Human and Technical Drivers of Cybercrime

A special issue of Forensic Sciences (ISSN 2673-6756).

Deadline for manuscript submissions: 30 June 2025 | Viewed by 28596

Special Issue Editor


E-Mail Website
Guest Editor
Forensic Cyberpsychology, University of East London, London E16 2RD, UK
Interests: developing the science of cyber criminology; technology or digital forensic aspects of crime; forensic cyberpsychology; study of criminal; deviant and abnormal behaviour online

Special Issue Information

Dear Colleagues,

Cybercriminality is escalating, evolving and taking on new forms. A sophisticated or carefully planned operation is no longer necessary to break into IT systems. The hacking tools and malware available on the dark web have lowered the barrier to entry into cybercrime, making it possible for amateur and unsophisticated cybercriminals to cause enormous damage. Offender convergence settings have moved to the darker parts of cyberspace, further complicating law enforcement operations. At the same time, the rise of the Internet of Things (IoT)—and soon, a predicted trillion connected devices—is vastly expanding the attack surface of the global digital infrastructure. The economic costs of cybercrime are high, and arguably, the social costs are even higher. Paradoxically, younger generations of users are digitally knowledgeable but can be complacent about cybersecurity. Youth frequently engage in risk-taking and harmful behaviours online and are, therefore, at risk of being drawn into cybercriminality. Thus, in our collective effort to combat cybercrime, we urgently need to understand the technical and human drivers of cybercrime, especially as they impel young people.

Prof. Dr. Mary Aiken
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Forensic Sciences is an international peer-reviewed open access quarterly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1000 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Benefits of Publishing in a Special Issue

  • Ease of navigation: Grouping papers by topic helps scholars navigate broad scope journals more efficiently.
  • Greater discoverability: Special Issues support the reach and impact of scientific research. Articles in Special Issues are more discoverable and cited more frequently.
  • Expansion of research network: Special Issues facilitate connections among authors, fostering scientific collaborations.
  • External promotion: Articles in Special Issues are often promoted through the journal's social media, increasing their visibility.
  • e-Book format: Special Issues with more than 10 articles can be published as dedicated e-books, ensuring wide and rapid dissemination.

Further information on MDPI's Special Issue polices can be found here.

Published Papers (6 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Jump to: Review, Other

42 pages, 9567 KiB  
Article
An Interdisciplinary Approach to Enhancing Cyber Threat Prediction Utilizing Forensic Cyberpsychology and Digital Forensics
by Marshall S. Rich and Mary P. Aiken
Forensic Sci. 2024, 4(1), 110-151; https://doi.org/10.3390/forensicsci4010008 - 4 Mar 2024
Viewed by 3599
Abstract
The Cyber Forensics Behavioral Analysis (CFBA) model merges Cyber Behavioral Sciences and Digital Forensics to improve the prediction and effectiveness of cyber threats from Autonomous System Numbers (ASNs). Traditional cybersecurity strategies, focused mainly on technical aspects, must be revised for the complex cyber [...] Read more.
The Cyber Forensics Behavioral Analysis (CFBA) model merges Cyber Behavioral Sciences and Digital Forensics to improve the prediction and effectiveness of cyber threats from Autonomous System Numbers (ASNs). Traditional cybersecurity strategies, focused mainly on technical aspects, must be revised for the complex cyber threat landscape. This research proposes an approach combining technical expertise with cybercriminal behavior insights. The study utilizes a mixed-methods approach and integrates various disciplines, including digital forensics, cybersecurity, computer science, and forensic psychology. Central to the model are four key concepts: forensic cyberpsychology, digital forensics, predictive modeling, and the Cyber Behavioral Analysis Metric (CBAM) and Score (CBS) for evaluating ASNs. The CFBA model addresses initial challenges in traditional cyber defense methods and emphasizes the need for an interdisciplinary, comprehensive approach. This research offers practical tools and frameworks for accurately predicting cyber threats, advocating for ongoing collaboration in the ever-evolving field of cybersecurity. Full article
(This article belongs to the Special Issue Human and Technical Drivers of Cybercrime)
Show Figures

