Detecting Cyber Threats in Non-English Hacker Forums: An Adversarial Cross-Lingual Knowledge Transfer Approach

2020 IEEE Security and Privacy Workshops (SPW) Pub Date : 2020-05-01 DOI:10.1109/SPW50608.2020.00021

Mohammadreza Ebrahimi, S. Samtani, Yidong Chai, Hsinchun Chen

{"title":"Detecting Cyber Threats in Non-English Hacker Forums: An Adversarial Cross-Lingual Knowledge Transfer Approach","authors":"Mohammadreza Ebrahimi, S. Samtani, Yidong Chai, Hsinchun Chen","doi":"10.1109/SPW50608.2020.00021","DOIUrl":null,"url":null,"abstract":"The regularity of devastating cyber-attacks has made cybersecurity a grand societal challenge. Many cybersecurity professionals are closely examining the international Dark Web to proactively pinpoint potential cyber threats. Despite its potential, the Dark Web contains hundreds of thousands of non-English posts. While machine translation is the prevailing approach to process non-English text, applying MT on hacker forum text results in mistranslations. In this study, we draw upon Long-Short Term Memory (LSTM), Cross-Lingual Knowledge Transfer (CLKT), and Generative Adversarial Networks (GANs) principles to design a novel Adversarial CLKT (A-CLKT) approach. A-CLKT operates on untranslated text to retain the original semantics of the language and leverages the collective knowledge about cyber threats across languages to create a language invariant representation without any manual feature engineering or external resources. Three experiments demonstrate how A-CLKT outperforms state-of-the-art machine learning, deep learning, and CLKT algorithms in identifying cyber-threats in French and Russian forums.","PeriodicalId":413600,"journal":{"name":"2020 IEEE Security and Privacy Workshops (SPW)","volume":"53 5 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE Security and Privacy Workshops (SPW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SPW50608.2020.00021","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

Abstract

The regularity of devastating cyber-attacks has made cybersecurity a grand societal challenge. Many cybersecurity professionals are closely examining the international Dark Web to proactively pinpoint potential cyber threats. Despite its potential, the Dark Web contains hundreds of thousands of non-English posts. While machine translation is the prevailing approach to process non-English text, applying MT on hacker forum text results in mistranslations. In this study, we draw upon Long-Short Term Memory (LSTM), Cross-Lingual Knowledge Transfer (CLKT), and Generative Adversarial Networks (GANs) principles to design a novel Adversarial CLKT (A-CLKT) approach. A-CLKT operates on untranslated text to retain the original semantics of the language and leverages the collective knowledge about cyber threats across languages to create a language invariant representation without any manual feature engineering or external resources. Three experiments demonstrate how A-CLKT outperforms state-of-the-art machine learning, deep learning, and CLKT algorithms in identifying cyber-threats in French and Russian forums.

查看原文本刊更多论文

检测非英语黑客论坛中的网络威胁:一种对抗性跨语言知识转移方法

破坏性网络攻击的规律性使网络安全成为一个巨大的社会挑战。许多网络安全专家正在密切关注国际暗网，以主动发现潜在的网络威胁。尽管潜力巨大，但暗网包含了成千上万的非英语帖子。虽然机器翻译是处理非英语文本的主流方法，但将机器翻译应用于黑客论坛文本会导致误译。在本研究中，我们利用长短期记忆(LSTM)、跨语言知识转移(CLKT)和生成对抗网络(gan)原理设计了一种新的对抗CLKT (a -CLKT)方法。a - clkt对未翻译的文本进行操作，以保留语言的原始语义，并利用有关跨语言网络威胁的集体知识，在没有任何手动特征工程或外部资源的情况下创建语言不变表示。三个实验展示了A-CLKT如何在识别法国和俄罗斯论坛中的网络威胁方面优于最先进的机器学习、深度学习和CLKT算法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2020 IEEE Security and Privacy Workshops (SPW)

自引率

0.00%

发文量