The Journal of Information Systems (한국정보시스템학회지:정보시스템연구)

Korea Association of Information Systems (한국정보시스템학회)
권호 표지
DOI QR코드

DOI QR Code

An Analysis of Online Black Market: Using Data Mining and Social Network Analysis

온라인 해킹 불법 시장 분석: 데이터 마이닝과 소셜 네트워크 분석 활용

  • 김민수 (연세대학교 정보대학원) ;
  • 김희웅 (연세대학교 정보대학원)
  • Received : 2020.05.22
  • Accepted : 2020.06.17
  • Published : 2020.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

Purpose This study collects data of the recently activated online black market and analyzes it to present a specific method for preparing for a hacking attack. This study aims to make safe from the cyber attacks, including hacking, from the perspective of individuals and businesses by closely analyzing hacking methods and tools in a situation where they are easily shared. Design/methodology/approach To prepare for the hacking attack through the online black market, this study uses the routine activity theory to identify the opportunity factors of the hacking attack. Based on this, text mining and social network techniques are applied to reveal the most dangerous areas of security. It finds out suitable targets in routine activity theory through text mining techniques and motivated offenders through social network analysis. Lastly, the absence of guardians and the parts required by guardians are extracted using both analysis techniques simultaneously. Findings As a result of text mining, there was a large supply of hacking gift cards, and the demand to attack sites such as Amazon and Netflix was very high. In addition, interest in accounts and combos was in high demand and supply. As a result of social network analysis, users who actively share hacking information and tools can be identified. When these two analyzes were synthesized, it was found that specialized managers are required in the areas of proxy, maker and many managers are required for the buyer network, and skilled managers are required for the seller network.

