Papers, Texts and Web Sites

 

I. The Cybercrime Landscape 

Emigh, A The Crimeware Landscape: Malware, Phishing, Identity Theft and Beyond. na, http://www.ironkey.com, IronKey, Inc, Los Altos, CA, September 19, 2006.

Escudero-Pascual, A. and Hosein, A. Questioning Lawful Access to Traffic Data. Communications of the ACM, Vol. 47, No. 3, March 2004, pp. 77-82.

Leyden, J .East European Gangs in Online Protetion Racket, http://www.theregister.co.uk/209/11/12/east_european_gangs_in_online/

Poulsen, K. FBI Busts Alleged DDoS Mafia, http://www.securityfocus.com/news/9411

 

II. Phishing and Spoofing 

 

Emigh, A. Online Identity Theft: Phishing Technology, Chokepoints and Countermeasures. na, ITTC Report on Online Identity Theft, Radix Labs, October 3, 2005

 

Dinev, T. Why Spoofing Is Serious Internet Fraud. Communications of the ACM, Vol. 49, No. 10, October 2006, pp. 77-82.

Keila, P.S. and Skillicorn, D.B. Detecting Unusual and Deceptive Communiation in Email. School of Computing, Queens University, Kingston, Ontario, Canada, AL, June 2005.

 

III. SPAM, Adware, Spyware

 

Metsis V., Androutsopoulos, I. and Paliouras, G. Spam Filtering with Naive Bayes - Which Naive Bayes?. CEAS 2006 - Third Conference on Email and Anti-SPAM, July 27-28, CA, July 27-28, 2006, pp. na.

Federal Trade Commision The CAN-SPAM Act: Requirements for Commercial Emailers, http://www.ftc.gov/bcp/conline/pubs/buspubs/canspam.htm.

Grimes, G. Compliance With the Can-SPAM Act of 2003. Communications of the ACM, Vol. 50, No. 2, February 2007, pp. 56-62.

Hui, Kai-Lung, Hann, Il-Horn, Lai Yee-Lin, Lee, S.Y.T. and Png I.P.L Who Gets Spammed. Communications of the ACM, Vol. 49, No. 10, October 2006, pp. 83-87.

http://www.ftc.gov/spam/

 

 

 

IV. Privacy, Identity Theft and Identity fraud 

Angell, I. and Keitzmann J. RFID and the End of Cash. Communications of the ACM, Vol. 49, No. 12, December 2006, pp. 91-96.

Bayardo, R.J. and Ramakrishnan, S. Technological Solutions for Protecting Privacy. Computer, Vol. 36, No. 9, September 2003, pp. 115-118.

Millberg, S.J., Burke, S.J., Smith, H.J and Smith, H.J Values, Personal Information, Pivacy and Regulatory Approaches. Communications of the ACM, Vol. 38, No. 12, December 1995, pp. 65-74.

Solove, D. and Hoofnagle, C.J. A Model Regime of Privacy Protection. University of Illinois Law Review, Vol. 2006, February 2, 2006, pp. 357-404.

Department of Homeland Security DHS-SRI International Identity Theft Technology Council (ITTC). http://www.cyber.st.dhs.gov/ittc.html

Heft, Miguel, Google Adds a Safeguard on Privacy for Searchers. The New York Times,  March 15, 2007.

Bhati, R. and Gahfor, A.  An Integrated Approach to Federated Identity and Privilege Management in Open Systems. Communications of the ACM, Vol. 50, No. 2, pp. 81-87.

Sackmann, S., Struker, J. and Accorsi, R. Personalization in Privacy-AWARE Highly Dynamic Systems. Communications of the ACM, Vol. 49, No. 9, September 2006, pp. 32-38.

 

 

V. Cybercrime Infrastructures and Exploits 

Bellovin, S. Virtual Machines, Virtual Security? Communications of the ACM, Vol. 49, No. 10, October 2006, pp. p. 104.

Chen, T.M. and Robert J. Worm epidemics in High-Speed Networks. Computer, Vol. 37, No. 6, June 2004, pp. 48-53.

The Honeynet Project and Research Alliance. Know your enemy: Tracking Botnets - Using Honeynets to Learn More about Bots. The Honeynet Project, http://project.honeynet.org/papers/kye.htm. Visited March 14, 2005.

Li, W., Wang, K. and Stolfo, S. Fileprints: Identifying File Types by n-gram Analysis, http://www.itoc.usma.edu/workshop/2005/Papers/Follow%20ups/FilePrintPresentation-final.pdf.

Rutkowska, J. Introducing Stealth Malware Taxonomy v1.01. na, http://invisiblethings.org/papers/malware-taxonomy, COSEINC Advanced Malware Labs, Moscow, Russia, November 2006.

Theriault, K., Vukelich, D, Farrel, W., Kong, D. and Lowry, J., Network Traffic Analysis Using Behavior Based Clustering. BBN Technologies, February 28, 2007.

