Automated Framework for Scalable Collection and Intelligent Analytics of Hacker IRC Information

Jiakai Yu; Cihan Tunc; Salim A Hariri

doi:10.1109/ICCAC.2016.10

Automated Framework for Scalable Collection and Intelligent Analytics of Hacker IRC Information

Jiakai Yu, Cihan Tunc, Salim A Hariri

Electrical and Computer Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

5 Scopus citations

Abstract

Cyber security is a challenging research problem especially when one considers exponential growth in information technologies. Most previous cyber security research have generally centered on securing and protecting physical resources (computers, network devices, and mobile platforms), protocols and applications. However, little work has focused on the human side and behavior, what motivates cyber attackers to launch attacks, their goals, and where they get their hacking and attacking tools. In this paper, we present an automated approach to collect information about hackers, and attempt to understand their behaviors and goals. Internet Relay Chat (IRC) forums have been widely used by hackers to exchange data, tools and train new novice hackers. We present our approach to implement an automated framework that uses several bots to collect IRC messages from malicious forums and analyze them. A resilient botnet mechanism is utilized to ensure complete IRC data collection. In addition, we present an intelligent hacking language module based on Stanford CoreNLP to analyze hacker activity. Our experimental results show that our botnets can be used to effectively monitor, analyze, and predict hacker activities and goals.

Original language	English (US)
Title of host publication	Proceedings - 2016 International Conference on Cloud and Autonomic Computing, ICCAC 2016: Co-located with the 10th IEEE International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2016
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	33-39
Number of pages	7
ISBN (Electronic)	9781509035366
DOIs	https://doi.org/10.1109/ICCAC.2016.10
State	Published - Dec 5 2016
Event	2016 International Conference on Cloud and Autonomic Computing, ICCAC 2016 - Augsburg, Germany Duration: Sep 12 2016 → Sep 16 2016

Other

Other	2016 International Conference on Cloud and Autonomic Computing, ICCAC 2016
Country	Germany
City	Augsburg
Period	9/12/16 → 9/16/16

Keywords

cyber security
hacker analysis
Internet Relay Chat (IRC)
Stanford CoreNLP

ASJC Scopus subject areas

Artificial Intelligence
Computer Networks and Communications

Access to Document

10.1109/ICCAC.2016.10

Fingerprint Dive into the research topics of 'Automated Framework for Scalable Collection and Intelligent Analytics of Hacker IRC Information'. Together they form a unique fingerprint.

Cite this

Yu, J., Tunc, C., & Hariri, S. A. (2016). Automated Framework for Scalable Collection and Intelligent Analytics of Hacker IRC Information. In Proceedings - 2016 International Conference on Cloud and Autonomic Computing, ICCAC 2016: Co-located with the 10th IEEE International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2016 (pp. 33-39). [7774958] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICCAC.2016.10

Automated Framework for Scalable Collection and Intelligent Analytics of Hacker IRC Information. / Yu, Jiakai; Tunc, Cihan; Hariri, Salim A.

Proceedings - 2016 International Conference on Cloud and Autonomic Computing, ICCAC 2016: Co-located with the 10th IEEE International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2016. Institute of Electrical and Electronics Engineers Inc., 2016. p. 33-39 7774958.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Yu, J, Tunc, C & Hariri, SA 2016, Automated Framework for Scalable Collection and Intelligent Analytics of Hacker IRC Information. in Proceedings - 2016 International Conference on Cloud and Autonomic Computing, ICCAC 2016: Co-located with the 10th IEEE International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2016., 7774958, Institute of Electrical and Electronics Engineers Inc., pp. 33-39, 2016 International Conference on Cloud and Autonomic Computing, ICCAC 2016, Augsburg, Germany, 9/12/16. https://doi.org/10.1109/ICCAC.2016.10

Yu J, Tunc C, Hariri SA. Automated Framework for Scalable Collection and Intelligent Analytics of Hacker IRC Information. In Proceedings - 2016 International Conference on Cloud and Autonomic Computing, ICCAC 2016: Co-located with the 10th IEEE International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2016. Institute of Electrical and Electronics Engineers Inc. 2016. p. 33-39. 7774958 https://doi.org/10.1109/ICCAC.2016.10

Yu, Jiakai ; Tunc, Cihan ; Hariri, Salim A. / Automated Framework for Scalable Collection and Intelligent Analytics of Hacker IRC Information. Proceedings - 2016 International Conference on Cloud and Autonomic Computing, ICCAC 2016: Co-located with the 10th IEEE International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2016. Institute of Electrical and Electronics Engineers Inc., 2016. pp. 33-39

