Social Psychology: An under-used tool in Cybersecurity

In cyber-security the weakest link is often seen as the human factor. This has led to discussions about the optimal methods in preventing cyber security breaches. This paper proposes that the fusion of cybersecurity and social psychology can inform and advance attempts to educate those on both sides of the law. Awareness and education will lead to more effective communication between parties and greater understanding of the risks and consequences for cyber attackers and defenders alike

Idiographic Digital Profiling: Behavioral Analysis Based On Digital Forensics

Idiographic digital profiling (IDP) is the application of behavioral analysis to the field of digital forensics. Previous work in this field takes a nomothetic approach to behavioral analysis by attempting to understand the aggregate behaviors of cybercriminals. This work is the first to take an idiographic approach by examining a particular subject\u27s digital footprints for immediate use in an ongoing investigation. IDP provides a framework for investigators to analyze digital behavioral evidence for the purposes of case planning, subject identification, lead generation, obtaining and executing warrants, and prosecuting offenders

Tracking Criminals on Facebook: A Case Study From A Digital Forensics REU Program

The 2014 Digital Forensics Research Experience for Undergraduates (REU) Program at the University of Alabama at Birmingham (UAB) focused its summer efforts on tracking criminal forums and Facebook groups. The UAB-REU Facebook team was provided with a list of about 60 known criminal groups on Facebook, with a goal to track illegal information posted in these groups and ultimately store the information in a searchable database for use by digital forensic analysts. Over the course of about eight weeks, the UAB-REU Facebook team created a database with over 400 Facebook groups conducting criminal activity along with over 100,000 unique users within these groups. As of November 2014, students involved in the research project with Advisor Gary Warner at UAB continued running the automated fetchers since my summer projected completed. Working with U.S. Federal Law Enforcement agencies, there have been at least NINE CONFIRMED ARRESTS of individuals associated with the illegal activities tracked on Facebook. This paper will discuss the methods used to collect the information, store it in a database and analyze the data. The paper will also present possible future uses of the Facebook criminal activity-monitoring tool. Keywords: social media, criminal organizations, online crime, social network monitorin

Behavioural Evidence Analysis Applied to Digital Forensics: An Empirical Analysis of Child Pornography Cases using P2P Networks

The utility of Behavioural Evidence Analysis (BEA) has gained attention in the field of Digital Forensics in recent years. It has been recognized that, along with technical examination of digital evidence, it is important to learn as much as possible about the individuals behind an offence, the victim(s) and the dynamics of a crime. This can assist the investigator in producing a more accurate and complete reconstruction of the crime, in interpreting associated digital evidence, and with the description of investigative findings. Despite these potential benefits, the literature shows limited use of BEA for the investigation of cases of the possession and dissemination of Sexually Exploitative Imagery of Children (SEIC). This paper represents a step towards filling this gap. It reports on the forensic analysis of 15 SEIC cases involving P2P filesharing networks, obtained from the Dubai Police. Results confirmed the predicted benefits and indicate that BEA can assist digital forensic practitioners and prosecutors

A Cybercrime Taxonomy: Case of the Jamaican Jurisdiction

Cybercrimes over the years have become both increasingly numerous and sophisticated. This paper presents a taxonomy for cybercrimes that can be used for the analysis and categorization of such crimes, as well as providing consistency in language when describing cybercrimes. This taxonomy is designed to be useful to information bodies such as the Jamaican Cybercrime Unit, who have to handle and categorize an ever increasing number of cybercrimes on a daily basis. Additionally, cybercrime investigators could use the taxonomy to communicate more effectively as the taxonomy would provide a common classification scheme. The proposed taxonomy uses the concept of characteristics structure. That is, the taxonomy classifies properties about that which is being classified and not by the object itself. The taxonomy consists of characteristics which provide a holistic taxonomy in order to deal with inherent problems in the cybercrime field

Measuring Hacking Ability Using a Conceptual Expertise Task

Hackers pose a continuous and unrelenting threat to organizations. Industry and academic researchers alike can benefit from a greater understanding of how hackers engage in criminal behavior. A limiting factor of hacker research is the inability to verify that self-proclaimed hackers participating in research actually possess their purported knowledge and skills. This paper presents current work in developing and validating a conceptual-expertise based tool that can be used to discriminate between novice and expert hackers. The implications of this work are promising since behavioral information systems researchers operating in the information security space will directly benefit from the validation of this tool. Keywords: hacker ability, conceptual expertise, skill measuremen

Psychological Profiling of Hacking Potential

This paper investigates the psychological traits of individuals’ attraction to engaging in hacking behaviors (both ethical and illegal/unethical) upon entering the workforce. We examine the role of the Dark Triad, Opposition to Authority and Thrill-Seeking traits as regards the propensity of an individual to be interested in White Hat, Black Hat, and Grey Hat hacking. A new set of scales were developed to assist in the delineation of the three hat categories. We also developed a scale to measure each subject’s perception of the probability of being apprehended for violating privacy laws. Engaging in criminal activity involves a choice where there are consequences and opportunities, and individuals perceive them differently, but they can be deterred if there is a likelihood of punishment, and the punishment is severe. The results suggest that individuals that are White Hat, Grey Hat and Black Hat hackers score high on the Machiavellian and Psychopathy scales. We also found evidence that Grey Hatters oppose authority, Black Hatters score high on the thrill-seeking dimension and White Hatters, the good guys, tend to be Narcissists. Thrill-seeking was moderately important for White Hat hacking and Black hat hacking. Opposition to Authority was important for Grey Hat hacking. Narcissism was not statistically significant in any of the models. The probability of being apprehended had a negative effect on Grey Hat and Black Hat hacking. Several suggestions will be made on what organizations can do to address insider threats

The interaction of dark traits with the perceptions of apprehension

This paper integrates dark personality traits with the economics of crime and rational choice theories to identify the role that the Dark Triad and thrill-seeking have on the perceptions of being caught engaging in violating privacy laws. Psychopathy and thrill-seeking had a moderate negative effect on the perceptions of the probability of being apprehended for distributing illegally obtained healthcare information. The implication is that individuals scoring high on the psychopathy and thrill-seeking scales will need less money or monetary incentives to violate HIPAA laws. We also found additional support that white hat hackers score high on the Machiavellian, psychopathy and thrill-seeking scales. We also validated a previous finding that a white hat hacker might drift towards grey hat and black hat hacking