References
Published online by Cambridge University Press: 09 April 2021
Summary
A summary is not available for this content so a preview has been provided. Please use the Get access link above for information on how to access this content.
- Type
- Chapter
- Information
- Exploring Malicious Hacker CommunitiesToward Proactive Cyber-Defense, pp. 189 - 202Publisher: Cambridge University PressPrint publication year: 2021
References
[1]
Abbasi, A., Li, W., Benjamin, V., Hu, S., and Chen, H. (2014). Descriptive analytics: Examining expert hackers in web forums. In Proceeding of ISI 2014, (pp. 56–63). IEEE.CrossRefGoogle Scholar
[2]
Abbosh, O., and Bissell, K. (2019). Securing the digital economy: Reinventing the internet for trust. Tech. rep., Accenture.Google Scholar
[3]
Ajzen, I., and Fishbein, M. (1980). Understanding Attitudes and Predicting Social Behavior. Prentice Hall.Google Scholar
[4]
Akoglu, L., Tong, H., and Koutra, D. (2015). Graph based anomaly detection and description: A survey. Data Min. Knowl. Discov., 29(3), 626–688. https://doi.org/10.1007/s10618–014-0365-y.Google Scholar
[5]
Allodi, L. (2017). Economic factors of vulnerability trade and exploitation. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS’17, (pp. 1483–1499). ACM.Google Scholar
[6]
Allodi, L., and Massacci, F. (2012). A preliminary analysis of vulnerability scores for attacks in wild: The ekits and sym datasets. In Proceedings of the 2012 ACM Workshop on Building Analysis Datasets and Gathering Experience Returns for Security, (pp. 17–24). ACM.Google Scholar
[7]
Allodi, L., and Massacci, F. (2014). Comparing vulnerability severity and exploits using case-control studies. ACM Tran. Inform. Syst. Security, 17(1), 1.Google Scholar
[8]
Allodi, L., Massacci, F., and Williams, J. M. (2017). The work-averse cyber attacker model: Theory and evidence from two million attack signatures. Social Science Research Network (SSRN).Google Scholar
[9]
Almukaynizi, M., Grimm, A., Nunes, E., Shakarian, J., and Shakarian, P. (2017). Predicting cyber threats through hacker social networks in darkweb and deepweb forums. In Proceedings of the 2017 International Conference of the Computational Social Science Society of the Americas, (pp. 1–7). ACM.Google Scholar
[10]
Almukaynizi, M., Marin, E., Nunes, E., Shakarian, P., Simari, G. I., Kapoor, D., and Siedlecki, T. (2018). Darkmention: A deployed system to predict enterprise-targeted external cyberattacks. In 2018 IEEE International Conference on Intelligence and Security Informatics (ISI), (pp. 31–36). https://doi.org/10.1109/ISI.2018.8587334.Google Scholar
[11]
Almukaynizi, M., Nunes, E., Dharaiya, K., Senguttuvan, M., Shakarian, J., and Shakarian, P. (2017 ). Proactive identification of exploits in the wild through vulnerability mentions online. In 2017 International Conference on Cyber Conflict (CyCon US), (pp. 82–88). IEEE.Google Scholar
[12]
Almukaynizi, M., Nunes, E., Dharaiya, K., Senguttuvan, M., Shakarian, J., and Shakarian, P. (2019). Patch before exploited: An approach to identify targeted software vulnerabilities. In AI in Cybersecurity, (pp. 81–113). Springer.Google Scholar
[13]
Anwar, T., and Abulaish, M. (2012). Identifying cliques in dark web forums–an agglomerative clustering approach. In 2012 IEEE International Conference on Intelligence and Security Informatics, (pp. 171–173). IEEE.Google Scholar
[14]
Barreno, M., Bartlett, P. L., Chi, F. J., Joseph, A. D., Nelson, B., Rubinstein, B. I., Saini, U., and Tygar, J. D. (2008). Open problems in the security of learning. In Proceedings of the 1st ACM Workshop on AISec, (pp. 19–26). ACM.Google Scholar
[15]
Barreno, M., Nelson, B., Joseph, A. D., and Tygar, J. (2010). The security of machine learning. Machine Learn., 81(2), 121–148.Google Scholar
[16]
Benjamin, V., Li, W., Holt, T., and Chen, H. (2015). Exploring threats and vulnerabilities in hacker web: Forums, IRC and carding shops. In 2015 IEEE International Conference on Intelligence and Security Informatics (ISI), (pp. 85– 90). IEEE.Google Scholar
[17]
Benjamin, V., Zhang, B., Nunamaker, J.Jr., and Chen, H. (2016). Examining hacker participation length in cybercriminal internet-relay-chat communities. J. Manage. Inform. Syst., 33(2), 482–510.CrossRefGoogle Scholar
[18]
Biggio, B., Nelson, B., and Laskov, P. (2011). Support vector machines under adversarial label noise. ACML, 20, 97–112.Google Scholar
[19]
Bilge, L., and Dumitraş, T. (2012). Before we knew it: An empirical study of zero-day attacks in the real world. In Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS’12, (pp. 833–844). ACM. http://doi.acm.org/10.1145/2382196.2382284.Google Scholar
[20]
Bilge, L., Han, Y., and Dell’Amico, M. (2017). Riskteller: Predicting the risk of cyber incidents. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS’17, (pp. 1299–1311). ACM. http://doi.acm.org/10.1145/3133956.3134022.Google Scholar
[21]
Blondel, V. D., Guillaume, J.-L., Lambiotte, R., and Lefebvre, E. (2008). Fast unfolding of communities in large networks. J. Stat. Mech. Theory Experiment, 2008(10), P10008.Google Scholar
[22]
Borgatti, S. P., Carley, K. M., and Krackhardt, D. (2006). On the robustness of centrality measures under conditions of imperfect data. Social Networks, 28(2), 124–136.CrossRefGoogle Scholar
[23]
