基于会话机器人的深暗网威胁情报自动套取方法

Automatic extraction method of threat intelligence for deep and dark web based on Chatbot

深暗网因其强隐匿性、接入简便性和交易便捷性,滋生了大量非法活动。加密即时通信工具Telegram因强大的匿名保护机制,成为广受欢迎的深暗网威胁活动交流渠道,不法分子在群聊中发布敏感消息或广告,吸引感兴趣的成员私聊具体细节。从监管的角度来看,与不法分子的私聊通信中存在大量有价值的情报,伪装身份与不法分子展开针对性会话来套取有价值威胁情报,而不是在大量无意义消息中抽取有价值情报,有助于提高目标情报收集的质量与效率。针对上述问题提出了一种基于会话机器人的深暗网威胁情报自动套取方法,通过调用会话生成能力优越的ChatGPT自动生成与可疑人物的多轮会话内容,解决人工进行搭话成本高、效率低的问题;利用大语言模型的知识储备与上下文学习能力解决深暗网对话语料不足的启动困难问题。实验表明,此方法能够以高质量的多轮会话自动套取情报,具有现实意义,并为后续开展网络犯罪领域自动化交互的研究工作指引了方向。

Due to its high anonymity,easy access and convenient transaction,the deep and dark web was extensively abused by criminals to implement illegal activities.With the update of social network,the encrypted instant messaging tool Telegram was widely popular channel for communicating malicious activities because of its strong protection of privacy and encryption mechanism.Telegram group was widely used for criminals to spread sensitive information or advertise purchases and sales,with details such as the type of goods usually communicated through private chats.From the perspective of supervision,there was a large amount of valuable intelligence in the private communication with criminals,and it was helpful to improve the quality and efficiency of target intelligence collection by conducting targeted conversations with criminals under the guise of identity,rather than extracting valuable intelligence from a large number of meaningless messages.To tackle this issue,an automatic extraction method of threat intelligence on the deep dark web based on conversation robots was proposed.By invoking ChatGPT,which had superior session generation ability,multiple rounds of conversations with suspicious people were automatically generated to solve the problem of low cost and high efficiency of manual communication.Using the knowledge reserve of large language model and the ability of context learning was to solved the difficulty of starting the deep dark web dialogue corpus shortage.The experiments show that this method can automatically extract intelligence with high-quality multi-round conversations,which has practical significance,and provides a direction for the follow-up research on automated in-teraction in the field of cybercrime.