Personal Denial Of Service (PDOS) Attacks: A Discussion and Exploration of a New Category of Cyber Crime

The growth of the Internet has created a corresponding growth in Internet-based crimes and online misbehavior, particularly among younger computer-savvy people. Younger generations have grown up in a world where internet access, social networking, e-commerce and smartphones are commonplace. Given this fact, they have learned how to use, and how to abuse, technology. This leads us to define a new category of cybercrime called a Personal Denial of Service attack (PDOS). A PDOS is a cyber-crime in which an individual deliberately prevents the access of another individual or small group to online services such as email or banking. Due to the nature of a PDOS, these acts can be overlooked by law enforcement and organizations that operate Internet infrastructure, such as universities. Our motivation for this work is twofold: to stress the need for cyber ethics education at the university level, and to illustrate how a previously uncategorized type of cyber crime is easily perpetrated in such an environment. To achieve these goals, we define a PDOS attack and discuss how it differs from other categories of attacks. We also examine the motivation for a PDOS attack in the context of the Routine Activities Theory of criminal justice. We further discuss a "proof of concept" survey administered at four different universities to ascertain their attitudes towards online account breaches as related to a PDOS attack. The survey provides initial evidence that account breaches, which are an integral part of a PDOS attack, are a worrisome threat on university campuses and further points to a need for cyber ethics training.