Building Adaptive Defense Against Cybercrimes Using Real Time Data Mining

Hewes, J. A. (2016). Threat and Challenges of Cyber-Crime and the Response. SAM Advanced Management Journal (07497075), 81(2), 4-10.

Cyber security is a major concern for every department, business, and citizen of the United States because technology impacts every aspect of our daily lives. The more we use technology the more complacent, we get with the information that is stored within our cyber networks. The more complacent, we get, the more vulnerable we become to cyber-attacks because we fail to update the mechanisms that safeguard our information. Breaches to security networks are detrimental to personal, economic, and national security information. Many countries, like Russia, China, Israel, France, and the United Kingdom, now have the abilities and technology to launch cyber-attacks on the United States. In the last five years there have been several attacks on cyber systems to gain access to information maintained by major businesses and the United States Government. Cyber-attacks cause serious harm to the United States’ economy, community, and the safety, so we need to build stronger cyber security mechanisms. Based on my theoretical analysis, I recommend the following:

In the United States, local, state, and federal law enforcement agencies, including FBI, Department of Homeland Security, among others, have taken on roles to fight computer crimes and terrorism. The roles and responses of these law enforcement agencies concerning digital crime have created challenges that limit enforcement efforts against digital crime.

Since the onset of the first packet switching event that many believe to be beginning of the internet, no other technology besides the printing press has ever transformed the ability to deliver information. Although the internet is used by a large percentage of the civilized world, few Americans realize how vital cyberspace is to our national infrastructure. Today, we are faced with even more threats although it has been a recognized problem since 2009, when President Barrack Obama said “The cyber threat is one of the most serious economic and national security challenges we face as a nation. It’s also clear that we’re not as prepared as we should be, as a government or as a country (Obama, 2009).” Every industry that operates in the United States is dependent on the internet for some aspect of their business. Commerce, transportation, financial institutions, military, as well as industrial control systems are all interconnected. This interconnectedness has created vulnerabilities within their infrastructure that have increasingly become targets of terrorists, script kiddies, foreign governments and hackers of all types.

By the year of 2016, investments in online security are expected to reach $86bn (Contu et al, 2012). Although this might seem a large sum of money, it is considered necessary since there is an increase in online risks from all over the world. Professional hackers develop malware on a global scale and on a 24/7 basis. Hackers have five objectives when spreading malware over the Internet: to infect/distribute, to steal, to persist, to control and for intelligence (Morris, 2010).

(Perez 2013): The biggest threat of such type is the threat from the insiders and they keep seeking for the right opportunity to commit their cyber crime in order to achieve their illegitimate objectives. Therefore identification of threat becomes another crucial segment needs to be monitored and

With the widespread use of technology becoming more prominent, acts of cyber terrorism pose an increased threat to safety. Cyber terrorists exploit the internet and its users to commit acts that can be increasingly detrimental to their targets. Some of the terrorist activities include large scale corruption of computer networks by using tools like computer viruses. Certain individuals even have the ability of creating severe damage to government systems, national security systems and even hospital servers. Most of the technology made today only has intentions of making life easier for people. However, skilled users can manipulate the cyber world for negative intentions. Staying informed when it comes to cyber terrorism and cybercrime is important to do because of the increased reliance on technology in society. Steps to improve cyber security before an attack ensures the safety of sensitive information. The topic of cyber security and cyber warfare are interesting topics to keep up to date with. Understanding these topics can be beneficial to my dream of being in the FBI, ensuring the safety of others by working to prevent acts of cyberterrorism.

Cybercrime has become a fast growing concern for the 21st century as businesses, institutions and individuals grow into an interconnected web of computer networks. Online business transactions, along with the sharing of personal information, are vulnerable to a host of disasters that can reap economic and social havoc. Some sources say that today, cybercrime costs more than $1.0 trillion to society--Global Industry Analysts, Inc. forecasted the world cyber security market to reach $80 billion by 2017 (Gale, 2011).

Law Enforcement have always been tasked with having to evolve with the trends in crime throughout history. Unfortunately for Law Enforcement, they are always on the back end of that and are often behind for months before being able to counteract. Cyber crimes are no different. Cyber Crimes are a new and always developing form of crime that bases its entire agenda from taking advantage of its victims over the internet. Law Enforcement 's job is to assess and work to stop these crimes but it 's not that easy. These cyber crimes are heavily in the favor of the criminals and the lack of assistance to Law Enforcement makes it harder for them. The scams are always changing and the costs are adding up as Law Enforcement takes on Cyber crimes.

Since 2010 there have been over 13 major cyber attacks in the US, the FBI categorizes the severity of the attack based on what could possibly be at stake such as information on US citizens or hijacking of critical information . Cyber attacks are classified as crimes committed with the aid of a computer. Cyber crimes are considered felonies, however most people who commit the crimes can usually not be found. Recently there has been an uprising in cyber crimes, in the year 2017 alone 9 minor incidents have occured (minor attacks can consist of malware and internet “trolling” which is a form of cyberbullying) and 4 major crimes have been committed. Most crimes consist of identity theft, robbery, and hijacking private information. Recently programmers have been able to build security systems that can detect a threat almost immediately. With a growing expansion of technology protecting information gets harder day by day. Cyber security is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access.

Network traffic visualization method designed by Mazurczyk (2012) focuses on network anomaly detection principles. Mazurczyk’s main purpose of doing his research was to detect anomalies in network traffic flow, that can cause malicious actions that could compromise network security. Typical anomaly detection methods instituted across networks focus on discovering illegal activities orchestrated by probable attackers (Mazurczyk, et al., 2012). Current security devices lack the effectiveness needed in today’s immense traffic volumes that need current real-time

Now a day’s internet based services faced a problem of cyber threats and attack. The cyber-attack performs illegal activity over computer and network. The cyber-attack damage of computer software and meaningful information over the internet communication. For the detection and prevention of cyber-attack various approach are used such as system level approach and

Our capstone project team is working on Prescriptive Analytics for Cyber Security. The project mainly consists of two parts – building a predictive anomaly detection algorithm that detects suspicious cyber anomalies based on multiple cyber datasets, and implementing a prescriptive model which optimizes the output from anomaly detection and recommend the best course of action. We have been closely working with Mr. Eric Chasin from Innvo Solutions LLC, and Prof. Anil Aswani from IEOR department, to together achieve our goal of creating an integrated system or model that would automatically detect and prescribe actions for cyber anomalies.

There are many risks in using the internet irrespective of its popularity. These risks are network attack, and attack method which vary every day. This research is aim to compare decision tree method for intrusion detection. As intrusion detection is one of the major research problem in network security. Tradition intrusion detection system contain a number of problems, such as low performance, high false negative rate, low intelligent level. In this research work we compared effectiveness of decision tree method in Intrusion Detection System. We also compare the detection rate, false alarm rate for different types of attack.

Governments, organizations and companies co-operate to secure cyber space. In fact, the prevention of cyber criminal activities is the most critical aspect in the fight against cyber crime. It’s mainly based on the concepts of awareness and information sharing. A proper security posture is the best defence against cyber crime (Paganini, Perluigi, 2014)