Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Erschienen in:
Proteus: Detecting Android Emulators from Instruction-Level Profiles Kapitel lesen Erstes Kapitel lesen

2018 | OriginalPaper | Buchkapitel

Characterizing Eve: Analysing Cybercrime Actors in a Large Underground Forum

verfasst von : Sergio Pastrana, Alice Hutchings, Andrew Caines, Paula Buttery

Erschienen in: Research in Attacks, Intrusions, and Defenses

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Underground forums contain many thousands of active users, but the vast majority will be involved, at most, in minor levels of deviance. The number who engage in serious criminal activity is small. That being said, underground forums have played a significant role in several recent high-profile cybercrime activities. In this work we apply data science approaches to understand criminal pathways and characterize key actors related to illegal activity in one of the largest and longest-running underground forums. We combine the results of a logistic regression model with k-means clustering and social network analysis, verifying the findings using topic analysis. We identify variables relating to forum activity that predict the likelihood a user will become an actor of interest to law enforcement, and would therefore benefit the most from intervention. This work provides the first step towards identifying ways to deter the involvement of young people away from a career in cybercrime.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Vorheriges Kapitel Proof-of-Blackouts? How Proof-of-Work Cryptocurrencies Could Affect Power Grids
Nächstes Kapitel SybilBlind: Detecting Fake Users in Online Social Networks Without Manual Labels
Fußnoten
2
We refer to a whole website as a forum, on which pages are set aside for discussion of defined topics in boards, with users participating in conversation threads via individual posts.
 
3
For the sake of visualization, the figure only shows the key actors and their five closest repliers and replied neighbours (filled in green).
 
