Identifying Key Expert Actors in Cybercrime Forums Based on their Technical Expertise

• URL: http://arxiv.org/abs/2506.01848v2
• Date: Tue, 03 Jun 2025 08:07:00 GMT
• Title: Identifying Key Expert Actors in Cybercrime Forums Based on their Technical Expertise
• Authors: Estelle Ruellan, Francois Labreche, Masarah Paquet-Clouston,
• Abstract summary: This study identifies communities interested in specific attack patterns across cybercrime forums and their related key expert actors.<n>Key actors identified in this study account for about 4% of the study population.<n>Third, about half of the study population are amateurs who show little technical expertise.
• Score: 0.0
• License: http://creativecommons.org/licenses/by-nc-sa/4.0/
• Abstract: The advent of Big Data has made the collection and analysis of cyber threat intelligence challenging due to its volume, leading research to focus on identifying key threat actors; yet these studies have failed to consider the technical expertise of these actors. Expertise, especially towards specific attack patterns, is crucial for cybercrime intelligence, as it focuses on targeting actors with the knowledge and skills to attack enterprises. Using CVEs and CAPEC classifications to build a bimodal network, as well as community detection, k-means and a criminological framework, this study addresses the key hacker identification problem by identifying communities interested in specific attack patterns across cybercrime forums and their related key expert actors. The analyses reveal several key contributions. First, the community structure of the CAPEC-actor bimodal network shows that there exists groups of actors interested in similar attack patterns across cybercrime forums. Second, key actors identified in this study account for about 4% of the study population. Third, about half of the study population are amateurs who show little technical expertise. Finally, key actors highlighted in this study represent a promising scarcity for resources allocation in cyber threat intelligence production. Further research should look into how they develop and use their technical expertise in cybercrime forums.

Related papers

• Identity Deepfake Threats to Biometric Authentication Systems: Public and Expert Perspectives [18.51811906909478]
  Generative AI (Gen-AI) deepfakes pose a rapidly evolving threat to biometric authentication.<n>Experts express grave concerns about the spoofing of static modalities like face and voice recognition.<n>We introduce a novel Deepfake Kill Chain model to map the specific attack vectors used by malicious actors against biometric systems.
  arXiv  Detail & Related papers  (2025-06-07T15:02:23Z)
• A Review of the Duality of Adversarial Learning in Network Intrusion: Attacks and Countermeasures [0.0]
  Adversarial attacks, particularly those targeting vulnerabilities in deep learning models, present a nuanced and substantial threat to cybersecurity.<n>Our study delves into adversarial learning threats such as Data Poisoning, Test Time Evasion, and Reverse Engineering.<n>Our research lays the groundwork for strengthening defense mechanisms to address the potential breaches in network security and privacy posed by adversarial attacks.
  arXiv  Detail & Related papers  (2024-12-18T14:21:46Z)
• Deepfake Media Forensics: State of the Art and Challenges Ahead [51.33414186878676]
  AI-generated synthetic media, also called Deepfakes, have influenced so many domains, from entertainment to cybersecurity. Deepfake detection has become a vital area of research, focusing on identifying subtle inconsistencies and artifacts with machine learning techniques. This paper reviews the primary algorithms that address these challenges, examining their advantages, limitations, and future prospects.
  arXiv  Detail & Related papers  (2024-08-01T08:57:47Z)
• The Anatomy of Deception: Technical and Human Perspectives on a Large-scale Phishing Campaign [4.369550829556578]
  This study takes an unprecedented deep dive into large-scale phishing campaigns aimed at Meta's users. Analysing data from over 25,000 victims worldwide, we highlight the nuances of these campaigns. Through the application of advanced computational techniques, including natural language processing and machine learning, this work unveils critical insights into the psyche of victims.
  arXiv  Detail & Related papers  (2023-10-05T12:24:24Z)
• Investigating Human-Identifiable Features Hidden in Adversarial Perturbations [54.39726653562144]
  Our study explores up to five attack algorithms across three datasets. We identify human-identifiable features in adversarial perturbations. Using pixel-level annotations, we extract such features and demonstrate their ability to compromise target models.
  arXiv  Detail & Related papers  (2023-09-28T22:31:29Z)
• On the Security Risks of Knowledge Graph Reasoning [71.64027889145261]
  We systematize the security threats to KGR according to the adversary's objectives, knowledge, and attack vectors. We present ROAR, a new class of attacks that instantiate a variety of such threats. We explore potential countermeasures against ROAR, including filtering of potentially poisoning knowledge and training with adversarially augmented queries.
  arXiv  Detail & Related papers  (2023-05-03T18:47:42Z)
• Graph Mining for Cybersecurity: A Survey [61.505995908021525]
  The explosive growth of cyber attacks nowadays, such as malware, spam, and intrusions, caused severe consequences on society. Traditional Machine Learning (ML) based methods are extensively used in detecting cyber threats, but they hardly model the correlations between real-world cyber entities. With the proliferation of graph mining techniques, many researchers investigated these techniques for capturing correlations between cyber entities and achieving high performance.
  arXiv  Detail & Related papers  (2023-04-02T08:43:03Z)
• Generating Cyber Threat Intelligence to Discover Potential Security Threats Using Classification and Topic Modeling [6.0897744845912865]
  Cyber Threat Intelligence (CTI) has been represented as one of the proactive and robust mechanisms. Our goal is to identify and explore relevant CTI from hacker forums by using different supervised and unsupervised learning techniques.
  arXiv  Detail & Related papers  (2021-08-16T02:30:29Z)
• Adversarial Machine Learning Attacks and Defense Methods in the Cyber Security Domain [58.30296637276011]
  This paper summarizes the latest research on adversarial attacks against security solutions based on machine learning techniques. It is the first to discuss the unique challenges of implementing end-to-end adversarial attacks in the cyber security domain.
  arXiv  Detail & Related papers  (2020-07-05T18:22:40Z)
• Survey of Network Intrusion Detection Methods from the Perspective of the Knowledge Discovery in Databases Process [63.75363908696257]
  We review the methods that have been applied to network data with the purpose of developing an intrusion detector. We discuss the techniques used for the capture, preparation and transformation of the data, as well as, the data mining and evaluation methods. As a result of this literature review, we investigate some open issues which will need to be considered for further research in the area of network security.
  arXiv  Detail & Related papers  (2020-01-27T11:21:05Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.