David MaimonGeorgia State University | GSU · Department of Criminal Justice and Criminology
David Maimon
PhD Sociology
About
96
Publications
14,067
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
1,873
Citations
Publications
Publications (96)
Introduction
The effectiveness of human-centric cybersecurity largely depends on end-users’ adherence to security and privacy behaviors. Understanding and predicting variations in the adoption of these safeguards is crucial for both theoretical advancement and practical application. While existing frameworks are often adapted from health science li...
The current study employs group-based trajectory modeling to assess the longitudinal attack patterns of new hackers involved in website defacement. Specifically, we track the activity of 241 emergent hackers for one year following their first verified website defacement. In doing so, we find four distinct criminal trajectories: low threat (29.0%),...
With the advent of the internet, romance fraud-or instances wherein individuals use fake identities and sham romantic relationships to defraud others-has moved online. Victims of this crime experience harms to their financial, social, and personal well-being. While researchers have made strides in exploring this crime from the perspective of victim...
Scant research has investigated the illicit online ecosystem that enables the sale of stolen data. Even fewer studies have examined the longitudinal trends of the markets on which these data are bought and sold. To fill this gap in the literature, our research team identified 30 darknet markets advertising stolen data products from September 1, 202...
This chapter seeks to explain money laundering activities through underground banking operations within the Canadian context while discussing the modus operandi of criminal organizations that employ casinos and real estate transactions to support these illegal activities.
Security messages, as a form of information security awareness training, are designed to encourage individuals to make an informed security decision, reducing their susceptibility to online victimization. To date, no known study has assessed the effectiveness of security messages or whether the effectiveness of these messages varies based on the re...
Although previous research has examined the association between the absence of guardianship and online sexual grooming victimization, no previous study has examined the impact of parental supervision on the progression of an online grooming event. To address this empirical gap, we designed three honeypot chat bots that simulated young female users...
The prevalence of cyber-dependent crimes and illegal activities that can only be performed using a computer, computer networks, or other forms of information communication technology has significantly increased during the last two decades in the USA and worldwide. As a result, cybersecurity scholars and practitioners have developed various tools an...
Crime prevention through environmental design (CPTED) is a non-punitive method for reducing crime through the design of the built environment. The relevance of CPTED strategies, however, is less clear in the context of computing environments. Building upon prior research indicating that computing environments may change computer users’ behaviors, t...
The current study employs a quasi-experimental design to test the efficacy of situational crime prevention (SCP) in understanding risk avoidance behavior in a darknet environment. Specifically, we deployed a web scraper to extract data from a popular darknet market. We then used these data to assess change in vendors and customers’ behavior followi...
Over the past four decades, research on hackers has widely propagated within the social sciences. Although this area of scholarship yields rich insight into the interpersonal dynamics of hackers, research on the unique ecosystems they create and inhabit is scant in comparison. The current study aims to offer a more complete assessment of hackers’ e...
https://www.routledge.com/Evidence-Based-Cybersecurity-Foundations-Research-and-Practice/Pomerleau-Maimon/p/book/9781032062761
https://www.routledge.com/Evidence-Based-Cybersecurity-Foundations-Research-and-Practice/Pomerleau-Maimon/p/book/9781032062761
https://www.routledge.com/Evidence-Based-Cybersecurity-Foundations-Research-and-Practice/Pomerleau-Maimon/p/book/9781032062761
https://www.routledge.com/Evidence-Based-Cybersecurity-Foundations-Research-and-Practice/Pomerleau-Maimon/p/book/9781032062761
https://www.routledge.com/Evidence-Based-Cybersecurity-Foundations-Research-and-Practice/Pomerleau-Maimon/p/book/9781032062761
https://www.routledge.com/Evidence-Based-Cybersecurity-Foundations-Research-and-Practice/Pomerleau-Maimon/p/book/9781032062761
https://www.routledge.com/Evidence-Based-Cybersecurity-Foundations-Research-and-Practice/Pomerleau-Maimon/p/book/9781032062761
https://www.routledge.com/Evidence-Based-Cybersecurity-Foundations-Research-and-Practice/Pomerleau-Maimon/p/book/9781032062761
https://www.routledge.com/Evidence-Based-Cybersecurity-Foundations-Research-and-Practice/Pomerleau-Maimon/p/book/9781032062761
https://www.routledge.com/Evidence-Based-Cybersecurity-Foundations-Research-and-Practice/Pomerleau-Maimon/p/book/9781032062761
Accessing public Wi-Fi networks can be as dangerous as it is convenient. People who access a public Wi-Fi network should engage in self-protective behaviors to keep their data safe from malicious actors on the same network as well as persons looking over their shoulder, literally and proverbially. Using two independent research designs, we examined...
