Paulo Shakarian, Ph.D. is the CEO and Founder of IntelliSpyre, Inc., a company specializing in cyber threat intelligence mined from the deep and dark web. He is also a Fulton Entrepreneurial Professor (tenure-track) at Arizona State University where he directs the Cyber-Socio Intelligent System (CySIS) Laboratory - specializing in cyber-security, social network analysis, and artificial intelligence. He has written numerous articles in scientific journals and has authored several books, including Elsevier’s /Introduction to Cyber-Warfare /and Cambridge’s forthcoming /Darkweb Cyber Threat Intelligence Mining/. Recently, his work was featured in major news media including /Forbes, /the /New Yorker, Slate, The Economist, Business Insider, TechCrunch/, and the /BBC/. Shakarian's company, IntelliSpyre, was recently selected as a semi-finalist in the Cisco Innovation Grand Challenge (one of 15 of over 5,700 applicants). Paulo was named a KDD Rising Star in 2016 by Microsoft Research Asia, is a New America Fellow and recipient of the Air Force Young Investigator award, DURIP award, DoD Minerva award, FOSINT-SI Best Paper, MIT Tech. Review “Best of 2013”, and was a DARPA Service Chief’s Fellow. Previously, Paulo was an officer in the U.S. Army where he served two combat tours in Iraq, earning a Bronze Star and the Army Commendation Medal for Valor. He also previously worked as an Assistant Professor at West Point. Paulo holds a Ph.D. and M.S. in computer science from the University of Maryland, College Park, and a B.S. in computer science from West Point (with a Depth of Study in Information Assurance).
[Abstract]
==========
The number of Tor sites has more than doubled since February of 2016 – and many of these new sites are havens for malicious hackers where they buy, sell, and trade exploits, malware, and hacking-as-a-service (HaaS). Growth in these communities is occurring worldwide with new sites emerging constantly from not only the traditional locations such as the former Soviet bloc, western Europe, and the U.S., but now South America, the Middle-East, and the Asia-Pacific region are also showing significant growth in deep and darkweb malicious hacker communities. In the near future, the expense of using solely human analysts to monitor these sites will prove unsustainable. In this talk, we describe how machine learning and data mining can address this problem. We introduce our framework for crawling the deep and darkweb, describe various data mining and machine learning challenges we address in cleaning, normalizing, and organizing the data. Then we show how this data can provide insights into hacking communities, malware and exploit product offerings, and other use cases. We also will highlight some interesting findings that we uncovered that involve hacker actions across multiple deep and darkweb sites. The talk will include a brief demo of our platform.