Cybersecurity Research + Education

Overview

Started in 2013 by Dr. Hsinchun Chen with $5.4M in funding from National Science Foundation (NSF) and grounded on Security Big Data Analytics, the cybersecurity research and education focus of the Artificial Intelligence Lab includes the original Hacker Web project and AZSecure Scholarship-for-Service (SFS) Fellowship. As a global society, we increasingly rely on a complex, fragile, and vulnerable cyberspace. The AI Lab’s focus on cybersecurity research and education is helping to address significant challenges facing the world through the understanding that achieving a truly secure cyberspace requires addressing both challenging scientific and engineering problems involving many components of the system, and the vulnerabilities that arise from human behaviors and choices. The graduate students involved in this research become assets to the cybersecurity workforce and those admitted to the competitive AZSecure SFS Fellowship program agree to begin their careers in the U.S. government. The Hacker Web project and the AZSecure SFS Fellowship program are integrated through student and faculty research and educational activities within the rich research environment of the AI Lab.

 

The AI Lab’s cybersecurity research and education focus builds upon the existing Management Information Systems program at the University of Arizona Eller College of Management (top-five ranked by U.S. News & World Report for over 28 consecutive years) and its highly successful Center of Academic Excellence in Information Assurance Education (NSA/DHS CAE-IAE) program in information security and analytics. Information Security has been one of the MIS Department’s three “pillars of excellence” and additional educational opportunities are now available to students with the launch of a Masters in Cybersecurity in the summer of 2017 and the new cybersecurity course options that brings.

 

Hacker Web

With a highly interdisciplinary team, the Hacker Web project aims to answer questions about hacker behaviors, markets, community structure, communication contents, artifacts and cultural differences. An integrated computational framework and associated analytical algorithms and techniques allow researchers, policy makers, and industries to better understand the hacker community and its highly complex ecosystem and impacts. Hacker Web is funded by NSF Secure and Trustworthy Cyberspace (SaTC), the premier program for advancing cybersecurity research in the US. The Hacker Web project provides independent research and training opportunities for interested students in the AZSecure SFS Fellowship Program.

         Hacker Web Research Framework

AZSecure SFS Fellowship

AZSecure SFS Fellowship: Students in this program are trained in advanced cybersecurity analytics and information assurance for placement in government agencies and industries. The funding for this program is through one of the largest NSF CyberCorps SFS:SaTC grant awards in the nation. The AZSecure SFS Fellowship Program is one of the few CyberCorps SFS programs awarded to a College of Management. The AZSecure program graduated 16 MS students between 2015 and 2017. An additional 10 MS and 2 Ph.D. students are enrolled as of the 2017/2018 academic year.

        AZSecure SFS Fellowship Program Overview

Details about the program for prospective and current students are available in the Master’s in MIS webspace.

Funding

We thank the following agencies and companies for providing research funding support:

  • Hacker Web: “Securing Cyber Space: Understanding the Cyber Attackers and Attacks via Social Media Analytics,”  PIs: H. Chen (MIS), S Hariri (ECE), R. Breiger (Sociology), T. Holt (Michigan State), SES-1314631, NSF SaTC Program, SBE:TTP, 9/1/2013-8/31/2016, $1.2M.
  • AZSecure: “Cybersecurity Scholarship-for-Service at The University of Arizona,”  PIs: H. Chen, P. Goes (MIS), S. Hariri (ECE), M. Patton (MIS), DUE-1303362, NSF SFS Program, 9/15/2013-8/31/2018, $4.2M.

Team Members

  • Hsinchun Chen, MIS
  • Mark Patton, MIS
  • Riley McIsaac, MIS
  • Jay F. Nunamaker, MIS
  • Lance Hoopes, MIS
  • William Neumann, MIS
  • Joe Valacich, MIS
  • Matt Hashim, MIS
  • Victor Benjamin, MIS
  • Shiyu Hu, MIS

 Collaborators

  • Salim Hariri, ECE
  • Youssif Al Nashif, ECE
  • Rob Breiger, Sociology
  • Saumya Debray, CS
  • Christian Collberg, CS
  • Beichuan Zhang, CS
  • Tom Holt, Criminology, Michigan State University
  • Ahmed Abbasi, University of Virginia

