community finding of malware and exploit vendors on darkweb marketplaces. Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018. Institute of Electrical and Electronics Engineers Inc., 2018. pp. 81-84
@inproceedings{78a6b489b42b403698b9480929a860bf,
title = "Community finding of malware and exploit vendors on darkweb marketplaces",
abstract = "Many people involved in malicious cyber activity rely on online environments to improve their hacking skills and capabilities, among which, darkweb marketplaces are one of the most prevalent. Vendors advertise and sell their wares worldwide on those markets, generating communities of like-minded individuals focused on sub fields of hacking. As there is no direct communication between vendors in these environments, identifying the communities formed by them becomes challenging; especially with the absence of ground truth knowledge to validate the results. In this paper, we develop a method based on Machine Learning and Social Network Analysis (SNA) to identify and validate communities of malware and exploit vendors, using product offerings in 20 different marketplaces on the darkweb. To validate the viability of our approach, we cross-validate the community assignments of common individuals selling their products on two mutually exclusive sets of marketplaces, demonstrating how the multiplexity of social ties can be used to detect and validate communities of malware and exploit vendors.",
keywords = "Community Finding, Cybersecurity, Machine Learning, Malware, Social Network Analysis, Vendors",
author = "Ericsson Marin and Mohammed Almukaynizi and Eric Nunes and Paulo Shakarian",
year = "2018",
month = "5",
day = "25",
doi = "10.1109/ICDIS.2018.00019",
language = "English (US)",
pages = "81--84",
booktitle = "Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - Community finding of malware and exploit vendors on darkweb marketplaces

AU - Marin, Ericsson

AU - Almukaynizi, Mohammed

AU - Nunes, Eric

AU - Shakarian, Paulo

PY - 2018/5/25

Y1 - 2018/5/25

N2 - Many people involved in malicious cyber activity rely on online environments to improve their hacking skills and capabilities, among which, darkweb marketplaces are one of the most prevalent. Vendors advertise and sell their wares worldwide on those markets, generating communities of like-minded individuals focused on sub fields of hacking. As there is no direct communication between vendors in these environments, identifying the communities formed by them becomes challenging; especially with the absence of ground truth knowledge to validate the results. In this paper, we develop a method based on Machine Learning and Social Network Analysis (SNA) to identify and validate communities of malware and exploit vendors, using product offerings in 20 different marketplaces on the darkweb. To validate the viability of our approach, we cross-validate the community assignments of common individuals selling their products on two mutually exclusive sets of marketplaces, demonstrating how the multiplexity of social ties can be used to detect and validate communities of malware and exploit vendors.

AB - Many people involved in malicious cyber activity rely on online environments to improve their hacking skills and capabilities, among which, darkweb marketplaces are one of the most prevalent. Vendors advertise and sell their wares worldwide on those markets, generating communities of like-minded individuals focused on sub fields of hacking. As there is no direct communication between vendors in these environments, identifying the communities formed by them becomes challenging; especially with the absence of ground truth knowledge to validate the results. In this paper, we develop a method based on Machine Learning and Social Network Analysis (SNA) to identify and validate communities of malware and exploit vendors, using product offerings in 20 different marketplaces on the darkweb. To validate the viability of our approach, we cross-validate the community assignments of common individuals selling their products on two mutually exclusive sets of marketplaces, demonstrating how the multiplexity of social ties can be used to detect and validate communities of malware and exploit vendors.

KW - Community Finding

KW - Cybersecurity

KW - Machine Learning

KW - Malware

KW - Social Network Analysis

KW - Vendors

UR - http://www.scopus.com/inward/record.url?scp=85048519305&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85048519305&partnerID=8YFLogxK

U2 - 10.1109/ICDIS.2018.00019

DO - 10.1109/ICDIS.2018.00019

M3 - Conference contribution

AN - SCOPUS:85048519305

SP - 81

EP - 84

BT - Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018

PB - Institute of Electrical and Electronics Engineers Inc.

ER -