In 2021, cybercrime reached alarming proportions, generating over 7 trillion USD and ranking as the world's third-largest economic power. Confronted with this growing threat, research has shifted towards the proactive identification of cyber threats, exploring methods for predicting exploits and attacks. However, this approach often overlooked the criminological aspect in favor of algorithms and technical intelligence. The advent of big data emphasized the need to optimize information collection, giving rise to the "key hacker identification problem."
This study focuses on identifying key actors within darkweb hacking forums, drawing inspiration from three distinct approaches: social network analysis, content analysis, and a hybrid approach integrating both dimensions along with user seniority. However, none have explored the qualifications of key actors, a crucial gap considering the diversity of knowledge levels within hacker communities. Building on Bouchard and Nguyen's (2011) classification, this study proposes a hybrid methodology to identify key actors by integrating social metrics (social networks, seniority) and a technical analysis of Common Vulnerabilities and Exposures (CVEs). CVEs serve as a basis to assess actors' expertise, critical to the success of their malicious activities.
The objectives of this study are as follows: (1) Establish profiles of threat actors based on their technical expertise. (2) Prioritize the danger levels of profiles, thereby identifying key actors in accordance with the Bouchard & Nguyen framework, where the key lies in expertise and commitment.
By considering vulnerabilities exploited by actors and their activity on forums, this research aims to contribute to understanding cyber threats while filling the criminological gap on key actors. By revealing profiles and identifying key actors, this study aspires to strengthen organizations' ability to anticipate and prevent future cyber attacks.