Cyber-crime Science = Crime Science + Information Security

Cyber-crime Science is an emerging area of study aiming to prevent cyber-crime by combining security protection techniques from Information Security with empirical research methods used in Crime Science. Information security research has developed techniques for protecting the confidentiality, integrity, and availability of information assets but is less strong on the empirical study of the effectiveness of these techniques. Crime Science studies the effect of crime prevention techniques empirically in the real world, and proposes improvements to these techniques based on this. Combining both approaches, Cyber-crime Science transfers and further develops Information Security techniques to prevent cyber-crime, and empirically studies the effectiveness of these techniques in the real world. In this paper we review the main contributions of Crime Science as of today, illustrate its application to a typical Information Security problem, namely phishing, explore the interdisciplinary structure of Cyber-crime Science, and present an agenda for research in Cyber-crime Science in the form of a set of suggested research questions.

[1]  Donald E. Brown,et al.  The Regional Crime Analysis Program (ReCAP): a framework for mining data to catch criminals , 1998, SMC'98 Conference Proceedings. 1998 IEEE International Conference on Systems, Man, and Cybernetics (Cat. No.98CH36218).

[2]  Tibor Bosse,et al.  Comparing Crime Prevention Strategies by Agent-Based Simulation , 2009, 2009 IEEE/WIC/ACM International Joint Conference on Web Intelligence and Intelligent Agent Technology.

[3]  David D. Clark,et al.  Rethinking the design of the Internet , 2001, ACM Trans. Internet Techn..

[4]  Z. Morley Mao,et al.  Accurate Real-time Identication of IP Prex Hijacking , 2007 .

[5]  Simha Sethumadhavan,et al.  Tamper Evident Microprocessors , 2010, 2010 IEEE Symposium on Security and Privacy.

[6]  Martina Gillen,et al.  Copyrights and Copywrongs: The Rise of Intellectual Property and How it Threatens Creativity , 2004, Int. J. Law Inf. Technol..

[7]  Rebecca T. Mercuri Scoping identity theft , 2006, CACM.

[8]  Andrew J. Ungberg Protecting Privacy through a Responsible Decryption Policy , 2009 .

[9]  Tung-Ching Lin,et al.  An intention model-based study of software piracy , 1999, Proceedings of the 32nd Annual Hawaii International Conference on Systems Sciences. 1999. HICSS-32. Abstracts and CD-ROM of Full Papers.

[10]  Ajinkya Kulkarni,et al.  Reciprocity attacks , 2011, SOUPS.

[11]  Albert-László Barabási,et al.  Statistical mechanics of complex networks , 2001, ArXiv.

[12]  Helen Pearson,et al.  Public health: The demon drink , 2004, Nature.

[13]  Donald E. Brown,et al.  Spatial analysis with preference specification of latent decision makers for criminal event prediction , 2006, Decis. Support Syst..

[14]  Rob Miller,et al.  Johnny 2: a user test of key continuity management with S/MIME and Outlook Express , 2005, SOUPS '05.

[15]  Alex Hirschfield,et al.  Closing Off Opportunities for Crime: An Evaluation of Alley-Gating , 2004 .

[16]  Weiqing Sun,et al.  Practical Proactive Integrity Preservation: A Basis for Malware Defense , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[17]  Tibor Bosse,et al.  Cognitive and social simulation of criminal behaviour: the intermittent explosive disorder case , 2007, AAMAS '07.

[18]  D. Saunders The brave new world , 1999 .

[19]  R. Clarke Situational Crime Prevention: Successful Case Studies , 1992 .

[20]  Gang Liu,et al.  Smartening the crowds: computational techniques for improving human verification to fight phishing scams , 2011, SOUPS.

[21]  Lorraine Gamman,et al.  Thinking Thief - Designing out Misuse, Abuse and 'Criminal' Aesthetics , 2003 .

[22]  Lorrie Faith Cranor,et al.  Lessons from a real world evaluation of anti-phishing training , 2008, 2008 eCrime Researchers Summit.

[23]  James H. Aylor,et al.  Computer for the 21st Century , 1999, Computer.

[24]  Mikko T. Siponen,et al.  Software Piracy: Original Insights from a Criminological Perspective , 2008, Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008).

[25]  J. Hofste Hyves for criminals - A Case Study Showing the privacy risks of social networks , 2010 .

[26]  Donald E. Brown,et al.  An Outlier-based Data Association Method for Linking Criminal Incidents , 2003, SDM.

[27]  Paul Ekblom,et al.  Designing Products Against Crime , 2005 .