Bozorgi, M., Saul, L. K., Savage, S., and Voelker, G. M. (2010). Beyond heuristics: Learning to classify vulnerabilities and predict exploits. In Proceedings of the 16th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, (pp. 105–114). ACM.Google Scholar
[26]
Bullough, B. L., Yanchenko, A. K., Smith, C. L., and Zipkin, J. R. (2017). Predicting exploitation of disclosed software vulnerabilities using open-source data. In Proceedings of the 2017 ACM International Workshop on Security and Privacy Analytics, (pp. 45–53). ACM.Google Scholar
[27]
Burt, R. S. (1987). Social contagion and innovation: Cohesion versus structural equivalence. Am. J. Sociol., 92(6), 1287–1335.Google Scholar
[28]
Carr, D. (2008). How Obama tapped into social networks’ power. www.nytimes.com/2008/11/10/business/media/10carr.html.Google Scholar
[29]
Chandola, V., Banerjee, A., and Kumar, V. (2009). Anomaly detection: A survey. ACM Comput. Surv., 41(3), 15:1–15:58. http://doi.acm.org/10.1145/1541880.1541882.Google Scholar
[30]
Chawla, N. V., Bowyer, K. W., Hall, L. O., and Kegelmeyer, W. P. (2002). Smote: Synthetic minority over-sampling technique. J. Artif. Int. Res., 16(1), 321–357. http://dl.acm.org/citation.cfm?id=1622407.1622416.Google Scholar
[31]
Chen, H. (2011). Dark web: Exploring and mining the dark side of the web. In 2011 European Intelligence and Security Informatics Conference (EISIC), (pp. 1–2). Springer.Google Scholar
[32]
Chen, H., Liu, R., Park, N., and Subrahmanian, V. (2019). Using Twitter to predict when vulnerabilities will be exploited. In Proceedings of the 25th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining, (pp. 3143–3152). ACM.Google Scholar
[33]
Chen, Y.-D., Brown, S., Hu, P. J., King, C.-C., and Chen, H. (2011). Managing emerging infectious diseases with information systems: Reconceptualizing outbreak management through the lens of loose coupling. Inform. Syst. Res., 22(3), 447–468.Google Scholar
[34]
Chierichetti, F., Lattanzi, S., and Panconesi, A. (2010). Rumour spreading and graph conductance. In Proceedings of the Twenty-First Annual ACM-SIAM Symposium on Discrete Algorithms, SODA’10, (pp. 1657–1663). Society for Industrial and Applied Mathematics. http://dl.acm.org/citation.cfm?id=1873601.1873736.Google Scholar
[35]
Chung, C., Khatkar, P., Xing, T., Lee, J., and Huang, D. (2013). Nice: Network intrusion detection and countermeasure selection in virtual network systems. IEEE Trans. Dependable Secure Comput., 10(4), 198–211. https://doi.org/10.1109/TDSC.2013.8.Google Scholar
[36]
CISA. (2017). HIDDEN COBRA–North Korea’s DDoS botnet infrastructure. www.us-cert.gov/ncas/alerts/TA17-164A.Google Scholar
[37]
CISCO. (2016). Cisco 2016 midyear cybersecurity report. www.cisco.com/c/dam/m/en_ca/never-better/assets/files/midyear-security-report-2016.pdf.Google Scholar
[38]
Clauset, A., Newman, M. E. J., and Moore, C. (2004). Finding community structure in very large networks. Phys. Rev. E, 70, 066111.Google Scholar
[39]
Colbaugh, R., and Glass, K. (2011). Proactive defense for evolving cyber threats. In Proceedings of 2011 IEEE International Conference on Intelligence and Security Informatics, (pp. 125–130). IEEE.Google Scholar
[40]
Coleman, G. (2014). Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous. Verso Books.Google Scholar
[41]
Coleman, J. S., Katz, E., and Menzel, H. (1967). Medical innovation: A diffusion study. Social Forces, 46(2), 291.Google Scholar
[43]
Danezis, G., and Mittal, P. (2009). Sybilinfer: Detecting sybil nodes using social networks. In Proceedings of the Network and Distributed System Security Symposium (NDSS’ 2009), (pp. 1–15). Internet Society.Google Scholar
[44]
Das, G., Lin, K.-I., Mannila, H., Renganathan, G., and Smyth, P. (1998). Rule discovery from time series. In Proceedings of the Fourth International Conference on Knowledge Discovery and Data Mining, KDD’98, (pp. 16–22). AAAI.Google Scholar
[45]
Deb, A., Lerman, K., and Ferrara, E. (2018). Predicting cyber-events by leveraging hacker sentiment. Information, 9(11), 280. https://doi.org/10.3390/info9110280.Google Scholar
[46]
Décary-Hétu, D., and Dupont, B. (2013). Reputation in a dark network of online criminals. Global Crime, 14(2–3), 175–196.Google Scholar
[47]
Deogun, J., and Jiang, L. (2005). Prediction mining – an approach to mining association rules for prediction. In Ślezak, D., Yao, J., Peters, J. F., Ziarko, W., and Hu, X. (Eds.) Rough Sets, Fuzzy Sets, Data Mining, and Granular Computing, (pp. 98–108). Springer Berlin Heidelberg.Google Scholar
[48]
Domingos, P., and Richardson, M. (2001). Mining the network value of customers. In Proceedings of the Seventh ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD’01, (pp. 57–66). ACM.Google Scholar
[49]
Dung, P. M. (1995). On the acceptability of arguments and its fundamental role in nonmonotonic reasoning, logic programming and n-person games. Artificial Intelligence, 77(2), 321–357.Google Scholar
[50]
Durumeric, Z., Kasten, J., Adrian, D., et al. (2014). The matter of heartbleed. In Proceedings of the 2014 Conference on Internet Measurement Conference, (pp. 475–488). ACM.Google Scholar
[51]
Edkrantz, M., and Said, A. (2015). Predicting cyber vulnerability exploits with machine learning. In Proceedings of the 13th Scandinavian Conference on Artificial Intelligence, vol. 278, (pp. 48–57). IOS press.Google Scholar
