Proactive management of offensive profiles: detecting trends in cyberattacks on institutions in Brazil through the analysis of hacker communities using complex networks and machine learning algorithms
Resumo
O Twitter, atual “X”, é uma das maiores plataformas digitais para a troca de ideias e informações que atrai hackers com intuito de atividades ilegais e ações danosas. Este estudo propõe uma abordagem aprimorada para detectar perfis ofensivos ligados ao hacktivismo, utilizando redes complexas e algoritmos de aprendizado de máquina, com foco em notificadores da plataforma Zone-H que relatam ações hacktivistas no Brasil. Foram identificados usuários mais atuantes com base em métricas de rede e palavras-chave e clusterização. Esta é a principal contribuição na avaliação de ameaças para prevenir ataques cibernéticos, gerando alertas precisos e oportunos.
Palavras-chave:
Perfis ofensivos, Tendências em ciberataques, comunidades de hackers
Referências
A.-L. Barabási, Network Science, Cambridge University Press, 2016.
V. Benjamin and H. Chen, “Developing understanding of hacker language through the use of lexical semantics,” In IEEE International Conference on Intelligence and Security Informatics (ISI), pp. 79–84, 2015.
V. Benjamin and H. Chen, “Securing cyberspace: Identifying key actors in hacker communities,” 2012 IEEE International Conference on Intelligence and Security Informatics, Washington, DC, USA, 2012, pp. 24-29, DOI: 10.1109/ISI.2012.6283296.
J. Bollen, H. Mao, and X. Zeng, “Twitter mood predicts the stock market,” Journal of Computational Science, vol. 2, no. 1, pp. 1-8, 2011.
V. Chandola, A. Banerjee, and V. Kumar, “Anomaly detection: A survey,” ACM Computing Surveys (CSUR), vol. 41, no. 3, pp. 1-58, 2009.
N. Chouchani and M. Abed, “Online social network analysis: Detection of communities of interest,” Social Network Analysis and Mining, vol. 10, no. 1, pp. 1-19, 2020.
A. Clauset, M. E. Newman, and C. Moore, “Finding community structure in very large networks,” Physical Review E, vol. 70, no. 6, 066111, 2004.
D. L. Cogburn and F. K. Espinoza-Vasquez, “From Networked Nominee to Networked Nation: Examining the Impact of Web 2.0 and Social Media on Political Participation and Civic Engagement in the 2008 Obama Campaign,” Journal of Political Marketing, vol. 10, nos. 1-2, pp. 189-213, 2011. Available at SSRN: [link]
G. Coleman, Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous, Verso Books, 2014.
D. Alsaffar, A. Alfahhad, B. Alqhtani, L. Alamri, S. Alansari, N. Alqahtani, and D. A. Alboaneen, “Machine and deep learning algorithms for Twitter spam detection,” In International Conference on Advanced Intelligent Systems and Informatics, Springer, Cham, pp. 483–491, 2019.
D. Grewal, D. Herhausen, S. Ludwig, and F. Villarroel Ordenes, “The future of digital communication research: considering dynamics and multimodality,” Journal of Retailing, vol. 98, no. 2, pp. 224-240, 2022.
H. L. Gururaj, U. Tanuja, V. Janhavi, and B. Ramesh, “Detecting malicious users in the social networks using machine learning approach,” International Journal of Social Computing and Cyber-Physical Systems, vol. 2, no. 3, pp. 229-243, 2021.
D. Hansen, B. Shneiderman, and M. A. Smith, Analyzing Social Media Networks with NodeXL: Insights from a Connected World, Morgan Kaufmann, 2011.
T. Hastie, R. Tibshirani, and J. Friedman, The Elements of Statistical Learning: Data Mining, Inference, and Prediction, Springer, 2009.
P. Himanen, The Hacker Ethic and the Spirit of the Information Age, Random House, 2001.
R. P. Khandpur, “Augmenting Dynamic Query Expansion in Microblog Texts,” 2018.
R. P. Khandpur, T. Ji, S. Jan, G. Wang, C.-T. Lu, and N. Ramakrishnan, “Crowdsourcing cybersecurity: Cyber attack detection using social media,” In Association for Computing Machinery Conference on Information and Knowledge Management (ACM), pp. 1049–1057, 2017.
