SlideShare une entreprise Scribd logo

Cyber Law & Forensics

H
Harshita Ved

RGPV unit 3.

Ingénierie
1  sur  15
Télécharger pour lire hors ligne
UNIT-3: Introduction to computer and cyber-crimes. Cyber-crimes and related concepts, distinction between cyber-crimes and conventional crimes, Cyber criminals and their objectives. Kinds of cyber-crimes cyber stalking; cyber pornography, forgery and fraud, crime related to IPRs, cyber-terrorism; computer vandalism etc. Cyber forensics, computer forensics and the law, forensic evidence, computer forensic tools. 1. Introduction to computer and cyber crime Computer Crime: It is an act performed by the knowledgeable computer user generally known as hacker that illegally tries to steal company’s or individual’s private information. In some cases, the person or group of persons may be malicious and destroy or corrupt the computer or data file. Computer crime, or cybercrime, is crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. Debarati Halder and K. Jaishankar define cybercrimes as: "Offences that are committed against individuals or groups of individuals with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm, or loss, to the victim directly or indirectly, using modern telecommunication networks such as Internet (Chat rooms, emails, notice boards and groups) and mobile phones (SMS/MMS)". Such crimes may threaten a nation's security and financial health. Issues surrounding these types of crimes have become high-profile, particularly those surrounding hacking, copyright infringement, child pornography, and child grooming. There are also problems of privacy when confidential information is intercepted or disclosed, lawfully or otherwise. Difference between cyber-crime and computer crime “Computer Crime” encompasses crimes committed against the computer, the materials contained therein such as software and data, and its uses as a processing tool. These include hacking, denial of service attacks, unauthorized use of services and cyber vandalism. “Cyber Crime” describes criminal activities committed through the use of electronic communications media. One of the greatest concerns is with regard to cyber-fraud and identity theft through such methods as phishing, pharming, spoofing and through the abuse of online surveillance technology. There are also many other forms of criminal behaviour perpetrated through the use of information technology such as harassment, defamation, pornography, cyber terrorism, industrial espionage and some regulatory offences. 2. Cyber law and related concepts In the era of cyber world as the usage of computers became more popular, there was expansion in the growth of technology as well, and the term ‘Cyber’ became more familiar to the people. The evolution of Information Technology (IT) gave birth to the cyber space wherein internet provides equal opportunities to all the people to access any information, data storage, analyses etc. with the use of high technology. Due to increase in the number of netizens, misuse of technology in the cyberspace was clutching up which gave birth to cyber-crimes at the domestic and international level as well.  Cyber Crimes Actually Means: It could be hackers vandalizing your site, viewing confidential information, stealing trade secrets or intellectual property with the use of internet. It can also include ‘denial of services’ and viruses’ attacks preventing regular traffic from reaching your site. Cyber-crimes are not limited to outsiders except in case of viruses and with respect to security related cyber- crimes that usually done by the employees of particular company who can easily access the password and data storage of the company for their benefits. Cyber-crimes also include criminal activities done with the use of computers which further perpetuates crimes i.e. financial crimes, sale of illegal articles, pornography, online gambling, intellectual property crime, e-mail, spoofing, forgery, cyber defamation, cyber stalking, unauthorized access to Computer system, theft of information contained in the electronic form, e- mail bombing, physically damaging the computer system etc.  Classifications of Cyber Crimes: Cyber Crimes which are growing day by day, it is very difficult to find out what is actually a cyber- crime and what is the conventional crime so to come out of this confusion, cyber-crimes can be classified under different categories which are as follows: 1. Cyber Crimes against Persons: There are certain offences which affects the personality of individuals can be defined as:  Harassment via E-Mails: It is very common type of harassment through sending letters, attachments of files & folders i.e. via e- mails. At present harassment is common as usage of social sites i.e. Facebook, Twitter etc. increasing day by day.  Cyber-Stalking: It means expressed or implied a physical threat that creates fear through the use to computer technology such as internet, e-mail, phones, text messages, webcam, websites or videos.  Dissemination of Obscene Material: It includes Indecent exposure/ Pornography (basically child pornography), hosting of web site containing these prohibited materials. These obscene matters may cause harm to the mind of the adolescent and tend to deprave or corrupt their mind.  Defamation: It is an act of imputing any person with intent to lower down the dignity of the person by hacking his mail account and sending some mails with using vulgar language to unknown persons mail account.  Hacking: It means unauthorized control/access over computer system and act of hacking completely destroys the whole data as well as computer programmers. Hackers usually hacks telecommunication and mobile network.  Cracking: It is amongst the gravest cybercrimes known till date. It is a dreadful feeling to know that a stranger has broken into your computer systems without your knowledge and consent and has tampered with precious confidential data and information.
