Start Date

11-12-2016 12:00 AM

Description

Over the years, cybercriminals increasingly joined the underground economy to exchange malicious services for conducting data breaches crimes. As many service providers are rippers, most cybercriminals rely on a few high quality services. To this end, cybercriminals post customer reviews evaluating the purchase experience and the service quality. To identify high quality services, researchers face two major challenges – the cybercriminal-specific language and the scale of the underground economy. This study presents a text-mining-based system for identifying high quality services by analyzing customer reviews. A novel supervised topic model is designed to accommodate the heterogeneous and uncertain nature of customer reviews. We further designed a variational algorithm for model inference. Moreover, we collected real data from two underground economy forums for English-speaking and Russian-speaking cybercriminals as our research testbed. Our research contributes to the practice of understanding and mitigating underground economy by providing cybersecurity researchers and practitioners with actionable intelligence.

Share

COinS
 
Dec 11th, 12:00 AM

Identifying High Quality Carding Services in Underground Economy using Nonparametric Supervised Topic Model

Over the years, cybercriminals increasingly joined the underground economy to exchange malicious services for conducting data breaches crimes. As many service providers are rippers, most cybercriminals rely on a few high quality services. To this end, cybercriminals post customer reviews evaluating the purchase experience and the service quality. To identify high quality services, researchers face two major challenges – the cybercriminal-specific language and the scale of the underground economy. This study presents a text-mining-based system for identifying high quality services by analyzing customer reviews. A novel supervised topic model is designed to accommodate the heterogeneous and uncertain nature of customer reviews. We further designed a variational algorithm for model inference. Moreover, we collected real data from two underground economy forums for English-speaking and Russian-speaking cybercriminals as our research testbed. Our research contributes to the practice of understanding and mitigating underground economy by providing cybersecurity researchers and practitioners with actionable intelligence.