text-only page produced automatically by Usablenet Assistive Skip all navigation and go to page content Skip top navigation and go to directorate navigation Skip top navigation and go to page navigation
National Science Foundation
design element
Search Awards
Recent Awards
Presidential and Honorary Awards
About Awards
Grant Policy Manual
Grant General Conditions
Cooperative Agreement Conditions
Special Conditions
Federal Demonstration Partnership
Policy Office Website

Award Abstract #1314631

SBE TTP: Medium: Securing Cyber Space: Understanding the Cyber Attackers and Attacks via Social Media Analytics

Divn Of Social and Economic Sciences
divider line
Initial Amendment Date: August 29, 2013
divider line
Latest Amendment Date: March 4, 2016
divider line
Award Number: 1314631
divider line
Award Instrument: Standard Grant
divider line
Program Manager: Heng Xu
SES Divn Of Social and Economic Sciences
SBE Direct For Social, Behav & Economic Scie
divider line
Start Date: September 1, 2013
divider line
End Date: August 31, 2016 (Estimated)
divider line
Awarded Amount to Date: $1,301,944.00
divider line
Investigator(s): Hsinchun Chen hchen@eller.arizona.edu (Principal Investigator)
Daniel Zeng (Former Principal Investigator)
Ronald Breiger (Co-Principal Investigator)
Salim Hariri (Co-Principal Investigator)
Thomas Holt (Co-Principal Investigator)
divider line
Sponsor: University of Arizona
888 N Euclid Ave
Tucson, AZ 85719-4824 (520)626-6000
divider line
NSF Program(s): Secure &Trustworthy Cyberspace
divider line
Program Reference Code(s): 0000, 7924, OTHR, 7434, 9178, 9251, SMET, 9179
divider line
Program Element Code(s): 8060


As society becomes more dependent on cyber infrastructure, the security of networks and information technologies has become a growing concern. Individuals, businesses, and governmental organizations are now common victims of cyber-attacks that seek to steal private data, gain remote control over remote systems, and cause harm to networks and systems through other malicious means. Additionally, critical infrastructures such as smart power grids and communication networks are facing an increasing number of cyber-based threats. As a result, many researchers and security practitioners have begun to investigate cyber attacker communities in order to learn more about cyber attacker behaviors, emerging threats, and the cybercriminal supply chain. Unfortunately, there is a lack of established science for cyber security research. The lack of literature is problematic for researchers wanting to learn more so that they may contribute to and advance the current state of cyber security research. For example, many cyber attacker communities take careful measures to hide themselves by employing anti-crawling measures. This would be a challenge for many researchers and security practitioners. Furthermore, some may find cyber attacker community discussion difficult to interpret due to cyber attacker jargon, advanced security concepts, or foreign contents belonging to cyber attacker groups spanning across different countries or regions.

For these reasons, research studying hacker communities is greatly needed, as well as research that advances others? capacity to understand and investigate contents from such communities. Specifically, the development of automated tools and analyses increases the potential for more cyber security research. Web mining and machine learning technologies can be used in tandem with social science methodologies to help answer many questions related to hacker behaviors and culture, illegal markets and covert networks, cybercriminal supply chain, malware analysis, emerging security threats, and other matters. There are many opportunities for extending current cyber security research by combining hacker community data with social science methodologies, computational techniques, and security analysis.

In this research, important questions about hacker behaviors, markets, community structure, community contents, artifacts, and cultural differences are explored. Automated techniques to collect and analyze data from forums, Internet Relay Chat, and honeypots will be developed. The development of such tools will help further proactive approaches for preventing cyber-based threats, rather than taking the traditional approach of reacting when something "bad" happens. Better understanding of hacker communities across multiple geopolitical regions will support a better understanding of cybercriminal behavior, and improved and safer practices for security researchers and practitioners.

The proposed integrated computational framework and the resulting algorithms and software will also allow social science researchers and security practitioners to closely examine how cyber attacker groups form, develop, and spread their ideas; identify important and influential cyber criminals in the online world; and develop the means to recognize online hacker identities through their communication and interaction styles. Knowing more about cyber criminals, hackers, and their illegal black markets can help policy makers and security professionals make better decisions about how to prevent or respond to attacks.

The proposed work also contributes to the educational and professional development of the student research associates who contribute to it. They will learn sound research methods, and how to write about and present their work for scientific and other professional audiences.


Please report errors in award information by writing to: awardsearch@nsf.gov.



Print this page
Back to Top of page
Research.gov  |  USA.gov  |  National Science Board  |  Recovery Act  |  Budget and Performance  |  Annual Financial Report
Web Policies and Important Links  |  Privacy  |  FOIA  |  NO FEAR Act  |  Inspector General  |  Webmaster Contact  |  Site Map
National Science Foundation Logo
The National Science Foundation, 4201 Wilson Boulevard, Arlington, Virginia 22230, USA
Tel: (703) 292-5111, FIRS: (800) 877-8339 | TDD: (800) 281-8749
  Text Only Version