Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
5.8
3.1
Journals
Information
Special Issues
Darkweb Cyber Threat Intelligence Mining
share announcement

Darkweb Cyber Threat Intelligence Mining

A special issue of Information (ISSN 2078-2489). This special issue belongs to the section "Information Systems".

Deadline for manuscript submissions: closed (25 June 2018) | Viewed by 30077

Special Issue Editor

Prof. Dr. Paulo Shakarian

E-Mail Website
Guest Editor
School of Computing, Informatics, and Decision Systems Engineering, Arizona State University, Tempe, AZ‎, USA
Interests: cyber security; social networks; AI; machine learning
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

Malicious hacker communities leverage the deepweb and darkweb to buy, sell, and trade malware, exploits, and stolen data. Because of this, many security researchers have leveraged this data to understand the activities of such groups with respect to ongoing cyber attacks—with the goal to identify emerging threats, support forensic investigations, and even predict cyber-attacks. However, the many challenges in obtaining, analysing, and updating such data in an automated and stealthy fashion—and do so at scale. This special issue focuses on new techniques for how darkweb/deepweb hacker data can be automatically obtained and transformed into actionable cyber threat intelligence—thereby aiding network defenders in avoiding cyber attacks, finding breached information, and, generally, understanding hacker communities. Topics include, but are not limited to:

  1. Mining the deepweb and darkweb
  2. Big data technologies for managing deepweb/darkweb data
  3. Cleaning deepweb/darkweb data
  4. Extracting information from deepweb/darkweb data
  5. Social network analysis on deepweb/darkweb hacker communities
  6. Alignment of deepweb/darkweb data with other data sources
  7. Prediction of cyber attacks using deepweb/darkweb data
  8. Social science studies of malicious hacker communities on the deepweb/darkweb
  9. Predicting software exploitability using deepweb/darkweb
  10. Game theoretic methods to model attacker behaviour using darkweb/deepweb data

Prof. Paulo Shakarian
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Information is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • Cyber security
  • Cyber threat intelligence
  • Darkweb
  • Deepweb

Published Papers (4 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Editorial

Jump to: Research

2 pages, 132 KiB  
Editorial
Dark-Web Cyber Threat Intelligence: From Data to Intelligence to Prediction
by Paulo Shakarian
Information 2018, 9(12), 305; https://doi.org/10.3390/info9120305 - 01 Dec 2018
Cited by 4 | Viewed by 4972
Abstract
Scientific work that leverages information about communities on the deep and dark web has opened up new angles in the field of security informatics. [...] Full article
(This article belongs to the Special Issue Darkweb Cyber Threat Intelligence Mining)

Research

Jump to: Editorial

18 pages, 1962 KiB  
Article
Predicting Cyber-Events by Leveraging Hacker Sentiment
by Ashok Deb, Kristina Lerman and Emilio Ferrara
Information 2018, 9(11), 280; https://doi.org/10.3390/info9110280 - 15 Nov 2018
Cited by 30 | Viewed by 6075
Abstract
Recent high-profile cyber-attacks exemplify why organizations need better cyber-defenses. Cyber-threats are hard to accurately predict because attackers usually try to mask their traces. However, they often discuss exploits and techniques on hacking forums. The community behavior of the hackers may provide insights into [...] Read more.
Recent high-profile cyber-attacks exemplify why organizations need better cyber-defenses. Cyber-threats are hard to accurately predict because attackers usually try to mask their traces. However, they often discuss exploits and techniques on hacking forums. The community behavior of the hackers may provide insights into the groups’ collective malicious activity. We propose a novel approach to predict cyber-events using sentiment analysis. We test our approach using cyber-attack data from two major business organizations. We consider three types of events: malicious software installation, malicious-destination visits, and malicious emails that surmounted the target organizations’ defenses. We construct predictive signals by applying sentiment analysis to hacker forum posts to better understand hacker behavior. We analyze over 400 K posts written between January 2016 and January 2018 on over 100 hacking forums both on the surface and dark web. We find that some forums have significantly more predictive power than others. Sentiment-based models that leverage specific forums can complement state-of-the-art time-series models on forecasting cyber-attacks weeks ahead of the events. Full article
(This article belongs to the Special Issue Darkweb Cyber Threat Intelligence Mining)
Show Figures

