Identifying and Responding to Human and Software Behaviours in a Changing Cyber Threat Landscape
Lead investigator: Prof. Nathan L Clarke
Other researchers: Prof. Steven M Furnell, Dr Ingo Stengel
Project duration: 2013 - 2016
Funding source: EPSRC
Project description: Cybercrime is a multi-factor event. Using the left-realist criminological concept of the ‘square of crime’ (Young 1992) we can identify that crime rates and patterns are influenced by i) victims, ii) perpetrators, iii) the regulatory system and iv) the public. In the case of cybercrime, victims can be domestic users, businesses or the state; perpetrators are either human individuals or software (malware); regulatory bodies include the legal system, the police and the wider UK Information Assurance community; and the public include civil society and the various business communities. Each part of this ‘square of cybercrime’ is either directly or indirectly associated with the aetiology and prevalence of cyber attacks.
From a victim perspective, perceptions of risk and security and proactive/reactive behaviour to risk management has an impact on how well prepared a company or individual is to deal with cyber attacks. From a perpetrator perspective, malicious software, employees and social engineers have been a large factor of cybercrime in recent years. The regulatory reaction to cybercrimes, including legislative response and drives for multi-agency crime reduction and greater cooperation also shapes exposure to cyber attack. Public (and business) response via informal control such as market regulation, trust networks etc. also play a role in cybercrime reduction. This project aims to explore the ‘square of cybercrime’ from a multi-disciplinary perspective drawing upon computational, mathematical and social science methods. A multi-disciplinary consortium of computer scientists, mathematicians, psychologists, criminologists and economists will collaborate to build a probabilistic computational model (using Bayesian Belief Networks) of the ‘square of cybercrime’. This model will comprise of ‘hard’ technical and cost metrics and ‘soft’ human metrics as they relate to each corner of the ‘square’. An objective is to better understand each aspect of the ‘square of cybercrime’ in order to model its complexity. In doing so we will address: the behaviour of malware and human cyber perpetrators; the awareness of individuals of how to protect themselves against cybercrime; the awareness of businesses of the threats they face; and the response of criminal justice agencies to cybercrime.