This project aims at providing a comprehensive assessment of the crime landscape in the DeFi industry and offer strategies to better protect DeFi actors and their users through three objectives:

• Identify all DeFi actors in the industry and define their roles and characteristics
• Determine what characteristics make DeFi actors attractive crime targets
• Provide evidence-based policy recommendations to better protect Canadians participating in the DeFi industry

Decentralized finance enterprises are offering an array of financial services and products based on blockchain technologies and their related cryptocurrencies. While regulatory agencies are actively trying to regulate them, individuals developing these technologies have the option to relocate their financial activities to offshore jurisdictions to avoid complying to these new regulations. The objective of this mini-project is to offer a first overview of the offshore jurisdictions in which decentralized finance enterprises are registered.

In 2021, cybercrime reached alarming proportions, generating over 7 trillion USD and ranking as the world's third-largest economic power. Confronted with this growing threat, research has shifted towards the proactive identification of cyber threats, exploring methods for predicting exploits and attacks. However, this approach often overlooked the criminological aspect in favor of algorithms and technical intelligence. The advent of big data emphasized the need to optimize information collection, giving rise to the "key hacker identification problem."

This study focuses on identifying key actors within darkweb hacking forums, drawing inspiration from three distinct approaches: social network analysis, content analysis, and a hybrid approach integrating both dimensions along with user seniority. However, none have explored the qualifications of key actors, a crucial gap considering the diversity of knowledge levels within hacker communities. Building on Bouchard and Nguyen's (2011) classification, this study proposes a hybrid methodology to identify key actors by integrating social metrics (social networks, seniority) and a technical analysis of Common Vulnerabilities and Exposures (CVEs). CVEs serve as a basis to assess actors' expertise, critical to the success of their malicious activities.

The objectives of this study are as follows: (1) Establish profiles of threat actors based on their technical expertise. (2) Prioritize the danger levels of profiles, thereby identifying key actors in accordance with the Bouchard & Nguyen framework, where the key lies in expertise and commitment.

By considering vulnerabilities exploited by actors and their activity on forums, this research aims to contribute to understanding cyber threats while filling the criminological gap on key actors. By revealing profiles and identifying key actors, this study aspires to strengthen organizations' ability to anticipate and prevent future cyber attacks.

This project focuses on illegal consumers of wildlife and specifically tropical plants and cacti purchased illegally online. The main objective of this project is to understand how consumers perceive their illegal wildlife consumption. Considering the increase in demand for wildlife due to population growth and the democratization of transportation, it is important to better understand the behavior of wildlife consumers in order to develop interventions to reduce demand.

The Conti group is one of the most infamous ransomware operators on the international scene. The recent leak of their internal chat data represents a golden opportunity to study their organization by analyzing their communication. However, given the hundreds of thousands of conversations, going through such chats manually is a gigantic monotonous task. Instead, this study shows how to use machine learning algorithms to uncover insights on the organization of the Conti criminal group. More precisely, it shows how to leverage well established and straightforward machine learning methods, including Natural Language Processing (NLP) and Latent Dirichlet Allocation (LDA), coupled with visualization strategies (using WordCloud and pyLDAvis), to determine the main working positions of Conti members. The model uncovers five distinct roles: managers, technical workforce, human resources, writing malware, and customer service. These roles are distributed unevenly within the ransomware group: the HR role includes more than half of members, while the technical workforce and writing malware groups represent less than a quarter of members. The Customer service/problem-solvers account for one fifth and only a few are identified as managers. These results imply that running large ransomware operations require a workforce skilled beyond technical abilities. Hence, this study shows how to extract actionable information and automatically build knowledge on the organization of a sophisticated cybercrime group. Cybersecurity and law enforcement analysts can reproduce the presented method on their own datasets and quickly extract meaning out of gigabytes of conversations.

External collaborator: Sebastian Garcia (Czech Technical University)

My dissertation aims to explore how reporting entities in the real estate sector perceive and experience their role in the fight against money laundering. To achieve this, the objectives are to assess their knowledge in terms of compliance obligations, to record their field experience with suspicious money laundering activities, and to evaluate the relationship between their legal duty and their legitimacy with their clients. These results will allow for the formulation of recommendations to the sector in order to better align the reality of the reporting entities with the needs to counter this type of activity. These objectives will be achieved from the theoretical perspective of rational choice, which reflects individual decision-making based on a process of maximizing profits and personal interests, while taking into account constraints and potential associated costs. To successfully conduct this study, online questionnaires are distributed to real estate brokers and semi-structured interviews are conducted with some candidates.

