How to do Research in Cybercrime?
Cybercrime is a special direction in computer security and privacy research. It unites works that investigate different attack or fraud scenarios, analyze malicious ecosystems, detect attackers and study their methods with the aim to develop effective countermeasures. In the current talk I will provide guidelines on how to do research in such a detective field, based on examples from our papers. For instance, I will describe our large-scale study of malicious web shells and how we could detect victims and attackers around the globe, how we used social engineering skills to investigate the ecosystem of technical support scams, and more. My goal is to encourage InfoSec people to brainstorm ways of investigating and preventing cybercrimes, to show that such valuable research does not always require enormous resources and collaborations, but just understanding the technology and connecting dots. The talk is planned to have a light workshop style with elements of collective brainstorming (laptop is not required). We will cover 3 lessons, each highlighting useful methods, tools and skills. Language: Russian.