Abstract

Cybercrime Profiling is crucial for understanding and combating always evolving cyber threats, yet current cyber methodologies face challenges in standardisation, resource demands, adaptation to modern cyber crime. This research study investigates the strengths and limitations of current profiling frameworks through scoping literature review and analysis of real-world cyber crime trends. Key findings reveal the lack of empirical validation, struggle with data quality dependencies, have separate tax- onomies making collaboration difficult. The increasing number of social engineering attacks like phishing and vishing highlights the need for more flexible profiling methods.
Inspired by already existing methodology and building onto it, this study proposes a framework addressing the limitations by including a ded- icated Social Engineering Analysis section, motivation-centric behaviour taxonomy and standardised modular reporting. This proposed framework was tested against a vishing attack, demonstrating, how the framework is able to map out the attackers motives and technical indicators using MITRE ATT&CK tactics and techniques. Results highlight the frame- work’s structured abilities to collect evidence, use deductive and inductive profiling.
In order to combat modern cyber crime, this study highlights how vital standardised profiling methodologies and empirical validation is. Future research should prioritise implementing a larger scale of empirical valida- tion and take advantage of AI-driven tools widely available for pattern recognition. This project aligns with the following CyBok Skill: Adver- sarial Behaviours.
Keywords: Cyber Profiling, Cyber Crime, Social Engineering Analysis, Framework Adaptation, Threat Intelligence.

Grade: 1
Mark: 74%