In the face of market uncertainty, illicit actors on the darkweb mitigate risk by displacing their operations across digital marketplaces. In this study, we reconstruct market networks created by vendor displacement to examine how digital marketplaces are connected on the darkweb and identify the properties that drive vendor flows before and after...
To assess the efficacy of routine activity theory (RAT) for explaining phishing victimization and guide evidence-based policy, we launched two phishing attacks via a university Listserv ( N = 25,875). The first email offered access to a pdf file; the second offered free concert tickets. Several interesting findings emerged demonstrating phishing vi...
Extensive criminological research has investigated the effectiveness of law enforcement efforts to prevent offenders' reoffending and effect changes in criminal behavior patterns. However, no research has quantified the influence of gossip regarding law enforcement operations and its effect on repeat offending. Moreover, only scant research has stu...
Hackers often engage in website defacement early in their criminal careers to establish a reputation. Some hackers become increasingly prolific and launch a large number of attacks against their targets, whereas others only launch a few attacks before eventually desisting from a life of crime. A better understanding of why some hackers launch a lar...
Victims of romance fraud experience both a financial and emotional burden. Although multiple studies have offered insight into the correlates of perpetration and victimization, no known study has examined if, and how, romance fraud can be curtailed. The current study uses a randomized experimental design to test the restrictive deterrent effect of...
Focusing on two of the most common deceptive strategies employed by fraudsters, we assess which type of cue—politeness or urgency—is more likely to result in an email fraud attempt. We also examine whether these cues are mutually exclusive and consistent throughout the progression of a fraud attempt. To answer our research questions, we posted “for...
Business Email Compromise (BEC) is an attack in which a scammer poses as a colleague of the intended victim or vendor of the targeted organization, and where the scammer either asks the intended victim to perform a payment or to send sensitive data. However, even though BEC is an increasing threat, the shape of the underlying scam is not well under...
Evidence-based cybersecurity is an approach aiming to support security professionals’ and policymakers’ decision-making processes regarding the deployment of security policies and tools, by calling for rigorous scientific investigations of the effectiveness of these policies and tools in achieving their goals in the wild. This approach focuses on t...
The distribution of malicious spam occurs in substantial numbers around the globe and can function as a precursor to serious forms of cybercrime. Yet to date, no known study has employed criminological theory to gain insight into the macro-correlates of malicious spam victimization. To address this gap in the literature, the current study utilizes...
One consequence of the public's compliance with social distancing and quarantines during the COVID-19 pandemic is a sharp decline in most types of crime. It looks like people staying home made communities less conducive to crime. Unfortunately, the news isn't as good as those numbers alone suggest. Other settings are seeing an increase in crime fol...
Compared to the offline world, the online environment is more anonymous and therefore less easily controlled. Criminological theories generally show that people are more likely to commit crime when they experience or perceive less formal or informal social control. Consequently, one might assume that people are more likely to commit crime online th...
Adopting the criminal event perspective, we explore how online fraudsters make use of urgency cues in their interactions with potential victims throughout the progression of an online nonpayment fraud attempt. Integrating claims from the ‘Interpersonal-Deception Theory’ with situational explanations of crime, we investigate whether fraudsters’ pres...
The book begins with an introductory chapter that sets the scene: providing an overview of the core principles associated with crime prevention targeting that will be drawn upon throughout. It chronicles the unique aspects of offending within digital contexts, and in particular, explicates offending lifecycles, and flags significant points of diver...
This chapter examines a broad range of techniques known as situational crime prevention (SCP). This form of intervention takes cues from a host of theoretical perspectives and involves the design and manipulation of the environment to make offenders’ decisions to become involved in crime less attractive. The use of SCP is widespread in traditional...
This chapter draws together the key empirical strands that have emerged throughout the preceding chapters and explicates the practical dimensions of this work. It acknowledges first that there has been very little research evaluating the effects of crime prevention initiatives on cybercrime. It then outlines ways in which this gap can be addressed...
This chapter investigates the use of educational workshops in preventing crime. This type of intervention brings together groups of individuals deemed at risk of offending to educate them about the consequences of crime, or to promote positive behaviours and skills that reduce the likelihood of committing crime. Though educational workshops vary wi...
