A Comprehensive Framework for Cyber Behavioral Analysis Based on a Systematic Review of Cyber Profiling Literature

Abstract

Cybercrime presents a significant threat to global society. With the number of cybercrimes increasing year after year and the financial losses escalating, law enforcement must advance its capacity to identify cybercriminals, collect probative evidence, and bring cybercriminals before the courts. Arguably to date, the approach to combatting cybercrime has been technologically centric (e.g., anti-virus, anti-spyware). Cybercrimes, however, are the result of human activities based on human motives. It is, therefore, important that any comprehensive law enforcement strategy for combatting cybercrime includes a deeper understanding of the hackers that sit behind the keyboards. The purpose of this systematic review was to examine the state of the literature relating to the application of a human-centric investigative tool (i.e., profiling) to cybercrime by conducting a qualitative meta-synthesis. Adhering to the PRISMA 2020 guidelines, this systematic review focuses specifically on cybercrime where a computer is the target (e.g., hacking, DDoS, distribution of malware). Using a comprehensive search strategy, this review used the following search terms: “cybercrime”, “computer crime”, “internet crime”, “cybercriminal”, “hacker”, “black hat”, “profiling”, “criminal profiling”, “psychological profiling”, “offender profiling”, “criminal investigative analysis”, “behavioral profiling”, “behavioral analysis”, “personality profiling”, “investigative psychology”, and “behavioral evidence analysis” in all combinations to identify the relevant literature in the ACM Digital Library, EBSCOhost databases, IEEE Xplore, ProQuest, Scopus, PsychInfo, and Google Scholar. After applying the inclusion/exclusion criteria, a total of 72 articles were included in the review. This article utilizes a systematic review of the current literature on cyber profiling as a foundation for the development of a comprehensive framework for applying profiling techniques to cybercrime—described as cyber behavioral analysis (CBA). Despite decades of research, our understanding of cybercriminals remains limited. A lack of dedicated researchers, the paucity of research regarding human behavior mediated by technology, and limited access to datasets have hindered progress. The aim of this article was to advance the knowledge base in cyber behavioral sciences, and in doing so, inform future empirical research relating to the traits and characteristics of cybercriminals along with the application of profiling techniques and methodologies to cybercrime.