Abstract
This study focuses on the intelligence system of cybercrime and its security.
Federal agencies define success in computer crime investigations and how they can facilitate the development and refinement of a comprehensive law enforcement strategy for addressing cyber threats. This study aims to understand how federal agencies conduct investigations related to cyber security and determine if the use of intelligence plays a role in leading the investigative process. Our findings show a clear emphasis on threat mitigation, instead of quantitative valuation of prosecutions, as the goal of the investigation. Creation of National Cyber Defense Strategy, is the only security and the best protection against cyber-crimes. This is the starting point, from where adequate policies and necessary legal measures begin, aiming the creation of a solid ground and responsible users by implementing comprehensive measures and legal restrictions.
CHAPTER ONE
INTRODUCTION
Background of the study
Usually cyber-attacks against the infrastructure of a country have targeted several key areas of life and society of a country such as energy, drinking water, fuel, gas, economic capital, etc,. Such actions may be carried out by criminals, by states or by individual criminals, who operate remotely from another state. Such attacks are categorized as cybercrimes, cyber terror or cyber war (NATO, 2009).
Computers are used to commit crime and are the target of crime every day. Besides the magnitude and scope of the threat, one of the greatest challenges in fighting computer crime resides in the fundamental nature of the computing world. Within the framework of routine activity theory, the increasing power of computers has increased criminal opportunities for motivated offenders as well as the availability of suitable targets. Moreover, the worldwide information network has transformed computer crime from a local problem to an international security issue. According to the Department of Homeland Security, cyber threats usually refer to persons, organizations, and countries that attempt to access illegally a system network or computer device using a data communications pathway. The Government Accountability Office (2005) provides a cyber threat table that includes hackers, criminal groups, foreign intelligence services, phishers, spammers, spyware/malware authors, and terrorists. The activities include but are not limited to espionage, hacking, identity theft, crime, and terrorism. For the purpose of this chapter, we are using “computer crime” and “cybercrime” as synonyms and both should be considered a form of “cyber threat”. Cyber threats are currently significant enough to become a national security priority in several western countries including the United States (Hansen and Nissenbaum, 2009). In order to better understand the challenges that the United States’ information infrastructures are facing, it is necessary to examine how government agencies are addressing the threats posed by those who perpetrate computerbased crimes and attacks. On one hand, we know that computer crimes are often a “hi-tech” version of more traditional crimes such as theft, espionage, sabotage, and fraud. On the other hand, the ramifications of many cybercrimes are so extensive and technologically complex that they require specific knowledge to better understand the evolving nature of the threats as well as to develop the needed new tactics and strategies to investigate them.
Crimes associated with theft and manipulations of data are detected daily. Crimes of violence also are not immune to the effects of the information age. A serious and costly terrorist act could come from the internet instead of a truck bomb. The diary of a serial killer may be recorded on a floppy disk or hard disk drive rather than on paper in a notebook. Just as the workforce has gradually converted from manufacturing goods to processing information, criminal activity has to large extent also converted from physical dimension. There calls a need for computer forensic experts and computer based monitoring and security system for easy capture of evidence of intruder who compromises a network or computer.
This project dealt with the design and implementation of a computer based security and monitoring system for forensic experts, an ideal way for tracking the activities of an account user and also for recovering digital evidence of crime committed in a computer system.
1.2 STATEMENT OF THE PROBLEM
With the evolution of computer and the internet which has made the world a global village, so has criminals also taken advantage of this technological advancement to engage in different forms of cyber crime ranging from terrorism, internet fraud to the release of sophisticated viruses which is difficult to trace the perpetrators due to lack of sophisticated software that can retrieve information of such activities. This led to the design of a computer based security and monitoring system for forensic experts which will help in tracking the activities of internet users and for recovery of digital evidence of crime committed in a computer system.
1.3 OBJECTIVES OF STUDY
The objectives of this system are to:
- Design and implement a computer based security and monitoring system for forensic experts.
- Realize a system for capturing, collecting, analyzing, preserving and presenting evidence of computer crime in an acceptable manner.
1.4 SIGNIFICANCE OF THE STUDY
This application when implemented will be able to monitor the activities of a computer user by taking screenshots of internet activities, process capture and capture the content of the index.dat file which will help forensic expert with substantial evidence to prosecute cyber criminals.
1.5 SCOPE OF STUDY
This project is designed to monitor the activities of computer users to investigate and fish out cyber criminals. The project employed Java programming language in ensuring the design and implementation of a Computer Based Security and Monitoring system that will aid forensic experts in their investigations and prosecution of criminals.
1.6 LIMITATIONS OF THE STUDY
Most people see security and monitoring systems as an intrusion of people‟s privacy.
A major setback of computer forensics is presentation of evidence in a way that is admissible to the law court that is the Computer Forensic Analyst presenting it in a way to show that it was not tampered with.
Another limiting factor is that the programming language (JAVA) used to implement the system is case sensitive sometimes in JAVA, An executing program may want to divide by zero, and this will display an error message. Run time errors can come up as program runs during the process of programming with JAVA. Fatal runtime error can occur causing the program to terminate without successfully completing its job. Java programs tend to execute slowly because the JAVA virtual machine would execute and interpret one byte code at a time.
1.7 DEFINITION OF TERMS
E-mail – Electronic mail: Electronic mail, most commonly referred to as email or e-mail since approximately 1993, is a method of exchanging digital messages from an author to one or more recipients. Modern email operates across the Internet or other computer networks.
CF – Computer Forensic: Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law. The goal of computer forensics is to perform a structured investigation while maintaining a documented chain of evidence to find out exactly what happened on a computing device and who was responsible for
PC – Personal Computer: A personal computer (PC) is a general-purpose computer, whose size, capabilities, and original sale price makes it useful for individuals, and which is intended to be operated directly by an end-user with no intervening computer operator.
GUI – Graphic User Interface: Graphical user interface (GUI, sometimes pronounced ‘gooey') is a type of user interface that allows users to interact with electronic devices using images rather than text commands.
DOS: Disk Operating System: Disk Operating System (specifically) and disk operating system (generically), most often reveal themselves in abbreviated as DOS, refer to an operating system software used in most computers that provides the abstraction and management of secondary storage devices and the information on them (e.g., file systems for
Organizing files of all sorts).
OS: Operating System: An operating system (OS) is a collection of software that manages computer hardware resources and provides common services for computer programs. The operating system is a vital component of the system software in a computer system. Application programs usually require an operating system to function.