This project investigates crime opportunities within the decentralized finance (DeFi) industry, focusing on crime events where DeFi actors (entities providing DeFi services) are targeted by profit-driven malicious external parties. More precisely, the study aims at assessing if specific DeFi actor or cryptoasset characteristics influence target attractiveness, to ultimately identify what characteristics may contribute to the likelihood of a DeFi actor being attacked. In fact, research on crime in the decentralized finance industry (DeFi) has mostly focused on how assets can be stolen but fail to investigate victimized parties as thoroughly as malicious ones. This study therefore takes a first step towards developing explanations regarding victimization patterns in the DeFi space drawing on opportunity theory’s theoretical framework. While this ecosystem hosts impressive financial incentives, it is still widely under-regulated, hence why users have been able and motivated to commit theft through this technology. One can then easily understand how rationally, DeFi is deemed a suitable target. It is also known that victimization rates and distributions for crimes of theft and violence differ widely among different groups of people. However, this has yet to be verified in a unique ecosystem such as DeFi.Thus, this study aims at further our understanding of crime opportunity theory by investigating the concept of “suitable target” in a unique ecosystem that is inherently attractive. This will be achieved by assessing if target attractiveness and victimization rates are influenced by the value of cryptoassets or different DeFi actor characteristics. Do more delinquents seize the opportunity when cryptoassets market value is high? Are all DeFi actors’ equal attractive targets? If not, what differentiates them?

Some people can associate themselves with actors or individuals working in legitimate sectors and companies to assist them in the commission of a crime. Those legitimate actors are named “facilitators”. Shell companies are frequently used in serious crimes, such as money laundering. Those shell companies can be paired with other techniques to reduce the risks of crime detection. Many websites, called shell companies providers (SCP), promote company incorporation services and offer shell companies. They are easily accessible to a large population. Thus, it is important to look at those websites and the services they advertise. In this research I will look at how those providers modulate the stratified market of shell companies and if we can assign them a role of “facilitator”. This research aims to increase criminology knowledge on this market and more specifically on the role played by those SCP.

This research studies how money laundering charges are handled throughout the judicial process, with a focus on the evidence gathered, thus raising questions related to financial and digital forensics. The methodology envisaged for this work consists of a content analysis of various judicial decisions involving the offense of money laundering and having been discussed in Quebec courts. To do this, a sample of several judicial decisions will be randomly selected, then read and analyzed to extract the selected variables, namely a brief description of the case, the main offense concerned, the secondary offense(s) involved, the evidence gathered (traces - Financial & digital forensics), aggravating circumstances, the sentence imposed, and any other variable deemed relevant. Once identified, these data will be extracted and compiled for analysis. The study thus aims first to obtain a descriptive portrait of how cases involving money laundering charges are treated in our courts, while exploiting the different possible relationships between the variables considered in the analysis.

This research project aims to conceptualize and catalog opportunities for evasion and their central roles in the development of tax evasion schemes, both individual and collaborative, including schemes that are long-term and have repeated interactions and exhibit behaviors between multiple actors with harmful intentions. Thus far, the thesis has been structured around two main axes. First, the study of various donation schemes using tax shelters or selling falsified receipts enabling actors to fraudulently claim tax credits. Second, the study of the bidirectional relationship between actors in a transaction for the purchase of services or products and how it can evolve into opportunities for evasion. The overall aim of the project is to understand how opportunities, as part of a dynamic and iterative processes, are created and evolve during exchanges and interactions between different types of actors (i.e., when the presence of a potentially complicit actor influences the willingness of other actors not to comply with tax rules). To achieve this, various types and sources of data are integrated into the project, including semi-structured interviews with key actors and official data, such as transcriptions of Canadian civil and criminal courts and investigation records.

This research will conduct a content analysis of court decisions from Canadian criminal courts to examine and assess fraud sentences and the processes by which they are determined. It will specifically investigate whether the social status of the accused influences the severity of their sentencing.