Spartan Devils Chapter Status Report for 2014

ORGANIZATION:
 
 In 2008, our chapter formed with members of the former Charlotte, NC chapter: Thomas J. Holt (Michigan State University), Gail Ahn (Arizona State University), and Max Kilger (UT-SA). We also added Lance James (Deloitte)  to this new chapter to get his unique insights.
 
Our current roster includes:
Thomas J. Holt, Michigan State University
Gail Ahn, Arizona State University
Max Kilger, University of Texas-San Antonio
Lance James, Deloitte
Adam Bossler, Georgia Southern University
Aunshul Rege, Temple University
Alice Hutchings, Cambridge University
 
DEPLOYMENTS:
Our chapter is unique in that we are interested in understanding the hacker and attacker community using both social scienceresearch practices and information technology.  To that end, Tom created an open-source research laboratory at Michigan State to examine the global hacker community staffed by students and faculty.  Our additonal research partners at universities across the US and UK are also engaged in similar research. 
We have deployed a series of low-interaction honeypots at ASU, along with Sandboxie on Vmware ESXi to automatically test malware and reset VMs. 
Thus far we have identified over 75 websites involved in the sale and distribution of malware, stolen data, and hacking tools on both the open web and TOR using the open source lab.  We are devloping research studies on these various communities now.
 
RESEARCH AND DEVELOPMENT:
We are interested in developing tools related to automating actor attribution and malware assessment.
 
PAPERS, PRESENTATIONS AND COMMUNITY ENGAGEMENTS:
Holt, Thomas J., and Olga Smirnova. 2014.   "Examining the Structure, Organization, and Processes of the International Market for Stolen Data."  Prepared for the National Institute of Justice, Award No. 2010-IJ-CX-1676.  Available at:https://www.ncjrs.gov/pdffiles1/nij/grants/245375.pdf
 
Holt, Thomas J., and Adam M. Bossler. 2014.  "An assessment of the current state of cybercrime scholarship."  Deviant Behavior 35: 20-40.  http://www.tandfonline.com/doi/abs/10.1080/01639625.2013.822209#preview
 
Holt, Thomas J., Olga Smirnova, Deborah Strumsky, and Max Kilger.  2014.  "Advancing research on hackers through social network data."  Social Networking as a Criminal Enterprise, Catherine D. Marcum and George E. Higgins, eds.   London; CRC Press.http://www.crcpress.com/product/isbn/9781466589797
 
Kilger, Max, 2014.  The future of emerging cyber threats. TEDxFAU. June 26, 2014,  www.youtube.com/watch?v=49OgxEcU87E
 
Holt, Thomas J., Olga Smirnova, and Yi-Ting Chua.  2014.  Stolen Data markets: An Economic and Organizational Assessment.  Presented at the Defcon Conference, Las Vegas, Nevada, August 7-10.  www.youtube.com/watch?v=GP61zSYpqdc
 
Max Kilger attended the 2014 meetings in Warsaw, and served on the workshop committee.
 
FINDINGS:
Our findings have illustrated the potential threats that may affect end users and corporations in the next decade.  In addition, we have found that high-threat actors are likely to be in the center of larger social networks encompassing both semi-skilled and no-skill hackers.  Finally, our results from a larger study of the market for stolen data demonstrate that actors may earn massive profits from the theft and resale of data.  They also operate in loose networks which vary in nature depending on the visibility and traffic of the market's website.
 
GOALS:
Our goals for 2014 were to expand the Chapter's population of social scientists, and develop more interdisciplinary and collaborative research projects. We were able to increase the number of contributors to the project, many of whom are just beginning to understand the scope of the project and how they can better contribute to the chapter as a whole. In addition, Tom organized and held the first Annual MSU Interdisciplinary Conference on Cybercrime on March 20, 2014 on the Michigan State campus.  Tom, Gail, and Max were presenters at the event, as were Adam and Alice.  This led to the invitations for Adam, Alice, and Aunshul to join the Chapter.  In these respects, we feel we were extremely successful in meeting our goals.
 
For 2015, we hope to increase the number of publications by chapter members and expand the interdisciplinary nature of our research by increasing our capacity for information security research.   In meeting these goals, we hope to expand the contribution of both fields to our knowledge of cybercrime and increase the visibility of the chapter and project as a whole.