You Might Have Known It Earlier: Analyzing the Role of Underground Forums in Threat Intelligence
Authors: 
Tommaso Paladini, Lara Ferro, Mario Polino, 
Stefano Zanero, Michele CarminatiAuthors Info & Claims
Tommaso Paladini, Lara Ferro, Mario Polino, Stefano Zanero, Michele CarminatiAuthors Info & ClaimsPages 368 - 383
Abstract
This paper analyzes 88 million hacker forum posts of a publicly available dataset and 75,000 online articles over a 20-year timespan, studying the potential of hacker forums as a proactive Cyber Threat Intelligence (CTI) source. Using a custom Natural Language Processing pipeline with fine-tuned BERT-based models, we extract named entities from forum posts and reports and cross-reference their date of occurrence over different periods. Our analysis reveals that discussions on hacker forums precede official security reports for over 60% of the identified entities in 20 years of data. This highlights the relevance of these platforms as early indicators of cyber threats. However, our longitudinal analysis shows that such a trend has been constantly decreasing since 2012: forum discussions no longer consistently anticipate threats discussed in cybersecurity reports, possibly due to increased scrutiny or the emergence of alternative channels. This suggests that the CTI community should adapt by identifying and monitoring new platforms where threat actors congregate. Despite not being as thriving as in the first decade of 2000, underground communities are still releasing novel malware and showing interest in discussing malware employed in real cyberattacks. Our results highlight the value of hacker forums as early threat indicators and the importance of proactively monitoring them for potential cyberattack detection. This approach addresses the research gap that predominantly focuses on traditional cybersecurity reports.
References
[1]
[n. d.]. Industrial-strength natural language processing. https://spacy.io/
[2]
[n. d.]. Threat Intelligence Market Size, Share, Growth & Trends [2030] — fortunebusinessinsights.com. https://www.fortunebusinessinsights.com/threat-intelligence-market-102984. [Accessed 18-03-2024].
[3]
abuse.ch. [n. d.]. URLhaus | Malware URL exchange. https://urlhaus.abuse.ch/
[4]
Victor Adewopo, Bilal Gonen, and Festus Adewopo. 2020. Exploring Open Source Information for Cyber Threat Intelligence. In 2020 IEEE International Conference on Big Data (IEEE BigData 2020), Atlanta, GA, USA, December 10-13, 2020, Xintao Wu, Chris Jermaine, Li Xiong, Xiaohua Hu, Olivera Kotevska, Siyuan Lu, Weija Xu, Srinivas Aluru, Chengxiang Zhai, Eyhab Al-Masri, Zhiyuan Chen, and Jeff Saltz (Eds.). IEEE, 2232–2241. https://doi.org/10.1109/BIGDATA50022.2020.9378220
[5]
Benjamin Ampel, Sagar Samtani, Hongyi Zhu, Steven Ullman, and Hsinchun Chen. 2020. Labeling Hacker Exploits for Proactive Cyber Threat Intelligence: A Deep Transfer Learning Approach. In IEEE International Conference on Intelligence and Security Informatics, ISI 2020, Arlington, VA, USA, November 9-10, 2020. IEEE, 1–6. https://doi.org/10.1109/ISI49825.2020.9280548
[6]
Randa Basheer and Bassel Alkhatib. 2021. Threats from the Dark: A Review over Dark Web Investigation Research for Cyber Threat Intelligence. J. Comput. Networks Commun. 2021 (2021), 1302999:1–1302999:21. https://doi.org/10.1155/2021/1302999
[7]
Bitdefender. [n. d.]. Technical Advisory: Various Threat Actors Targeting ManageEngine Exploit CVE-2022-47966. https://www.bitdefender.com/blog/businessinsights/tech-advisory-manageengine-cve-2022-47966/
[8]
Blackberry. [n. d.]. Agent Tesla Malware. https://www.blackberry.com/us/en/solutions/endpoint-security/ransomware-protection/agent-tesla
[9]
