Abstract
To further cybersecurity, there is interest in studying online cybercriminal communities to learn more about emerging cyber threats. Literature documents the existence of many online Internet Relay Chat (IRC) cybercriminal communities where cybercriminals congregate and share hacking tools, malware, and more. However, many cybercriminal community participants appear unskilled and have fleeting interests, making it difficult to detect potential long-term or key participants. This is a challenge for researchers and practitioners to quickly identify cybercriminals that may provide credible threat intelligence. Thus, we propose a computational approach to analyze cybercriminals IRC communities in order to identify potential long-term and key participants. We use the extended Cox model to scrutinize cybercriminal IRC participation for better understanding of behaviors exhibited by cybercriminals of importance. Results indicate that key cybercriminals may be quickly identifiable by assessing the scale of their interaction and networks with other participants.
Funding
We would like to acknowledge that this work was funded by the National Science Foundation under Grant No. SES-1314631 and also under Grant No. DUE-1303362.
Additional information
Funding
Notes on contributors
Victor Benjamin
Victor Benjamin ([email protected]; corresponding author) is an assistant professor at Arizona State University. He received his Ph.D. from the University of Arizona. He specializes in cybersecurity, machine learning, natural language processing, and web mining.
Bin Zhang
Bin Zhang ([email protected]) is an assistant professor at the University of Arizona. He received his Ph.D. from Carnegie Mellon University. He specializes in large social network analysis and statistical modeling of social network problems. His work also focuses on social media, technology diffusion, and business analytics.
Jay F. Nunamaker
Jay F. Nunamaker, Jr. ([email protected]), is Regents and Soldwedel Professor of MIS, Computer Science and Communication at the University of Arizona. He is director of the Center for the Management of Information and the Center for Border Security and Immigration. He received his Ph.D. in Operations Research and Systems Engineering from Case Institute of Technology. He obtained his professional engineer’s license in 1965. He specializes in the fields of system analysis and design, collaboration technology, and deception detection. He has been inducted into the Design Science Hall of Fame and received the LEO Award for Lifetime Achievement from the Association of Information Systems. He has published over 368 journal articles, book chapters, books, and refereed proceedings papers. He has also cofounded five spin-off companies based on his research.
Hsinchun Chen
Hsinchun Chen ([email protected])is a regents professor of management information systems and Thomas R. Brown Chair in Management and Technology at the University of Arizona and director of the Artificial Intelligence Lab. He is a fellow of IEEE, ACM, and AAAS. He has received numerous awards for his research work. He is the author or editor of 20 books, 25 book chapters, 280 journal articles, and 150 refereed conference articles in the areas of web computing, search engines, digital library, intelligence analysis, biomedical informatics, data/text/web mining, and knowledge management.