An Explanatory Model of Motivation for Cyber-Attacks Drawn from Criminological Theories

dc.contributor.advisorModarres, Mohammaden_US
dc.contributor.advisorMosleh, Alien_US
dc.contributor.authorMandelcorn, Seymour Mordechaien_US
dc.contributor.departmentMechanical Engineeringen_US
dc.contributor.publisherDigital Repository at the University of Marylanden_US
dc.contributor.publisherUniversity of Maryland (College Park, Md.)en_US
dc.date.accessioned2013-07-04T05:31:17Z
dc.date.available2013-07-04T05:31:17Z
dc.date.issued2013en_US
dc.description.abstractA new influence model for Cyber Security is presented that deals with security attacks and implementation of security measures from an attacker's perspective. The underlying hypothesis of this model is that Criminological theories of Rational Choice, Desire for Control, and Low Self-Control are relevant to cybercrime and thereby aid in the understanding its basic Motivation. The model includes the roles of Consequences, Moral Beliefs such as Shame and Embarrassment together with Formal Sanctions in deterring cybercrime, as well as role of Defense Posture to limit the Opportunity to attack and increase the likelihood that an attacker will be detected and exposed. One of the motivations of the study was the observation that few attempts have been made to understand cybercrime, in the context of typical crime because: (a) an attacker may consider his actions as victimless due to remoteness of the victim; (b) ease to commit cybercrimes due to opportunities afforded by the Internet and its accessibility, and readily available tools and knowledge for an attack; and (c) vagueness of cybercrime laws that makes prosecution difficult. In developing the model, information from studies in classical crime was related to Cybercrime allowing for analysis of past cyber-attacks, and subsequently preventing future IS attacks, or mitigating their effects. The influence model's applicability is demonstrated by applying it to case studies of actual information attacks which were prosecuted through the United States Courts, and whose judges' opinions are used for statements of facts. Additional, demonstration of the use and face validity of the model is through the mapping of the model to major annual surveys' and reports' results of computer crime. The model is useful in qualitatively explaining "best practices" in protecting information assets and in suggesting emphasis on security practices based on similar results in general criminology.en_US
dc.identifier.urihttp://hdl.handle.net/1903/14266
dc.subject.pqcontrolledComputer scienceen_US
dc.subject.pqcontrolledCriminologyen_US
dc.subject.pquncontrolledconsequencesen_US
dc.subject.pquncontrolledcybercrimeen_US
dc.subject.pquncontrolledcyber securityen_US
dc.subject.pquncontrolledmotivationen_US
dc.subject.pquncontrolledopportunityen_US
dc.subject.pquncontrolledrational choiceen_US
dc.titleAn Explanatory Model of Motivation for Cyber-Attacks Drawn from Criminological Theoriesen_US
dc.typeDissertationen_US

Files

Original bundle

Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
Mandelcorn_umd_0117E_14032.pdf
Size:
1.89 MB
Format:
Adobe Portable Document Format