Login (DCU Staff Only)
Login (DCU Staff Only)

DORAS | DCU Research Repository

Explore open access research and scholarly works from DCU

Advanced Search

A text-mining based cyber-risk assessment and mitigation framework for critical analysis of online hacker forums

Biswas, Baidyanath orcid logoORCID: 0000-0002-0609-3530, Mukhopadhyay, Arunabha orcid logoORCID: 0000-0003-1455-5587, Bhattacharjee, Sudip orcid logoORCID: 0000-0002-1887-721X, Kumar, Ajay and Delen, Dursun orcid logoORCID: 0000-0001-8857-5148 (2021) A text-mining based cyber-risk assessment and mitigation framework for critical analysis of online hacker forums. Decision Support Systems, 152 . ISSN 0167-9236

Abstract
Online hacker communities are meeting spots for aspiring and seasoned cybercriminals where they engage in technical discussions, share exploits and relevant hacking tools to be used in launching cyber-attacks on business organizations. Sometimes, the affected organizations can detect these attacks in advance, with the help of cyber-threat intelligence derived from the explicit and implicit features of hacker communication in these forums. Herein, we proposed a novel text-mining based cyber-risk assessment and mitigation framework, which performs the following critical tasks. (i) Cyber-risk Assessment - to identify hacker expertise (i.e., newbie, beginner, intermediate, and advanced) using explicit and implicit features applying various classification algorithms. Among these features, cybersecurity keywords, sharing of attachments, and sentiments emerged as significant. Further, we found that expert hackers demonstrate leadership in the online forums that eventually serve as communities of practice. Consequently, novice hackers gradually develop their cyber-attack skills through prolonged observations, interactions, and external influences in this social learning process. (ii) Cyber-risk mitigation – computes financial impact for every {hacker expertise, attack-type} combination, and then by ranking them on a {likelihood, impact} decision-matrix to prioritize mitigation strategies in affected organizations. Through these novel recommendations, our framework can guide managers to decide on appropriate cybersecurity controls using an {expected loss, probability, attack-type, hacker expertise} metric against financial losses due to cyber-attacks.
Metadata
Item Type:Article (Published)
Refereed:Yes
Additional Information:Article number: 113651
Uncontrolled Keywords:Information security; cyber risks; hacker forum; sentiment analysis
Subjects:Business > Electronic commerce
Computer Science > Artificial intelligence
Computer Science > Machine learning
DCU Faculties and Centres:DCU Faculties and Schools > DCU Business School
Publisher:Elsevier
Official URL:https://dx.doi.org/10.1016/j.dss.2021.113651
Copyright Information:© 2021 Elsevier. (CC BY-NC-ND)
ID Code:26799
Deposited On:23 Mar 2022 11:14 by Baidyanath Biswas . Last Modified 22 Jul 2023 04:30
Documents

Full text available as:

[thumbnail of DSS-2021_07_20.pdf]
Preview
PDF - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
947kB
Metrics

Altmetric Badge

Dimensions Badge

Downloads

Downloads

Downloads per month over past year

Archive Staff Only: edit this record