Advertisement

Quasi-cliques Analysis for IRC Channel Thread Detection

  • Jocelyn Bernard
  • Sicong Shao
  • Cihan Tunc
  • Hamamache Kheddouci
  • Salim Hariri
Conference paper
Part of the Studies in Computational Intelligence book series (SCI, volume 812)

Abstract

Internet Relay-Chat (IRC) is a real-time communication protocol that allows broadcasting and direct messages in the form of text. Hence, IRC has been widely used especially by hacker communities to communicate and plan malicious activities. Even though widely used for malicious intent, little research has been done on the analysis of the social network among hacker communities in IRC. Hence, it is crucial to analyze IRC communities and their connection. In this paper, we classified IRC messages based on their intent and created their communication graphs to compute metadata on the relation between hackers. For this purpose, we apply autonomic computing for IRC monitoring and data collection, perform deep learning to classify IRC messages into different threat levels, and then apply the quasi-clique model to analyze hacker social networks, and identify the hidden relations between them.

Notes

Acknowledgements

This work is partly supported by the Air Force Office of Scientific Research (AFOSR) Dynamic Data-Driven Application Systems (DDDAS) award number FA9550-18-1-0427, National Science Foundation (NSF) research projects NSF-1624668 and SES-1314631, and Thomson Reuters in the framework of the Partner University Fund (PUF) project (PUF is a program of the French Embassy in the United States and the FACE Foundation and is supported by American donors and the French government).

References

  1. 1.
    Ibm watson Assistant Service. https://www.ibm.com/watson/services/conversation/ (2017). Accessed Dec 2017
  2. 2.
    Benjamin, V., Chen, H.: Securing cyberspace: Identifying key actors in hacker communities. In: 2012 IEEE International Conference on Intelligence and Security Informatics (ISI), pp. 24–29. IEEE (2012)Google Scholar
  3. 3.
    Benjamin, V., Li, W., Holt, T., Chen, H.: Exploring threats and vulnerabilities in hacker web: forums, irc and carding shops. In: 2015 IEEE International Conference on Intelligence and Security Informatics (ISI), pp. 85–90. IEEE (2015)Google Scholar
  4. 4.
    Bron, C., Kerbosch, J.: Algorithm 457: finding all cliques of an undirected graph. Commun. ACM 16(9), 575–577 (1973)Google Scholar
  5. 5.
    Brunato, M., Hoos, H.H., Battiti, R.: On effectively finding maximal quasi-cliques in graphs. In: International conference on learning and intelligent optimization, pp. 41–55. Springer (2007)Google Scholar
  6. 6.
    Garas, A., Garcia, D., Skowron, M., Schweitzer, F.: Emotional persistence in online chatting communities. Sci. Rep. 2, 402 (2012)Google Scholar
  7. 7.
    Kim, J., Lee, J.G.: Community detection in multi-layer graphs: a survey. ACM SIGMOD Rec. 44(3), 37–48 (2015)Google Scholar
  8. 8.
    Manning, C., Surdeanu, M., Bauer, J., Finkel, J., Bethard, S., McClosky, D.: The stanford corenlp natural language processing toolkit. In: Proceedings of 52nd Annual Meeting of the Association for Computational Linguistics: System Demonstrations, pp. 55–60 (2014)Google Scholar
  9. 9.
    Mutton, P.: Inferring and visualizing social networks on internet relay chat. In: Proceedings of the Eighth International Conference on Information Visualisation, 2004. IV 2004, pp. 35–43. IEEE (2004)Google Scholar
  10. 10.
    Paolillo, J.C.: The virtual speech community: social network and language variation on irc. In: Proceedings of the 32nd Annual Hawaii International Conference on Systems Sciences, 1999. HICSS-32, pp. 10–pp. IEEE (1999)Google Scholar
  11. 11.
    Schone, M., Esposito, R., Cole, M., Greenwald, G.: War on anonymous: British spies attacked cybercriminals, snowden docs show. NBC News (2014)Google Scholar
  12. 12.
    Shao, S., Tunc, C., Satam, P., Hariri, S.: Real-time irc threat detection framework. In: 2017 IEEE 2nd International Workshops on Foundations and Applications of Self* Systems (FAS* W), pp. 318–323. IEEE (2017)Google Scholar
  13. 13.
    Socher, R., Perelygin, A., Wu, J., Chuang, J., Manning, C.D., Ng, A., Potts, C.: Recursive deep models for semantic compositionality over a sentiment treebank. In: Proceedings of the 2013 conference on empirical methods in natural language processing, pp. 1631–1642 (2013)Google Scholar
  14. 14.
    Svendsen, M., Mukherjee, A.P., Tirthapura, S.: Mining maximal cliques from a large graph using mapreduce: tackling highly uneven subproblem sizes. J. Parallel Distrib. Comput. 79, 104–114 (2015)Google Scholar
  15. 15.
    Tomita, E., Tanaka, A., Takahashi, H.: The worst-case time complexity for generating all maximal cliques and computational experiments. Theor. Comput. Sci. 363(1), 28–42 (2006)Google Scholar
  16. 16.
    Xu, C., Su, Z.: Identification of cell types from single-cell transcriptomes using a novel clustering method. Bioinformatics 31(12), 1974–1980 (2015)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Jocelyn Bernard
    • 1
  • Sicong Shao
    • 2
  • Cihan Tunc
    • 2
  • Hamamache Kheddouci
    • 1
  • Salim Hariri
    • 2
  1. 1.Université Lyon 1VilleurbanneFrance
  2. 2.University of ArizonaTucsonUSA

Personalised recommendations