Paper Info
Title
A cybercrime incident architecture with adaptive response policy.
Abstract
Handling and mitigating the cybercrime incidents (CIs) have attracted significant research attention, over the last years, due to their increasing frequency of occurrence. However, the term cybercrime is often used interchangeably with other technology-linked malicious acts, such as cyberwarfare, and cyberterrorism, leading to misconceptions. In addition, there does not exist a management framework which would classify CIs, qualitatively and quantitatively evaluate their occurrence and promptly align them with appropriate measures and policies. This work introduces a Cybercrime Incident Architecture that enables a comprehensive cybercrime embodiment through feature identification, offence classification mechanisms, threats’ severity labeling and a completely novel Adaptive Response Policy (ARP) that identifies and interconnects the relevant stakeholders with preventive measures and response actions. The proposed architecture consists of four separate complementary components that lead to a manually – and in the future automatically – generated ARP. The idea is to build a holistic framework toward automated cybercrime handling. A criminal case study is selected to validate the introduced framework and highlight its potentiality to evolve into a CI expert system.
Year
DOI
Venue
2019
10.1016/j.cose.2019.01.011
Computers & Security
Keywords
Field
DocType
Cybercrime incident,Offence classification system,Cyber-security,Threat severity,Security and privacy,Investigation techniques,Social engineering attacks,Malware/spyware crime
Cyberterrorism,Architecture,Computer science,Computer security,Cyberwarfare,Expert system,Cybercrime,Adaptive response
Journal
Volume
ISSN
Citations 
83
0167-4048
0
PageRank 
References 
Authors
0.34
0
4
Name
Order
Citations
PageRank
George Tsakalidis122.79
K. Vergidis21118.26
Sophia G. Petridou3669.03
Maro Vlachopoulou48912.90