 E-Mail Spoofing: A spoofed e-mail may be said to be one, which misrepresents its origin. It shows its origin to be different from which actually it originates. Email Spoofing is changing the email header so it looks like it’s coming from someone else. This is sadly easy to do. This is also used to try to trick people into giving out personal information. This is illegal under the CAN-SPAM Act.  SMS Spoofing: Spoofing is a blocking through spam which means the unwanted uninvited messages. Here an offender steals identity of another in the form of mobile phone number and sending SMS via internet and receiver gets the SMS from the mobile phone number of the victim. It is very serious cyber-crime against any individual.  Carding: It means false ATM cards i.e. Debit and Credit cards used by criminals for their monetary benefits through withdrawing money from the victim’s bank account mala-fidely. There is always unauthorized use of ATM cards in this type of cybercrimes.  Cheating & Fraud: It means the person who is doing the act of cyber-crime i.e. stealing password and data storage has done it with having guilty mind which leads to fraud and cheating.  Child Pornography: It involves the use of computer networks to create, distribute, or access materials that sexually exploit underage children.  Assault by Threat: refers to threatening a person with fear for their lives or lives of their families through the use of a computer network i.e. E-mail, videos or phones. 2. Crimes Against Persons Property: As there is rapid growth in the international trade where businesses and consumers are increasingly using computers to create, transmit and to store information in the electronic form instead of Conventional paper documents. There are certain offences which affects person’s property which are as follows:  Intellectual Property Crimes: Intellectual property consists of a bundle of rights. Any unlawful act by which the owner is deprived completely or partially of his rights is an offence. The common form of IPR violation may be said to be software piracy, infringement of copyright, trademark, patents, designs and service mark violation, theft of computer source code, etc.  Cyber Squatting: It means where two persons claim for the same Domain Name either by claiming that they had registered the name first on by right of using it before the other or using something similar to that previously. For example, two similar names i.e. www.yahoo.com and www.yaahoo.com.  Cyber Vandalism: Vandalism means deliberately destroying or damaging property of another. Thus cyber vandalism means destroying or damaging the data when a network service is stopped or disrupted. It may include within its purview any kind of physical harm done to the computer of any person. These acts may take the form of the theft of a computer, some part of a computer or a peripheral attached to the computer.  Hacking Computer System: Hacktivism attacks those included Famous Twitter, blogging platform by unauthorized access/control over the computer. Due to the hacking activity there will be loss of data as well as computer. Also research especially indicates that those attacks were not mainly intended for financial gain too and to diminish the reputation of particular person or company.  Transmitting Virus: Viruses are programs that attach themselves to a computer or a file and then circulate themselves to other files and to other computers on a network. They usually affect the data on a computer, either by altering or deleting it. Worm attacks plays major role in affecting the computerize system of the individuals.  Cyber Trespass: It means to access someone’s computer without the right authorization of the owner and does not disturb, alter, misuse, or damage data or system by using wireless internet connection.  Internet Time Thefts: Basically, Internet time theft comes under hacking. It is the use by an unauthorized person, of the Internet hours paid for by another person. The person who gets access to someone else’s ISP user ID and password, either by hacking or by gaining access to it by illegal means, uses it to access the Internet without the other person’s knowledge. You can identify time theft if your Internet time has to be recharged often, despite infrequent usage. 3. Cybercrimes Against Government: There are certain offences done by group of persons intending to threaten the international governments by using internet facilities. It includes:  Cyber Terrorism: Cyber terrorism is a major burning issue in the domestic as well as global concern. The common form of these terrorist attacks on the Internet is by distributed denial of service attacks, hate websites and hate e-mails, attacks on sensitive computer networks etc. Cyber terrorism activities endanger the sovereignty and integrity of the nation.  Cyber Warfare: It refers to politically motivated hacking to conduct sabotage and espionage. It is a form of information warfare sometimes seen as analogous to conventional warfare although this analogy is controversial for both its accuracy and its political motivation.  Distribution of pirated software: It means distributing pirated software from one computer to another intending to destroy the data and official records of the government.  Possession of Unauthorized Information: It is very easy to access any information by the terrorists with the aid of internet and to possess that information for political, religious, social, ideological objectives. 4. Cybercrimes Against Society at large: An unlawful act done with the intention of causing harm to the cyberspace will affect large number of persons. These offences includes:
 Child Pornography: It involves the use of computer networks to create, distribute, or access materials that sexually exploit underage children. It also includes activities concerning indecent exposure and obscenity.  Cyber Trafficking: It may be trafficking in drugs, human beings, arms weapons etc. which affects large number of persons. Trafficking in the cyberspace is also a gravest crime.  Online Gambling: Online fraud and cheating is one of the most lucrative businesses that are growing today in the cyber space. There are many cases that have come to light are those pertaining to credit card crimes, contractual crimes, offering jobs, etc.  Financial Crimes: This type of offence is common as there is rapid growth in the users of networking sites and phone networking where culprit will try to attack by sending bogus mails or messages through internet. Ex: Using credit cards by obtaining password illegally.  Forgery: It means to deceive large number of persons by sending threatening mails as online business transactions are becoming the habitual need of today’s life style. Case Study-Attacks on Cyberspace:  Worm Attack: The Robert Tappan Morris well Known as First Hacker, Son of former National Security Agency Scientist Robert Morris, was the first person to be prosecuted under the ‘Computer and Fraud Act, 1986’. He has created worm while at Cornell as student claiming that he intended to use the worm to check how large the internet was that time. The worm was uncontrollable due to which around 6000 computer machines were destroyed and many computers were shut down until they had completely malfunctioned. He was ultimately sentenced to three years’ probation, 400 hours of community service and assessed a fine of $10500. So there must be strict laws to punish the criminals who are involved in cybercrime activities.  Hacker Attack: Fred Cohen, a Ph.D. student at the University of Southern California wrote a short program in the year 1983, as an experiment, that could “infect” computers, make copies of itself, and spread from one machine to another. It was beginning & it was hidden inside a larger, legitimate program, which was loaded into a computer on a floppy disk and many computers were sold which can be accommodate at present too. Other computer scientists had warned that computer viruses were possible, but Cohen’s was the first to be documented. A professor of his suggested the name “virus”. Cohen now runs a computer security firm.  Internet Hacker: Wang Qun, who was known by the nickname of “playgirl”, was arrested by Chinese police in the Hubei province first ever arrest of an internet hacker in China. He was a 19-year-old computing student, arrested in connection with the alleged posting of pornographic material on the homepages of several government-run web sites. Wang had openly boasted in internet chat rooms that he had also hacked over 30 other web sites too. Phishing is a scam where an official-looking email is sent to an unsuspecting user to try to trick them out of their username, password, or other information. They are usually directed to click onto a link that goes to a fake (spoofed) version of a real organizations website. This is called Pagejacking. The address bar can even be altered so it appears to be the official website. If you ever get an email requesting that you verify information by clicking on a link, you should insteadGO DIRECTLY TO THEIR WEBSITE WITHOUT CLICKING ON THE LINK, to verify it. Lately phishing is even occurring in instant message programs that appear to be coming from a friends IM signature. Always be cautious in this situation. Vishing is short for 'Voice phishing' and is the latest scam. It may start with an email or it may start with a phone call. These calls can be very believable because often the caller already has your credit card number and just needs you to verify the 3-digit security code on the back of your card. Or it could be an automated system asking you to type in your credit card or account number to verify who you are, which sounds realistic enough. Keystroke Phishing is when a Trojan program is unknowingly downloaded onto your computer that tracks the keystrokes you enter into the computer, and sends it back to the scammer, who hopes to get a username and password from it. Identity Theft is where a person gathers your personal information and poses as you to get credit, merchandise, services, or to use the identity to commit other crimes. They obtain this personal information by phishing, database cracking, or survey. Survey is seemingly innocent questions about mother's maiden name, children and pet names, and birth dates that can give access to a surprising amount of passwords and usernames. Once a phisher has your credit card number it can be sold to someone who then creates a credit card to use on an ATM machine. Identity theft is spreading on the internet, but surprisingly it is still safer to give out your credit card number on the internet then to give it to an unknown salesperson or waiter. 97% of all identity theft crimes are caused from offline instances, not online. For instance, two places that identity thieves get your information from are your mailbox, and your trash can. Protect Yourself from Identity Theft  Cross-shed documents  Review your credit report twice a year  Be aware of billing cycles and put vacation holds on mail  Never reveal your Social Security number unless absolutely necessary  Don't carry seldom used credit cards or unnecessary id's  Be aware that identity stealers are not always strangers  Don't give out personal information over the phone, mail or posts on the internet
