This award is funded under the American Recovery and Reinvestment Act of 2009 (Public Law 111-5).
Recent years have witnessed a dramatic change in the goals and modus operandi of malicious hackers. In particular, hackers have realized the potential monetary gains associated with Internet fraud. As a result, there has been an integration of sophisticated computer attacks with well-established fraud mechanisms devised by organized crime, which, in turn, created a vibrant underground economy. This project will develop novel techniques and tools to analyze and understand the underground economy, with the ultimate goal of obtaining a comprehensive picture of the criminal process. More precisely, the underground economy will be analyzed and modeled from three different vantage points: First, the project will identify the actors participating in the underground economy and models their different roles. Second, the project will analyze the processes and interactions between different criminal actors. Third, the project will examine the infrastructure that is used by criminals to carry out their operations.
The results of this project are techniques and tools to gather information about the infrastructure of the underground economy, the involved actors, and their interactions. This information can then be used to model the underground economy, improving the understanding of its structure and processes. Such increased understanding can be leveraged to create new techniques and processes for disrupting underground activities. As a result, the broader impact of the research project has the potential to reduce the amount and severity of crime and fraud performed on the Internet, benefiting the community at large. In addition, the tools and techniques will support cyber-crime law enforcement by enabling officers to identify malicious networks and ISPs to predict upcoming, significant attacks.