Publications

2017 | 2016 | 2015 | 2014 | Earlier work

2017 

Conference Papers and Presentations

Forthcoming in the Proceedings of 2017 IEEE International Conference on Intelligence and Security Informatics, Beijing, China, July 2017:

  • Emma McMahon, Ryan Williams, Malaka El, Sagar Samtani, Mark Patton and Hsinchun Chen, (2017). “Assessing Medical Device Vulnerabilities on the Internet of Things”
  • Ryan Williams, Emma McMahon, Sagar Samtani, Mark Patton and Hsinchun Chen, (2017). “Identifying Vulnerabilities of Consumer Internet of Things (IoT) Devices: A Scalable Approach”
  • John Grisham, Sagar Samtani, Mark Patton and Hsinchun Chen, (2017). “Identifying Mobile Malware and Key Threat Actors in Online Hacker Forums for Proactive Cyber Threat Intelligence”
  • Malaka El, Sagar Samtani, Hsinchun Chen, Mark Patton and Emma McMahone, (2017). “Benchmarking Vulnerability Scanners: An Experiment on SCADA Devices and Scientific Instruments”
  • Rodney Rohrmann, Vincent Ercolani, Mark Patton, (2017). “Large Scale Port Scanning Through Tor Using Parallel Nmap Scans to Scan Large Portions of the IPv4 Range”

Book Chapters

  • Benjamin, V., Samtani, S., and Chen, H. (2017). "Conducting Large-Scale Analyses of Underground Hacker Communities." Cybercrime through an Interdisciplinary Lens.  Holt, Thomas H..  Routledge.  New York, NY.  DOI: 10.4324/9781315618456

 

2016 

Conference Papers and Presentations

 

  • V. Ercolani, M. Patton, and H. Chen, “Shodan Visualized,” ISI 2016, Proceedings of 2016 IEEE International Conference on Intelligence and Security Informatics, Tucson, Arizona, September 2016. DOI: 10.1109/ISI.2016.7745467
  • J. Grisham, C. Barreras, C. Afarin, M. Patton, and H. Chen, “Identifying Top Listers in Alphabay Using Latent Dirichlet Allocation,” ISI 2016, Proceedings of 2016 IEEE International Conference on Intelligence and Security Informatics, Tucson, Arizona, September 2016. DOI: 10.1109/ISI.2016.7745477
  • R. Jicha, M. Patton, and H. Chen, “Identifying Devices across the IPv4 Address Space,” ISI 2016, Proceedings of 2016 IEEE International Conference on Intelligence and Security Informatics, Tucson, Arizona, September 2016. DOI: 10.1109/ISI.2016.7745469
  • A. Jicha, M. Patton, and H. Chen, “SCADA Honeypots: An In-depth Analysis of Conpot,” ISI 2016, Proceedings of 2016 IEEE International Conference on Intelligence and Security Informatics, Tucson, Arizona, September 2016. DOI: 10.1109/ISI.2016.7745468
  • R. Rohrmann, M. Patton, and H. Chen, “Anonymous Port Scanning Performing Network -Reconnaissance Through Tor,” ISI 2016, Proceedings of 2016 IEEE International Conference on Intelligence and Security Informatics, Tucson, Arizona, September 2016. DOI: 10.1109/ISI.2016.7745475
  • S. Samtani, and H. Chen, “Using Social Network Analysis to Identify Key Hackers for Keylogging Tools in Hacker Forums,” ISI 2016, Proceedings of 2016 IEEE International Conference on Intelligence and Security Informatics, Tucson, Arizona, September 2016. DOI: 10.1109/ISI.2016.7745500
  • S. Samtani, K. Chinn, C. Larson, and H. Chen, “AZSecure Hacker Assets Portal: Cyber Threat Intelligence and Malware Analysis,” ISI 2016, Proceedings of 2016 IEEE International Conference on Intelligence and Security Informatics, Tucson, Arizona, September 2016. DOI: 10.1109/ISI.2016.7745437
  • S. Samtani, S. Yu, H. Zhu, M. Patton, and H. Chen, “Identifying SCADA Vulnerabilities Using Passive and Active Vulnerability Assessment Techniques,” ISI 2016, Proceedings of 2016 IEEE International Conference on Intelligence and Security Informatics, Tucson, Arizona, September 2016. DOI: 10.1109/ISI.2016.7745438