Wang, K. and Stolfo, S. Anomalous Payload-based Network Intrusion Detection.  Computer Science Department, Columbia University, New York, NY.

 

VI. Privitization of Cybercrime Detection and Enforcement

 

Id Analytics. US Identity Fraud Rates by Geography. I.D. Analytics Inc., San Diego, CA, February 2007.

Mena, Jesus Homeland Security: Techniques and Technologies. Charles River Media, Inc., Hingham, MA, 2004.

 

General Background Information and Resources Relevant to Multiple Topics

 

Bradford, R. G. Relationship Discovery in Large Text Collections Using Latent Semantic Indexing. 2006 SIAM Conference on Data Mining, Workshop on Link Analysis, Counterterrorism and Security, Philadelphia, PA, April 22, 2006.

Deerwester, S., Dumais, S. and Harshman, R. Indexing by Latent Semantic Analysis. na, Bell Communications Research, Morristown, NJ, 1990. Available at http://lsi.argreenhouse.com/lsi/papers/JASIS90.pdf

Domingos, P. and Pazzani, M. On the Optimality of the Simple Bayesian Classifier under Zero-one Loss. Machine Learning, Vol. 29, 1997, pp. 103-130.

Drineas, P., Frieze, A., Kannan, R., Vempala, S. and Vinay, V. Clustering Large Graphs via the Singular Value Decomposition. Machine Learning, Vol. 56, 2004, pp. 9-33.

Golden, R.G. and Roussev, V. Next-Generation Digitial Forensics. Communications of the ACM, Vol. 49, No. 2, February 2006, pp. 76-80.

Ghosh, J, Lambert, D, Skillicorn, D. and Srivastava, J Proceedings on the Sixth SIAM International Conference on Data Mining. Comments on Talks Attended, Bethesda, MD, April 2006, pp. 1-643.

Jewkes, Yvonne, ed. Crime Online. Willan Publishing, Inc., Cullompton, Devon, UK, UK, 2007.

Kanellis, P., Kiountouzis, E., Kolokotronis, N. and Martakos, D. Digital Crime and Forensic Science. Idea Group Publishing, London, 2006.

Lee, W., Stolfo, S.J. and Mok, W. A Data Mining Framework for Building Intrusion Detection Models. Proceedings of the 7th USENIX Security Symposium, San Antonio, TX, May 1999, pp. 120-132.

Li, W., Wang, K., Stolfo, S. and Herzog, B. Fileprints: Identifying File Types by n-gram Analysis. Proceedings of the 2005 IEEE Worksihp on Information Assurance, West Point, NY, June 2005, pp. pp. 1-8.

Lipson, H.F. Tracking and Tracing Cyber-Attacks: Technical Challenges and Global Policy Issues. Cert Coordination Center, Carnegie Mellon University, Pittsburgh, PA, November 2002.

Li, W., Wang, K. and Stolfo, S. Fileprints: Identifying File Types by n-gram Analysis, http://www.itoc.usma.edu/workshop/2005/Papers/Follow%20ups/FilePrintPresentation-final.pdf.

Mena, Jesus Homeland Security: Techniques and Technologies. Charles River Media, Inc., Hingham, MA, 2004.

Office of Inspector General Survey of DHS Datamining Activities. OIG-06-56, Office of Information Technology, Department of Homeland Security, Washington, D.C., August 2006.

Skillicorn, D.,B. Applying Decompositions to Counterterrorism. ISSN --0836-0227-2004=484, Dept. of Computing Information Science, Queens University, Kingston, Ontario, Canada, May 19, 2004

U.S. Department of Justice Computer Crime and Intellectual Property Section, http://www.cybercrime.gov/

United States Code, Title 18, Section 1030. http://www.usdoj.gov/criminal/cybercrime/1030_new.html.

Wang, G., Chen, H. and Atabakhsh, H. Automatically detecting deceptive criminal identities. Communications of the ACM, Vol. 47, No. 3, Mar. 2004, pp. 70-76.

Wikipedia Naive Bayes Classifier, http://en.wikipedia.org/wiki/Naive_Bayes_classifier.

Xu, Jenifer and Chen, Hsinchun Using Shortest Path Algorithms to Identify Criminal Associations. na, Dept. of Managment Information Systems, University of Arizona, Tuscon, AZ, 2002

Zeller, T. and Leland, J. Technology and Easy Credit Give Identity Thieves an Edge. New York Times, May 30, 2006.

Zhang, Z., Salerno, J. and Yu, P. Applying Datamining in Investigating Money Laundering Crimes. Proceedings of the Ninth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, New York, NY, 2003, pp. 747-752.

V. Websites

 

Federal Trade Commision, http://www.ftc.gov/spam/

The Register, http://www.theregister.co.uk

Security Focus, http://www.securityfocus.com/news/9411

 

U.S. Department of Justice, Computer Crime and Intellectual Property Section, www.cybercrime.gov

 

 

.