Why did you think it was important to study/research this topic or conduct this project? Q2. What are other studies?in your literature review suggesting about this topic? Q3. What di

Purpose

The goal of this research is to improve our understanding of current methods for analyzing cybercrime and to develop effective countermeasures (Sarker, 2022). A comprehensive literature review will be conducted to ascertain the current state of knowledge concerning complex cybercrime methods and mitigation strategies. The literature review will not only lay the groundwork for the research questions and aims, but it will also highlight any gaps in the existing body of knowledge. Next, is to move on to data collection and analysis, the meat and potatoes of the research process. For this aim, I plan on collecting information from a wide range of places, such as academic journals, government documents, and in-depth interviews with professionals in the business world. Network, statistical, and content analysis are just some of the methods that will be used to examine the information gathered.

In light of the study's aims and concerns, the findings will be discussed. The primary focus will be on recognizing advanced strategies and the methods employed by law enforcement to expose and counteract cyberthreats (Cascavilla et al., 2019). New techniques for recognizing and reducing cybercrime threats, as well as the need for more in-depth evaluations of existing ones, will be recommended for further research and implementation based on the findings.

The purpose of this thesis proposal is to deepen understanding of modern cybercrime strategies and the responses taken by law enforcement and security experts. The results will help businesses, governments, and others counter cyber-risks well.

Research Questions:

· H1. What are the recent and new computer crimes reported? (Nicholls,et al., 2021)

· H2. What good techniques are used in computer crime evaluation? (Nicholls,et al., 2021)

· H3. What are the most common methods that cybercriminals use to gain access to networks and systems? (Nicholls,et al., 2021)

· H5. How can organizations and law enforcement authorities improve their defenses against cybercrime?

· H6. What measures can be taken to reduce the financial and reputational impact of cybercrime?

The challenge highlighted in the topic of "Advanced Techniques for Cybercrime Analysis: Identifying and Mitigating Emerging Threats" highlights the growing threat of cybercrime and the difficulties faced by law enforcement and security professionals in combating it. With the increasing usage of technology and the internet, cybercriminals have access to numerous tools and strategies that make it challenging for security experts to keep up. The research aims to address the lack of knowledge about the common and threatening cyber attaches that are experienced in the current business environment and strategies adopted by cybersecurity enforcers.

The problem of cybercrime is of great concern as it is of much risk to people, firms, and community at large. The growing sophistication of cybercrime methods, such as advanced persistent threats, ransom ware, phishing, and banking Trojans, makes it even more challenging for security experts to detect and mitigate these threats (Sarker, 2022). Despite the efforts of law enforcement and security experts, the rise of cybercrime continues, and it is becoming increasingly difficult to counteract new forms of cybercrime.

Significance of the study

The significance of the research on "Advanced Techniques for Cybercrime Analysis: Identifying and Mitigating Emerging Threats" is two-fold. Firstly, the study aims to contribute to the knowledge base of law enforcement and security experts in identifying and mitigating emerging cybercrime threats. As cybercrime continues to grow and evolve, it becomes increasingly difficult for security experts to keep up with the sophisticated methods and tactics employed by cybercriminals. The study will provide insights into the latest trends in cybercrime and the best methods for studying cybercrime, which will help law enforcement and security experts to well learned about the nature and extent of these threats and to develop effective strategies for combating them (Casino et al., 2019).

Secondly, the study will contribute to the development of strategies and tactics that organizations and government agencies can use to reduce the risks posed by cybercrime. Cybercrime create a huge risk to individuals, firms and businesses at large, and it is important that organizations and government agencies have the necessary tools and strategies in place to counteract these threats. The study will provide recommendations for further study and practice and contribute to the development of new methods used in the identification and prevention of cyber threats.

In addition to the contributions made to the field of cybercrime analysis and the development of strategies for combating cybercrime, the study will also have practical applications for businesses and government agencies. The findings of the study will provide organizations with a better understanding of the latest trends in cybercrime and the steps they can take to reduce the risks posed by these threats. The study will also provide a valuable resource for law enforcement and security experts, who can use the insights and recommendations provided in the study to develop more effective strategies for combating cybercrime.

Cybercrime: To commit a cybercrime, one needs only make illegal use of a computer, network, or the World Wide Web.

Advanced Persistent Threats (APTs): Attacks that are highly focused, complex, and hard to detect are examples of advanced persistent threats (APTs).

Ransom war is a form of malicious software that uses encryption to lock users out of their own files. After then, the hackers will ask for money in exchange for the decryption key that will unlock the user's files.

