Automated Analysis of Underground Marketplaces

A. Hudic, K. Krombholz, T. Otterbein, Ch. Platzer, E. Weippl:
"Automated Analysis of Underground Marketplaces";
Vortrag: Annual IFIP WG 11.9 International Conference on Digital Forensics, Wien; 08.01.2014 - 10.01.2014; in:"Research Advances in Digital Forensics", (2014).

[ Publication Database ]


Cyber crime, such as theft of credentials or credit card fraud has emerged as a new type of crime in recent years. Cyber criminals usually attack Internet services to steal sensitive data and operate in crowded online underground marketplaces.
Crime investigators and digital forensics are trying to detect and analyze these marketplaces. However, due to the lack of e cient and reliable methods to detect underground marketplaces, investigators have to analyze those channels manually.
This is a complex and time-consuming task that is associated with high nancial costs. In this work, we demonstrate how machine-learning algorithms can be e ciently used to automatically determine whether a communication channel is used as an underground marketplace. Our approach includes speci c design features related to the context domain of cyber crime and can be used to reliably
detect and observe marketplaces of the underground economy. The manual e ort is signi cantly reduced, leading to lower nancial costs, less time required and higher e ciency. We implemented a prototype that classi ed 51,3 million message samples correctly which implicates that machine learning can be e ciently used
for a forensic analysis of underground marketplaces.