Social Network Analysis of a Criminal Hacker Community

Computer crime hackers have been identified as a primary threat to computer systems, users, and organizations. Much extant research on hackers is conducted from a technical perspective and at an individual level of analysis. This research empirically examines the social organization of a hacker community by analyzing one network called Shadowcrew. The social network structure of this infamous hacker group is established using social networking methods for text mining and network analysis. Analysis of relationships among hackers shows a decentralized network structure. Leaders are identified using four actor centrality measures (degree, betweenness, closeness, and eigenvector) and found to be more involved in thirteen smaller sub-groups. Based on our social network analysis, Shadowcrew exhibits the characteristics of deviant team organization structure.

[1]  Rossouw von Solms,et al.  Information security awareness: educating your users effectively , 1998, Inf. Manag. Comput. Secur..

[2]  Jeffrey M. Stanton,et al.  Behavioral Information Security: Two End User Survey Studies of Motivation and Security Practices , 2004, AMCIS.

[3]  T. Holt,et al.  Hacks, cracks, and crime: an examination of the subculture and social organization of computer hackers , 2005 .

[4]  R. Merton Social Theory and Social Structure , 1958 .

[5]  Karen A. Forcht,et al.  Computer Security Management , 1993 .

[6]  Lloyd E. Ohlin,et al.  Delinquency And Opportunity , 1960 .

[7]  Robert Krovetz,et al.  Word sense disambiguation for large text databases , 1996 .

[8]  John Liederbach,et al.  Digital Crime and Digital Terrorism , 2005 .

[9]  Steven Furnell,et al.  Cybercrime: Vandalizing the Information Society , 2003, ICWE.

[10]  A. Adam Whatever happened to information systems ethics? Caught between the devil and the deep blue sea , 2004 .

[11]  Detmar W. Straub,et al.  Coping With Systems Risk: Security Planning Models for Management Decision Making , 1998, MIS Q..

[12]  Atreyi Kankanhalli,et al.  Studying users' computer security behavior: A health belief perspective , 2009, Decis. Support Syst..

[13]  Joel Best,et al.  The Social Organization of Deviants , 1980 .

[14]  Adam LeBrocq Style Guide for the Journal of the Association for Information Systems , 2022 .

[15]  David L. Hicks,et al.  A data mining approach to intelligence operations , 2008, SPIE Defense + Commercial Sensing.

[16]  P. Bonacich Factoring and weighting approaches to status scores and clique identification , 1972 .

[17]  Bernardo Magnini,et al.  A WordNet-Based Approach to Named Entites Recognition , 2022 .

[18]  Merrill Warkentin,et al.  Fear Appeals and Information Security Behaviors: An Empirical Study , 2010, MIS Q..

[19]  Il-Chul Moon,et al.  ORA User's Guide 2007 , 2007 .

[20]  Varvara Mitliaga,et al.  Networks and Netwars - The Future of Terror, Crime, and Militancy , 2002, Int. J. Law Inf. Technol..

[21]  Paul A. Taylor,et al.  Hackers: Crime in the Digital Sublime , 1999 .

[22]  Kathleen M. Carley,et al.  Toward an interoperable dynamic network analysis toolkit , 2007, Decis. Support Syst..

[23]  Albert-László Barabási,et al.  Error and attack tolerance of complex networks , 2000, Nature.

[24]  Kathleen M. Carley,et al.  Revealing Social Structure from Texts: Meta-Matrix Text Analysis as a Novel Method for Network Text Analysis , 2005 .

[25]  Hsinchun Chen,et al.  Criminal network analysis and visualization , 2005, CACM.

[26]  Kathleen M. Carley,et al.  Dynamic Social Network Modeling and Analysis: Workshop Summary and Papers , 2004 .

[27]  Gordon R Meyer,et al.  The Social Organization of the Computer Underground , 1989 .

[28]  Stanley Wasserman,et al.  Social Network Analysis: Methods and Applications , 1994, Structural analysis in the social sciences.

[29]  Douglas Thomas Hacker Culture , 2002 .

[30]  Jennifer Jie Xu,et al.  Mining communities and their relationships in blogs: A study of online hate groups , 2007, Int. J. Hum. Comput. Stud..

[31]  Kathleen M. Carley Coding Choices for Textual Analysis: A Comparison of Content Analysis and Map Analysis , 1993 .

[32]  Laura J Kleen Malicious Hackers: A Framework for Analysis and Case Study , 2012 .

[33]  Detmar W. Straub,et al.  Effective IS Security: An Empirical Study , 1990, Inf. Syst. Res..

[34]  L. Freeman Centrality in social networks conceptual clarification , 1978 .

[35]  Kathleen M. Carley,et al.  AutoMap 1.2 : extract, analyze, represent, and compare mental models from texts , 2004 .

[36]  Beom Jun Kim,et al.  Attack vulnerability of complex networks. , 2002, Physical review. E, Statistical, nonlinear, and soft matter physics.

[37]  Jackie Rees Ulmer,et al.  Management of Information Security: Challenges and Research Directions , 2007, Commun. Assoc. Inf. Syst..

[38]  Mikko T. Siponen,et al.  An analysis of the traditional IS security approaches: implications for research and practice , 2005, Eur. J. Inf. Syst..

[39]  James H. Martin,et al.  Speech and language processing: an introduction to natural language processing, computational linguistics, and speech recognition, 2nd Edition , 2000, Prentice Hall series in artificial intelligence.

[40]  Houston H. Carr,et al.  Threats to Information Systems: Today's Reality, Yesterday's Understanding , 1992, MIS Q..

[41]  E. Eugene Schultz,et al.  Taking a stand on hackers , 2002, Comput. Secur..