 Take out the hard drive from a computer and destroy it before discarding. Even if deleted, personal information can still be recovered from a computer's hard drive Cookie Poisoning is the modification of cookies that are put on your computer by an attacker to gain information about a user. Spyware is software that is downloaded onto a user’s computer without his knowledge and used for malevolent purposes. It can be downloaded simply by going to a website (called Drive-by Downloads), or it can be downloaded unknowingly while installing another program. Spyware can crash computers, slow performance, track emails and visited websites, and track keystrokes that capture the user’s personal information. Programs such as Spybot, Spy Sweeper, and Ad-Aware can be good for checking and removing these unwanted harmful programs from your computer. Malware is the malicious software that is developed for the purpose of doing harm. Malware examples are Computer Viruses, Worms, and Trojan horses. A Worm is a self-replicating virus that continues to duplicate itself taking up memory and resources. A Trojan horse is a hidden program that later gains control and causes damage to your computer. Wardriving is the practice of driving around in a vehicle with a Wi-Fi enabled laptop looking for available signals to use. Wardriving steals internet access and is considered a crime of telecommunications theft. Wireless signals can be transmitted 500 feet or more and should be protected with passwords. Pod Slurping is stealing data by use of iPods, or downloading malicious software via iPods. Cyberstalking is a crime where the attacker harasses the victim using electronic communication such as email, IM's, chat rooms, discussion groups. Cyber stalkers rely on the anonymity of the Internet thinking they cannot be caught. This may continue to actual physical stalking. Federal law imposes a $1,000 fine or 5 years’ imprisonment for anyone transmitting in interstate commerce a threat to injure or kidnap someone. Trojan Horse: A deceptive program that steals passwords. Trapdoors: Gains entry through access points for system maintenance. Spoofing: Tie up network computers by sending them tons of bogus enquiries. Data Didding: A fraud that input involves input manipulation. Salami Technique- Thin slices of information are removed and send to other accounts. Distributed DOS A distributed denial of service (DoS) attack is accomplished by using the Internet to break into computers and using them to attack a network. Hundreds or thousands of computer systems across the Internet can be turned into “zombies” and used to attack another system or website. Types of DOS There are three basic types of attack: a. Consumption of scarce, limited, or non-renewable resources like NW bandwidth, RAM, CPU time. Even power, cool air, or water can affect. b. Destruction or Alteration of Configuration Information c. Physical Destruction or Alteration of Network Components Preventive Measures for Cyber Crimes: Prevention is always better than cure. A netizen should take certain precautions while operating the internet and should follow certain preventive measures for cyber-crimes which can be defined as:  Identification of exposures through education will assist responsible companies and firms to meet these challenges.  One should avoid disclosing any personal information to strangers via e-mail or while chatting.  One must avoid sending any photograph to strangers by online as misusing of photograph incidents increasing day by day.  An update Anti-virus software to guard against virus attacks should be used by all the netizens and should also keep back up volumes so that one may not suffer data loss in case of virus contamination.  A person should never send his credit card number to any site that is not secured, to guard against frauds.
 It is always the parents who have to keep a watch on the sites that your children are accessing, to prevent any kind of harassment or depravation in children.  Web site owners should watch traffic and check any irregularity on the site. It is the responsibility of the web site owners to adopt some policy for preventing cyber-crimes as number of internet users are growing day by day.  Web servers running public sites must be physically separately protected from internal corporate network.  It is better to use a security programmer by the body corporate to control information on sites.  Strict statutory laws need to be passed by the Legislatures keeping in mind the interest of netizens.  IT department should pass certain guidelines and notifications for the protection of computer system and should also bring out with some more strict laws to breakdown the criminal activities relating to cyberspace.  As Cyber Crime is the major threat to all the countries worldwide, certain steps should be taken at the international level for preventing the cybercrime.  A complete justice must be provided to the victims of cyber-crimes by way of compensatory remedy and offenders to be punished with highest type of punishment so that it will anticipate the criminals of cyber-crime. Conventional Crime Vs Cyber Crime S.NO. Cyber Crime Conventional Crime 1. One of the differences between cybercrime and Conventional crime is the evidence of the offenses. cybercriminals rely on the Internet via which they commit their crimes, and it leaves very little evidence about the cybercrime. Forensic investigators usually experience great difficulty in gathering evidence that could lead to the conviction of cybercriminals Conventional criminals usually leave traces of a crime, through either fingerprints or other physical evidences 2. since these criminals can freely change their identities. The Internet also allows the anonymity of its users, and this implies that cybercriminals can use any pseudonyms for their identification. it is difficult for Conventional criminals to fake them gender, race, or age. 3. this leads to the second difference between Conventional and cybercrimes, length of investigations. Since cybercrime involves perpetrators using falsified names and working from remote locations, it usually takes longer to identify the real cybercriminals and apprehend them. In most cases, cybercriminals (such as hackers) escape from arrest because the investigators cannot locate them. Conventional crimes take shorter time period to investigate because the criminals usually leave evidence that can be used to spot them. For instance, Conventional criminals can leave evidence such as DNA, fingerprints, photographs and videos captured on surveillance cameras, or personal belongings such as identity cards, and this makes it easy for investigators to identify and capture the culprits. In addition, such evidence makes it easy for the judiciary to convict the offenders. 4. difference between Conventional crimes and cybercrimes is the force involved. Cybercrimes do not require the use of any force since the criminals merely use the identities of their victims to steal from them. For ex, cybercriminals use spoofing and phishing to obtain personal information such as credit card numbers from their victims, or use encrypted emails to coordinate violence remotely. Most of the Conventional crimes (such as rape, murder, arson, and burglary among others) involve the use of excessive force that results in physical injury and trauma on the victims. Cyber criminals and their objectives  Hacking for fun- to prove their technical skills in breaching digital security systems. Such hackers are not interested in the information they access from hacking other computers.  Criminal gain- to defraud their victims by accessing and manipulating their personal data. Such hackers use financial information and passwords of the victims to transfer their funds into private accounts, and this may result in massive financial losses to the victims.  Making statements (hacktivists)- to make ideological or political points by stealing classified information from business and government databases. In most cases, the hackers attack these organizations to protest against inactivity by the government in addressing various issues or injustices perpetrated by private businesses.  Improving security (blue hat hackers)- Such individuals are usually employed to identify any vulnerabilities and bugs in the digital security systems of companies. This helps the companies in improving the safety of their systems and prevent attacks by malicious hackers. This is done to find weaknesses, vulnerabilities, and bugs in computer systems.