4
The administrator is a well known actor in Hackforums.
 
5
These thresholds were chosen after exploratory experimentation with the dataset and manually inspecting the results.
 
Literatur
1.
Afroz, S., Garg, V., McCoy, D., Greenstadt, R.: Honor among thieves: a common’s analysis of cybercrime economies. In: eCrime Researchers Summit, pp. 1–11. IEEE (2013)
2.
Allodi, L.: Economic factors of vulnerability trade and exploitation. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security, pp. 1483–1499. ACM (2017)
3.
4.
Antonakakis, M., et al.: Understanding the Mirai Botnet. In: Proceedings of the 26th USENIX Security Symposium, Vancouver, BC, pp. 1093–1110 (2017)
5.
Blei, D.M., Ng, A.Y., Jordan, M.I.: Latent dirichlet allocation. J. Mach. Learn. Res. 3(Jan), 993–1022 (2003)MATH
6.
Caballero, J., Grier, C., Kreibich, C., Paxson, V.: Measuring pay-per-install: the commoditization of malware distribution. In: Proceedings of the 20th USENIX Security Symposium, Berkeley, CA, USA, p. 13 (2011)
7.
Caines, A., Pastrana, S., Hutchings, A., Buttery, P.: Automatically identifying the function and intent of posts in underground forums. (in submission)
8.
Chang, W., Wang, A., Mohaisen, A., Chen, S.: Characterizing botnets-as-a-service. ACM SIGCOMM Comput. Commun. Rev. 44(4), 585–586 (2014)CrossRef
9.
Field, A.: Discovering Statistics Using SPSS, 2nd edn. SAGE Publications, London (2005)MATH
10.
Franklin, J., Paxson, V., Perrig, A., Savage, S.: An inquiry into the nature and causes of the wealth of Internet miscreants. In: Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (2007)
11.
12.
Holt, T.J.: Subcultural evolution? Examining the influence of on- and off-line experiences on deviant subcultures. Deviant Behav. 28(2), 171–198 (2007)CrossRef
13.
Hutchings, A.: Cybercrime trajectories: an integrated theory of initiation, maintenance, and desistance. In: Crime Online: Correlates, Causes, and Context, pp. 117–140. Carolina Academic Press (2016)
14.
Hutchings, A., Clayton, R.: Exploring the provision of online booter services. Deviant Behav. 37(10), 1163–1178 (2016)CrossRef
15.
Hutchings, A., Holt, T.J.: A crime script analysis of the online stolen data market. Br. J. Criminol. 55(3), 596–614 (2015)CrossRef
16.
Karami, M., McCoy, D.: Rent to PWN: analyzing commodity booter DDoS services. Usenix Login 38, 20–23 (2013)
17.
18.
Lusthaus, J., Varese, F.: Offline and local: the hidden face of cybercrime. Polic.: J. Policy Pract. 1–11 (2017). advanced access
19.
Macdonald, M., Frank, R., Mei, J., Monk, B.: Identifying digital threats in a hacker web forum. In: International Conference on Advances in Social Networks Analysis and Mining, pp. 926–933. IEEE/ACM (2015)
20.
Marcus, M.P., Marcinkiewicz, M.A., Santorini, B.: Building a large annotated corpus of English: the penn treebank. Comput. Linguist. 19(2), 313–330 (1993)
21.
22.
Motoyama, M., McCoy, D., Levchenko, K., Savage, S., Voelker, G.M.: An analysis of underground forums. In: Proceedings of the ACM SIGCOMM Conference on Internet Measurement Conference, pp. 71–80 (2011)
23.
24.
Noroozian, A., Korczyński, M., Gañan, C.H., Makita, D., Yoshioka, K., van Eeten, M.: Who gets the boot? Analyzing victimization by DDoS-as-a-service. In: International Symposium on Research in Attacks, Intrusions, and Defenses, pp. 368–389 (2016)
25.
Nunes, E., et al.: Darknet and deepnet mining for proactive cybersecurity threat intelligence. In: Conference on Intelligence and Security Informatics (ISI), pp. 7–12. IEEE (2016)
26.
Overdorf, R., Troncoso, C., Greenstadt, R., McCoy, D.: Under the underground: predicting private interactions in underground forums. arXiv preprint arXiv:​1805.​04494 (2018)
27.
Pastrana, S., Thomas, D.R., Hutchings, A., Clayton, R.: CrimeBB: enabling cybercrime research on underground forums at scale. In: Proceedings of The Web Conference (WWW). ACM (2018)
28.
Portnoff, R.S., et al.: Tools for automated analysis of cybercriminal markets. In: Proceedings of 26th International World Wide Web conference (2017)
29.
Samtani, S., Chinn, R., Chen, H.: Exploring hacker assets in underground forums. In: International Conference on Intelligence and Security Informatics (ISI), pp. 31–36. IEEE (2015)
30.
Sood, A.K., Enbody, R.J.: Crimeware-as-a-service: a survey of commoditized crimeware in the underground market. Int. J. Crit. Infrastruct. Prot. 6(1), 28–38 (2013)CrossRef
31.
Soska, K., Christin, N.: Measuring the longitudinal evolution of the online anonymous marketplace ecosystem. In: Proceedings of the 24th USENIX Security Symposium (2015)
32.
Spärck-Jones, K.: A statistical interpretation of term specificity and its application in retrieval. J. Doc. 28, 11–21 (1972)CrossRef
33.
Sutherland, E.H.: White Collar Crime: The Uncut Version. Yale University Press, New Haven (1949)
34.
35.
Thorndike, R.L.: Who belongs in the family? Psychometrika 18(4), 267–276 (1953)CrossRef
36.
37.
Vold, G.B., Bernard, T.J., Snipes, J.B.: Theoretical Criminology, 5th edn. Oxford University Press, Inc., New York (2002)
38.
Zhang, X., Tsang, A., Yue, W.T., Chau, M.: The classification of hackers by knowledge exchange behaviors. Inf. Syst. Front. 17, 1–13 (2015)CrossRef
Metadaten
Titel
Characterizing Eve: Analysing Cybercrime Actors in a Large Underground Forum
verfasst von
Sergio Pastrana
Alice Hutchings
Andrew Caines
Paula Buttery
Copyright-Jahr
2018
Buch
Research in Attacks, Intrusions, and Defenses

Print ISBN: 978-3-030-00469-9

Electronic ISBN: 978-3-030-00470-5

Copyright-Jahr: 2018

DOI
https://doi.org/10.1007/978-3-030-00470-5_10