SaTC: CORE: Small: Cybersecurity Big Data Research for Hacker Communities: A Topic and Language Modeling Approach

SaTC：核心：小型：黑客社区的网络安全大数据研究：主题和语言建模方法

• 批准号: 1936370
• 负责人: Hsinchun Chen
• 金额: $ 51.06万
• 依托单位: University of Arizona
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2019
• 资助国家: 美国
• 起止时间: 2019-10-01 至 2024-09-30
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1936370&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Cybersecurity; Big

It is estimated that cybercrime costs the global economy around $445 billion annually, particularly due to intellectual property theft and financial fraud using stolen consumer data. Incidents of large-scale hacking and data theft occur regularly, with many cyberattacks resulting in theft of sensitive personal information or intellectual property. Cybersecurity will remain a critical problem for the foreseeable future, necessitating more research on a large, diverse, covert and evolving international hacker community. Computer science and social science researchers face non-trivial challenges, such as the technical difficulties in data collection and analytics, the massive volume of data collection, the heterogeneity and covert nature of data elements, and the ability to comprehend common hacker terms and concepts across regions. In order to alleviate these challenges, this project has two research goals: 1) advance current capabilities for scalable identification, collection, and analysis of international hacker community contents, and 2) make contributions to the cybersecurity community by developing new big data techniques that could enable researchers to conduct analyses on hacker content and other related domains. The impact of the project is made through the sharing and dissemination of our comprehensive hacker community data collection, advanced collection strategies, and innovative analytical approaches within the NSF Secure and Trustworthy Cyberspace data science and other communities.This project aims to develop a large, comprehensive and longitudinal testbed of all significant international online hacker community contents, including: forums, IRCs, underground economies, and other emerging hacker assets, for the cybersecurity and big data communities. The analytical approaches mainly aim to address the large-scale international hacker community content analysis for proactive cyber threat intelligence (CTI). In order to analyze hacker contents, the project develops an innovative, holistic, and proactive CTI framework encompassing Cross-Lingual Knowledge Transfer to alleviate the language barrier, Nonparametric Supervised Topic Modeling to profile key hacker assets, and Scalable Dynamic Topic Modeling to inform emerging threat detection. UA's National Security Agency-designated Center of Academic Excellence in Cyber Defense, Research, and Operations, NSF Scholarship-for-Service (SFS) Cyber-Corps, and top-ranked Master's in Cybersecurity programs position the project for synergy with teaching and research. Techniques developed in this project not only advance CTI knowledge, but also deep transfer learning, deep generative modeling, supervised topic modeling, dynamic topic modeling, neural variational inference, and numerous other important domains. Results from this research will be disseminated through various academic and cybersecurity industry channels such as undergraduate and graduate curricula, IEEE Intelligence and Security Informatics conference, National Cyber-Forensics Training Alliance (NCFTA), The Society for the Policing of Cyberspace (POLCYB), and NSF CyberCorps SFS.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