 Personal Profit- High Skilled IT professional are attracted by this dark side.  Curiosity- They start to search for information and end up stealing and selling  Disgruntled employees- with the increase independence on computers and the automation of processes, it is easier for disgruntled employees to do more harm to their employers by committing computer related crimes, which can bring entire systems down. Kinds of Cyber Crimes Cyberstalking Cyberstalking is the use of the Internet or other electronic means to stalk or harass an individual, a group, or an organization.[1] It may include false accusations, defamation, slander and libel. It may also include monitoring, identity theft, threats, vandalism, solicitation for sex, or gathering information that may be used to threaten or harass. Cyberstalking is often accompanied by real time or offline stalking.[2] Both are criminal offenses.[3] Both are motivated by a desire to control, intimidate or influence a victim.[4] A stalker may be an online stranger or a person whom the target knows. He may be anonymous and solicit involvement of other people online who do not even know the target. Cyberstalking is a criminal offense under various state anti-stalking, slander and harassment laws. A conviction can result in a restraining order, probation, or criminal penalties against the assailant, including jail. A number of key factors have been identified in cyberstalking:  False accusations. Many cyberstalkers try to damage the reputation of their victim and turn other people against them. They post false information about them on websites. They may set up their own websites, blogs or user pages for this purpose. They post allegations about the victim to newsgroups, chat rooms, or other sites that allow public contributions such as Wikipedia or Amazon.com.  Attempts to gather information about the victim. Cyberstalkers may approach their victim's friends, family and work colleagues to obtain personal information. They may advertise for information on the Internet, or hire a private detective  Monitoring their target's online activities and attempting to trace their IP address in an effort to gather more information about their victims.  Encouraging others to harass the victim. Many cyberstalkers try to involve third parties in the harassment. They may claim the victim has harmed the stalker or his/her family in some way, or may post the victim's name and telephone number in order to encourage others to join the pursuit.  False victimization. The cyberstalker will claim that the victim is harassing him/her. Bocij writes that this phenomenon has been noted in a number of well-known cases.  Attacks on data and equipment. They may try to damage the victim's computer by sending viruses.  Ordering goods and services. They order items or subscribe to magazines in the victim's name. These often involve subscriptions to pornography or ordering sex toys then having them delivered to the victim's workplace.  Arranging to meet. Young people face a particularly high risk of having cyberstalkers try to set up meetings between them.  The posting of defamatory or derogatory statements. Using web pages and message boards to incite some response or reaction from their victim. 1.1. Types 1. Staking by Strangers 2. Gender based Stalking 3. Of intimate partners 4. Of Celebrities and public person 5. Corporate Cyberstalking 6. Anonymous online mobs
1.2. Motives and profile Mental profiling of digital criminals has identified psychological and social factors that motivate stalkers as: envy; pathological obsession (professional or sexual); unemployment or failure with own job or life; intention to intimidate and cause others to feel inferior; the stalker is delusional and believes he/she "knows" the target; the stalker wants to instill fear in a person to justify his/her status; belief they can get away with it (anonymity); intimidation for financial advantage or business competition; revenge over perceived or imagined rejection. [30][31] Four types of cyberstalkers: Preliminary work by Leroy McFarlane and Paul Bocij has identified four types of cyberstalkers: the vindictive cyberstalkers noted for the ferocity of their attacks; the composed cyberstalker whose motive is to annoy; the intimate cyberstalker who attempts to form a relationship with the victim but turns on them if rebuffed; and collective cyberstalkers, groups with a motive. Cyber Pornography Cyber pornography is the act of using cyberspace to create, display, distribute, import, or publish pornography or obscene materials, especially materials depicting children engaged in sexual acts with adults. Cyber pornography is a criminal offense, classified as causing harm to persons. There is no settled definition of pornography or obscenity. What is considered simply sexually explicit but not obscene in USA may well be considered obscene in India. There have been many attempts to limit the availability of pornographic content on the Internet by governments and law enforcement bodies all around the world but with little effect. Pornography on the Internet is available in different formats. These range from pictures and short animated movies, to sound files and stories. The Internet also makes it possible to discuss sex, see live sex acts, and arrange sexual activities from computer screens. Although the Indian Constitution guarantees the fundamental right of freedom of speech and expression, it has been held that a law against obscenity is constitutional. The Supreme Court has defined obscene as “offensive to modesty or decency; lewd, filthy, repulsive. Section 67 of the IT Act is the most serious Indian law penalizing cyber pornography. Other Indian laws that deal with pornography include the Indecent Representation of Women (Prohibition) Act and the Indian Penal Code. Internet pornography is any pornography that is accessible over the Internet, primarily via websites, peer-to-peer file sharing, or Usenet newsgroups. The availability of widespread public access to the World Wide Web in 1991 led to the growth of Internet pornography. A 2015 study finds "a big jump" in pornography viewing over the past few decades, with the largest increase occurring between people born in the 1970s and those born in the 1980s. While the study's authors note this increase is "smaller than conventional wisdom might predict," it's still quite significant. Children born in the 1980s onward are also the first to grow up in a world where they have access to the Internet beginning in their teenage years, and this early exposure and access to Internet pornography may be the primary driver of the increase. 2. History and methods of distribution 2.1. Before the World Wide Web Pornography is regarded by some as one of the driving forces behind the expansion of the World Wide Web, like the camcorder VCR and cable television before it.[2] Pornographic images had been transmitted over the Internet as ASCII porn but to send images over network needed computers with graphics capability and also higher network bandwidth. 2.2. Usenet Groups Usenet newsgroups provided an early way of sharing images over the narrow bandwidth available in the early 1990s. Because of the network restrictions of the time, images had to be encoded as ascii text and then broken into sections before being posted to the Alt.binaries of the usenet. These files could then be downloaded and then reassembled before being decoded back to an image. 2.3. Free vs. commercial On the Web, there are both commercial and free pornography sites. The bandwidth usage of a pornography site is relatively high, and the income a free site can earn through advertising may not be sufficient to cover the costs of that bandwidth. 2.3.1. TGP The most common form of adult content is a categorized list (more often it's a table) of small pictures (called "thumbnails") linked to galleries. These sites are called a Thumbnail gallery post (TGP). As a rule, these sites sort thumbs by category and type of content available on a linked gallery. Sites containing thumbs that lead to galleries with video content are called MGP (Movie Gallery Post). The main benefit of TGP/MGP is that the surfer can get a first impression of the content provided by a gallery without actually visiting it. 2.3.2. Link lists Link lists unlike TGP/MGP sites do not display a huge amount of pictures. A link list is a (frequently) categorized web list of links to so called "free sites*", but unlike TGPs, links are provided in a form of text, not thumbs.
