A conceptual interdisciplinary plug-and-play cyber security framework

ICTs and the millennium development goals: A United Nations perspective

Volumn 9781489974396, Issue , 2014, Pages 81-99

  Choo, Kim Kwang Raymond ^a  

^a UNIVERSITY OF SOUTH AUSTRALIA   (Australia)

Author keywords

Cyber security; Cyber security framework; Cyber threats; Cybercrime; Interdisciplinary cyber security framework; Malicious cyber activities; National security

Indexed keywords

DEVELOPING COUNTRIES; NATIONAL SECURITY;

CYBE SECURITY FRAMEWORK; CYBER SECURITY; CYBER THREATS; CYBER-CRIMES; INTERDISCIPLINARY CYBE SECURITY FRAMEWORK; MALICIOUS CYBE ACTIVITY; SECURITY FRAMEWORKS;

CYBERSECURITY;

EID: 84905834871     PISSN: None     EISSN: None     Source Type: Book    
DOI: 10.1007/978-1-4899-7439-6_6     Document Type: Chapter

References (84)

1. Agnew, R. (1992). Foundation for a general strain theory of crime and delinquency. Criminology, 30 (1), 47-87.
2. Ajzen, I. (1991). Theory of planned behavior. Organizational Behavior and Human Decision Processes, 50 (2), 179-211.
3. Akamai Technologies. (2012). The state of the internet: 4th quarter, 2011 Report . Cambridge, MA: Akamai Technologies.
4. Akerlof, G. A. (1970). The market for "Lemons": Quality uncertainty and the market mechanism. The Quarterly Journal of Economics, 84 (3), 488-500.
5. Akers, R. L. (1985). Deviant behavior: A social learning approach (3rd ed.). Belmont, CA: Wadsworth.
6. Akers, R. L. (2009). Social learning and social structure: A general theory of crime and deviance . New Brunswick, NJ: Transaction.
7. Anderson, R. (2001). Why information security is hard - An economic perspective. In Proceedings of the 17th annual computer security applications conference, New Orleans, Louisiana, USA (pp. 358-365). Washington, DC: IEEE.
8. Anderson, M. S., North, C. J. G., & Yiu, K. K. (2008). Towards countering the rise of the silicon trojan . Edinburgh, SA: Defence Science and Technology Organisation, Commonwealth of Australia.
9. Applegae, S. D. (2011). Cyber militias and political hackers: Use of irregular forces in cyberwarfare. IEEE Security and Privacy, 9 (5), 16-22.
10. Australian Government, Department of the Prime Minister and Cabinet (2013) Strong and secure: a strategy for Australia's national security. Commonwealth of Australia, ACT, Australia.
11. Azfar, A., Choo, K.-K. R., & Liu, L. (2014). A study of ten popular Android mobile VoIP applications: Are the communications encrypted? In: 47th Annual Hawaii international conference on system sciences (HICSS 2014), pp. 4858-4867, January 6-9, 2014, IEEE Computer Society Press.
12. Becker, G. S. (1968). Crime and punishment: An economic approach. Journal of Political Economy, 76 , 169-217.
13. Bammer G (2012) Strengthening interdisciplinary research: what it is, what it does, how it does it and how it is supported. Report for the Australian Council of Learned Academies.
14. Brandtzæg, P. B. (2012). Social networking sites: Their users and social implications-A longitudinal study. Journal of Computer-Mediated Communication, 17 (4), 467-488.
15. Broadhurst, R. (2010). A new global convention on cybercrime. Pakistan Journal of Criminology, 2 (4), 1-10.
16. Broadhurst, R., & Choo, K. K. R. (2011). Cybercrime and on-line safety in cyberspace. In C. Smith, S. Zhang, & R. Barberet (Eds.), Routledge international handbook of criminology (pp. 153-165). New York, NY: Routledge.
17. Brown, S. E., Esbensen, F. A., & Geis, G. L. (2010). Criminology: Explaining crime and its context (7th ed.). New Providence, NJ: Matthew Bender & Company.
