910 likes | 1.97k Views
DETECTION AND PROTECTION OF CYBER CRIME. By Dr. Narendra K. Amin, Assistant commissioner of Police, Crime branch, Ahmedabad city. Outline. This presentation highlights Introduction of cyber crime techniques and tools for the two realms of cyber crime: Detection Prevention. HISTORY.
E N D
DETECTION AND PROTECTION OF CYBER CRIME By Dr. Narendra K. Amin, Assistant commissioner of Police, Crime branch, Ahmedabad city. Dr. N. K. Amin (ACP) Gujarat Police
Outline • This presentation highlights Introduction of cyber crime • techniques and tools for the two realms of cyber crime: • Detection • Prevention Dr. N. K. Amin (ACP) Gujarat Police
HISTORY • The first recorded cyber crime took place in the year 1820! • In 1820, Joseph-Marie Jacquard, a textile manufacturer in France, produced the loom. This device allowed the repetition of a series of steps in the weaving of special fabrics. This resulted in a fear amongst Jacquard's employees that their traditional employment and livelihood were being threatened. They committed acts of sabotage to discourage Jacquard from further use of the new technology. This is the first recorded cyber crime! Dr. N. K. Amin (ACP) Gujarat Police
Introduction • Cyber crime is the latest and perhaps the most complicated problem in the cyber world. • “Cyber crime may be said to be those species, of which, genus is the conventional crime, and where either the computer is an object or subject of the conduct constituting crime” Dr. N. K. Amin (ACP) Gujarat Police
CONVENTIONAL CRIME • Crime is a social and economic phenomenon and is as old as the human society. Crime is a legal concept and has the sanction of the law. Crime or an offence is “a legal wrong that can be followed by criminal proceedings which may result into punishment.” • A crime may be said to be any conduct accompanied by act or omission prohibited by law and consequential breach of which is visited by penal consequences. Dr. N. K. Amin (ACP) Gujarat Police
Definition • “Any criminal activity that uses a computer either as an instrumentality, target or a means for perpetuating further crimes comes within the ambit of cyber crime” • “ unlawful acts wherein the computer is either a tool or target or both” • “Illegal computer-mediated activities that can be conducted through global electronic networks” Dr. N. K. Amin (ACP) Gujarat Police
Understand the Fundamentals • Internet has offered us a much more convenient way to share information across time and place. • Cyberspace also opened a new venue for criminal activities. • Cyber attacks • Distribution of illegal materials in cyberspace • Computer-mediated illegal communications within big crime groups or terrorists Dr. N. K. Amin (ACP) Gujarat Police
Understand the Fundamentals • . Cyber crime has become one of the major security issues for the law enforcement community. • The anonymity of cyberspace makes identity tracing a significant problem which hinders investigations. Dr. N. K. Amin (ACP) Gujarat Police
CLASSIFICATION OF CYBERCRIME 1.Computer as Target 2.Computer as an instrumentality 3.Computer as an incidental or other crime 4.Crime associated with the prevalence of computers. THE ABOVE CATEGORIES ARE NOT ISOLATED COMPATMENTS CRIME MAY OFTEN SPILL OVER FROM ONE CATEGORY TO THE OTHER Dr. N. K. Amin (ACP) Gujarat Police
COMPUTER AS A TARGET OF A CRIME • Physical damage, • Theft or destruction of information (data). • The spread of viruses, worms, • software piracy, hacking etc. • A computer virus is a self-replicating computer program written to alter the way a computer operates, without the permission or knowledge of the user. Dr. N. K. Amin (ACP) Gujarat Police
Computer as an instrumentality. • This category include such crimes were either computers or their contents bare used in furtherance of crime or those offences which are committed by manipulating contents of computer systems. They could include sending e-mails, r ransom notes or manipulating computer contents for credit card frauds telecommunication frauds or theft. Dr. N. K. Amin (ACP) Gujarat Police
Computer as incidental or other crime. • This category includes conventional crimes, and with the advent of computer the criminal have started using the technology as an aid for its perpetuation. They include use of computers as an aid for drug trafficking, money laundering, child pornography etc Dr. N. K. Amin (ACP) Gujarat Police
