Articles

Faculty Spotlight: Sagar Samtani Dives Deep into the Dark Web to Find Answers, Solutions

By Keith Morelli

Sagar Samtani speaking to EAC

TAMPA (February 8, 2019) -- Think of cyberspace like it’s the ocean. On the surface, boaters enjoy the sunshine, waterskiing, sailing, swimming, or just floating about. Fifty feet below the surface is a different world. Coral reefs flourish in ecological harmony. Go a mile or two down and dangers lurk. It is dark and foreboding. There are creatures with sharp fangs that lure you close with luminous tendrils.

Sagar Samtani, assistant information systems and decision sciences professor with the University of South Florida’s Muma College of Business, is neck deep in these dark, cyber places. His research keenly focuses on the dark web.

He works to use and develop a unique blend of computational, artificial intelligence-based methodologies to gain insights about key hackers and emerging threats, such as this: Health insurance cards are now the loot of choice by many hackers and can be sold for between $20 and $30 each.

“Health insurance cards are valuable on the dark web,” he said. “There is so much rich information on them.”

Here’s Samtani’s take on cyberspace:

There is the public web, on the surface with Facebook and Twitter, social media and home pages for millions of businesses. Below that is the deep web, where more commerce and data mining happens. And at the bottom is the dark web, a shadowy place made up of four major platforms: hacker forums, dark-net marketplaces, carding shops and internet real-time chatrooms.

The dark web is where sophisticated hackers live, stealing bank account and Social Security numbers and personal information. It’s where they store their loot and sell it on dark-net markets – “illicit Amazons,” Samtani said – where stolen credit-card numbers can be sold for anywhere between $2 and $13, but usually $6 to $7 each. Hacker forums represent the largest platform, often containing tens of millions of multi-lingual postings.

Marketplaces are black-market platforms, where weapons, drugs, porn and counterfeit currency are found, along with information gleaned from large and small data breaches. Carding shops are online markets for the sale of stolen credit-card information and the relay chat platform is a real-time instant messaging application used by hackers. Samtani said this cyber-underworld steals an estimated $450 billion a year from corporations and individuals. It’s a place that is a threat to everyone and it’s not going away anytime soon.

“The people behind the dark web are millions of individuals from major geo-political regions across the globe,” he said. “Each major region has its own specialties. For example, Russia is focused heavily on underground economy and financial fraud and China, on cyberwarfare.”

Samtani is learning new things about the dark web every day. His research is seeks to find out how it all works, how it is used and most importantly, how to protect the unsuspecting public against its nefarious intentions.

“Many hackers are looking for easy targets – those individuals and organizations who are unaware of their cybersecurity posture,” he said. “Additionally, many hackers are looking to develop and take on the identities of individuals by piecing together their entire lives.”

There are millions of bad actors out there finding identity theft a simple exercise and Samtani’s research looks for ways to keep them from stealing lives.

“Rather than using a manual approach to sift through the vast quantities of unstructured data found within dark-web platforms,” he said, “I am developing artificial intelligence-based algorithms and systems to automatically extract key insights.

“Examples of my research include identifying how hacker language evolves over time (to identify new threats), augmenting social network analysis methodologies with deep learning to capture a comprehensive set of information about each hacker and designing algorithms to effectively cross the language barrier to identify cyber-threats in non-English platforms.” 

“Cybersecurity has emerged as one of modern society’s grand societal challenges,” he said. “Everyone using modern-day information systems is at risk of being breached. Within the context of cybersecurity, many organizations are focused on developing proactive cyber-threat intelligence to study the hackers directly in their environment to extract knowledge about emerging threats.

“Moreover,” he said, “such a research topic aligns well with mission of the Muma College of Business and the University of South Florida to become a global leader in cybersecurity research and education.”

Samtani began teaching at USF last semester, coming from the University of Arizona’s Management Information Systems Department where he designed and developed cyber-threat intelligence courses. Not just a researcher, he, in 2016, earned the James F. LaSalle Award for Teaching Excellence.

Samtani’s hope is that his research will provide a new generation of students with the tools they need to develop measures to protect the public from these denizens of the dark web. He also is ready to share his research with entities out there that can take proactive steps.

“On a research level,” he said, “I hope to transition some of the algorithms and systems I am developing into government, industry and law enforcement organizations to make a real-world impact for cyber-threat intelligence professionals, so they can do their jobs with optimal levels of efficiency and effectiveness.”