Tom B. Brown, Benjamin Mann, Nick Ryder, Melanie Subbiah, Jared Kaplan, Prafulla Dhariwal, Arvind Neelakantan, Pranav Shyam, Girish Sastry, Amanda Askell, Sandhini Agarwal, Ariel Herbert-Voss, Gretchen Krueger, Tom Henighan, Rewon Child, Aditya Ramesh, Daniel M. Ziegler, Jeffrey Wu, Clemens Winter, Christopher Hesse, Mark Chen, Eric Sigler, Mateusz Litwin, Scott Gray, Benjamin Chess, Jack Clark, Christopher Berner, Sam McCandlish, Alec Radford, Ilya Sutskever, and Dario Amodei. 2020. Language Models are Few-Shot Learners. In Advances in Neural Information Processing Systems 33: Annual Conference on Neural Information Processing Systems 2020, NeurIPS 2020, December 6-12, 2020, virtual, Hugo Larochelle, Marc’Aurelio Ranzato, Raia Hadsell, Maria-Florina Balcan, and Hsuan-Tien Lin (Eds.). https://proceedings.neurips.cc/paper/2020/hash/1457c0d6bfcb4967418bfb8ac142f64a-Abstract.html
[10]
Chia-Mei Chen, Dan-Wei Wen, Ya-Hui Ou, Wei-Chih Chao, and Zheng-Xun Cai. 2021. Retrieving potential cybersecurity information from hacker forums. Int. J. Netw. Secur 23, 6 (2021), 1126–1138.
[11]
CISA. 2018. Quasar Open-Source Remote Administration Tool. https://www.cisa.gov/news-events/analysis-reports/ar18-352a
[12]
Richard Colbaugh and Kristin Glass. 2011. Proactive defense for evolving cyber threats. In 2011 IEEE International Conference on Intelligence and Security Informatics, ISI 2011, Beijing, China, 10-12 July, 2011. IEEE, 125–130. https://doi.org/10.1109/ISI.2011.5984062
[13]
Cyble. [n. d.]. EvilCoder Project Selling Multiple Dangerous Tools Online. https://cyble.com/blog/evilcoder-project-selling-multiple-dangerous-tools-online/
[14]
Nathan Deguara, Junaid Arshad, Anum Paracha, and Muhammad Ajmal Azad. 2022. Threat Miner - A Text Analysis Engine for Threat Identification Using Dark Web Data. In IEEE International Conference on Big Data, Big Data 2022, Osaka, Japan, December 17-20, 2022, Shusaku Tsumoto, Yukio Ohsawa, Lei Chen, Dirk Van den Poel, Xiaohua Hu, Yoichi Motomura, Takuya Takagi, Lingfei Wu, Ying Xie, Akihiro Abe, and Vijay Raghavan (Eds.). IEEE, 3043–3052. https://doi.org/10.1109/BIGDATA55660.2022.10020397
[15]
Isuf Deliu, Carl Leichter, and Katrin Franke. 2017. Extracting cyber threat intelligence from hacker forums: Support vector machines versus convolutional neural networks. In 2017 IEEE International Conference on Big Data (IEEE BigData 2017), Boston, MA, USA, December 11-14, 2017, Jian-Yun Nie, Zoran Obradovic, Toyotaro Suzumura, Rumi Ghosh, Raghunath Nambiar, Chonggang Wang, Hui Zang, Ricardo Baeza-Yates, Xiaohua Hu, Jeremy Kepner, Alfredo Cuzzocrea, Jian Tang, and Masashi Toyoda (Eds.). IEEE Computer Society, 3648–3656. https://doi.org/10.1109/BIGDATA.2017.8258359
[16]
Jacob Devlin, Ming-Wei Chang, Kenton Lee, and Kristina Toutanova. 2019. BERT: Pre-training of Deep Bidirectional Transformers for Language Understanding. In Proceedings of the 2019 Conference of the North American Chapter of the Association for Computational Linguistics: Human Language Technologies, NAACL-HLT 2019, Minneapolis, MN, USA, June 2-7, 2019, Volume 1 (Long and Short Papers), Jill Burstein, Christy Doran, and Thamar Solorio (Eds.). Association for Computational Linguistics, 4171–4186. https://doi.org/10.18653/V1/N19-1423
[17]
Nuno Dionísio, Fernando Alves, Pedro Miguel Ferreira, and Alysson Bessani. 2019. Cyberthreat Detection from Twitter using Deep Neural Networks. In International Joint Conference on Neural Networks, IJCNN 2019 Budapest, Hungary, July 14-19, 2019. IEEE, 1–8. https://doi.org/10.1109/IJCNN.2019.8852475
[18]
Harm Griffioen, Tim Booij, and Christian Doerr. 2020. Quality evaluation of cyber threat intelligence feeds. In Applied Cryptography and Network Security: 18th International Conference, ACNS 2020, Rome, Italy, October 19–22, 2020, Proceedings, Part II 18. Springer, 277–296.
