Honor among thieves: A common's analysis of cybercrime economies

Underground forums enable technical innovation among criminals as well as allow for specialization, thereby making cybercrime economically efficient. The success of these forums is contingent on collective action twixt a variety of stakeholders. What distinguishes sustainable forums from those that fail? We begin to address these questions by examining underground forums under an economic framework that has been used to prescribe institutional choices in other domains, such as fisheries and forests. This framework examines the sustainability of cybercrime forums given a self governance model for a common-pool resource. We analyze five distinct forums: AntiChat (AC), BadHackerZ (BH), BlackhatWorld (BW), Carders (CC), and L33tCrew (LC). Our analyses indicate that successful/sustainable forums: 1) have easy/cheap community monitoring, 2) show moderate increase in new members, 3) do not witness reduced connectivity as the network size increases, 4) limit privileged access, and 5) enforce bans or fines on offending members. We define success as forums demonstrating small world effect.

[1]  R. Coase The Nature of the Firm , 1937 .

[2]  G. Hardin,et al.  The Tragedy of the Commons , 1968, Green Planet Blues.

[3]  G. Stigler,et al.  Law Enforcement, Malfeasance, and Compensation of Enforcers , 1974, The Journal of Legal Studies.

[4]  Andrew R. Dick,et al.  When does organized crime pay? A transaction cost analysis , 1995 .

[5]  Duncan J. Watts,et al.  Collective dynamics of ‘small-world’ networks , 1998, Nature.

[6]  E. Ostrom,et al.  Revisiting the commons: local lessons, global challenges. , 1999, Science.

[7]  Yochai Benkler,et al.  Coase's Penguin, or Linux and the Nature of the Firm , 2001, ArXiv.

[8]  Massimo Marchiori,et al.  Economic small-world behavior in weighted networks , 2003 .

[9]  E. Ostrom,et al.  The Struggle to Govern the Commons , 2003, Science.

[10]  Amy R. Poteete,et al.  Heterogeneity, Group Size and Collective Action: The Role of Institutions in Forest Management , 2004 .

[11]  Somesh Jha,et al.  Semantics-aware malware detection , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[12]  B. Uzzi,et al.  Collaboration and Creativity: The Small World Problem1 , 2005, American Journal of Sociology.

[13]  Rob Thomas,et al.  The underground economy: priceless , 2006 .

[14]  Tyler Moore,et al.  The Economics of Information Security , 2006, Science.

[15]  Markus Jakobsson,et al.  Combating Click Fraud via Premium Clicks , 2007, USENIX Security Symposium.

[16]  D. Wall Policing Cybercrimes: Situating the Public Police in Networks of Security within Cyberspace , 2007 .

[17]  Tyler Moore,et al.  An Empirical Analysis of the Current State of Phishing Attack and Defence , 2007, WEIS.

[18]  Benjamin R. Jones,et al.  Comment: Virtual neighborhood watch: Open source software and community policing against cybercrime , 2007 .

[19]  Zhen Li,et al.  Botnet Economics: Uncertainty Matters , 2008, WEIS.

[20]  Qiu-Hong Wang,et al.  The Deterrent and Displacement Effects of Information Security Enforcement:  International Evidence , 2008, Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008).

[21]  Chris Kanich,et al.  Spamalytics: an empirical analysis of spam marketing conversion , 2008, CCS.

[22]  Cormac Herley,et al.  A profitless endeavor: phishing as tragedy of the commons , 2009, NSPW '08.

[23]  Felix C. Freiling,et al.  Learning More about the Underground Economy: A Case-Study of Keyloggers and Dropzones , 2009, ESORICS.

[24]  Ross J. Anderson,et al.  The Economics of Online Crime , 2009 .

[25]  Aunshul Rege What's Love Got to Do with It? Exploring Online Dating Scams and Identity Fraud , 2009 .

[26]  Rick Wash,et al.  Organization Interfaces—collaborative computing General Terms , 2022 .

[27]  Param Vir Singh,et al.  The small-world effect , 2010, ACM Trans. Softw. Eng. Methodol..

[28]  Thamar Solorio,et al.  Lexical feature based phishing URL detection using online learning , 2010, AISec '10.

[29]  Tyler Moore,et al.  The iterated weakest link , 2010, IEEE Security & Privacy.

[30]  Michael D. Reisig,et al.  Routine Online Activity and Internet Fraud Targeting: Extending the Generality of Routine Activity Theory , 2010 .

[31]  Vern Paxson,et al.  Measuring Pay-per-Install: The Commoditization of Malware Distribution , 2011, USENIX Security Symposium.

[32]  He Liu,et al.  Click Trajectories: End-to-End Analysis of the Spam Value Chain , 2011, 2011 IEEE Symposium on Security and Privacy.

[33]  L. Jean Camp,et al.  The smuggling theory approach to organized digital crime , 2011, 2011 eCrime Researchers Summit.

[34]  Gary Warner,et al.  Phishing: Crime that pays , 2011, 2011 eCrime Researchers Summit.

[35]  L. Jean Camp,et al.  Reconceptualizing the Role of Security User , 2011, Daedalus.

[36]  Stefan Savage,et al.  An analysis of underground forums , 2011, IMC '11.

[37]  L. Jean Camp,et al.  Pools, clubs and security: designing for a party not a person , 2012, NSPW '12.

[38]  Tyler Moore,et al.  Measuring the Cost of Cybercrime , 2012, WEIS.

[39]  Laura Huey,et al.  ‘Uppity civilians’ and ‘cyber-vigilantes’: The role of the general public in policing cyber-crime , 2013 .

[40]  L. Jean Camp,et al.  Peer-produced privacy protection , 2013, 2013 IEEE International Symposium on Technology and Society (ISTAS): Social Implications of Wearable Computing and Augmediated Reality in Everyday Life.

[41]  Cormac Herley,et al.  Small World: Collisions Among Attackers in a Finite Population , 2013 .

[42]  L. Jean Camp,et al.  Ex Ante vs. Ex Post: Economically Efficient Sanctioning Regimes for Online Risks , 2013 .

[43]  Vaibhav Garg,et al.  Craigslist Scams and Community Composition: Investigating Online Fraud Victimization , 2013, 2013 IEEE Security and Privacy Workshops.

[44]  J. Larson,et al.  An Inquiry into the Nature and Causes of the Wealth of Nations , 2015 .