A new approach to fighting varied types of cybercrime cases

Fighting cybercrime may seem like a losing battle considering the enemy is so well resourced. In a Royal Holloway University of London master's thesis, Anna Cevidalli and John Austen explore new approaches in the battle against cybercrime.

 Despite some well-publicised arrests of cybercriminal gangs in recent months, there can be no doubt that Internet crime continues to flourish on a global scale.

Organized cybercrime gangs use the speed and the global reach of the Internet to ply their trade, most of the time avoiding detection and nearly always avoiding punishment. In addition, they are often well funded and have no difficulty recruiting highly skilled developers to carry out their attacks.

Meanwhile, national law enforcement agencies operate on limited resources and lack the global reach and co-operation they need to respond. In order to beat the criminals, law enforcement, therefore, must be smarter.

In their article, The challenge of combating organised crime -- A multi-disciplinary perspective, Anna Cevidalli and John Austen explore the feasibility of tackling different types of cybercrime with the skills and resources of the private sector, as well as law enforcement.

The article proposes a systematic process for the collection and evaluation of information that would allow law enforcement to react much faster to cybersecurity events. The process is based on morphological analysis. A technique borrowed from the field of astrophysics, morphological analysis divides a problem into different elements and displays them in the form of a matrix that visually represents the four steps of the analytical process.

 The morphological analysis method, they say, has been proven to be an effective event-response method within a variety of different contexts, including scientific and corporate environments. Within the field of criminal intelligence, it could become a powerful tool to develop strategic thinking about organised crime.

About the authors:
Anna Cevidalli became interested in information security in the late 1990s when she got involved in installing patches and antivirus software. Following completion of her MSc with RHUL, she started work as a security consultant in the field of information assurance, working for a company that works on government contracts.

John Austen is the course director for the Royal Holloway diploma in information security. He was head of the Computer Crime Unit, New Scotland Yard, until September 1996. He was a career detective for 30 years, investigating the first major UK computer crime in 1976 and founding the Computer Crime Unit in 1984, the first of its type in the world.

The article is based on a thesis written in the Information Security Group at Royal Holloway University of London.It is one of nine that SearchSecurity.co.UK is publishing exclusively in 2010 as part of its close collaboration with RHUL, which is in its third year.

Read more on Security policy and user awareness