[52]
Edkrantz, M., Truvé, S., and Said, A. (2015). Predicting vulnerability exploits in the wild. In 2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing, (pp. 513–514). IEEE.Google Scholar
[53]
Fang, Z., Zhao, X., Wei, Q., Chen, G., Zhang, Y., Xing, C., Li, W., and Chen, H. (2016). Exploring key hackers and cybersecurity threats in chinese hacker communities. In 2016 IEEE Conference on Intelligence and Security Informatics (ISI), (pp. 13–18). IEEE.Google Scholar
[54]
Ferrara, E., Varol, O., Davis, C., Menczer, F., and Flammini, A. (2016). The rise of social bots. Commun. ACM, 59(7), 96–104. http://doi.acm.org/10.1145/2818717.Google Scholar
[55]
Fink, C., Schmidt, A., Barash, V., Kelly, J., Cameron, C., and Macy, M. (2016). Investigating the observability of complex contagion in empirical social networks. In Proceedings of 10th International AAAI Conference on Web and Social Media (ICWSM’16), (pp. 121–130).Google Scholar
[56]
Fisk, N. (2006). Social learning theory as a model for illegitimate peer-to-peer use and the effects of implementing a legal music downloading service on peer-to-peer music piracy. PhD thesis, Rochester Institute of Technology.Google Scholar
[58]
Fournier-Viger, P., Faghihi, U., Nkambou, R., and Nguifo, E. M. (2012). Cmrules: Mining sequential rules common to several sequences. Knowledge-Based Systems, 25(1), 63–76.Google Scholar
[59]
Fournier-Viger, P., Gueniche, T., and Tseng, V. S. (2012). Using partially-ordered sequential rules to generate more accurate sequence prediction. In Advanced Data Mining and Applications, (pp. 431–442). Springer.Google Scholar
[60]
Fournier-Viger, P., Wu, C., Tseng, V. S., Cao, L., and Nkambou, R. (2015). Mining partially-ordered sequential rules common to multiple sequences. IEEE Trans. Know. Data Eng., 27(8), 2203–2216.Google Scholar
[61]
Fournier-Viger, P., Wu, C.-W., Tseng, V. S., and Nkambou, R. (2012). Mining sequential rules common to several sequences with the window size constraint. In Advances in Artificial Intelligence, (pp. 299–304). Springer.Google Scholar
[62]
Frei, S., Schatzmann, D., Plattner, B., and Trammell, B. (2010 ). Modeling the security ecosystem-the dynamics of (in) security. In Economics of Information Security and Privacy, (pp. 79–106). Springer.Google Scholar
[63]
Galar, M., Fernandez, A., Barrenechea, E., Bustince, H., and Herrera, F. (2012). A review on ensembles for the class imbalance problem: Bagging-, boosting-, and hybrid-based approaches. IEEE Trans. Syst., Man Cybernetics, Part C, 42(4), 463–484.Google Scholar
[64]
García, A. J., and Simari, G. R. (2004). Defeasible logic programming: An argumentative approach. Theory Pract. Log. Program., 4(1+2), 95–138. https://doi.org/doi.org/10.1017/S1471068403001674.Google Scholar
[65]
Ghaffarian, S. M., and Shahriari, H. R. (2017). Software vulnerability analysis and discovery using machine-learning and data-mining techniques: A survey. ACM Comput. Surv., 50(4), 56.Google Scholar
[66]
Girvan, M., and Newman, M. E. J. (2002). Community structure in social and biological networks. Proc. Nat. Acad. Sci., 99(12), 7821–7826.Google Scholar
[67]
Glenski, M., and Weninger, T. (2017). Predicting user-interactions on Reddit. In Proceedings of the 2017 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining 2017, ASONAM’17, (pp. 609–612). ACM.Google Scholar
[68]
GOV.UK. (2019). 2019 cyber security breaches survey. www.gov.uk/government/statistics/cyber-security-breaches-survey-2019.Google Scholar
[69]
Goyal, A., Bonchi, F., and Lakshmanan, L. V. (2010). Learning influence probabilities in social networks. In Proceedings of the Third ACM International Conference on Web Search and Data Mining, WSDM’10, (pp. 241–250). ACM.Google Scholar
[70]
Goyal, P., Hossain, K., Deb, A., Tavabi, N., Bartley, N., Abeliuk, A., Ferrara, E., and Lerman, K. (2018). Discovering signals from web sources to predict cyber attacks. https://arxiv.org/abs/1806.03342v1.Google Scholar
[71]
Guo, D., Shamai, S., and Verdú, S. (2005). Mutual information and minimum mean-square error in Gaussian channels. IEEE Trans. Inform Theory, 51(4), 1261–1282.Google Scholar
[72]
Guo, R., and Shakarian, P. (2016). A comparison of methods for cascade prediction. In Proceedings of the 2016 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining, ASONAM’16, (pp. 591– 598). IEEE Press.Google Scholar
[73]
Gupta, M. (2014). Handbook of Research on Emerging Developments in Data Privacy. Advances in Information Security, Privacy, and Ethics (1948–9730). IGI Global. https://books.google.com/books?id=5Ra5BgAAQBAJ.Google Scholar
[74]
Hamilton, H. J., and Karimi, K. (2005). The timers II algorithm for the discovery of causality. In Ho, T. B., Cheung, D., and Liu, H. (Eds.) Advances in Knowledge Discovery and Data Mining, (pp. 744–750). Springer.Google Scholar
[75]
Han, J., Pei, J., and Yin, Y. (2000). Mining frequent patterns without candidate generation. In ACM sigmod Record, vol. 29, (pp. 1–12).Google Scholar
[76]
Hao, S., Kantchelian, A., Miller, B., Paxson, V., and Feamster, N. (2016). Predator: Proactive recognition and elimination of domain abuse at time-of-registration. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, (pp. 1568–1579). ACM.Google Scholar
[77]