18. Bursik, R., Jr., & Grasmick, H. (1993). Economic deprivation and neighborhood crime rates, 1960- 1980. Law and Society Review, 27 (2), 263-283.
19. Center for Strategic and International Studies (CSIS). (2011). Cybersecurity two years later . Washington. DC: CSIS.
20. Choo, K. K. R. (2008). Organised crime groups in cyberspace: A typology. Trends in Organized Crime, 11 (3), 270-295.
21. Choo, K. K. R. (2011). The cyber threat landscape: Challenges and future research directions. Computers and Security, 30 (8), 719-731.
22. Choo, K. K. R., & Grabosky, P. (2013). Cyber crime. In L. Paoli (Ed.), Oxford handbook of organized crime . New York, NY: Oxford University Press.
23. Choo, K.-K. R., & Smith, R. G. (2008). Criminal exploitation of online systems by organised crime groups. Asian Journal of Criminology, 3 (1), 37-59.
24. Clarke, R. (1997). Situational crime prevention: Successful case studies (Vol. 2). New York, NY: Harrow and Heston.
25. Clarke, R. V. (2005). Seven misconceptions of situational crime prevention. In N. Tilley (Ed.), Handbook of crime prevention and community safety (pp. 39-70). Cullompton: Willan Publishing.
26. Clarke, R. V., & Eck, J. (2003). Become a problem solving crime analyst . Devon, UK: Jill Dando Institute of Crime Science.
27. Cohen, L. E., & Felson, M. (1979). Social change and crime rate trends: A routine activity approach. American Sociological Review, 44 (4), 588-608.
28. D'Orazio, C., Ariffin, A., & Choo, K.-K. R. (2014). IOS anti-forensics: How can we securely conceal, delete and insert data? In: 47th Annual Hawaii international conference on system sciences (HICSS 2014), pp. 4838-4847, January 6-9, 2014, IEEE Computer Society Press.
29. Davies, A., Lewis, J., Herrera-Flanigan, J., & Mulvenon, J. (2012). ANZUS 2.0: Cybersecurity and Australia-US relations . Special Report No 46
30. DiMaggio, P. J., & Powell, W. W. (1983). The iron cage revisited: Institutional isomorphism and collective rationality in organizational fields. American Sociological Review, 48 (2), 147-160.
31. Felson, M. (1998). Crime and everyday life . New York, NY: Pine Forge Press.
32. Felson, M. (2006). Crime and nature . Thousand Oaks, CA: SAGE Publications.
33. Findlay, M., & Hanif, N. (2012). Taking crime out of crime business. International Journal of Law, Crime and Justice, 40 (4), 338-368.
34. Gendron, A. & Rudner, M. (2012). Assessing cyber threats to Canadian infrastructure: Report prepared for the Canadian Security Intelligence Service. Retrieved from, http://www.csis-scrs.gc.ca/pblctns/cdmctrch/20121001-ccsnlpprs-eng.asp
35. Giddens, A. (1984). The constitution of society: Outline of a theory of structuration . Berkeley, CA: University of California Press.
36. Gottfredson, M. R., & Hirschi, T. (1990). A general theory of crime . Stanford, CA: Stanford University Press.
37. Herath, T., & Rao, H. R. (2009a). Encouraging information security behavior in organizations: Role of penalties, pressures and perceived effectiveness. Decision Support Systems, 47( 2), 154-165.
38. Herath, T., & Rao, H. R. (2009b). Protection motivation and deterrence: A framework for security policy compliance in organisations. European Journal of Information Systems, 18 (2), 106-125.
39. Hitchings, J. (1995). Deficiencies of the traditional approach to information security and the requirements for a new methodology. Computers and Security, 14 (5), 377-383.
40. HM Government (2010). A strong Britain in an age of uncertainty: the national security strategy. The Stationery Office, Whitehall, London.
41. Holt, T. J. (2013). Examining the forces shaping cybercrime markets online. Social Science Computer Review, 31 (2), 165-177.