 

2015

Conference Papers and Presentations

  • S. Samtani, R. Chinn, and H. Chen, “Exploring Hacker Assets in Underground Forums,” ISI 2015, Proceedings of 2015 IEEE International Conference on Intelligence and Security Informatics, Baltimore, Maryland, May 2015. DOI: 10.1109/ISI.2015.7165935
  • V. Benjamin, W. Li, T. Holt, and H. Chen. "Exploring Threats and Vulnerabilities in Hacker Web: Forums, IRC and Carding Shops". Proceedings of 2015 IEEE International Conference on Intelligence and Security Informatics, ISI 2015, Baltimore, Maryland, May 2015. DOI: 10.1109/ISI.2015.7165944
  • V. Benjamin and H. Chen. "Developing Understanding of Hacker Language through the use of Lexical Semantics". Proceedings of 2015 IEEE International Conference on Intelligence and Security Informatics, ISI 2015, Baltimore, Maryland, May 2015. DOI: 10.1109/ISI.2015.7165943

2014

Journal Articles

  • Danny Thebeau II; Benjamin Reidy; Ricardo Valerdi; Avinash Gudagi; Hemayamini Kurra; Youssif Al-Nashif; Salim Hariri; Frederick Sheldon. “Improving cyber resiliency of cloud application services by applying Software Behavior Encryption (SBE).” Procedia Computer Science, 2014; 28:62-70. DOI: 10.1016/j.procs.2014.03.009

Conference Papers and Presentations

  • A. Abbasi, W. Li, V. Benjamin, S. Hu, and H. Chen. "Descriptive Analytics: Examining Expert Hackers in Web Forums". Proceedings of 2014 IEEE Joint International Conference on Intelligence and Security Informatics, JISIC 2014, The Hague, Netherlands, September 2014. DOI: 10.1109/JISIC.2014.18
  • V.A. Benjamin and H. Chen, "Time-to-event Modeling for Predicting Hacker Community Participant Trajectory," ISI 2014, Proceedings of 2014 IEEE International Conference on Intelligence and Security Informatics, The Netherlands, September 2014. DOI: 10.1109/JISIC.2014.14
  • W. Li and H. Chen. "Identifying Top Sellers In Underground Economy Using Deep Learning-based Sentiment Analysis". Proceedings of 2014 IEEE Joint International Conference on Intelligence and Security Informatics, JISIC 2014, The Hague, Netherlands, September 2014. DOI: 10.1109/JISIC.2014.19
  • M. Patton, E. Gross, R. Chinn, S. Forbis, L. Walker, and H. Chen, “Uninvited Connections: A Study of the Vulnerable Devices on the Internet of Things (IoT),” ISI 2014, Proceedings of 2014 IEEE International Conference on Intelligence and Security Informatics, The Netherlands, September 2014. DOI: 10.1109/JISIC.2014.43

Earlier Publications

Journal Articles

  • A. Abbasi and H. Chen, “A Comparison of Fraud Cues and Classification Methods for Fake Escrow Website Detection,” Information Technology and Management, Volume 10, Number 2, Pages 83-101, 2009.
  • A. Abbasi and H. Chen, “A Comparison of Tools for Detecting Fake Websites,” IEEE Computer, Volume 42, Number 10, Pages 78-86, October 2009.
  • A. Abbasi and H. Chen, “CyberGate: A System and Design for Text Analysis of Computer Mediated Communications,” MIS Quarterly, Volume 32, Number 4, Pages 811-837, December 2008.
  • A. Abbasi and H. Chen, “Writeprints: A Stylometric Approach to Identify-Level Identification and Similarity Detection in Cyberspace,” ACM Transactions on Information Systems, Volume 26, Number 2, Pages 7:1-7:29, 2008.
  • A. Abbasi, H. Chen, and A. Salem, “Sentiment Analysis in Multiple Languages: Feature Selection for Opinion Classification in Web Forums,” ACM Transactions on Information Systems, Volume 26, Number 3, Pages 12:1-12:34, 2008.
  • A. Abbasi, H. Chen, S. Thoms, and T. J. Fu, “Affect Analysis of Web Forums and Blogs using Correlation Ensembles,” IEEE Transactions on Knowledge and Data Engineering, Volume 20, Number 9, Pages 1168-1180, September 2008.
  • W. Chung, H. Chen, W. Chang, and S. Chou, “Fighting Cybercrime: A Review and the Taiwan Experience,” Decision Support Systems, special issue on Intelligence and Security Informatics, Volume 41, Number 3, Pages 669-682, March 2006.
  • T. J. Fu, A. Abbasi, and H. Chen, “A Focused Crawler for Dark Web Forums,” Journal of the American Society for Information Science and Technology, Volume 61, Number 6, Pages 1213-1231, 2010.
  • S. Raghu and H. Chen, “Cyberinfrastructure for Homeland Security: Advances in Information Sharing, Data Mining, and Collaboration Systems,” Decision Support Systems, Volume 43, Number 4, Pages 1321-1323, 2007.