Hodge, V. J., and Austin, J. (2004). A survey of outlier detection methodologies. Arti. Intell. Rev., 22(2), 85–126. https://doi.org/10.1007/s10462–004-4304-y.CrossRefGoogle Scholar
[78]
Holt, T., Strumsky, D., Smirnova, O., and Kilger, M. (2012). Examining the social networks of malware writers and hackers. Int. J. Cyber Criminol., 6(1), 891–903.Google Scholar
[79]
Holt, T. J., and Lampke, E. (2010). Exploring stolen data markets online: Products and market forces. Criminal Justice Stud., 23(1), 33–50. https://doi.org/10.1080/14786011003634415.CrossRefGoogle Scholar
[80]
Hornik, K., Kober, M., Feinerer, I., and Buchta, C. (2012). Spherical k-means clustering. J. Stat. Software, 50, 1–22.Google Scholar
[81]
Hubert, L., and Arabie, P. (1985). Comparing partitions. J. Classification, 2(1), 193–218.Google Scholar
[82]
IdentityForce (2019). Data breaches – the worst breaches, so far. www.identityforce.com/blog/2019-data-breaches.Google Scholar
[83]
Khandpur, R. P., Ji, T., Jan, S., Wang, G., Lu, C.-T., and Ramakrishnan, N. (2017). Crowdsourcing cybersecurity: Cyber attack detection using social media. In Proceedings of the 2017 ACM on Conference on Information and Knowledge Management, CIKM’17, (pp. 1049–1057). ACM. http://doi.acm.org/10.1145/3132847.3132866.Google Scholar
[84]
Knowles, A. (2016). How black hats and white hats collaborate to be successful. https://securityintelligence.com/how-black-hats-and-white-hats-collaborate-to-be-successful/.Google Scholar
[85]
Kotenko, I., and Stepashkin, M. (2005). Analyzing vulnerabilities and measuring security level at design and exploitation stages of computer network life cycle. In Proceedings of the Third International Conference on Mathematical Methods, Models, and Architectures for Computer Network Security, MMM-ACNS’05, (pp. 311–324). Springer. https://doi.org/10.1007/11560326_24.Google Scholar
[86]
Lab, K. (2019). Kaspersky Security Bulletin 2019. Statistics. https://securelist.com/kaspersky-security-bulletin-2019-statistics/95475/.Google Scholar
[87]
Lakhina, A., Crovella, M., and Diot, C. (2004). Diagnosing network-wide traffic anomalies. In Proceedings of the 2004 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, SIGCOMM’04, (pp. 219–230). ACM. http://doi.acm.org/10.1145/1015467.1015492.Google Scholar
[88]
Laxman, S., and Sastry, P. S. (2006). A survey of temporal data mining. Sadhana, 31(2), 173–198.CrossRefGoogle Scholar
[89]
LeClair, J. (2015). Small business, big threat: Protecting small businesses from cyber attacks. Tech. rep., National Cybersecurity Institute at Excelsior College. https://docs.house.gov/meetings/SM/SM00/20150422/103276/HHRG-114-SM00–20150422-SD003-U4.pdf.Google Scholar
[90]
Lee, H., and Yoon, Y. (2017). Engineering doc2vec for automatic classification of product descriptions on o2o applications. Electr. Commerce Res., 18, 1–24.Google Scholar
[91]
L’Huillier, G., Alvarez, H., Ríos, S. A., and Aguilera, F. (2011). Topic-based social network analysis for virtual communities of interests in the dark web. SIGKDD Explor. Newsl., 12(2), 66–73.Google Scholar
[92]
Liu, Y., Sarabi, A., Zhang, J., Naghizadeh, P., Karir, M., Bailey, M., and Liu, M. (2015). Cloudy with a chance of breach: Forecasting cyber security incidents. In 24th USENIX Security Symposium (USENIX Security 15), (pp. 1009–1024). USENIX. www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/liu.Google Scholar
[93]
Liu, Y., Zhang, J., Sarabi, A., Liu, M., Karir, M., and Bailey, M. (2015). Predicting cyber security incidents using feature-based characterization of network-level malicious activities. In IWSPA 2015 - Proceedings of the 2015 ACM International Workshop on Security and Privacy Analytics, Co-located with CODASPY 2015, IWSPA 2015 – Proceedings of the 2015 ACM International Workshop on Security and Privacy Analytics, Co-located with CODASPY 2015, (pp. 3–9). ACM.Google Scholar
[94]
Lloyd, J. W. (2012). Foundations of Logic Programming. Springer Science & Business Media.Google Scholar
[95]
Macdonald, M., Frank, R., Mei, J., and Monk, B. (2015). Identifying digital threats in a hacker web forum. In Proceedings of the 2015 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining 2015, ASONAM’15, (pp. 926–933). ACM.Google Scholar
[96]
Mandiant. (2013). APT1: Exposing one of China’s cyber espionage units. www.fireeye.com/content/dam/fireeye-www/services/pdfs/mandiant-apt1-report.pdf.Google Scholar
[97]
Manski, C. (2009). Identification for Prediction and Decision. Harvard University Press.Google Scholar
[98]
Marin, E. (2020). A hacker-centric perspective to empower cyber defense. PhD dissertation, Arizona State University.Google Scholar
[99]
Marin, E., Almukaynizi, M., Nunes, E., Shakarian, J., and Shakarian, P. (2018). Predicting hacker adoption on darkweb forums using sequential rule mining. In 2018 IEEE International Conference on Parallel Distributed Processing with Applications, Ubiquitous Computing Communications, Big Data Cloud Computing, Social Computing Networking, Sustainable Computing Communications (ISPA/IUCC/BDCloud/SocialCom/SustainCom), (pp. 1183–1190). https://doi.org/10.1109/BDCloud.2018.00174.Google Scholar
[100]
Marin, E., Almukaynizi, M., Nunes, E., and Shakarian, P. (2018). Community finding of malware and exploit vendors on darkweb marketplaces. In 2018 1st International Conference on Data Intelligence and Security (ICDIS), (pp. 81– 84). IEEE.Google Scholar