[19]
John Grisham, Sagar Samtani, Mark W. Patton, and Hsinchun Chen. 2017. Identifying mobile malware and key threat actors in online hacker forums for proactive cyber threat intelligence. In 2017 IEEE International Conference on Intelligence and Security Informatics, ISI 2017, Beijing, China, July 22-24, 2017. IEEE, 13–18. https://doi.org/10.1109/ISI.2017.8004867
[20]
Jack Hughes, Seth Aycock, Andrew Caines, Paula Buttery, and Alice Hutchings. 2020. Detecting Trending Terms in Cybersecurity Forum Discussions. In Proceedings of the Sixth Workshop on Noisy User-generated Text, W-NUT@EMNLP 2020 Online, November 19, 2020, Wei Xu, Alan Ritter, Tim Baldwin, and Afshin Rahimi (Eds.). Association for Computational Linguistics, 107–115. https://doi.org/10.18653/V1/2020.WNUT-1.15
[21]
HYPR. [n. d.]. EternalBlue. https://www.hypr.com/security-encyclopedia/eternalblue
[22]
Risul Islam, Md Omar Faruk Rokon, Evangelos E. Papalexakis, and Michalis Faloutsos. 2020. TenFor: A Tensor-Based Tool to Extract Interesting Events from Security Forums. In IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining, ASONAM 2020, The Hague, Netherlands, December 7-10, 2020, Martin Atzmüller, Michele Coscia, and Rokia Missaoui (Eds.). IEEE, 515–522. https://doi.org/10.1109/ASONAM49781.2020.9381356
[23]
Youngjin Jin, Eugene Jang, Jian Cui, Jin-Woo Chung, Yongjae Lee, and Seungwon Shin. 2023. DarkBERT: A Language Model for the Dark Side of the Internet. In Proceedings of the 61st Annual Meeting of the Association for Computational Linguistics (Volume 1: Long Papers), ACL 2023, Toronto, Canada, July 9-14, 2023, Anna Rogers, Jordan L. Boyd-Graber, and Naoaki Okazaki (Eds.). Association for Computational Linguistics, 7515–7533. https://doi.org/10.18653/V1/2023.ACL-LONG.415
[24]
Hyeonseong Jo, Yongjae Lee, and Seungwon Shin. 2022. Vulcan: Automatic extraction and analysis of cyber threat intelligence from unstructured text. Comput. Secur. 120 (2022), 102763. https://doi.org/10.1016/J.COSE.2022.102763
[25]
Nayeon Lee, Wei Ping, Peng Xu, Mostofa Patwary, Pascale Fung, Mohammad Shoeybi, and Bryan Catanzaro. 2022. Factuality Enhanced Language Models for Open-Ended Text Generation. In Advances in Neural Information Processing Systems 35: Annual Conference on Neural Information Processing Systems 2022, NeurIPS 2022, New Orleans, LA, USA, November 28 - December 9, 2022, Sanmi Koyejo, S. Mohamed, A. Agarwal, Danielle Belgrave, K. Cho, and A. Oh (Eds.). http://papers.nips.cc/paper_files/paper/2022/hash/df438caa36714f69277daa92d608dd63-Abstract-Conference.html
[26]
Jing Li, Aixin Sun, Jianglei Han, and Chenliang Li. 2022. A Survey on Deep Learning for Named Entity Recognition. IEEE Trans. Knowl. Data Eng. 34, 1 (2022), 50–70. https://doi.org/10.1109/TKDE.2020.2981314
[27]
Vector Guo Li, Matthew Dunn, Paul Pearce, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage. 2019. Reading the Tea leaves: A Comparative Analysis of Threat Intelligence. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 851–867. https://www.usenix.org/conference/usenixsecurity19/presentation/li
[28]
Zhenyuan Li, Jun Zeng, Yan Chen, and Zhenkai Liang. 2022. AttacKG: Constructing Technique Knowledge Graph from Cyber Threat Intelligence Reports. In Computer Security - ESORICS 2022 - 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26-30, 2022, Proceedings, Part I(Lecture Notes in Computer Science, Vol. 13554), Vijayalakshmi Atluri, Roberto Di Pietro, Christian Damsgaard Jensen, and Weizhi Meng (Eds.). Springer, 589–609. https://doi.org/10.1007/978-3-031-17140-6_29
[29]
Matteo Liberato. 2022. SecBERT: Analyzing reports using BERT-like models. Master’s thesis. University of Twente.
