Computer Laboratory

Alice Hutchings

**********NEWS**********

I am on sabbatical this academic year.

The 8th Cambridge Cybercrime Conference will be held on 23 June 2025, in Cambridge. Registration is now open.

I am the new Department Editor (Cybercrime) for the IEEE Security & Privacy Magazine.

On 2 October 2024, TU Delft started a new online three course series on cybersecurity economics. I am co-teaching this course with Michel van Eeten (TU Delft), Daniel Woods (University of Edinburgh), Simon Parkin (TU Delft), Rolf van Wegberg (TU Delft), Tyler Moore (Tulsa Uni) and Rainer Böhme (Innsbruck Uni). The course also features content from Ross Anderson (University of Cambridge), recorded before his passing. Ross was passionate about teaching, and was deeply involved in the design of this MOOC.

The Workshop on Attackers and Cyber Crime Operations (WACCO) will be running for the 7th consecutive year in Venice on 30 June 2025, as a workshop of the European Symposium on Security and Privacy (EuroS&P).

Papers soon to be released include:

• App-solutely Modded: The rift between modded app market operators and original developers, co-authored with Luis A. Saavedra del Toro, Hridoy Sankar Dutta, and Alastair Beresford, to appear in the proceedings of the ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2025).
• Yet another diminishing spark: Low-level cyberattacks in the Israel-Gaza conflict, co-authored with Anh V. Vu and Ross Anderson, to appear in the proceedings of the Workshops of the IEEE European Symposium on Security & Privacy 2025.
• Assessing the aftermath: The effects of a global takedown against DDoS-for-hire services, co-authored with Anh V. Vu, Ben Collier, Daniel Thomas, John Kristoff, and Richard Clayton, to appear in the proceedings of USENIX Security 2025.
• Threat Me Right: A human HARMS threat model for technical systems, co-authored with Kieron Ivy Turk and Anna Talas, to appear in the proceedings of the Security Protocols Workshop 2025.
• SoK: Digging into the Digital Underworld of Stolen Data Markets, co-authored with Tina Marjanov, to appear in the proceedings of the 46th IEEE Symposium on Security and Privacy (IEEE S&P) 2025.

My most recent publications include:

• Police behaving badly in IEEE Security and Privacy 2025.
• Transparent truths: Critical friends and coordinated disclosure, co-authored with Alastair Beresford, in a Festschrift for Ross Anderson.
• What we talk about when we talk about extortion: The evolution from romanticism to ransomware (2005-2009), co-authored with Helen Oliver, in a Festschrift for Ross Anderson.
• Stop Following Me! Evaluating the malicious uses of personal item tracking devices and their anti-stalking features, co-authored with Kieron Ivy Turk, in the proceedings of the ACM European Symposium on Usable Security (EuroUSEC) 2024.
• ModZoo: A large-scale study of modded Android apps and their markets, co-authored with Luis A. Saavedra del Toro, Hridoy Sankar Dutta, and Alastair Beresford, in the proceedings of the APWG Symposium on Electronic Crime Research (eCrime) 2024.
• Love Bytes Back: Cybercrime following relationship breakdown, co-authored with Quincy Taylor and Anna Talas, in the proceedings of the APWG Symposium on Electronic Crime Research (eCrime) 2024.
• Investigating wrench attacks: Physical attacks targeting cryptocurrency users, co-authored with Marilyne Ordekian, Gilberto Atondo-Siu, and Marie Vasek, in the proceedings of Advances in Financial Technologies 2024.
• Measuring the unmeasurable: Estimating true population of hidden online communities, co-authored with Jonah Gibbon, Tina Marjanov, and John Aston, in the proceedings of the Workshops of the IEEE European Symposium on Security & Privacy 2024.
• No Easy Way Out: The effectiveness of deplatforming an extremist forum to suppress hate and harassment, co-authored with Anh V. Vu and Ross Anderson, in the proceedings of the 45th IEEE Symposium on Security and Privacy (IEEE S&P) 2024.
• Getting Bored of Cyberwar: Exploring the role of low-level cybercrime actors in the Russia-Ukraine conflict, co-authored with Anh V. Vu, Daniel Thomas, Ben Collier, Richard Clayton and Ross Anderson, in the proceedings of the ACM Web Conference 2024.
• Position Paper: The amplification of online deviancy through the language of violent crime, war, and aggression in IEEE Security and Privacy.
• Breaking the ice: Using transparency to overcome the cold start problem in an underground market, co-authored with Tina Marjanov, Konstantinos Ioannidis, Tom Hyndman and Nicolas Seyedzadeh, at the Workshop on the Economics of Information Security (WEIS) 2024.
• The science art of cybercrime community research, co-authored with Jack Hughes, Sergio Pastrana, Sadia Afroz, Sagar Samtani, Weifeng Li and Ericsson Marin, in ACM Computing Surveys.

