Cybercrime
Permanent URI for this collection
Browse
Recent Submissions
Item DMDb: Uncovering Criminal Hacking on the Dark Web to Enhance Cyber Threat Intelligence Research(2025-01-07) Kwan, Wesley; Takahashi, Lynn; Pham, Nathan; Sista, Apurva; Tran, Minh Khoi; Lee, Vincent; Wang, Siwen; Marin, EricssonThe emergence of the dark web has enabled hackers to anonymously exchange information and trade malware worldwide, exposing organizations to an unprecedented number of threats. Without visibility into this offensive base, defenders are often left to mitigate damage. While prior cyber-threat intelligence research has been valuable, it has been constrained by incomplete, outdated, and noisy datasets. In this paper, we detail our efforts to build a comprehensive repository that illuminates the current plans of cyber-attackers. We achieve this by designing and deploying DarkMiner, a system that regularly scrapes the Tor network to populate the DarkMiner Database (DMDb). DMDb offers researchers a structured criminal hacking data collection enhanced with non-textual fields and object change tracking capabilities. To show its potential, we present three case studies analyzing: 1) cyber threat market fluctuations, 2) image-based vendor attribution, and 3) software vulnerability targeting.Item Classifying Dark Web Executables Using Public Malware Tools(2025-01-07) Stewart, Brianna; Vessel, Brandon; Glisson, William BradleyThe proliferation of malware in today’s society continues to impact industry, government, and academic organizations. The Dark Web provides cyber criminals with a venue to exchange and store malicious code and malware. Hence, this research develops a crawler to harvest source code, scripts, and executable files that are freely available on the Dark Web to investigate the proliferation of malware. Harvested executable files are analyzed with publicly accessible malware analysis tool services, including VirusTotal, Hybrid Analysis, and MetaDefender Cloud. The crawler crawls over 15 million web pages and collects over 20 thousand files consisting of code, scripts, and executable files. Analysis of the data examines the distribution of files collected from the Dark Web, the differences in the results between the analysis services, and the malicious classification of files. The results reveal that about 30% of the harvested executable files are considered malicious by the malware analysis tools.Item The Impact of Blockchain Security Breaches on Crypto Token Valuation(2025-01-07) Li, Zhe; Zhou, Mi; Cavusoglu, HasanAgainst the backdrop of rapid advancements in blockchain technology, blockchain derivative projects have been exposed to security breaches. These projects often raise funds by issuing tradable crypto tokens representing project stakes. Using the event study method, this research investigates the impact of blockchain security breaches on the token value of these projects. The study provides evidence of a significantly negative impact on token price on the breach day and over a three-day event window centered on the breach day. Projects primarily offering financial services within the blockchain ecosystem suffer more negative abnormal returns compared to non-financial projects. Additionally, we find that official X.com announcements about the breach from the project may be more damaging than remaining silent. This research is the first to study the breach impact on token value, contributing to the literature by assisting risk assessment for investors and emphasizing the prioritization of security in crypto token investing.Item Introduction to the Minitrack on Cybercrime(2025-01-07) Siuda, Piotr; Harviainen, J. Tuomas; Hamari, Juho; Gehl, Robert