Exploring hackers assets: topics of interest as indicators of compromise

The need to develop actionable intelligence that is proactive is very critical to current security controls and systems. Hackers and hacking techniques continue to grow and become more sophisticated. As such Security teams start to adopt proactive and offensive approaches within hackers' territories. In this scope, we proposed a systematic approach to automatically extract "topics of interest, ToI" from hackers' websites. Those can eventually be used as inputs to actionable security controls or Indicators of Compromise (IOS) collectors. As a showcase, we selected the hackers' news website "CrackingFire". ToI can be integrated into Indicators of Compromise (IoC) and once correlated with other signs of attacks from those IoC will trigger further cybersecurity offense or defense actions. We also developed our own dark web crawler and evaluate extracting ToIs. We observed the types of challenges in both the crawling and the processing stages.

[1]  Joachim Hansen The study of keyword search in open source search engines and digital forensics tools with respect to the needs of cyber crime investigations , 2017 .

[2]  Katrin Franke,et al.  Extracting cyber threat intelligence from hacker forums: Support vector machines versus convolutional neural networks , 2017, 2017 IEEE International Conference on Big Data (Big Data).

[3]  Eunhee Chang,et al.  Prediction Model for Deviant Hacking Behavior and Hacking Type in Hackers Based on Psychological Variable , 2016 .

[4]  Richard Clayton,et al.  CrimeBB: Enabling Cybercrime Research on Underground Forums at Scale , 2018, WWW.

[5]  Cherie Noteboom,et al.  A Systematic Analysis of Patient Portals Adoption, Acceptance and Usage: The Trajectory for Triple Aim? , 2018, HICSS.

[6]  Anindya Datta,et al.  Simultaneously Discovering and Quantifying Risk Types from Textual Risk Disclosures , 2014, Manag. Sci..

[7]  Hsinchun Chen,et al.  Descriptive Analytics: Examining Expert Hackers in Web Forums , 2014, 2014 IEEE Joint Intelligence and Security Informatics Conference.

[8]  Hsinchun Chen,et al.  Exploring hacker assets in underground forums , 2015, 2015 IEEE International Conference on Intelligence and Security Informatics (ISI).

[9]  Prasant Mohapatra,et al.  Game Theoretic Characterization of Collusive Behavior Among Attackers , 2018, IEEE INFOCOM 2018 - IEEE Conference on Computer Communications.

[10]  Jun Liu,et al.  Discovering Design Principles for Health Behavioral Change Support Systems , 2017, ACM Trans. Manag. Inf. Syst..

[11]  Paulo Shakarian,et al.  Early Warnings of Cyber Threats in Online Discussions , 2017, 2017 IEEE International Conference on Data Mining Workshops (ICDMW).

[12]  Michael I. Jordan,et al.  Latent Dirichlet Allocation , 2001, J. Mach. Learn. Res..

[13]  Yong Shi,et al.  The Role of Text Pre-processing in Sentiment Analysis , 2013, ITQM.

[14]  Herbert H. Tsang,et al.  Temporal analysis of radical dark web forum users , 2016, 2016 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM).