Research into Mining New Types of Cybercriminal Tricks and Management Countermeasures
New types of cybercrimes are more novel,sophisticated and professional,and have been growing in recent years.Research into mining and analyzing new types of cybercrimes,and countermeasures will help public security organizations actively prevent cybercrimes and implement precise strikes.However,this type of research is rare both at home and abroad.To tackle the challenges of analyzing new cybercriminal tricks,we need to address five main tasks:1)estab-lish a research framework,as one is lack of mining these tricks in open-source intelligence data;2)accurately classify cybercriminal tricks,as they evolve and complicate classification;3)accurately extract representative cybercrime keywords,as traditional unsupervised keyword recognition model has low accuracy and is difficult to meet the business requirements for keyword extraction of cybercriminal tricks,meanwhile supervised learning models have the problem with sample imbalance;4)accurately identify hot words,as we need to pay more atten-tion to the hot words of cybercrime tactics with prominent changes,while the traditional hot word identification method based on word frequency statistics has poor results;5)summarize new cybercriminal tricks,as new types of cybercriminal tricks are changing rapidly,which are difficult to directly define with classification categories,and need to be accurately expressed for management countermeasures.In this paper,we propose a framework to mine new types of cybercriminal tricks by adopting an interdisci-plinary method.We refer to the cybercriminal tricks published on the website of the Ministry of Public Security and defines the common cybercriminal tricks as a two-level classification system.For new cybercriminal tricks which are not covered by existing categories,we use keyword recognition technology to detect representative keywords and manually confirm whether these keywords are sufficient to represent the cybercriminal tricks.Based on the existing research process of hot word recognition,in this paper we propose a new type of cybercriminal trick extraction method based on the classification of cybercrime related content and the recognition of cybercrime keywords.To provide a high accuracy of the cybercrime classification model and keyword extraction model,we innova-tively design the BERT-JTFL joint training model.This model enables the cybercriminal trick classification model and cybercrime keyword extraction model to share knowledge and promote each other.To deal with the sample imbalance issue,we propose multiclass Focal Loss to balance weight of samples in keyword extraction loss.To mine cybercrime hot words,we propose a hot word recognition model as follows:the model first relies on the classification of textual cybercrime techniques to filter the texts in the field of cybercrime;next,it identifies keywords for each text,ensuring the text is representative of cybercrime activity;finally,it calculates keyword popularity over time using a historical weighted average and applies Bayesian smoothing to determine the results for cybercrime hot words.The new cybercriminal tricks usually did not appear in the past,and in this paper we propose a new cyber-criminal trick mining model based on the hot words of cybercrime,which screens the new words in the hot words,and identifies and mines representative combinations of related keywords in sliding window as a new type of cybercriminal trick.These models are trained based on preprocessed Internet public police notices and Weibo data in 2019 and 2020.The research results show that:1)The BERT-JTFL joint training model designed in this paper outperforms the BERT and RoBERTa models in both text classification tasks and keyword recognition tasks.2)The novel hot word model is able to pay attention to the recent changes in keywords with smooth processing,effectively captures hot cybercriminals with P@10 up to 83.3%.3)The extraction results of new keywords and related keywords can effectively capture and identify new cybercriminal tricks and summarize their characteristics.To achieve the goal of proactive prevention of cybercrimes,precisely predict and fight new types of cyber-crimes,and fully utilize the open-source intelligence information on the existing Internet,we also propose how to prevent and fight cybercrimes from the perspective of management.
new cybercriminal tricksBERT-JTFLjoint trainingcybercrime management countermeasurescontent classificationkeywordhot word
国家科技期刊平台
NSTL
万方数据