[28]  Moti Yung,et al.  Cryptovirology: extortion-based security threats and countermeasures , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[29]  Alexandre Padilla Review of Richard H. Thaler and Cass R. Sunstein, Nudge: Improving decisions about health, wealth, and happiness , 2009 .

[30]  Jennifer Jie Xu,et al.  Mining communities and their relationships in blogs: A study of online hate groups , 2007, Int. J. Hum. Comput. Stud..

[31]  Donald E. Brown,et al.  Detecting local regions of change in high-dimensional criminal or terrorist point processes , 2007, Comput. Stat. Data Anal..

[32]  Elizabeth R. Groff,et al.  Simulated experiments and their potential role in criminology and criminal justice , 2008 .

[33]  James Morris,et al.  Markets for attention: will postage for email help? , 2002, CSCW '02.

[34]  Ahmad-Reza Sadeghi,et al.  A Forensic Framework for Tracing Phishers , 2007, FIDIS.

[35]  J. Rubenfeld The Right of Privacy , 1989 .

[36]  B.C. Tompsett,et al.  Cyberprofiling: offender profiling and geographic profiling of crime on the Internet , 2005, Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005..

[37]  Susan W. Brenner,et al.  U.S. Cybercrime Law: Defining Offenses , 2004, Inf. Syst. Frontiers.

[38]  Donald E. Brown,et al.  Interactive Analysis of Computer Crimes , 2000, Computer.

[39]  Richard E. Tremblay,et al.  Early Prevention of Adult Antisocial Behaviour: Prevention during pregnancy, infancy and the preschool years , 2003 .

[40]  Roger Dingledine,et al.  On the Economics of Anonymity , 2003, Financial Cryptography.

[41]  W. Haddon The changing approach to the epidemiology, prevention, and amelioration of trauma: the transition to approaches etiologically rather than descriptively based. , 1968, American journal of public health and the nation's health.

[42]  J. Bauer,et al.  Emerging Threats to Internet Security: Incentives, Externalities and Policy Implications , 2009 .

[43]  Jennifer M. Overstreet,et al.  Book Review: Breaking and Entering: Burglars on Burglary , 2005 .

[44]  D. Cornish OPPORTUNITIES, PRECIPITATORS AND CRIMINAL DECISIONS: A REPLY TO WORTLEY'S CRITIQUE OF SITUATIONAL CRIME PREVENTION , 2003 .

[45]  Ari Juels,et al.  $evwu Dfw , 1998 .

[46]  Alessandro Soro,et al.  WebRogue: rendezvous in a web place , 2007, Int. J. Web Based Communities.

[47]  Lawrence E. Cohen,et al.  Social Change and Crime Rate Trends: A Routine Activity Approach , 1979 .

[48]  Nicolas Christin,et al.  Dissecting one click frauds , 2010, CCS '10.

[49]  David Brumley,et al.  Automatic Patch-Based Exploit Generation is Possible: Techniques and Implications , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[50]  Donald E. Brown,et al.  Using clustering to discover the preferences of computer criminals , 2001, IEEE Trans. Syst. Man Cybern. Part A.

[51]  Haining Wang,et al.  Anti-Phishing in Offense and Defense , 2008, 2008 Annual Computer Security Applications Conference (ACSAC).

[52]  Boris Skoric,et al.  ALGSICS - Combining Physics and Cryptography to Enhance Security and Privacy in RFID Systems , 2007, ESAS.

[53]  Christian Damsgaard Jensen,et al.  Privacy Recovery with Disposable Email Addresses , 2003, IEEE Secur. Priv..

[54]  Robert H. Langworthy,et al.  Measuring What Matters: Proceedings From the Policing Research Institute Meetings , 1999 .

[55]  Ronald V. Clarke,et al.  DIFFUSION OF CRIME CONTROL BENEFITS: OBSERVATIONS ON THE REVERSE OF DISPLACEMENT , 2006 .

[56]  Arno R. Lodder,et al.  Governmental filtering of websites: The Dutch case , 2009, Comput. Law Secur. Rev..

[57]  Lorrie Faith Cranor,et al.  School of phish: a real-world evaluation of anti-phishing training , 2009, SOUPS.

[58]  Manfred Kochen,et al.  On the economics of information , 1972, J. Am. Soc. Inf. Sci..

[59]  Steven J. Murdoch,et al.  Verified by Visa and MasterCard SecureCode: Or, How Not to Design Authentication , 2010, Financial Cryptography.

