Mining key-hackers on darkweb forums

Ericsson Marin; Jana Shakarian; Paulo Shakarian

doi:10.1109/ICDIS.2018.00018

Mining key-hackers on darkweb forums

Ericsson Marin, Jana Shakarian, Paulo Shakarian

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

8 Scopus citations

Abstract

Recently, there is an interest in studying cyber crime from a hacker-centric perspective, whose insight is to locate key-hackers and use them to find credible threat intelligence. However, the great majority of users present in hacking environments seem to be unskilled or have fleeting interests, making the identification of key-hackers a complex problem. Moreover, as ground truth information is rare in this context, there is a lack of a method to validate the results. Thus, previous work neglected this validation step or had it done manually-by hiring qualified security specialists. In this work, we address the key-hacker identification problem including a systematic method based on reputation to validate the results. Particularly, we study how three different approaches-content, social network and seniority-based analysis-perform individually and combined to identify key-hackers on darkweb forums, aiming to confirm the following two hypotheses: 1) a hybridization of these approaches tends to produce better results when compared to the individual ones; 2) a model conceived to identify key-hackers in one forum can be generalized to other forums that lack a user reputation system or have a deficient one. We conduct our experiments using a carefully selected set of features, showing how an optimization metaheuristic obtains better performance when compared to machine learning algorithms that attempt to identify key-hackers.

Original language	English (US)
Title of host publication	Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	73-80
Number of pages	8
ISBN (Electronic)	9781538657621
DOIs	https://doi.org/10.1109/ICDIS.2018.00018
State	Published - May 25 2018
Event	1st International Conference on Data Intelligence and Security, ICDIS 2018 - South Padre Island, United States Duration: Apr 8 2018 → Apr 10 2018

Other

Other	1st International Conference on Data Intelligence and Security, ICDIS 2018
Country	United States
City	South Padre Island
Period	4/8/18 → 4/10/18

Keywords

Cybersecurity
Darkweb forums
Key hackers
Machine learning
Optimization
User reputation

ASJC Scopus subject areas

Artificial Intelligence
Computer Networks and Communications
Safety, Risk, Reliability and Quality

Access to Document

10.1109/ICDIS.2018.00018

Fingerprint Dive into the research topics of 'Mining key-hackers on darkweb forums'. Together they form a unique fingerprint.

Cite this

Marin, E., Shakarian, J., & Shakarian, P. (2018). Mining key-hackers on darkweb forums. In Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018 (pp. 73-80). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICDIS.2018.00018

Marin, E, Shakarian, J & Shakarian, P 2018, Mining key-hackers on darkweb forums. in Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018. Institute of Electrical and Electronics Engineers Inc., pp. 73-80, 1st International Conference on Data Intelligence and Security, ICDIS 2018, South Padre Island, United States, 4/8/18. https://doi.org/10.1109/ICDIS.2018.00018

@inproceedings{321c91cefb5441628281cbf8e0d2fee5,

title = "Mining key-hackers on darkweb forums",

abstract = "Recently, there is an interest in studying cyber crime from a hacker-centric perspective, whose insight is to locate key-hackers and use them to find credible threat intelligence. However, the great majority of users present in hacking environments seem to be unskilled or have fleeting interests, making the identification of key-hackers a complex problem. Moreover, as ground truth information is rare in this context, there is a lack of a method to validate the results. Thus, previous work neglected this validation step or had it done manually-by hiring qualified security specialists. In this work, we address the key-hacker identification problem including a systematic method based on reputation to validate the results. Particularly, we study how three different approaches-content, social network and seniority-based analysis-perform individually and combined to identify key-hackers on darkweb forums, aiming to confirm the following two hypotheses: 1) a hybridization of these approaches tends to produce better results when compared to the individual ones; 2) a model conceived to identify key-hackers in one forum can be generalized to other forums that lack a user reputation system or have a deficient one. We conduct our experiments using a carefully selected set of features, showing how an optimization metaheuristic obtains better performance when compared to machine learning algorithms that attempt to identify key-hackers.",

keywords = "Cybersecurity, Darkweb forums, Key hackers, Machine learning, Optimization, User reputation",

author = "Ericsson Marin and Jana Shakarian and Paulo Shakarian",

year = "2018",

month = may,

day = "25",

doi = "10.1109/ICDIS.2018.00018",

language = "English (US)",

pages = "73--80",

booktitle = "Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

note = "1st International Conference on Data Intelligence and Security, ICDIS 2018 ; Conference date: 08-04-2018 Through 10-04-2018",

}

TY - GEN

T1 - Mining key-hackers on darkweb forums

AU - Marin, Ericsson

AU - Shakarian, Jana

AU - Shakarian, Paulo

PY - 2018/5/25

Y1 - 2018/5/25

N2 - Recently, there is an interest in studying cyber crime from a hacker-centric perspective, whose insight is to locate key-hackers and use them to find credible threat intelligence. However, the great majority of users present in hacking environments seem to be unskilled or have fleeting interests, making the identification of key-hackers a complex problem. Moreover, as ground truth information is rare in this context, there is a lack of a method to validate the results. Thus, previous work neglected this validation step or had it done manually-by hiring qualified security specialists. In this work, we address the key-hacker identification problem including a systematic method based on reputation to validate the results. Particularly, we study how three different approaches-content, social network and seniority-based analysis-perform individually and combined to identify key-hackers on darkweb forums, aiming to confirm the following two hypotheses: 1) a hybridization of these approaches tends to produce better results when compared to the individual ones; 2) a model conceived to identify key-hackers in one forum can be generalized to other forums that lack a user reputation system or have a deficient one. We conduct our experiments using a carefully selected set of features, showing how an optimization metaheuristic obtains better performance when compared to machine learning algorithms that attempt to identify key-hackers.

AB - Recently, there is an interest in studying cyber crime from a hacker-centric perspective, whose insight is to locate key-hackers and use them to find credible threat intelligence. However, the great majority of users present in hacking environments seem to be unskilled or have fleeting interests, making the identification of key-hackers a complex problem. Moreover, as ground truth information is rare in this context, there is a lack of a method to validate the results. Thus, previous work neglected this validation step or had it done manually-by hiring qualified security specialists. In this work, we address the key-hacker identification problem including a systematic method based on reputation to validate the results. Particularly, we study how three different approaches-content, social network and seniority-based analysis-perform individually and combined to identify key-hackers on darkweb forums, aiming to confirm the following two hypotheses: 1) a hybridization of these approaches tends to produce better results when compared to the individual ones; 2) a model conceived to identify key-hackers in one forum can be generalized to other forums that lack a user reputation system or have a deficient one. We conduct our experiments using a carefully selected set of features, showing how an optimization metaheuristic obtains better performance when compared to machine learning algorithms that attempt to identify key-hackers.

KW - Cybersecurity

KW - Darkweb forums

KW - Key hackers

KW - Machine learning

KW - Optimization

KW - User reputation

UR - http://www.scopus.com/inward/record.url?scp=85048570527&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85048570527&partnerID=8YFLogxK

U2 - 10.1109/ICDIS.2018.00018

DO - 10.1109/ICDIS.2018.00018

M3 - Conference contribution

AN - SCOPUS:85048570527

SP - 73

EP - 80

BT - Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 1st International Conference on Data Intelligence and Security, ICDIS 2018

Y2 - 8 April 2018 through 10 April 2018

ER -