Exploring Emerging Hacker Assets and Key Hackers for Proactive Cyber Threat Intelligence

Sagar Samtani, Ryan Chinn, Hsinchun Chen, Jay F Nunamaker

Research output: Contribution to journalArticle

14 Scopus citations

Abstract

Cyber attacks cost the global economy approximately $445 billion per year. To mitigate attacks, many companies rely on cyber threat intelligence (CTI), or threat intelligence related to computers, networks, and information technology (IT). However, CTI traditionally analyzes attacks after they have already happened, resulting in reactive advice. While useful, researchers and practitioners have been seeking to develop proactive CTI by better understanding the threats present in hacker communities. This study contributes a novel CTI framework by leveraging an automated and principled web, data, and text mining approach to collect and analyze vast amounts of malicious hacker tools directly from large, international underground hacker communities. By using this framework, we identified many freely available malicious assets such as crypters, keyloggers, web, and database exploits. Some of these tools may have been the cause of recent breaches against organizations such as the Office of Personnel Management (OPM). The study contributes to our understanding and practice of the timely proactive identification of cyber threats.

Original languageEnglish (US)
Pages (from-to)1023-1053
Number of pages31
JournalJournal of Management Information Systems
Volume34
Issue number4
DOIs
Publication statusPublished - Oct 2 2017

    Fingerprint

ASJC Scopus subject areas

  • Management Information Systems
  • Computer Science Applications
  • Management Science and Operations Research
  • Information Systems and Management

Cite this