Predicting Organizational Cybersecurity Risk: A Deep Learning Approach
This work provides a tool for cybersecurity stakeholders to identify potential targets of exploits, which is an incremental improvement for cybersecurity analysts.
This paper addresses the problem of predicting which companies will be targeted by cyber exploits by proposing HackER, a hacker forum entity recognition framework. The framework uses a BiLSTM model to create a predictive model, achieving an F1-score of 79.71%, outperforming other classical and deep learning models.
Cyberattacks conducted by malicious hackers cause irreparable damage to organizations, governments, and individuals every year. Hackers use exploits found on hacker forums to carry out complex cyberattacks, making exploration of these forums vital. We propose a hacker forum entity recognition framework (HackER) to identify exploits and the entities that the exploits target. HackER then uses a bidirectional long short-term memory model (BiLSTM) to create a predictive model for what companies will be targeted by exploits. The results of the algorithm will be evaluated using a manually labeled gold-standard test dataset, using accuracy, precision, recall, and F1-score as metrics. We choose to compare our model against state of the art classical machine learning and deep learning benchmark models. Results show that our proposed HackER BiLSTM model outperforms all classical machine learning and deep learning models in F1-score (79.71%). These results are statistically significant at 0.05 or lower for all benchmarks except LSTM. The results of preliminary work suggest our model can help key cybersecurity stakeholders (e.g., analysts, researchers, educators) identify what type of business an exploit is targeting.