Tools for automated analysis of cybercriminal markets

Rebecca S. Portnoff, Jonathan K. Kummerfeld, Sadia Afroz, Taylor Berg-Kirkpatrick, Greg Durrett, Damon McCoy, Kirill Levchenko, Vern Paxson

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    Underground forums are widely used by criminals to buy and sell a host of stolen items, datasets, resources, and criminal services. These forums contain important resources for understanding cybercrime. However, the number of forums, their size, and the domain expertise required to understand the markets makes manual exploration of these forums unscalable. In this work, we propose an automated, top-down approach for analyzing underground forums. Our approach uses natural language processing and machine learning to automatically generate high-level information about underground forums, first identifying posts related to transactions, and then extracting products and prices. We also demonstrate, via a pair of case studies, how an analyst can use these automated approaches to investigate other categories of products and transactions. We use eight distinct forums to assess our tools: Antichat, Blackhat World, Carders, Darkode, Hack Forums, Hell, L33tCrew and Nulled. Our automated approach is fast and accurate, achieving over 80% accuracy in detecting post category, product, and prices.

    Original languageEnglish (US)
    Title of host publication26th International World Wide Web Conference, WWW 2017
    PublisherInternational World Wide Web Conferences Steering Committee
    Pages657-666
    Number of pages10
    ISBN (Print)9781450349130
    DOIs
    StatePublished - 2017
    Event26th International World Wide Web Conference, WWW 2017 - Perth, Australia
    Duration: Apr 3 2017Apr 7 2017

    Publication series

    Name26th International World Wide Web Conference, WWW 2017

    Other

    Other26th International World Wide Web Conference, WWW 2017
    CountryAustralia
    CityPerth
    Period4/3/174/7/17

    Keywords

    • Cybercrime
    • Machine learning/NLP
    • Measurement

    ASJC Scopus subject areas

    • Software
    • Computer Networks and Communications

    Fingerprint Dive into the research topics of 'Tools for automated analysis of cybercriminal markets'. Together they form a unique fingerprint.

  • Cite this

    Portnoff, R. S., Kummerfeld, J. K., Afroz, S., Berg-Kirkpatrick, T., Durrett, G., McCoy, D., Levchenko, K., & Paxson, V. (2017). Tools for automated analysis of cybercriminal markets. In 26th International World Wide Web Conference, WWW 2017 (pp. 657-666). [3052600] (26th International World Wide Web Conference, WWW 2017). International World Wide Web Conferences Steering Committee. https://doi.org/10.1145/3038912.3052600