2.3.3. Usenet Another free source of pornography on the Internet are the Usenet newsgroups that were the first home to such material. Newsgroups tend to be poorly organized and flooded with content that is off-topic or spam. Commercial software and websites are available that allow browsing the images or videos on newsgroups, sometimes with galleries of thumbnail images. 2.3.4. Peer-to-peer Peer-to-peer file sharing networks provide another form of free access to pornography.  Child pornography The Internet has radically changed how child pornography is reproduced and disseminated, and, according to the United States Department of Justice, resulted in a massive increase in the "availability, accessibility, and volume of child pornography."[7] The production of child pornography has become very profitable, bringing in several billion dollars a year, and is no longer limited to pedophiles  Section 67 of the IT Act is the most serious Indian law penalizing cyber pornography. Other Indian laws that deal with pornography include the Indecent Representation of Women (Prohibition) Act and the Indian Penal Code. According to Section 67 of the IT Act Whoever publishes or transmits or causes to be published in the electronic form, any material which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave and corrupt persons who are likely, having regard to all relevant circumstances, to read, see or hear the matter contained or embodied in it, shall be punished on first conviction with imprisonment of either description for a term which may extend to five years and with fine which may extend to one lakh rupees and in the event of a second or subsequent conviction with imprisonment of either description for a term which may extend to ten years and also with fine which may extend to two lakh rupees. Forgery and Fraud Forgery is the process of making, adapting, or imitating objects, statistics, or documents with the intent to deceive for the sake of altering the public perception, or to earn profit by selling the forged item. Copies, studio replicas, and reproductions are not considered forgeries, though they may later become forgeries through knowing and willful misrepresentations. Forging money or currency is more often called counterfeiting. But consumer goods may also be counterfeits if they are not manufactured or produced by the designated manufacture or producer given on the label or flagged by the trademark symbol. When the object forged is a record or document it is often called a false document. How is Forgery Facilitated in order to Commit Identity Theft? Forgery charges can span the realm of legality; both the nature, as well as the crime itself – with regard to any or all the victims involved – with allow for a shift within the respective setting in which the act of forgery takes place: Electronic Forgery The misuse of computer networks, the internet, and various avenues within the online community in order to defraud potential victims of identity theft is classified as electronic – or online forgery. Electronic Forgery is quite common within the digital age, which can include the illegal and unlawful reproduction of endorsements in the form of electronic signatures in order to illicitly assume the identity of the victim of identity theft. Financial Forgery Criminal – fraudulent - activity applicable to the events involving the exchange and circulation of monies or currency may be classified as financial forgery. Identity theft resulting from this type of forgery can occur in a variety of fashions, including fraudulent purchases through the use of finances – and financial information – belonging to the victims of this crime. Commercial Forgery Forgery involving business activities, commercial endeavors, or professional operation of the provision of products or services is classified as commercial forgery; items unlawfully purchased with illegal and illicit finances may result from identity theft. Governmental and Administrative Forgery Administrative forgery includes the vast expanses of laws, acts, ordinances, and legislation with regard to the Federal Government of the United States; identity theft in an administrative realm may include the unlawful duplication of documentation or the illegal officiating of government-mandated forms and requirements. How to Prevent Electronic Identity Theft Due to technological innovation, electronic identity theft is considered by many to be one of the most recently-developed crimes, credited – in part - to the ongoing advent of computer-based technology. This type of technology relies heavily on the Internet and online
activity, and as a result, regulations and oversight of this type of activity has been expressed in the spectrum of preventative measures involving the cessation of electronic identity theft. Companies providing methods of Identity theft prevention - including Lifelock, which is one of the most widely-acclaimed and recognized – have employed protective measures ranging from securing online perimeters to communicative transmission inquiring about the validity of unsubstantiated activity; these types of companies have found their respective niche within the prevention of identity fraud upon providing protection in lieu of infringing on personal privacy. In law, fraud is deliberate deception to secure unfair or unlawful gain, or to deprive a victim of a legal right. Fraud itself can be a civil wrong (i.e., a fraud victim may sue the fraud perpetrator to avoid the fraud and/or recover monetary compensation), a criminal wrong (i.e., a fraud perpetrator may be prosecuted and imprisoned by governmental authorities) or it may cause no loss of money, property or legal right but still be an element of another civil or criminal wrong.[1] The purpose of fraud may be monetary gain or other benefits, such as obtaining a driver's license or qualifying for a mortgage by way of false statements.[2] A hoax is a distinct concept that involves deliberate deception without the intention of gain or of materially damaging or depriving a victim. Cyber fraud also refers to data break-ins, identity theft, and cyberbullying, all of which are seriously damaging. Tips for Avoiding Credit Card Fraud:  Don’t give out your credit card number online unless the site is secure and reputable. Sometimes a tiny icon of a padlock appears to symbolize a higher level of security to transmit data. This icon is not a guarantee of a secure site, but provides some assurance.  Don’t trust a site just because it claims to be secure.  Before using the site, check out the security/encryption software it uses.  Make sure you are purchasing merchandise from a reputable source.  Do your homework on the individual or company to ensure that they are legitimate?  Obtain a physical address rather than simply a post office box and a telephone number, and call the seller to see if the telephone number is correct and working.  Send an e-mail to the seller to make sure the e-mail address is active, and be wary of those that utilize free e-mail services where a credit card wasn’t required to open the account.  Consider not purchasing from sellers who won’t provide you with this type of information.  Check with the Better Business Bureau from the seller’s area.  Check out other websites regarding this person/company.  Don’t judge a person or company by their website; flashy websites can be set up quickly.  Be cautious when responding to special investment offers, especially through unsolicited e-mail.  Be cautious when dealing with individuals/companies from outside your own country.  If possible, purchase items online using your credit card. You can often dispute the charges if something goes wrong.  Make sure the transaction is secure when you electronically send your credit card number.  Keep a list of all your credit cards and account information along with the card issuer’s contact information. If anything looks suspicious or you lose your credit card(s), contact the card issuer immediately. Crime Related to IPR Intellectual property (IP) theft is defined as theft of material that is copyrighted, the theft of trade secrets, and trademark violations. Examples of copyrighted material commonly stolen online are computer software, recorded music, movies, and electronic games. Theft of trade secrets means the theft of ideas, plans, methods, technologies, or any sensitive information from all types of industries including manufacturers, financial service institutions, and the computer industry. A trademark violation involves counterfeiting or copying brand name products such as well-known types of shoes, clothing, and electronics equipment and selling them as the genuine or original product. The two forms of IP most frequently involved in cybercrime are copyrighted material and trade secrets. Piracy is a term used to describe IP theft—piracy of software, piracy of music, etc. Theft of IP affects the entire U.S. economy. Billions of dollars are lost every year to IP pirates. For example, thieves sell pirated computer software for games or programs to millions of Internet users. The company that actually produced the real product loses these sales and royalties rightfully due to the original creator. Cyber Terrorism