[30]
Yinhan Liu, Myle Ott, Naman Goyal, Jingfei Du, Mandar Joshi, Danqi Chen, Omer Levy, Mike Lewis, Luke Zettlemoyer, and Veselin Stoyanov. 2019. RoBERTa: A Robustly Optimized BERT Pretraining Approach. CoRR abs/1907.11692 (2019). arXiv:1907.11692http://arxiv.org/abs/1907.11692
[31]
Kadir Burak Mavzer, Ewa Konieczna, Henrique Alves, Cagatay Yucel, Ioannis Chalkias, Dimitrios Mallis, Deniz Cetinkaya, and Luis Angel Galindo Sanchez. 2021. Trust and quality computation for cyber threat intelligence sharing platforms. In 2021 IEEE International Conference on Cyber Security and Resilience (CSR). IEEE, 360–365.
[32]
Rob McMillan. 2013. Definition: threat intelligence. Gartner. com 5 (2013).
[33]
Andrei Mikheev, Marc Moens, and Claire Grover. 1999. Named Entity Recognition without Gazetteers. In EACL 1999, 9th Conference of the European Chapter of the Association for Computational Linguistics, June 8-12, 1999, University of Bergen, Bergen, Norway. The Association for Computer Linguistics, 1–8. https://aclanthology.org/E99-1001/
[34]
OpenAI. 2024. GPT-4 is OpenAI’s most advanced system, producing safer and more useful responses. https://openai.com/index/gpt-4/
[35]
Sergio Pastrana, Alice Hutchings, Andrew Caines, and Paula Buttery. 2018. Characterizing Eve: Analysing Cybercrime Actors in a Large Underground Forum. In Research in Attacks, Intrusions, and Defenses - 21st International Symposium, RAID 2018, Heraklion, Crete, Greece, September 10-12, 2018, Proceedings(Lecture Notes in Computer Science, Vol. 11050), Michael D. Bailey, Thorsten Holz, Manolis Stamatogiannakis, and Sotiris Ioannidis (Eds.). Springer, 207–227. https://doi.org/10.1007/978-3-030-00470-5_10
[36]
Sergio Pastrana, Daniel R. Thomas, Alice Hutchings, and Richard Clayton. 2018. CrimeBB: Enabling Cybercrime Research on Underground Forums at Scale. In Proceedings of the 2018 World Wide Web Conference on World Wide Web, WWW 2018, Lyon, France, April 23-27, 2018, Pierre-Antoine Champin, Fabien Gandon, Mounia Lalmas, and Panagiotis G. Ipeirotis (Eds.). ACM, 1845–1854. https://doi.org/10.1145/3178876.3186178
[37]
Ildiko Pete, Jack Hughes, Yi Ting Chua, and Maria Bada. 2020. A Social Network Analysis and Comparison of Six Dark Web Forums. In IEEE European Symposium on Security and Privacy Workshops, EuroS&P Workshops 2020, Genoa, Italy, September 7-11, 2020. IEEE, 484–493. https://doi.org/10.1109/EUROSPW51379.2020.00071
[38]
Daniel Plohmann, Martin Clauss, Steffen Enders, and Elmar Padilla. 2017. Malpedia: a collaborative effort to inventorize the malware landscape. Proceedings of the Botconf (2017).
