The Association of Digital Forensics, Security and Law (ADFSL)
The growth of the Internet has created a corresponding growth in Internet-based crimes and online misbehavior, particularly among younger computer-savvy people. Younger generations have grown up in a world where internet access, social networking, e-commerce and smartphones are commonplace. Given this fact, they have learned how to use, and how to abuse, technology. This leads us to define a new category of cybercrime called a Personal Denial of Service attack (PDOS). A PDOS is a cyber-crime in which an individual deliberately prevents the access of another individual or small group to online services such as email or banking. Due to the nature of a PDOS, these acts can be overlooked by law enforcement and organizations that operate Internet infrastructure, such as universities. Our motivation for this work is twofold: to stress the need for cyber ethics education at the university level, and to illustrate how a previously uncategorized type of cyber crime is easily perpetrated in such an environment. To achieve these goals, we define a PDOS attack and discuss how it differs from other categories of attacks. We also examine the motivation for a PDOS attack in the context of the Routine Activities Theory of criminal justice. We further discuss a "proof of concept" survey administered at four different universities to ascertain their attitudes towards online account breaches as related to a PDOS attack. The survey provides initial evidence that account breaches, which are an integral part of a PDOS attack, are a worrisome threat on university campuses and further points to a need for cyber ethics training.
1. BBC. (2009). Hackers target Xbox Live players. Retrieved on May 22, 2012 from http://news.bbc.co.uk/2/hi/technology/7888369. stm
2. CAI Networks. (2000). Strict, moderate, and open NAT-load balancing Xbox game servers. Retrieved on May 5, 2012 from http://www.cainetworks.com/support/how-toNAT-strict-open.html
3. Cesaroni, C., Downing, S., and Alvi, S. (2012). Bullying enters the 21st Century? Turning a critical eye to cyber-bullying research. Youth Justice, 12(3), 199-211.
4. Chen, Y., Chen, P., Hwang, J., Korba, L., Song, R., and Yee, G. (2005). An analysis of online gaming crime characteristics. Internet Research, 15(3), 246-261.
5. Cohen, L., and Felson, M. (1979). Social change and crime rate trends: A routine activities approach. American Psychological Review, 44(4), 588-608.
6. Csikszentmihalyi, M. (1975). Beyond Boredom and Anxiety. San Francisco: Jossey-Bass.
7. Csikszentmihalyi, M. (1997). Finding Flow: The Psychology of Engagement with Everyday Life. New York, NY: Basic Books.
8. Freestone, O., and Mitchell, V. (2004). Generation Y attitudes towards e-ethics and Internet-related misbehaviours. Journal of Business Ethics, 54, 121-128.
9. Hainey, T., Connolly, T., Stansfield, M., and Boyle, E. (2011). The differences in motivation of online game players and offline game players: A combined analysis of three studies at higher education level. Computers and Education, 57, 2197-2211.
10. Holt, T., and Bossler, A. (2009). Examining the applicability of lifestyle-routine activities theory for cybercrime victimization. Deviant Behavior, 30, 1-25.
11. Hutchings, A., and Hayes, H. (2009). Routine Activity Theory and phishing victimisation: Who gets caught in the 'Net'? Current Issues in Criminal Justice, 20(3), 433-451.
12. Kigerl, A. (2012). Routine Activity Theory and the determinants of high cybercrime countries. Social Science Computer Review, 30(4), 470- 486.
13. Maimon, D., Kamerdze, A., Cukier, M., and Sobesto, B. (2013). Daily trends and origins of computer-focused crimes against a large university computer network. British Journal of Criminology, 53, 319-343.
14. Marcum, C. (2009). Adolescent Online Victimization: A Test of Routine Activities Theory. El Paso: LFB Scholarly Publishing.
15. Melander, L. (2010). College students' perception of intimate partner cyber harassment. Cyberpsychology, Behavior, and Social Networking, 13(3), 263-268.