42. Hooper, C., Martini, B., & Choo, K. K. R. (2013). Cloud computing and its implications for cybercrime investigations in Australia. Computer Law and Security Review, 29 (2), 152-163.
43. Iswaran, S. (2013). Response speech by Mr. S. Iswaran, Minister in Prime Minister's Office and Second Minister for Home Affairs and Trade & Industry on the second reading of the computer misuse (Amendment) bill. Media Release 14 January.
44. Kellerman, T. (2012). Peter the great versus Sun Tzu . Cupertino, CA: Trend Micro.
45. Krekel, B., Adam, P., & Bakos, G. (2012). Occupying the information high ground: Chinese capabilities for computer network operations and cyber espionage . Retrieved from, http://www.uscc.gov/RFP/2012/USCC%20Report-Chinese-CapabilitiesforComputer-NetworkOperation sandCyberEspionage.pdf
46. Maddux, J. E., & Rogers, R. W. (1983). Protection motivation and self-efficacy: A revised theory of fear appeals and attitude change. Journal of Experimental Social Psychology, 19 (5), 469-479.
47. Marcus, D., & Sherstobitoff, R. (2012). Dissecting operation high roller . Santa Clara, CA: McAfee.
48. Martini, B., & Choo, K.-K. R. (2013). Cloud storage forensics: OwnCloud as a case study. Digital Investigation, 10 (4), 287-299. http://dx.doi.org/10.1016/j.diin.2013.08.005 .
49. Merton, R. (1938). Social structure and anomie. American Sociological Review, 3 (5), 672-682.
50. Mills, E. (2009). Q&A: FBI agent looks back on time posing as a cybercriminal. CNET . Retrieved on May 7, 2009, from http://news.cnet.com/8301-1009-3-10234872-83.html
51. Ngo, F. T., & Paternoste, R. (2011). Cybercrime victimization: An examination of individual and situational level factors. International Journal of Cyber Criminology, 5 (1), 773-793.
52. Nielsen, S. C. (2012). Pursuing security in cyberspace: Strategic and organizational challenges. Orbis Summer, 2012 , 336-356.
53. Pahnila, S., Siponen, M., & Mahmood, A. (2007). Employees' behaviour towards IS security policy compliance. In Proceedings of 40th Hawaii international conference on system sciences Hawaii USA . Washington, DC: IEEE.
54. Pratt, T. C., & Cullen, F. T. (2005). Assessing macro-level predictors and theories of crime: A meta-analysis. Crime and Justice, 32 , 373-450.
55. Quick, D., & Choo K-K, R. (2013a). Digital droplets: Microsoft SkyDrive forensic data remnants. Future Generation Computer Systems, 29 (6), 1378-1394.
56. Quick, D., & Choo K-K, R. (2013b). Dropbox analysis: Data remnants on user machines. Digital Investigation, 10 (1), 3-18.
57. Quick, D. & Choo, K.-K. R. (2014). Google drive: Forensic analysis of cloud storage data remnants. Journal of Network and Computer Applications, 40 , 179-193.
58. Rosenbaum, D. P., Lurigio, A. J., & Davis, R. C. (1998). The prevention of crime: Social and situational strategies . Belmont, CA: Wadsworth.
59. Sanger, D. E. (2012a). Confront and conceal: Obama's secret wars and surprising use of American power . New York, NY: Crown.
60. Sanger, D. E. (2012, June 1). Obama order sped up wave of cyberattacks against Iran. New York Times .
61. Scott, W. R. (2008). Institutions and organizations; ideas and interests. Reference and research book news (3rd ed.). Thousand Oaks, CA: Sage Publications.
62. Shou, D. (2011). Ethical considerations of sharing data for cybersecurity research. In Workshop on ethics in computer security research (Lecture notes in computer science, Vol. 7126, pp. 169-177). Berlin: Springer.
63. Siponen, M., Willison, R., & Baskerville, R. (2008). Power and practice in information systems security research. In Proceedings of the International Conference on Information Systems (pp. 14-17). France: Paris.
