E-crime reporting format draws closer to a standard

The data format would allow entities to exchange information on cybercrimes faster

The Internet Engineering Task Force is close to approving a specification for a common format for reporting e-crime, a step taken to allow security experts to react faster to cybercrime.

The Anti-Phishing Working Group is already collecting reports from organizations using the XML-based Instant Object Description Exchange Format (IODEF), which has been customized with extensions appropriate for e-crime reports, said Peter Cassidy, secretary general of APWG.

The format will allow for unambiguous time stamps, support for different languages and a feature to attach samples of malicious code.

The specification is now with the IETF, which has been looking at it for more than a year. If it is approved as a standard, the format will likely be taken up by banks, security organizations and other entities, Cassidy said. The format can be used to report crimes such as phishing and fraud incidents.

What the specification intends to solve is the inconsistent manner in which e-crime reports are now collected. Different organizations assemble data in a variety of ways, and frequently it is not widely shared, Cassidy said.

"Electronic crime is a smattering of data from places you haven't seen," said Cassidy, who is scheduled to give a presentation on Wednesday at the Council of Europe's conference on cybercrime, which runs through Thursday.

That's problematic since spotting e-crime trends requires broad visibility on incidents around the world. With a standard data format inputted into a database, investigators and experts will be able to mine the data and analyze it much faster using automated tools. The data is so voluminous that manual human analysis is impossible.

"Automated analysis is not an option, it's inevitable, which then allows for deterrence," Cassidy said. "You don't win with episodic data."

With a common reporting format, a bank could query the database to find out what range of IP (Internet Protocol) addresses have been used for fraud attacks, Cassidy said. Other parameters could be used, such as conducting searches by geography or even by grammar mistakes in phishing messages.

Criminals know how difficult it is for law enforcement to chase them electronically and use that to their advantage, Cassidy said. "Everything is against the good guys," he said.

The technical part is easy. The challenge is how the information can be legally shared, as data protection regulations differ by countries and regions. IP addresses, for example, can be considered personally identifiable information, but it's a crucial piece of information in cybercrime investigations, he said.

Once the IETF gives the specification a number, organizations are likely to begin using it, Cassidy said.

"I think the banks will embrace it," Cassidy said. "They're already exchanging data."

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Tags securityIETFcybercrime

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?