Measurements

The Cybercrime Information Center follows the successful model of national crime information centers such as the FBI NCIC to serve as a clearinghouse for reports and data concerning the criminal use of the Internet’s Domain Name System (DNS), as well as its Internet protocol (IP) and Automous system numbering systems. Any interested party — security researchers, academics, law enforcement, policy makers, legislators — can access these reports or data for many purposes:

blur_on-24px@1x.png

Research published by the Center provide measurements, statistics, findings and recommendations relating to a cybercrime or security threat where domain names or Internet addresses are used.

graphic_eq-24px@1x.png

Data associated with research measurements or statistics are available for review or use for further research or customized reporting.

grid_on-24px@1x.png

Charts and tables from research can be used to raise awareness or to inform policy making or legislative efforts.

center_focus_weak-24px@1x.png

Data, findings, and recommendations from research serve as candidates for further research or novel academic study.

The Center concentrates on how the Internet's Name and Address identifier systems - the Domain Name System (DNS) and the Internet Protocol (IP) and Autonomous System (AS) addressing systems - are misused or exploited to facilitate security threats.

The Center focuses on threats that are considered cybercrimes in the Council of Europe's Convention on Cybercrime (a.k.a., the Budapest Convention).  The Convention on CyberCrime is an international treaty for crimes that are committed via the Internet and other computer or device networks. The Treaty deals with computer related fraud, network security, copyrights infringements, and child pornography. The Treaty's Articles and Guidelines explain how States can pursue a common criminal policy by adopting legislation and cooperating with other States. The Convention has a broad global adoption through ratifications and accessions.

The Convention's Articles and Guidelines for fraud, network security, and copyright infringement are most relevant:

Budapest Convention

Crime

Operational Security term


Articles 2, 6

Illegal access, misuse of device/software

Computer intrusion, unauthorized access, malware dropper/download (e.g., RAT)


Article 3, 21

Illegal interception, interception of content data

MITM attacks, web, DNS, or mail redirection, data exfiltration


Article 4 and 5

Data interference, System interference

DoS/DDoS attacks, Destructive data breach, ransomware (deletes or suppresses data)


Article 8

Computer related fraud

Phishing, Scam, Fake/counterfeit sites


Article 9

CSAM

Child pornography, Child abuse


Article 10

Copyrights infringement


Guidance Note #8

Spam has three aspects: content, act of sending, and mechanism (e.g., delivery infrastructure)

Spam emitters, botnet C&C