TY - GEN
T1 - Mapping the Underground
T2 - 2019 APWG Symposium on Electronic Crime Research, eCrime 2019
AU - Bhalerao, Rasika
AU - Aliapoulios, Maxwell
AU - Shumailov, Ilia
AU - Afroz, Sadia
AU - Mccoy, Damon
N1 - Funding Information:
We thank Vern Paxson and Kirill Levchenko for their valuable feedback and discussion that helped us shape this research, and the Cambridge Cybercrime Center for assisting with data storage and advice. This work was supported in part by the National Science Foundation under grants CNS-1717062, CNS-1237265 and CNS-1619620, DHS S&T FA8750-19-2-0009, by the Office of Naval Research under MURI grant N000140911081, by the Center for Long-Term Cybersecurity, and by gifts from Google. We thank all the people that provided us with forum data for our analysis; in particular Scraping Hub and SRI for their assistance in collecting data for this study. Finally, we would like to thank our anonymous reviewers for their invaluable feedback. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the sponsors.
Publisher Copyright:
© 2019 IEEE.
PY - 2019/11
Y1 - 2019/11
N2 - Understanding the sequences of processes needed to perform a cybercrime is crucial for effective interventions. However, generating these supply chains currently requires time-consuming manual effort. We propose a method that leverages machine learning and graph-based analysis to efficiently extract supply chains from cybercrime forums. Our supply chain detection algorithm can identify 33% and 42% relevant chains within major English and Russian forums, respectively, showing improvements over the baselines of 11% and 5%, respectively. Our analysis of the supply chains demonstrates underlying connections between products and services that are potentially useful understanding and undermining the illicit activity of these forums. For example, our extracted supply chains illuminate cash out and money laundering techniques and their importance to the functioning of these forums.
AB - Understanding the sequences of processes needed to perform a cybercrime is crucial for effective interventions. However, generating these supply chains currently requires time-consuming manual effort. We propose a method that leverages machine learning and graph-based analysis to efficiently extract supply chains from cybercrime forums. Our supply chain detection algorithm can identify 33% and 42% relevant chains within major English and Russian forums, respectively, showing improvements over the baselines of 11% and 5%, respectively. Our analysis of the supply chains demonstrates underlying connections between products and services that are potentially useful understanding and undermining the illicit activity of these forums. For example, our extracted supply chains illuminate cash out and money laundering techniques and their importance to the functioning of these forums.
KW - Cybercrime
KW - Natural Language Processing
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=85083279370&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85083279370&partnerID=8YFLogxK
U2 - 10.1109/eCrime47957.2019.9037582
DO - 10.1109/eCrime47957.2019.9037582
M3 - Conference contribution
AN - SCOPUS:85083279370
T3 - eCrime Researchers Summit, eCrime
BT - Proceedings of the 2019 APWG Symposium on Electronic Crime Research, eCrime 2019
PB - IEEE Computer Society
Y2 - 13 November 2019 through 15 November 2019
ER -