D. Knoke and S. Yang, Social Network Analysis (2nd ed.), SAGE Publications, 2008.
Q. Le Sceller, E. B. Karbab, M. Debbabi, and F. Iqbal, “Sonar: Automatic detection of cyber security events over the Twitter stream,” In 12th International Conference on Availability, Reliability and Security (ACM), pp. 23–34, 2017.
C. D. Manning, P. Raghavan, and H. Schütze, Introduction to Information Retrieval, Cambridge University Press, 2008.
F. Morstatter, J. Pfeffer, H. Liu, and K. M. Carley, “Is the sample good enough? Comparing data from Twitter’s streaming API with Twitter’s firehose,” In Seventh international conference on weblogs and social media (ICWSM 2013), pp. 400-408, 2013.
M. E. J. Newman, Networks: An Introduction, Oxford University Press, 2010.
L. C. Freeman, “Centrality in social networks: Conceptual clarification,” Social Networks, vol. 1, no. 3, pp. 215-239, 1979.
F. Santa, R. Henriques, J. Torres-Sospedra, and E. Pebesma, “A Statistical Approach for Studying the Spatio-Temporal Distribution of Geolocated Tweets in Urban Environments,” Sustainability, vol. 11, no. 3, 595, 2019.
J. Scott, Social Network Analysis, SAGE Publications, 2017.
M. Romagna, “Hacktivism: Conceptualization, techniques, and historical view,” 2020.
S. Fortunato, “Community detection in graphs,” Physics Reports, vol. 486, nos. 3-5, pp. 75-174, 2010.
P. Gonçalves et al., “Machine Learning for Hacker Detection: A Comprehensive Review,” International Journal of Machine Learning and Cybersecurity, vol. 8, no. 1, pp. 32-46, 2020.
A. Hernandez-Suarez, G. Sanchez-Perez, K. Toscano-Medina, V. Martinez-Hernandez, H. Perez-Meana, J. Olivares-Mercado, and V. Sanchez, “Social sentiment sensor in Twitter for predicting cyber-attacks using regularization,” Sensors Journal, vol. 18, no. 5, pp. 1–17, 2018.
A. Hernandez, V. Sanchez, G. Sanchez, H. Perez, J. Olivares, K. Toscano, and V. Martinez, “Security attack prediction based on user sentiment analysis of Twitter data,” In IEEE International Conference on Industrial Technology (ICIT), pp. 610–617, 2016.
P. J. Rousseeuw, “Silhouettes: A Graphical Aid to the Interpretation and Validation of Cluster Analysis,” Journal of Computational and Applied Mathematics, vol. 20, pp. 53-65, 1987.
A. P. Rodrigues, R. Fernandes, A. Bhandary, A. C. Shenoy, A. Shetty, and M. Anisha, “Real-Time Twitter Trend Analysis Using Big Data Analytics and Machine Learning Techniques,” Wireless Communications and Mobile Computing, 2021, Article ID 39203252.
B. Pang and L. Lee, “Opinion mining and sentiment analysis,” Foundations and Trends in Information Retrieval, vol. 2, nos. 1–2, pp. 1-135, 2008.
Z. Zhang, H. Ning, F. Shi et al., “Artificial intelligence in cyber security: research advances, challenges, and opportunities,” Artif Intell Rev, vol. 55, pp. 1029–1053, 2022. DOI: 10.1007/s10462-021-09976-0
Y.-R. Lin, H. Sundaram, M. De Choudhury, and A. Kelliher, “Temporal patterns in social media streams: Theme discovery and evolution using joint analysis of content and context,” 2009 IEEE International Conference on Multimedia and Expo, New York, NY, USA, pp. 1456-1459, DOI: 10.1109/ICME.2009.5202777, 2009.
S. Wasserman and K. Faust, Social Network Analysis: Methods and Applications. Cambridge: Cambridge University Press, 1994.
D. L. Alsaffar, A. Alfahhad, B. Alqhtani, L. Alamri, S. Alansari, N. Alqahtani, and D. A. Alboaneen, “Machine and deep learning algorithms for Twitter spam detection,” In International Conference on Advanced Intelligent Systems and Informatics, Springer, Cham, pp. 483–491, 2019.
