Examining Hacker Participation Length in Cybercriminal Internet-Relay-Chat Communities

Victor Benjamin, Bin Zhang, Jay F. Nunamaker, Hsinchun Chen

Research output: Contribution to journalArticle

15 Citations (Scopus)

Abstract

To further cybersecurity, there is interest in studying online cybercriminal communities to learn more about emerging cyber threats. Literature documents the existence of many online Internet Relay Chat (IRC) cybercriminal communities where cybercriminals congregate and share hacking tools, malware, and more. However, many cybercriminal community participants appear unskilled and have fleeting interests, making it difficult to detect potential long-term or key participants. This is a challenge for researchers and practitioners to quickly identify cybercriminals that may provide credible threat intelligence. Thus, we propose a computational approach to analyze cybercriminals IRC communities in order to identify potential long-term and key participants. We use the extended Cox model to scrutinize cybercriminal IRC participation for better understanding of behaviors exhibited by cybercriminals of importance. Results indicate that key cybercriminals may be quickly identifiable by assessing the scale of their interaction and networks with other participants.

Original languageEnglish (US)
Pages (from-to)482-510
Number of pages29
JournalJournal of Management Information Systems
Volume33
Issue number2
DOIs
StatePublished - Apr 2 2016

Fingerprint

Internet
World Wide Web
Participation
Threat
Malware
Cox model
Online communities
Interaction

ASJC Scopus subject areas

  • Management Information Systems
  • Computer Science Applications
  • Management Science and Operations Research
  • Information Systems and Management

Cite this

Examining Hacker Participation Length in Cybercriminal Internet-Relay-Chat Communities. / Benjamin, Victor; Zhang, Bin; Nunamaker, Jay F.; Chen, Hsinchun.

In: Journal of Management Information Systems, Vol. 33, No. 2, 02.04.2016, p. 482-510.

Research output: Contribution to journalArticle

Benjamin, Victor ; Zhang, Bin ; Nunamaker, Jay F. ; Chen, Hsinchun. / Examining Hacker Participation Length in Cybercriminal Internet-Relay-Chat Communities. In: Journal of Management Information Systems. 2016 ; Vol. 33, No. 2. pp. 482-510.
@article{e68fefa5ded64e73a5e844b3ed202475,
title = "Examining Hacker Participation Length in Cybercriminal Internet-Relay-Chat Communities",
abstract = "To further cybersecurity, there is interest in studying online cybercriminal communities to learn more about emerging cyber threats. Literature documents the existence of many online Internet Relay Chat (IRC) cybercriminal communities where cybercriminals congregate and share hacking tools, malware, and more. However, many cybercriminal community participants appear unskilled and have fleeting interests, making it difficult to detect potential long-term or key participants. This is a challenge for researchers and practitioners to quickly identify cybercriminals that may provide credible threat intelligence. Thus, we propose a computational approach to analyze cybercriminals IRC communities in order to identify potential long-term and key participants. We use the extended Cox model to scrutinize cybercriminal IRC participation for better understanding of behaviors exhibited by cybercriminals of importance. Results indicate that key cybercriminals may be quickly identifiable by assessing the scale of their interaction and networks with other participants.",
author = "Victor Benjamin and Bin Zhang and Nunamaker, {Jay F.} and Hsinchun Chen",
year = "2016",
month = "4",
day = "2",
doi = "10.1080/07421222.2016.1205918",
language = "English (US)",
volume = "33",
pages = "482--510",
journal = "Journal of Management Information Systems",
issn = "0742-1222",
publisher = "M.E. Sharpe Inc.",
number = "2",

}

TY - JOUR

T1 - Examining Hacker Participation Length in Cybercriminal Internet-Relay-Chat Communities

AU - Benjamin, Victor

AU - Zhang, Bin

AU - Nunamaker, Jay F.

AU - Chen, Hsinchun

PY - 2016/4/2

Y1 - 2016/4/2

N2 - To further cybersecurity, there is interest in studying online cybercriminal communities to learn more about emerging cyber threats. Literature documents the existence of many online Internet Relay Chat (IRC) cybercriminal communities where cybercriminals congregate and share hacking tools, malware, and more. However, many cybercriminal community participants appear unskilled and have fleeting interests, making it difficult to detect potential long-term or key participants. This is a challenge for researchers and practitioners to quickly identify cybercriminals that may provide credible threat intelligence. Thus, we propose a computational approach to analyze cybercriminals IRC communities in order to identify potential long-term and key participants. We use the extended Cox model to scrutinize cybercriminal IRC participation for better understanding of behaviors exhibited by cybercriminals of importance. Results indicate that key cybercriminals may be quickly identifiable by assessing the scale of their interaction and networks with other participants.

AB - To further cybersecurity, there is interest in studying online cybercriminal communities to learn more about emerging cyber threats. Literature documents the existence of many online Internet Relay Chat (IRC) cybercriminal communities where cybercriminals congregate and share hacking tools, malware, and more. However, many cybercriminal community participants appear unskilled and have fleeting interests, making it difficult to detect potential long-term or key participants. This is a challenge for researchers and practitioners to quickly identify cybercriminals that may provide credible threat intelligence. Thus, we propose a computational approach to analyze cybercriminals IRC communities in order to identify potential long-term and key participants. We use the extended Cox model to scrutinize cybercriminal IRC participation for better understanding of behaviors exhibited by cybercriminals of importance. Results indicate that key cybercriminals may be quickly identifiable by assessing the scale of their interaction and networks with other participants.

UR - http://www.scopus.com/inward/record.url?scp=84990909793&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84990909793&partnerID=8YFLogxK

U2 - 10.1080/07421222.2016.1205918

DO - 10.1080/07421222.2016.1205918

M3 - Article

VL - 33

SP - 482

EP - 510

JO - Journal of Management Information Systems

JF - Journal of Management Information Systems

SN - 0742-1222

IS - 2

ER -