[60]  Gustavo S. Mesch Parental Mediation, Online Activities, and Cyberbullying , 2009, Cyberpsychology Behav. Soc. Netw..

[61]  R. Clarke Hot Products : understanding , anticipating and reducing demand for stolen goods , 1999 .

[62]  Christopher Soghoian Legal risks for phishing researchers , 2008, 2008 eCrime Researchers Summit.

[63]  Sarah Moylan,et al.  Superhighway Robbery: Preventing E-Commerce Crime, (Crime Science Series) , 2002 .

[64]  Bradford W. Reyns A situational crime prevention approach to cyberstalking victimization: Preventive tactics for Internet users and online place managers , 2010 .

[65]  Hari Balakrishnan,et al.  Fast portscan detection using sequential hypothesis testing , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[66]  Benny Pinkas,et al.  SCiFI - A System for Secure Face Identification , 2010, 2010 IEEE Symposium on Security and Privacy.

[67]  Miguel Vargas Martin,et al.  Cyber child pornography: A review paper of the social and legal issues and remedies—and a proposed technological solution , 2007 .

[68]  John Burrows,et al.  AN EXPERIMENT ON THE PREVENTION OF SHOPLIFTING , 2006 .

[69]  Tibor Bosse,et al.  Agent-based simulation of the spatial dynamics of crime: on the interplay between criminal hot spots and reputation , 2008, AAMAS.

[70]  Virendra Singh,et al.  Price and consumption of tobacco , 2012, Lung India : official organ of Indian Chest Society.

[71]  Jens Grossklags,et al.  An Economic Map of Cybercrime , 2009 .

[72]  Shane D. Johnson,et al.  Domestic Burglary Repeats and Space-Time Clusters , 2005 .

[73]  Nicholas Walliman,et al.  Social research methods , 2006 .

[74]  Stuart Staniford-Chen,et al.  Holding intruders accountable on the Internet , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[75]  Rhonda N. McEwen Tools of the trade: Drugs, law and mobile phones , 2007, ASIST.

[76]  James R. Marsden,et al.  Consumer Search and Retailer Strategies in the Presence of Online Music Sharing , 2006, J. Manag. Inf. Syst..

[77]  Daphna Weinshall,et al.  Cognitive authentication schemes safe against spyware , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[78]  cyberdetective Council of Europe Convention on Cybercrime , 2007 .

[79]  William Yurcik,et al.  A statistical analysis of disclosed storage security breaches , 2006, StorageSS '06.

[80]  Susan W. Brenner Organized Cybercrime? How Cyberspace May Affect the Structure of Criminal Relationships , 2003 .

[81]  David G. Post,et al.  Law and Borders - the Rise of Law in Cyberspace , 1996, First Monday.

[82]  P. Brantingham,et al.  Environment, Routine, and Situation: Toward a Pattern Theory of Crime (1993) , 2010 .

[83]  Steven M. Bellovin Spamming, phishing, authentication, and privacy , 2004, CACM.

[84]  A. Stinchcombe Information and Organizations , 2019 .

[85]  S. Vaidhyanathan Copyrights and Copywrongs , 2001 .

[86]  Oliver Günther,et al.  Privacy in e-commerce: stated preferences vs. actual behavior , 2005, CACM.

[87]  Zeno Geradts,et al.  Methods for identification of images acquired with digital cameras , 2001, SPIE Optics East.

[88]  Marce Eleccion Beating the blue-box bandits , 1972, IEEE Spectrum.

[89]  A. Pentland,et al.  Computational Social Science , 2009, Science.

[90]  R. Ferner,et al.  Medication errors, worse than a crime , 2000, The Lancet.

[91]  Shun-Yung Kevin Wang,et al.  Emerging Cybercrime Variants in the Socio-Technical Space , 2009 .

[92]  Nir Kshetri,et al.  The Economics of Click Fraud , 2010, IEEE Secur. Priv..

[93]  Graham Farrell,et al.  Mobile Phone Reprogramming: Its Extent and Prevention , 2008 .

[94]  A. Ant Ozok,et al.  A comparison of perceived and real shoulder-surfing risks between alphanumeric and graphical passwords , 2006, SOUPS '06.

[95]  Richard Clayton,et al.  Failures in a Hybrid Content Blocking System , 2005, Privacy Enhancing Technologies.

[96]  Robert Willison,et al.  Understanding the offender/environment dynamic for computer crimes: assessing the feasibility of applying criminological theory to the IS security context , 2004, 37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the.

