Criminal profiling is a phenomenon which serves as tool in aiding law enforcement and
forensic investigators to apprehend and understand criminal offenders. The use of such a
method can be linked back to early 19th century England, where investigators attempted
to create a profile of Jack the Ripper. A criminal profile is a collection of inferences about
the qualities of the person responsible for committing a crime or a series of crimes
[BT08]. In contemporary society, the United States' Federal Bureau of Investigation (FBI)
has since modernized a model of criminal profiling that is now used internationally,
throughout multiple jurisdictions.
Integrating the arts with the sciences, criminal profiling is a process that includes analyses
of the crime scene and victims and comparing to information of similar crimes with
known offender personalities. From this, profilers are able to predict factors such as age,
sex, motivation, level of mental stability, and geographic location of the unknown
offender. In addition, investigators are also able to link a series of offences to one
offender from the modus operandi and signature of the offender indicated by physical
evidence found at the crime scenes, and the setting in which the offences were committed.
Simply put, criminal profiling is based upon the notion that the format in which offences
are committed reflect upon the personality and behavior of the offender himself.
Although criminal profiling has primarily focused on serial violent crimes such as
murders and sexual assaults, the rapid expansion of modern technology has increased
interest and emphasis on applying criminal profiling to the world of cybercrime.
Applying criminal profiling theory to the world of cybercrime certainly requires a
different approach. Numerous cybercrimes are serial in nature, in that offenders commit
multiple offences and habituate their behaviour. From this, the modus operandi and
signature can then be drawn. For example, analysis of the technical indicators of the
ˇ§digital crime sceneˇ¨ of an attack may provide insight to a computer hacker as well as
determine future intrusion activity. However, profiling research on serial computer
criminals has so far been focused on classifying the individuals so that predictive
indicators can be established. Therefore, such a call for more research on applying
criminal profiling to cyber-criminal activity exists, as it is a means of aiding law
enforcement and counter-acting the increase in computer crime-related issues that also
emerge with the advances in information technology.
Modern profiling process takes two approaches: inductive and deductive. Inductive
profiling attempts to generalize behavioral patterns from a statistical analysis on the
characteristics of previous offenders. It is based on inductive logic to narrow down and
predict who will commit these specific types of offenses. On the other hand, deductive
profiling is more evidence-based. It attempts to analyze the evidence from the case to
construct a behavioral profile of that offender. Regardless of the method used, although
the goal of criminal profiling is not solving crime on its own, it aims to provide help in
assisting law enforcement and investigators in numerous cases, and one can argue it to be
of the same when applying it to cybercrime.
Previous research conducted on applying the concept of profiling to the issue of online
crime has been limited and minimal. Even profiling itself has only mainly focused on the
subject of criminal activity. What is perhaps one of very few applications on drawing
research on criminal profiling in the digital world is the Hackerˇ¦s Profiling Project (HPP)
designed by Chiesa and Ducci in 2003 [CD09]. The HPP was more specifically designed
to apply the concept of criminal profiling to the problem of computer hackers. Consisting
of eight stages that included serving questionnaires to real-life hackers, the HPP focused
mainly on data collection in order to create a model of ˇ§hacker profilesˇ¨. Their project
also aimed to use their results to provide prevention techniques to the corporate world
where information security could be improved.
Criminal profiling has been applied in another aspect of computer crimes, that is the
insider computer attack within a company. Nykodym et al. divided insider computer
criminals by type of act into spies, saboteurs, thieves and net abusers [NT05]. They
outlined the profiles for these types of insider criminals by inductive studies. Shaw further
discussed the role of behavioral research and profiling in malicious cyber insider
investigations [SD06]. He reviewed the empirical evidence garnered from inductive
studies of insiders and suggested the use of a specific deductive profiling approach to
insider investigation. We note that our proposed research is different from these projects
as we are targeting cyber criminals in the three specific types of online crimes, Internet
piracy, auction site fraud and cyberstalking, while they focused on criminals in insider
threats.
Recently, a former police officer and criminal justice instructor [DS10] writes an article
on profiling and categorizing cybercriminals. He only outlines a profile of typical
cybercriminals and some common motivating factors. Without analyzing the different
types of cybercrime individually, such a general profile is deemed not very useful.
From the above summary of related works, we understand that applying criminal
profiling on cybercrime is an attainable approach to assisting cybercrime investigation
and analysis. However, no research has been done on profiling the three types of crimes
targeted in this project. |