[101]
Marin, E., Almukaynizi, M., and Shakarian, P. (2019). Reasoning about future cyber-attacks through socio-technical hacking information. In 2019 IEEE 31th International Conference on Tools with Artificial Intelligence (ICTAI), (pp. 157–164).Google Scholar
[102]
Marin, E., Almukaynizi, M., and Shakarian, P. (2020). Inductive and deductive reasoning to assist in cyber-attack prediction. In 2020 IEEE Annual Computing and Communication Workshop and Conference, (pp. 262–268).Google Scholar
[103]
Marin, E., Diab, A., and Shakarian, P. (2016). Product offerings in malicious hacker markets. In 2016 IEEE Conference on Intelligence and Security Informatics (ISI), (pp. 187–189). IEEE.Google Scholar
[104]
Marin, E., Guo, R., and Shakarian, P. (2017). Temporal analysis of influence to predict users’ adoption in online social networks. In Proceedings of the 2017 International Conference on Social Computing, Behavioral-Cultural Modeling & Prediction and Behavior Representation in Modeling and Simulation (SBP-BRiMS-2017), (pp. 254–261). Springer.Google Scholar
[105]
Marin, E., Guo, R., and Shakarian, P. (2020). Measuring time-constrained influence to predict adoption in online social networks. Trans. Soc. Comput., 3(3). https://doi.org/10.1145/3372785.Google Scholar
[106]
Marin, E., Shakarian, J., and Shakarian, P. (2018). Mining key-hackers on darkweb forums. In 2018 1st International Conference on Data Intelligence and Security (ICDIS), (pp. 73–80). IEEE.Google Scholar
[107]
Marin, E. S., and d. Carvalho, C. L. (2014). Search in social networks: Designing models and algorithms that maximize human influence. In 2014 47th Hawaii International Conference on System Sciences, (pp. 1586–1595). IEEE.Google Scholar
[108]
Marin, E. S., and de Carvalho, C. L. (2013). Small-scale: A new model of social networks. In 2013 Winter Simulations Conference (WSC), (pp. 2972– 2983). IEEE.Google Scholar
[109]
Meier, L., Van De Geer, S., and Bühlmann, P. (2008). The group lasso for logistic regression. J. R. Stat. Soc. Series B, 70(1), 53–71. https://rss.onlinelibrary.wiley.com/doi/abs/10.1111/j.1467-9868.2007.00627.x.Google Scholar
[110]
Miller, C. (2007). The legitimate vulnerability market: Inside the secretive world of 0-day exploit sales. In Sixth Workshop on the Economics of Information Security, (p. 10). Carnegie Mellon University.Google Scholar
[112]
Mittal, S., Das, P. K., Mulwad, V., Joshi, A., and Finin, T. (2016). Cybertwitter: Using Twitter to generate alerts for cybersecurity threats and vulnerabilities. In 2016 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM), (pp. 860–867). IEEE.Google Scholar
[113]
Mitzenmacher, M., and Upfal, E. (2017). Probability and Computing: Ran-domization and Probabilistic Techniques in Algorithms and Data Analysis. Cambridge University Press.Google Scholar
[114]
Montgomery, D. C. (2007). Introduction to Statistical Quality Control. John Wiley.Google Scholar
[115]
Morris, R. G., and Blackburn, A. G. (2009). Cracking the code: An empirical exploration of social learning theory and computer crime. J. Crime Justice, 32(1), 1–34.CrossRefGoogle Scholar
[116]
Motoyama, M., McCoy, D., Levchenko, K., Savage, S., and Voelker, G. M. (2011). An analysis of underground forums. In Proceedings of the 2011 ACM SIGCOMM Conference on Internet Measurement Conference, IMC’11, (pp. 71– 80). ACM.Google Scholar
[117]
Munkres, J. (1957). Algorithms for the assignment and transportation problems. J. Soc. Indust. App. Math., 5(1), 32–38.Google Scholar
[118]
Nagaraja, S. (2007). Anonymity in the wild: Mixes on unstructured networks. In Borisov, N., and Golle, P. (Eds.) Privacy Enhancing Technologies, (pp. 254–271). Springer.Google Scholar
[119]
Nagaraja, S., Mittal, P., Hong, C.-Y., Caesar, M., and Borisov, N. (2010). Botgrep: Finding p2p bots with structured graph analysis. In Proceedings of the 19th USENIX Conference on Security, USENIX Security’10, (pp. 7–7). USENIX Association. http://dl.acm.org/citation.cfm?id=1929820.1929830.Google Scholar
[120]
Nayak, K., Marino, D., Efstathopoulos, P., and Dumitraş, T. (2014). Some vulnerabilities are different than others. In International Workshop on Recent Advances in Intrusion Detection, (pp. 426–446). Springer.Google Scholar
[121]
Nespoli, P., Papamartzivanos, D., MÃąrmol, F. G., and Kambourakis, G. (2018). Optimal countermeasures selection against cyber attacks: A comprehensive survey on reaction frameworks. IEEE Commun. Surv. Tutorials, 20(2), 1361– 1396. https://doi.org/10.1109/COMST.2017.2781126.Google Scholar
[122]
Neuhaus, S., Zimmermann, T., Holler, C., and Zeller, A. (2007). Predicting vulnerable software components. In Proceedings of the 14th ACM Conference on Computer and Communications Security, (pp. 529–540). ACM.Google Scholar
[123]
Newman, M. E. J. (2006). Finding community structure in networks using the eigenvectors of matrices. Phys. Rev. E, 74, 036104.Google Scholar
[125]
Nouh, M., and Nurse, J. (2015). Identifying key-players in online activist groups on the facebook social network. In 2015 IEEE International Conference on Data Mining Workshop (ICDMW), (pp. 969–978).Google Scholar
[126]
Nunes, E., Diab, A., Gunn, A., et al. (2016). Darknet and deepnet mining for proactive cybersecurity threat intelligence. In 2016 IEEE Conference on Intelligence and Security Informatics (ISI), (pp. 7–12). IEEE.Google Scholar