Conference Papers and Presenetations

  • A. Abbasi and H. Chen, “Affect Intensity Analysis of Dark Web Forums,” Proceedings of 2007 IEEE Intelligence and Security Informatics, ISI 2007, New Brunswick, NJ, May 2007.
  • V. Benjamin and H. Chen, “Securing Cyberspace: Identifying Key Actors in Hacker Communities,” Proceedings of 2012 IEEE International  Conference on Intelligence and Security Informatics, ISI 2012, Washington, DC, June 2012.
  • R. Chang, W. Chung and H. Chen, “An International Perspective on Fighting Cybercrime,” Proceedings of the 1st NSF/NIJ Symposium on Intelligence and Security Informatics, ISI 2003, Tucson, Arizona, June 2003, Lecture Notes in Computer Science (LNCS 2665), Springer-Verlag.
  • H. Chen, “Cyber Terrorism in Web 2.0: An Exploratory Study of International Jihadist Groups,” Proceedings of 2008 IEEE International Conference on Intelligence and Security Informatics, ISI 2008, Taipei, Taiwan, June 2008.
  • H. Chen, “Sentiment and Affect Analysis of Dark Web Forums: Measuring Radicalization on the Internet,” Proceedings of 2008 IEEE International Conference on Intelligence and Security Informatics, ISI 2008, Taipei, Taiwan, June 2008.
  • T. Fu and H. Chen, “Analysis of Cyberactivism: A Case Study of Online Free Tibet Activities,” Proceedings of 2008 IEEE International Conference on Intelligence and Security Informatics, ISI 2008, Taipei, Taiwan, June 2008.
  • T. Fu, A. Abbasi and H. Chen, “Interaction Coherence for Dark Web Forums,” Proceedings of 2007 IEEE Intelligence and Security Informatics, ISI 2007, New Brunswick, NJ, May 2007.
  • C. Mielke and H. Chen, “Botnets, and the CyberCriminal Underground,” Proceedings of 2008 IEEE International Conference on Intelligence and Security Informatics, ISI 2008, Taipei, Taiwan, June 2008.
  • R. Zheng, Y. Qin, Z. Huang, and H. Chen, “Authorship Analysis in Cybercrime Investigation,” Proceedings of the 1st NSF/NIJ Symposium on Intelligence and Security Informatics, ISI 2003, Tucson, Arizona, June 2003, Lecture Notes in Computer Science (LNCS 2665), Springer-Verlag.
  • D. Zimbra and H. Chen, “Scalable Sentiment Classification across Multiple Dark Web Forums,” IEEE International Conference on Intelligence and Security Informatics, ISI 2012, Washington, DC, June 2012.

Books

  • H. Chen, “Intelligence and Security Informatics for International Security: Information Sharing and Data Mining,” Springer, 2006.
  • H. Chen, M. Dacier, et al., (Eds.), Proceedings the ACM SIGKDD Workshop on CyberSecurity and Intelligence Informatics, Paris, France, June 2009.
  • H. Chen, “Dark Web: Exploring and Mining the Dark Side of the Web,” Springer, 2012.

 


 

Abstract image of cybersecurity on AI Lab home page slider courtesy Shutterstock.