Cyber Places, Crime Patterns, and Cybercrime Prevention: An Environmental Criminology and Crime Analysis approach through Data Science

For years, academics have examined the potential usefulness of traditional criminological theories to explain and prevent cybercrime. Some analytical frameworks from Environmental Criminology and Crime Analysis (ECCA), such as the Routine Activities Approach and Situational Crime Prevention, are frequently used in theoretical and empirical research for this purpose. These efforts have led to a better understanding of how crime opportunities are generated in cyberspace, thus contributing to advancing the discipline. However, with a few exceptions, other ECCA analytical frameworks — especially those based on the idea of geographical place— have been largely ignored. The limited attention devoted to ECCA from a global perspective means its true potential to prevent cybercrime has remained unknown to date. In this thesis we aim to overcome this geographical gap in order to show the potential of some of the essential concepts that underpin the ECCA approach, such as places and crime patterns, to analyse and prevent four crimes committed in cyberspace. To this end, this dissertation is structured in two phases: firstly, a proposal for the transposition of ECCA's fundamental propositions to cyberspace; and secondly, deriving from this approach some hypotheses are contrasted in four empirical studies through Data Science. The first study contrasts a number of premises of repeat victimization in a sample of more than nine million self-reported website defacements. The second examines the precipitators of crime at cyber places where allegedly fixed match results are advertised and the hyperlinked network they form. The third explores the situational contexts where repeated online harassment occurs among a sample of non-university students. And the fourth builds two metadata-driven machine learning models to detect online hate speech in a sample of Twitter messages collected after a terrorist attack. General results show (1) that cybercrimes are not randomly distributed in space, time, or among people; and (2) that the environmental features of the cyber places where they occur determine the emergence of crime opportunities. Overall, we conclude that the ECCA approach and, in particular, its place-based analytical frameworks can also be valid for analysing and preventing crime in cyberspace. We anticipate that this work can guide future research in this area including: the design of secure online environments, the allocation of preventive resources to high-risk cyber places, and the implementation of new evidence- based situational prevention measure

Cyber Places, Crime Patterns, and Cybercrime Prevention: An Environmental Criminology and Crime Analysis approach through Data Science

For years, academics have examined the potential usefulness of traditional criminological theories to explain and prevent cybercrime. Some analytical frameworks from Environmental Criminology and Crime Analysis (ECCA), such as the Routine Activities Approach and Situational Crime Prevention, are frequently used in theoretical and empirical research for this purpose. These efforts have led to a better understanding of how crime opportunities are generated in cyberspace, thus contributing to advancing the discipline. However, with a few exceptions, other ECCA analytical frameworks —especially those based on the idea of geographical place— have been largely ignored. The limited attention devoted to ECCA from a global perspective means its true potential to prevent cybercrime has remained unknown to date. In this thesis we aim to overcome this geographical gap in order to show the potential of some of the essential concepts that underpin the ECCA approach, such as places and crime patterns, to analyse and prevent four crimes committed in cyberspace. To this end, this dissertation is structured in two phases: firstly, a proposal for the transposition of ECCA's fundamental propositions to cyberspace; and secondly, deriving from this approach some hypotheses are contrasted in four empirical studies through Data Science. The first study contrasts a number of premises of repeat victimization in a sample of more than nine million self-reported website defacements. The second examines the precipitators of crime at cyber places where allegedly fixed match results are advertised and the hyperlinked network they form. The third explores the situational contexts where repeated online harassment occurs among a sample of non-university students. And the fourth builds two metadata-driven machine learning models to detect online hate speech in a sample of Twitter messages collected after a terrorist attack. General results show (1) that cybercrimes are not randomly distributed in space, time, or among people; and (2) that the environmental features of the cyber places where they occur determine the emergence of crime opportunities. Overall, we conclude that the ECCA approach and, in particular, its place-based analytical frameworks can also be valid for analysing and preventing crime in cyberspace. We anticipate that this work can guide future research in this area including: the design of secure online environments, the allocation of preventive resources to high-risk cyber places, and the implementation of new evidence-based situational prevention measures.Durante años, los académicos han examinado la potencial utilidad de las teorías criminológicas tradicionales para tratar de explicar y prevenir el cibercrimen. Algunos marcos analíticos de la Criminología Ambiental y el Análisis Delictivo (ECCA), como el Enfoque de las Actividades Cotidianas y las Prevención Situacional del Crimen, se han utilizado frecuentemente en investigaciones teóricas y empíricas con este fin. Estos trabajos han permitido mejorar nuestra comprensión sobre cómo se generan las oportunidades delictivas en el ciberespacio, contribuyendo así al avance de la disciplina. Sin embargo, salvo contadas excepciones, el resto de los marcos analíticos de ECCA —especialmente aquellos basados en la idea de lugar geográfico— han sido ampliamente ignorados. La escasa atención prestada al enfoque desde una perspectiva global ha causado que todavía hoy se desconozca su verdadero potencial para prevenir el cibercrimen. En esta tesis tratamos de superar esta barrera geográfica para mostrar el potencial de algunos de los conceptos esenciales que vertebran el enfoque de ECCA, como los lugares y los patrones delictivos, para analizar y prevenir cuatro crímenes que se cometen en el ciberespacio. Para ello, esta disertación se estructura en dos fases: una primera, en la que se propone la transposición de las proposiciones fundamentales de ECCA al ciberespacio; y una segunda, en la que se derivan algunas hipótesis de este enfoque y se contrastan mediante la realización de cuatro estudios empíricos a través de la Ciencia de Datos. En el primer estudio se analizan una serie de premisas sobre victimización repetida en una muestra de más de nueve millones de desfiguraciones web auto reveladas. En el segundo, se examinan los precipitadores del crimen en los ciber lugares donde se ofertan resultados de partidos supuestamente amañados y la red de hipervínculos que conforman. En el tercero, se exploran los contextos situacionales donde ocurre el acoso en línea repetido en una muestra de estudiantes de enseñanzas no universitarias. Y, en el cuarto, se construyen dos modelos de aprendizaje automático basados en metadatos para detectar discurso de odio en línea en una muestra de mensajes de Twitter recogida tras un atentado terrorista. Los resultados generales muestran (1) que los cibercrímenes no se distribuyen aleatoriamente en el espacio, en el tiempo, ni entre las personas; y (2) que los elementos ambientales de los ciber lugares donde acontecen determinan la aparición de oportunidades delictivas. En conjunto, concluimos que el enfoque de ECCA y, en particular, sus marcos analíticos basados en lugares también pueden ser válidos para analizar y prevenir el crimen en el ciberespacio. Anticipamos que este trabajo puede guiar investigaciones futuras en este ámbito como: el diseño de entornos seguros en línea, la concentración de recursos preventivos en ciber lugares de alto riesgo, o la implementación de nuevas medidas de prevención situacional basadas en la evidencia aportada

