Abstract
Significant cybersecurity and threat intelligence analysts agree that online criminal activity is increasing exponentially. To offer an overview of the techniques and indicators to perform cyber crime detection by means of more complex machine- and deep-learning investigations as well as similar threat intelligence and engineering activities over multiple analysis levels (i.e., surface, deep, and darknets), we systematically analyze state of the art in such techniques. First, to aid the engineering and management of such intelligence solutions. We provide (i) a taxonomy of existing methods mapped to (ii) an overview of detectable criminal activities as well as (iii) an overview of the indicators and risk parameters that can be used for such detection. Second, to find the major engineering and management challenges and variables to be addressed. We apply a Topic Modelling Analysis to identify and analyze the most relevant threat concepts both in Surface and in Deep-, Dark-Web. Third, we identify gaps and challenges, defining a roadmap. Practitioners value and conclusions. The analysis mentioned above effectively provided a photograph of the scientific and practice gaps among the Surface Web and the Deep-, Dark-Web cybercrime and threat engineering and management. More specifically, our systematic literature review shows: (i) the dimensions of risk assessment techniques today available for the aforementioned areas—addressing these is vital for Law-enforcement agencies to combat cybercrime and cyber threats effectively; (ii) what website features should be used in order to identify a cyber threat or attack—researchers and non-governmental organizations in support of Law Enforcement Agencies (LEAs) should cover these features with appropriate technologies to aid in the investigative processes; (iii) what (limited) degree of anonymity is possible when crawling in Deep-, Dark-Web—researchers should strive to fill this gap with more and more advanced degrees of anonymity to grant protection to LEAs during their investigations.
Highlights
Our survey study offers an overview of cyber threat intelligence, providing a taxonomy of the current criminal activities and complementary activities to detect, avoid, and assess them; we provide an overview of indicators and risks parameters in order to aid Law-Enforcement Agencies in their cybercrime fighting activities
(SRQ 2.) what degrees of anonymity exist for web-crawling? (SRQ 3.) what policies exist to vary the degrees of anonymity? (SRQ 4.) what website features are most indicative of cyber threats? (SRQ 5.) what risk assessment techniques exist?
This paper provides a Systematic Multi-Vocal Literature Review on the methods, indicators, approaches, and techniques previously explored for the purpose of cybercrime threat intelligence, namely, the act of gathering information over, predicting, avoiding, or prosecuting cyber-criminal activities in the surface, deep, and dark-webs
Summary
The overly high costs connected to and lack of knowledge over these cyberattacks fundamentally motivates a systematic synthesis of the problem and solutions around the phenomenon. We operate such a systematic synthesis intending to identify gaps and shortcomings in the literature if any. To the best of our knowledge, this is the first systematic literature review providing a taxonomy about the different types and dimensions of cybercrime and threat intelligence solutions. Due to the novelty of the cybersecurity threats and the lack of technologies available to fight the cyberattacks, we will examine sources from the web like blogs and news to have a broader perspective on the new cybercrime trends
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