Cyberterrorism is the act of Internet terrorism in terrorist activities, including acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet, by the means of tools such as computer viruses. Cyberterrorism is a controversial term. Some authors choose a very narrow definition, relating to deployments, by known terrorist organizations, of disruption attacks against information systems for the primary purpose of creating alarm and panic. By this narrow definition, it is difficult to identify any instances of cyberterrorism. Cyberterrorism can be also defined as the intentional use of computer, networks, and public internet to cause destruction and harm for personal objectives.[1] Objectives may be political or ideological since this can be seen as a form of terrorism. 3. Types of cyberterror capability The following three levels of cyberterror capability is defined by Monterey group  Simple-Unstructured: The capability to conduct basic hacks against individual systems using tools created by someone else. The organization possesses little target analysis, command and control, or learning capability.  Advanced-Structured: The capability to conduct more sophisticated attacks against multiple systems or networks and possibly, to modify or create basic hacking tools. The organization possesses an elementary target analysis, command and control, and learning capability.  Complex-Coordinated: The capability for a coordinated attack capable of causing mass-disruption against integrated, heterogeneous defenses (including cryptography). Ability to create sophisticated hacking tools. Highly capable target analysis, command and control, and organization learning capability. Examples:  In March 2013, the New York Times reported on a pattern of cyber-attacks against U.S. financial institutions believed to be instigated by Iran as well as incidents affecting South Korean financial institutions that originate with the North Korean government.[15]  In August 2013, media companies including the New York Times, Twitter and the Huffington Post lost control of some of their websites Tuesday after hackers supporting the Syrian government breached the Australian Internet company that manages many major site addresses. The Syrian Electronic Army, a hacker group that has previously attacked media organizations that it considers hostile to the regime of Syrian president Bashar al-Assad, claimed credit for the Twitter and Huffington Post hacks in a series of Twitter messages. Electronic records showed that NYTimes.com, the only site with an hours-long outage, redirected visitors to a server controlled by the Syrian group before it went dark.[28]  Pakistani Cyber Army is the name taken by a group of hackers who are known for their defacement of websites, particularly Indian, Chinese, and Israeli companies and governmental organizations, claiming to represent Pakistani nationalist and Islamic interests.[29] The group is thought to have been active since at least 2008,[30] and maintains an active presence on social media, especially Facebook. It's members have claimed responsibility for the hijacking of websites belonging to Acer, [31] BSNL,[32] India's CBI, Central Bank, and the State Government of Kerala. Cyberterrorism is an attractive option for modern terrorists for several reasons. • First, it is cheaper than traditional terrorist methods. All that the terrorist needs is a personal computer and an online connection. Terrorists do not need to buy weapons such as guns and explosives; instead, they can create and deliver computer viruses through a telephone line, a cable, or a wireless connection. • Second, cyberterrorism is more anonymous than traditional terrorist methods. Like many Internet surfers, terrorists use online nicknames—” screen names”—or log on to a website as an unidentified “guest user,” making it very hard for security agencies and police forces to track down the terrorists’ real identity. And in cyberspace there are no physical barriers such as checkpoints to navigate, no borders to cross, and no customs agents to outsmart. • Third, the variety and number of targets are enormous. The cyberterrorist could target the computers and computer networks of governments, individuals, public utilities, private airlines, and so forth. The sheer number and complexity of potential targets guarantee that terrorists can find weaknesses and vulnerabilities to exploit. Several studies have shown that critical infrastructures, such as electric power grids and emergency services, are vulnerable to a cyberterrorist attack because the infrastructures and the computer systems that run them are highly complex, making it effectively impossible to eliminate all weaknesses. • Fourth, cyberterrorism can be conducted remotely, a feature that is especially appealing to terrorists. Cyberterrorism requires less physical training, psychological investment, risk of mortality, and travel than conventional forms of terrorism, making it easier for terrorist organizations to recruit and retain followers. • Fifth, as the I LOVE YOU virus showed, cyberterrorism has the potential to affect directly a larger number of people than traditional terrorist methods, thereby generating greater media coverage, which is ultimately what terrorists want. Cyber Vandalism Vandalism is "action involving deliberate destruction of or damage to public or private property". Cyber vandals are individuals who damage information infrastructures purely for their own enjoyment and pleasure. Their primary motivation is not financial; it is the desire to prove that the feat could be accomplished. Once inside they leave their mark so there is no denying their presence. Computer vandalism is a type of malicious behaviour that involves damages computers and data in various ways and potentially disrupting businesses. Typical computer vandalism involves the creation of malicious programs designed to perform harmful tasks such as erasing hard drive data or extracting login credentials. Computer vandalism differs from viruses, which attach themselves to existing programs Types of computer vandals:
In the early days of the development of malware, the majority of computer viruses and Trojans were created by students and other young programmers – plus some older, more experienced programmers. Today, there are still four main types of computer vandal:  Skilled students… showing off! In many cases, students – that have just mastered the use of a programming language – may want to try out their skills, test their ability, or prove how clever they are. Fortunately, many of these malware creators do not actually distribute their malware – instead, they may send the virus or worm virus to an antivirus company.  Inexperienced youths… assisted by the Internet Young people that haven’t quite mastered the art of programming may also turn to computer vandalism – sometimes to prove their ‘self-worth’. In the past, this resulted in primitive viruses. However, there are now numerous websites that explain how to write and distribute computer viruses – and how viruses can sidestep antivirus software. So the Internet has made it much easier for the inexperienced to create their own viruses.  ‘Professional developers’ As young virus writers mature; their experience can make their activities much more dangerous. Older, talented programmers can create very ‘professional’ computer viruses. These can be sophisticated programs that use innovative methods to intrude into data system domains, or can exploit security vulnerabilities within operating environments, capitalize on social engineering, or use a range of other tricks.  Researchers These are shrewd programmers that are capable of inventing new methods of infecting computers, concealing the infection, and resisting the actions of antivirus software. The programmer’s objective is to research the potential of ‘computer fauna’. The programmer may choose not to spread their creations – but actively promote their ideas, via numerous Internet resources that are devoted to the creation of computer viruses. Those ideas and ‘research viruses’ may then be used by malicious individuals or criminals. Various vandal A vandal is an executable file, usually an applet or an ActiveX control, associated with a Web page that is designed to be harmful, malicious, or at the very least inconvenient to the user. Since such applets or little application programs can be embedded in any HTML file, they can also arrive as an e-mail attachment or automatically as the result of being pushed to the user. Vandals can be viewed as viruses that can arrive over the Internet stuck to a Web page. Vandals are sometimes referred to as "hostile applets." Vandals can be harmful in two general ways:  They can get access to sensitive information within the computer system where they execute, such as passwords and encryption keys.  They can cause loss or denial of service within the local computer system. For example, they can flood the system with data so that it runs out of memory, or they can slow down Internet connections. The best way to protect yourself against a hostile applet is to know who you are downloading a Web page from or who has sent you an HTML page as an e-mail attachment. Major corporate Web sites or major Web publishers are unlikely to be the source of a vandal (but it can happen). One recent scam in late 1997 involved a pornography site that invited the downloading of a page whose ActiveX control reconnected the user to the Web through an expensive international phone number. In another incident, a group of German crackers demonstrated an ActiveX control that could transfer funds from one bank account to another without having to enter a user identification number. 2. How to protect yourself against Computer Vandalism Anti-malware software is vital in defending your computer, mobile devices, and data against computer vandalism, viruses, worms, Trojans, and other malware. Recent Events  Unidentified hackers gained access to the United States Justice Department's Web site on Aug. 16 and replaced it with a hate-filled diatribe labeled the ``Department of Injustice'' that included a swastika and a picture of Adolf Hitler. "  Prosecutors in Fairfax County, Virginia, filed criminal charges against two Georgia Mason University students for hacking their way into university computers and sending derogatory e-mail under the names of random students and staff members. Cyber Squatting: cybersquatting is registering, trafficking in, or using a domain name with bad-faith intent to profit from the goodwill of a trademark belonging to someone else. The term derives from squatting, the practice of inhabiting someone else's property without their permission. Many cybersquatters reserve common English words, reasoning that sooner or later someone will want to use one for their Web site. Another target is mis-typed spellings of popular web sites. Cybersquatters will also regularly comb lists of recently expired domain names, hoping to sell back the domain name to a registrant who inadvertently let his domain name expire. Since there is an initial and yearly fee for owning a domain name, some cybersquatters reserve a long list of names and defer paying for them until forced to - preempting their use by others at no cost to themselves. The registry companies are working on this problem. Meanwhile, the Internet Corporation for Assigned Names and Numbers (ICANN), which licenses the domain name registrars, is working
on a process for resolving domain name disagreements outside of the regular court system. Although trademark laws may offer some protection, it is often cheaper to buy the domain name from the cybersquatters than it is to sue for its use. Cyber Forensics: Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law. The goal of computer forensics is to perform a structured investigation while maintaining a documented chain of evidence to find out exactly what happened on a computing device and who was responsible for it. Two basic types of data are collected in computer forensics. Persistent data is the data that is stored on a local hard drive (or another medium) and is preserved when the computer is turned off. Volatile data is any data that is stored in memory, or exists in transit, that will be lost when the computer loses power or is turned off. Volatile data resides in registries, cache, and random access memory (RAM). Since volatile data is ephemeral, it is essential an investigator knows reliable ways to capture it. Forensic investigators typically follow a standard set of procedures:  After physically isolating the device in question to make sure it cannot be accidentally contaminated; investigators make a digital copy of the device's storage media.  Once the original media has been copied, it is locked in a safe or other secure facility to maintain its pristine condition. All investigation is done on the digital copy.  Investigators use a variety of techniques and proprietary software forensic applications to examine the copy, searching hidden folders and unallocated disk space for copies of deleted, encrypted, or damaged files.  Any evidence found on the digital copy is carefully documented in a "finding report" and verified with the original in preparation for legal proceedings that involve discovery, depositions, or actual litigation. Computer forensics has become its own area of scientific expertise, with accompanying coursework and certification. 1. Disk Forensics 2. Network Forensics 3. Mobile Device Forensics 4. Live Forensics. 5. Memory Forensics 6. Multimedia Forensics 7. Internet Forensics Forensic process Computer forensic investigations usually follow the standard digital forensic process or phases: acquisition, examination, analysis and reporting. Investigations are performed on static data (i.e. acquired images) rather than "live" systems. This is a change from early forensic practices where a lack of specialist tools led to investigators commonly working on live data. 1.1. Techniques A number of techniques are used during computer forensics investigations and much has been written on the many techniques used by law enforcement in particular. Cross-drive analysis A forensic technique that correlates information found on multiple hard drives. The process, still being researched, can be used to identify social networks and to perform anomaly detection. Live analysis The examination of computers from within the operating system using custom forensics or existing sysadmin tools to extract evidence. The practice is useful when dealing with Encrypting File Systems, for example, where the encryption keys may be collected and, in some instances, the logical hard drive volume may be imaged (known as a live acquisition) before the computer is shut down. Deleted files A common technique used in computer forensics is the recovery of deleted files. Modern forensic software have their own tools for recovering or carving out deleted data.[11] Most operating systems andfile systems do not always erase physical file data, allowing investigators to reconstruct it from the physical disk sectors. File carving involves searching for known file headers within the disk image and reconstructing deleted materials. Stochastic forensics A method which uses stochastic properties of the computer system to investigate activities lacking digital artifacts. Its chief use is to investigate data theft. Steganography One of the techniques used to hide data is via steganography, the process of hiding data inside of a picture or digital image. An example would be to hide pornographic images of children or other information that a given criminal does not want to have discovered. Computer
