{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,5]],"date-time":"2026-05-05T04:27:35Z","timestamp":1777955255407,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":56,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,8,29]],"date-time":"2023-08-29T00:00:00Z","timestamp":1693267200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"C3I Hub, India"},{"DOI":"10.13039\/100004318","name":"Microsoft, India","doi-asserted-by":"publisher","id":[{"id":"10.13039\/100004318","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,8,29]]},"DOI":"10.1145\/3600160.3605013","type":"proceedings-article","created":{"date-parts":[[2023,8,9]],"date-time":"2023-08-09T22:54:41Z","timestamp":1691621681000},"page":"1-10","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":13,"title":["Tactics, Techniques and Procedures of Cybercrime: A Methodology and Tool for Cybercrime Investigation Process"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-2421-0083","authenticated-orcid":false,"given":"Gargi","family":"Sarkar","sequence":"first","affiliation":[{"name":"Department of Computer Science and Engineering, Indian Institute of Technology Kanpur, India"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0003-0029-8775","authenticated-orcid":false,"given":"Hardeep","family":"Singh","sequence":"additional","affiliation":[{"name":"C3I Hub, Indian Institute of Technology Kanpur, India"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-0108-2433","authenticated-orcid":false,"given":"Subodh","family":"Kumar","sequence":"additional","affiliation":[{"name":"Microsoft India, India"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5525-7426","authenticated-orcid":false,"given":"Sandeep K.","family":"Shukla","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Engineering, Indian Institute of Technology Kanpur, India"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2023,8,29]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Examining the Challenges of Policing Economic Cybercrime in the UK. G\u00fcvenlik Bilimleri DergisiInternational Security Congress Special Issue","author":"Naci AKDEM\u0130R, B\u00fclent","year":"2020","unstructured":"Naci AKDEM\u0130R, B\u00fclent SUNGUR, and B\u00fcrke BA\u015eARANEL. 2020. Examining the Challenges of Policing Economic Cybercrime in the UK. G\u00fcvenlik Bilimleri DergisiInternational Security Congress Special Issue (2020), 113\u2013134."},{"key":"e_1_3_2_1_2_1","volume-title":"Phishing for Phools","author":"Akerlof A","unstructured":"George\u00a0A Akerlof and Robert\u00a0J Shiller. 2015. Phishing for phools. In Phishing for Phools. Princeton University Press."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1089\/cyber.2010.0307"},{"key":"e_1_3_2_1_4_1","volume-title":"MITRE. Retrieved","author":"CK.","year":"2015","unstructured":"ATT&CK. 2015. MITRE ATT&CK. MITRE. Retrieved April 28, 2023 from https:\/\/attack.mitre.org\/"},{"key":"e_1_3_2_1_5_1","volume-title":"MITRE. Retrieved","year":"2007","unstructured":"CAPEC\u00ae. 2007. MITRE CAPEC\u00ae. MITRE. Retrieved April 28, 2023 from https:\/\/attack.mitre.org\/"},{"key":"e_1_3_2_1_6_1","volume-title":"An analysis of advance fee fraud on the internet. Journal of Financial Crime","author":"Chang JS","year":"2008","unstructured":"Joshua\u00a0JS Chang. 2008. An analysis of advance fee fraud on the internet. Journal of Financial Crime (2008)."},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1057\/s41599-023-01560-x"},{"key":"e_1_3_2_1_8_1","first-page":"1","article-title":"An extended model of cybercrime investigations","volume":"3","author":"Ciardhu\u00e1in S\u00e9amus\u00a0\u00d3","year":"2004","unstructured":"S\u00e9amus\u00a0\u00d3 Ciardhu\u00e1in. 2004. An extended model of cybercrime investigations. International Journal of Digital Evidence 3, 1 (2004), 1\u201322.","journal-title":"International Journal of Digital Evidence"},{"key":"e_1_3_2_1_9_1","volume-title":"MITRE. Retrieved","author":"MITRE Corporation","year":"2016","unstructured":"MITRE Corporation. 