15-05-2013, 03:05 PM
A Survey of Cybercrime
A Survey of Cybercrime.docx (Size: 104.21 KB / Downloads: 16)
Abstract:
Cybercrime is a kind of crime that happens in "cyberspace", that is, happens in the world of computer and the Internet. Although many people have a limited knowledge of "cybercrime", this kind of crime has the serious potential for severe impact on our lives and society, because our society is becoming an information society, full of information exchange happening in "cyberspace". Thus, it is necessary to introduce cybercrime detailedly. While there are several textbooks talking about cybercrime, but focusing on the statutes and laws relevant this new breed of crime, few papers or textbooks focus on the "computer science" itself. In other words, most of materials talk about the "crime" of "cybercrime", but this paper will talk more about "cyber". In this paper, first, we will introduce the definition, origins and evolution of cybercrime. Second, the three categories of cybercrime, which are target cybercrime, tool cybercrime, computer incidental, are presented in each section respectively, where some latest cases will be studied. Finally, the summary will be given. Keywords: Survey, Cybercrime, Cyber, Crime, Cyber-crime, Cyber crime, Computer crime
Introduction
A lot of us have a limited knowledge of crime occurring in "cyberspace", known as cybercrime, which happens on computer and the Internet, however, cybercrime has a severe potential for remarkable impact on the lives of individuals and our society. Therefore, a detailed introduction of cybercrime needs to be presented. There are many terms used to describe cybercrime. The former descriptions were "computer crime", "computer-related crime" or "crime by computer". With the pervasion of digital technology, some new terms like "high-technology" or "information-age" crime were added to the definition. Also, Internet brought other new terms, like "cybercrime" and "net" crime. Other forms include "digital", "electronic", "virtual" , "IT", "high-tech" and technology-enabled" crime [Clough10]. However, on the one hand, each of them didn't cover the whole meaning of cybercrime, because there is no incorporation of networks. On the other hand, terms such as "high-tech" or "electronic" crime might be too broad to specify that the crime is the exact cybercrime, since other fields also have "hi-tech" developments like nanotechnology and bioengineering.
Target Cybercrime
When a computer is the target of offense, the perpetrator attacks the computer by breaking into it or attacking it from outside. This kind of cybercrime may be the most "professional" in three cybercrime categories, because the criminal does programming and makes use of some exploits on computer, who always has pretty strong professional background of computer science. In this chapter, the two main types of target cybercrimes will be introduced, which are hacking and malware. Before moving the next chapter, another common target cybercrime, DDoS attacks will be also examined.
Hacking
Almost everyone has heard "hacker", the one who does hacking. But what's the meaning of hacking on earth? For a simpler perception, hacking is similar to trespassing [Brenner10]. Trespass has been a kind of crime for a long history. The statutes of criminal trespass are designed to protect the sanctity and privacy of real estate, including land and building on land, by preventing people from going where they have no right to enter. Since computer is a kind of property, hacking is analogous to trespassing on one's real estate. In trespass, the person(s) is(are) seriously restricted, who can legally enter onto or into real property, such as land, building and so on; while in hacking, the person(s) is(are) seriously restricted, who can legally use computer technology. The following content includes two latest researches on hacking. Notice that the purpose of these researches is to find existing issues or exploits in cyberspace rather than to commit crimes, so they may be potentially used by professional criminals if the issues these researches have revealed are not still solved in the future.
Hack On Universal Serial Bus (USB) Cable [Zdnet11, Wang10]
Angelos Stavrou, an assistant professor of computer science at United States-based George Mason University, and student Zhaohui Wang find a kind of attack to laptops and smartphones via USB cable. By programming a software to change the function of USB driver, they can make a secret attack during charging a smartphone or syncing data between a smartphone and a computer. This attack works by adding the function of keyboard and mouse into the USB driver. Thus, when the connection is built, attacker can steal files, upload Trojan horse (the definition of "Trojan horse" will be introduced in the Section 2.2) or something else. In general, the attacker can manipulate this computer. The reason for that is USB protocol can be used to connect any device to a computing platform without any authentication.
