Artículo
First Steps towards Data-Driven Adversarial Deduplication
Fecha de publicación:
27/07/2018
Editorial:
MDPI AG
Revista:
Information (Switzerland)
ISSN:
2078-2489
Idioma:
Inglés
Tipo de recurso:
Artículo publicado
Clasificación temática:
Resumen
In traditional databases, the entity resolution problem (which is also known as deduplication)refers to the task of mapping multiple manifestations of virtual objects totheir corresponding real-worldentities. When addressing this problem, in both theory and practice, it is widely assumed that suchsets of virtual objects appear as the result of clerical errors, transliterations, missing or updatedattributes, abbreviations, and so forth. In this paper, we address this problem under the assumptionthat this situation is caused by malicious actors operating in domains in which they do not wishto be identified, such as hacker forums and markets in which the participants are motivated toremain semi-anonymous (though they wish to keep their true identities secret, they find it useful forcustomers to identify their products and services). We are therefore in the presence of a different, andeven more challenging, problem that we refer to as adversarial deduplication. In this paper, we studythis problem via examples that arise from real-world data on malicious hacker forums and marketsarising from collaborations with a cyber threat intelligence company focusing on understanding thiskind of behavior. We argue that it is very difficult—if not impossible—to find ground truth data onwhich to build solutions to this problem, and develop a set of preliminary experiments based ontraining machine learning classifiers that leverage text analysis to detect potential cases of duplicateentities. Our results are encouraging as a first step towards building tools that human analysts canuse to enhance their capabilities towards fighting cyber threats.
Archivos asociados
Licencia
Identificadores
Colecciones
Articulos(CCT - BAHIA BLANCA)
Articulos de CTRO.CIENTIFICO TECNOL.CONICET - BAHIA BLANCA
Articulos de CTRO.CIENTIFICO TECNOL.CONICET - BAHIA BLANCA
Citación
Paredes, José Nicolás; Simari, Gerardo; Martinez, Maria Vanina; Falappa, Marcelo Alejandro; First Steps towards Data-Driven Adversarial Deduplication; MDPI AG; Information (Switzerland); 9; 8; 27-7-2018; 189-204
Compartir
Altmétricas