Abstract

Recently, there is an interest in studying cyber crime from a hacker-centric perspective, whose insight is to locate key-hackers and use them to find credible threat intelligence. However, the great majority of users present in hacking environments seem to be unskilled or have fleeting interests, making the identification of key-hackers a complex problem. Moreover, as ground truth information is rare in this context, there is a lack of a method to validate the results. Thus, previous work neglected this validation step or had it done manually-by hiring qualified security specialists. In this work, we address the key-hacker identification problem including a systematic method based on reputation to validate the results. Particularly, we study how three different approaches-content, social network and seniority-based analysis-perform individually and combined to identify key-hackers on darkweb forums, aiming to confirm the following two hypotheses: 1) a hybridization of these approaches tends to produce better results when compared to the individual ones; 2) a model conceived to identify key-hackers in one forum can be generalized to other forums that lack a user reputation system or have a deficient one. We conduct our experiments using a carefully selected set of features, showing how an optimization metaheuristic obtains better performance when compared to machine learning algorithms that attempt to identify key-hackers.

Original languageEnglish (US)
Title of host publicationProceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages73-80
Number of pages8
ISBN (Electronic)9781538657621
DOIs
StatePublished - May 25 2018
Event1st International Conference on Data Intelligence and Security, ICDIS 2018 - South Padre Island, United States
Duration: Apr 8 2018Apr 10 2018

Other

Other1st International Conference on Data Intelligence and Security, ICDIS 2018
CountryUnited States
CitySouth Padre Island
Period4/8/184/10/18

Fingerprint

Crime
Learning algorithms
Learning systems
Experiments

Keywords

  • Cybersecurity
  • Darkweb forums
  • Key hackers
  • Machine learning
  • Optimization
  • User reputation

ASJC Scopus subject areas

  • Artificial Intelligence
  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality

Cite this

Marin, E., Shakarian, J., & Shakarian, P. (2018). Mining key-hackers on darkweb forums. In Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018 (pp. 73-80). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICDIS.2018.00018

Mining key-hackers on darkweb forums. / Marin, Ericsson; Shakarian, Jana; Shakarian, Paulo.

Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018. Institute of Electrical and Electronics Engineers Inc., 2018. p. 73-80.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Marin, E, Shakarian, J & Shakarian, P 2018, Mining key-hackers on darkweb forums. in Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018. Institute of Electrical and Electronics Engineers Inc., pp. 73-80, 1st International Conference on Data Intelligence and Security, ICDIS 2018, South Padre Island, United States, 4/8/18. https://doi.org/10.1109/ICDIS.2018.00018
Marin E, Shakarian J, Shakarian P. Mining key-hackers on darkweb forums. In Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018. Institute of Electrical and Electronics Engineers Inc. 2018. p. 73-80 https://doi.org/10.1109/ICDIS.2018.00018
Marin, Ericsson ; Shakarian, Jana ; Shakarian, Paulo. / Mining key-hackers on darkweb forums. Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018. Institute of Electrical and Electronics Engineers Inc., 2018. pp. 73-80
@inproceedings{321c91cefb5441628281cbf8e0d2fee5,
title = "Mining key-hackers on darkweb forums",
abstract = "Recently, there is an interest in studying cyber crime from a hacker-centric perspective, whose insight is to locate key-hackers and use them to find credible threat intelligence. However, the great majority of users present in hacking environments seem to be unskilled or have fleeting interests, making the identification of key-hackers a complex problem. Moreover, as ground truth information is rare in this context, there is a lack of a method to validate the results. Thus, previous work neglected this validation step or had it done manually-by hiring qualified security specialists. In this work, we address the key-hacker identification problem including a systematic method based on reputation to validate the results. Particularly, we study how three different approaches-content, social network and seniority-based analysis-perform individually and combined to identify key-hackers on darkweb forums, aiming to confirm the following two hypotheses: 1) a hybridization of these approaches tends to produce better results when compared to the individual ones; 2) a model conceived to identify key-hackers in one forum can be generalized to other forums that lack a user reputation system or have a deficient one. We conduct our experiments using a carefully selected set of features, showing how an optimization metaheuristic obtains better performance when compared to machine learning algorithms that attempt to identify key-hackers.",
keywords = "Cybersecurity, Darkweb forums, Key hackers, Machine learning, Optimization, User reputation",
author = "Ericsson Marin and Jana Shakarian and Paulo Shakarian",
year = "2018",
month = "5",
day = "25",
doi = "10.1109/ICDIS.2018.00018",
language = "English (US)",
pages = "73--80",
booktitle = "Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - Mining key-hackers on darkweb forums

AU - Marin, Ericsson

AU - Shakarian, Jana

AU - Shakarian, Paulo

PY - 2018/5/25

Y1 - 2018/5/25

N2 - Recently, there is an interest in studying cyber crime from a hacker-centric perspective, whose insight is to locate key-hackers and use them to find credible threat intelligence. However, the great majority of users present in hacking environments seem to be unskilled or have fleeting interests, making the identification of key-hackers a complex problem. Moreover, as ground truth information is rare in this context, there is a lack of a method to validate the results. Thus, previous work neglected this validation step or had it done manually-by hiring qualified security specialists. In this work, we address the key-hacker identification problem including a systematic method based on reputation to validate the results. Particularly, we study how three different approaches-content, social network and seniority-based analysis-perform individually and combined to identify key-hackers on darkweb forums, aiming to confirm the following two hypotheses: 1) a hybridization of these approaches tends to produce better results when compared to the individual ones; 2) a model conceived to identify key-hackers in one forum can be generalized to other forums that lack a user reputation system or have a deficient one. We conduct our experiments using a carefully selected set of features, showing how an optimization metaheuristic obtains better performance when compared to machine learning algorithms that attempt to identify key-hackers.

AB - Recently, there is an interest in studying cyber crime from a hacker-centric perspective, whose insight is to locate key-hackers and use them to find credible threat intelligence. However, the great majority of users present in hacking environments seem to be unskilled or have fleeting interests, making the identification of key-hackers a complex problem. Moreover, as ground truth information is rare in this context, there is a lack of a method to validate the results. Thus, previous work neglected this validation step or had it done manually-by hiring qualified security specialists. In this work, we address the key-hacker identification problem including a systematic method based on reputation to validate the results. Particularly, we study how three different approaches-content, social network and seniority-based analysis-perform individually and combined to identify key-hackers on darkweb forums, aiming to confirm the following two hypotheses: 1) a hybridization of these approaches tends to produce better results when compared to the individual ones; 2) a model conceived to identify key-hackers in one forum can be generalized to other forums that lack a user reputation system or have a deficient one. We conduct our experiments using a carefully selected set of features, showing how an optimization metaheuristic obtains better performance when compared to machine learning algorithms that attempt to identify key-hackers.

KW - Cybersecurity

KW - Darkweb forums

KW - Key hackers

KW - Machine learning

KW - Optimization

KW - User reputation

UR - http://www.scopus.com/inward/record.url?scp=85048570527&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85048570527&partnerID=8YFLogxK

U2 - 10.1109/ICDIS.2018.00018

DO - 10.1109/ICDIS.2018.00018

M3 - Conference contribution

AN - SCOPUS:85048570527

SP - 73

EP - 80

BT - Proceedings - 2018 1st International Conference on Data Intelligence and Security, ICDIS 2018

PB - Institute of Electrical and Electronics Engineers Inc.

ER -