A Data Analytics Approach to the Cybercrime Underground Economy

Despite the rapid escalation of cyber threats, there has still been little research into the foundations of the subject or methodologies that could serve to guide information systems researchers and practitioners who deal with cybersecurity. In addition, little is known about crime-as-a-service (Caa...

Full description

Saved in:
Bibliographic Details
Published inIEEE access Vol. 6; pp. 26636 - 26652
Main Authors An, Jungkook, Kim, Hee-Woong
Format Journal Article
LanguageEnglish
Published Piscataway IEEE 01.01.2018
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Analytical models
Business
Classification
Computer crime
Crime
crimeware
Crimeware-as-a-Service
Cybercrime
Cybersecurity
Data analysis
design science research
Foundations
Government
hacking community
Informal economy
Information systems
machine learning
Rats
underground economy
Online AccessGet full text

Cover

More Information
Summary:Despite the rapid escalation of cyber threats, there has still been little research into the foundations of the subject or methodologies that could serve to guide information systems researchers and practitioners who deal with cybersecurity. In addition, little is known about crime-as-a-service (CaaS), a criminal business model that underpins the cybercrime underground. This research gap and the practical cybercrime problems we face have motivated us to investigate the cybercrime underground economy by taking a data analytics approach from a design science perspective. To achieve this goal, we: (1) propose a data analysis framework for analyzing the cybercrime underground; (2) propose CaaS and crimeware definitions; (3) propose an associated classification model, and (4) develop an example application to demonstrate how the proposed framework and classification model could be implemented in practice. We then use this application to investigate the cybercrime underground economy by analyzing a large data set obtained from the online hacking community. By taking a design science research approach, this paper contributes to the design artifacts, foundations, and methodologies in this area. Moreover, it provides useful practical insights to practitioners by suggesting guidelines as to how governments and organizations in all industries can prepare for attacks by the cybercrime underground.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2018.2831667