[97]  Cecil Eng Huang Chua,et al.  The Role of Online Trading Communities in Managing Internet Auction Fraud , 2007, MIS Q..

[98]  Susan W. Brenner,et al.  Distributed security : Preventing cybercrime , 2005 .

[99]  Graham Farrell,et al.  Anticipating Mobile Phone ‘Smart Wallet’ Crime: Policing and Corporate Social Responsibility , 2008 .

[100]  Kenneth Geers,et al.  The challenge of cyber attack deterrence , 2010, Comput. Law Secur. Rev..

[101]  Marianthi Theoharidou,et al.  Insider Threat and Information Security Management , 2010, Insider Threats in Cyber Security.

[102]  Claus-Christian Carbon,et al.  Cues-of-Being-Watched Paradigm Revisited , 2011 .

[103]  Cormac Herley,et al.  So long, and no thanks for the externalities: the rational rejection of security advice by users , 2009, NSPW '09.

[104]  N.C. Karmakar,et al.  Phase-Encoded Chipless RFID Transponder for Large-Scale Low-Cost Applications , 2009, IEEE Microwave and Wireless Components Letters.

[105]  Robert J. Sampson,et al.  Systematic Social Observation of Public Spaces: A New Look at Disorder in Urban Neighborhoods1 , 1999, American Journal of Sociology.

[106]  George Cybenko,et al.  Cognitive Hacking: A Battle for the Mind , 2002, Computer.

[107]  Andrea L Bertozzi,et al.  Dissipation and displacement of hotspots in reaction-diffusion models of crime , 2010, Proceedings of the National Academy of Sciences.

[108]  Marc D. Goodman,et al.  The Emerging Consensus on Criminal Conduct in Cyberspace , 2002, Int. J. Law Inf. Technol..

[109]  Pekka Nikander,et al.  Effects of mobility and multihoming on transport-protocol security , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[110]  P. Brantingham,et al.  Criminality of place , 1995 .

[111]  M. Felson,et al.  Opportunity Makes the Thief Practical theory for crime prevention , 1998 .

[112]  Mikko T. Siponen,et al.  New Insights for an Old Problem: Explaining Software Piracy through Neutralization Theory , 2010, 2010 43rd Hawaii International Conference on System Sciences.

[113]  Shirley Atkinson,et al.  Improving protection mechanisms by understanding online risk , 2007, Inf. Manag. Comput. Secur..

[114]  Stefan Savage,et al.  Privacy-preserving network forensics , 2011, Commun. ACM.

[115]  S. Henze,et al.  Crime Science: New Approaches to Preventing and Detecting Crime , 2006 .

[116]  Sudhir Aggarwal,et al.  Password Cracking Using Probabilistic Context-Free Grammars , 2009, 2009 30th IEEE Symposium on Security and Privacy.

[117]  G Gigerenzer,et al.  Reasoning the fast and frugal way: models of bounded rationality. , 1996, Psychological review.

[118]  Donald Brown,et al.  Using a multi-agent model to predict both physical and cyber criminal activity , 2000, Smc 2000 conference proceedings. 2000 ieee international conference on systems, man and cybernetics. 'cybernetics evolving to systems, humans, organizations, and their complex interactions' (cat. no.0.

[119]  Jan Camenisch,et al.  Design and implementation of the idemix anonymous credential system , 2002, CCS '02.

[120]  Nicole Beebe,et al.  Using Situational Crime Prevention Theory to Explain the Effectiveness of Information Systems Security , 2005 .

[121]  G. Kalyanaram,et al.  Nudge: Improving Decisions about Health, Wealth, and Happiness , 2011 .

[122]  Richard E Tremblay,et al.  Developmental origins of disruptive behaviour problems: the 'original sin' hypothesis, epigenetics and their consequences for prevention. , 2010, Journal of child psychology and psychiatry, and allied disciplines.

[123]  Ken Pease,et al.  Prospective hot-spotting - The future of crime mapping? , 2004 .

[124]  Alison J. Heppenstall,et al.  Crime reduction through simulation: An agent-based model of burglary , 2010, Comput. Environ. Urban Syst..

[125]  Bruce Schneier,et al.  The psychology of security , 2007, CACM.

[126]  Patrick N. McGrain,et al.  Pursuing the Panderer: An Analysis of United States v. Williams , 2010, Journal of child sexual abuse.

[127]  Donald E. Brown,et al.  Decision Based Spatial Analysis of Crime , 2003, ISI.

[128]  Jacqueline B. Helfgott,et al.  Criminal Behavior: Theories, Typologies and Criminal Justice , 2008 .

