UMD and Fraunhofer Working to Minimize the Threat of Mobile Device-Related Cybercrime

20.9.2016

©Photo halfpoint - 123RF

The U.S. National Science Foundation has awarded a two-year, $500k grant to researchers at the University of Maryland, College Park and the Fraunhofer Center for Experimental Software Engineering (CESE). The goal of the project is to identify, understand and ultimately reduce behaviors that make mobile device users more likely to fall victim to cybercrime.

Led by Dr. David Maimon of UMD’s Criminology and Criminal Justice Department and Dr. Lucas Layman of Fraunhofer CESE, this project will expand our understanding of how criminal activity and victimization are often facilitated by users’ unwitting or incautious behaviors. Maimon and Layman believe this work is timely "because people increasingly interact in the cyber world through data-rich mobile devices and because mobile device-related cybercrime appears to be more influenced by factors in the physical world, such as location, environment, and social interaction, than what we have seen with traditional desktop computing."

During the project the researchers will develop detailed behavior sensors and use them to unobtrusively compile a rich data set from scores of users. The data will then be augmented with contextual information drawn from user questionnaires, U.S. Census data, neighborhood condition data from Google Street view and more to better understand user behaviors. The researchers will then analyze this data to better understand security threats stemming from behavioral and social factors and conduct experiments to test their observations. Finally, the researchers plan to publicly release this data to the scientific community along with open source tools for collecting and analyzing the data.

If successful, Maimon and Layman expect this work to lead to new technologies and approaches that protect users from cybercrime. For example, predictive models that can alert users when they fall into risky behaviors, system design and usage policies that nudge users away from risky behaviors, and best practices training that teach system developers how to build less risky systems in the first place.