Presentation on theme: "2 Language of Computer Crime Investigation Dr. John P. Abraham Professor UTPA."— Presentation transcript:
2 Language of Computer Crime Investigation Dr. John P. Abraham Professor UTPA
Computer Crime Offenses defined in laws such as U.S. Computer Fraud and Abuse Act. Crimes committed using computers, and Crimes involving computers.
The laws cover –Theft of computer services –Unauthorized access to protected computers –Software piracy –Alteration or theft of electronically stored information –Extortion committed with the assistance of computers –Obtaining unauthorized access to records from banks, credit card companies or customer reporting agencies. –Traffic in stolen passwords –Transmission of destructive virus or commands.
Digital Evidence –Computer forensics: preservation and analysis of computers (file systems) –Network Forensics: preservation and analysis of traffic and other logs. –Mobile forensics: preservation and analysis of cell phones, PDAs, GPS, etc. Various types of digital data –Text –Digital photographs –Malware
Forensic Examination and Analysis Forensic examination: Extract and prepare data for analysis. Examination process involves: data translation, reduction, recovery, organization and searching. Forensic examination can be automated on a computer, whereas analysis requires critical thinking,
Role of Computers in Crime Specific role of computer will determine how it can be used as evidence. Is the computer the key piece, or an incidental evidence? Entire computer can be seized in case it is the key piece.
Categories of computer crime Computer is the object of the crime (stolen or destroyed). – target. Computer is the subject of the crime. (Virus, format, etc.) Computer is a tool in planning or executing a crime. (forge documents, break into other computers) – like a weapon. The symbol of a computer can be used to intimidate or deceive. A broker telling a client he has a special program.
U.S. Dep of Justice Categories Hardware as contraband or feuits of crime Hardware as an instrumentality Hardware as Evidence Information as contraband or fruits of crime Information as an instrumentality Information as evidence
Hardware as contraband or fruits of crime Contraband- property that a citizen not permitted to possess (eg. hardware that intercept communications) Fruits of crime – hardware obtained by criminal activity. Stolen or used stolen credit cards, etc.
Hardware as instrumentality When computer hardware has played a significant role in a crime. Like a gun or knife. Computer manufactured or configured specifically to commit crime. Think of sniffers.
Hardware as Evidence Any information left on the computer relating to a crime makes the hardware an evidence.
Information as contraband A common form of information as contraband is encryption software. It is illegal to export 128bit-encryption software without being approved by US govt. US non-military exports are controlled by Export Administration Regulations (EAR) and Department of State. These are placed on the United States Munitions List. In some countries it is illegal to use encryption software.
Information as instrumentality Exploits (programs that enable intruders gain access to computers) Programs used to break into other peoples’ computers Program that captures login info, or guesses passwords.
Information as evidence Trail of digital information Digital cameras Cell phones Satellite tracking devices