TY - GEN
T1 - Automated Framework for Scalable Collection and Intelligent Analytics of Hacker IRC Information
AU - Yu, Jiakai
AU - Tunc, Cihan
AU - Hariri, Salim
N1 - Funding Information:
This work was supported by the National Science Foundation under Grant No. SES-1314631 and also under Grant No. DUE-1303362.
PY - 2016/12/5
Y1 - 2016/12/5
N2 - Cyber security is a challenging research problem especially when one considers exponential growth in information technologies. Most previous cyber security research have generally centered on securing and protecting physical resources (computers, network devices, and mobile platforms), protocols and applications. However, little work has focused on the human side and behavior, what motivates cyber attackers to launch attacks, their goals, and where they get their hacking and attacking tools. In this paper, we present an automated approach to collect information about hackers, and attempt to understand their behaviors and goals. Internet Relay Chat (IRC) forums have been widely used by hackers to exchange data, tools and train new novice hackers. We present our approach to implement an automated framework that uses several bots to collect IRC messages from malicious forums and analyze them. A resilient botnet mechanism is utilized to ensure complete IRC data collection. In addition, we present an intelligent hacking language module based on Stanford CoreNLP to analyze hacker activity. Our experimental results show that our botnets can be used to effectively monitor, analyze, and predict hacker activities and goals.
AB - Cyber security is a challenging research problem especially when one considers exponential growth in information technologies. Most previous cyber security research have generally centered on securing and protecting physical resources (computers, network devices, and mobile platforms), protocols and applications. However, little work has focused on the human side and behavior, what motivates cyber attackers to launch attacks, their goals, and where they get their hacking and attacking tools. In this paper, we present an automated approach to collect information about hackers, and attempt to understand their behaviors and goals. Internet Relay Chat (IRC) forums have been widely used by hackers to exchange data, tools and train new novice hackers. We present our approach to implement an automated framework that uses several bots to collect IRC messages from malicious forums and analyze them. A resilient botnet mechanism is utilized to ensure complete IRC data collection. In addition, we present an intelligent hacking language module based on Stanford CoreNLP to analyze hacker activity. Our experimental results show that our botnets can be used to effectively monitor, analyze, and predict hacker activities and goals.
KW - Internet Relay Chat (IRC)
KW - Stanford CoreNLP
KW - cyber security
KW - hacker analysis
UR - http://www.scopus.com/inward/record.url?scp=85010469747&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85010469747&partnerID=8YFLogxK
U2 - 10.1109/ICCAC.2016.10
DO - 10.1109/ICCAC.2016.10
M3 - Conference contribution
AN - SCOPUS:85010469747
T3 - Proceedings - 2016 International Conference on Cloud and Autonomic Computing, ICCAC 2016: Co-located with the 10th IEEE International Conference on Self-Adaptive and Self-Organizing Systems, SASO 2016
SP - 33
EP - 39
BT - Proceedings - 2016 International Conference on Cloud and Autonomic Computing, ICCAC 2016
A2 - Gupta, Indranil
A2 - Diao, Yixin
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2016 International Conference on Cloud and Autonomic Computing, ICCAC 2016
Y2 - 12 September 2016 through 16 September 2016
ER -