Conceptualizing Cybercrime: Definitions, Typologies and Taxonomies

Cybercrime is becoming ever more pervasive and yet the lack of consensus surrounding what constitutes a cybercrime has a significant impact on society, legal and policy response, and academic research. Difficulties in understanding cybercrime begin with the variability in terminology and lack of consistency in cybercrime legislation across jurisdictions. In this review, using a structured literature review methodology, key cybercrime definitions, typologies and taxonomies were identified across a range of academic and non-academic (grey literature) sources. The findings of this review were consolidated and presented in the form of a new classification framework to understand cybercrime and cyberdeviance. Existing definitions, typologies and taxonomies were evaluated, and key challenges were identified. Whilst conceptualizing cybercrime will likely remain a challenge, this review provides recommendations for future work to advance towards a universal understanding of cybercrime phenomena as well as a robust and comprehensive classification system

Simple, Fast, and Accurate Cybercrime Detection on E-Government with Elastic Stack SIEM

Increased public activity in cyberspace (Internet) during the Covid-19 pandemic has also increased cybercrime cases with various attack targets, including E-Government services. Cybercrime is hidden and occurs unnoticed in E-Government, so handling it is challenging for all government agencies. The characteristics of E-Government are unique and different from other service systems in general, requiring extra anticipation for the prevention and handling of cybercrime attack threats. This research proposes log and event data analysis to detect cybercrime in e-Government using System Information and Event Management (SIEM). The main contribution of this research is a simple, fast, and accurate cybercrime detection process in the e-Government environment by increasing the level of log and event data analysis with the SIEM approach. SIEM technology based on machine learning and big data is implemented with Elastic Stack. The implemented technique can be used as a mitigation program against cybercrime threats that often attack and target e-Government. With simple, accurate, and fast cybercrime detection, it is expected to improve e-Government security and increase public confidence in public services organized by government agencies

Cyber Places, Crime Patterns, and Cybercrime Prevention: An Environmental Criminology and Crime Analysis approach through Data Science

For years, academics have examined the potential usefulness of traditional criminological theories to explain and prevent cybercrime. Some analytical frameworks from Environmental Criminology and Crime Analysis (ECCA), such as the Routine Activities Approach and Situational Crime Prevention, are frequently used in theoretical and empirical research for this purpose. These efforts have led to a better understanding of how crime opportunities are generated in cyberspace, thus contributing to advancing the discipline. However, with a few exceptions, other ECCA analytical frameworks — especially those based on the idea of geographical place— have been largely ignored. The limited attention devoted to ECCA from a global perspective means its true potential to prevent cybercrime has remained unknown to date. In this thesis we aim to overcome this geographical gap in order to show the potential of some of the essential concepts that underpin the ECCA approach, such as places and crime patterns, to analyse and prevent four crimes committed in cyberspace. To this end, this dissertation is structured in two phases: firstly, a proposal for the transposition of ECCA's fundamental propositions to cyberspace; and secondly, deriving from this approach some hypotheses are contrasted in four empirical studies through Data Science. The first study contrasts a number of premises of repeat victimization in a sample of more than nine million self-reported website defacements. The second examines the precipitators of crime at cyber places where allegedly fixed match results are advertised and the hyperlinked network they form. The third explores the situational contexts where repeated online harassment occurs among a sample of non-university students. And the fourth builds two metadata-driven machine learning models to detect online hate speech in a sample of Twitter messages collected after a terrorist attack. General results show (1) that cybercrimes are not randomly distributed in space, time, or among people; and (2) that the environmental features of the cyber places where they occur determine the emergence of crime opportunities. Overall, we conclude that the ECCA approach and, in particular, its place-based analytical frameworks can also be valid for analysing and preventing crime in cyberspace. We anticipate that this work can guide future research in this area including: the design of secure online environments, the allocation of preventive resources to high-risk cyber places, and the implementation of new evidence- based situational prevention measure

Advances in Cybercrime Prediction: A Survey of Machine, Deep, Transfer, and Adaptive Learning Techniques

Cybercrime is a growing threat to organizations and individuals worldwide, with criminals using increasingly sophisticated techniques to breach security systems and steal sensitive data. In recent years, machine learning, deep learning, and transfer learning techniques have emerged as promising tools for predicting cybercrime and preventing it before it occurs. This paper aims to provide a comprehensive survey of the latest advancements in cybercrime prediction using above mentioned techniques, highlighting the latest research related to each approach. For this purpose, we reviewed more than 150 research articles and discussed around 50 most recent and relevant research articles. We start the review by discussing some common methods used by cyber criminals and then focus on the latest machine learning techniques and deep learning techniques, such as recurrent and convolutional neural networks, which were effective in detecting anomalous behavior and identifying potential threats. We also discuss transfer learning, which allows models trained on one dataset to be adapted for use on another dataset, and then focus on active and reinforcement Learning as part of early-stage algorithmic research in cybercrime prediction. Finally, we discuss critical innovations, research gaps, and future research opportunities in Cybercrime prediction. Overall, this paper presents a holistic view of cutting-edge developments in cybercrime prediction, shedding light on the strengths and limitations of each method and equipping researchers and practitioners with essential insights, publicly available datasets, and resources necessary to develop efficient cybercrime prediction systems.Comment: 27 Pages, 6 Figures, 4 Table