The Annual Conference on the Human Factor in Cybercrime: An Analysis of Participation in the 2018 and 2019 Meetings

The Annual Conference on the Human Factor in Cybercrime is a small and specialised scientific event that aims to bring together scholars from around the world to present their research advances to a select audience. Its dynamic and linear format favours group discussions since all contributions are heard by all the attendants. This, together with its tailored social scheme, promotes interaction between members, which—in turn—leads to new collaborations. However, it has not yet been analysed whether the design of the conference actually encourages varied participation and fosters collaborative networks among its participants. The purpose of this chapter is to assess participation in the 2018 and 2019 editions to determine whether this is the case. Using descriptive analyses, here we show how participation in the conference has varied and examine the composition of the collaboration networks among the participants. The results show an increased and more diverse participation in the 2019 meeting along with a greater presence of stakeholders. Furthermore, the findings reveal that members of previously established organisations play an important role in cohering the network. Yet few connections exist between academia and practice. A further analysis of the strengths and weaknesses identified in the two editions of the conference serves to elaborate a series of recommendations for future editions

100% sure bets? Exploring the precipitation-control strategies of fixed-match informing websites and the environmental features of their networks

In recent years, many human activities have made cyberspace their preferred environment. This study focuses on the betting environment, specifically on fixed-match informing websites (FMIWs). These sites claim to be capable of selling tips about fixed sports events. They essentially act as vendors of confidential sources, allowing punters to place 100% sure bets. We hypothesize that cyber places for match-fixing tips facilitate deviant behaviors. Through systematic observation, we describe and quantify a set of 15 environmental features they share, which do not always belong to regulated online betting platforms. Findings from 78 FMIWs corroborate our hypothesis, as they support the relevance of Environmental Criminology theories applied to cybercrime. Additional exploration through hyperlink network analysis shows that FMIWs are highly homogeneous and have similar characteristics to the Tor network but differ from other illicit online environments such as sexual child exploitation networks or white supremacist communities. The characteristics of the network suggest that the business is more similar to a fraud scheme than an illicit market. Finally, the practical implications of the results for crime prevention and the directions for future research are outlined

Familial concentration of crime in a digital era: Criminal behavior among family members of cyber offenders