Malware
We always hear "computer virus", "computer worm" and "Trojan horse", however, what are they on earth? To answer this question, the best way is to explain separately each of them. In those terms above, the strict definition of "computer virus" is a computer program which can reproduce itself and spread from one computer to another [Wikipedia11a]. Computer worm uses a computer network to send copies of itself to other computer on the network [Wikipedia11b]. Trojan horse can perform a desirable function for the user prior to run or install, steal information and harm the system [Wikipedia11e]. Generally, malware, short for malicious software, includes computer viruses, computer worms, Trojan horses and other malicious and unwanted software [Wikipedia11a]. For a easier perception, like hacking, malware can also be analogized to a traditional crime in our real world, which is vandalism [Brenner10]. The crime of vandalism means someone damages, even destroys, the property of others without their permission. Notice that the "property" means the real or personal property. While computer system and data saved in computer are also personal property and computer viruses and worms can be used to damage or destroy them, though computer viruses and worms couldn't make the physical property damage, which may be caused by traditional vandalism, they are still regarded as a kind of vandalism, known as "malware". Let's set an extreme example. Suppose someone uses ax to destroy your laptop, which is your personal property, and this behavior is definitely vandalism because your laptop is damaged. However, if he/she uses viruses or worms to destroy your computer system, like you failing to log in Windows XP at all, or your electronic data, like there becoming no files in each of your local disk, this behavior is a cybercrime by malware. In addition, another condition we have to consider: perhaps a virus or worm is implanted in one's computer, however, this computer don't be damaged or destroyed, but is a medium, which will be potential to transmit those malware to other computer on Internet or local area network (LAN). We can call this computer is "harmed", like contamination or infection. The "harm" doesn't mean an existing damage or destroy but a potential [Brenner10], which is not covered by the definition of traditional vandalism but is absolutely a kind of malware. Since those malware, viruses and worms, also make use of exploits on computer or Internet, it is very important to keep the latest trend of malware in order to make up those exploits they have taken or intend to take use of . For preventing malware, many antivirus companies provide malware journals every month or every week. Especially, the leader company of antivirus, Kaspersky Lab, produces malware report every month. Therefore, the following content includes two latest parts on the malware report for October 2011 released by Kaspersky Lab on November 2011.
Distributed Denial of Service (DDoS)
A typical DDoS attack is an malicious behavior to make a computer resource unavailable to its intended users. Perpetrator of DDoS attacks typically focus on sites or services on high-profile web servers such as banks and credit card payment gateways [Wikipedia11c]. In a DDoS attack, the perpetrator uses a network of compromised computers, known as "zombies", to send tremendous data to the target(s) of the attack [Brenner10]. So what's the "zombie"? To explain it, the term "bot" should be explained at first. "Bots" is a kind of software that invisibly infiltrates a computer without the owner's awareness. "Zombie" are the computers that have been contaminated by "bots", who can take over "zombie" computers secretly. Therefore, the owners of "zombies" have no idea that their computers have already become minions of the moon for a malicious force.
DDoS Extortion
As the above paragraph said, the crime that DDoS attacks are commonly used to commit is extortion. In particular, the best of example is attacking online casinos. In order to earn money, casinos should be online and available to gamblers, if they fail to do that, they will lose money. Meantime, the DDoS attack is a effective way to make a casino offline. The common way to make an extortion is that the attacker might send one email to the owner of an online casino, telling him/her here will be a big potential attack to his/her casino website, which can let him/her lose lots of money in a short time. The only way to solve it is to pay a certain amount of money to the attacker so that the attacker will cancel this DDoS attack. Actually, online casinos have no choice but pay off, since if their website are offline, they will lose an incomparable amount of money. As one observer noted, when a casino in offline for only several hours, it may lose "$500,000 to $1 million of action" in lost wagers [Brenner10]. Besides making DDoS attacks on online casinos, there are also DDoS attacks on portal sites and other great websites. Table 1 [Scribd11, Thenextweb10, Cnet11, Torrentfreak09] shows some representative DDoS attacks in 2000, 2009, 2010 and 2011. The reason why the attacks in 2000 are presented is in this year, the first DDoS attack was publicized, so many portal sites suffered from the first time of DDoS attack in 2000. Additionally, the purpose of DDoS attacks might also include a showing off the attacker's hacking ability, not only for money.
Fraud
Fraud, which has exploded in cyberspace, means enticing someone into giving his/her property [Brenner10]. Generally, there are 12 different kinds of online fraud. However, we are very sure that new patterns are always emerging, as the development of the utilization of cyberspace. The current 12 different kinds consist of identity theft; purchase scams; money transfers fraud; dating scams; click fraud; international modem dialing; Internet marketing and retail fraud; Internet marketing and SEO fraud; phishing; e-mail spoofing; pharming; and stock market manipulation schemes [Wikipedia11d]. Actually, fraud will hardly happen if everybody don't be so greedy. This crime is a kind of "passive" crime for perpetrator, as the victims always have a greedy appetite. Perhaps they are obsessed by a huge bunch of money, a gorgeous girl or a big deal for saving a lot of money. The criminals make great use of the avaricious mind of those victims so that they can succeed.
Extortion
The DDoS attack in the section of target cybercrime showed a common way of extortion in cyberspace. However, the content of extortion is far more than this example. Actually, as long as one gets some of critical or private materials, no matter paper-based or electronic, he/she can definitely make an extortion in cyberspace, just like an extortion by phone during the common scene of kidnap we always see on TV. But here, the extortion is restricted to happen in cyberspace, in particular, on computer or Internet. Notice here is a subset of extortion, known as "blackmail" [Brenner10]. Blackmail means using a threat to force someone to give money or property to the blackmailer. Usually, blackmail could expose a secret that can destroy the victim's public reputation. However, to send a blackmail, the perpetrator must achieve access to secret information about the victim's private life. Thus, that's why blackmail is far less common than extortion, which can be easily to commit.