Descriptive analytics: Examining expert hackers in web forums

Ahmed Abbasi, Weifeng Li, Victor Benjamin, Shiyu Hu, Hsinchun Chen

Research output: Chapter in Book/Report/Conference proceedingConference contribution

25 Citations (Scopus)

Abstract

In recent years, understanding the people behind cybercrime from a hacker-centric perspective has drawn increased attention. Preliminary exploration in online hacker social dynamics has found that hackers extensively exchange information with others in online communities, including vulnerabilities, stolen data, etc. However, there is a lack of research that explores automated identification and characterization of expert hackers within online communities. In this research, we identify expert hackers and characterize their specialties by devising a scalable and generalizable framework leveraging two categories of features to analyze hacker forum content. The framework encompasses text analytics for key hacker identification and analysis. In the Text Analytics module, we employ an interaction coherence analysis (ICA) framework, to extract interactions among the users in hacker communities as topological feature. In Expert Identification & Analysis, we characterize each hacker with content features extracted with lexicon matching and structural features from the ICA component. Results reveal an interaction network and content-based clustering of key actors within the studied hacker community. Our project contributes to both social media analytics and cybersecurity research as we provide a complete analytical framework to analyze the key hackers from both an interaction network perspective and discussion content perspective. This framework can benefit cyber security researchers and practitioners by offering an inclusive angle for analyzing hacker social dynamics.

Original languageEnglish (US)
Title of host publicationProceedings - 2014 IEEE Joint Intelligence and Security Informatics Conference, JISIC 2014
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages56-63
Number of pages8
ISBN (Print)9781479963645
DOIs
StatePublished - Dec 4 2014
Event2014 IEEE Joint Intelligence and Security Informatics Conference, JISIC 2014 - The Hague, Netherlands
Duration: Sep 24 2014Sep 26 2014

Other

Other2014 IEEE Joint Intelligence and Security Informatics Conference, JISIC 2014
CountryNetherlands
CityThe Hague
Period9/24/149/26/14

Keywords

  • cybersecurity
  • expert hacker
  • hacker forum
  • social media analytics
  • user generated content

ASJC Scopus subject areas

  • Artificial Intelligence
  • Information Systems
  • Software

Cite this

Abbasi, A., Li, W., Benjamin, V., Hu, S., & Chen, H. (2014). Descriptive analytics: Examining expert hackers in web forums. In Proceedings - 2014 IEEE Joint Intelligence and Security Informatics Conference, JISIC 2014 (pp. 56-63). [6975554] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/JISIC.2014.18

Descriptive analytics : Examining expert hackers in web forums. / Abbasi, Ahmed; Li, Weifeng; Benjamin, Victor; Hu, Shiyu; Chen, Hsinchun.

Proceedings - 2014 IEEE Joint Intelligence and Security Informatics Conference, JISIC 2014. Institute of Electrical and Electronics Engineers Inc., 2014. p. 56-63 6975554.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abbasi, A, Li, W, Benjamin, V, Hu, S & Chen, H 2014, Descriptive analytics: Examining expert hackers in web forums. in Proceedings - 2014 IEEE Joint Intelligence and Security Informatics Conference, JISIC 2014., 6975554, Institute of Electrical and Electronics Engineers Inc., pp. 56-63, 2014 IEEE Joint Intelligence and Security Informatics Conference, JISIC 2014, The Hague, Netherlands, 9/24/14. https://doi.org/10.1109/JISIC.2014.18
Abbasi A, Li W, Benjamin V, Hu S, Chen H. Descriptive analytics: Examining expert hackers in web forums. In Proceedings - 2014 IEEE Joint Intelligence and Security Informatics Conference, JISIC 2014. Institute of Electrical and Electronics Engineers Inc. 2014. p. 56-63. 6975554 https://doi.org/10.1109/JISIC.2014.18
Abbasi, Ahmed ; Li, Weifeng ; Benjamin, Victor ; Hu, Shiyu ; Chen, Hsinchun. / Descriptive analytics : Examining expert hackers in web forums. Proceedings - 2014 IEEE Joint Intelligence and Security Informatics Conference, JISIC 2014. Institute of Electrical and Electronics Engineers Inc., 2014. pp. 56-63
@inproceedings{ced0ee98da5a467fa1fcca1384db821f,
title = "Descriptive analytics: Examining expert hackers in web forums",
abstract = "In recent years, understanding the people behind cybercrime from a hacker-centric perspective has drawn increased attention. Preliminary exploration in online hacker social dynamics has found that hackers extensively exchange information with others in online communities, including vulnerabilities, stolen data, etc. However, there is a lack of research that explores automated identification and characterization of expert hackers within online communities. In this research, we identify expert hackers and characterize their specialties by devising a scalable and generalizable framework leveraging two categories of features to analyze hacker forum content. The framework encompasses text analytics for key hacker identification and analysis. In the Text Analytics module, we employ an interaction coherence analysis (ICA) framework, to extract interactions among the users in hacker communities as topological feature. In Expert Identification & Analysis, we characterize each hacker with content features extracted with lexicon matching and structural features from the ICA component. Results reveal an interaction network and content-based clustering of key actors within the studied hacker community. Our project contributes to both social media analytics and cybersecurity research as we provide a complete analytical framework to analyze the key hackers from both an interaction network perspective and discussion content perspective. This framework can benefit cyber security researchers and practitioners by offering an inclusive angle for analyzing hacker social dynamics.",
keywords = "cybersecurity, expert hacker, hacker forum, social media analytics, user generated content",
author = "Ahmed Abbasi and Weifeng Li and Victor Benjamin and Shiyu Hu and Hsinchun Chen",
year = "2014",
month = "12",
day = "4",
doi = "10.1109/JISIC.2014.18",
language = "English (US)",
isbn = "9781479963645",
pages = "56--63",
booktitle = "Proceedings - 2014 IEEE Joint Intelligence and Security Informatics Conference, JISIC 2014",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - Descriptive analytics

