crime science + information security = cyber crime science
DESCRIPTION
Crime Science + Information Security = Cyber Crime Science. Pieter Hartel Marianne Junger Roel Wieringa. What is the synergy?. Two complementary questions How can Crime Science (CS) help Information Security? How can Information Security be used to prevent Cyber Crime?. METHOD. - PowerPoint PPT PresentationTRANSCRIPT
22-04-23 1
Crime Science +Information Security =Cyber Crime Science
Pieter HartelMarianne Junger
Roel Wieringa
22/04/23 2
What is the synergy?
Two complementary questions How can Crime Science (CS) help
Information Security?
How can Information Security be used to prevent Cyber Crime?
22/04/23 3
METHOD
Systematic review of information technology literature
Crime Science theories Not quantified
22/04/23 4
MAIN POINTS
1. What has crime science to offer?
22/04/23 5
1.1 Conceptual framework
Routine activities approach
Crime pattern theory
Rational choice model of crime
22/04/23 6
1.2 Situational prevention
Situational crime prevention tools ‘25 techniques of crime preventions Checklists, e.g.: “CRAVED” & others
22/04/23 7
CS: Routine activities approach (1)
Clarke & Eck
22/04/23 8
CS: Routine activities approach
When RAA is translated to fit cyber-crime
1. RA = daily flow of online actions
2. Offenders: insiders / outsiders / specialized
access
3. Who are the guardians?
22/04/23 9
CS: Routine activities approachWho are the guardians?
http://www.auctionbytes.com/cab/abu/y205/m02/abu0136/s02
22/04/23 10
CS: Routine activities approach
Place1. IP address? Easy to change/Difficult to trace
2. Mobile base station of mobile phone, or address of ISP, wireless access point
3. Cliques: social networks
4. Online harassment: via social networks = ‘virtual meeting place’
22/04/23 11
CS: Routine activities approach
Time Physical world: crime as serial
Cyber world: at the same time: thousands of ‘crimes’ - phishing mails, etc.
22/04/23 12
CS: Routine activities approach
In a cyber-physical world: What distinguishes insiders from outsiders (or specialized
access from regular access)
Some people are both insiders and outsiders (e.g. consultants, free lancers, outsourcing providers)
Can we observe the routine activities of potential offenders?
What deterrence techniques are available for these categories and how effective are these techniques?
Can we manipulate the value of stolen digital goods?
What is proximity in a cyber-physical world?
22/04/23 13
CS: Crime Pattern theory (2)
Offenders find opportunities for crime during the daily journey between home, work, and leisure.
Crime usually occurs in specific patterns and it is usually concentrated at particular places, and at particular times, i.e. hot spots.
22/04/23 14
CS: Crime Pattern theory
Prevention focuses on hotspot/hot times
What are hotspots/hot times in cyber-
space?
Cyber criminals: Move physically
Digitally ‘surf the net’
22/04/23 15
CS: Crime Pattern theory
Can we monitor them, and how?
Anonymity is easy in cyber-space and hard to lift
We have to adapt law?
22/04/23 16
CS: Rational choice model of crime (3)
Criminal actors make a quick cost/benefit analysis of expected consequences of a crime
Is this similar in cyber space?
22/04/23 17
25 techniques of crime prevention
In physical world
22/04/23 18
22/04/23 19
25 techniques of crime prevention
In cyber space ?
22/04/23 20
25 techniques of information security
22/04/23 21
(1) A password or pin code used to authenticate a user;
(2) Encryption of data to ensure that once encrypted, data can be
read only when the correct decryption key is known;
(3) A Firewall that is used to stop potentially malicious connections
to a computer or network;
(4) A De-Militarized Zone (DMZ) used to isolate the public web
server of an organization from the internal network;
(5) An Intrusion Detection System (IDS) used to stop potentially
malicious information being sent to a computer or network;
(6) A Virus scanner used to detect malicious code in the information
being sent to a computer or network
25 techniques of information security
22/04/23 22
(7) Prompt software patching to remove vulnerabilities as soon as a
correction has been published;
(8) An RFID tag used to provide information about the product to which it
is attached;
(9) The Caller-ID feature of the Phone system used to inform the
recipient of a telephone call who is calling;
(10) An Audit log used to collect relevant operational data that can be
analyzed when there is an incident;
(11) An ISP used to assist its clients in using the information super
highway responsibly; (12) User education, which is included in the list
to show that we interpret Information Security in a broad sense
25 techniques of information security
22/04/23 23
CONCLUSION
More ‘truly’ multi-disciplinary work We (criminologists) can learn for
information security Information security can learn from
us: theory/research methods