2016. MITRE ATT&CK Navigator. MITRE. Retrieved April 28, 2023 from https:\/\/mitre-attack.github.io\/attack-navigator\/"},{"key":"e_1_3_2_1_10_1","volume-title":"Central European Conference on Information and Intelligent Systems. Faculty of Organization and Informatics Varazdin, 435","author":"Cosic Jasmin","year":"2010","unstructured":"Jasmin Cosic and Miroslav Baca. 2010. A framework to (im) prove\" chain of custody\" in digital investigation process. In Central European Conference on Information and Intelligent Systems. Faculty of Organization and Informatics Varazdin, 435."},{"key":"e_1_3_2_1_11_1","volume-title":"Understanding cybercrime in \u2018real world\u2019policing and law enforcement. The Police Journal","author":"Curtis Joanna","year":"2022","unstructured":"Joanna Curtis and Gavin Oxburgh. 2022. Understanding cybercrime in \u2018real world\u2019policing and law enforcement. The Police Journal (2022), 0032258X221107584."},{"key":"e_1_3_2_1_12_1","volume-title":"MITRE. Retrieved","author":"FEND.","year":"2022","unstructured":"D3FEND. 2022. D3FEND\u2122, A knowledge graph of cybersecurity countermeasures. MITRE. Retrieved April 28, 2023 from https:\/\/d3fend.mitre.org\/"},{"key":"e_1_3_2_1_13_1","volume-title":"Information technology and the criminal justice system","author":"David Wall","unstructured":"Wall David and Pattavina April. 2005. The Internet as a conduit for criminal activity. In Information technology and the criminal justice system. Sage, 77\u201398."},{"key":"e_1_3_2_1_14_1","volume-title":"India. Retrieved","year":"2022","unstructured":"Delhi_Cybercrime_Unit. 2022. Custom fraud via social networking sites. Special Cybercrime Unit, India. Retrieved April 28, 2023 from https:\/\/cyber.delhipolice.gov.in\/socialmediacrimes.html"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.21107\/jaffa.v8i2.8350"},{"key":"e_1_3_2_1_16_1","volume-title":"FBI Internet crime report","author":"FBI.","year":"2021","unstructured":"FBI. 2021. FBI Internet crime report 2021. Federal Bureau of Investigation. Retrieved April 28, 2023 from https:\/\/www.documentcloud.org\/documents\/21504639-fbi-internet-crime-report-2021"},{"key":"e_1_3_2_1_17_1","volume-title":"Retrieved","author":"Gargi\u00a0Sarkar Hardeep\u00a0Singh","year":"2022","unstructured":"Hardeep\u00a0Singh Gargi\u00a0Sarkar. 2022. Cybercrime Navigator. In collaboration with C3I Centre and Microsoft India. Retrieved April 28, 2023 from https:\/\/cybercrime.c3ihub.org\/"},{"key":"e_1_3_2_1_18_1","volume-title":"The law of cyber-attack. California law review","author":"Hathaway A","year":"2012","unstructured":"Oona\u00a0A Hathaway, Rebecca Crootof, Philip Levitz, Haley Nix, Aileen Nowlan, William Perdue, and Julia Spiegel. 2012. The law of cyber-attack. California law review (2012), 817\u2013885."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1177\/0002716218783679"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.clsr.2009.09.005"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.clsr.2010.11.001"},{"key":"e_1_3_2_1_22_1","first-page":"80","article-title":"Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains","volume":"1","author":"Hutchins M","year":"2011","unstructured":"Eric\u00a0M Hutchins, Michael\u00a0J Cloppert, Rohan\u00a0M Amin, 2011. Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Leading Issues in Information Warfare & Security Research 1, 1 (2011), 80.","journal-title":"Leading Issues in Information Warfare & Security Research"},{"key":"e_1_3_2_1_23_1","volume-title":"X-Force Threat Intelligence Index","author":"IBM.","year":"2022","unstructured":"IBM. 2022. X-Force Threat Intelligence Index 2022. International Business Machines Corporation (IBM). Retrieved April 28, 2023 from https:\/\/www.ibm.com\/downloads\/cas\/ADLMYLAZ"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ijlcj.2016.07.002"},{"key":"e_1_3_2_1_25_1","volume-title":"Internet Crime Complaint Center IC3","year":"2023","unstructured":"IC3. 2000. Internet Crime Complaint Center IC3. Federal Bureau of Investigation. Retrieved April 28, 2023 from https:\/\/www.ic3.gov\/"},{"key":"e_1_3_2_1_26_1","volume-title":"India. Retrieved","year":"2022","unstructured":"IC4. 2022. National Cyber Crime Reporting Portal. Ministry of Home Affairs, India. Retrieved April 28, 2023 from https:\/\/cybercrime.gov.in\/"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.clsr.2009.09.008"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1108\/PIJPSM-07-2019-0107"},{"key":"e_1_3_2_1_29_1","volume-title":"The global cybercrime industry: economic, institutional and strategic perspectives","author":"Kshetri Nir","unstructured":"Nir Kshetri. 