TTPs-based Cybercrime Investigation Framework

1 min read
TTPs-based Cybercrime Investigation Framework Blog Image


IIT Kanpur recently developed TTPs-based cybercrime investigation framework.

What are TTPs?

  • TTPs stands for Tactics, Techniques, and Procedures.
  • It is the term used by cybersecurity professionals to describe the behaviors, processes, actions,and strategies used by a threat actor to develop threats and engage in cyberattacks.

About TTPs-based Cybercrime Investigation Framework:

  • It is a tool for apprehending cybercriminals’ modes of operations in a crime execution lifecycle.
  • It was developed by the I-hub NTIHAC foundation (c3ihub) at IIT Kanpur with support from the Department of Science and Technology (DST) under the National Mission on Interdisciplinary Cyber-Physical Systems (NM-ICPS).
  • The framework can help in tracking and classifying cybercrimes, identifying the chain of evidences required to solve the case and mapping evidences onto the framework to convict criminals.
  • The technology can create an approximate crime execution path and suggest a crime path based on user derived set of keywords.
  • It can also compare modus operandi (Mode of Operation) used in different crimes, and manage user roles and track activity for crime paths.
  • It could be highly effective as it restricts the number of forms and methods the investigation can be conducted and primarily relies on criminals’ TTPs. This leads to precise and rapid conviction of cybercriminals. 

Q1: What is the National Mission on Interdisciplinary Cyber-Physical Systems (NM-ICPS)?

The National Mission on Interdisciplinary Cyber-Physical Systems (NM-ICPS) is an initiative of the Government of India aimed at advancing research, development, and innovation in the field of cyber-physical systems (CPS). NM-ICPS was launched in 2018 under the Department of Science and Technology (DST) .The Mission aims at establishment of 15 numbers of Technology Innovation Hubs (TIH), six numbers of Application Innovation Hubs (AIH) and four numbers of Technology Translation Research Parks (TTRP).  

Source: Cybercrime Investigation Tool developed can track cyberattacks targeting human