In computing, remote devices may be identified by means of device fingerprinting, which works by collecting a myriad of clientside attributes such as the device’s browser and operating system version, installed plugins, screen resolution, hardware artifacts, Wi-Fi settings, and anything else available to the server, and then merging these attributes into uniquely identifying fingerprints. This technique is used in practice to present personalized content to repeat website visitors, detect fraudulent users, and stop masquerading attacks on local networks. However, device fingerprints are seldom uniquely identifying. They are better viewed as partial device fingerprints, which do have some discriminatory power but not enough to uniquely identify users. How can we infer from partial fingerprints whether different observations belong to the same device?We present a mathematical formulation of this problem that enables probabilistic inference of the correspondence of observations. We set out to estimate a correspondence probability for every pair of observations that reflects the plausibility that they are made by the same user. By extending probabilistic data association techniques previously used in object tracking, traffic surveillance and citation matching, we develop a general-purpose probabilistic method for estimating correspondence probabilities with partial fingerprints. Our approach exploits the natural variation in fingerprints and allows for use of situation-specific knowledge through the specification of a generative probability model. Experiments with a real-world dataset show that our approach gives calibrated correspondence probabilities. Moreover, we demonstrate that improved results can be obtained by combining device fingerprints with behavioral models ... Read more

Over the past decade, considerable research effort has been devoted to articulating and measuring the various ways through which cyber crime impacts overall society. The large volume of literature on the topic contains few attempts to produce estimates of the financial impact of specific cyber incidents and little agreement on how to derive such estimates. An important substrata of this literature focuses on placing a monetary value on the costs of cyber crime but little is known about the long-term economic impact to society. In this article, we first assess the shortcomings of existing cost estimates and focus on the relevant issues pertinent to the feasibility of deriving valid and useful estimates beyond cost-benefit analyses. Following a mixed top-down/bottom-up methodology, we propose a theoretical framework to systematically identify the short and long-term impacts of cyber crime both at the agent and societal level. This framework serves as the foundation to assess the economic consequences of cyber crime beyond monetary costs by focusing on the impact on economic growth. ... Read more

While cybercrime has existed for many years and is still reported to be a growing problem, reliable estimates of the economic impacts are rare. We develop a survey instrument tailored to measure the costs of consumer-facing cybercrime systematically, by aggregating different cost factors into direct losses and expenses for protection measures. We use our instrument to collect representative primary data on the prevalence of seven different types of consumer-facing cybercrime in six European countries. Our results show that cybercrime rather causes losses of time than money and that the losses of victims are dwarfed by the expenses for preventive protection. We identify scams to be the worst type of cybercrime in terms of losses. While identity thefts associated with financial accounts cause high initial losses for the victims, most of them receive substantial compensation. We find that loss distributions are skewed to the left, bearing the risk of overestimating costs when looking at figures summarized by the arithmetic mean. ... Read more