16. Miller, J. (2012). Individual offending, routine activities, and activity settings: Revisiting the Routine Activity Theory of general deviance. Journal of Research in Crime and Delinquency, 50(3), 390-416.
17. PEW Internet Project. (2008). Nearly All US Teens, 53% of Adults Play Video Games. Retrieved on May 22, 2012 from http://www.marketingcharts.com/interactive/ne arly-all-us-teens-53-of-adults-play-videogames-7114/
18. Navarro, J., and Jasinski, J. (2012). Going cyber: Using Routine Activities Theory to predict cyberbullying experiences. Sociological Spectrum: Mid-South Sociological Association, 32(1), 81-94. 19. Nmap.org. (2012). Nmap. Retrieved on May 3, 2012 from http://nmap.org
20. Neves, J., and L. Pinheiro (2010). Cyberbullying: A sociological approach. International Journal of Technoethics, 1(3), 24- 35.
21. OXID.com. (2012). Cain and Abel password recovery tool. Retrieved on June 1, 2012 from http://www.oxid.it/cain.html
22. Pasupathi, M. (2001). Seeds of wisdom: Adolescents' knowledge and judgment about difficult life problems. Developmental Psychology, 37, 351-361.
23. Pogue, D. (2014) The curse of the cloud. Scientific American, February, 28.
24. Prasad, M., Kumar, B., Satish, Y., and Sriraman, K. (2013). Reconstruction of events in digital forensics. Computer Engineering and Applications Journal, 2, 2.
25. Pratt, T., Holtfreter, K, and Reisig, M. (2010). Routine online activity and Internet fraud targeting: Extending the generality of Routine Activity Theory. Journal of Research in Crime andDelinquency, 47(3), 267-296.
26. Reyes, A., O'Shea, K., Steele, J., Hansen, J., Jean, B., and Ralph, T. (2007). Cyber Crime Investigations: Bridging the Gaps between Security Professionals, Law Enforcement, and Prosecutors. Rockland, MA: Syngress Publishing.
27. Reyns, B. (2013). Online routines and identity theft victimization: Further expanding Routine Activity Theory beyond direct-contact offenses. Journal of Research in Crime and Delinquency, 50(2), 216-238.
28. Reyns, B., Henson, B., and Fisher, B. (2011). Being pursued online: Applying cyberlifestyleRoutine Activities Theory to cyberstalking victimization. Criminal Justice and Behavior, 38(11), 1149-1169.
29. Selwyn, N. (2008). A safe haven for Misbehaving: an investigation of online misbehavior among university Students. Social Science Computer Review, 26(4), 446-465.
30. Shariff, S., and Hoff, D. (2011). Jaishankar, K. (ed), Cyber Bullying: Legal Obligations and Educational Policy Vacuum, Cyber Criminology (359-392). Boca Raton: CRC Press.
31. Teng, C., Tseng, F., Chen, Y., and Wu, S. (2012). Online gaming misbehaviors and their adverse impact on other gamers. Online Information Review, 36(3), 342-358.
32. Wild, C., Weinstein, S., MacEwan, N., and Geach, N. (2011). Electronic and Mobile Commerce Law, Hatfield: University of Hartfordshire Press.
33. Williams, P., Nicholas, D., and Rowlands, I. (2010). The attitudes and behaviors of illegal downloaders. Aslib Proceedings, 62(3), 283- 301.
34. Yar, M. (2005). The Novelty of Cybercrime. European Journal of Criminology, 2(4), 407- 427.
Bartolacci, Michael R.; LeBlanc, Larry J.; and Podhradsky, Ashley
"Personal Denial of Service (PDOS) Attacks: A Discussion and Exploration of a New Category of Cyber Crime,"
Journal of Digital Forensics, Security and Law: Vol. 9
, Article 2.
Available at: http://commons.erau.edu/jdfsl/vol9/iss1/2