{"id":"https://openalex.org/W4386211343","doi":"https://doi.org/10.1109/csr57506.2023.10224941","title":"Cream Skimming the Underground: Identifying Relevant Information Points from Online Forums","display_name":"Cream Skimming the Underground: Identifying Relevant Information Points from Online Forums","publication_year":2023,"publication_date":"2023-07-31","ids":{"openalex":"https://openalex.org/W4386211343","doi":"https://doi.org/10.1109/csr57506.2023.10224941"},"language":"en","primary_location":{"id":"doi:10.1109/csr57506.2023.10224941","is_oa":false,"landing_page_url":"https://doi.org/10.1109/csr57506.2023.10224941","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5013761088","display_name":"Felipe Moreno-Vera","orcid":"https://orcid.org/0000-0002-2477-9624"},"institutions":[{"id":"https://openalex.org/I122140584","display_name":"Universidade Federal do Rio de Janeiro","ror":"https://ror.org/03490as77","country_code":"BR","type":"education","lineage":["https://openalex.org/I122140584"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Felipe Moreno-Vera","raw_affiliation_strings":["Federal University of Rio de Janeiro (UFRJ)"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Federal University of Rio de Janeiro (UFRJ)","institution_ids":["https://openalex.org/I122140584"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5085633170","display_name":"Mateus Nogueira","orcid":"https://orcid.org/0000-0001-8851-8987"},"institutions":[{"id":"https://openalex.org/I122140584","display_name":"Universidade Federal do Rio de Janeiro","ror":"https://ror.org/03490as77","country_code":"BR","type":"education","lineage":["https://openalex.org/I122140584"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Mateus Nogueira","raw_affiliation_strings":["Federal University of Rio de Janeiro (UFRJ)"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Federal University of Rio de Janeiro (UFRJ)","institution_ids":["https://openalex.org/I122140584"]}]},{"author_position":"middle","author":{"id":null,"display_name":"Cain\u00e3 Figueiredo","orcid":null},"institutions":[{"id":"https://openalex.org/I122140584","display_name":"Universidade Federal do Rio de Janeiro","ror":"https://ror.org/03490as77","country_code":"BR","type":"education","lineage":["https://openalex.org/I122140584"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Cain\u00e3 Figueiredo","raw_affiliation_strings":["Federal University of Rio de Janeiro (UFRJ)"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Federal University of Rio de Janeiro (UFRJ)","institution_ids":["https://openalex.org/I122140584"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5034604991","display_name":"Daniel Sadoc Menasch\u00e9","orcid":"https://orcid.org/0000-0002-8953-4003"},"institutions":[{"id":"https://openalex.org/I122140584","display_name":"Universidade Federal do Rio de Janeiro","ror":"https://ror.org/03490as77","country_code":"BR","type":"education","lineage":["https://openalex.org/I122140584"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Daniel S. Menasch\u00e9","raw_affiliation_strings":["Federal University of Rio de Janeiro (UFRJ)"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Federal University of Rio de Janeiro (UFRJ)","institution_ids":["https://openalex.org/I122140584"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5078375408","display_name":"Miguel Bicudo","orcid":"https://orcid.org/0000-0002-6266-4369"},"institutions":[{"id":"https://openalex.org/I122140584","display_name":"Universidade Federal do Rio de Janeiro","ror":"https://ror.org/03490as77","country_code":"BR","type":"education","lineage":["https://openalex.org/I122140584"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Miguel Bicudo","raw_affiliation_strings":["Federal University of Rio de Janeiro (UFRJ)"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Federal University of Rio de Janeiro (UFRJ)","institution_ids":["https://openalex.org/I122140584"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5092705458","display_name":"Ashton Woiwood","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Ashton Woiwood","raw_affiliation_strings":["ESO"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"ESO","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052990469","display_name":"Enrico Lovat","orcid":null},"institutions":[{"id":"https://openalex.org/I1325886976","display_name":"Siemens (Germany)","ror":"https://ror.org/059mq0909","country_code":"DE","type":"company","lineage":["https://openalex.org/I1325886976"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Enrico Lovat","raw_affiliation_strings":["Siemens Corporation"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Siemens Corporation","institution_ids":["https://openalex.org/I1325886976"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052598260","display_name":"Anton