SaTC: CORE: Small: Cybersecurity Big Data Research for Hacker Communities: A Topic and Language Modeling Approach

SaTC：核心：小型：黑客社区的网络安全大数据研究：主题和语言建模方法

• 批准号: 1936370
• 负责人: Hsinchun Chen
• 金额: $ 51.06万
• 依托单位: University of Arizona
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2019
• 资助国家: 美国
• 起止时间: 2019-10-01 至 2024-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1936370&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Cybersecurity; Big

It is estimated that cybercrime costs the global economy around $445 billion annually, particularly due to intellectual property theft and financial fraud using stolen consumer data. Incidents of large-scale hacking and data theft occur regularly, with many cyberattacks resulting in theft of sensitive personal information or intellectual property. Cybersecurity will remain a critical problem for the foreseeable future, necessitating more research on a large, diverse, covert and evolving international hacker community. Computer science and social science researchers face non-trivial challenges, such as the technical difficulties in data collection and analytics, the massive volume of data collection, the heterogeneity and covert nature of data elements, and the ability to comprehend common hacker terms and concepts across regions. In order to alleviate these challenges, this project has two research goals: 1) advance current capabilities for scalable identification, collection, and analysis of international hacker community contents, and 2) make contributions to the cybersecurity community by developing new big data techniques that could enable researchers to conduct analyses on hacker content and other related domains. The impact of the project is made through the sharing and dissemination of our comprehensive hacker community data collection, advanced collection strategies, and innovative analytical approaches within the NSF Secure and Trustworthy Cyberspace data science and other communities.This project aims to develop a large, comprehensive and longitudinal testbed of all significant international online hacker community contents, including: forums, IRCs, underground economies, and other emerging hacker assets, for the cybersecurity and big data communities. The analytical approaches mainly aim to address the large-scale international hacker community content analysis for proactive cyber threat intelligence (CTI). In order to analyze hacker contents, the project develops an innovative, holistic, and proactive CTI framework encompassing Cross-Lingual Knowledge Transfer to alleviate the language barrier, Nonparametric Supervised Topic Modeling to profile key hacker assets, and Scalable Dynamic Topic Modeling to inform emerging threat detection. UA's National Security Agency-designated Center of Academic Excellence in Cyber Defense, Research, and Operations, NSF Scholarship-for-Service (SFS) Cyber-Corps, and top-ranked Master's in Cybersecurity programs position the project for synergy with teaching and research. Techniques developed in this project not only advance CTI knowledge, but also deep transfer learning, deep generative modeling, supervised topic modeling, dynamic topic modeling, neural variational inference, and numerous other important domains. Results from this research will be disseminated through various academic and cybersecurity industry channels such as undergraduate and graduate curricula, IEEE Intelligence and Security Informatics conference, National Cyber-Forensics Training Alliance (NCFTA), The Society for the Policing of Cyberspace (POLCYB), and NSF CyberCorps SFS.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

据估计，网络犯罪每年给全球经济造成约4450亿美元的损失，特别是由于知识产权盗窃和利用被盗消费者数据进行金融欺诈。大规模黑客攻击和数据盗窃事件经常发生，许多网络攻击导致敏感的个人信息或知识产权被盗。在可预见的未来，网络安全仍将是一个关键问题，需要对一个庞大、多样化、隐蔽和不断发展的国际黑客社区进行更多研究。计算机科学和社会科学研究人员面临着重大挑战，例如数据收集和分析的技术困难，数据收集的大量数据，数据元素的异质性和隐蔽性，以及跨区域理解常见黑客术语和概念的能力。为了缓解这些挑战，该项目有两个研究目标：1）提高当前可扩展识别，收集和分析国际黑客社区内容的能力，2）通过开发新的大数据技术为网络安全社区做出贡献，使研究人员能够对黑客内容和其他相关领域进行分析。 该项目的影响是通过分享和传播我们全面的黑客社区数据收集，先进的收集策略，以及NSF安全和值得信赖的网络空间数据科学和其他社区的创新分析方法。该项目旨在开发一个大型，全面和纵向的测试平台，所有重要的国际在线黑客社区内容，包括：论坛、IRC、地下经济和其他新兴的黑客资产，为网络安全和大数据社区服务。分析方法主要针对大规模国际黑客社区内容分析，以获得主动网络威胁情报（CTI）。为了分析黑客内容，该项目开发了一个创新的，全面的，主动的CTI框架，包括跨语言知识转移，以减轻语言障碍，非参数监督主题建模，以分析关键的黑客资产，可扩展的动态主题建模，以通知新兴的威胁检测。UA的国家安全认证指定的网络防御，研究和运营学术卓越中心，NSF奖学金服务（SFS）网络军团，以及网络安全计划中排名第一的硕士学位，使该项目与教学和研究协同。该项目中开发的技术不仅推进了CTI知识，还促进了深度迁移学习、深度生成建模、监督主题建模、动态主题建模、神经变分推理和许多其他重要领域的发展。这项研究的结果将通过各种学术和网络安全行业渠道传播，如本科生和研究生课程，IEEE情报和安全信息学会议，国家网络取证培训联盟（NCFTA），网络空间警务协会（POLCYB），和NSF CyberCorps SFS。该奖项反映了NSF的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准。

项目成果

Trailblazing the Artificial Intelligence for Cybersecurity Discipline: A Multi-Disciplinary Research Roadmap

• DOI: 10.1145/3430360
• 发表时间: 2020-12-01
• 期刊: ACM TRANSACTIONS ON MANAGEMENT INFORMATION SYSTEMS
• 影响因子: 2.5
• 作者: Samtani, Sagar;Kantarcioglu, Murat;Chen, Hsinchun
• 通讯作者: Chen, Hsinchun

A Generative Adversarial Learning Framework for Breaking Text-Based CAPTCHA in the Dark Web

• DOI: 10.1109/isi49825.2020.9280537
• 发表时间: 2020-11
• 期刊: 2020 IEEE International Conference on Intelligence and Security Informatics (ISI)
• 作者: Ning Zhang;Mohammadreza Ebrahimi;Weifeng Li;Hsinchun Chen

Cross-Lingual Cybersecurity Analytics in the International Dark Web with Adversarial Deep Representation Learning

国际暗网中的跨语言网络安全分析与对抗性深度表示学习

• DOI: 10.25300/misq/2022/16618
• 发表时间: 2022
• 期刊: MIS quarterly
• 影响因子: 7.3
• 作者: Ebrahimi, M;Chai, Y;Samtani, S;and Chen, H.
• 通讯作者: and Chen, H.

Detecting Cyber Threats in Non-English Hacker Forums: An Adversarial Cross-Lingual Knowledge Transfer Approach

• DOI: 10.1109/spw50608.2020.00021
• 发表时间: 2020-05
• 期刊: 2020 IEEE Security and Privacy Workshops (SPW)
• 作者: Mohammadreza Ebrahimi;Sagar Samtani;Yidong Chai;Hsinchun Chen

Binary Black-Box Attacks Against Static Malware Detectors with Reinforcement Learning in Discrete Action Spaces

• DOI: 10.1109/spw53761.2021.00021
• 发表时间: 2021-05
• 期刊: 2021 IEEE Security and Privacy Workshops (SPW)
• 作者: Mohammadreza Ebrahimi;Jason L. Pacheco;Weifeng Li;J. Hu;Hsinchun Chen