Phishing: Phishing is a type of cyberattack that uses emails or other electronic messages to trick victims into revealing confidential information or downloading malicious software.

Banking Trojans: A banking trojan is a type of malicious software specifically designed to steal financial information from users.

The increased use of technology in our daily lives has led to an increase in cybercrime in recent years. Law enforcement and cybersecurity professionals struggle to keep up with the sophisticated cybercriminals' continual evolution of their strategies and techniques. In this literature review, we'll talk about recent research on advanced cybercrime analysis, including how cybercrime is changing, how to evaluate it, and how to reduce cyber threats. According to a research by the CSIS, cybercrime has progressed from being a minor inconvenience to being a serious danger to both national security and the global economy (Chowdhury & Gkioulos, 2021). The survey also discovered that cybercriminals are increasingly employing complex attack strategies, including social engineering, ransomware, and advanced persistent threats (APTs). Additionally, a variety of sectors, including the government, the financial sector, and the healthcare industry are being targeted by cybercriminals. The Ponemon Institute conducted another study that revealed malware, phishing, and web-based attacks to be the most prevalent forms of cybercrime (Jang-Jaccard & Nepal, 2014). The study also discovered that small and medium-sized enterprises, which frequently have less robust cybersecurity protections than larger corporations, are increasingly being targeted by cybercriminals.

Malware, known as ransomware, encrypts, locks, or demands money to unlock the affected files. Despite being numerous, the two most common ransomware are crypto-ransomware and locker ransomware. The code in the files is reorganized by crypto-ransomware, which frequently modifies the computer language used to write it. As the name implies, locker ransomware stops users from accessing their files. (Al-rimy et al.., 2018). Regardless of its variety, ransomware is an illegal money-making plan that employs social engineering tricks or vulnerabilities to trick users into clicking on bad links. There are specific strains, and the folders are designated for eventual deletion. The culprits then demand ransom payments, typically in untraceable cryptocurrencies like Bitcoin, in exchange for the secret key needed to decrypt the files.

Despite reports to the contrary from the LEA, ransomware continues to pose the greatest malware threat to both business and law enforcement. Ransomware is described as a "cybercriminal business model" and "one of the true threats to the NextGen" by cybersecurity vendors because it has been technologically supported by a variety of attack tools and techniques as well as anonymization. These technologies, such as cryptocurrencies and mesh networks (Tor/I2P), have "led to a rise in the use of ransomware." (Kaspersky Lab, 2018). According to law enforcement organizations and businesses, ransomware is still being used to attack computer users. For the purpose of lowering the ransom payment to cyber criminals who then disseminate the malware as "affiliates," the ransomware is produced and distributed. Numerous affiliate schemes back it. (Al-rimy et al.., 2018). Furthermore, skilled data engineers who can unlock or decrypt the corrupted files are partnered with professional ransomware criminals who advertise their criminal activities as a business service.

Ransomware is classified according to a number of criteria, including its severity, extortion tactics, victims, and impacted systems. Depending on the ransomware's severity, the former attempts to convince the victims to pay for false warnings, whereas the latter poses a real threat. The latter poses a genuine risk. A straightforward attack and an attack using a different encryption key comprise the threat. According to extortion techniques, i.e., whether or not user data are used for encryption, researchers have classified ransomware into cryptographic and non-cryptographic systems. In 2016, a further three ransomware subtypes were identified: scareware, confined ransomware, and cryptography-based ransomware. While fake warnings deceive the victim into paying for false threats, ransomware uses digital mechanisms to secure and encrypt victims' data.

As mentioned above, to cause damage to computer users, ransomware as a technological system depends on several enablers. Since knowing these enablers is essential for outlining and comprehending potential solutions to the problem, a significant portion of the literature review's existing body is devoted to discussing them.

Phishing is a widely used tactic by hackers. Phishing is the practice of sending emails or other messages that look legitimate in order to trick the recipient into divulging confidential or financial information. These communications frequently masquerade as coming from reputable institutions like banks. Malware is another tool used by hackers. Malware, also known as malicious software, is any piece of code intending to harm, disturb, or break into another computer system or network. Malware comes in many forms, but the most common are viruses, worms, Trojan horses, and extortion. Social engineering is a technique cybercriminals use to trick people into divulging private information or taking actions that could jeopardize a system or network. Pretexting, baiting, and quid pro quo plans are all examples of social engineering. Cybercriminals also employ a method known as denial-of-service (DoS) assaults. These assaults use a deluge of user requests or traffic to overload and take down a system, rendering it useless to its intended audience. DDoS attacks are very similar, which use numerous computers to overwhelm a single one. Finally, cybercriminals may use exploit kits to obtain unauthorized access to a system or network by taking advantage of flaws in the targeted software or hardware. The automated searching for and exploiting of vulnerabilities is made possible by exploit kits, which are widely available for purchase on the black web.