[129]  T. Holt,et al.  Examining the Applicability of Lifestyle-Routine Activities Theory for Cybercrime Victimization , 2008 .

[130]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[131]  M. Krohn,et al.  The Self-Report Method for Measuring Delinquency and Crime , 2000 .

[132]  Tibor Bosse,et al.  Towards Integration of Biological, Psychological and Social Aspects in Agent-Based Simulation of Violent Offenders , 2009, Simul..

[133]  Robert Willison,et al.  Understanding the perpetration of employee computer crime in the organisational context , 2006, Inf. Organ..

[134]  Fadhel Kaboub Realistic Evaluation , 2004 .

[135]  H. Simon,et al.  A Behavioral Model of Rational Choice , 1955 .

[136]  Tyler Moore,et al.  The Economics of Information Security , 2006, Science.

[137]  Allan R. Wilks,et al.  Fraud Detection in Telecommunications: History and Lessons Learned , 2010, Technometrics.

[138]  Günter P Stummvoll Environmental criminology and crime analysis , 2009 .

[139]  John E. Eck,et al.  Contrasting simulated and empirical experiments in crime prevention , 2008 .

[140]  Komal Singh,et al.  A computational model for simulating spatial aspects of crime in urban environments , 2005, 2005 IEEE International Conference on Systems, Man and Cybernetics.

[141]  Uwe Glässer,et al.  Modeling and Validation of Aviation Security , 2008, Intelligence and Security Informatics.

[142]  Dirk Timmermann,et al.  IPclip: An architecture to restore Trust-by-Wire in packet-switched networks , 2008, 2008 33rd IEEE Conference on Local Computer Networks (LCN).

[143]  Philip Hunter BT's bold pioneering child porn block wins plaudits amid Internet censorship concerns , 2004 .

[144]  Michel C. A. Klein,et al.  Development and Validation of an Agent-Based Simulation Model of Juvenile Delinquency , 2009, 2009 International Conference on Computational Science and Engineering.

[145]  B. Koops,et al.  Approaches to Cybercrime Jurisdiction , 2005 .

[146]  Tyler Moore,et al.  The Impact of Incentives on Notice and Take-down , 2008, WEIS.

[147]  B. Turnbull,et al.  The 802.11 Technology Gap - Case Studies in Crime , 2005, TENCON 2005 - 2005 IEEE Region 10 Conference.

[148]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[149]  Ronald V. Clarke,et al.  Superhighway Robbery: Preventing E-commerce Crime , 2003 .

[150]  James Backhouse,et al.  Opportunities for computer crime: considering systems risk from a criminological perspective , 2006, Eur. J. Inf. Syst..

[151]  Adam J. Lee,et al.  Eyeing your exposure: quantifying and controlling information sharing for improved privacy , 2011, SOUPS.

[152]  John E. Eck,et al.  Simulating Crime Events and Crime Patterns in a RA/CA Model , 2005 .

[153]  George E. Higgins can low self-control help with the understanding of the software piracy problem? , 2004 .

[154]  Nal Tilley From Crime Prevention to Crime Science , 2007 .

[155]  W. Gove,et al.  ARE UNIFORM CRIME REPORTS A VALID INDICATOR OF THE INDEX CRIMES? AN AFFIRMATIVE ANSWER WITH MINOR QUALIFICATIONS* , 1985 .

[156]  Lawrence E. Cohen,et al.  The nature of crime , 1991, Human nature.

[157]  Alessandro Acquisti,et al.  Privacy and Security of Personal Information - Economic Incentives and Technological Solutions , 2004, Economics of Information Security.

[158]  Cormac Herley,et al.  A profitless endeavor: phishing as tragedy of the commons , 2009, NSPW '08.

[159]  R. Thaler,et al.  Nudge: Improving Decisions About Health, Wealth, and Happiness , 2008 .

[160]  Ram D. Gopal,et al.  Preventive and Deterrent Controls for Software Piracy , 1997, J. Manag. Inf. Syst..

[161]  Jay BloomBecker Who are the computer criminals? , 1982, CSOC.

[162]  Michael A. Caloyannides Forensics Is So "Yesterday" , 2009, IEEE Security & Privacy.

[163]  Tyler Moore,et al.  The consequence of non-cooperation in the fight against phishing , 2008, 2008 eCrime Researchers Summit.

[164]  Graham Farrell,et al.  IN SAFE HANDS: A Review of Mobile Phone Anti-theft Designs , 2007 .

