Mapping the Underground: Supervised Discovery of Cybercrime Supply Chains

Understanding the sequences of processes needed to perform a cybercrime is crucial for effective interventions. However, generating these supply chains currently requires time-consuming manual effort. We propose a method that leverages machine learning and graph-based analysis to efficiently extract supply chains from cybercrime forums. Our supply chain detection algorithm can identify 33% and 42% relevant chains within major English and Russian forums, respectively, showing improvements over the baselines of 11% and 5%, respectively. Our analysis of the supply chains demonstrates underlying connections between products and services that are potentially useful understanding and undermining the illicit activity of these forums. For example, our extracted supply chains illuminate cash out and money laundering techniques and their importance to the functioning of these forums.