Keywords

References

  1. 곽기영, 소셜네트워크분석, 도서출판청람, 서울, 2017
  2. 김재현, 김종기, "스마트폰 사용자의 보안수칙실천 부족에 관한 연구: 효능감의 역할을 중심으로," 정보시스템연구, 제24권, 제3호, 2015, pp. 1-19.
  3. 김종현, 임선희, 김익균, 조현숙, 노병규, "빅데이터를 활용한 사이버 보안 기술 동향," 2013 Electronics and Telecommunications Trends, 2013, pp. 1-11.
  4. 서보밀, 심준호, "소프트웨어 불법복제에 영향을 미치는 환경 요인에 기반한 국가 분류," 정보시스템연구, 제26권, 제4호, 2017, pp. 227-246.
  5. 이우형, 석영철, 박준철, "소셜 네트워크 분석을 통한 유망기술 탐색에 관한 연구: 차세대 이동통신분야를 중심으로," 정보시스템연구, 제21권, 제4호 2012, pp. 109-132.
  6. Bhalerao, R., Aliapoulios, M., Shumailov, I., Afroz, S., and McCoy, D., "Toward automatic discovery of cybercrime supply chains," arXiv e-prints, 2018, arXiv:1802.00381
  7. Sood, A. K., and Enbody, R. J., "Crimeware-as-a-service - A survey of commoditized crimeware in the underground market," IEEE Security & Privacy, Vol. 6, No. 1, 2013, pp. 28-38.
  8. Hutchings, A., and Holt, T. J., "A Crime Script Analysis of the Online Stolen Data Market," The British Journal of Criminology, Vol. 55, No. 3, 2015, pp. 596-614. https://doi.org/10.1093/bjc/azu106
  9. Blei, D. M., Ng, A. Y., and Jordan, M. I., "Latent dirichlet allocation," Journal of Machine Learning Research, Vol. 3, No. 1, 2003, pp. 993-1022.
  10. Chen, H., Chung, W., Xu, JJ., Wang, G., Qin, Y., and Chau, M., "Crime data mining: A general framework and some examples," IEEE Computer Society, Vol. 37, No. 4, 2004, pp. 50-56.
  11. Birkbeck, C., and LaFree, G., "The situational analysis of crime and deviance," Annual Review of Sociology, Vol. 19, No. 1, 1993, pp. 113-137. https://doi.org/10.1146/annurev.so.19.080193.000553
  12. Cyber Edge Group, 2019 Cyber Threat Defense Report, 2019
  13. Radianti, J., "A Study of a Social Behavior inside the Online Black Markets," 2010 Fourth International Conference on Emerging Security Information, Systems and Technologies, 2010, pp. 189-194.
  14. Wong, J. C., and Solon, O., Massive Ransomware Cyber-Attack Hits Nearly 100 Countries Around the World. Retrieved: May 12, 2017, Available: https://www.theguardian.com/technology/2017/may/12/global-cyber-attack-ransomware-nsa-uk-nhs.
  15. Scott, J., Social network analysis: A handbook, 2nd ed., Sage, London, 2000.
  16. An, J., and Kim, H. W., "A data analytics approach to the cybercrime underground economy," IEEE Access, Vol. 6, No. 1, 2018, pp. 26636-26652. https://doi.org/10.1109/ACCESS.2018.2831667
  17. Kim, K., R., C., "Organised crime groups in cyberspace: a typology," Trends in Organized Crime, Vol. 11, 2008, pp. 270-295. https://doi.org/10.1007/s12117-008-9038-9
  18. Choi, K. S., Cho S., and Lee, J. R., "Impacts of online risky behaviors and cybersecurity management on cyberbullying and traditional bullying victimization among Korean youth: Application of cyber-routine activities theory with latent class analysis," Computers in Human Behavior, Vol. 100, 2019, pp. 1-10. https://doi.org/10.1016/j.chb.2019.06.007
  19. Cohen, L. E., and Felson, M., "Social change and crime rate trends:A Routine Activity Approach," American Sociological Review, Vol. 44, No. 4, 1979, pp. 588-608. https://doi.org/10.2307/2094589
  20. Juanzi, L., Qi'na, F., and Kuo, Z., "Keyword extraction based on tf/idf for chinese news document," Wuhan University Journal of Natural Sciences, Vol. 12, No. 5, 2007, pp. 917-921 https://doi.org/10.1007/s11859-007-0038-4
  21. Yar, M., "The novelty of 'cybercrime': An assessment in light of routine activity theory," European Journal of Criminology, Vol. 2, No. 4, 2005, pp. 407-427. https://doi.org/10.1177/147737080556056
  22. Pastizzo, M. J., and Carbone, R. F., "Spoken word frequency counts based on 1.6million words in American English," Behavior Research Methods, Vol. 39, No. 4, 2007, pp. 1025-1028. https://doi.org/10.3758/BF03193000
  23. Mimno, D., and McCallum, A., "Modeling career path trajectories," Technical Report 2007-69, University of Massachusetts, 2008.
  24. Wang, P., Sparks, S., and Zou, C. C., "An advanced hybrid peer-to-peer botnet," IEEE Transactions on dependable and secure computing, Vol. 7, No. 2, 2010, pp. 113-127. https://doi.org/10.1109/TDSC.2008.35
  25. Wergberg, R. V., Tajalizadehkhoob, S., Soska, K., Akyazl, U., Ganan, C. G., Kllevlnk, B., Christin, N., and Eeten, M., "Plug and Prey? Measuring the commoditization of cybercrime via online anonymous markets," 27th USENIX Security Symposium, 2018, pp. 1009-1026.
  26. Leukfeldt, R., Kleemans, E., and Stol, W., "The use of online crime markets by cybercriminal networks: A view from within," American Behavioral Scientist, Vol. 61, No. 11, 2017, pp. 1387-1402 https://doi.org/10.1177/0002764217734267
  27. Kim, W., Jeong, O. R., Kim, C., and So, J., "The dark side of the Internet: Attacks, costs and response," Information Systems, Vol. 36, No. 3, 2011, pp. 675-705. https://doi.org/10.1016/j.is.2010.11.003