A Denial of Service (DoS) assault is an attempt to overwhelm and take down a computer system, network, or website by sending an overwhelming volume of data or requests at once. The goal is to block the intended audience from accessing the target, essentially rendering the service unavailable to them.

The most common form of DoS assault is called a flooding attack, and it consists of sending so many requests or data packets to the victim system that it becomes overwhelmed and eventually crashes. Similar to denial-of-service attacks, distributed denial-of-service (DDoS) attacks use a swarm of compromised machines to flood a target with data all at once. (Altulaihan et al., 2022). Financial loss, damaged image, and legal liability are just some of the negative outcomes that can result from a denial-of-service attack. Some examples of security measures that can be implemented to protect companies from cyber-attacks are firewalls, intrusion detection systems, and content filters. (Altulaihan et al., 2022). In addition, keeping software and systems up-to-date with security patches is crucial to thwarting hackers. Finally, if a DoS attack does arise, having a response plan in place can lessen its severity.

Malicious software (malware) is installed on the victim's device as part of the cryptojacking procedure. Background processes of this malware generate cryptocurrency using the device's resources. The mined cryptocurrency is then sent to the attacker's digital wallet, where the target has no idea it has been sent. Victims of cryptojacking may suffer serious repercussions. The device may overheat, freeze, or malfunction if its processing capacity is used too intensively. In addition, the victim may incur higher power costs due to the mining activity.

Cybercriminals can carry out cryptojacking attacks in a number of different methods. Phishing emails are sent by hackers pretending to be reputable companies to deceive users into downloading malware. Attackers can also mine cryptocurrency when a user views a malicious website by inserting code into the site (Altulaihan et al., 2022). Users should take several precautions to prevent cryptojacking assaults. First and foremost, it is essential to always have the most recent security patches installed on all of your software and running systems. Users should also exercise caution before opening attachments from unsolicited emails and before getting files from websites they have never heard of. It is also possible to detect and avoid cryptojacking attacks by installing anti-virus and anti-malware software. In sum, cryptojacking is a malicious cyber-attack with potentially devastating effects on its victims. As cryptocurrency usage grows, so too will the prevalence of cryptojacking assaults. Therefore, it is crucial for users to understand the dangers and take precautions to safeguard their systems from such assaults.

The term "Advanced Persistent Threat" (APT) refers to a specific category of cyber-attacks that aim to disrupt a single entity or group of people for an extended length of time. These types of assaults are typically carried out by well-organized groups’ intent on stealing proprietary or financial information. Due to their stealthy nature, APTs pose a serious danger to businesses of all sizes, as they often go unnoticed for long periods of time. The phases of an APT are as follows: surveillance; initial compromise; command and control; lateral movement; and data exfiltration. An attacker's research phase involves learning as much as possible about the targeted organization and finding any exploitable flaws (Altulaihan et al., 2022). An attacker may use phishing emails or exploiting unpatched software to obtain initial access to the target's network after discovering a security hole.

The attacker will then set up command and control channels to interact with the compromised system and issue orders after initial access has been gained. The hacker will then spread out across the network in search of more important information and systems to compromise. The assailant may employ this technique for weeks, months, or even years as they try to stay under the radar. The ability of APTs to remain undetected is one of the most difficult elements to combat. Many times, attackers will encrypt their communications, use valid credentials, and mask their activity as normal network data in order to remain undetected (Altulaihan et al., 2022). Intrusion detection systems, behavior-based analysis, and threat intelligence feeds are just some of the advanced security steps that businesses can use to spot APTs.

A multi-layered security strategy is essential for preventing APTs. Implementing strict access limits, fixing software flaws, employing robust encryption, and keeping an eye on network activity are all essential measures to take. An incident response strategy should be in place so that businesses can act swiftly in the event of an advanced persistent threat attack. Finally, APTs are a major concern for businesses of all kinds, and a holistic security strategy is necessary to protect against them. Organizations can safeguard themselves against this ever-present and ever-changing danger by familiarizing themselves with the phases of an APT attack and putting in place cutting-edge security measures.

Phishing emails, fake websites, phone calls, and even face-to-face encounters are just a few examples of the many methods used in social engineering. Fear, curiosity, and greed are all feelings that can be used to manipulate people into doing things they would not normally do. A social engineer might try to trick a target into downloading malware by sending them an email that appears to have come from a reputable organization (Chowdhury & Gkioulos, 2021). The recipient's machine could be infected with malware from the link or attachment, or the attacker could gain access to private data.