[127]
Nunes, E., Shakarian, P., and Simari, G. I. (2018). At-risk system identification via analysis of discussions on the darkweb. In 2018 APWG Symposium on Electronic Crime Research (eCrime), (pp. 1–12). APWG.Google Scholar
[128]
Nunes, E., Shakarian, P., Simari, G. I., and Ruef, A. (2016). Argumentation models for cyber attribution. In 2016 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM), (pp. 837–844). https://doi.org/10.1109/ASONAM.2016.7752335.Google Scholar
[129]
Okutan, A., Werner, G., Yang, S. J., and McConky, K. (2018). Forecasting cyberattacks with incomplete, imbalanced, and insignificant data. Cybersecurity, 1(1), 15. https://doi.org/10.1186/s42400–018-0016-5.Google Scholar
[130]
Oprea, A., Li, Z., Yen, T., Chin, S. H., and Alrwais, S. (2015). Detection of early-stage enterprise infection by mining large-scale log data. In 2015 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, (pp. 45–56). IEEE.Google Scholar
[131]
Pastrana, S., Hutchings, A., Caines, A., and Buttery, P. (2018). Characterizing eve: Analysing cybercrime actors in a large underground forum. In Bailey, M., Holz, T., Stamatogiannakis, M., and Ioannidis, S. (Eds.) Research in Attacks, Intrusions, and Defenses, (pp. 207–227). Springer International Publishing.Google Scholar
[132]
Pedregosa, F., Varoquaux, G., Gramfort, et al. (2011). Scikit-learn: Machine learning in Python. J. Machine Learn. Res., 12(Oct), 2825–2830.Google Scholar
[133]
Pei, J., Han, J., Mortazavi-Asl, B., Wang, J., Pinto, H., Chen, Q., Dayal, U., and Hsu, M.-C. (2004). Mining sequential patterns by pattern-growth: The prefixspan approach. IEEE Trans. Know. Data Eng., 16(11), 1424–1440.Google Scholar
[134]
Pfleeger, C. P., and Pfleeger, S. L. (2002). Security in Computing. Prentice Hall Professional Technical Reference.Google Scholar
[135]
Phillips, E., Nurse, J., Goldsmith, M., and Creese, S. (2015). Extracting social structure from darkweb forums. In 2015 International Conference on Social Media Technologies, Communication, and Informatics, (pp. 97–102). IARIA.Google Scholar
[136]
Pitman, A., and Zanker, M. (2011). An empirical study of extracting multidimensional sequential rules for personalization and recommendation in online commerce. In Proceeding of Wirtschaftsinformatik, (pp. 180–189).Google Scholar
[137]
Pons, A., and Pons, E. (2015). Social learning theory and ethical hacking: Student perspectives on a hacking curriculum. In Proceedings of the Information Systems Education Conference, ISECON 2015, (pp. 289–299). Foundation for IT Education.Google Scholar
[138]
Qiu, M., Sim, Y., Smith, N. A., and Jiang, J. (2015). Modeling user arguments, interactions, and attributes for stance prediction in online debate forums. In Proceedings of the 2015 SIAM International Conference on Data Mining, SIAM’2015, (pp. 855–863). SIAM Press.Google Scholar
[139]
Radianti, J. (2010). A study of a social behavior inside the online black markets. In 2010 Fourth International Conference on Emerging Security Information, Systems and Technologies, (pp. 189–194). IEEE.Google Scholar
[140]
Rahwan, I., Simari, G. R., and van Benthem, J. (2009). Argumentation in Artificial Intelligence. vol. 47. Springer.Google Scholar
[141]
Randall, D. (2006). Rapidly mixing Markov chains with applications in computer science and physics. Comput. Sci. Eng., 8(2), 30–41.Google Scholar
[142]
Rekšna, T. (2017). Complex network analysis of Darknet black market forum structure. Master’s thesis, Leiden University, the Netherlands.Google Scholar
[143]
Ribeiro, M. T., Singh, S., and Guestrin, C. (2016). “Why should i trust you?”: Explaining the predictions of any classifier. In Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD’16, (pp. 1135–1144). ACM. http://doi.acm.org/10.1145/2939672.2939778.Google Scholar
[144]
Robertson, J., Diab, A., Marin, E., Nunes, E., Paliath, V., Shakarian, J., and Shakarian, P. (2016). Darknet mining and game theory for enhanced cyber threat intelligence. Cyber Defense Rev., 1(2), 95–121.Google Scholar
[145]
Robertson, J., Diab, A., Marin, E., Nunes, E., Paliath, V., Shakarian, J., and Shakarian, P. (2017). Darkweb Cyber Threat Intelligence Mining. Cambridge University Press.Google Scholar
[146]
Robertson, J., Paliath, V., Shakarian, J., Thart, A., and Shakarian, P. (2016). Data driven game theoretic cyber threat mitigation. In Proceedings of the Thirtieth AAAI Conference on Artificial Intelligence (AAAI-16), (pp. 4041–4046). AAAI.Google Scholar
[147]
Roy, A., Kim, D. S., and Trivedi, K. S. (2012). Scalable optimal countermeasure selection using implicit enumeration on attack countermeasure trees. In IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012), (pp. 1–12). IEEE.Google Scholar
[148]
Sabottke, C., Suciu, O., and Dumitras, T. (2015). Vulnerability disclosure in the age of social media: Exploiting Twitter for predicting real-world exploits. In USENIX Security, vol. 15, (pp. 1041–1056). USENIX.Google Scholar
[149]
Samtani, S., and Chen, H. (2016). Using social network analysis to identify key hackers for keylogging tools in hacker forums. In Proceeding of ISI 2016, (pp. 319–321). IEEE.Google Scholar
[150]