****************************

I am Professor of Emergent Harms in the Security Group at the Computer Laboratory, University of Cambridge, and a Fellow of King's College. I am also Director of the Cambridge Cybercrime Centre, an interdisciplinary initiative combining expertise from computer science, criminology, and law. We take a data-driven approach to improve our understanding of criminal activity and develop robust identifiers and evidence of criminal behaviour. An important goal of the project is to provide data to other academics and therefore improve the quantity and quality of cybercrime research.

Prior to taking up a lectureship I was a researcher at the Computer Laboratory from January 2014 to October 2018, and a College Research Associate at St John's College, Cambridge, from 2017 to 2018. Before moving to Cambridge I was a Senior Research Analyst at the Australian Institute of Criminology from 2011 to 2013. Before entering academia I had a varied research career in local government, parliament, law, and private investigation (intellectual property). I first began researching cybercrime in the late 1990s, while working in industry (mainly relating to domain name misuse and software counterfeiting).

Diversity is important to me. I helped set up the department's LGBTQ+@CL network. I also made a list to highlight some academic researchers who do excellent cybercrime research but who I think are under-appreciated. This is not a list of women, it's a list that only has women and non-binary academic researchers on it. Just like some citation lists, editor lists, program committee membership lists, and conference agendas are not lists of (but only include) men.

Research interests

Current and previous grants include:

• Interdisciplinary Cybercrime Project (iCrime) (PI), funded by the European Research Council (ERC), 2021-2026.
• AP4L: Adaptive PETs to Protect & emPower People during Life Transitions (Co-I), funded by the Engineering and Physical Sciences Research Council (EPSRC), 2022-25.
• COVID-19 Tracking Covid Cybercrime and Abuse (Co-I), funded by the Engineering and Physical Sciences Research Council (EPSRC), 2020-22.
• CybercrimeNLP (CC-NLP): A natural language processing toolkit for the interdisciplinary analysis of underground online forums (PI), funded by the Economic and Social Research Council (ESRC), 2020-21.
• Data science approaches to understanding key actors on online hacking forums (Co-I), funded by the Alan Turing Institute, 2017-18.
• Cambridge Cybercrime Centre (Co-I), funded by the Engineering and Physical Sciences Research Council (EPSRC), 2015-20.

I am an interdisciplinary researcher. Specialising in cybercrime and online harms, I bridge the gap between criminology and computer science. Generally, my research interests include understanding offenders, cybercrime events, and the prevention and disruption of online crime and harms. Specific topics I am particularly interested in include:

• Applying natural language processing and data science approaches to better understand underground forums. The paper Characterizing Eve: Analysing cybercrime actors in a large underground forum, is the result of a collaboration funded by the Alan Turing Institute. For this project we also compared aggressive language on an online hacking forum with Wikipedia page edits.
• Developing tools to enrich and enable the use of large, messy, datasets. In particular, we have developed PostCog for researchers using our underground forum data.
• The use of crime script analysis to understand complex crime types. This methodology has been used to understand the crime commission process of airline ticketing fraud, eWhoring, the illicit online prescription drug trade, and the online stolen data market economy.
• Understanding policing approaches to complex online crimes, including evaluating their approaches to disrupt DDoS-for-hire markets, understanding complex jurisdictional issues, and comparing their responses to industry-led interventions.
• Research ethics, which are explored in the papers Ethical issues in research using datasets of illicit origin and Interviewing cybercrime offenders.
• Stolen data markets, including how actors interact and the actions they perform, how actors trust in inherently untrustworthy situations, disruption and intervention opportunities, and target selection and knowledge transmission.
• Understanding the gendered dimensions of cybercrime, including the barriers women face when engaging with the predominantly masculine online communities that are important for learning and sharing information.
• Offender pathways into (and out of) cybercrime. This was the topic of my PhD thesis (conferred in 2013), and a brief overview of my integrated theory of initiation, maintenance, and desistance has been published as a book chapter. This theoretical framework has since been applied to explore how offenders begin providing denial of service attacks for a fee (commonly known as 'booter services').

I established and maintain the Cambridge Computer Crime Database (CCCD), a database of computer crime events where the offender has been arrested, charged and/or prosecuted in the United Kingdom. Please get in touch with me if you have data for inclusion in the CCCD, or if you are an academic considering setting up a similar database in another country. Cybercrime is an international issue, and this should be reflected in the data. I'm happy to assist setting up the relevant data collection mechanisms, and to ensure similar variables are being captured for comparative purposes.

