Detecting Cyber Threats in Non-English Dark Net Markets: A Cross-Lingual Transfer Learning Approach
AffiliationUniv Arizona, Dept Management Informat Syst
Univ Arizona, Dept Comp Sci
MetadataShow full item record
CitationEbrahimi, M., Surdeanu, M., & Chen, H. (2018, November). Detecting Cyber Threats in Non-English Dark Net Markets: A Cross-Lingual Transfer Learning Approach. In 2018 IEEE International Conference on Intelligence and Security Informatics (ISI) (pp. 85-90). IEEE.
Collection InformationThis item from the UA Faculty Publications collection is made available by the University of Arizona with support from the University of Arizona Libraries. If you have questions, please contact us at email@example.com.
AbstractRecent advances in proactive cyber threat intelligence rely on early detection of cyber threats in hacker communities. Dark Net Markets (DNMs) are growing platforms in hacker community that provide hackers with highly specialized tools and products which may not be found in other platforms. While text classification techniques have been used for cyber threat detection in English DNMs, the task is hindered in non-English platforms due to the language barrier and lack of ground-truth data. Current approaches use monolingual models on machine translated data to overcome these challenges. However, the translation errors can deteriorate the classification results. The abundance of data in English DNMs can be leveraged in learning non-English threats without using machine translation. In this study, we show that a deep cross-lingual model that can jointly learn the common language representation from two languages, significantly outperforms a monolingual model learned on machine translated data for identifying cyber threats in non-English DNMs. Unlike most studies, our approach does not require any external data source such as bilingual word embeddings or bilingual lexicons. Our experiments on Russian DNMs show that this approach can achieve better performance than state-of-the-art methods for non-English cyber threat detection in malicious hacker community.
VersionFinal accepted manuscript
SponsorsNational Science Foundation (NSF) [SES-1314631, ACI-1443019]