Our Research
Current Research
Cybercrime Victimization Survey
We are partnering with local law enforcement and victims' advocacy offices for this research. The planned survey study will identify victims of cybercrime to ask about their online behaviors and activities that may have precipitated their victimization. We will be able to recommend various best practices in cyber hygiene to help reduce their risk of re-victimization. Following up, we will measure the effectiveness of various interventions.
Simulated Phishing
Predicting cyber threats for individual users is complex due to the diversity in personal characteristics, scope of work, and habitual online activities. Utilizing computer simulation presents a unique opportunity to adjust a range of user-specific conditions and accurately model distinct behavioral traits. Students at the CIBR lab are currently using computer simulations to study phishing attacks through an innovative research methodology known as agent-based modeling. Leveraging insights gained from our lab's research, we aim to create detailed simulations of phishing and ransomware attacks in controlled environments, using sophisticated virtual actors to enhance the realism and applicability of our models.
Gone Smishing: Development of an End User Risk Assessment
Phishing and smishing have become regular tactics by hackers to gain access through an end users account or device yet cyber hygiene education is limited in that it typically only provides information and encourages reporting scam attempts. The current project will build on empirically supported predictive models using thoughtfully reflective decision making and protection motivation theory to predict victimization risk and tailor educational material to the user themselves. Using experimental methodologies, we will assess real life behavior of end users both as they interact with a third-party site and how they respond to smishing attempts. This project will collectively assess the predictive ability of the models using real end-user behavior, allowing for tailored education to develop well informed decision making processes.
Publications Featuring Lab Faculty & Members
Journal Articles:
Dodge, C. E., Fisk, N., Burruss, G. W., Moule Jr, R. K., & Jaynes, C. M. (2023). What motivates users to adopt cybersecurity practices? A survey experiment assessing protection motivation theory. Criminology & Public Policy, 22(4), 849-868.
Maimon, D., Howell, C. J., & Burruss, G. W. (2021). Restrictive deterrence and the scope of hackers’ reoffending: Findings from two randomized field trials. Computers in Human Behavior, 125, 106943.
Burruss, G. W., Howell, C. J., Maimon, D., & Wang, F. (2021). Website Defacer Classification: A Finite Mixture Model Approach. Social Science Computer Review. https://journals.sagepub.com/doi/10.1177/0894439321994232
Ngo FT, Piquero AR, LaPrade J, Duong B. (2020). Victimization in Cyberspace: Is It How Long We Spend Online, What We Do Online, or What We Post Online? Criminal Justice Review, 45, 430-451. doi:10.1177/0734016820934175
Perkins, R., Howell, C.J., Dodge, C., Burruss, G., & Maiman, D. (2020). Malicious spam distribution: A routine activities approach. Deviant Behavior. Advanced online publication. doi: 10.1080/01639625.2020.1794269
Book Chapters:
Hyslip, Thomas, S. (2020) “Cybercrime as-a-service operations.” in Holt, T. & Bossler, A. (Eds). The Palgrave Handbook of International Cybercrime and Cyber deviance, Palgrave MacMillan. doi: 10.1007/978-3-319-78440-3_36
Dodge, C., & Burruss, G. (2019). Policing cybercrime: Responding to the growing problem and considering future solutions. In Leukfeldt, R. & Holt, T. (Eds.), Cybercrime: The human factor (pp. 339-358). Routledge. doi: 10.4324/9780429460593-15
Burruss, G., & Dodge, C. (2018). The criminality of digital piracy: Is it a pathway to more serious offending? In Holt, T. (Ed.), Digital piracy: A global, multidisciplinary account (pp. 217-238). Routledge. doi: 10.4324/9781315158679-10
Books:
Holt, T. J., Burruss, G., & Bossler, A. (2015). Policing cybercrime and cyberterror.