4. Crime associated with the prevalence of computers. copyright violation, software piracy, component theft etc. Dr. N. K. Amin (ACP) Gujarat Police
Types of cyber crime-1 • Financial crimes -cheating, credit card frauds, money laundering Forgery etc. • Cyber pornography • Sale of illegal articles: • Online gambling: • Intellectual Property crimes Dr. N. K. Amin (ACP) Gujarat Police
Types of cyber crime-2 Email spoofing Cyber Defamation Cyber stalking Unauthorized access to computer systems or network Hacking Dr. N. K. Amin (ACP) Gujarat Police
Types of cyber crime-3 • Theft of information contained in electronic form • Email bombing • Data diddling • Salami attacks Dr. N. K. Amin (ACP) Gujarat Police
Types of cyber crime-4 • Denial of Service attack • Virus / worm attacks • Logic bombs • Trojan attacks • Internet time theft • Web jacking • Theft of computer system • Physically damaging a computer system Dr. N. K. Amin (ACP) Gujarat Police
Email related crime 1. Email spoofing 2. Sending malicious codes through email 3. Email bombing 4. Sending threatening emails 5. Defamatory emails 6. Email frauds Dr. N. K. Amin (ACP) Gujarat Police
CYBER CRIMINALS: • Children and adolescents between the age group of 6 – 18 years – • Organised hackers- • Professional hackers / crackers – • Discontented employees- Dr. N. K. Amin (ACP) Gujarat Police
Characteristics of Computer Crime: • Silent in Nature: Computer crime could be committed in privacy without reaching to scene of crime physically i.e. no eye witnesses. There is no signs of physical violence or struggle. • Global in character: No national borders. By sitting comfortably far away from the country the entire economy of the country could be destroyed. As digital evidences are fragile in nature one has to respond quickly. • Non existence of Physical Evidence: No physical evidence to indicate that crime has been committed. Only on a closer look the trained person could find out the evidences which are not in the traditional format but are in digital format. Dr. N. K. Amin (ACP) Gujarat Police
Characteristics of Computer Crime: • Creates high Impact: Impact is severe and may be long term. It can damage the victim system permanently. Loss of good will. • High Potential and Easy to Perpetrate: A software developer who did not get enough money or good job would turn to criminal world for their survival. Therefore, the computer crimes have a potential to increase. Hence organized mafia may enter into this sector. Dr. N. K. Amin (ACP) Gujarat Police
Investigating officer’s inspection • 1. Hardware is contraband or fruits of crimes-. (stolen, misappropriated, illegal hardware) • 2. Hardware as instrumentality (hard ware designed specifically for crime.) • 3. Hardware as evidence (CD writer being used for duplicating pornographic CD) Dr. N. K. Amin (ACP) Gujarat Police
Investigating officer’s inspection • 4. Information as contraband or fruits of crime pirated computer program, stolen trade secret, passwords and any other information obtained by criminal means Dr. N. K. Amin (ACP) Gujarat Police
Investigating officer’s inspection • 5. Information as an instrumentality Program that will help gaining unauthorized access to computer systems • 6. Information as evidence- (threatening letter stored in a computer of a suspect, e- mail message in the mail box or various documents, which support the prosecution in presenting case.) Dr. N. K. Amin (ACP) Gujarat Police
Detection /investigation is a team effort • law enforcement agencies • forensic scientist • Lawyers • Computer security professional Dr. N. K. Amin (ACP) Gujarat Police
DETECTION - PREVENTION • SETTING UP A CYBER CRIME INVESTIGATION CELL • To prevent the various cyber crimes that take place every day it is essential to establish a dedicated cell. • Need for a Cyber Forensic Cell Dr. N. K. Amin (ACP) Gujarat Police
Basic Cyber Crime Investigation ToolForensic Software • Window GUI Technology base Forensic Software for examination of File systems FAT12, FAT16, FAT32, NTFS, LINUX, UNIX, MACINTOSH, CDROM and DVD-R. • It should able to examine and extracting slack space. • It should be able to create image of the storage media e.g. hard disk, Floppy disk. • It should show emails in developer’s format. (With headers and attachments) • It should open document in language other English spouted by Unicode e.g. Arabian language. • It should show Internet history. • Forensic Cell phone Seizure kit with write block facility and will all required cables and adapters. • Forensic Hardware: One computer PIV 3.2 GHz with 1 GB DDR RAM and other required peripheral • One hard disk write block device Dr. N. K. Amin (ACP) Gujarat Police
