The ultimate goal of the project is to help prevent cyber crime gaining a better understanding of different types of criminal hackers, their movements, and the types of attacks they perform, as well as their possible ties to organized crime activity and cyber terrorism.
There are so many typologies of hackers, especially if we consider why they do it and how they do it,” says Chiesa, director of communications the Institute for Security and Open Methodologies (ISECOM), which is spearheading the project. ISECOM envisions a methodology where you can identify the type of attacker who hit you based on forensic data that correlates with his or her profile.
The project includes detailed psychological profiles of script kiddies, crackers, and mercenaries, for example, and eventually will correlate honeynet data with the various hacker profiles to match behaviors and methodologies.
“I’m thinking about building a honeypot in order to act like a fake e-banking system, [or] a government Web site,” Chiesa says. “It will help to break some myths and preconception that the society and law enforcement agencies have on cyber criminals.”
Chiesa says one company that wanted to move its IT headquarters to Romania asked ISECOM to analyze the Romanian hacking scene so it could determine the risk of the move. And the United Nations Interregional Crime & justice Research Institute is using the HPP data for studying new threats, he says.
But some security experts have questioned whether it’s truly possible to reach the bad guys and get accurate information from them to actually profile them. “That’s why the whole Hackers Profiling Project was carried out by psychologists, criminology researchers, and infosec people…
http://www.darkreading.com/document.asp?doc_id=164364&WT.svl=news2_5