Kocheturov","orcid":"https://orcid.org/0000-0003-2549-9146"},"institutions":[{"id":"https://openalex.org/I1325886976","display_name":"Siemens (Germany)","ror":"https://ror.org/059mq0909","country_code":"DE","type":"company","lineage":["https://openalex.org/I1325886976"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Anton Kocheturov","raw_affiliation_strings":["Siemens Corporation"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Siemens Corporation","institution_ids":["https://openalex.org/I1325886976"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5058585548","display_name":"Leandro Pfleger de Aguiar","orcid":"https://orcid.org/0000-0001-6516-328X"},"institutions":[{"id":"https://openalex.org/I4210089985","display_name":"Amazon (Germany)","ror":"https://ror.org/00b9ktm87","country_code":"DE","type":"company","lineage":["https://openalex.org/I1311688040","https://openalex.org/I4210089985"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Leandro Pfleger de Aguiar","raw_affiliation_strings":["Amazon.com"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Amazon.com","institution_ids":["https://openalex.org/I4210089985"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":9,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":2.5881,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.91508482,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":94,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"66","last_page":"71"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.9994999766349792,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11644","display_name":"Spam and Phishing Detection","score":0.9987999796867371,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9972000122070312,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/hacker","display_name":"Hacker","score":0.8414187431335449},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7997763156890869},{"id":"https://openalex.org/keywords/task","display_name":"Task (project management)","score":0.6082484722137451},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.5839748382568359},{"id":"https://openalex.org/keywords/random-forest","display_name":"Random forest","score":0.5749868154525757},{"id":"https://openalex.org/keywords/ground-truth","display_name":"Ground truth","score":0.5587989091873169},{"id":"https://openalex.org/keywords/machine-learning","display_name":"Machine learning","score":0.5195717811584473},{"id":"https://openalex.org/keywords/precision-and-recall","display_name":"Precision and recall","score":0.5103661417961121},{"id":"https://openalex.org/keywords/decision-tree","display_name":"Decision tree","score":0.49184608459472656},{"id":"https://openalex.org/keywords/data-science","display_name":"Data science","score":0.47226133942604065},{"id":"https://openalex.org/keywords/filter","display_name":"Filter (signal processing)","score":0.46551039814949036},{"id":"https://openalex.org/keywords/volume","display_name":"Volume (thermodynamics)","score":0.45015662908554077},{"id":"https://openalex.org/keywords/artificial-intelligence","display_name":"Artificial intelligence","score":0.4371684789657593},{"id":"https://openalex.org/keywords/resource","display_name":"Resource (disambiguation)","score":0.4204738736152649},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.3391110599040985},{"id":"https://openalex.org/keywords/data-mining","display_name":"Data mining","score":0.33732694387435913},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.2928979992866516}],"concepts":[{"id":"https://openalex.org/C86844869","wikidata":"https://www.wikidata.org/wiki/Q2798820","display_name":"Hacker","level":2,"score":0.8414187431335449},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7997763156890869},{"id":"https://openalex.org/C2780451532","wikidata":"https://www.wikidata.org/wiki/Q759676","display_name":"Task (project management)","level":2,"score":0.6082484722137451},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.5839748382568359},{"id":"https://openalex.org/C169258074","wikidata":"https://www.wikidata.org/wiki/Q245748","display_name":"Random forest","level":2,"score":0.5749868154525757},{"id":"https://openalex.org/C146849305","wikidata":"https://www.wikidata.org/wiki/Q370766","display_name":"Ground truth","level":2,"score":0.5587989091873169},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.5195717811584473},{"id":"https://openalex.org/C81669768","wikidata":"https://www.wikidata.org/wiki/Q2359161","display_name":"Precision and recall","level":2,"score":0.5103661417961121},{"id":"https://openalex.org/C84525736","wikidata":"https://www.wikidata.org/wiki/Q831366","display_name":"Decision tree","level":2,"score":0.49184608459472656},{"id":"https://openalex.org/C2522767166","wikidata":"https://www.wikidata.org/wiki/Q2374463","display_name":"Data