Maimon Publishes Research Findings on Hacker Behavior

Maimon Publishes Research Findings on Hacker Behavior

A data breach at a major institution or business can cost millions of dollars—the average cost of a single data breach for an American organization in 2014 was $5.8 million and has only grown.  

So while organizations work to prevent themselves from becoming targets, researchers are working to understand how hackers operate—both from a technical and psychological standpoint.

David Maimon, an assistant professor of criminology and criminal justice with an appointment in the Maryland Cybersecurity Center (MC2), explores the need for comprehensive studies that examine hackers’ behavior in addition to their physical cybercrime methods.

Maimon recently co-authored a paper, “On the Relevance of Spatial and Temporal Dimensions in Assessing Computer Susceptibility to System Trespassing Incidents,” (link is external) that looked at online criminal behavior from a variety of viewpoints: mainly, geographical location of network users and their daily online routines with the network.

The paper was published in the British Journal of Criminology and featured researchers from UMD, Zhejiang Gongshang University in China, and Hebrew University in Israel.

The research team noted that extensive research is already being done to study the tools and methods hackers employ in their attempts to infiltrate organizational computers. However, only a few previous criminological initiatives have explored the opposite end of the spectrum—the way network users expose their systems. 

The researchers conducted a study to examine the relationship between the daily online routines and location of network users, and the daily trends and geographical origins of hackers’ successful attempts to guess their targets’ login passwords. The researchers also looked at initial system trespassing incidents.

To test their theories, they set up “honeypots,” which are cybertraps set to detect and analyze unauthorized use of information systems, on the computer networks of two academic institutions in China and Israel.

Their findings showed that attacks on the Chinese honeypots were more likely to originate in South Asia, while attacks on the Israeli honeypots were more likely to be from Europe and the U.S.

“The notion in the cyber world is that hackers can reach you from any place and hack your computer, but in reality we see that they are more likely to launch a break-in attempt and a system trespassing event from computers that are closer to their targets,” Maimon says. “They are doing this in order to improve connectivity with the attacked system. So in contrast to the common notion that suggests that your computer can be hacked from anywhere around the globe, we find that they are more likely to get attacks from nearby geographical locations.”

They also discovered that hackers are more likely to break into honeypots during the academic institution’s business hours.

“We show that victims’ daily routines play a very important role in determining the timing of a break-in attempt to the system,” Maimon says. “The reason for that is that since attackers are trying many combinations of passwords when breaking in to the system, they need to make sure the system operates for a long period of time, and the victims’ system is more likely to be on from 9 a.m. – 5 p.m.”

The researchers say their findings emphasize the need for rethinking the research methods cyber criminologists typically use to study computer users’ and computer networks’ vulnerabilities to attacks.

Source: Melissa Brachfeld, University of Maryland Institute for Advanced Computer Studies

January 20, 2015


Prev   Next

Current Headlines

Gamma-ray Burst Captured in Unprecedented Detail

New UMD Research Tracks Global IT’s Shift from Cost-Cutting to Revenue-Boosting

UMD Engineers Invent the First Bio-Compatible, Ion Current Battery

Flying Dog Brewery and University of Maryland Partner on Hops Production Initiative

UMD’s “It Takes Just One” Student Team Wins National Competition to Curb Violent Extremism Online

Call for Proposals: UMD-TEC Seed Grant Program

UMD Named a 2017 Best College by MONEY Magazine

14 University of Maryland Students and Alumni Receive Fulbright Grants

News Resources

Return to Newsroom

Search News

Archived News

Events Resources

Events Calendar

Additional Resources

UM Newsdesk

Faculty Experts

Connect

social iconstwitterlinkedinrssYouTube
Division of Research
University of Maryland
College Park, MD 20742-1541

Email: vpr@umd.edu
© Copyright 2017 University of Maryland

Did You Know

UMD's Neutral Buoyancy Research Facility, which simulates the weightlessness of space, is one of only two such facilities in the U.S.