UBITECH’s paper entitled “On Strengthening SMEs and MEs Threat Intelligence and Awareness by Identifying Data Breaches, Stolen Credentials and Illegal Activities on the Dark Web” has been accepted to be presented at the International Conference on Availability, Reliability and Security (ARES 2021) held as an all-digital conference from August 17th to August 20th, 2021. The UBITECH’s Privacy-preserving Distributed Machine Learning research group devises Machine Learning and specialised Information Retrieval techniques to extract insights and investigate how the Dark Web enables cybercrime, maintains marketplaces with breached enter[1]prise data collections and pawned email accounts. The research questions that Mr. Pantelis, Mr. Petrou, Dr Karagiorgou and Dr Alexandrou address concern: a) the role that the Dark Web plays for SMEs, MEs, and society in general; b) the criticality of cybercriminal activities and operations in the Dark Web exploiting threat taxonomies and scoring schemes; and c) the maturity and efficiency of technical tools and methods to curb illegal activities on the Dark Web through raising awareness via efficient text analytics, visual reporting and alerting mechanisms.
In particular, Mr. Pantelis and his co-authors focuses on how the Dark Web is being utilised with an emphasis on cybercrime and stolen datasets, pawned email accounts, breached credentials in several marketplaces, or cyberattack botnets available for hire, and how information retrieval and textual analytics may play the role of its adversary in order to safe[1]guard the corporate reputation and robust email accounts for SMEs and MEs. The company sizes they are targeting while they are looking for pawned email accounts are micro (i.e., less than 10 employees) and small (i.e., less than 50 employees) enterprises. They describe these hidden spaces, shed light on the type of content they populate, the activities that they harbour including cybercrime, the nature of attention they receive, and technical approaches employed by the research community to extract insights and defeat their purpose.
The proposed approach introduces a novel microservices-oriented, highly scalable and non-blocking architecture for mining the Dark Web, which benefits from Artificial Intelligence (AI) and Machine Learning (ML) to produce real-time insights to non-IT domain experts, satisfying the multi-disciplinary needs of SMEs/MEs organisations that require targeted web crawling, processing and advanced analytic services.
This work provides several contributions, the most relevant ones are summarized as follows: a scalable Dark Web Crawler along with a multi-level processing pipeline; cyber-incidents evidence collection and AI-fueled intuitive textual and graph analytics; multi-modal reporting and alerting mechanisms presented in visual manner; and interoperability with 3rd party services, sharing capabilities and tools through Open RESTful Application Program Interfaces (APIs).
