Alice Hutchings
Overview
The Interdisciplinary Cybercrime Project (iCrime) incorporates expertise from criminology and computer science to develop and evaluate cybercrime responses. iCrime consists of four major interconnected components to research cybercrime using the offender, the crime type, the place (such as online black markets), and the response as discrete units of analysis. The project is flexible by design, enabling us to respond to new cybercrime issues as they emerge. Cybercrime offenders are innovative and change monetising techniques rapidly. Within iCrime, we are developing tools to identify and measure criminal infrastructure at scale. Difficult challenges are being tackled by using and developing unique datasets and designing novel methodologies. This is important as cybercrime changes dynamically. Our aim is to be at the forefront of new developments as they arise.
The research staff and doctoral students engaged in this interdisciplinary project integrate skills and tools from criminology and computer science. From computer science we leverage: machine learning and natural language processing (NLP) to classify massive datasets; tools to automate the detection of, and measure change in, criminal infrastructure; and technical knowledge about complex cybercrimes and how to prevent them. Criminology provides frameworks for theorising about offenders’ involvement in crime, and how crimes may be prevented, as well as methodologies to evaluate the effects of interventions designed to disrupt crime.
This project has received funding from the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme (iCrime, Grant agreement No. 949127).
Team
- Alice Hutchings (PI)
- Richard Clayton
- Hridoy Sankar Dutta
- Yanna Papadodimitraki
- Jack Hughes
- Tina Marjanov
- Gilberto Atondo-Siu
- Kieron Ivy Turk
- Anh V. Vu
- Raymond Wang
Component 1: Cybercrime offenders
The cybercrime offenders component focuses on those who commit cybercrime, an under-researched area. Relevant papers include:
- Vu, A. V., Thomas, D. R., Collier, B., Hutchings, A., Clayton, R., & Anderson, R. (2024). Getting Bored of Cyberwar: Exploring the role of low-level cybercrime actors in the Russia-Ukraine conflict. Proceedings of the ACM Web Conference, Singapore. [open access]
- Man, J, Atondo-Siu, G., & Hutchings, A. (2023). Autism disclosures and cybercrime discourse on a large underground forum. Proceedings of the APWG Symposium on Electronic Crime Research (eCrime), Barcelona. [accepted manuscript] [paywall version]
- Collier, B & Clayton, R. (2022). A "sophisticated attack"? Innovation, technical sophistication, and creativity in the cybercrime ecosystem. Workshop on the Economics of Information Security, Tulsa. [open access]
Component 2: Cybercrime types
To understand cybercrime types better, we analyse how cybercrime changes in response to externalities, as well as new and emerging aspects of cybercrime. Relevant papers include:
- Ordekian, M., Atondo-Siu, G., Hutchings, A., & Vasek, M. (2024). Investigating wrench attacks: Physical attacks targeting cryptocurrency users. Proceedings of Advances in Financial Technologies (AFT), Vienna. [open access]
- Hutchings, A. (2024). Position Paper: The amplification of online deviancy through the language of violent crime, war, and aggression. IEEE Security and Privacy, 22(2), 81-84. [accepted manuscript] [paywall version]
- Georgoulias, D., Pedersen, J. M., Hutchings, A., Falch, M., & Vasilomanolakis, E. (2023). In the market for a botnet? An in-depth analysis of botnet-related listings on darkweb marketplaces. Proceedings of the APWG Symposium on Electronic Crime Research (eCrime), Barcelona. [accepted manuscript] [payall version]
- Atondo Siu, G. & Hutchings, A. (2023). “Get a higher return on your savings!”: Comparing adverts for cryptocurrency investment scams across platforms. Proceedings of the IEEE European Symposium on Security and Privacy Workshops, Delft. [accepted manuscript] [paywall version]
- Agarwal, S., Atondo Siu, G., Ordekian, M., Hutchings, A., Mariconti, E., & Vasek, M. (2023). Short Paper: DeFi Deception - Uncovering the prevalence of rugpulls in cryptocurrency projects. Proceedings of the International Conference on Financial Cryptography and Data Security, Bol. [open access]
- Atondo Siu, G., Hutchings, A., Vasek, M., & Moore, T. (2022). "Invest in crypto!": An analysis of investment scam advertisements found in Bitcointalk. Proceedings of the APWG Symposium on Electronic Crime Research (eCrime), online. [accepted manuscript]
Component 3: Cybercrime places
The third component uses place as the unit of analysis. Cybercrime places are often, but not always, located in cyberspace. Online spaces include markets and forums where offenders communicate and trade goods and services. These places are important stepping-stones towards, and facilitators of, involvement in crime. They contain information about how to commit offences, and marketplaces for buying and selling goods and services used to commit offences.