This chapter examines interventions that can be broadly categorised as mentoring. Mentoring is underpinned by a philosophy that promotes supportive interpersonal relationships that offer guidance to young people throughout their social-emotional, cognitive, and identity development. This chapter chronicles the popularity of mentoring as being one o...
This chapter examines the use of targeted warnings and cautions by police (i.e. cease-and-desist messaging) that aim to deter potential offenders from future offending. These interventions rely on rational choice and labelling theories of crime. This chapter examines the results of studies that evaluate such interventions for offline crimes. Overal...
This chapter explores universal communication strategies: mass media messages that aim to deter people from committing crimes. These interventions are underpinned by rational choice theories of crime, and typically attempt to alter individuals’ perceptions of the risks and rewards of offending. Mass media communications target a wide audience and h...
This chapter examines the programs and strategies associated with positive diversions. Positive diversions redirect individuals towards prosocial behaviours and peer influences and focus on rehabilitation rather than punitive actions. This chapter reviews the evidence for such interventions in reducing offline crime, concluding that the findings ar...
This chapter investigates a series of interventions that fall under the banner of restorative justice procedures. These procedures offer an informal alternative to formal court processes and typically involve bringing the offender and the victim together to discuss the harm caused, as well as measures to remediate the harm and assist the offender t...
This book articulates how crime prevention research and practice can be reimagined for an increasingly digital world. This ground-breaking work explores how criminology can apply longstanding, traditional crime prevention techniques to the digital realm. It provides an overview of the key principles, concepts and research literature associated with...
Although a relatively simple form of hacking, website defacement can have severe consequences both for the websites that are attacked and the reputation of their owners. However, criminological research has yet to fully explore the causes and correlates of website defacement. We consider whether variables derived from routine activity theory can be...
Can computing environments deter system trespassers and increase intruders’ likelihood to cover their tracks during the progression of a system trespassing event? To generate sufficient empirical evidence to answer this question, we designed a series of randomized field trials using a large set of target computers built for the sole purpose of bein...
Cryptomarkets are commercial websites on the web that operate via darknet, a portion of the Internet that limits the ability to trace users’ identity. Cryptomarkets have facilitated illicit product trading and transformed the methods used for illicit product transactions. The survellience and understanding of cryptomarkets is critical for law enfor...
Cryptomarkets (or darknet markets) are commercial hidden-service websites that operate on The Onion Router (Tor) anonymity network. Cryptomarkets accept primarily bitcoin as payment since bitcoin is pseudonymous. Understanding bitcoin transaction patterns in cryptomarkets is important for analyzing vulnerabilities of privacy protection models in cr...
Online crime has increased in severity and frequency over the past two decades. However, although several scientific disciplines have commonly employed criminological theories to explain this phenomenon, mainstream criminology has devoted relatively scant attention to the investigation of cyber-criminals and their victims. Drawing on this assumptio...
Cybercrime and hacking have become ubiquitous over the past decades. Although many studies have explored hacking communities, only a few have investigated hacking networks on the country and cross-country levels. We collected data on successful brute-force attacks (BFAs) and system-trespassing incidents (Sessions) on honeypots (HPs). Based on one m...
The proliferation of public WiFi networks in small businesses, academic institutions, and municipalities allows users to access the Internet from various public locations. Unfortunately, the nature of these networks pose serious risks to users' security and privacy. As a result, public WiFi users are encouraged to adopt a range of self-protective b...
Research Summary
The results of previous research indicate that the presentation of deterring situational stimuli in an attacked computing environment shapes system trespassers’ avoiding online behaviors during the progression of a system trespassing event. Nevertheless, none of these studies comprised an investigation of whether the effect of dete...
System trespassing, which refers to the unauthorized access of computer systems, has rapidly become a worldwide phenomenon. Despite growing concern, criminological literature has paid system trespassing little attention. The current study utilizes data gathered from a Chinese computer network to examine system trespasser behavior after exposure to...
While there have been no recorded incidents of cyber terrorism to date there remains much speculation about the potential harms that would result from cyber terror attack. With a lack of empirical research on cyber terrorism, the purely theoretical nature of this threat challenges security experts' quest for identifying effective security solutions...
this study focuses on the spatial context of hacking to networks of Honey-pots. We investigate the relationship between topological positions and geographic positions of victimized computers and system trespassers. We've deployed research Honeypots on the computer networks of two academic institutions, collected information on successful brute forc...
