Chapter 4 – |
Studies and Surveys of Computer Crime |
M. E. Kabay, PhD, CISSP
Chapter Contents:
|
4.1 |
|
Introduction
|
|
4.1.1 |
|
Value of statistical knowledge base
|
|
4.1.2 |
|
Limitations on our knowledge of computer crime
|
|
4.1.2.1 |
|
Detection
|
|
4.1.2.2 |
|
Reporting
|
|
4.1.3 |
|
Limitations on the applicability of computer-crime statistics
|
|
4.2 |
|
Basic research methodology
|
|
4.2.1 |
|
Some fundamentals of statistical design and analysis
|
|
4.2.1.1 |
|
Descriptive statistics
|
|
4.2.1.2 |
|
Inference: sample statistics versus population statistics
|
|
4.2.1.3 |
|
Hypothesis testing
|
|
4.2.1.4 |
|
Random sampling, bias and confounded variables
|
|
4.2.1.5 |
|
Confidence limits
|
|
4.2.1.6 |
|
Contingency tables
|
|
4.2.1.7 |
|
Association versus causality
|
|
4.2.1.8 |
|
Control groups
|
|
4.2.2 |
|
Research methods applicable to computer crime
|
|
4.2.2.1 |
|
Interviews
|
|
4.2.2.2 |
|
Focus groups
|
|
4.2.2.3 |
|
Surveys
|
|
4.2.2.4 |
|
Instrument validation
|
|
4.3 |
|
Studies of computer criminals
|
|
4.3.1 |
|
Interview series
|
|
4.3.1.1 |
|
Donn B. Parker
|
|
4.3.1.2 |
|
Sarah Gordon
|
|
4.3.2 |
|
Individual case studies
|
|
4.4 |
|
Surveys of computer crime
|
|
4.4.1 |
|
CSI/FBI annual surveys of computer crime
|
|
4.4.2 |
|
NCSA/ICSA Labs annual surveys of computer virus incidence
|
|
4.4.3 |
|
CERT-CC quarterly and annual summaries
|
|
4.4.4 |
|
Other industry surveys
|
|
4.5 |
|
Historical review of computer-crime surveys
|
|
4.5.1 |
|
1996
|
|
4.5.2 |
|
1997
|
|
4.5.3 |
|
1998
|
|
4.5.4 |
|
1999
|
|
4.5.5 |
|
2000
|
|
4.6 |
|
Summary
|
|
4.7 |
|
Bibliography and For Further Reading
|
|
|
|