Print Email Facebook Twitter Assessing the Role of Online Banking Characteristics in the Target Selection of Banking Malware Title Assessing the Role of Online Banking Characteristics in the Target Selection of Banking Malware Author Samuel Natalius, Samuel (TU Delft Technology, Policy and Management; TU Delft Multi Actor Systems) Contributor van Eeten, M.J.G. (mentor) Hernandez Ganan, C. (graduation committee) de Reuver, G.A. (graduation committee) Tajalizadehkhoob, S. (graduation committee) Degree granting institution Delft University of Technology Programme Complex Systems Engineering and Management (CoSEM) Date 2018-08-29 Abstract Understanding target selection is a step before making a suitable proactive measure to address the complex issue of banking malware in online banking landscape. Despite several previous studies, gaps in the research of target selection are still present like the lack of attention to the non-targeted entities, the presence of other potential factors and the change in the landscape itself. Seeking to address the gaps, this research is conducted to find out what characteristics related to online banking services can affect the likelihood of the malware attack to them. The research starts with literature review to identify characteristics which can potentially explain the target selection, in accordance to aspects of Routine Activity Theory (RAT). Next, data about malware attack and the list of banks as well as several external data like language and authentication factor of online banking were collected and processed for quantitative analysis. Several metrics to approach the actual attack count were proposed and other metrics were extracted from the data. Some interesting findings were captured, like, within the period February 2014 – November 2017, from 5,039 banks in the EU, 1,188 banks were without any online banking services and from 3,851 banks with an online banking service, 1,802 banks were found targeted and 2,049 not targeted. Some malware variants were also seen performing targeted attacks. Meanwhile, it is found from explanatory analysis that some characteristics maintain their significance in explaining the likelihood of attack, like the presence of English and two-factor authentication. Services offering English language were seen to be more attacked. Contrarily, services which implemented 2-factor authentication were found to receive fewer attacks, although more entities with such authentication were targeted. Meanwhile, some other variables were getting less significant when more controlling factors are taken into account, indicating that some variables were relatively more or less important than others. Future work is needed in order to enhance the model so that more plausible conclusion can be obtained, such as improving and adding more data as well as including more factors, especially those that are financial and market related. Subject target selectionbanking malwareonline bankingcharacteristicscyber security To reference this document use: http://resolver.tudelft.nl/uuid:c0308b34-f6f4-46b1-9a23-14a12ef2ae38 Embargo date 2018-08-29 Part of collection Student theses Document type master thesis Rights © 2018 Samuel Samuel Natalius Files PDF Thesis_Samuel_Natalius_46 ... Report.pdf 3.04 MB PDF Thesis_Samuel_Natalius_46 ... r_rev_.pdf 820.04 KB Close viewer /islandora/object/uuid:c0308b34-f6f4-46b1-9a23-14a12ef2ae38/datastream/OBJ1/view