Research students

I am currently supervising the following PhD candidates:

• Kieron Ivy Turk, from October 2021.
• Anh V. Vu, from January 2022.
• Tina Marjanov, from October 2023.
• Anna Talas, from October 2023.
• Luna Rae Wang, from October 2023 (co-supervised with Andrew Caines).

My past completed PhD students are:

• Gilberto Atondo Siu: 'Automated detection of cryptocurrency investment scams at scale' (2020-2024).
• Jack Hughes: 'Computational criminology: At scale quantitative analysis of the evolution of cybercrime forums' (2019-23).

I have supervised the following MPhil research projects:

• Jack Hughes: 'An analysis of cybercrime activity within an underground gaming forum' (2018-19).
• Gilberto Atondo Siu: 'Automated NLP approaches for currency exchange analysis in underground forums' (2019-20).
• Nnaemeka Obodoekwe: 'Automatically analyzing negative interactions and relationships between members of an underground forum' (2019-20).
• Anna Talas: 'Hacker’s Paradise: Analysing music in a cybercrime forum' (2022-23).
• Jessica Man: 'An analysis of autism-related conversations on cybercrime forums' (2022-23).
• Quincy Taylor: 'Love Bytes Back: Online Risk Following Relationship Breakdown' (2023-24).

If you are interested in applying to Cambridge for a research-oriented MPhil or PhD in cybercrime or a related area please get in touch regarding your research topic of interest. More information on the two programmes, including application requirements and information on initial research proposals, can be found on the MPhil in Advanced Computer Science and PhD in Computer Science pages at the Computer Laboratory.

If you are a Cambridge computer science student interested in an undergraduate or Part III project, please contact me by email.

Teaching

I am currently teaching:

• Economics, Law and Ethics (Part IB CST 75%, Part II CST 50%), 2019-present
• R254: Cybercrime (MPhil ACS, Part III, Part II, with Ross Anderson and Richard Clayton), 2018-present
• R209: Computer Security: Principles and Foundations (MPhil ACS, Part III, with Ross Anderson, Alastair Beresford, and Robert Watson), 2019-present

Program Committees and reviewing

I am involved in organising the following conferences and workshops:

• Co-Organiser of the Cambridge Cybercrime Conference since 2016
• Co-Organiser of the Workshop on Security and Human Behavior (SHB 2020-2022)
• Co-Chair of the Program Committee for the Workshop on Attackers and Cyber-Crime Operations (WACCO), held jointly with the IEEE European Symposium on Security and Privacy 2019-2025
• Co-Chair of the Program Committee for the APWG Symposium on Electronic Crime Research (eCrime) in 2020 and 2021

I have been a Program Committee member for the following conferences and workshops:

• ACM Conference on Computer and Communications Security (CCS) 2025
• USENIX Security 2023-2025
• The Web Conference 2022 and 2025
• IEEE Symposium on Security and Privacy (Oakland 2022)
• ACM Internet Measurement Conference (IMC 2021)
• Enigma 2021-2022
• Workshop on Cybersecurity Experimentation and Test (CSET) 2020 & 2023
• International Conference on Financial Cryptography and Data Security (FC) 2020-2021
• Workshop on the Economics of Information Security (WEIS) 2020, 2023-2025
• APWG Symposium on Electronic Crime Research (eCrime) 2015-2019, 2022-2024

I am Department Editor (Cybercrime) for the IEEE Security & Privacy Magazine, and Area Editor (Cybercrime) for the Journal of Cybersecurity. I have also reviewed submissions for the following academic journals:

• American Behavioral Scientist
• British Journal of Criminology
• Communications of the ACM
• Computers & Society
• Crime & Delinquency
• Crime Science
• Crime, Law and Social Change
• Criminology
• Criminology & Criminal Justice
• Criminology & Public Policy
• Global Crime
• IEEE Security and Privacy
• International Journal of Cyber Criminology
• Journal of Contemporary Criminal Justice
• Journal of Experimental Criminology
• Journal of Qualitative Criminal Justice and Criminology
• Social Science Computer Review
• Sociological Forum

I am a member of the ESRC Peer Review College.

Committees

My committee roles include:

• Co-Chair of the Department's Ethics Committee (from 2019)
• Member of the University Research Ethics Committee (from 2023)
• Member of the Department's Equality and Diversity Committee (from 2023)

In 2015, I was elected to serve on the University Council, the principal executive and policy making body of the University of Cambridge. In this capacity I served on a number of other committees and working groups, including the Governance Review Working Group, the University Council's Business Committee, the Risk Steering Committee, and the Sports Committee. I was also co-opted as a member of the Council of the School of Technology. In October 2018, I resigned from the University Council.

While a member of the University's research staff (2014-2018), I was an elected committee member of the Postdocs of Cambridge (PdOC) Society and a member of the Computer Laboratory's Research Staff Forum.