Zone-H, "Zone-H – Unrestricted information," disponível em: [link], acessado em 20 outubro 2023
V. Benjamin and H. Chen, “Developing understanding of hacker language through the use of lexical semantics,” In IEEE International Conference on Intelligence and Security Informatics (ISI), pp. 79–84, 2015.
V. Benjamin and H. Chen, “Securing cyberspace: Identifying key actors in hacker communities,” 2012 IEEE International Conference on Intelligence and Security Informatics, Washington, DC, USA, 2012, pp. 24-29, DOI: 10.1109/ISI.2012.6283296.
J. Bollen, H. Mao, and X. Zeng, “Twitter mood predicts the stock market,” Journal of Computational Science, vol. 2, no. 1, pp. 1-8, 2011.
V. Chandola, A. Banerjee, and V. Kumar, “Anomaly detection: A survey,” ACM Computing Surveys (CSUR), vol. 41, no. 3, pp. 1-58, 2009.
N. Chouchani and M. Abed, “Online social network analysis: Detection of communities of interest,” Social Network Analysis and Mining, vol. 10, no. 1, pp. 1-19, 2020.
A. Clauset, M. E. Newman, and C. Moore, “Finding community structure in very large networks,” Physical Review E, vol. 70, no. 6, 066111, 2004.
D. L. Cogburn and F. K. Espinoza-Vasquez, “From Networked Nominee to Networked Nation: Examining the Impact of Web 2.0 and Social Media on Political Participation and Civic Engagement in the 2008 Obama Campaign,” Journal of Political Marketing, vol. 10, nos. 1-2, pp. 189-213, 2011. Available at SSRN: [link]
G. Coleman, Hacker, Hoaxer, Whistleblower, Spy: The Many Faces of Anonymous, Verso Books, 2014.
D. Alsaffar, A. Alfahhad, B. Alqhtani, L. Alamri, S. Alansari, N. Alqahtani, and D. A. Alboaneen, “Machine and deep learning algorithms for Twitter spam detection,” In International Conference on Advanced Intelligent Systems and Informatics, Springer, Cham, pp. 483–491, 2019.
D. Grewal, D. Herhausen, S. Ludwig, and F. Villarroel Ordenes, “The future of digital communication research: considering dynamics and multimodality,” Journal of Retailing, vol. 98, no. 2, pp. 224-240, 2022.
H. L. Gururaj, U. Tanuja, V. Janhavi, and B. Ramesh, “Detecting malicious users in the social networks using machine learning approach,” International Journal of Social Computing and Cyber-Physical Systems, vol. 2, no. 3, pp. 229-243, 2021.
D. Hansen, B. Shneiderman, and M. A. Smith, Analyzing Social Media Networks with NodeXL: Insights from a Connected World, Morgan Kaufmann, 2011.
T. Hastie, R. Tibshirani, and J. Friedman, The Elements of Statistical Learning: Data Mining, Inference, and Prediction, Springer, 2009.
P. Himanen, The Hacker Ethic and the Spirit of the Information Age, Random House, 2001.
R. P. Khandpur, “Augmenting Dynamic Query Expansion in Microblog Texts,” 2018.
R. P. Khandpur, T. Ji, S. Jan, G. Wang, C.-T. Lu, and N. Ramakrishnan, “Crowdsourcing cybersecurity: Cyber attack detection using social media,” In Association for Computing Machinery Conference on Information and Knowledge Management (ACM), pp. 1049–1057, 2017.
D. Knoke and S. Yang, Social Network Analysis (2nd ed.), SAGE Publications, 2008.
Q. Le Sceller, E. B. Karbab, M. Debbabi, and F. Iqbal, “Sonar: Automatic detection of cyber security events over the Twitter stream,” In 12th International Conference on Availability, Reliability and Security (ACM), pp. 23–34, 2017.
C. D. Manning, P. Raghavan, and H. Schütze, Introduction to Information Retrieval, Cambridge University Press, 2008.
F. Morstatter, J. Pfeffer, H. Liu, and K. M. Carley, “Is the sample good enough? Comparing data from Twitter’s streaming API with Twitter’s firehose,” In Seventh international conference on weblogs and social media (ICWSM 2013), pp. 400-408, 2013.
