Examining Hacker Participation Length in Cybercriminal Internet-Relay-Chat Communities

Victor Benjamin, Bin Zhang, Jay F. Nunamaker, Hsinchun Chen

Research output: Contribution to journalArticlepeer-review

57 Scopus citations


To further cybersecurity, there is interest in studying online cybercriminal communities to learn more about emerging cyber threats. Literature documents the existence of many online Internet Relay Chat (IRC) cybercriminal communities where cybercriminals congregate and share hacking tools, malware, and more. However, many cybercriminal community participants appear unskilled and have fleeting interests, making it difficult to detect potential long-term or key participants. This is a challenge for researchers and practitioners to quickly identify cybercriminals that may provide credible threat intelligence. Thus, we propose a computational approach to analyze cybercriminals IRC communities in order to identify potential long-term and key participants. We use the extended Cox model to scrutinize cybercriminal IRC participation for better understanding of behaviors exhibited by cybercriminals of importance. Results indicate that key cybercriminals may be quickly identifiable by assessing the scale of their interaction and networks with other participants.

Original languageEnglish (US)
Pages (from-to)482-510
Number of pages29
JournalJournal of Management Information Systems
Issue number2
StatePublished - Apr 2 2016

ASJC Scopus subject areas

  • Management Information Systems
  • Computer Science Applications
  • Management Science and Operations Research
  • Information Systems and Management


Dive into the research topics of 'Examining Hacker Participation Length in Cybercriminal Internet-Relay-Chat Communities'. Together they form a unique fingerprint.

Cite this