Skip to main content
SpringerLink
Log in

Considering the potential of criminal profiling to combat hacking

  • Eicar 2007 Best Academic Papers
  • Published:
Journal in Computer Virology Aims and scope Submit manuscript

Abstract

This paper outlines the results of a case study focusing upon hacking incidents in Germany. This work aims to identify behavioural aspects of hackers and their motives for the development of a Criminal Profile. Therefore cases of hacking incidents have been studied to find commonalities and differences for motives, as well as the Modus Operandi (MO). Cases that have been observed within this study are those in which the perpetrator had been identified in person. All cases have been provided by the Bundeskriminalamt (German Federal Criminal Police Office). A total of 12 cases are analysed, revealing a number of common traits in terms of hacker activity and the methods used. This study indicates that methods which have already been used years ago are still preferred methods today. In ten out of twelve cases the observed characteristics fit within in the stereotype of a Script Kiddie. Only two hackers differed regarding their motives compared to the Script Kiddie hackers, but a significant difference regarding their methods—the MO—could not be noticed. From the twelve cases under investigation a basic principle could be identified: the hackers take the path of the least effort. This reveals a clue for the fact that a different motive does not necessarily lead to different methods.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Arnone, M.: White hat, gray hat, black hat: can teach government and industry valuable IT security lessons, Retrieved 25 March 2007, from http://www.fcw.com/article90994-10-03-05-Print&printLayout (2005)

  2. Artelt, C., Baumert, J., Klieme, E., Neubrand, M., Prenzel, M., Schiefele, U., Schneider, W., Schümer, G., Stanat, P., Tillmann, K.-J., Weiß, M.: PISA 2000: Zusammenfassung zentraler Befunde, Retrieved 28 December 2006 (2001) from http://www.pisa.oecd.org/dataoecd/30/63/33684930.pdf

  3. Buckingham A., Saunders P. (2004) The Survey Methods Workbook: from Design to Analysis. Polity Press, Cambridge

    Google Scholar 

  4. Bundeskriminalamt: Police Crime Statistics 2002: Federal Republic of Germany, Retrieved 27 December 2006 from http://www.bundeskriminalamt.de/pks/pks2002ev/pcs_2002.pdf

  5. Bundesregierung: Lebenslagen in Deutschland: Der 2. Armutsbericht er Bundesregierung—Kurzfassung, Retrieved 5 January 2007 (2005) from http://www.bmas.bund.de/BMAS/Redaktion/Pdf/Publikationen/Armuts-und-Reichtumsbericht/armuts-und-reichtumsbericht-der-bundesregierung-2-kurz,property=pdf,bereich=bmas,sprache=de,rwb=true.pdf

  6. Fendley, S.: As the Bot Turns, Retrieved 11 November 2006, from http://isc.sans.org/diary.php?storyid=1300&isc=c294fbd688efb0822d11c9a0c02d0583

  7. Furnell, S.M.: The problem of categorising cybercrime and cybercriminals. In: Proceedings of the 2nd Australian Information Warfare and Security Conference, Perth, Western Australia, 29–30 November 2001

  8. Holz, T.: A Short Visit to the Bot Zoo, Retrieved 11 November 2006 (2005) from http://pi1.informatik.uni-mannheim.de/publications/show/13

  9. Icove, D., Seger, K., VonStorch, W.: Computer Crime: A Crimefighter’s Handbook. O’Reilly & Associates, Sebastopol (1995)

  10. Lurhq: Phatbot Trojan Analysis, Retrieved 11 November 2006 (2004) from http://www.lurhq.com/phatbot.html

  11. Meyr, J.: Wohnungseinbruch in München, Kriminalistik, no. 2, pp. 118–120. Kriminalistik Verlag, Heidelberg (2006)

  12. Ollmann, G.: HTML Code Injection and Cross-site Scripting, Retrieved 3 December 2006 (2003) from http://www.technicalinfo.net/papers/CSS.html

  13. Preuss, J., Furnell, S.M., Lea, S.J.: Research in Progress Paper, The Adoption of Criminal Profiling for Computer Crime. In: Gattiker, U.E. (ed.), EICAR 2004 Conference CD-rom: Best Paper Proceedings (ISBN: 87-987271-6-8), EICAR e.V., Copenhagen, 16 p (2004)

  14. Schultz, A.: Neue Strafbarkeiten und Probleme—Der Entwurf des Strafrechtsänderungsgesetzes (StrafÄndG) zur Bekämpfung der Computerkriminalität vom 20.09.2006, Retrieved 17 November 2006, from http://www.medien-internet-und-recht.de/volltext.php?mir_dok_id=398

  15. Schwartau W. (2000) Cybershock. Thunder’s Mouth Press, New York

    Google Scholar 

  16. Taylor P. (1999) Hackers: Crime in the Digital Sublime. Routledge, New York

    Google Scholar 

  17. Turkle S. (1995) Life on the Screen: Identity in the Age of the Internet. Touchstone, New York

    Google Scholar 

  18. Turvey B. (2003) Criminal profiling: an introduction to behavioral evidence analysis, 2nd edn. Academic, London

    Google Scholar 

  19. UNICEF.: A League Table of Educational Disadvantage in Rich Nations, Retrieved 28 December 2006 (2002) from http://www.unicef-icdc.org/publications/pdf/repcard4e.pdf

Download references

Author information

Authors and Affiliations

  1. Network Research Group, School of Computing, Communications & Electronics, University of Plymouth, Drake Circus, Plymouth, PL4 8AA, UK

    Jörg Preuß, Steven M. Furnell & Maria Papadaki

Authors
  1. Jörg Preuß
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Steven M. Furnell
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Maria Papadaki
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jörg Preuß.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Preuß, J., Furnell, S.M. & Papadaki, M. Considering the potential of criminal profiling to combat hacking. J Comput Virol 3, 135–141 (2007). https://doi.org/10.1007/s11416-007-0042-4

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11416-007-0042-4

Keywords

Search

Navigation