64. Skinner, W. F., & Fream, A. M. (1997). A social learning theory analysis of computer crime among college students. Journal of Research in Crime and Delinquency, 34 (4), 495-518.
65. Smith, S. (2012, October 24). Minister for defence - Speech to the Defence Signals Directorate (DSD) cyber security conference 2012. Media Release .
66. Straub, D. W. (1990). Effective IS security: An empirical study. Information Systems Research, 1 (3), 255-276.
67. Sutton, A., Cherney, A., & White, R. (2008). Crime prevention: Principles, perspectives and practices . Port Melbourne, VIC: Cambridge University Press.
68. Symantec. (2012). Internet security threat report 2011 trends (Vol. 17). Mountain View, CA: Symantec Corporation.
69. Szasz, T. (2002). Fatal freedom: The ethics and politics of suicide . Syracuse, NY: Syracuse University Press.
70. TechAmerica. (2012). TechAmerica's twenty-second annual survey of federal chief information officers: May 2012 . Washington, DC: TechAmerica.
71. Thomson, K., & von Solms, R. (2005). Information security obedience: A definition. Computers and Security, 24 (1), 69-75.
72. UK House of Commons Defence Committee. (2013). Sixth report of session 2012-13 (Volume I: Report, together with formal minutes, oral and written evidence) . London: The Stationery Office Limited.
73. UK Intelligence and Security Committee. (2011). Annual report 2010-2011 (Presented to Parliament by the Prime Minister by Command of Her Majesty July 2011) . Retrieved from, http://www.official-documents.gov.uk/document/cm81/8114/8114.pdf
74. US Department of Defense. (2011). Department of Defense strategy for operating in cyberspace . Retrieved from, http://www.defense.gov/news/d20110714cyber.pdf
75. US Government Accountability Office (US GAO). (2012a). Cybersecurity: Threats impacting the nation . Washington, DC: US GAO.
76. US Government Accountability Office (US GAO). (2012b). DOD supply chain: Suspect counterfeit electronic parts can be found on internet purchasing platforms. GAO-12-375 . Washington, DC: US GAO.
77. US Government Accountability Office (US GAO). (2013). A better defined and implemented national strategy is needed to address persistent challenges. GAO-13-462T . Washington, DC: US GAO.
78. US Office of the National Counterintelligence Executive. (2011). Foreign spies stealing us economic secrets in cyberspace: Report to Congress on foreign economic collection and industrial espionage, 2009-2011 . Retrieved from, http://www.ncix.gov/publications/reports/fecie-all/Foreign-Economic-Collection-2011.pdf
79. US White House. (2011). International strategy for cyberspace: Prosperity, security, and openness in a networked world . Retrieved from, http://www.whitehouse.gov/sites/default/files/rss-viewer/international-strategy-for-cyberspace.pdf
80. US White House. (2013). Executive order: Improving critical infrastructure cybersecurity . Retrieved from, http://www.whitehouse.gov/the-press-office/2013/02/12/executive-orderimproving- critical-infrastructure-cybersecurity
81. von Solms, B. (2001). Information security - A multidimensional discipline. Computers and Security, 20 (6), 504-508.
82. Weber, R. (2003). Theoretically speaking. MIS Quarterly, 27 (3), iii-xi.
83. Weber, R. (2012). Theory building in the information systems discipline: Some critical reflections. In D. N. Hart & S. D. Gregor (Eds.), Information systems foundations: Theory building in information systems (pp. 1-20). Canberra, ACT: Australian National University.
84. Williams, M. & Levi, M. (2013). Perceptions of the eCrime controllers: Modelling the influence of cooperation and data source factors. Security Journal . In press, http://dx.doi.org/10.1057/sj.2012.47.