110 likes | 229 Views
Mid-term forensic challenges of E-crime. mag.oec. Sasa Aksentijevic,univ.spec.oec. court expert in information and telecommunication technology. ICT forensics key players. Police crime investigators (inspectors) Legislative branch investigators (prosecutors, attorneys)
E N D
Mid-term forensic challenges of E-crime mag.oec. Sasa Aksentijevic,univ.spec.oec. court expert in information and telecommunication technology
ICT forensics key players • Police crime investigators (inspectors) • Legislative branch investigators (prosecutors, attorneys) • Intelligence agencies and military sector • ICT court experts (expert witnesses) • Private detectives and agencies • Companies, NGOs (for internal or external use) FORENSIC REPORTS
ICT forensic reports • Preliminary part: introduction, expertise area, who ordered it, which documentation and evidence was used • Findings: fact gathering, interviews, forensic analysis of evidence, cooperation with police and court, usage of scientific methods, evaluation • Expert opinion: synthetic report that includes explanation of the findings, effects, consequences and importance of discovered facts PROPERTIES • Simple language, clear, logical, all-encompassing • Methods must be explained, evidence evaluated • All findings must be reproducible • expert must be able to answer to all questions from the court, involved parties and lawyers in the process • expert can be required to update the report according to additional requests
ICT forensics principles • The principle of non-tampering with evidence • The principle of identification of evidence material • The principle of usage of evidence copies • The principle of evidence interpretation • The principle of chain-of-custody of evidence • The principle of scientific method
ICT forensics challengesTECHNOLOGY • Technology is becoming more and more complex • Legislative investigators and those who issue court ordersdo not understand issues related to technology: they expect immediate results ignoring any limitations • Main constraints: time and money, if the quality of forensic reports is required to remain constant or improved • It is increasingly difficult for freelance ICT forensics investigators to conduct investigation • Forensic investigators should be involved immediately, not ex-post
ICT forensics challengesORGANIZATION ICT forensics is a joint endeavor of those in charge to initiate and conduct investigation, secure evidence, perform forensic analysis and produce/present results. In reality, cooperation between different involved parties is erratic and there are no clear lines between responsibilities. There is no best model (“golden standard”) to achieve results. Exact proceedings depend not only on organizational and technical factors, but also local legislation system, cultural blueprints and even maturity of executive/legislative branch.
ICT forensics challengesCURRENT FORMS OF ICT CRIME Field of ICT forensics is very diverse and will be constantly developing.
ICT forensics challengesNEW FORMS OF ICT CRIME The latest developments in the past decade include dealing with: • Computer trespass (USA) • Cyber bullying • Cyber defamation • Economic and Industrial Espionage using ICT • Internet homicide • Internet stalking • Internet suicide • Internet Wars (1st Internet war: East Timor-Indonesia; Web War One: Estonia 2007 2008 South Ossetia-Russia Internet war, 2010 China Telekom, 2010 Stuxnet worm) • Online predators • Organized crime • White collar crime • Virtualization
ICT forensics challengesIMPACT OF NEW TECHNOLOGIES The rise of new technologies: • Mass virtualization (Storage aaS, Software aaS, Platform aaS, Infrastructure aaS –Everything aaS) • E-passports, biometrics and personal identity • Forensics and storage of CCTV surveillance data • Mass event log forensics • Nomad computing (mobile phones,notebooks,netbooks,pads) forensics • Technology adaptive to the legislative regulation • Forensics of bio-computing and nano-computing
Mid-term forensic challenges of E-crime(Q&A) mag.oec. Sasa Aksentijevic,univ.spec.oec. court expert in information and telecommunication technology