Daily Trends and Origin of Computer-Focused Crimes against a Large University Computer Network: An Application of the Routine-Activities and Lifestyle Perspective

Document Type


Publication Date



Cybercrime has been the focus of public attention during the last decade. However, within the criminological field, no prior research initiatives have been launched in an effort to better understand this phenomenon using computer network data. Addressing this challenge, we employ the classical routine-activities and lifestyle perspective to raise hypotheses regarding the trends and origin of computer-focused crime incidents (i.e. computer exploits, port scans, and Denial of Service (DoS) attacks) against a large university computer network. We first propose that computer-focused crimes against a university network are determined by the university users’ daily activity patterns. In addition, we hypothesize that the social composition of the network users determines the origin of computer attacks against the university network. We use data recorded between the years 2007 and 2009 by an Intrusion Prevention System (IPS) to test these claims. Consistently with our theoretical expectations, two important findings emerge. First, computer attacks are more likely to occur during university official business hours. Second, an increase in the number of foreign network users substantially increases the number of computer-focused crimes originating from Internet Protocol (IP) addresses linked with these users’ countries of origin. Future directions for subsequent studies are discussed.


For a copy of the article, please email David Maimon (dmaimon@gsu.edu)