![Sample our Information Science journals, sign in here to start your FREE access for 14 days]({"type":"image" , "src" : "/sda/5940/TOC-Subject-Sample-2021-Communication-Studies.jpg"})
Abstract
Cyber attacks cost the global economy approximately $445 billion per year. To mitigate attacks, many companies rely on cyber threat intelligence (CTI), or threat intelligence related to computers, networks, and information technology (IT). However, CTI traditionally analyzes attacks after they have already happened, resulting in reactive advice. While useful, researchers and practitioners have been seeking to develop proactive CTI by better understanding the threats present in hacker communities. This study contributes a novel CTI framework by leveraging an automated and principled web, data, and text mining approach to collect and analyze vast amounts of malicious hacker tools directly from large, international underground hacker communities. By using this framework, we identified many freely available malicious assets such as crypters, keyloggers, web, and database exploits. Some of these tools may have been the cause of recent breaches against organizations such as the Office of Personnel Management (OPM). The study contributes to our understanding and practice of the timely proactive identification of cyber threats.
Acknowledgments
This material is based on work supported in part by the National Science Foundation (DUE-1303362 and SES-1314631).
Additional information
Notes on contributors
Sagar Samtani
Sagar Samtani ([email protected]; corresponding author) is a doctoral student in the Department of Management Information Systems and a research associate in the Artificial Intelligence Lab at the University of Arizona. He is also a fellow in the National Science Foundation Scholarship-for-Service program. His research focuses on the cyber security domain by examining online hacker communities and developing Internet-scale vulnerability-assessment approaches. His work has appeared in various conference and workshop proceedings, including the IEEE Conference on Intelligence and Security Informatics, the INFORMS Annual Meeting, and the Women in Cybersecurity conference.
Ryan Chinn
Ryan Chinn ([email protected]) earned his M.S. in management information systems from the University of Arizona. He was also a fellow in the National Science Foundation Scholarship-for-Service program. He works at the U.S. Department of Commerce.
Hsinchun Chen
Hsinchun Chen ([email protected]) is University of Arizona Regents Professor and Thomas R. Brown Chair in Management and Technology in the Management Information Systems Department at the Eller College of Management, University of Arizona. He received his Ph.D. in information systems from New York University. He is director of the Artificial Intelligence Lab, where he developed the COPLINK system, which has been cited as a national model for public safety information sharing and analysis, and has been adopted in more than 3,500 law enforcement and intelligence agencies. He is the author or editor of 20 books, 25 book chapters, 280 journal papers, and 150 refereed conference articles covering digital library, data/text/web mining, business analytics, security informatics, and health informatics. He is editor in chief of Security Informatics. He has received over 90 grants totaling more than $40 million in research funding from the National Science Foundation, National Institutes of Health, National Library of Medicine, Department of Defense, Department of Justice, Central Intelligence Agency, Department of Homeland Security, and other agencies. He is a fellow of ACM, IEEE, and AAAS.
Jay F. Nunamaker
Jay F. Nunamaker Jr. ([email protected]) is Regents and Soldwedel Professor of MIS, Computer Science and Communication and director of the Center for the Management of Information and the National Center for Border Security and Immigration at the University of Arizona. He received his Ph.D. in operations research and systems engineering from Case Institute of Technology. He has held a professional engineer’s license since 1965. He was inducted into the Design Science Hall of Fame and received the LEO Award for Lifetime Achievement from the Association for Information Systems. He was featured in the July 1997 issue of Forbes Magazine on technology as one of eight key innovators in information technology. His specialization is in the fields of system analysis and design, collaboration technology, and deception detection. The commercial product GroupSystems ThinkTank, based on his research, is often referred to as the gold standard for structured collaboration systems. He founded the MIS Department at the University of Arizona in 1974 and served as department head for 18 years.