Presentation on theme: "2 Language of Computer Crime Investigation"— Presentation transcript:
12 Language of Computer Crime Investigation Dr. John P. AbrahamProfessorUTPA
2Computer CrimeOffenses defined in laws such as U.S. Computer Fraud and Abuse Act. Crimes committed using computers, and Crimes involving computers.
3The laws cover Theft of computer services Unauthorized access to protected computersSoftware piracyAlteration or theft of electronically stored informationExtortion committed with the assistance of computersObtaining unauthorized access to records from banks, credit card companies or customer reporting agencies.Traffic in stolen passwordsTransmission of destructive virus or commands.
4Digital Evidence Various types of digital data Computer forensics: preservation and analysis of computers (file systems)Network Forensics: preservation and analysis of traffic and other logs.Mobile forensics: preservation and analysis of cell phones, PDAs, GPS, etc.Various types of digital dataTextDigital photographsMalware
5Forensic Examination and Analysis Forensic examination: Extract and prepare data for analysis.Examination process involves: data translation, reduction, recovery, organization and searching.Forensic examination can be automated on a computer, whereas analysis requires critical thinking,
6Role of Computers in Crime Specific role of computer will determine how it can be used as evidence.Is the computer the key piece, or an incidental evidence? Entire computer can be seized in case it is the key piece.
7Categories of computer crime Computer is the object of the crime (stolen or destroyed). – target.Computer is the subject of the crime. (Virus, format, etc.)Computer is a tool in planning or executing a crime. (forge documents, break into other computers) – like a weapon.The symbol of a computer can be used to intimidate or deceive. A broker telling a client he has a special program.
8U.S. Dep of Justice Categories Hardware as contraband or feuits of crimeHardware as an instrumentalityHardware as EvidenceInformation as contraband or fruits of crimeInformation as an instrumentalityInformation as evidence
9Hardware as contraband or fruits of crime Contraband- property that a citizen not permitted to possess (eg. hardware that intercept communications)Fruits of crime – hardware obtained by criminal activity. Stolen or used stolen credit cards, etc.
10Hardware as instrumentality When computer hardware has played a significant role in a crime.Like a gun or knife.Computer manufactured or configured specifically to commit crime. Think of sniffers.
11Hardware as EvidenceAny information left on the computer relating to a crime makes the hardware an evidence.
12Information as contraband A common form of information as contraband is encryption software.It is illegal to export 128bit-encryption software without being approved by US govt. US non-military exports are controlled by Export Administration Regulations (EAR) and Department of State. These are placed on the United States Munitions List.In some countries it is illegal to use encryption software.
13Information as instrumentality Exploits (programs that enable intruders gain access to computers)Programs used to break into other peoples’ computersProgram that captures login info, or guesses passwords.
14Information as evidence Trail of digital informationDigital camerasCell phonesSatellite tracking devices