Objectives
Test whether the presence of a surveillance message on an attacked computer system influences system trespassers’ active engagement with the compromised system (i.e., entering computer commands). The hypothesized restrictive deterrent effect is tested both in the context of a first system trespassing incident and in the progression of re...
We employ knowledge regarding the early phases of system trespassing events and develop a context-related, theoretically driven
study that explores computer networks’ social vulnerabilities to remote system trespassing events. Drawing on the routine
activities perspective, we raise hypotheses regarding the role of victim client computers in determi...
A network defense strategy based on the prediction of cyber attacker's behaviors was given in order to effectively prevent cyber attacks. Intruders' behaviors have strong randomness and uncertainty. A network of high-interaction honeypots was deployed to collect attack data, especially the behavior data of the attacker after successfully intruding...
Neighborhood research has increasingly emphasized the potential for contextual characteristics to moderate the effects of youths' experiences on their outcomes. Drawing on collective efficacy theory, we examine the variable consequences of youths' exposures to life-threatening violence across neighborhoods. We argue that strong community normative...
System trespassing by computer intruders is a growing concern among millions of Internet users. However, little research has employed criminological insights to explore the effectiveness of security means to deter unauthorized access to computer systems. Drawing on the deterrence perspective, we employ a large set of target computers built for the...
In this chapter, we provide a critical overview of research concerning the association between neighborhood context and mental health. Along the way, we address several fundamental questions. What is neighborhood context, and how is it measured and analyzed? What is the nature and extent of the association between neighborhood context and mental he...
Cybercrime has been the focus of public attention during the last decade. However, within the criminological field, no prior
research initiatives have been launched in an effort to better understand this phenomenon using computer network data. Addressing
this challenge, we employ the classical routine-activities and lifestyle perspective to raise h...
Cybercrime has been the focus of public attention during the last decade. However, within the criminological field, no prior research initiatives have been launched in an effort to better understand this phenomenon using computer network data. Addressing this challenge, we employ the classical routine-activities and lifestyle perspective to raise h...
This paper describes an empirical study to assess whether computer focused crimes are impacted by system configurations. The study relies on data collected during 30 days on a farm of target computers of various configurations (disk space, memory size, and bandwidth). In addition, some target computers included a warning sign. Following a brute for...
In this paper, we report some lessons learned on conducting empirical studies in cybersecurity. We first describe our attempts to obtain and process security data collected by other organizations. We then list the security data available for research at the University of Maryland and the research we have conducted using these data. Facing critiques...
Although recent research demonstrates the relevance of situational and structural-level processes in determining youth violent victimization, only scant attention has been given to these processes’ potential interactions. Accordingly, we study the interactive effects of unstructured socializing with peers, peer group orientation and neighbourhood s...
Although schools in the United States adopted harsher disciplinary policies in the early 1990s, to date, there is little evidence showing whether severe school sanctions against student misconduct prevent crime. Drawing on both deterrence and rational choice theories, we test the proposition that harsh school-based policies against violence reduce...
The suicide rate among American adolescents between the ages of 14-25 has dramatically increased during the last 50 years, and this fact has been the focus of extensive social-scientific investigation. To date, however, research focusing on the joint effects of mental health, family, and contextual-level predictors on adolescents' suicidal behavior...
Relying on extensions of routine activities and social disorganization theories, we examine whether 1) neighborhood social characteristics shape opportunities for the development of unstructured socializing with peers among adolescents, 2) whether unstructured socializing leads to an increase in violent behavior within urban communities, and 3) whe...
Relying on extensions of routine activities and social disorganization theories, we examine whether 1) neighborhood social characteristics shape opportunities for the development of unstructured socializing with peers among adolescents, 2) whether unstructured socializing leads to an increase in violent behavior within urban communities, and 3) whe...
Exposure to violence is a serious public health concern that compromises adolescents by affecting their behavior and psychological well-being. The current study advances knowledge about the consequences of exposure to violence in adolescence by applying a life course perspective to evaluate the developmental implications of adolescents' exposure to...
Although the suicide rate among U.S. youth between the ages of 10 to 24 dramatically increased during the past 50 years, little research has examined this outcome within larger social contexts of the adolescent environment. Relying on Durkheim's theory of social integration, we examine the effect of individual- and structural-level social integrati...