ENGLISH: A vast and growing body of research has shown that crime tends to run in families. However, previous studies focused only on traditional crimes and research on familial risk factors for cyber offending is very scarce. To address this gap in the literature, the present study examines the criminal behavior of the family members of a sample of cyber offenders prosecuted in the Netherlands. The sample consists of 979 cyber offenders prosecuted for computer trespassing between 2001 and 2018, and two matched groups of 979 traditional offenders and 979 non-offenders. Judicial information and kinship data from Dutch Statistics were used to measure criminal behavior among family members. Both traditional offenders and cyber offenders were found to be more likely to have criminal fathers, mothers, and siblings than non-offenders. Additional analyses, however, showed different patterns between cyber offenders who were only prosecuted for cyber offenses and those who also committed traditional crimes. While the former group of cyber offenders were similar to non-offenders in terms of family offending, the latter group of cyber offenders were more similar to traditional offenders. Overall, these results suggest that the traditional mechanisms of intergenerational transmission of crime can only partially explain cybercrime involvement. NEDERLANDS: Uit een groot en groeiend aantal onderzoeken blijkt dat criminaliteit vaak in families voorkomt. Eerdere studies richtten zich echter alleen op traditionele misdrijven en onderzoek naar familiaire risicofactoren voor cybercriminaliteit is zeer schaars. Om deze leemte in de literatuur op te vullen, onderzoekt deze studie het criminele gedrag van familieleden van een steekproef van cyberdelinquenten die in Nederland worden vervolgd. De steekproef bestaat uit 979 cyberdelinquenten die tussen 2001 en 2018 zijn vervolgd voor computervredebreuk, en twee gematchte groepen van 979 traditionele delinquenten en 979 niet-delinquenten. Justitiële informatie en verwantschapsgegevens van het Centraal Bureau voor de Statistiek werden gebruikt om crimineel gedrag onder familieleden te meten. Zowel traditionele daders als cybercriminelen bleken vaker criminele vaders, moeders en broers en zussen te hebben dan niet-daders. Aanvullende analyses lieten echter verschillende patronen zien tussen cyberdelinquenten die alleen werden vervolgd voor cyberdelicten en degenen die ook traditionele delicten pleegden. Terwijl de eerste groep cyberdelinquenten vergelijkbaar was met niet-delinquenten wat betreft gezinsdelinquentie, leek de tweede groep cyberdelinquenten meer op traditionele delinquenten. In het algemeen suggereren deze resultaten dat de traditionele mechanismen van intergenerationele overdracht van criminaliteit de betrokkenheid bij cybercriminaliteit slechts gedeeltelijk kunnen verklaren

Análisis conjunto de configuraciones de caso: una introducción al pensamiento configural

This paper establishes the first Spanish step-by-step guide to carry out a Conjunctive Analysis of Case Configurations (Miethe, Hart, & Regoeczi, 2008). It is defined as an exploratory technique for multivariate analysis of categorical data, which is an alternative to other traditional methods. Through its logical development, we intend to show a systematic method for data preparation that allows a wide range of analysis to be conducted on them, showing both the advantages it offers and its inherent limitations. To clearly illustrate its application process, two databases managed by the University of Michigan Institute for Social Research have been used: The National Incident Based Report System and The Law Enforcement Management and Administrative Statistics. The interpretation of results obtained by this technique allows reaching conclusions that may have important implications for several evidence based decision-making processes.El presente artículo constituye la primera guía paso a paso en castellano para llevar a cabo un Análisis Conjunto de Configuraciones de Caso (Miethe, Hart, & Regoeczi, 2008). Este se define como una técnica exploratoria para el análisis multivariado de datos categóricos que supone una alternativa a otros métodos tradicionales. Mediante su desarrollo lógico se pretende mostrar un método sistemático de preparación de datos que permite realizar con ellos una amplia gama de análisis, mostrando tanto las ventajas que brinda como las limitaciones que presenta. Para ilustrar claramente su proceso de aplicación se ha recurrido a dos bases de datos gestionadas por el Instituto de Investigación Social de la Universidad de Michigan: The National Incident Based Reporting System y The Law Enforcement Management and Administrative Statistics. La interpretación de los resultados de esta técnica permite alcanzar conclusiones que pueden tener importantes implicaciones en los distintos procesos de toma de decisiones basados en evidencias

Hate is in the air! But where? Introducing an algorithm to detect hate speech in digital microenvironments

Abstract With the objective of facilitating and reducing analysis tasks undergone by law enforcement agencies and service providers, and using a sample of digital messages (i.e., tweets) sent via Twitter following the June 2017 London Bridge terror attack (N = 200,880), the present study introduces a new algorithm designed to detect hate speech messages in cyberspace. Unlike traditional designs based on semantic and syntactic approaches, the algorithm hereby implemented feeds solely on metadata, achieving high level of precision. Through the application of the machine learning classification technique Random Forests, our analysis indicates that metadata associated with the interaction and structure of tweets are especially relevant to identify the content they contain. However, metadata of Twitter accounts are less useful in the classification process. Collectively, findings from the current study allow us to demonstrate how digital microenvironment patterns defined by metadata can be used to create a computer algorithm capable of detecting online hate speech. The application of the algorithm and the direction of future research in this area are discussed

Repeat victimization by website defacement: An empirical test of premises from an environmental criminology perspective

Repeat victimization has been widely studied from the perspective of environmental criminology for several decades. During this period, criminologists have identified a set of repeat victimization premises that are observed for many crimes; however, it is unknown whether these premises are also valid for cybercrime. In this study we rely on more than 9 million Zone-H data records from 2010 to 2017 to test whether these premises apply for the cybercrime of website defacement. We show that the phenomenon of repeat victimization is also observed in defaced cyber places (i.e. websites). In particular, we found that repeats contributed little to crime rates, that repeats occurred even several years after the original incident, that they were committed disproportionately by prolific offenders, and that few offenders returned to victimize previous targets. The results suggest that some traditional premises of repeat victimization may also be valid for understanding cybercrime events such as website defacement, implying that environmental criminology theories also constitute a useful framework for cybercrime analysis. The implications of these results in terms of criminological theory, cybercrime prevention, and the limitations derived from the use of Zone-H data are discusse