[165]  Mikko T. Siponen,et al.  Overcoming the insider: reducing employee computer crime through Situational Crime Prevention , 2009, CACM.

[166]  N. Tilley,et al.  Crime Science: new approaches to preventing and detecting crime , 2005 .

[167]  Uwe Glässer,et al.  Computational Modeling of Criminal Activity , 2008, EuroISI.

[168]  R. Clarke Technology, Criminology and Crime Science , 2002 .

[169]  M. Eric Johnson,et al.  Managing Information Risk and the Economics of Security , 2008, Managing Information Risk and the Economics of Security.

[170]  Angus M. Marshall,et al.  Identity theft in an online world , 2005, Comput. Law Secur. Rev..

[171]  Nicola M. Döring,et al.  The Internet's impact on sexuality: A critical review of 15 years of research , 2009, Comput. Hum. Behav..

[172]  H. V. Jagadish,et al.  Information warfare and security , 1998, SGMD.

[173]  Vern Paxson,et al.  @spam: the underground on 140 characters or less , 2010, CCS '10.

[174]  G. Anderson,et al.  The Economic Theory of Clubs , 2004 .

[175]  Jim Giles Crime prevention: The lab arm of the law , 2003, Nature.

[176]  Ronald V. Clarke,et al.  The British Gas Suicide Story and Its Criminological Implications , 1988, Crime and Justice.

[177]  Karen Cox The application of crime science to the prevention of medication errors. , 2008, British journal of nursing.

[178]  M. Bateson,et al.  Cues of being watched enhance cooperation in a real-world setting , 2006, Biology Letters.

[179]  Mark Taylor,et al.  The EU Data Retention Directive , 2006, Comput. Law Secur. Rev..

[180]  M. Felson Crime and nature , 2006 .

[181]  T. Graeff,et al.  Collecting and using personal data: consumers’ awareness and concerns , 2002 .

[182]  Alejandro Zentner Measuring the Effect of File Sharing on Music Purchases* , 2006, The Journal of Law and Economics.

[183]  Eoghan Casey,et al.  The impact of full disk encryption on digital forensics , 2008, OPSR.

[184]  William L. Simon,et al.  The Art of Deception: Controlling the Human Element of Security , 2001 .

[185]  Alessandro Acquisti,et al.  Information revelation and privacy in online social networks , 2005, WPES '05.

[186]  Dongting Yu,et al.  Humboldt: A distributed phishing disruption system , 2009, 2009 eCrime Researchers Summit.

[187]  Marianne Junger,et al.  Trends in violent crime: a comparison between police statistics and victimization surveys , 2002 .

[188]  Qing Hu,et al.  Does deterrence work in reducing information security policy abuse by employees? , 2011, Commun. ACM.

[189]  Lin Liu,et al.  Chapter XX Varieties of Artificial Crime Analysis: Purpose, Structure, and Evidence in Crime Simulations , 2008 .

[190]  Alessandro Acquisti,et al.  Nudging Privacy: The Behavioral Economics of Personal Information , 2009, IEEE Security & Privacy.

[191]  Chris Sundt,et al.  Information security and the law , 2006, Inf. Secur. Tech. Rep..

[192]  John E. Eck,et al.  WHAT DO THOSE DOTS MEAN? MAPPING THEORIES WITH DATA , 1998 .

[193]  I. Ehrlich Participation in Illegitimate Activities: A Theoretical and Empirical Investigation , 1973, Journal of Political Economy.

[194]  Jun Hu,et al.  Detecting and characterizing social spam campaigns , 2010, CCS '10.

[195]  Gordon V. Cormack,et al.  Spam and the ongoing battle for the inbox , 2007, CACM.

[196]  Kimberly Young,et al.  Internet Addiction: The Emergence of a New Clinical Disorder , 1998, Cyberpsychology Behav. Soc. Netw..

[197]  L. F. Gunderson Using data mining and judgment analysis to construct a predictive model of crime , 2002, IEEE International Conference on Systems, Man and Cybernetics.

[198]  Evangelos A. Kiountouzis,et al.  The insider threat to information systems and the effectiveness of ISO17799 , 2005, Comput. Secur..

[199]  Robert Willison,et al.  Understanding the offender/environment dynamic for computer crimes , 2005, Inf. Technol. People.

[200]  Anita Pete The Criminal , 1902, The Indian Medical Gazette.

[201]  L. Telser A Theory of Self-enforcing Agreements , 1980 .

[202]  Elizabeth D. Mynatt,et al.  Challenges in supporting end-user privacy and security management with social navigation , 2009, SOUPS.