[39]
Md. Rayhanur Rahman, Rezvan Mahdavi-Hezaveh, and Laurie A. Williams. 2023. What Are the Attackers Doing Now? Automating Cyberthreat Intelligence Extraction from Text on Pace with the Changing Threat Landscape: A Survey. ACM Comput. Surv. 55, 12 (2023), 241:1–241:36. https://doi.org/10.1145/3571726
[40]
Sagar Samtani, Kory Chinn, Cathy Larson, and Hsinchun Chen. 2016. AZSecure Hacker Assets Portal: Cyber threat intelligence and malware analysis. In IEEE Conference on Intelligence and Security Informatics, ISI 2016, Tucson, AZ, USA, September 28-30, 2016. IEEE, 19–24. https://doi.org/10.1109/ISI.2016.7745437
[41]
Sangfor Technologies. 2023. Comparing Proactive vs. Reactive Cybersecurity in 2023. https://www.sangfor.com/blog/cybersecurity/proactive-vs-reactive-cybersecurity-2023
[42]
Anna Sapienza, Alessandro Bessi, Saranya Damodaran, Paulo Shakarian, Kristina Lerman, and Emilio Ferrara. 2018. Early Warnings of Cyber Threats in Online Discussions. CoRR abs/1801.09781 (2018). arXiv:1801.09781http://arxiv.org/abs/1801.09781
[43]
Anna Sapienza, Sindhu Kiranmai Ernala, Alessandro Bessi, Kristina Lerman, and Emilio Ferrara. 2018. DISCOVER: Mining Online Chatter for Emerging Cyber Threats. In Companion of the The Web Conference 2018 on The Web Conference 2018, WWW 2018, Lyon, France, April 23-27, 2018, Pierre-Antoine Champin, Fabien Gandon, Mounia Lalmas, and Panagiotis G. Ipeirotis (Eds.). ACM, 983–990. https://doi.org/10.1145/3184558.3191528
[44]
Kiavash Satvat, Rigel Gjomemo, and V. N. Venkatakrishnan. 2021. Extractor: Extracting Attack Behavior from Threat Reports. In IEEE European Symposium on Security and Privacy, EuroS&P 2021, Vienna, Austria, September 6-10, 2021. IEEE, 598–615. https://doi.org/10.1109/EUROSP51992.2021.00046
[45]
Thomas Schaberreiter, Veronika Kupfersberger, Konstantinos Rantos, Arnolnt Spyros, Alexandros Papanikolaou, Christos Ilioudis, and Gerald Quirchmayr. 2019. A Quantitative Evaluation of Trust in the Quality of Cyber Threat Intelligence Sources. In Proceedings of the 14th International Conference on Availability, Reliability and Security (Canterbury, CA, United Kingdom) (ARES ’19). Association for Computing Machinery, New York, NY, USA, Article 83, 10 pages. https://doi.org/10.1145/3339252.3342112
[46]
SecurityWeek. [n. d.]. Developers of Android RAT DroidJack Traced to India. https://www.securityweek.com/developers-android-rat-droidjack-traced-india/
[47]
Sophos News. [n. d.]. Is the Angler exploit kit dead?https://news.sophos.com/en-us/2016/06/16/is-angler-exploit-kit-dead/
[48]
Talos Intelligence. [n. d.]. Typhon Reborn V2: Updated stealer features enhanced anti-analysis and evasion capabilities. https://blog.talosintelligence.com/typhon-reborn-v2-features-enhanced-anti-analysis/
[49]
The Hacker News. [n. d.]. Researchers Warn of "Eternity Project" Malware Service Being Sold via Telegram. https://thehackernews.com/2022/05/researchers-warn-of-eternity-project.html
[50]
Andrea Tundis, Samuel Ruppert, and Max Mühlhäuser. 2020. On the automated assessment of open-source cyber threat intelligence sources. In Computational Science–ICCS 2020: 20th International Conference, Amsterdam, The Netherlands, June 3–5, 2020, Proceedings, Part II 20. Springer, 453–467.
