Identifying Digital Threats in a Hacker Web Forum

Information threatening the security of critical infrastructures are exchanged over the Internet through communication platforms, such as online discussion forums.

This information can be used by malicious hackers to attack critical computer networks and data systems. Much of the literature on the hacking of critical infrastructure has focused on developing typologies of cyber-attacks, but has not examined the communication activities of the actors involved.

To address this gap in the literature, the language of hackers was analyzed to identify potential threats against critical infrastructures using automated analysis tools.

First, discussion posts were collected from a selected hacker forum using a customized web-crawler. Posts were analyzed using a parts of speech tagger, which helped determine a list of keywords used to query the data.

Next, a sentiment analysis tool scored these keywords, which were then analyzed to determine the effectiveness of this method.


Mitch Macdonald, Richard Frank, Joseph Mei, and Bryan Monk


11 February 2016 / 2015 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM)

DOI: 10.1145/2808797.2808878