Figure 1

18 pages, 564 KiB  
Article
Intention to Hack? Applying the Theory of Planned Behaviour to Youth Criminal Hacking
by Mary P. Aiken, Julia C. Davidson, Michel Walrave, Koen S. Ponnet, Kirsty Phillips and Ruby R. Farr
Forensic Sci. 2024, 4(1), 24-41; https://doi.org/10.3390/forensicsci4010003 - 30 Jan 2024
Cited by 1 | Viewed by 3165
Abstract
Adolescents are currently the most digitally connected generation in history. There is an ever-growing need to understand how typical adolescent risk-taking intersects with the vastly criminogenic potential of digital technology. Criminal hacking in older adolescents (16–19-year-olds) was assessed using an adapted Theory of [...] Read more.
Adolescents are currently the most digitally connected generation in history. There is an ever-growing need to understand how typical adolescent risk-taking intersects with the vastly criminogenic potential of digital technology. Criminal hacking in older adolescents (16–19-year-olds) was assessed using an adapted Theory of Planned Behaviour (TPB) model, a cohesive theoretical framework that incorporates cognitive processes and human drivers (informed by psychology, cyberpsychology, and criminology theory). In 2021, a large-scale anonymous online survey was conducted across nine European countries. Criminal hacking was assessed using data from 3985 participants (M = 1895, 47.55%; F = 1968, 49.39%). This study formulated a powerful predictive model of youth hacking intention (accounting for 38.8% of the variance) and behaviour (accounting for 33.6% of the variance). A significant minority, approximately one in six (16.34%), were found to have engaged in hacking, and approximately 2% reported engaging in hacking often or very often. Increased age, being male, and offline deviant behaviour were significant predictors of hacking behaviour. In line with the TPB, intention was the strongest individual predictor of hacking behaviour, which in turn was significantly predicted by cognitive processes accounted for by TPB constructs: subjective norms of family and peers, attitudes towards hacking, and perceived behavioural control. These TPB constructs were found to be significantly associated with human factors of risk-taking, toxic online disinhibition, offline deviant behaviour, and demographic variables of age and gender. Implications for future research, interventions, policy, and practice are discussed. Full article
(This article belongs to the Special Issue Human and Technical Drivers of Cybercrime)
Show Figures

Figure 1

32 pages, 353 KiB  
Article
Enhancing Microsoft 365 Security: Integrating Digital Forensics Analysis to Detect and Mitigate Adversarial Behavior Patterns
by Marshall S. Rich
Forensic Sci. 2023, 3(3), 394-425; https://doi.org/10.3390/forensicsci3030030 - 19 Jul 2023
Cited by 1 | Viewed by 2767
Abstract
This research article investigates the effectiveness of digital forensics analysis (DFA) techniques in identifying patterns and trends in malicious failed login attempts linked to public data breaches or compromised email addresses in Microsoft 365 (M365) environments. Pattern recognition techniques are employed to analyze [...] Read more.
This research article investigates the effectiveness of digital forensics analysis (DFA) techniques in identifying patterns and trends in malicious failed login attempts linked to public data breaches or compromised email addresses in Microsoft 365 (M365) environments. Pattern recognition techniques are employed to analyze security logs, revealing insights into negative behavior patterns. The findings contribute to the literature on digital forensics, opposing behavior patterns, and cloud-based cybersecurity. Practical implications include the development of targeted defense strategies and the prioritization of prevalent threats. Future research should expand the scope to other cloud services and platforms, capture evolving trends through more prolonged and extended analysis periods, and assess the effectiveness of specific mitigation strategies for identified tactics, techniques, and procedures (TTPs). Full article
(This article belongs to the Special Issue Human and Technical Drivers of Cybercrime)

Review

Jump to: Research, Other

89 pages, 16650 KiB  
Review
Video and Audio Deepfake Datasets and Open Issues in Deepfake Technology: Being Ahead of the Curve
by Zahid Akhtar, Thanvi Lahari Pendyala and Virinchi Sai Athmakuri
Forensic Sci. 2024, 4(3), 289-377; https://doi.org/10.3390/forensicsci4030021 - 13 Jul 2024
Cited by 1 | Viewed by 3556
Abstract
The revolutionary breakthroughs in Machine Learning (ML) and Artificial Intelligence (AI) are extensively being harnessed across a diverse range of domains, e.g., forensic science, healthcare, virtual assistants, cybersecurity, and robotics. On the flip side, they can also be exploited for negative purposes, like [...] Read more.
The revolutionary breakthroughs in Machine Learning (ML) and Artificial Intelligence (AI) are extensively being harnessed across a diverse range of domains, e.g., forensic science, healthcare, virtual assistants, cybersecurity, and robotics. On the flip side, they can also be exploited for negative purposes, like producing authentic-looking fake news that propagates misinformation and diminishes public trust. Deepfakes pertain to audio or visual multimedia contents that have been artificially synthesized or digitally modified through the application of deep neural networks. Deepfakes can be employed for benign purposes (e.g., refinement of face pictures for optimal magazine cover quality) or malicious intentions (e.g., superimposing faces onto explicit image/video to harm individuals producing fake audio recordings of public figures making inflammatory statements to damage their reputation). With mobile devices and user-friendly audio and visual editing tools at hand, even non-experts can effortlessly craft intricate deepfakes and digitally altered audio and facial features. This presents challenges to contemporary computer forensic tools and human examiners, including common individuals and digital forensic investigators. There is a perpetual battle between attackers armed with deepfake generators and defenders utilizing deepfake detectors. This paper first comprehensively reviews existing image, video, and audio deepfake databases with the aim of propelling next-generation deepfake detectors for enhanced accuracy, generalization, robustness, and explainability. Then, the paper delves deeply into open challenges and potential avenues for research in the audio and video deepfake generation and mitigation field. The aspiration for this article is to complement prior studies and assist newcomers, researchers, engineers, and practitioners in gaining a deeper understanding and in the development of innovative deepfake technologies. Full article
(This article belongs to the Special Issue Human and Technical Drivers of Cybercrime)
Show Figures

