发现黑客群体中的新兴威胁：一个非参数的新兴主题检测框架

IF 7 2区管理学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Mis Quarterly Pub Date : 2022-12-01 DOI:10.25300/misq/2022/15642

Weifeng Li, Hsinchun Chen

{"title":"发现黑客群体中的新兴威胁：一个非参数的新兴主题检测框架","authors":"Weifeng Li, Hsinchun Chen","doi":"10.25300/misq/2022/15642","DOIUrl":null,"url":null,"abstract":"The prevalence and rapid growth of cybercrime are largely attributed to hacker communities on the dark web, where cybercriminals extensively exchange hacking resources, share hacking knowledge, and organize cyberattacks. Such streams of hacker-generated content constitute an invaluable data source for developing threat intelligence that can inform organizations of cybersecurity risks and facilitate proactive cyber defense. Drawing upon the design science paradigm, we propose a novel nonparametric emerging topic detection (NPETD) framework for detecting emerging topics in streams of hacker-generated content. Our framework extends the state-of-the-art nonparametric topic model to inductively model topics without having to specify the number of topics a priori. Moreover, our framework features an efficient algorithm to jointly infer topics and detect topic emergence. We conducted experiments to rigorously evaluate the effectiveness and efficiency of our framework in comparison with the state-of-the-art baseline methods. Our framework outperformed the baseline methods in detecting the listings of emerging threats in darknet marketplaces on recall, F-measure, topic coherence, and processor time. The practical utility of our framework is further demonstrated in a major hacker forum, where we identified several notable emerging topics with important implications for victim companies and law enforcement. The proposed framework contributes to cybersecurity, topic detection and tracking, and design science.","PeriodicalId":49807,"journal":{"name":"Mis Quarterly","volume":" ","pages":""},"PeriodicalIF":7.0000,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Discovering Emerging Threats in the Hacker Community: A Nonparametric Emerging Topic Detection Framework\",\"authors\":\"Weifeng Li, Hsinchun Chen\",\"doi\":\"10.25300/misq/2022/15642\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The prevalence and rapid growth of cybercrime are largely attributed to hacker communities on the dark web, where cybercriminals extensively exchange hacking resources, share hacking knowledge, and organize cyberattacks. Such streams of hacker-generated content constitute an invaluable data source for developing threat intelligence that can inform organizations of cybersecurity risks and facilitate proactive cyber defense. Drawing upon the design science paradigm, we propose a novel nonparametric emerging topic detection (NPETD) framework for detecting emerging topics in streams of hacker-generated content. Our framework extends the state-of-the-art nonparametric topic model to inductively model topics without having to specify the number of topics a priori. Moreover, our framework features an efficient algorithm to jointly infer topics and detect topic emergence. We conducted experiments to rigorously evaluate the effectiveness and efficiency of our framework in comparison with the state-of-the-art baseline methods. Our framework outperformed the baseline methods in detecting the listings of emerging threats in darknet marketplaces on recall, F-measure, topic coherence, and processor time. The practical utility of our framework is further demonstrated in a major hacker forum, where we identified several notable emerging topics with important implications for victim companies and law enforcement. The proposed framework contributes to cybersecurity, topic detection and tracking, and design science.\",\"PeriodicalId\":49807,\"journal\":{\"name\":\"Mis Quarterly\",\"volume\":\" \",\"pages\":\"\"},\"PeriodicalIF\":7.0000,\"publicationDate\":\"2022-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Mis Quarterly\",\"FirstCategoryId\":\"91\",\"ListUrlMain\":\"https://doi.org/10.25300/misq/2022/15642\",\"RegionNum\":2,\"RegionCategory\":\"管理学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Mis Quarterly","FirstCategoryId":"91","ListUrlMain":"https://doi.org/10.25300/misq/2022/15642","RegionNum":2,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 1

摘要

网络犯罪的普遍性和快速增长在很大程度上归因于暗网上的黑客社区，网络罪犯在那里广泛交换黑客资源，共享黑客知识，并组织网络攻击。这些黑客生成的内容流构成了开发威胁情报的宝贵数据源，可以向组织通报网络安全风险，并促进积极的网络防御。借鉴设计科学范式，我们提出了一种新的非参数新兴主题检测（NPETD）框架，用于检测黑客生成内容流中的新兴主题。我们的框架将最先进的非参数主题模型扩展到对主题进行归纳建模，而不必事先指定主题的数量。此外，我们的框架具有一种有效的算法来联合推断主题和检测主题出现。我们进行了实验，与最先进的基线方法相比，严格评估了我们框架的有效性和效率。我们的框架在检测暗网市场中新出现的威胁列表的召回、F-测量、主题一致性和处理时间方面优于基线方法。我们的框架的实用性在一个主要的黑客论坛上得到了进一步的证明，我们在论坛上确定了几个对受害公司和执法具有重要影响的显著新兴主题。拟议的框架有助于网络安全、主题检测和跟踪以及设计科学。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Discovering Emerging Threats in the Hacker Community: A Nonparametric Emerging Topic Detection Framework

The prevalence and rapid growth of cybercrime are largely attributed to hacker communities on the dark web, where cybercriminals extensively exchange hacking resources, share hacking knowledge, and organize cyberattacks. Such streams of hacker-generated content constitute an invaluable data source for developing threat intelligence that can inform organizations of cybersecurity risks and facilitate proactive cyber defense. Drawing upon the design science paradigm, we propose a novel nonparametric emerging topic detection (NPETD) framework for detecting emerging topics in streams of hacker-generated content. Our framework extends the state-of-the-art nonparametric topic model to inductively model topics without having to specify the number of topics a priori. Moreover, our framework features an efficient algorithm to jointly infer topics and detect topic emergence. We conducted experiments to rigorously evaluate the effectiveness and efficiency of our framework in comparison with the state-of-the-art baseline methods. Our framework outperformed the baseline methods in detecting the listings of emerging threats in darknet marketplaces on recall, F-measure, topic coherence, and processor time. The practical utility of our framework is further demonstrated in a major hacker forum, where we identified several notable emerging topics with important implications for victim companies and law enforcement. The proposed framework contributes to cybersecurity, topic detection and tracking, and design science.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Mis Quarterly 工程技术-计算机：信息系统

CiteScore

13.30

自引率

4.10%

发文量

审稿时长

6-12 weeks

期刊介绍： Journal Name: MIS Quarterly Editorial Objective: The editorial objective of MIS Quarterly is focused on: Enhancing and communicating knowledge related to: Development of IT-based services Management of IT resources Use, impact, and economics of IT with managerial, organizational, and societal implications Addressing professional issues affecting the Information Systems (IS) field as a whole Key Focus Areas: Development of IT-based services Management of IT resources Use, impact, and economics of IT with managerial, organizational, and societal implications Professional issues affecting the IS field as a whole