Fingermarks are highly relevant in criminal investigations for individualization purposes. In some cases, the question in court changes from ‘Who is the source of the fingermarks?’ to ‘How did the fingermark end up on the surface?’. In this paper, we explore evaluation of fingermarks given activity level propositions by using Bayesian networks. The variables that provide information on activity level questions for fingermarks are identified and their current state of knowledge with regards to fingermarks is discussed. We identified the variables transfer, persistency, recovery, background fingermarks, location of the fingermarks, direction of the fingermarks, the area of friction ridge skin that left the mark and pressure distortions as variables that may provide information on how a fingermark ended up on a surface. Using three case examples, we show how Bayesian networks can be used for the evaluation of fingermarks given activity level propositions.
Criminologists have frequently debated whether offenders are specialists, in that they consistently perform either one offense or similar offenses, or versatile by performing any crime based on opportunities and situational provocations. Such foundational research has yet to be developed regarding cybercrimes, or offenses enabled by computer technology and the Internet. This study address this issue using a sample of 37 offender networks. The results show variations in the offending behaviors of those involved in cybercrime. Almost half of the offender networks in this sample appeared to be cybercrime specialists, in that they only performed certain forms of cybercrime. The other half performed various types of crimes on and offline. The relative equity in specialization relative to versatility, particularly in both on and offline activities, suggests that there may be limited value in treating cybercriminals as a distinct offender group. Furthermore, this study calls to question what factors influence an offender's pathway into cybercrime, whether as a specialized or versatile offender. The actors involved in cybercrime networks, whether as specialists or generalists, were enmeshed into broader online offender networks who may have helped recognize and act on opportunities to engage in phishing, malware, and other economic offenses.
Presentation by Rutger Leukfeldt on Financially motivated cybercriminal networks, during workshop on Cybercrime Offenders. Cybercrime perpetrators are as diverse and complex as the cybercrime that they commit. For example, they come from different backgrounds and have different (egotistical, technical, monetary, ideological, political, professional, vengeful, sexual or other) motivations. They may or may not be professional criminals, and individuals or part of organised groups or networks (example of Advanced Persistent Threats). Some may commit crime on their own account or make their services available to others, and some may be supported by or be state actors. A better understanding of the types of perpetrators and their motivations and techniques can be instrumental for the prevention of cybercrime and for a more effective criminal justice response. The aim of this workshop is to contribute to such a better understanding and to initiate steps towards a typology of offenders.
Despite their various appealing features, drones also have some undesirable side-effects. One of them is the psychoacoustic effect that originates from their buzzing noise that causes significant noise pollutions. This has an effect on nature (animals run away) and on humans (noise nuisance and thus stress and health problems). In addition, these buzzing noises contribute to alerting criminals when low-flying drones are deployed for safety and security applications. Therefore, there is an urgent demand from SMEs for practical knowledge and technologies that make existing drones silent, which is the main focus of this project. This project contributes directly to the KET Digital Innovations\Robotics and multiple themes of the top sectors: Agriculture, Water and Food, Health & Care and Safety. The main objective of this project is: Investigate the desirability and possibilities of extremely silent drone technologies for agriculture, public space and safety This is an innovative project and there exist no such drone technology that attempts to reduce the noises coming from drones. The knowledge within this project will be converted into the first proof-of-concepts that makes the technology the first Minimum Viable Product suitable for market evaluations. The partners of this project include WhisperUAV, which has designed the first concept of a silent drone. As a fiber-reinforced 3D composite component printer, Fiberneering plays a crucial role in the (further) development of silent drone technologies into testable prototypes. Sorama is involved as an expert company in the context of mapping the sound fields in and around drones. The University of Twente is involved as a consultant and co-developer, and Research group of mechatronics at Saxion is involved as concept developer, system and user requirement verifier and validator. As an unmanned systems innovation cluster, Space53 will be involved as innovation and networking consultant.
Despite the benefits of the widespread deployment of diverse Internet-enabled devices such as IP cameras and smart home appliances - the so-called Internet of Things (IoT) has amplified the attack surface that is being leveraged by cyber criminals. While manufacturers and vendors keep deploying new products, infected devices can be counted in the millions and spreading at an alarming rate all over consumer and business networks. The objective of this project is twofold: (i) to explain the causes behind these infections and the inherent insecurity of the IoT paradigm by exploring innovative data analytics as applied to raw cyber security data; and (ii) to promote effective remediation mechanisms that mitigate the threat of the currently vulnerable and infected IoT devices. By performing large-scale passive and active measurements, this project will allow the characterization and attribution of compromise IoT devices. Understanding the type of devices that are getting compromised and the reasons behind the attacker’s intention is essential to design effective countermeasures. This project will build on the state of the art in information theoretic data mining (e.g., using the minimum description length and maximum entropy principles), statistical pattern mining, and interactive data exploration and analytics to create a casual model that allows explaining the attacker’s tactics and techniques. The project will research formal correlation methods rooted in stochastic data assemblies between IoT-relevant measurements and IoT malware binaries as captured by an IoT-specific honeypot to aid in the attribution and thus the remediation objective. Research outcomes of this project will benefit society in addressing important IoT security problems before manufacturers saturate the market with ostensibly useful and innovative gadgets that lack sufficient security features, thus being vulnerable to attacks and malware infestations, which can turn them into rogue agents. However, the insights gained will not be limited to the attacker behavior and attribution, but also to the remediation of the infected devices. Based on a casual model and output of the correlation analyses, this project will follow an innovative approach to understand the remediation impact of malware notifications by conducting a longitudinal quasi-experimental analysis. The quasi-experimental analyses will examine remediation rates of infected/vulnerable IoT devices in order to make better inferences about the impact of the characteristics of the notification and infected user’s reaction. The research will provide new perspectives, information, insights, and approaches to vulnerability and malware notifications that differ from the previous reliance on models calibrated with cross-sectional analysis. This project will enable more robust use of longitudinal estimates based on documented remediation change. Project results and methods will enhance the capacity of Internet intermediaries (e.g., ISPs and hosting providers) to better handle abuse/vulnerability reporting which in turn will serve as a preemptive countermeasure. The data and methods will allow to investigate the behavior of infected individuals and firms at a microscopic scale and reveal the causal relations among infections, human factor and remediation.