Pretexting is another method of social engineering in which the perpetrator creates a fictitious situation or persona in order to gain the confidence of an unsuspecting target. A social engineer could, for instance, pretend to be an IT support technician and trick a user into downloading malicious software by telling them their machine is infected. The software could be malicious and allow the hacker to take over the victim's machine. As the human element is often the most vulnerable part of any security mechanism, social engineering attacks can have devastating effects. The most advanced cyber security measures can be breached if an attacker tricks an unsuspecting target into divulging sensitive information, such as a password, or into visiting a malicious website (Chowdhury & Gkioulos, 2021). Those who want to safeguard themselves from social engineering assaults should learn about common tactics and how to recognize them. Multi-factor authentication can prevent password theft, and teaching staff to be wary of unsolicited emails and phone calls is another step in securing confidential data.

Network analysis is a vital aspect of cybercrime analysis that aims to explore the relationships between cybercriminals, their targets, and their tactics. This field of study is essential in understanding the dynamics of cybercriminal activities and identifying the key players in a network. The goal of network analysis is to uncover the structure of the network, including the connections between actors, the flow of information, and the different strategies used by cybercriminals (Chowdhury & Gkioulos, 2021). With the insights gained from network analysis, security professionals can better protect organizations against cybercrime and enhance their response to attacks.

One recent study that utilized network analysis to identify important actors in cybercrime networks and track their activities was conducted by Ajayi in 2022. The research aimed to gain insights into the workings of cybercrime networks and the tactics employed by cybercriminals. The study analyzed data collected from online sources such as forums and social media platforms, which provided important information on the interactions between cybercriminals, their targets, and their strategies. The results of the study showed that network analysis is a valuable tool in understanding the complex structures of cybercrime networks.

Behavioral analysis is another approach to cybercrime analysis that focuses on studying cybercriminals' behaviors and patterns to determine their motivations and strategies. This method involves analyzing the actions and activities of cybercriminals, including their methods of attack, the types of targets they choose, and the tools they use to carry out their activities. Behavioral analysis is an essential tool for understanding cybercriminals' motivations, which can help security professionals develop effective strategies for preventing and mitigating attacks.

A study by Ajayi (2022) utilized behavioral analysis to identify ransomware attacker behavior patterns. The study aimed to gain insights into the strategies employed by ransomware attackers and to develop more effective defenses against their attacks. The research analyzed data from several ransomware attacks, including the types of targets chosen, the methods of attack used, and the payment demands made. The results of the study showed that behavioral analysis is a valuable tool in identifying patterns and trends in ransomware attacks, which can inform the development of more effective cybersecurity strategies.

Network analysis and behavioral analysis are both essential tools in cybercrime analysis. While network analysis focuses on understanding the connections between cybercriminals, their targets, and their tactics, behavioral analysis aims to identify cybercriminals' motivations and strategies. Both methods are crucial for developing effective cybersecurity strategies and protecting organizations against cybercrime. By combining the insights gained from these two approaches, security professionals can better understand the complex nature of cybercrime and develop more potent defenses against attacks.

One of the main advantages of network analysis is that it can help identify key players in a cybercrime network. These key players may be the most significant threats to an organization, and understanding their tactics and motivations is essential for developing effective countermeasures. By analyzing the network's structure, including the relationships between different actors and their interactions, security professionals can identify the most critical nodes in the network and focus their efforts on disrupting them.

Behavioral analysis is also useful for identifying patterns in cybercriminal activity. Cybercriminals often exhibit consistent patterns in their behavior, such as the types of targets they choose or the methods they use to carry out attacks. By analyzing these patterns, security professionals can gain insights into the motivations and strategies of cybercriminals and develop more effective countermeasures (Ajayi, 2022). Behavioral analysis can also help identify emerging trends in cybercrime, enabling organizations to anticipate and prevent attacks before they occur.

Both network analysis and behavioral analysis require significant amounts of data to be effective. Network analysis relies on data from various sources, including social media platforms, forums, and other online sources. Behavioral analysis requires data from previous attacks, including the methods used by cybercriminals, the types of targets they choose, and the outcomes of their attacks. Collecting and analyzing large amounts of data can be time-consuming and resource-intensive, but it is essential for gaining valuable insights into cybercrime.

One of the challenges of network analysis is the complexity of the networks themselves. Cybercrime networks can be highly complex and dynamic, making it challenging to identify and track key playe