software requirements -- Robust operating system software • Other application software facilitating word processing, spread sheet, electronic mails, multimedia, imaging and for identifying various other kinds of file formats during the course of examination • Case management software for keeping records of the cases being examined and for tracking case details at short notice • Bootable disks to let the forensic specialist boot from such disks instead of the suspect’s bootable disk Dr. N. K. Amin (ACP) Gujarat Police
Advanced cyber forensic software • Bit-stream back up of data The forensic procedure prohibits examination of the original media to prevent any accidental erasure or interference during examination of such media. • Powerful password recovery tool Dr. N. K. Amin (ACP) Gujarat Police
Advanced cyber forensic software • Recovery of deleted data, image and multimedia among other kinds of files . • For generating reports based on the analysis of the information contained on the suspect storage media Searching tool for locating folders and files on the suspect storage media. Dr. N. K. Amin (ACP) Gujarat Police
REQUIREMENTS • Partition recovery and analysis software for recovering information lost due to partitioning of a suspect hard-disk drive • Firewalls and Intrusion Detection Systems would also help in detection of network penetration crimes directed against the cyber forensics cell itself. Dr. N. K. Amin (ACP) Gujarat Police
REQUIREMENTS • Updated Anti-virus programs would be essential to prevent breakdown of systems due to any malicious codes such as viruses and worms. • Other necessary application software programs as would be required from time to time to analyze various files during forensic examination. Dr. N. K. Amin (ACP) Gujarat Police
Hardware requirements • Powerful computer systems with hot swappable bays and standard peripherals having support for the following: • Fast disk imaging and cloning • Various kinds of removable storage media (e.g., JAZZ Cartridges and ZIP cartridges) • CD / DVD Readers and writers • Tape drives • Other kinds of electronic storage devices (CompactFlash, SmartMedia, Memory Stick) • IDE hard drives • SCSI hard drives • Notebook Hard Drives Dr. N. K. Amin (ACP) Gujarat Police
Hardware requirements Write protect devices to prevent any information being written on to the suspect storage media Additional storage devices for making bit-stream copies or clones of the suspect storage media for examination purposes External CD Writers for portability Card-readers for analyzing information from various types of cards that store information in magnetic form Dr. N. K. Amin (ACP) Gujarat Police
THE CARDINAL RULES OF COMPUTER FORENSICS ARE: • Never mishandle the evidence • Never work on the original evidence • Never trust the SUBJECTS operating system • Document all the findings. • Results should be repeatable, reproducible and verifiable by third party. Dr. N. K. Amin (ACP) Gujarat Police
PREVENTION OF CYBER CRIME • Prevention is always better than cure. • It is always better to take certain precaution while operating the net. Dr. N. K. Amin (ACP) Gujarat Police
A netizen should keep in mind the following things-1 • To prevent cyber stalking avoid disclosing any information pertaining to oneself. • Always avoid sending any photograph online • Always use latest and up date anti virus software to guard against virus attacks. • Always keep back up volumes so that one may not suffer data loss in case of virus contamination • Never send your credit card number to any site that is not secured, to guard against frauds. Dr. N. K. Amin (ACP) Gujarat Police
A netizen should keep in mind the following things-2 • Always keep a watch on the sites that your children are accessing • It is better to use a security programme that gives control over the cookies • web site owners should watch traffic and check any irregularity on the site. • Use of firewalls may be beneficial. Dr. N. K. Amin (ACP) Gujarat Police
Prevention of hacking • Almost all hackers can be deterred with commonsense policies. Although the largest threat is often from within an organization i.e. - employees / students, • it is essential that any computer network has properly configured firewall protection as well as intrusion detection and other filtering software. Dr. N. K. Amin (ACP) Gujarat Police