T2 - Examining expert hackers in web forums

AU - Abbasi, Ahmed

AU - Li, Weifeng

AU - Benjamin, Victor

AU - Hu, Shiyu

AU - Chen, Hsinchun

PY - 2014/12/4

Y1 - 2014/12/4

N2 - In recent years, understanding the people behind cybercrime from a hacker-centric perspective has drawn increased attention. Preliminary exploration in online hacker social dynamics has found that hackers extensively exchange information with others in online communities, including vulnerabilities, stolen data, etc. However, there is a lack of research that explores automated identification and characterization of expert hackers within online communities. In this research, we identify expert hackers and characterize their specialties by devising a scalable and generalizable framework leveraging two categories of features to analyze hacker forum content. The framework encompasses text analytics for key hacker identification and analysis. In the Text Analytics module, we employ an interaction coherence analysis (ICA) framework, to extract interactions among the users in hacker communities as topological feature. In Expert Identification & Analysis, we characterize each hacker with content features extracted with lexicon matching and structural features from the ICA component. Results reveal an interaction network and content-based clustering of key actors within the studied hacker community. Our project contributes to both social media analytics and cybersecurity research as we provide a complete analytical framework to analyze the key hackers from both an interaction network perspective and discussion content perspective. This framework can benefit cyber security researchers and practitioners by offering an inclusive angle for analyzing hacker social dynamics.

AB - In recent years, understanding the people behind cybercrime from a hacker-centric perspective has drawn increased attention. Preliminary exploration in online hacker social dynamics has found that hackers extensively exchange information with others in online communities, including vulnerabilities, stolen data, etc. However, there is a lack of research that explores automated identification and characterization of expert hackers within online communities. In this research, we identify expert hackers and characterize their specialties by devising a scalable and generalizable framework leveraging two categories of features to analyze hacker forum content. The framework encompasses text analytics for key hacker identification and analysis. In the Text Analytics module, we employ an interaction coherence analysis (ICA) framework, to extract interactions among the users in hacker communities as topological feature. In Expert Identification & Analysis, we characterize each hacker with content features extracted with lexicon matching and structural features from the ICA component. Results reveal an interaction network and content-based clustering of key actors within the studied hacker community. Our project contributes to both social media analytics and cybersecurity research as we provide a complete analytical framework to analyze the key hackers from both an interaction network perspective and discussion content perspective. This framework can benefit cyber security researchers and practitioners by offering an inclusive angle for analyzing hacker social dynamics.

KW - cybersecurity

KW - expert hacker

KW - hacker forum

KW - social media analytics

KW - user generated content

UR - http://www.scopus.com/inward/record.url?scp=84920273620&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84920273620&partnerID=8YFLogxK

U2 - 10.1109/JISIC.2014.18

DO - 10.1109/JISIC.2014.18

M3 - Conference contribution

AN - SCOPUS:84920273620

SN - 9781479963645

SP - 56

EP - 63

BT - Proceedings - 2014 IEEE Joint Intelligence and Security Informatics Conference, JISIC 2014

PB - Institute of Electrical and Electronics Engineers Inc.

ER -