Figure 1

16 pages, 1446 KiB  
Article
First Steps towards Data-Driven Adversarial Deduplication
by Jose N. Paredes, Gerardo I. Simari, Maria Vanina Martinez and Marcelo A. Falappa
Information 2018, 9(8), 189; https://doi.org/10.3390/info9080189 - 27 Jul 2018
Cited by 4 | Viewed by 4374
Abstract
In traditional databases, the entity resolution problem (which is also known as deduplication) refers to the task of mapping multiple manifestations of virtual objects to their corresponding real-world entities. When addressing this problem, in both theory and practice, it is widely assumed that [...] Read more.
In traditional databases, the entity resolution problem (which is also known as deduplication) refers to the task of mapping multiple manifestations of virtual objects to their corresponding real-world entities. When addressing this problem, in both theory and practice, it is widely assumed that such sets of virtual objects appear as the result of clerical errors, transliterations, missing or updated attributes, abbreviations, and so forth. In this paper, we address this problem under the assumption that this situation is caused by malicious actors operating in domains in which they do not wish to be identified, such as hacker forums and markets in which the participants are motivated to remain semi-anonymous (though they wish to keep their true identities secret, they find it useful for customers to identify their products and services). We are therefore in the presence of a different, and even more challenging, problem that we refer to as adversarial deduplication. In this paper, we study this problem via examples that arise from real-world data on malicious hacker forums and markets arising from collaborations with a cyber threat intelligence company focusing on understanding this kind of behavior. We argue that it is very difficult—if not impossible—to find ground truth data on which to build solutions to this problem, and develop a set of preliminary experiments based on training machine learning classifiers that leverage text analysis to detect potential cases of duplicate entities. Our results are encouraging as a first step towards building tools that human analysts can use to enhance their capabilities towards fighting cyber threats. Full article
(This article belongs to the Special Issue Darkweb Cyber Threat Intelligence Mining)
Show Figures

Figure 1

17 pages, 4757 KiB  
Article
A Framework for More Effective Dark Web Marketplace Investigations
by Darren R. Hayes, Francesco Cappa and James Cardon
Information 2018, 9(8), 186; https://doi.org/10.3390/info9080186 - 26 Jul 2018
Cited by 36 | Viewed by 13173
Abstract
The success of the Silk Road has prompted the growth of many Dark Web marketplaces. This exponential growth has provided criminal enterprises with new outlets to sell illicit items. Thus, the Dark Web has generated great interest from academics and governments who have [...] Read more.
The success of the Silk Road has prompted the growth of many Dark Web marketplaces. This exponential growth has provided criminal enterprises with new outlets to sell illicit items. Thus, the Dark Web has generated great interest from academics and governments who have sought to unveil the identities of participants in these highly lucrative, yet illegal, marketplaces. Traditional Web scraping methodologies and investigative techniques have proven to be inept at unmasking these marketplace participants. This research provides an analytical framework for automating Dark Web scraping and analysis with free tools found on the World Wide Web. Using a case study marketplace, we successfully tested a Web crawler, developed using AppleScript, to retrieve the account information for thousands of vendors and their respective marketplace listings. This paper clearly details why AppleScript was the most viable and efficient method for scraping Dark Web marketplaces. The results from our case study validate the efficacy of our proposed analytical framework, which has relevance for academics studying this growing phenomenon and for investigators examining criminal activity on the Dark Web. Full article
(This article belongs to the Special Issue Darkweb Cyber Threat Intelligence Mining)
Show Figures

Graphical abstract

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-4
Back to TopTop