Hacker Forum Exploit and Classification for Proactive Cyber Threat Intelligence

Abstract

The exponential growth in data and technology have brought in prospects for progressively destructive cyber-attacks. Traditional security controls are struggling to match with the intricacy of cybercriminal tools and methods, organizations are now looking for better approaches to strengthen their cyber security capabilities. Cyber Threat Intelligence (CTI) in real-time is one such proactive approach which ensures that deployed appliances, security solutions and strategies are continually evaluated or optimized. Amongst various platforms for threat intelligence, hacker forums deliver affluent metadata, and thousands of Tools, Techniques, and Procedures (TTP). This research paper employs machine learning and deep learning approach using neural networks to automatically classify hacker forum data into predefined categories and develop interactive visualizations that enables CTI practitioners to probe collected data for proactive and opportune CTI. The results from this research shows that among all the models, deep learning model RNN GRU gives the best classification results with 99.025% accuracy and 96.56% precision.