Samtani, S., Chinn, K., Larson, C., and Chen, H. (2016). Azsecure hacker assets portal: Cyber threat intelligence and malware analysis. In 2016 IEEE Conference on Intelligence and Security Informatics (ISI), (pp. 19–24). IEEE.Google Scholar
[151]
Samtani, S., Chinn, R., and Chen, H. (2015). Exploring hacker assets in underground forums. In 2015 IEEE International Conference on Intelligence and Security Informatics (ISI), (pp. 31–36). IEEE.Google Scholar
[152]
Sapienza, A., Bessi, A., Damodaran, S., Shakarian, P., Lerman, K., and Ferrara, E. (2017). Early warnings of cyber threats in online discussions. In 2017 IEEE International Conference on Data Mining Workshops (ICDMW), (pp. 667–674). IEEE.Google Scholar
[153]
Sapienza, A., Ernala, S. K., Bessi, A., Lerman, K., and Ferrara, E. (2018). Discover: Mining online chatter for emerging cyber threats. In Companion Proceedings of the Web Conference 2018, WWW’18, (pp. 983–990). International World Wide Web Conferences Steering Committee.Google Scholar
[154]
Sarkar, S., Almukaynizi, M., Shakarian, J., and Shakarian, P. (2018). Predicting enterprise cyber incidents using social network analysis on the darkweb hacker forums. http://arxiv.org/abs/1811.06537.Google Scholar
[155]
Sarkar, S., Almukaynizi, M., Shakarian, J., and Shakarian, P. (2019). Mining user interaction patterns in the darkweb to predict enterprise cyber incidents. Social Network Anal. Min., 9(57). https://doi.org/10.1007/s13278–019-0603-9,.Google Scholar
[156]
Scandariato, R., Walden, J., Hovsepyan, A., and Joosen, W. (2014). Predicting vulnerable software components via text mining. IEEE Trans. Software Eng., 40(10), 993–1006.Google Scholar
[157]
Schökopf, B., Platt, J., and Hofmann, T. (2007). In-Network PCA and Anomaly Detection, (pp. 617–624). MITP. https://ieeexplore.ieee.org/document/6287317.Google Scholar
[158]
Seebruck, R. (2015). A typology of hackers: Classifying cyber malfeasance using a weighted arc circumplex model. Digital Invest., 14, 36–45.Google Scholar
[159]
Senthilkumar, R., Deepika, R., Saranya, R., and Govind, M. D. (2016). Generating adaptive partially ordered sequential rules. In Proceedings of the International Conference on Informatics and Analytics, ICIA-16, (pp. 110:1–110:8). ACM.Google Scholar
[160]
Shakarian, J., Gunn, A. T., and Shakarian, P. (2016). Exploring Malicious Hacker Forums. Springer International.Google Scholar
[161]
Shakarian, J., Shakarian, P., and Ruef, A. (2015 ). Cyber attacks and public embarrassment: A survey of some notable hacks. Elsevier SciTechConnect.Google Scholar
[162]
Shakarian, P., Parker, A., Simari, G., and Subrahmanian, V. V. S. (2011). Annotated probabilistic temporal logic. ACM Trans. Comput. Logic, 12(2), 14:1– 14:44.Google Scholar
[163]
Shakarian, P., and Shakarian, J. (2016). Socio-cultural modeling for cyber threat actors. In AAAI Workshop on Artificial Intelligence and Cyber Security (AICS), (pp. 193–194). AAAI.Google Scholar
[164]
Shakarian, P., Simari, G. I., Moores, G., and Parsons, S. (2015). Cyber attribution: An argumentation-based approach. In Cyber Warfare, (pp. 151–171). Springer.Google Scholar
[165]
Shakarian, P., Simari, G. I., and Subrahmanian, V. S. (2012 ). Annotated probabilistic temporal logic: Approximate fixpoint implementation. ACM Trans. Comput. Logic, 13(2), 13:1–13:33.Google Scholar
[166]
Shlens, J. (2014). A tutorial on principal component analysis. Int. J. Remote Sensing, 51(2).Google Scholar
[167]
Sikos, L. F., Philp, D., Howard, C., Voigt, S., Stumptner, M., and Mayer, W. (2019). Knowledge Representation of Network Semantics for Reasoning-Powered Cyber-Situational Awareness, (pp. 19–45). Springer International. https://doi.org/10.1007/978-3-319-98842-9_2.Google Scholar
[168]
Skinner, W. F., and Fream, A. M. (1997). A social learning theory analysis of computer crime among college students. J. Res. Crime Delinquency, 34(4), 495–518.Google Scholar
[169]
Sood, A. K., Bansal, R., and Enbody, R. J. (2013). Cybercrime: Dissecting the state of underground enterprise. IEEE Internet Comput., 17(1), 60–68.Google Scholar
[170]
Soska, K., and Christin, N. (2014). Automatically detecting vulnerable websites before they turn malicious. In Usenix Security, (pp. 625–640). Usenix.Google Scholar
[171]
Soule, A., Salamatian, K., and Taft, N. (2005). Combining filtering and statistical methods for anomaly detection. In Proceedings of the 5th ACM SIGCOMM Conference on Internet Measurement, IMC’05, (pp. 31–31). USENIX Association. http://dl.acm.org/citation.cfm?id=1251086.1251117.Google Scholar
[172]
Stanton, A., Thart, A., Jain, A., Vyas, P., Chatterjee, A., and Shakarian, P. (2015). Mining for causal relationships: A data-driven study of the islamic state. In Proceedings of the 21th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, (pp. 2137–2146). ACM.Google Scholar
[173]
Stolzenburg, F., García, A. J., Chesnevar, C. I., and Simari, G. R. (2003). Computing generalized specificity. J. App. Non-Classical Logics, 13(1), 87–113.Google Scholar
[174]
Sun, N., Zhang, J., Rimba, P., Gao, S., Zhang, L. Y., and Xiang, Y. (2019). Data-driven cybersecurity incident prediction: A survey. IEEE Commun. Surv. Tutorials, 21(2), 1744–1772. https://doi.org/10.1109/COMST.2018.2885561.Google Scholar
[175]
Sun, X., Dai, J., Liu, P., Singhal, A., and Yen, J. (2018). Using Bayesian networks for probabilistic identification of zero-day attack paths. IEEE Trans. Inform. Forensics Security, 13(10), 2506–2521.Google Scholar
