1 / 21

CE00340-3 Legal and evidentiary aspects to forensic computing

Antisocial

theresia
Download Presentation

CE00340-3 Legal and evidentiary aspects to forensic computing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. CE00340-3 Legal and evidentiary aspects to forensic computing R. Shaw r.shaw@staffs.ac.uk K235

    2. Antisocial “e-Behaviour” Week 3

    3. R. Shaw Learning outcomes Identify areas of antisocial behaviour Identify specific types Highlight legal aspects

    4. R. Shaw Spot the “Trail” All criminals leave tracks “Locard Principle”

    5. R. Shaw Locard Principle "Wherever he steps, whatever he touches, whatever he leaves, even unconsciously, will serve as a silent witness against him. Not only his fingerprints or his footprints, but his hair, the fibres from his clothes, the glass he breaks, the tool mark he leaves, the paint he scratches, the blood or semen he deposits or collects. All of these and more, bear mute witness against him. This is evidence that does not forget. It is not confused by the excitement of the moment. It is not absent because human witnesses are. It is factual evidence. Physical evidence cannot be wrong, it cannot perjure itself, it cannot be wholly absent. Only human failure to find it, study and understand it, can diminish its value."     Professor Edmond Locard(1877-1966)

    6. R. Shaw “Some” relevant legislation Computer Misuse Act 1990 Data Protection Act 1984, 1998 Electronic Communications Act 2000 Electronic Signatures Regulations 2002 Telecommunications (Data Prot’n & Privacy) Regs 1999 Electronic Commerce Regulations 2002 Police & criminal Evidence Act 1984 Obscene Publications Act 1959, 1964 Protection from Harassment Act 1997 Freedom of Information Act 2000 Defamation Act 1952, 1996 Interception of Communications Act 1985

    7. R. Shaw (Poor) E-Behaviour Cyber Attack Hacking/Cracking D o S Spamming Resource usage Cyber stalking Smear campaigns - Cybersmear E-Mail harassment

    8. R. Shaw Cyber attacks #1 Hacking/Cracking Hackers White hat “good guys/gals” Crackers Black hat “bad guys/gals” Grey hats

    9. R. Shaw Cyber attacks #2 D o S Types of DoS attack Three main classes Bandwidth/Throughput attack Resource consumption. Protocol attack Refinement of the flood attack Turn protocol “against” itself Logic attack Exploits vulnerabilities in software

    10. R. Shaw Denial of Service How Most common are Distributed DoS (DDoS)? Single attacker Leverage multiple victims (Zombies) Controlled by master

    11. R. Shaw Spamming Over last 12 months 88% of mail was spam “ITNow” BCS, 2006, Jan Spam threat ?four categories Loss in productivity Increased potential to virus attack Reduced bandwidth issues Potential legal exposure

    12. R. Shaw Spamming #2 Stopping Spam Push versus Pull Filtering Blacklists Legal “attack” US CAN-SPAM act 2003 Alan M Raisky Sept 2005 Jeanson James Ancheta Nov 2005 EU Privacy & Elec. Communication Directive 2002 UK Privacy Directive 2003

    13. R. Shaw Cyberstalking Stalking “Wilful or intentional commission of a series of acts that would cause a reasonable person to fear death of serious bodily injury and that, in fact, places the victim in fear of death or serious bodily injury”

    14. R. Shaw Cyberstalking #1 Categories of stalkers Obsessional Victim & per have prior relationship Love obsession type No previous relationship (or very casual one) Erotomaniacs Believe victim in love with them Delusional, often schizophrenic Vengeance/terrorist stalker Attempt to elicit specific response or change of behaviour

    15. R. Shaw Cyberstalking #2 Cybersmear Newsgroup postings Web sites Identity “hijacking” E-mail harrassment

    16. R. Shaw Cyberstalking #3 Cybersmear Organised campaign designed to intimidate, harass or adversely affect the reputation of a person or company (http://forums.ntlhell.co.uk/ ) May start out innocently or as an angry communication, but builds to have a potentially serious affect on the person or business It may start out small and build with the help of unwitting accomplices manipulated into supporting the campaign

    17. R. Shaw Cyberstalking #4 Cybersmear How does it work? Rumors and innuendo Personal attacks and harassment Cyberstalking and cyber-harassment Posing and impersonation Cybersmear by proxy Communications with key stakeholders Anonymous defamatory statements

    18. R. Shaw Cyberstalking #5 Cybersmear Everyone leaves behind an IP address Static and dynamic IP addresses Preserving the records How to read a header – what it shows Civil subpoena or law enforcement subpoena process BUT – do anti cybersmear law suits block free speech?

    19. R. Shaw e-Mail harassment Not spamming May also be called “Hate-mailing” Usually directed at a single person I-M ‘s?

    20. R. Shaw Summary Identified areas of antisocial behaviour Cyber Attack Spamming Cyber stalking Identified specific types Hacking/Cracking D o S Smear campaigns - Cybersmear E-Mail harassment Highlight legal aspects

    21. R. Shaw Which link is ok to click? www.m1crosoft.com http://128.4.6.3 http://www.respectcompany.com@thisisascam.com www.stafffs.ac.uk/rs17 www.barclays.org www.c00p.com.org www.g00gle.gom www.stay-loose.com

    22. R. Shaw www.usdoj.gov/criminal/cybercrime/gray.htm www.usdoj.gov/criminal/cybercrime/johnson.htm www.usdoj.gov/criminal/cybercrime/ngo_pr.htm

More Related