2010. The global cybercrime industry: economic, institutional and strategic perspectives. Springer Science & Business Media."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.tele.2019.04.009"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1007\/s12117-014-9229-5"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/IMIS.2011.58"},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.4324\/9780203354643"},{"key":"e_1_3_2_1_34_1","volume-title":"Cyber Kill Chain","author":"Martin Lockheed","year":"2023","unstructured":"Lockheed Martin. 2022. Cyber Kill Chain. Lockheed Martin Corporation. Retrieved April 28, 2023 from https:\/\/www.lockheedmartin.com\/en-us\/capabilities\/cyber\/cyber-kill-chain.html"},{"key":"e_1_3_2_1_35_1","volume-title":"The human factor of cybercrime","author":"McGuire Michael","unstructured":"Michael McGuire. 2019. It ain\u2019t what it is, it\u2019s the way that they do it? Why we still don\u2019t understand cybercrime. In The human factor of cybercrime. Routledge, 3\u201328."},{"key":"e_1_3_2_1_36_1","volume-title":"Cyber crime: A review of the evidence. Summary of key findings and implications. Home Office Research report 75","author":"McGuire Mike","year":"2013","unstructured":"Mike McGuire and Samantha Dowling. 2013. Cyber crime: A review of the evidence. Summary of key findings and implications. Home Office Research report 75 (2013), 1\u201335."},{"key":"e_1_3_2_1_37_1","volume-title":"Goverment of India. Retrieved","author":"MEIT.","year":"2016","unstructured":"MEIT. 2016. Information Technology Act 2000. Goverment of India. Retrieved April 28, 2023 from https:\/\/www.meity.gov.in\/content\/information-technology-act-2000"},{"key":"e_1_3_2_1_38_1","volume-title":"MITRE. Retrieved","author":"MITRE.","year":"2020","unstructured":"MITRE. 2020. MITRE ATT&CK: Design and Philosophy. MITRE. Retrieved April 28, 2023 from https:\/\/attack.mitre.org\/docs\/ATTACK_Design_and_Philosophy_March_2020.pdf"},{"key":"e_1_3_2_1_39_1","volume-title":"MITRE. Retrieved","year":"2015","unstructured":"MITREGitHub. 2015. Layer Definition. MITRE. Retrieved April 28, 2023 from https:\/\/github.com\/mitre-attack\/attack-navigator\/tree\/master\/layers"},{"key":"e_1_3_2_1_40_1","volume-title":"India. Retrieved","author":"NCRB.","year":"2021","unstructured":"NCRB. 2021. Crime Report 2021. Ministry of Home Affairs, India. Retrieved April 28, 2023 from https:\/\/ncrb.gov.in\/"},{"key":"e_1_3_2_1_41_1","volume-title":"Cybercrime and you: How criminals attack and the human factors that they seek to exploit. arXiv preprint arXiv:1811.06624","author":"Nurse RC","year":"2018","unstructured":"Jason\u00a0RC Nurse. 2018. Cybercrime and you: How criminals attack and the human factors that they seek to exploit. arXiv preprint arXiv:1811.06624 (2018)."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.3390\/forensicsci2020028"},{"key":"e_1_3_2_1_43_1","volume-title":"Retrieved","year":"2022","unstructured":"proofpoint. 2022. Multi-Persona Impersonation. proofpoint. Retrieved April 28, 2023 from https:\/\/www.proofpoint.com\/au\/blog\/threat-insight\/ta453-uses-multi-persona-impersonation-capitalize-fomo"},{"key":"e_1_3_2_1_44_1","volume-title":"Fool\u2019s gold: Social proof in the initiation and abandonment of coverage by Wall Street analysts. Administrative science quarterly 46, 3","author":"Rao Hayagreeva","year":"2001","unstructured":"Hayagreeva Rao, Henrich\u00a0R Greve, and Gerald\u00a0F Davis. 2001. Fool\u2019s gold: Social proof in the initiation and abandonment of coverage by Wall Street analysts. Administrative science quarterly 46, 3 (2001), 502\u2013526."},{"key":"e_1_3_2_1_45_1","doi-asserted-by":"publisher","DOI":"10.1057\/s41284-017-0095-0"},{"key":"e_1_3_2_1_46_1","volume-title":"Laundering Money Online: a review of cybercriminals methods. arXiv preprint arXiv:1310.2368","author":"Richet Jean-Loup","year":"2013","unstructured":"Jean-Loup Richet. 2013. Laundering Money Online: a review of cybercriminals methods. arXiv preprint arXiv:1310.2368 (2013)."