Product Offerings in Malicious Hacker Markets

Ericsson Marin; Ahmad Diab; Paulo Shakarian

arXiv:1607.07903·cs.CR·July 28, 2016

Product Offerings in Malicious Hacker Markets

Ericsson Marin, Ahmad Diab, Paulo Shakarian

PDF

TL;DR

This paper analyzes malicious hacking marketplaces by scraping 17 darkweb sites, creating a unified database, and applying unsupervised clustering to categorize products and understand their specialization patterns.

Contribution

It introduces a methodology combining manual labeling and unsupervised clustering to categorize malicious hacking products and analyze their market specialization.

Findings

01

Effective use of unsupervised techniques for product categorization

02

Insights into product categories and vendor-market specialization

03

Creation of a comprehensive database of malicious hacking products

Abstract

Marketplaces specializing in malicious hacking products - including malware and exploits - have recently become more prominent on the darkweb and deepweb. We scrape 17 such sites and collect information about such products in a unified database schema. Using a combination of manual labeling and unsupervised clustering, we examine a corpus of products in order to understand their various categories and how they become specialized with respect to vendor and marketplace. This initial study presents how we effectively employed unsupervised techniques to this data as well as the types of insights we gained on various categories of malicious hacking products.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.