@inproceedings{dde3d527f2bf46f1bbc0cc4362576a0d,

title = "Automated Framework for Scalable Collection and Intelligent Analytics of Hacker IRC Information",

abstract = "Cyber security is a challenging research problem especially when one considers exponential growth in information technologies. Most previous cyber security research have generally centered on securing and protecting physical resources (computers, network devices, and mobile platforms), protocols and applications. However, little work has focused on the human side and behavior, what motivates cyber attackers to launch attacks, their goals, and where they get their hacking and attacking tools. In this paper, we present an automated approach to collect information about hackers, and attempt to understand their behaviors and goals. Internet Relay Chat (IRC) forums have been widely used by hackers to exchange data, tools and train new novice hackers. We present our approach to implement an automated framework that uses several bots to collect IRC messages from malicious forums and analyze them. A resilient botnet mechanism is utilized to ensure complete IRC data collection. In addition, we present an intelligent hacking language module based on Stanford CoreNLP to analyze hacker activity. Our experimental results show that our botnets can be used to effectively monitor, analyze, and predict hacker activities and goals.",

keywords = "cyber security, hacker analysis, Internet Relay Chat (IRC), Stanford CoreNLP",

author = "Jiakai Yu and Cihan Tunc and Hariri, {Salim A}",

year = "2016",

month = dec,

day = "5",

doi = "10.1109/ICCAC.2016.10",

language = "English (US)",

pages = "33--39",

booktitle = "Proceedings - 2016 International Conference on Cloud and Autonomic Computing, ICCAC 2016: Co-located with the 10th IEEE International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2016",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

address = "United States",

note = "2016 International Conference on Cloud and Autonomic Computing, ICCAC 2016 ; Conference date: 12-09-2016 Through 16-09-2016",

}

TY - GEN

T1 - Automated Framework for Scalable Collection and Intelligent Analytics of Hacker IRC Information

AU - Yu, Jiakai

AU - Tunc, Cihan

AU - Hariri, Salim A

PY - 2016/12/5

Y1 - 2016/12/5

N2 - Cyber security is a challenging research problem especially when one considers exponential growth in information technologies. Most previous cyber security research have generally centered on securing and protecting physical resources (computers, network devices, and mobile platforms), protocols and applications. However, little work has focused on the human side and behavior, what motivates cyber attackers to launch attacks, their goals, and where they get their hacking and attacking tools. In this paper, we present an automated approach to collect information about hackers, and attempt to understand their behaviors and goals. Internet Relay Chat (IRC) forums have been widely used by hackers to exchange data, tools and train new novice hackers. We present our approach to implement an automated framework that uses several bots to collect IRC messages from malicious forums and analyze them. A resilient botnet mechanism is utilized to ensure complete IRC data collection. In addition, we present an intelligent hacking language module based on Stanford CoreNLP to analyze hacker activity. Our experimental results show that our botnets can be used to effectively monitor, analyze, and predict hacker activities and goals.

AB - Cyber security is a challenging research problem especially when one considers exponential growth in information technologies. Most previous cyber security research have generally centered on securing and protecting physical resources (computers, network devices, and mobile platforms), protocols and applications. However, little work has focused on the human side and behavior, what motivates cyber attackers to launch attacks, their goals, and where they get their hacking and attacking tools. In this paper, we present an automated approach to collect information about hackers, and attempt to understand their behaviors and goals. Internet Relay Chat (IRC) forums have been widely used by hackers to exchange data, tools and train new novice hackers. We present our approach to implement an automated framework that uses several bots to collect IRC messages from malicious forums and analyze them. A resilient botnet mechanism is utilized to ensure complete IRC data collection. In addition, we present an intelligent hacking language module based on Stanford CoreNLP to analyze hacker activity. Our experimental results show that our botnets can be used to effectively monitor, analyze, and predict hacker activities and goals.

KW - cyber security

KW - hacker analysis

KW - Internet Relay Chat (IRC)

KW - Stanford CoreNLP

UR - http://www.scopus.com/inward/record.url?scp=85010469747&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85010469747&partnerID=8YFLogxK

U2 - 10.1109/ICCAC.2016.10

DO - 10.1109/ICCAC.2016.10

M3 - Conference contribution

AN - SCOPUS:85010469747

SP - 33

EP - 39

BT - Proceedings - 2016 International Conference on Cloud and Autonomic Computing, ICCAC 2016: Co-located with the 10th IEEE International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2016

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2016 International Conference on Cloud and Autonomic Computing, ICCAC 2016

Y2 - 12 September 2016 through 16 September 2016

ER -