1 / 7

Power Laws for Cyber Crime

Power Laws for Cyber Crime. Richard Overill & Jantje Silomon Department of Informatics King’s College London. Power Laws. Characterise a multitude of processes which produce a large number of small events but a small number of large events: p(x) = C x -α log p(x) = log C - α log x

kadeem-cook
Download Presentation

Power Laws for Cyber Crime

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Power Laws for Cyber Crime Richard Overill & Jantje Silomon Department of Informatics King’s College London

  2. Power Laws • Characterise a multitude of processes which produce a large number of small events but a small number of large events: • p(x) = C x -α • log p(x) = log C - α log x • A log-log plot is a straight line with gradient -α • the exponent α characterises the power law in a phenomenological sense.

  3. Previous Work • L F Richardson (1948/60) • “fatal quarrels” • L-E Cederman (2003) • wars • A Clauset et al. (2005/7) • terrorism in G7: α = 1.7 • N F Johnson et al. (2005/6) • old wars, new wars • R Coelho et al. (2008) • low-medium UK incomes: α = 3.1 - 3.3

  4. Cyber Crime Dataset • 11 years (1997 - 2007) of US CSI (Computer Security Institute) annual average financial loss data over 12 e-crime categories. • Corrected for US$ inflation. • Cleaned to remove internal inconsistencies. • Kolmogorov-Smirnov test for divergence as x  0. • 99 data points representing 6737 incidents. • Minus-one jack-knife re-sampling provides uncertainty bounds on α.

  5. Double Power Law for Cyber Crimes

  6. Results & Conclusions • A double power regime appears to be in operation: • αL = 1.7 ± 0.1; r2L = 0.994 (over 92 points) • αR = 3.1 ± 0.3; r2R = 0.900 (over 7 points) • xX= $2.858M ± 0.350 • exponent of ~1.7 shared with incidence of terrorism in G7 nations. • exponent of ~3.1 shared with distribution of low-medium UK incomes.

  7. Conjectures • Heists below ~$2.85M are characterised by a pre-planned, opportunistic, ‘ambush’ strategy. • Heists above ~$2.85M (financial fraud and IP theft) are characterised by an economic infrastructure (Serious Organised Cybercrime) • R Overill & J Silomon, Single and Double Power Laws for Cyber Crimes, J Information Warfare 10 (3) 29 – 36 (December 2011).

More Related