12,887 research outputs found
Predicting Cyber Events by Leveraging Hacker Sentiment
Recent high-profile cyber attacks exemplify why organizations need better
cyber defenses. Cyber threats are hard to accurately predict because attackers
usually try to mask their traces. However, they often discuss exploits and
techniques on hacking forums. The community behavior of the hackers may provide
insights into groups' collective malicious activity. We propose a novel
approach to predict cyber events using sentiment analysis. We test our approach
using cyber attack data from 2 major business organizations. We consider 3
types of events: malicious software installation, malicious destination visits,
and malicious emails that surpassed the target organizations' defenses. We
construct predictive signals by applying sentiment analysis on hacker forum
posts to better understand hacker behavior. We analyze over 400K posts
generated between January 2016 and January 2018 on over 100 hacking forums both
on surface and Dark Web. We find that some forums have significantly more
predictive power than others. Sentiment-based models that leverage specific
forums can outperform state-of-the-art deep learning and time-series models on
forecasting cyber attacks weeks ahead of the events
Malicious User Experience Design Research for Cybersecurity
This paper explores the factors and theory behind the user-centered research
that is necessary to create a successful game-like prototype, and user
experience, for malicious users in a cybersecurity context. We explore what is
known about successful addictive design in the fields of video games and
gambling to understand the allure of breaking into a system, and the joy of
thwarting the security to reach a goal or a reward of data. Based on the
malicious user research, game user research, and using the GameFlow framework,
we propose a novel malicious user experience design approac
- …