Darknet and Deepnet Mining for Proactive Cybersecurity Threat Intelligence

In this paper, we present an operational system for cyber threat intelligence gathering from various social platforms on the Internet particularly sites on the darknet and deepnet. We focus our attention to collecting information from hacker forum discussions and marketplaces offering products and s...

Full description

Saved in:  
Bibliographic Details
Authors: Diab, Ahmad (Author) ; Thart, Amanda (Author) ; Shakarian, Paulo (Author) ; Shakarian, Jana (Author) ; Robertson, John (Author) ; Paliath, Vivin (Author) ; Nunes, Eric (Author) ; Mishra, Vineet (Author) ; Marin, Ericsson (Author) ; Gunn, Andrew (Author)
Format: Electronic Book
Language:English
Published: 2016
In:Year: 2016
Online Access: Volltext (kostenfrei)
Check availability: HBZ Gateway
Keywords:
Research

MARC

LEADER 00000nam a22000002 4500
001 1865844659
003 DE-627
005 20231017043722.0
007 cr uuu---uuuuu
008 231017s2016 xx |||||o 00| ||eng c
035 |a (DE-627)1865844659 
035 |a (DE-599)KXP1865844659 
040 |a DE-627  |b ger  |c DE-627  |e rda 
041 |a eng 
084 |a 2,1  |2 ssgn 
100 1 |a Diab, Ahmad  |e VerfasserIn  |4 aut 
245 1 0 |a Darknet and Deepnet Mining for Proactive Cybersecurity Threat Intelligence 
264 1 |c 2016 
336 |a Text  |b txt  |2 rdacontent 
337 |a Computermedien  |b c  |2 rdamedia 
338 |a Online-Ressource  |b cr  |2 rdacarrier 
520 |a In this paper, we present an operational system for cyber threat intelligence gathering from various social platforms on the Internet particularly sites on the darknet and deepnet. We focus our attention to collecting information from hacker forum discussions and marketplaces offering products and services focusing on malicious hacking. We have developed an operational system for obtaining information from these sites for the purposes of identifying emerging cyber threats. Currently, this system collects on average 305 high-quality cyber threat warnings each week. These threat warnings include information on newly developed malware and exploits that have not yet been deployed in a cyber-attack. This provides a significant service to cyber-defenders. The system is significantly augmented through the use of various data mining and machine learning techniques. With the use of machine learning models, we are able to recall 92% of products in marketplaces and 80% of discussions on forums relating to malicious hacking with high precision. We perform preliminary analysis on the data collected, demonstrating its application to aid a security expert for better threat analysis.Comment: 6 page paper accepted to be presented at IEEE Intelligence and Security Informatics 2016 Tucson, Arizona USA September 27-30, 201 
650 4 |a Research 
700 1 |a Thart, Amanda  |e VerfasserIn  |4 aut 
700 1 |a Shakarian, Paulo  |e VerfasserIn  |4 aut 
700 1 |a Shakarian, Jana  |e VerfasserIn  |4 aut 
700 1 |a Robertson, John  |e VerfasserIn  |4 aut 
700 1 |a Paliath, Vivin  |e VerfasserIn  |4 aut 
700 1 |a Nunes, Eric  |e VerfasserIn  |4 aut 
700 1 |a Mishra, Vineet  |e VerfasserIn  |4 aut 
700 1 |a Marin, Ericsson  |e VerfasserIn  |4 aut 
700 1 |a Gunn, Andrew  |e VerfasserIn  |4 aut 
856 4 0 |u http://arxiv.org/abs/1607.08583  |x Verlag  |z kostenfrei  |3 Volltext 
912 |a NOMM 
935 |a mkri 
951 |a BO 
ELC |a 1 
LOK |0 000 xxxxxcx a22 zn 4500 
LOK |0 001 4390883054 
LOK |0 003 DE-627 
LOK |0 004 1865844659 
LOK |0 005 20231017043722 
LOK |0 008 231017||||||||||||||||ger||||||| 
LOK |0 035   |a (DE-2619)CORE24818774 
LOK |0 040   |a DE-2619  |c DE-627  |d DE-2619 
LOK |0 092   |o n 
LOK |0 852   |a DE-2619 
LOK |0 852 1  |9 00 
LOK |0 935   |a core 
OAS |a 1 
ORI |a SA-MARC-krimdoka001.raw