[51]
Anh V. Vu, Jack Hughes, Ildiko Pete, Ben Collier, Yi Ting Chua, Ilia Shumailov, and Alice Hutchings. 2020. Turning Up the Dial: the Evolution of a Cybercrime Market Through Set-up, Stable, and Covid-19 Eras. In IMC ’20: ACM Internet Measurement Conference, Virtual Event, USA, October 27-29, 2020. ACM, 551–566. https://doi.org/10.1145/3419394.3423636
[52]
Xuren Wang, Songheng He, Zihan Xiong, Xinxin Wei, Zhengwei Jiang, Sihan Chen, and Jun Jiang. 2022. APTNER: A Specific Dataset for NER Missions in Cyber Threat Intelligence Field. In 25th IEEE International Conference on Computer Supported Cooperative Work in Design, CSCWD 2022, Hangzhou, China, May 4-6, 2022. IEEE, 1233–1238. https://doi.org/10.1109/CSCWD54268.2022.9776031
[53]
Wired. [n. d.]. How the Boy Next Door Accidentally Built a Syrian Spy Tool. https://www.wired.com/2012/07/dark-comet-syrian-spy-tool/
[54]
Nianwen Xue. 2011. Steven Bird, Evan Klein and Edward Loper. Natural Language Processing with Python. O’Reilly Media, Inc 2009. ISBN: 978-0-596-51649-9. Nat. Lang. Eng. 17, 3 (2011), 419–424. https://doi.org/10.1017/S1351324910000306
[55]
Min Zhang. 2010. Introduction to Chinese Natural Language Processing Kam-Fai Wong, Wenjie Li, Ruifeng Xu, and Zheng-sheng Zhang (Chinese University of Hong Kong, Hong Kong Polytechnic University, City University of Hong Kong, and San Diego State University) Princeton, NJ: Morgan & Claypool (Synthesis Lectures on Human Language Technologies, edited by Graeme Hirst, volume 4), 2010, x+148 pp; paperbound, ISBN 978-1-59829-932-8, $40.00; e-book, ISBN 978-1-59829-933-5, $30.00 or by subscription. Comput. Linguistics 36, 4 (2010), 777–780. https://doi.org/10.1162/COLI_R_00024
[56]
Ziyun Zhu and Tudor Dumitras. 2018. ChainSmith: Automatically Learning the Semantics of Malicious Campaigns by Mining Threat Intelligence Reports. In 2018 IEEE European Symposium on Security and Privacy, EuroS&P 2018, London, United Kingdom, April 24-26, 2018. IEEE, 458–472. https://doi.org/10.1109/EUROSP.2018.00039
Index Terms
- You Might Have Known It Earlier: Analyzing the Role of Underground Forums in Threat Intelligence
Recommendations
Threat led advanced persistent threat penetration test
Cyber security attacks have been on the rise in recent years. One of the most destructive attacks are known as advanced persistent threat (APT) attacks which can inflict massive damages to a network. A common approach of testing the security of an IT ...
A heterogeneous graph-based approach for cyber threat attribution using threat intelligence
ICMLC '24: Proceedings of the 2024 16th International Conference on Machine Learning and ComputingCyber Threat attribution is the process of associating a cyberattack with the threat groups. This process is essential for enhancing defense strategies and enabling rapid response to threats, making threat attribution a critical component of an ...
Cyber threat intelligence sharing: Survey and research directions
AbstractCyber Threat Intelligence (CTI) sharing has become a novel weapon in the arsenal of cyber defenders to proactively mitigate increasing cyber attacks. Automating the process of CTI sharing, and even the basic consumption, has raised new ...
Comments
Information & Contributors
Information
Published In
September 2024
719 pages
ISBN:9798400709593
DOI:10.1145/3678890
Copyright © 2024 Owner/Author.
This work is licensed under a Creative Commons Attribution International 4.0 License.
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 30 September 2024
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
- TIM S.p.A.
Conference
RAID '24
RAID '24: The 27th International Symposium on Research in Attacks, Intrusions and Defenses
September 30 - October 2, 2024
Padua, Italy
Acceptance Rates
RAID '24 Paper Acceptance Rate 43 of 173 submissions, 25%;
Overall Acceptance Rate 43 of 173 submissions, 25%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 327Total Downloads
- Downloads (Last 12 months)327
- Downloads (Last 6 weeks)108
Reflects downloads up to 13 Jan 2025
Other Metrics
Citations
View Options
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML FormatLogin options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in