identification and Authentication. • Identification is the service where an identity is assigned to a specific individual, • Authentication the service designed to verify a user’s identity. • The person can be identified and authenticated by what he knows (e.g. password), by what he owns (e.g. smart card) or by his human characteristics (biometrics). Dr. N. K. Amin (ACP) Gujarat Police
Biometrics • Biometric technologies are applied in the following sectors: • Pubic Services, • Law Enforcement, • Banking, • Physical Access Control and • Computer & Networks. Dr. N. K. Amin (ACP) Gujarat Police
Biometric techniques • 1. Signature Verification • 2. Iris Analysis • 3. Facial Analysis • 4. Fingerprint verification • 5. Hand Geometry • 6. Voice Verification Dr. N. K. Amin (ACP) Gujarat Police
Cell phones are mini computer don't for mobile user • Please do not click photographs without permission by your mobile phones. • Do not send obscene/pornographic text, images. SMS. • Do not send obscene/pornographic text, MMS (multimedia messaging service) • Do not receive from or reply to sms/mms of strangers. • Do not transmit obscene/ pornographic material, as it is an offence under Information Technology act –2000.punishment is 5 yrs imprisonment and 1lac rupees fine. Dr. N. K. Amin (ACP) Gujarat Police
Cell phones are mini computer don't for mobile user • Do not call to the unknown phone/mobile numbers you get while chatting or exhibited on various profiles on Internet. • Do not keep your Blue tooth open to all, you may receive obscene/phornographic text, images and viruses. • Do not give your mobile numbers while chatting on INTERNET to avoid “STALKING”. • DO not handover your mobile phone to unauthorised service center, to avoid CLONING. Dr. N. K. Amin (ACP) Gujarat Police
Cell phones are mini computerDo’s for mobile user • Note down your IMEI number. • Security pin code should be used to avoid misuse of your mobile phones. • mms/sms received should be checked before opening the message. • Delete obscene/phornographic text, images. SMS/MMS.from your mobile phones. • Anti-virus software should be loaded in the mobile phone. • Mobile phone keypad should be locked after every use. • Use your mobile phone when necessary Dr. N. K. Amin (ACP) Gujarat Police
Child PornographyHow do Pedophiles Operate • Pedophiles use false identity to trap the children/teenagers • Pedophiles contact children/teens in various chat rooms which are used by children/teen to interact with other children/teen. • Befriend the child/teen. • Extract personal information from the child/teen by winning his confidence. • Gets the e-mail address of the child/teen and starts making contacts on the victim’s e-mail address as well. Dr. N. K. Amin (ACP) Gujarat Police
Child PornographyHow do Pedophiles Operate • Starts sending pornographic images/text to the victim including child pornographic images in order to help child/teen shed his inhibitions so that a feeling is created in the mind of the victim that what is being fed to him is normal and that everybody does it. • Extract personal information from child/teen • At the end of it, the pedophile set up a meeting with the child/teen out of the house and then drag him into the net to further sexually assault him or to use him as a sex object. Dr. N. K. Amin (ACP) Gujarat Police
Tips For Children • Do not give out identifying information such as name, home address, school name or telephone number in a chat room. • Do not send your photograph to any one on the Net without initially checking with the parent or guardian. Dr. N. K. Amin (ACP) Gujarat Police
Tips For Children • Do not respond to messages or bulletin board items that are obscene, belligerent or threatening. • Never arrange a face to face meeting without informing your parent or guardian. • Remember that people online may not be who they seem to be Dr. N. K. Amin (ACP) Gujarat Police
Are You A Safe Cyber Surfer? • Fortunately, there are steps you can take to protect your computer, • Make sure your passwords have both letters and numbers, and are at least eight characters long. • Avoid common words: some hackers use programs that can try every word in the dictionary. • Don’t use your personal information, your login name or adjacent keys on the keyboard as passwords-and don’t share your passwords online or over the phone. Dr. N. K. Amin (ACP) Gujarat Police