M. E. J. Newman, Networks: An Introduction, Oxford University Press, 2010.
L. C. Freeman, “Centrality in social networks: Conceptual clarification,” Social Networks, vol. 1, no. 3, pp. 215-239, 1979.
F. Santa, R. Henriques, J. Torres-Sospedra, and E. Pebesma, “A Statistical Approach for Studying the Spatio-Temporal Distribution of Geolocated Tweets in Urban Environments,” Sustainability, vol. 11, no. 3, 595, 2019.
J. Scott, Social Network Analysis, SAGE Publications, 2017.
M. Romagna, “Hacktivism: Conceptualization, techniques, and historical view,” 2020.
S. Fortunato, “Community detection in graphs,” Physics Reports, vol. 486, nos. 3-5, pp. 75-174, 2010.
P. Gonçalves et al., “Machine Learning for Hacker Detection: A Comprehensive Review,” International Journal of Machine Learning and Cybersecurity, vol. 8, no. 1, pp. 32-46, 2020.
A. Hernandez-Suarez, G. Sanchez-Perez, K. Toscano-Medina, V. Martinez-Hernandez, H. Perez-Meana, J. Olivares-Mercado, and V. Sanchez, “Social sentiment sensor in Twitter for predicting cyber-attacks using regularization,” Sensors Journal, vol. 18, no. 5, pp. 1–17, 2018.
A. Hernandez, V. Sanchez, G. Sanchez, H. Perez, J. Olivares, K. Toscano, and V. Martinez, “Security attack prediction based on user sentiment analysis of Twitter data,” In IEEE International Conference on Industrial Technology (ICIT), pp. 610–617, 2016.
P. J. Rousseeuw, “Silhouettes: A Graphical Aid to the Interpretation and Validation of Cluster Analysis,” Journal of Computational and Applied Mathematics, vol. 20, pp. 53-65, 1987.
A. P. Rodrigues, R. Fernandes, A. Bhandary, A. C. Shenoy, A. Shetty, and M. Anisha, “Real-Time Twitter Trend Analysis Using Big Data Analytics and Machine Learning Techniques,” Wireless Communications and Mobile Computing, 2021, Article ID 39203252.
B. Pang and L. Lee, “Opinion mining and sentiment analysis,” Foundations and Trends in Information Retrieval, vol. 2, nos. 1–2, pp. 1-135, 2008.
Z. Zhang, H. Ning, F. Shi et al., “Artificial intelligence in cyber security: research advances, challenges, and opportunities,” Artif Intell Rev, vol. 55, pp. 1029–1053, 2022. DOI: 10.1007/s10462-021-09976-0
Y.-R. Lin, H. Sundaram, M. De Choudhury, and A. Kelliher, “Temporal patterns in social media streams: Theme discovery and evolution using joint analysis of content and context,” 2009 IEEE International Conference on Multimedia and Expo, New York, NY, USA, pp. 1456-1459, DOI: 10.1109/ICME.2009.5202777, 2009.
S. Wasserman and K. Faust, Social Network Analysis: Methods and Applications. Cambridge: Cambridge University Press, 1994.
D. L. Alsaffar, A. Alfahhad, B. Alqhtani, L. Alamri, S. Alansari, N. Alqahtani, and D. A. Alboaneen, “Machine and deep learning algorithms for Twitter spam detection,” In International Conference on Advanced Intelligent Systems and Informatics, Springer, Cham, pp. 483–491, 2019.
Zone-H, "Zone-H – Unrestricted information," disponível em: [link], acessado em 20 outubro 2023
Publicado
17/11/2024
Como Citar
OLIVEIRA, Claudio H. M. de; LADEIRA, Marcelo; GUIMARÃES, Flavio Q..
Proactive management of offensive profiles: detecting trends in cyberattacks on institutions in Brazil through the analysis of hacker communities using complex networks and machine learning algorithms. In: ENCONTRO NACIONAL DE INTELIGÊNCIA ARTIFICIAL E COMPUTACIONAL (ENIAC), 21. , 2024, Belém/PA.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2024
.
p. 695-706.
ISSN 2763-9061.
DOI: https://doi.org/10.5753/eniac.2024.245063.