Figure 1

Other

Jump to: Research, Review

12 pages, 1742 KiB  
Technical Note
Instrumenting OpenCTI with a Capability for Attack Attribution Support
by Sami Ruohonen, Alexey Kirichenko, Dmitriy Komashinskiy and Mariam Pogosova
Forensic Sci. 2024, 4(1), 12-23; https://doi.org/10.3390/forensicsci4010002 - 23 Jan 2024
Viewed by 3024
Abstract
In addition to identifying and prosecuting cyber attackers, attack attribution activities can provide valuable information for guiding defenders’ security procedures and supporting incident response and remediation. However, the technical analysis involved in cyberattack attribution requires skills, experience, access to up-to-date Cyber Threat Intelligence, [...] Read more.
In addition to identifying and prosecuting cyber attackers, attack attribution activities can provide valuable information for guiding defenders’ security procedures and supporting incident response and remediation. However, the technical analysis involved in cyberattack attribution requires skills, experience, access to up-to-date Cyber Threat Intelligence, and significant investigator effort. Attribution results are not always reliable, and skillful attackers often work hard to hide or remove the traces of their operations and to mislead or confuse investigators. In this article, we translate the technical attack attribution problem to the supervised machine learning domain and present a tool designed to support technical attack attribution, implemented as a machine learning model extending the OpenCTI platform. We also discuss the tool’s performance in the investigation of recent cyberattacks, which shows its potential in increasing the effectiveness and efficiency of attribution operations. Full article
(This article belongs to the Special Issue Human and Technical Drivers of Cybercrime)
Show Figures

Figure 1

26 pages, 1410 KiB  
Systematic Review
A Comprehensive Framework for Cyber Behavioral Analysis Based on a Systematic Review of Cyber Profiling Literature
by Melissa Martineau, Elena Spiridon and Mary Aiken
Forensic Sci. 2023, 3(3), 452-477; https://doi.org/10.3390/forensicsci3030032 - 22 Jul 2023
Cited by 5 | Viewed by 10579
Abstract
Cybercrime presents a significant threat to global society. With the number of cybercrimes increasing year after year and the financial losses escalating, law enforcement must advance its capacity to identify cybercriminals, collect probative evidence, and bring cybercriminals before the courts. Arguably to date, [...] Read more.
Cybercrime presents a significant threat to global society. With the number of cybercrimes increasing year after year and the financial losses escalating, law enforcement must advance its capacity to identify cybercriminals, collect probative evidence, and bring cybercriminals before the courts. Arguably to date, the approach to combatting cybercrime has been technologically centric (e.g., anti-virus, anti-spyware). Cybercrimes, however, are the result of human activities based on human motives. It is, therefore, important that any comprehensive law enforcement strategy for combatting cybercrime includes a deeper understanding of the hackers that sit behind the keyboards. The purpose of this systematic review was to examine the state of the literature relating to the application of a human-centric investigative tool (i.e., profiling) to cybercrime by conducting a qualitative meta-synthesis. Adhering to the PRISMA 2020 guidelines, this systematic review focuses specifically on cybercrime where a computer is the target (e.g., hacking, DDoS, distribution of malware). Using a comprehensive search strategy, this review used the following search terms: “cybercrime”, “computer crime”, “internet crime”, “cybercriminal”, “hacker”, “black hat”, “profiling”, “criminal profiling”, “psychological profiling”, “offender profiling”, “criminal investigative analysis”, “behavioral profiling”, “behavioral analysis”, “personality profiling”, “investigative psychology”, and “behavioral evidence analysis” in all combinations to identify the relevant literature in the ACM Digital Library, EBSCOhost databases, IEEE Xplore, ProQuest, Scopus, PsychInfo, and Google Scholar. After applying the inclusion/exclusion criteria, a total of 72 articles were included in the review. This article utilizes a systematic review of the current literature on cyber profiling as a foundation for the development of a comprehensive framework for applying profiling techniques to cybercrime—described as cyber behavioral analysis (CBA). Despite decades of research, our understanding of cybercriminals remains limited. A lack of dedicated researchers, the paucity of research regarding human behavior mediated by technology, and limited access to datasets have hindered progress. The aim of this article was to advance the knowledge base in cyber behavioral sciences, and in doing so, inform future empirical research relating to the traits and characteristics of cybercriminals along with the application of profiling techniques and methodologies to cybercrime. Full article
(This article belongs to the Special Issue Human and Technical Drivers of Cybercrime)
Show Figures

Figure 1

Back to TopTop