Researchers compare cyber attackers, conventional criminals
An engineer and a criminologist at the University of Maryland–College Park are applying criminological concepts and research methods in the study of cybercrime, and looking at the relationship between computer-network activity patterns and computer-focused crime trends.
Michel Cukier, associate professor of reliability engineering at the A. James Clark School of Engineering and Institute for Systems Research, and David Maimon, assistant professor of criminology and criminal justice in the College of Behavioral and Social Sciences, are studying cyberattacks from two different angles — that of the user and that of the attacker. Both are members of the Maryland Cybersecurity Center.
Applying criminological rationale proposed by the “Routine Activities Perspective,” Maimon and Cukier analyzed computer focused crime trends between the years 2007-2009 against the university network.
According to this perspective, which is designed to understand criminal victimization trends, successful criminal incidents are the consequence of the convergence in space and time of motivated offenders, suitable victims, and the absence of capable guardians. The researchers hypothesized that the campus would be more likely to be cyber-attacked during business hours than during down times like after midnight and on weekends. Their study of the campus data confirmed their theories.
Cukier and Maimon said the results of their research point to the following potential solutions:
- Increased education and awareness of the risks associated with computer-assisted and computer-focused crimes among network users could prevent future attacks;
- Further defense strategies should rely on predictions regarding the sources of attacks, based on the network users’ social backgrounds and online routines.