[203]  Clyde W. Holsapple,et al.  Parameters for Software Piracy Research , 2008, Inf. Soc..

[204]  MARK GRIFFITHS,et al.  Excessive Internet Use: Implications for Sexual Behavior , 2000, Cyberpsychology Behav. Soc. Netw..

[205]  Marti A. Hearst,et al.  Why phishing works , 2006, CHI.

[206]  Lorrie Faith Cranor,et al.  Anti-Phishing Phil: the design and evaluation of a game that teaches people not to fall for phish , 2007, SOUPS '07.

[207]  Lorrie Faith Cranor,et al.  Decision strategies and susceptibility to phishing , 2006, SOUPS '06.

[208]  He Liu,et al.  Click Trajectories: End-to-End Analysis of the Spam Value Chain , 2011, 2011 IEEE Symposium on Security and Privacy.

[209]  Markus G. Kuhn,et al.  Analysis of a denial of service attack on TCP , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[210]  Chengyu Song,et al.  Studying Malicious Websites and the Underground Economy on the Chinese Web , 2008, WEIS.

[211]  Rajashekar Kailar Reasoning about accountability in protocols for electronic commerce , 1995, Proceedings 1995 IEEE Symposium on Security and Privacy.

[212]  Gloria Laycock,et al.  Defining crime science , 2005 .

[213]  Graham Farrell,et al.  Imagination for Crime Prevention: Essays in Honour of Ken Pease , 2007 .

[214]  Kregg Aytes,et al.  Computer Security and Risky Computing Practices: A Rational Choice Perspective , 2004, J. Organ. End User Comput..

[215]  Richard Adderley,et al.  The Use of Data Mining Techniques in Operational Crime Fighting , 2004, ISI.

[216]  Virgil D. Gligor 20 years of operating systems security , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[217]  Ross J. Anderson Why information security is hard - an economic perspective , 2001, Seventeenth Annual Computer Security Applications Conference.

[218]  Frank McSherry,et al.  Data Collection with Self-Enforcing Privacy , 2008, TSEC.

[219]  Donald E. Brown,et al.  Criminal Incident Data Association Using the OLAP Technology , 2003, ISI.

[220]  Ray August INTERNATIONAL CYBER‐JURISDICTION: A COMPARATIVE ANALYSIS , 2002 .

[221]  Graham Farrell,et al.  Phone Theft Index , 2008 .

[222]  Bill McCarty,et al.  Automated Identity Theft , 2003, IEEE Secur. Priv..

[223]  Stefan Savage,et al.  An inquiry into the nature and causes of the wealth of internet miscreants , 2007, CCS '07.

[224]  Kate J. Bowers,et al.  Assessing the Extent of Crime Displacement and Diffusion of Benefits: A Review of Situational Crime Prevention Evaluations * , 2009 .

[225]  Zhuoqing Morley Mao,et al.  Accurate Real-time Identification of IP Prefix Hijacking , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[226]  P. Spagnoletti,et al.  Situational Crime Prevention and Cyber-crime investigation: the Online Pedo-pornography case study , 2005, EUROCON 2005 - The International Conference on "Computer as a Tool".

[227]  Markus Jakobsson,et al.  Designing ethical phishing experiments , 2007, IEEE Technology and Society Magazine.

[228]  Anil Wipat,et al.  e-Science: relieving bottlenecks in large-scale genome analyses , 2008, Nature Reviews Microbiology.

[229]  Raymond R. Panko,et al.  Monitoring for pornography and sexual harassment , 2002, CACM.

[230]  Joel Waldfogel,et al.  Introduction , 2010, Inf. Econ. Policy.

[231]  Cormac Herley,et al.  Evaluating a trial deployment of password re-use for phishing prevention , 2007, eCrime '07.

[232]  Tyler Moore,et al.  Examining the impact of website take-down on phishing , 2007, eCrime '07.

[233]  R. Berk How you can tell if the simulations in computational criminology are any good , 2008 .

[234]  Yu. A. Timofeeva,et al.  Worldwide Prescriptive Jurisdiction in Internet Content Controversies: A Comparative Analysis , 2005 .

[235]  V Sivarajasingam,et al.  Injury research explains conflicting violence trends , 2005, Injury Prevention.

[236]  Lin Liu,et al.  Crime Simulation Using GIS and Artificial Intelligent Agents , 2008 .

[237]  Andrea Francini,et al.  Evros: A service-delivery platform for extending security coverage and IT reach , 2007, Bell Labs Technical Journal.