Relevant papers include:
- Gibbon, J., Marjanov, T., Hutchings, A., & Aston, J. (2024). Measuring the Unmeasurable: Estimating true population of hidden online communities. Proceedings of the IEEE European Symposium on Security and Privacy Workshops, Vienna. [accepted manuscript] [paywall version]
- Marjanov, T., Ioannidis, K., Hyndman, T., Seyedzadeh, N., & Hutchings, A. (2024). Breaking the ice: Using transparency to overcome the cold start problem in an underground market. Workshop on the Economics of Information Security (WEIS) 2024, Dallas. [open access]
- Hughes, J., Pastrana, S, Hutchings, A., Afroz, S., Samtani, S., Li, W., & Santana Marin, E. (2024). The
ScienceArt of Cybercrime Community Research. ACM Computing Surveys, 56(6), 1-26. [open access] - Talas, A. & Hutchings, A. (2023). Hacker’s Paradise: Analysing music in a cybercrime forum. Proceedings of the APWG Symposium on Electronic Crime Research (eCrime), Barcelona. [accepted manuscript] [paywall version]
- Di Tizio, G., Atondo Siu, G., Hutchings, A., & Massacci, F. (2023). A graph-based stratified sampling methodology for the analysis of (underground) forums. IEEE Transactions on Information Forensics & Security, 18, 5473-5483. [accepted manuscript] [paywall version]
- Hughes, J. & Hutchings, A. (2023). Digital drift and the evolution of a large cybercrime forum. Proceedings of the IEEE European Symposium on Security and Privacy Workshops, Delft. [accepted manuscript] [paywall version]
- Hughes, J., Caines, A., & Hutchings, A. (2023). Argot as a trust signal: Slang, jargon & reputation on a large cybercrime forum. Workshop on the Economics of Information Security, Geneva. [open access]
- Vu, A. V., Wilson, L., Chua, Y. T., Shumailov, I., & Anderson, R. (2023). ExtremeBB: A database for large-scale research into online hate, harassment, the manosphere and extremism. ACL Workshop on Online Abuse and Harms (WOAH@ACL), 2023, Toronto. [open access]
- Pete, I., Hughes, J., Caines, A., Vu, A.V., Gupta, H., Hutchings, A., Anderson, R., & Buttery, P. (2022). POSTCOG: A tool for interdisciplinary research into underground forums at scale. Proceedings of the 7th IEEE European Symposium on Security and Privacy Workshops, Genoa. [accepted manuscript] [paywall version]
Component 4: Cybercrime responses
In the fourth component, cybercrime responses, we evaluate the effects of cybercrime responses, including those delivered by police as well as initiatives by private industry. Relevant papers include:
- Vu, A. V., Hutchings, A., & Anderson, R. (2024). No Easy Way Out: The effectiveness of deplatforming an extremist forum to suppress hate and harassment. Proceedings of the 45th IEEE Symposium on Security and Privacy (IEEE S&P), San Francisco. [open access]
- Collier, B. & Clayton, R. (2024). Peer(ing) Pressure: Achieving social action at scale in the Internet infrastructure. Workshop on the Economics of Information Security (WEIS) 2024, Dallas. [open access]
- Turk, K. I., Hutchings, A., & Beresford, A. R. (2023). Can't Keep Them Away: The failures of anti-stalking protocols in personal item tracking devices. Proceedings of the Security Protocols Workshop, Cambridge. [accepted manuscript] [paywall version]
- Turk, K. I. & Huchings, A. (2023). Click here to exit: An evaluation of quick exit buttons. Proceedings of the ACM Conference on Human Factors in Computing Systems (CHI) 2023, Hamburg. [open access]
- Bada, M, Hutchings, A., Papadodimitraki, Y., & Clayton, R. (2023). An evaluation of police interventions for cybercrime prevention. Technical Report No. 983. Cambridge: Computer Laboratory, University of Cambridge.