Mid-term forensic challenges of E-crime

minorbigarmΑσφάλεια

30 Νοε 2013 (πριν από 4 χρόνια και 1 μήνα)

81 εμφανίσεις

Mid
-
term forensic challenges of E
-
crime

mag.oec. Sasa Aksentijevic,univ.spec.oec.

court expert in information and telecommunication technology


ICT forensics key players


Police crime investigators (inspectors)


Legislative branch investigators (prosecutors, attorneys)


Intelligence agencies and military sector


ICT court experts (expert witnesses)


Private detectives and agencies


Companies, NGOs (for internal or external use)



FORENSIC REPORTS

ICT forensic reports


Preliminary

part
:

introduction,

expertise

area,

who

ordered

it,

which

documentation

and

evidence

was

used


Findings
:

fact

gathering,

interviews,

forensic

analysis

of

evidence,

cooperation

with

police

and

court,

usage

of

scientific

methods,

evaluation


Expert

opinion
:

synthetic

report

that

includes

explanation

of

the

findings,

effects,

consequences

and

importance

of

discovered

facts



PROPERTIES



Simple

language,

clear,

logical,

all
-
encompassing


Methods

must

be

explained,

evidence

evaluated


All

findings

must

be

reproducible


expert

must

be

able

to

answer

to

all

questions

from

the

court,

involved

parties

and

lawyers

in

the

process


expert

can

be

required

to

update

the

report

according

to

additional

requests





ICT forensics principles




The principle of
non
-
tampering with evidence


The principle of
identification of evidence material


The principle of
usage of evidence copies


The principle of
evidence interpretation


The principle of
chain
-
of
-
custody of evidence


The principle of
scientific method


ICT forensics challenges

TECHNOLOGY

ICT forensics challenges

TECHNOLOGY


Technology is becoming more and more complex


Legislative investigators and those who issue court orders do not understand issues
related to technology: they expect immediate results ignoring any limitations


Main constraints: time and money, if the quality of forensic reports is required to remain
constant or improved


It is increasingly difficult for freelance ICT forensics investigators to conduct investigation


Forensic investigators should be involved immediately, not
ex
-
post



ICT forensics is a joint endeavor of those in charge to initiate and conduct investigation, secure
evidence, perform forensic analysis and produce/present results.


In reality, cooperation between different involved parties is erratic and there are no clear lines
between responsibilities.


There is no best model (“golden standard”) to achieve results.


Exact proceedings depend not only on organizational and technical

factors, but also local legislation system, cultural blueprints and

even maturity of executive/legislative branch.

ICT forensics challenges

ORGANIZATION



Field of ICT forensics is very diverse and will be constantly developing.



ICT forensics challenges

CURRENT FORMS OF ICT CRIME

Computer
crime

Network
targeted

Computer
targeted

Spam

Fraud

Offensive
content

Harassment

Cyber
warfare


Cyber
terrorism

Other
non
specific



The latest developments in the past decade include dealing with:


Computer
trespass (USA)


Cyber
bullying


Cyber
defamation


Economic and Industrial
Espionage using ICT


Internet
homicide


Internet stalking


Internet suicide


Internet
Wars (1st Internet war: East Timor
-
Indonesia; Web War One: Estonia 2007



2008 South Ossetia
-
Russia Internet war, 2010 China Telekom
, 2010
Stuxnet

worm
)


Online predators


Organized crime


White
collar
crime


Virtualization


ICT forensics challenges

NEW
FORMS
OF ICT CRIME



The rise of new technologies:



Mass virtualization (Storage aaS, Software aaS, Platform aaS, Infrastructure aaS

Everything aaS)


E
-
passports, biometrics and personal identity


Forensics and storage of CCTV surveillance data


Mass event log forensics


Nomad computing (mobile phones,notebooks,netbooks,pads) forensics


Technology adaptive to the legislative regulation


Forensics of bio
-
computing and nano
-
computing






ICT forensics challenges

IMPACT

OF NEW TECHNOLOGIES

Mid
-
term forensic challenges of E
-
crime

(Q&A)

mag.oec. Sasa Aksentijevic,univ.spec.oec.

court expert in information and telecommunication technology