Book contents
- Frontmatter
- Contents
- Foreword
- Preface
- 1 Introduction
- 2 Moving to Proactive Cyber Threat Intelligence
- 3 Understanding Darkweb Malicious Hacker Forums
- 4 Automatic Mining of Cyber Intelligence from the Darkweb
- 5 Analyzing Products and Vendors in Malicious Hacking Markets
- 6 Using Game Theory for Threat Intelligence
- 7 Application: Protecting Industrial Control Systems
- 8 Conclusion
- Glossary
- References
- Index
Foreword
Published online by Cambridge University Press: 06 April 2017
- Frontmatter
- Contents
- Foreword
- Preface
- 1 Introduction
- 2 Moving to Proactive Cyber Threat Intelligence
- 3 Understanding Darkweb Malicious Hacker Forums
- 4 Automatic Mining of Cyber Intelligence from the Darkweb
- 5 Analyzing Products and Vendors in Malicious Hacking Markets
- 6 Using Game Theory for Threat Intelligence
- 7 Application: Protecting Industrial Control Systems
- 8 Conclusion
- Glossary
- References
- Index
Summary
A human activity undergoes “industrialization” when it adopts systematic means for the creation, production, and distribution of goods. A key ingredient of industrialization is the division of labor—including the specialization of basic research, commercialization, and end-user delivery and support. The net effect of industrialization is a profound amplification of both technology development and production capacity, typically leading to broader distribution and consumption of the underlying goods.
Darkweb Cyber Threat Intelligence Mining is the first principled study of the ongoing industrialization of cyber offense. It exposes the extent to which malware and associated attacker technologies have become commodity goods that are globally produced, marketed, distributed, and consumed.
Like eBay and Amazon, the darkweb is an online marketplace that brings cyber offense developers, buyers, and middlemen together. However, unlike eBay and Amazon, the darkweb is deliberately difficult to access and interpret by the outsider. The authors make a valuable contribution to the cyber defense community by describing a variety of technologies and techniques they have developed and used to penetrate the otherwise opaque cyber offense industrial base. As such, this book represents a seminal step toward leveling the cyber playing field. Because cybersecurity pits the creativity, knowledge, and technology of defenders against those of the attackers, each player must make great effort to understand and exploit the strengths and weakness of the other players. Cyber-attackers have had a decided edge in this respect for many years. Targeted applications and operating systems are easy to obtain and reverse engineer. Virtually all defensive technologies are open source or commercially available. Cyber defense research and deployment advances are widely published, promoted, and taught.
Thanks to the determined efforts of the authors and the documentation of their work in Darkweb Cyber Threat Intelligence Mining, we are for the first time able to shine persistent light on the emerging technologies and capabilities of cyber-attackers.
Many of us try to understand why, despite the increasing investments in cyber defense research and products, cybersecurity remains a huge, and possibly growing, challenge. I can't help but think that a significant reason is that the offensive community has been quietly and covertly industrializing itself at a pace that defenders have not fully appreciated.
- Type
- Chapter
- Information
- Darkweb Cyber Threat Intelligence Mining , pp. vii - viiiPublisher: Cambridge University PressPrint publication year: 2017