Understanding Cyber-Dependent Crimes that are Enabled by Malware from a Software Development Perspective

The goal of this thesis is to better understand cyber-dependent crimes that are enabled by malware from a software development perspective. The purpose is threefold: a) to profile malware developers, b) to understand their business model, and c) to measure the impact of malware trading in underground markets and surface forums. These goals translate into a number of research questions: 1) Can we automatically analyse malware to profile malware developers?, 2) Can we automatically process malware-related feeds and third-party intelligence to gain a better understanding of what is the modus operandi of the malware? , and 3) Can we map malware observed in the wild to sellers in the underground markets? I will follow a data-driven methodology that will comprise measurements of malware obtained from the wild and measurements of data from underground markets and darknet forums.