[238]  Pieter H. Hartel,et al.  Laptop theft: a case study on the effectiveness of security mechanisms in open organizations , 2010, CCS '10.

[239]  D.J. Brooks A study to develop a consensual map of security expert knowledge structure , 2006, Proceedings 40th Annual 2006 International Carnahan Conference on Security Technology.

[240]  N. Smelser The Rational Choice Perspective , 1992 .

[241]  Uwe Glässer,et al.  Computational Modeling and Experimental Validation of Aviation Security Procedures , 2006, ISI.

[242]  Tibor Bosse,et al.  Case Analysis of Criminal Behaviour , 2007, IEA/AIE.

[243]  Todd M. Hinnen The Cyber-Front in the War on Terrorism: Curbing Terrorist Use of the Internet , 2004 .

[244]  Frank Stajano,et al.  Understanding scam victims , 2011, Commun. ACM.

[245]  Somesh Jha,et al.  Semantics-aware malware detection , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[246]  G. McNair,et al.  Identity Theft , 2007, The SAGE Encyclopedia of Criminal Psychology.

[247]  Joshua M. Epstein,et al.  Agent-based computational models and generative social science , 1999, Complex..

[248]  Ross Anderson,et al.  Economics and Internet Security: A Survey of Recent Analytical, Empirical, and Behavioral Research , 2011 .

[249]  Richard E. Tremblay,et al.  The development of aggressive behaviour during childhood: What have we learned in the past century? , 2000 .

[250]  Ronald C. Dodge,et al.  Phishing for user security awareness , 2007, Comput. Secur..

[251]  A. Tversky,et al.  The framing of decisions and the psychology of choice. , 1981, Science.

[252]  Lorrie Faith Cranor,et al.  Improving phishing countermeasures: An analysis of expert interviews , 2009, 2009 eCrime Researchers Summit.

[253]  G. Stigler The Economics of Information , 1961, Journal of Political Economy.

[254]  C. Zwerling,et al.  Role of environmental interventions in injury control and prevention. , 2003, Epidemiologic reviews.

[255]  Kimberly C. Claffy,et al.  Dialing Privacy and Utility: A Proposed Data-Sharing Framework to Advance Internet Research , 2010, IEEE Security & Privacy.

[256]  Uwe Glässer,et al.  Computer Simulation in Criminal Justice Research , 2004 .

[257]  Audrey Guinchard,et al.  Cybercrime: The Transformation of Crime in the Information Age, 2nd edition, Cambridge: Polity (Outline of update) , 2007, SSRN Electronic Journal.

[258]  M. Felson,et al.  Crime and Everyday Life , 1998 .

[259]  Ken Pease,et al.  Design and Crime: Proofing Electronic Products and Services against Theft , 2007 .

[260]  J. Heckman Skill Formation and the Economics of Investing in Disadvantaged Children , 2006, Science.

[261]  Cormac Herley,et al.  Phishing and money mules , 2010, 2010 IEEE International Workshop on Information Forensics and Security.

[262]  J. Pieprzyk,et al.  Winning the Phishing War: A Strategy for Australia , 2010, 2010 Second Cybercrime and Trustworthy Computing Workshop.

[263]  Xinwen Fu,et al.  DSSS-Based Flow Marking Technique for Invisible Traceback , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[264]  Martin S. Olivier,et al.  Nature and Forensic investigation of crime in Second Life , 2011, ISSA.

[265]  Gk Laycock The UK Car Theft Index: An Example of Government Leverage , 2004 .

[266]  Marcus A. Maloof,et al.  Detecting Insider Theft of Trade Secrets , 2009, IEEE Security & Privacy.

[267]  Ariel J. Feldman,et al.  Lest we remember: cold-boot attacks on encryption keys , 2008, CACM.

[268]  李幼升,et al.  Ph , 1989 .

[269]  Acm Ieee-Cs Joint Curriculum Task Force Computing Curricula 2001: Computer Science , 2002 .

[270]  Donald E. Brown,et al.  Data mining time series with applications to crime analysis , 2001, 2001 IEEE International Conference on Systems, Man and Cybernetics. e-Systems and e-Man for Cybernetics in Cyberspace (Cat.No.01CH37236).

[271]  Martin P. Loeb,et al.  CSI/FBI Computer Crime and Security Survey , 2004 .

[272]  Wil M. P. van der Aalst,et al.  Process Mining and Security: Detecting Anomalous Process Executions and Checking Process Conformance , 2005, WISP@ICATPN.