据估计，网络犯罪每年给全球经济造成约 4,450 亿美元的损失，特别是由于知识产权盗窃和利用被盗消费者数据进行的金融欺诈。大规模黑客攻击和数据盗窃事件经常发生，许多网络攻击导致敏感个人信息或知识产权被盗。在可预见的未来，网络安全仍将是一个关键问题，需要对庞大、多样化、隐蔽和不断发展的国际黑客社区进行更多研究。计算机科学和社会科学研究人员面临着不小的挑战，例如数据收集和分析的技术困难、数据收集的海量、数据元素的异质性和隐蔽性，以及跨领域理解常见黑客术语和概念的能力。地区。为了缓解这些挑战，该项目有两个研究目标：1）提高当前可扩展识别、收集和分析国际黑客社区内容的能力，2）通过开发新的大数据技术为网络安全社区做出贡献使研究人员能够对黑客内容和其他相关领域进行分析。 该项目的影响是通过在 NSF 安全可信网络空间数据科学和其他社区内共享和传播我们全面的黑客社区数据收集、先进的收集策略和创新的分析方法来实现的。该项目旨在开发一个大型的、综合的所有重要国际在线黑客社区内容的纵向测试平台，包括：论坛、IRC、地下经济和其他新兴黑客资产，适用于网络安全和大数据社区。分析方法主要旨在解决大规模国际黑客社区内容分析的主动网络威胁情报（CTI）问题。为了分析黑客内容，该项目开发了一个创新、整体和主动的 CTI 框架，其中包括用于缓解语言障碍的跨语言知识转移、用于分析关键黑客资产的非参数监督主题建模以及用于通知新兴威胁的可扩展动态主题建模检测。 UA 的国家安全局指定的网络防御、研究和运营学术卓越中心、NSF 服务奖学金 (SFS) 网络军团以及一流的网络安全硕士项目使该项目与教学和研究产生协同作用。该项目开发的技术不仅推进了 CTI 知识，还推进了深度迁移学习、深度生成建模、监督主题建模、动态主题建模、神经变分推理以及许多其他重要领域。这项研究的结果将通过各种学术和网络安全行业渠道传播，例如本科生和研究生课程、IEEE 情报和安全信息学会议、国家网络取证培训联盟 (NCFTA)、网络空间警务协会 (POLCYB) 和NSF Cyber​​Corps SFS。该奖项反映了 NSF 的法定使命，并通过使用基金会的智力价值和更广泛的影响审查标准进行评估，被认为值得支持。

项目成果

A Generative Adversarial Learning Framework for Breaking Text-Based CAPTCHA in the Dark Web

用于破解暗网中基于文本的验证码的生成对抗学习框架

• DOI: 10.1109/isi49825.2020.9280537
• 发表时间: 2020-11
• 期刊: IEEE International Conference on Intelligence and Security Informatics (IEEE ISI 2020
• 作者: Zhang, Ning;Ebrahimi, Mohammadreza;Li, Weifeng;Chen, Hsinchun
• 通讯作者: Chen, Hsinchun

A Multi-Disciplinary Perspective for Conducting Artificial Intelligence-enabled Privacy Analytics: Connecting Data, Algorithms, and Systems

进行人工智能隐私分析的多学科视角：连接数据、算法和系统

• DOI: 10.1145/3447507
• 发表时间: 2021-03
• 期刊: ACM Transactions on Management Information Systems
• 影响因子: 2.5
• 作者: Samtani, Sagar;Kantarcioglu, Murat;Chen, Hsinchun
• 通讯作者: Chen, Hsinchun

Detecting Cyber Threats in Non-English Hacker Forums: An Adversarial Cross-Lingual Knowledge Transfer Approach

检测非英语黑客论坛中的网络威胁：对抗性跨语言知识转移方法

• 发表时间: 2020-05
• 期刊: Deep Learning and Security Workshop (DLS
• 作者: Ebrahimi, M;Samtani, S;Chai, Y;Chen, H.
• 通讯作者: Chen, H.

Counteracting Dark Web Text-Based CAPTCHA with Generative Adversarial Learning for Proactive Cyber Threat Intelligence

通过生成对抗学习来对抗基于暗网文本的验证码，以实现主动网络威胁情报

• DOI: 10.1145/3505226
• 发表时间: 2022-06
• 期刊: ACM Transactions on Management Information Systems
• 影响因子: 2.5
• 作者: Zhang, Ning;Ebrahimi, Mohammadreza;Li, Weifeng;Chen, Hsinchun
• 通讯作者: Chen, Hsinchun

Identifying, Collecting, and Monitoring Personally Identifiable Information: From the Dark Web to the Surface Web

识别、收集和监控个人身份信息：从暗网到表面网

• DOI: 10.1109/isi49825.2020.9280540
• 发表时间: 2020-11
• 期刊: IEEE International Conference on Intelligence and Security Informatics (IEEE ISI 2020
• 作者: Liu, Yizhi;Lin, Fang Yu;Ahmad;Ebrahimi, Mohammadreza;Zhang, Ning;Hu, James Lee;Xin, Jingyu;Li, Weifeng;Chen, Hsinchun
• 通讯作者: Chen, Hsinchun