Examining Hacker Participation Length in Cybercriminal Internet-Relay-Chat Communities

Victor Benjamin; Bin Zhang; Jay F. Nunamaker; Hsinchun Chen

doi:10.1080/07421222.2016.1205918

Examining Hacker Participation Length in Cybercriminal Internet-Relay-Chat Communities

Victor Benjamin, Bin Zhang, Jay F. Nunamaker, Hsinchun Chen

WPC: Information Systems

Research output: Contribution to journal › Article

15 Citations (Scopus)

Abstract

To further cybersecurity, there is interest in studying online cybercriminal communities to learn more about emerging cyber threats. Literature documents the existence of many online Internet Relay Chat (IRC) cybercriminal communities where cybercriminals congregate and share hacking tools, malware, and more. However, many cybercriminal community participants appear unskilled and have fleeting interests, making it difficult to detect potential long-term or key participants. This is a challenge for researchers and practitioners to quickly identify cybercriminals that may provide credible threat intelligence. Thus, we propose a computational approach to analyze cybercriminals IRC communities in order to identify potential long-term and key participants. We use the extended Cox model to scrutinize cybercriminal IRC participation for better understanding of behaviors exhibited by cybercriminals of importance. Results indicate that key cybercriminals may be quickly identifiable by assessing the scale of their interaction and networks with other participants.

Original language	English (US)
Pages (from-to)	482-510
Number of pages	29
Journal	Journal of Management Information Systems
Volume	33
Issue number	2
DOIs	https://doi.org/10.1080/07421222.2016.1205918
State	Published - Apr 2 2016

Fingerprint

Internet

World Wide Web

Participation

Threat

Malware

Cox model

Online communities

Interaction

ASJC Scopus subject areas

Management Information Systems
Computer Science Applications
Management Science and Operations Research
Information Systems and Management

Cite this

Benjamin, V., Zhang, B., Nunamaker, J. F., & Chen, H. (2016). Examining Hacker Participation Length in Cybercriminal Internet-Relay-Chat Communities. Journal of Management Information Systems, 33(2), 482-510. https://doi.org/10.1080/07421222.2016.1205918

Examining Hacker Participation Length in Cybercriminal Internet-Relay-Chat Communities. / Benjamin, Victor; Zhang, Bin; Nunamaker, Jay F.; Chen, Hsinchun.

In: Journal of Management Information Systems, Vol. 33, No. 2, 02.04.2016, p. 482-510.

Research output: Contribution to journal › Article

Benjamin, V, Zhang, B, Nunamaker, JF & Chen, H 2016, 'Examining Hacker Participation Length in Cybercriminal Internet-Relay-Chat Communities', Journal of Management Information Systems, vol. 33, no. 2, pp. 482-510. https://doi.org/10.1080/07421222.2016.1205918

Benjamin V, Zhang B, Nunamaker JF, Chen H. Examining Hacker Participation Length in Cybercriminal Internet-Relay-Chat Communities. Journal of Management Information Systems. 2016 Apr 2;33(2):482-510. https://doi.org/10.1080/07421222.2016.1205918

Benjamin, Victor ; Zhang, Bin ; Nunamaker, Jay F. ; Chen, Hsinchun. / Examining Hacker Participation Length in Cybercriminal Internet-Relay-Chat Communities. In: Journal of Management Information Systems. 2016 ; Vol. 33, No. 2. pp. 482-510.

@article{e68fefa5ded64e73a5e844b3ed202475,

title = "Examining Hacker Participation Length in Cybercriminal Internet-Relay-Chat Communities",

abstract = "To further cybersecurity, there is interest in studying online cybercriminal communities to learn more about emerging cyber threats. Literature documents the existence of many online Internet Relay Chat (IRC) cybercriminal communities where cybercriminals congregate and share hacking tools, malware, and more. However, many cybercriminal community participants appear unskilled and have fleeting interests, making it difficult to detect potential long-term or key participants. This is a challenge for researchers and practitioners to quickly identify cybercriminals that may provide credible threat intelligence. Thus, we propose a computational approach to analyze cybercriminals IRC communities in order to identify potential long-term and key participants. We use the extended Cox model to scrutinize cybercriminal IRC participation for better understanding of behaviors exhibited by cybercriminals of importance. Results indicate that key cybercriminals may be quickly identifiable by assessing the scale of their interaction and networks with other participants.",

author = "Victor Benjamin and Bin Zhang and Nunamaker, {Jay F.} and Hsinchun Chen",

year = "2016",

month = "4",

day = "2",

doi = "10.1080/07421222.2016.1205918",

language = "English (US)",

volume = "33",

pages = "482--510",

journal = "Journal of Management Information Systems",

issn = "0742-1222",

publisher = "M.E. Sharpe Inc.",

number = "2",

}

TY - JOUR

T1 - Examining Hacker Participation Length in Cybercriminal Internet-Relay-Chat Communities

AU - Benjamin, Victor

AU - Zhang, Bin

AU - Nunamaker, Jay F.

AU - Chen, Hsinchun

PY - 2016/4/2

Y1 - 2016/4/2

N2 - To further cybersecurity, there is interest in studying online cybercriminal communities to learn more about emerging cyber threats. Literature documents the existence of many online Internet Relay Chat (IRC) cybercriminal communities where cybercriminals congregate and share hacking tools, malware, and more. However, many cybercriminal community participants appear unskilled and have fleeting interests, making it difficult to detect potential long-term or key participants. This is a challenge for researchers and practitioners to quickly identify cybercriminals that may provide credible threat intelligence. Thus, we propose a computational approach to analyze cybercriminals IRC communities in order to identify potential long-term and key participants. We use the extended Cox model to scrutinize cybercriminal IRC participation for better understanding of behaviors exhibited by cybercriminals of importance. Results indicate that key cybercriminals may be quickly identifiable by assessing the scale of their interaction and networks with other participants.

AB - To further cybersecurity, there is interest in studying online cybercriminal communities to learn more about emerging cyber threats. Literature documents the existence of many online Internet Relay Chat (IRC) cybercriminal communities where cybercriminals congregate and share hacking tools, malware, and more. However, many cybercriminal community participants appear unskilled and have fleeting interests, making it difficult to detect potential long-term or key participants. This is a challenge for researchers and practitioners to quickly identify cybercriminals that may provide credible threat intelligence. Thus, we propose a computational approach to analyze cybercriminals IRC communities in order to identify potential long-term and key participants. We use the extended Cox model to scrutinize cybercriminal IRC participation for better understanding of behaviors exhibited by cybercriminals of importance. Results indicate that key cybercriminals may be quickly identifiable by assessing the scale of their interaction and networks with other participants.

UR - http://www.scopus.com/inward/record.url?scp=84990909793&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84990909793&partnerID=8YFLogxK

U2 - 10.1080/07421222.2016.1205918

DO - 10.1080/07421222.2016.1205918

M3 - Article

VL - 33

SP - 482

EP - 510

JO - Journal of Management Information Systems

JF - Journal of Management Information Systems

SN - 0742-1222

IS - 2

ER -

Access to Document

10.1080/07421222.2016.1205918