},{"key":"e_1_3_2_1_47_1","volume-title":"Laurie Yiu-Chung Lau, and Lennon\u00a0YC Chang","author":"Sarre Rick","year":"2018","unstructured":"Rick Sarre, Laurie Yiu-Chung Lau, and Lennon\u00a0YC Chang. 2018. Responding to cybercrime: current trends., 515\u2013518\u00a0pages."},{"key":"e_1_3_2_1_48_1","doi-asserted-by":"publisher","DOI":"10.4156\/jnit.vol2.issue2.1"},{"key":"e_1_3_2_1_49_1","first-page":"497","article-title":"A Survey of Digital Evidences Forensic and Cybercrime Investigation","volume":"17","author":"Sun Jia-Rong","year":"2015","unstructured":"Jia-Rong Sun, Mao-Lin Shih, and Min-Shiang Hwang. 2015. A Survey of Digital Evidences Forensic and Cybercrime Investigation Procedure.Int. J. Netw. Secur. 17, 5 (2015), 497\u2013509.","journal-title":"Procedure.Int. J. Netw. Secur."},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1109\/TSMC.2017.2700495"},{"key":"e_1_3_2_1_51_1","volume-title":"Classification and Adaptive Response. In 2018 5th International Conference on Control, Decision and Information Technologies (CoDIT). IEEE, 470\u2013475","author":"Tsakalidis George","year":"2018","unstructured":"George Tsakalidis, Kostas Vergidis, and Michael Madas. 2018. Cybercrime Offences: Identification, Classification and Adaptive Response. In 2018 5th International Conference on Control, Decision and Information Technologies (CoDIT). IEEE, 470\u2013475."},{"key":"e_1_3_2_1_52_1","volume-title":"India. Retrieved","year":"2022","unstructured":"UP_Cybercrime. 2022. Investment fraud using vishing. Special Cybercrime Unit, India. Retrieved April 28, 2023 from https:\/\/www.the420.in\/fake-call-centre-busted-noida-police-arrests-16-callers-involved-in-insurance-fraud\/"},{"key":"e_1_3_2_1_53_1","volume-title":"Cybercrime: The transformation of crime in the information age. Vol.\u00a04","author":"Wall David","year":"2007","unstructured":"David Wall. 2007. Cybercrime: The transformation of crime in the information age. Vol.\u00a04. Polity."},{"key":"e_1_3_2_1_54_1","first-page":"1","article-title":"Cybercrime, media and insecurity: The shaping of public perceptions of cybercrime","volume":"22","author":"S","year":"2008","unstructured":"David\u00a0S Wall*. 2008. Cybercrime, media and insecurity: The shaping of public perceptions of cybercrime. International Review of Law, Computers & Technology 22, 1-2 (2008), 45\u201363.","journal-title":"International Review of Law, Computers & Technology"},{"key":"e_1_3_2_1_55_1","volume-title":"The use of specialized cybercrime policing units: An organizational analysis. Criminal justice studies 29, 2","author":"Willits Dale","year":"2016","unstructured":"Dale Willits and Jeffrey Nowacki. 2016. The use of specialized cybercrime policing units: An organizational analysis. Criminal justice studies 29, 2 (2016), 105\u2013124."},{"key":"e_1_3_2_1_56_1","first-page":"3537","article-title":"A review on the problem of adolescent due to the excessive use of technology: Cyberbully","volume":"9","author":"Yadav Balram\u00a0Singh","year":"2020","unstructured":"Balram\u00a0Singh Yadav and Harpreet Kaur. 2020. A review on the problem of adolescent due to the excessive use of technology: Cyberbully. Int. J. Sci. Technol. Res 9 (2020), 3537\u20133541.","journal-title":"Int. J. Sci. Technol. Res"}],"event":{"name":"ARES 2023: The 18th International Conference on Availability, Reliability and Security","location":"Benevento Italy","acronym":"ARES 2023"},"container-title":["Proceedings of the 18th International Conference on Availability, Reliability and Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3600160.3605013","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3600160.3605013","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T17:49:16Z","timestamp":1750182556000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3600160.3605013"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,8,29]]},"references-count":56,"alternative-id":["10.1145\/3600160.3605013","10.1145\/3600160"],"URL":"https:\/\/doi.org\/10.1145\/3600160.3605013","relation":{},"subject":[],"published":{"date-parts":[[2023,8,29]]},"assertion":[{"value":"2023-08-29","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}