Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Information security wikipedia , lookup
Computer and network surveillance wikipedia , lookup
Mobile security wikipedia , lookup
Cyberwarfare wikipedia , lookup
Cyber-security regulation wikipedia , lookup
Cyberattack wikipedia , lookup
Computer security wikipedia , lookup
Crime Science + Information Security = Cyber Crime Science Pieter Hartel Marianne Junger Roel Wieringa 25-5-2017 1 What is the synergy? Two complementary questions How can Crime Science (CS) help Information Security? How can Information Security be used to prevent Cyber Crime? 25/05/2017 2 METHOD Systematic review of information technology literature Crime Science theories Not quantified 25/05/2017 3 MAIN POINTS 1. What has crime science to offer? 25/05/2017 4 1.1 Conceptual framework Routine activities approach Crime pattern theory Rational choice model of crime 25/05/2017 5 1.2 Situational prevention Situational crime prevention tools ‘25 techniques of crime preventions Checklists, e.g.: “CRAVED” & others 25/05/2017 6 CS: Routine activities approach (1) Clarke & Eck 25/05/2017 7 CS: Routine activities approach When RAA is translated to fit cyber-crime 1. RA = daily flow of online actions 2. Offenders: insiders / outsiders / specialized access 3. Who are the guardians? 25/05/2017 8 CS: Routine activities approach Who are the guardians? http://www.auctionbytes.com/cab/abu/y205/m02/abu0136/s02 25/05/2017 9 CS: Routine activities approach Place 1. IP address? Easy to change/Difficult to trace 2. Mobile base station of mobile phone, or address of ISP, wireless access point 3. Cliques: social networks 4. Online harassment: via social networks = ‘virtual meeting place’ 25/05/2017 10 CS: Routine activities approach Time Physical world: crime as serial Cyber world: at the same time: thousands of ‘crimes’ - phishing mails, etc. 25/05/2017 11 CS: Routine activities approach In a cyber-physical world: What distinguishes insiders from outsiders (or specialized access from regular access) Some people are both insiders and outsiders (e.g. consultants, free lancers, outsourcing providers) Can we observe the routine activities of potential offenders? What deterrence techniques are available for these categories and how effective are these techniques? Can we manipulate the value of stolen digital goods? What is proximity in a cyber-physical world? 25/05/2017 12 CS: Crime Pattern theory (2) Offenders find opportunities for crime during the daily journey between home, work, and leisure. Crime usually occurs in specific patterns and it is usually concentrated at particular places, and at particular times, i.e. hot spots. 25/05/2017 13 CS: Crime Pattern theory Prevention focuses on hotspot/hot times What are hotspots/hot times in cyberspace? Cyber criminals: Move physically Digitally ‘surf the net’ 25/05/2017 14 CS: Crime Pattern theory Can we monitor them, and how? Anonymity is easy in cyber-space and hard to lift We have to adapt law? 25/05/2017 15 CS: Rational choice model of crime (3) Criminal actors make a quick cost/benefit analysis of expected consequences of a crime Is this similar in cyber space? 25/05/2017 16 25 techniques of crime prevention In physical world 25/05/2017 17 25/05/2017 18 25 techniques of crime prevention In cyber space ? 25/05/2017 19 25 techniques of information security 25/05/2017 20 25 techniques of information security (1) A password or pin code used to authenticate a user; (2) Encryption of data to ensure that once encrypted, data can be read only when the correct decryption key is known; (3) A Firewall that is used to stop potentially malicious connections to a computer or network; (4) A De-Militarized Zone (DMZ) used to isolate the public web server of an organization from the internal network; (5) An Intrusion Detection System (IDS) used to stop potentially malicious information being sent to a computer or network; (6) A Virus scanner used to detect malicious code in the information being sent to a computer or network 25/05/2017 21 25 techniques of information security (7) Prompt software patching to remove vulnerabilities as soon as a correction has been published; (8) An RFID tag used to provide information about the product to which it is attached; (9) The Caller-ID feature of the Phone system used to inform the recipient of a telephone call who is calling; (10) An Audit log used to collect relevant operational data that can be analyzed when there is an incident; (11) An ISP used to assist its clients in using the information super highway responsibly; (12) User education, which is included in the list to show that we interpret Information Security in a broad sense 25/05/2017 22 CONCLUSION More ‘truly’ multi-disciplinary work We (criminologists) can learn for information security Information security can learn from us: theory/research methods 25/05/2017 23