[176]
Swarner, J. (2017). Before WannaCry was unleashed, hackers plotted about it on the dark web. http://slate.me/2xQvscu.Google Scholar
[177]
Swearingen, J. (2017). The creator of the Mirai botnet is probably a Rutgers student with the bad habit of bragging. http://slct.al/2wpr54I.Google Scholar
[178]
Symantec. (2019). 2019 internet security threat report. www.symantec.com/security-center/threat-report.Google Scholar
[179]
Tan, P., Steinbach, M., and Kumar, V. (2013). Introduction to Data Mining. Addison-Wesley.Google Scholar
[180]
Tang, J., Musolesi, M., Mascolo, C., and Latora, V. (2009). Temporal distance metrics for social network analysis. In Proceedings of the 2nd ACM Workshop on Online Social Networks, WOSN’09, (pp. 31–36). ACM. http://doi.acm.org/10.1145/1592665.1592674.Google Scholar
[181]
Tavabi, N., Goyal, P., Almukaynizi, M., Shakarian, P., and Lerman, K. (2018). Darkembed: Exploit prediction with neural language models. In Proceedings of AAAI Conference on Innovative Applications of AI (IAAI2018), (p. 6). AAAI.Google Scholar
[182]
Tibshirani, R., and Suo, X. (2016). An ordered lasso and sparse time-lagged regression. Technometrics, 58(4), 415–423. https://doi.org/10.1080/00401706.2015.1079245.Google Scholar
[183]
Trieu, L. Q., Tran, H. Q., and Tran, M.-T. (2017). News classification from social media using Twitter-based doc2vec model and automatic query expansion. In Proceedings of the Eighth International Symposium on Information and Communication Technology, (pp. 460–467). ACM.Google Scholar
[184]
Turek, M. (2019). Explainable artificial intelligence (XAI). www.darpa.mil/program/explainable-artificial-intelligence.Google Scholar
[185]
Veeramachaneni, K., Arnaldo, I., Korrapati, V., Bassias, C., and Li, K. (2016). Ai2 : Training a big data machine to defend. In 2016 IEEE 2nd International Conference on Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing (HPSC), and IEEE International Conference on Intelligent Data and Security (IDS), (pp. 49–54). IEEE.Google Scholar
[186]
Verizon. (2015). 2015 data breach investigations report. https://cybersecurity.idaho.gov/wp-content/uploads/sites/87/2019/04/data-breach-investiga tion-report_2015.pdf.Google Scholar
[187]
Verizon. (2017). 2017 data breach investigations report. www.ictsecuritymagazine.com/wp-content/uploads/2017-Data-Breach-Investigations-Report.pdf.Google Scholar
[188]
Walden, J., Stuckman, J., and Scandariato, R. (2014). Predicting vulnerable components: Software metrics vs text mining. In 2014 IEEE 25th International Symposium on Software Reliability Engineering (ISSRE), (pp. 23–33). IEEE.Google Scholar
[190]
Widmer, G., and Kubat, M. (1996). Learning in the presence of concept drift and hidden contexts. Machine Learning, 23(1), 69–101. https://doi.org/10.1023/A:1018046501280.Google Scholar
[191]
Xu, J., and Chen, H. (2008). The topology of dark networks. Commun. ACM, 51(10), 58–65. http://doi.acm.org/10.1145/1400181.1400198.Google Scholar
[192]
Xu, T., Sun, J., and Bi, J. (2015). Longitudinal lasso: Jointly learning features and temporal contingency for outcome prediction. In Proceedings of the 21th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD’15, (pp. 1345–1354). ACM. http://doi.acm.org/10.1145/2783258.2783403.Google Scholar
[193]
Yang, C. C., Tang, X., and Gong, X. (2011). Identifying dark web clusters with temporal coherence analysis. In 2011 IEEE International Conference on Intelligence and Security Informatics (ISI), (pp. 167–172). IEEE.Google Scholar
[194]
Yang, T., Brinton, C., and Joe-Wong, C. (2018). Predicting learner interactions in social learning networks. In IEEE Conference on Computer Communications (INFOCOM), INFOCOM’18, (pp. 1322–1330). IEEE.Google Scholar
[195]
Yip, M., Shadbolt, N., and Webber, C. (2013). Why forums? an empirical analysis into the facilitating factors of carding forums. In Proceedings of the 5th Annual ACM Web Science Conference, WebSci’13, (pp. 453–462). ACM. http://doi.acm.org/10.1145/2464464.2464524.Google Scholar
[196]
Zafarani, R., Abbasi, M., and Liu, H. (2014). Social Media Mining: An Introduction. Cambridge University Press.Google Scholar
[197]
Zhang, J., Liu, B., Tang, J., Chen, T., and Li, J. (2013). Social influence locality for modeling retweeting behaviors. In Proceedings of the 23rd International Joint Conference on Artificial Intelligence (IJCAI’13), (pp. 2761–2767). AAAI Press.Google Scholar
[198]
Zhang, S., Caragea, D., and Ou, X. (2011). An empirical study on using the national vulnerability database to predict software vulnerabilities. In International Conference on Database and Expert Systems Applications, (pp. 217–231). Springer.Google Scholar
[199]
Zhang, X., and Chenwei, L. (2013). Survival analysis on hacker forums. In 2013 SIGBPS Workshop on Business Processes and Service, (pp. 106–2013). AIS.Google Scholar
[200]
Zhang, X., Tsang, A., Yue, W., and Chau, M. (2015). The classification of hackers by knowledge exchange behaviors. Inform. Syst. Frontiers, 17(6), 1239– 1251.Google Scholar
[201]
Zhao, Z., Ahn, G.-J., Hu, H., and Mahi, D. (2012). SocialImpact: Systematic analysis of underground social dynamics. In Foresti, S., Yung, M., and Martinelli, F. (Eds.) ESORICS, vol. 7459 of Lecture Notes in Computer Science, (pp. 877–894). Springer.Google Scholar