Socio-metrics: Identifying Invisible Deviant Adversaries
Technical Report,01 Oct 2013,30 Jun 2014
Arizona State University Tempe United States
Pagination or Media Count:
In recent times, with the increasing growth in popularity of online social networks OSNs and Internet discussion forums, cybercriminalshave found new ways to communicate and collaborate with each other in order to carry out cyber-attacks. Adversaries actively use Internetforums to form underground hacking communities where they exchange information on creating malicious programs and engage in the tradeof malicious goods and services. Identifying the influential members of these underground communities who are behind the creation anddistribution of tools used in cyber-attacks would greatly help law enforcement agencies in controlling cybercrime. Manually analyzing realworlddata on hacking groups is tedious and requires enormous time and effort. For this seed project, we focus on SocialSEAL, a tool whichmakes use of social network analysis techniques to reduce the manual effort required in identifying influential adversaries and visualizingthe underlying social structure of underground hacking communities, that will eventually help identify links between attack attributions andinfluential adversaries in the next phase of this project.