science","level":1,"score":0.47226133942604065},{"id":"https://openalex.org/C106131492","wikidata":"https://www.wikidata.org/wiki/Q3072260","display_name":"Filter (signal processing)","level":2,"score":0.46551039814949036},{"id":"https://openalex.org/C20556612","wikidata":"https://www.wikidata.org/wiki/Q4469374","display_name":"Volume (thermodynamics)","level":2,"score":0.45015662908554077},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.4371684789657593},{"id":"https://openalex.org/C206345919","wikidata":"https://www.wikidata.org/wiki/Q20380951","display_name":"Resource (disambiguation)","level":2,"score":0.4204738736152649},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.3391110599040985},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.33732694387435913},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.2928979992866516},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C187736073","wikidata":"https://www.wikidata.org/wiki/Q2920921","display_name":"Management","level":1,"score":0.0},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C31972630","wikidata":"https://www.wikidata.org/wiki/Q844240","display_name":"Computer vision","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/csr57506.2023.10224941","is_oa":false,"landing_page_url":"https://doi.org/10.1109/csr57506.2023.10224941","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.6000000238418579,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":22,"referenced_works":["https://openalex.org/W150078352","https://openalex.org/W2296488620","https://openalex.org/W2495607404","https://openalex.org/W2521200999","https://openalex.org/W2623359660","https://openalex.org/W2766615649","https://openalex.org/W2798110387","https://openalex.org/W2998437211","https://openalex.org/W3094455371","https://openalex.org/W3131737144","https://openalex.org/W3163835525","https://openalex.org/W3175201754","https://openalex.org/W4200158199","https://openalex.org/W4293713156","https://openalex.org/W4309557444","https://openalex.org/W4313639514","https://openalex.org/W4320024310","https://openalex.org/W4379528892","https://openalex.org/W6791300599","https://openalex.org/W6801193496","https://openalex.org/W6849077016","https://openalex.org/W6959863652"],"related_works":["https://openalex.org/W4366990902","https://openalex.org/W4317732970","https://openalex.org/W4388550696","https://openalex.org/W4313289487","https://openalex.org/W4321636153","https://openalex.org/W2047973478","https://openalex.org/W4385192698","https://openalex.org/W2032182853","https://openalex.org/W4224262160","https://openalex.org/W4205150741"],"abstract_inverted_index":{"This":[0],"paper":[1],"proposes":[2],"a":[3,70,125],"machine":[4,72],"learning-based":[5],"approach":[6,35],"for":[7,32,103],"detecting":[8],"the":[9,14,29,52,57,104,112,122,130,137,146,151],"exploitation":[10,27,147],"of":[11,24,124,148],"vulnerabilities":[12,149],"in":[13,28,114,150],"wild":[15,30,152],"by":[16],"monitoring":[17],"underground":[18,66],"hacking":[19,138],"forums.":[20],"The":[21],"increasing":[22],"volume":[23],"posts":[25,40],"discussing":[26],"calls":[31],"an":[33],"automatic":[34],"to":[36,136,157,162],"process":[37],"threads":[38,78],"and":[39,68,81,97,118,128,132,153,167],"that":[41,75,94],"will":[42],"eventually":[43],"trigger":[44],"alarms":[45],"depending":[46],"on":[47],"their":[48],"content.":[49],"To":[50],"illustrate":[51],"proposed":[53],"system,":[54],"we":[55,92,108],"use":[56],"CrimeBB":[58],"dataset,":[59],"which":[60],"contains":[61],"data":[62],"scraped":[63],"from":[64],"multiple":[65],"forums,":[67],"develop":[69],"supervised":[71],"learning":[73],"model":[74],"can":[76,154],"filter":[77],"citing":[79],"CVEs":[80],"label":[82],"them":[83],"as":[84,165],"Proof-of-Concept,":[85],"Weaponization,":[86],"or":[87],"Exploitation.":[88],"Leveraging":[89],"random":[90],"forests,":[91],"indicate":[93],"accuracy,":[95],"precision":[96],"recall":[98],"above":[99],"0.99":[100],"are":[101],"attainable":[102],"classification":[105],"task.":[106],"Additionally,":[107],"provide":[109,158],"insights":[110],"into":[111,145],"difference":[113],"nature":[115],"between":[116],"weaponization":[117],"exploitation,":[119],"e.g.,":[120],"interpreting":[121],"output":[123],"decision":[126],"tree,":[127],"analyze":[129],"profits":[131],"other":[133],"aspects":[134],"related":[135],"communities.":[139],"Overall,":[140],"our":[141],"work":[142],"sheds":[143],"insight":[144],"be":[155],"used":[156],"additional":[159],"ground":[160],"truth":[161],"models":[163],"such":[164],"EPSS":[166],"Expected":[168],"Exploitability.":[169]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":2}],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2025-10-10T00:00:00"}