Targeting key data breach services in underground supply chain

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Over the past decade, a growing body of cybercriminals have founded an underground supply chain to facilitate data breaches, leading to the leak of personal information for hundreds of millions of individuals. As many service providers in the supply chain are rippers, cybercriminals tend to rely on a few key services. Identifying key services is of great interest to both cybersecurity researchers and practitioners. This study presents a text-mining framework for identifying key data breach services based on analysis of service reviews. The framework includes crawlers with counter anti-crawling measures, text preprocessing, and supervised topic models. In our experiment, more than 70% of the key services were identified by our framework.

Original languageEnglish (US)
Title of host publicationIEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages322-324
Number of pages3
ISBN (Electronic)9781509038657
DOIs
StatePublished - Nov 15 2016
Event14th IEEE International Conference on Intelligence and Security Informatics, ISI 2015 - Tucson, United States
Duration: Sep 28 2016Sep 30 2016

Other

Other14th IEEE International Conference on Intelligence and Security Informatics, ISI 2015
CountryUnited States
CityTucson
Period9/28/169/30/16

Fingerprint

Supply chains
Experiments
Supply chain
Targeting
Breach

Keywords

  • data breach
  • hacker forum
  • key services
  • text mining
  • underground economy

ASJC Scopus subject areas

  • Information Systems
  • Artificial Intelligence
  • Computer Networks and Communications
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality

Cite this

Li, W., Yin, J., & Chen, H. (2016). Targeting key data breach services in underground supply chain. In IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016 (pp. 322-324). [7745501] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ISI.2016.7745501

Targeting key data breach services in underground supply chain. / Li, Weifeng; Yin, Junming; Chen, Hsinchun.

IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016. Institute of Electrical and Electronics Engineers Inc., 2016. p. 322-324 7745501.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Li, W, Yin, J & Chen, H 2016, Targeting key data breach services in underground supply chain. in IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016., 7745501, Institute of Electrical and Electronics Engineers Inc., pp. 322-324, 14th IEEE International Conference on Intelligence and Security Informatics, ISI 2015, Tucson, United States, 9/28/16. https://doi.org/10.1109/ISI.2016.7745501
Li W, Yin J, Chen H. Targeting key data breach services in underground supply chain. In IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016. Institute of Electrical and Electronics Engineers Inc. 2016. p. 322-324. 7745501 https://doi.org/10.1109/ISI.2016.7745501
Li, Weifeng ; Yin, Junming ; Chen, Hsinchun. / Targeting key data breach services in underground supply chain. IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016. Institute of Electrical and Electronics Engineers Inc., 2016. pp. 322-324
@inproceedings{8777c2446e384dfb9145bda37aa7b60f,
title = "Targeting key data breach services in underground supply chain",
abstract = "Over the past decade, a growing body of cybercriminals have founded an underground supply chain to facilitate data breaches, leading to the leak of personal information for hundreds of millions of individuals. As many service providers in the supply chain are rippers, cybercriminals tend to rely on a few key services. Identifying key services is of great interest to both cybersecurity researchers and practitioners. This study presents a text-mining framework for identifying key data breach services based on analysis of service reviews. The framework includes crawlers with counter anti-crawling measures, text preprocessing, and supervised topic models. In our experiment, more than 70{\%} of the key services were identified by our framework.",
keywords = "data breach, hacker forum, key services, text mining, underground economy",
author = "Weifeng Li and Junming Yin and Hsinchun Chen",
year = "2016",
month = "11",
day = "15",
doi = "10.1109/ISI.2016.7745501",
language = "English (US)",
pages = "322--324",
booktitle = "IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
address = "United States",

}

TY - GEN

T1 - Targeting key data breach services in underground supply chain

AU - Li, Weifeng

AU - Yin, Junming

AU - Chen, Hsinchun

PY - 2016/11/15

Y1 - 2016/11/15

N2 - Over the past decade, a growing body of cybercriminals have founded an underground supply chain to facilitate data breaches, leading to the leak of personal information for hundreds of millions of individuals. As many service providers in the supply chain are rippers, cybercriminals tend to rely on a few key services. Identifying key services is of great interest to both cybersecurity researchers and practitioners. This study presents a text-mining framework for identifying key data breach services based on analysis of service reviews. The framework includes crawlers with counter anti-crawling measures, text preprocessing, and supervised topic models. In our experiment, more than 70% of the key services were identified by our framework.

AB - Over the past decade, a growing body of cybercriminals have founded an underground supply chain to facilitate data breaches, leading to the leak of personal information for hundreds of millions of individuals. As many service providers in the supply chain are rippers, cybercriminals tend to rely on a few key services. Identifying key services is of great interest to both cybersecurity researchers and practitioners. This study presents a text-mining framework for identifying key data breach services based on analysis of service reviews. The framework includes crawlers with counter anti-crawling measures, text preprocessing, and supervised topic models. In our experiment, more than 70% of the key services were identified by our framework.

KW - data breach

KW - hacker forum

KW - key services

KW - text mining

KW - underground economy

UR - http://www.scopus.com/inward/record.url?scp=85004129053&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85004129053&partnerID=8YFLogxK

U2 - 10.1109/ISI.2016.7745501

DO - 10.1109/ISI.2016.7745501

M3 - Conference contribution

AN - SCOPUS:85004129053

SP - 322

EP - 324

BT - IEEE International Conference on Intelligence and Security Informatics: Cybersecurity and Big Data, ISI 2016

PB - Institute of Electrical and Electronics Engineers Inc.

ER -