The rapid proliferation of complex information systems has been met by an ever-increasing quantity of exploits that can cause irreparable cyber breaches. To mitigate these cyber threats, academia and industry have placed a significant focus on proactively identifying and labeling exploits developed by the international hacker community. However, prevailing approaches for labeling exploits in hacker forums do not leverage metadata from exploit darknet markets or public exploit repositories to enhance labeling performance. In this study, we adopted the computational design science paradigm to develop a novel information technology artifact, the deep transfer learning exploit labeler (DTL-EL). DTL-EL incorporates a pre-initialization design, multi-layer deep transfer learning (DTL), and a self-attention mechanism to automatically label exploits in hacker forums. We rigorously evaluated the proposed DTL-EL against state-of-the-art non-DTL benchmark methods based in classical machine learning and deep learning. Results suggest that the proposed DTL-EL significantly outperforms benchmark methods based on accuracy, precision, recall, and F1-score. Our proposed DTL-EL framework provides important practical implications for key stakeholders such as cybersecurity managers, analysts, and educators.
Creating Proactive Cyber Threat Intelligence with Hacker Exploit Labels: A Deep Transfer Learning Approach
In stock
SKU
48.1.05
Publication History
Received: December 22, 2020
Revised: November 4, 2021; July 13, 2022; January 25, 2023; April 4, 2023; May 20, 2023
Accepted: May 23, 2023
Published Online in Issue: March 1, 2024
Abstract
Additional Details
Author | Benjamin M. Ampel, Sagar Samtani, Hongyi Zhu, and Hsinchun Chen |
Year | 2024 |
Volume | 48 |
Issue | 1 |
Keywords | Hacker forums, cyber threat intelligence, cybersecurity analytics, deep transfer learning, deep learning, exploit labeling, computational design science |
Page Numbers | 137-166 |