Criminal Victimisation in Taiwan: an opportunity perspective

Environmental criminology concerns the role of opportunities (both people and objects) existing in the environment that make crimes more likely to occur. Research consistently shows that opportunity perspectives (particularly with regard to individuals’ lifestyles and routines) help in explaining the prevalence and concentration of crimes. However, there is a paucity of studies investigating crime patterns from an opportunity perspective both outside western countries and in relation to cybercrimes. Hence, it is not clear whether non-Western and online contexts exhibit similar patterns of crime as would be predicted by an opportunity perspective. This thesis is concerned with criminal victimisation in Taiwan – a less researched setting in the field of environmental criminology. It covers both offline victimisation (with a focus on burglary) and online victimisation from the aforementioned opportunity perspective. The goal of this thesis is to identify individual- and area-level characteristics that affect the patterns of victimisation in Taiwan. To achieve this, the thesis draws on a range of secondary datasets, including police recorded crime statistics, the Taiwan Area Victimisation Survey, and the Digital Opportunity Survey for Individuals and Households. With the application of quantitative modelling, the thesis suggests that the generalisability the lifestyle-routine activity approach in explaining crime patterns in Taiwan should be taken with caution. The findings provide partial support for its applicability in relation to burglary and cybercrime in Taiwan. Furthermore, the findings reported here in relation to patterns of repeat and near repeat victimisation depart from those observed in the western literature. The thesis concludes by discussing the implications of the findings for academic research and practice in crime prevention

Factors affecting reputational damage to organisations due to cyberattacks

The COVID-19 pandemic has brought massive online activities and increased cybersecurity incidents and cybercrime. As a result of this, the cyber reputation of organisations has also received increased scrutiny and global attention. Due to increased cybercrime, reputation displaying a more important role within risk management frameworks both within public and private institutions is vital. This study identifies key factors in determining reputational damage to public and private sector institutions through cyberattacks. Researchers conducted an extensive review of the literature, which addresses factors relating to risk management of reputation post-cyber breach. The study identified 42 potential factors, which were then classified using the STAR model. This model is an organisational design framework and was suitable due to its alignment with organisations. A qualitative study using semi-structured and structured questions was conducted with purposively selected cybersecurity experts in both public and private sector institutions. Data obtained from the expert forum were analysed using thematic analysis, which revealed that a commonly accepted definition for cyber reputation was lacking despite the growing use of the term "online reputation". In addition, the structured questions data were analysed using relative importance index rankings. The analysis results revealed significant factors in determining reputational damage due to cyberattacks, as well as highlighting reputation factor discrepancies between private and public institutions. Theoretically, this study contributes to the body of knowledge relating to cybersecurity of organisations. Practically, this research is expected to aid organisations to properly position themselves to meet cyber incidents and become more competitive in the post-COVID-19 era

The Dark Web Phenomenon: A Review and Research Agenda

The internet can be broadly divided into three parts: surface, deep and dark. The dark web has become notorious in the media for being a hidden part of the web where all manner of illegal activities take place. This review investigates how the dark web is being utilised with an emphasis on cybercrime, and how law enforcement plays the role of its adversary. The review describes these hidden spaces, sheds light on their history, the activities that they harbour – including cybercrime, the nature of attention they receive, and methodologies employed by law enforcement in an attempt to defeat their purpose. More importantly, it is argued that these spaces should be considered a phenomenon and not an isolated occurrence to be taken as merely a natural consequence of technology. This paper contributes to the area of dark web research by serving as a reference document and by proposing a research agenda

Availability Incidents in the Telecommunication Domain:A Literature Review

Non-availability incidents in public telecom services may have a wide-spread impact, such as disruption of internet services, mobile services, and land-line communication. This, in turn, may disrupt the life of consumers and citizens, and the provision of services by commercial and public organizations. These incidents are always analyzed and solved by the provider. In Europe, there is a legal obligation to report the analysis and solution of the incident to the national telecom regulator. However, these reports are highly confidential, and beyond some elementary descriptive statistics, they are not analyzed. This means that a significant opportunity is missed to draw lessons from these incidents, which could be valuable to other providers and to standardization bodies. In the LINC project, we aim to develop a method to draw lessons learned from registered non-availability incidents without compromising the confidentiality of those registrations. As a preparation for that, we have conducted a systematic literature review of non-availability incidents in public telecom services reported in the scientific and professional literature, to see what we can learn from the reported incident model and analysis methods used. In this report, we present an incident analysis taxonomy to establish a common terminological ground among researchers and practitioners.<br/