Extending the cybercrime incident architecture with a feature-­based Cybercrime Classification System (CCS)

Abstract

Cybercrime is an evolving and growing threat that heavily bothers Internet users and the relevant authorities. Due to the rapid adoption of technology, Cybercrime Incidents have been increasing at an enormous rate. Cybercrime has several types and various targets, depending on what the offender wants to achieve. It is well-established that the prevention and confrontation of such incidents is a challenging problem since they have a highly complex nature that is constantly developing. This thesis aims to propose a Cybercrime Classification System (CCS) that automatically classifies Cybercrimes into a specific type/class. This process will help to group similar incidents together, propose appropriate counter-measures, design an effective response policy and find recurring patterns between the incidents. The CCS consists of three Components and each serves a different purpose. In order to classify Cybercrime Incidents, the Cybercrime Classification System uses a feature-based approach, which means that each incident is characterized by some specific, distinctive features. These features will determine the Cybercrime Class that the incident falls into. Machine Learning techniques, such as Data Mining, are used by the CCS for the Classification process. The results of the presented system are decent and prove that a practical and real-world system which uses the proposed approach could be developed, and it could be proven critical for mitigating Cybercrime. The CCS could be extended in order to provide more functionalities, such as automatically assess threat severity or automatically apply the respective counter-actions.