* The first Electronic Integrator and computer (ENICAC) was switched on over 60 year ago.
* Beneficial contribution of new technologies are usually the first to be noticed, negative ramification become apparent only much later
What is Cyber Crime & Computer crime?
* The Encyclopedia Britannica defines Cyber crime as any crime that is committed by means of special knowledge or expert use of computer technology.
* Computer crime, orcybercrime, refers to any crime that involves acomputerand anetwork, where the computers may or may not have played an instrumental part in the commission of acrime.
* Net crimerefers, more precisely, to criminal exploitation of theInternet
Computer crime encompasses a broad range of potentially illegal activities, it may be divided into one of two types of categories.
1. crimes that target computer networks or devices directly
* Computer viruses
* Denial-of-service attacks
* Malware
2. Crimes facilitated by computer networks or devices, the primary target of which is independent of the computer network or device.
* Drug trafficking
* Fraud
* Obscene or offensive content
Cyber Crimes differ from most terrestrial crimes in four ways:
1. They are easy to learn how to commit.
2. They require few resources relative to the potential damage caused.
3. They can be committed in a jurisdiction without being physically present in it.
4. They are often not clearly illegal.
Digital evidenceorelectronic evidenceis anyprobativeinformation stored or transmitted indigitalform that a party to acourt casemay use at trial.
A computer can be a source ofevidence. Even though the computer is not directly used for criminal purposes, it is an excellent device for record keeping, particularly given the power to encrypt the data. If this evidence can be obtained and decrypted, it can be of great value to criminal investigators
The use of digital evidence has increased in the past few decades as courts have allowed the use ofe-mails,digital photographs,ATMtransaction logs,word processingdocuments,instant messagehistories, files saved fromaccountingprograms,spreadsheets,internet browserhistories, databases, the contents ofcomputer memory, computerbackups, computerprintouts,Global Positioning Systemtracks, logs from a hotels electronic door locks, anddigital videooraudiofiles
Digital evidence encompasses any and all digital data that can establish that a crime has been committed or can provide a link between a crime and its victim or a crime and its perpetrator
Intrusion Detection Systems are a great source of digital evidence.
There are two types of Intrusion Detection Systems
1. Host-Based:- Host-based intrusion detection architecture, the system is used to analyze data that originates on computers (hosts). Host-based systems examine events like what files are accessed and what applications are executed. Logs are used to gather this event data.
2. Network-Based:- In the network-based intrusion detection architecture, the system is used to analyze network packets, This architecture consists of sensors deployed throughout a network
If the investigation of an offence leads to a court case, the forensic specialist needs to be in a position to explain how and why tools like these are used. In any case, he/she must be prepared to vouch for and possibly to demonstrate the integrity of all these aspects of investigation:
1. Collection: to describe processes by which the evidence was gathered, showing that the collection process does not alter it;
2. Chain of evidence: to show that the evidence remained uncontaminated after it was gathered, and during analysis;
3. Authentication: to show the evidence is unaltered in any way from its state on the original computer, typically with file signatures;
4. Recovery: to explain how deleted files and file fragments are recovered, what the system logs, swap files and temporary files contain, and how the perpetrators actions can be inferred from these;
5. Verifiability: to confirm that these inferences are standard, and can be confirmed by an independent third party analysis
The nature of digital evidence
Evidence is what distinguishes a hypothesis from a groundless assertion. Evidence can confirm or disprove a hypothesis, so evidence reliability and integrity is the key to its admissibility and weight in a court of law. There are several special characteristics of digital or computer evidence, and of the computer systems and proprietary and public networks involve, that make evidence interpretation especially challenging:
1. Too many potential suspects: With traditional offences, the offending act or event is usually manifestedthere is a corpse, a theft or at least a complaint to work with. Usually, as well, there is a starter list of potential suspects: Who knew the victim? Who had physical access to the scene? Who had a motive?
2. Identifying the crime: In computer crime and in computer-related or evidenced crime, the nature of the event is often less obvious and immediate. For example, when a hacker steals confidential information, victims may not find out what has been stolen unless informed by the system administrators, who in turn may not notice until long after the hacker has gone. Identity theft, described as the fastest-growing financial crime in America and perhaps the fastest-growing crime of any kind in our society, may take years to be exposed.
3. The evidence is easily contaminated: Traditionally, evidence at the scene is sent for independent forensic laboratory testing while investigators pursue their enquiries elsewhere until the results come back. But in computer forensics, all investigatory aspectsnaming the crime, identifying the perpetrator, following the evidence trail, and constructing the modus operandiuse the same digital analysis techniques. Hence, computer forensic handling is especially vulnerable to errors. Just as blood samples or fingerprints can be contaminated at the scene, digital evidence can be damaged during collection unless strict procedures are followed. Rebooting a system, for example, immediately changes the system state and destroys possible traces.
Cyber Laws & their roles
It seems very difficult to make only territorial laws applicable to online activities that have no relevant or even determinable geographic location
To meet the challenges posed by new kinds of crime possible by computer technology, many countries have also reviewed their respective domestic criminal laws so as to prevent computer related crimes.
In India, Information Technology Bill (2000) came into focus for regulating cyber world.
1. REFERENCES
2. COMPUTER AND INSTRUCTION FORENSIC , GEORGE MOHAY, ALISON ANDERSON, BYRON COLLIE, OLIVIER DE VEL, RODNEY, MC KEMMISH.
2. CYBER CRIME INVESTIGATION , ANTHONY RAYS
8. ATUL YADAV