forensics professionals can fight this by looking at the hash of the file and comparing it to the original image (if available.) While the image appears exactly the same, the hash changes as the data changes. Computer Forensics and the Law Legal issues may confuse or distract from a computer examiner’s findings. An example here would be the ‘Trojan Defense. A Trojan is a piece of computer code disguised as something benign but which carries a hidden and malicious purpose. Trojans have many uses, and include key-logging), uploading and downloading of files and installation of viruses. A lawyer may be able to argue that actions on a computer were not carried out by a user but were automated by a Trojan without the user’s knowledge; such a Trojan Defense has been successfully used even when no trace of a Trojan or other malicious code was found on the suspect’s computer. In such cases, a competent opposing lawyer, supplied with evidence from a competent computer forensic analyst, should be able to dismiss such an argument. Increasingly, laws are being passed that require organizations to safeguard the privacy of personal data. It is becoming necessary to prove that your organization is complying with computer security best practices. If there is an incident that affects critical data, for instance, the organization that has added a computer forensics capability to its arsenal will be able to show that it followed a sound security policy and potentially avoid lawsuits or regulatory audits. There are three areas of law related to computer security that are important to know about. For e.g. in US, the first is found in the United States Constitution which allows for protection against unreasonable search and seizure, and allows for protection against self-incrimination. Second, anyone concerned with computer forensics must know how three U.S. Statutory laws affect them: • Wiretap Act (18 U.S.C. 2510-22) • Pen Registers and Trap and Trace Devices Statute (18 U.S.C. 3121-27) • Stored Wired and Electronic Communication Act (18 U.S.C. 2701-120) Third, the U.S. Federal rules of evidence about hearsay, authentication, reliability, and best evidence must be understood. In the U.S. there are two primary areas of legal governance affecting cyber security actions related to the collection of network data: (1) authority to monitor and collect the data and (2) the admissibility of the collection methods. Of the three areas above, the U.S. Constitution and U.S. Statutory Laws primarily govern the collection process, while the Federal Rules of Evidence deal mostly with admissibility. Forensic Evidence Evidence usable in a court, specially the one obtained by scientific methods such as ballistics, blood test, and DNA test. Forensic evidence is evidence obtained by scientific methods such as ballistics, blood test, and DNA test and used in court. Forensic evidence often helps to establish the guilt or innocence of possible suspects. Analysis of forensic evidence is used in the investigation and prosecution of civil as well as criminal proceedings. Forensic evidence can be used to link crimes that are thought to be related to one another. For example, DNA evidence can link one offender to several different crimes or crime scenes. This linking of crimes helps the police authorities to narrow the range of possible suspects and to establish patterns of for crimes to identify and prosecute suspects. Common Types of Evidence Fragile or Transient Evidence - Hairs, fibers, glass, fractured objects - Shoe and tire impressions - Bare foot impressions (latent) - Bare foot impressions (in blood) - Fire accelerants (point of origin) - Body fluids (blood, semen, saliva) - Skin cells (items touched or worn) - Latent fingerprints - Gunshot residue and patterns Solid or Tangible Evidence - Tool marks (focus on point of entry) - Firearms - Other weapons (knives, clubs, etc.) - Fired bullets - Fired cartridge cases - Unfired cartridges - Drugs and paraphernalia - Documents (checks, notes, receipts) - Computers and devices 1. Fingerprints: Fingerprints are the most incriminating types of evidence used in criminal cases because it’s one of the most reliable forms of identification. No two people have the same fingerprint, making it a truly fundamental tool for accurate identification of criminals. Only when fingerprints can’t be traced back to a person with a criminal history do they have less power in an investigation. However, if the suspects can be narrowed down, their fingerprints can be tested to see which one matches.
2. Blood: Blood is an incriminating type of evidence for various reasons. DNA can be extracted from blood to find a criminal and blood type can be analyzed to help rule out suspects. Blood splatters can also help investigators piece together crime scenes and it provides more evidence to test. 3. Hair: Hair is another useful type of evidence that can bring police closer to a criminal. A strand of hair collected from a crime scene can be submitted for DNA testing. Forensic scientists may have a better chance at testing the DNA if the hair follicle is still intact. In addition, the color of a hair strand can also be used to rule out suspects whose hair does not match the recovered hair sample. 4. Skin: Although difficult to see at a crime scene, skin can be analyzed and tested to find a criminal. Like hair, skin samples can help determine the skin color of the person involved in the crime and DNA can be extracted for a more accurate identification of criminals. Skin can also be a harbinger of other evidence at the scene, which brings police closer to finding the criminal and understanding the crime in greater detail. 5. Written Documents: One of the worst things you can do as a criminal if you want to evade the law is write things down. Some criminals write in dairies, journals, letters and even e-mails to chronicle their plan of action or confess their guilt. Suspects may be in correspondence with others who can present these documents to police, or investigators may find such documents when searching a suspect’s home. 6. Semen: Semen can be used in several ways to verify rape accusations, as well as extract DNA to identify the criminal. Semen can also be analyzed and tested to determine if there was more than one person involved in a sexual crime. 7. Shoe Prints: Shoe prints are extremely useful in police investigations and they can be a very incriminating type of evidence. Police can tell by a lot about a shoe print, such as the make, model and size of a shoe, as well as the gender and approximate height of the person. Shoe prints also indicate the activity of the wearer when the print was made and, if the impressions are visible, police may be able to trace the criminal’s moves and follow their prints to the next destination, such as a nearby home or woods. 8. Videotapes/Photographs: Videotapes and photographs are both compelling and incriminating types of evidence. Whether the videos or photos capture the crime taking place or the people present during or after the crime, it is valuable evidence that can be used to rule out suspects and find the criminal. 9. Ballistics: Ballistics is the study of firearms and ammunition. This technical form of evidence includes shell casings, gun powder, bullets, gunshots and other firing characteristics of a weapon. Even the slightest remnants of a gunshot can be traced to a specific firearm, where it’s sold and its owner, if registered. Computer Forensics tools: Disk Forensics tools: CyberCheck Suite CyberCheck Suite is a comprehensive collection of disk forensics tools to perform data acquisition of digital evidence, analysis, data recovery and reporting TrueBack - Digital Evidence Seizure and Acquisition Tool CyberCheck - Data Recovery & Analysis Tool Mobile Forensics Tools- MobileCheck - Software solution for acquisition and analysis of mobile phones, smart phones, Personal Digital Assistants (PDA) and other mobile devices, Advik CDRAnalyzer - Software for analyzing Call Data Records of various service providers and SIMXtractor - Forensic solution for imaging and analyzing SIM cards. Live Forensics Tool Win-LiFT - Software solution for acquisitions and analysis of volatile data present in running Windows systems. Win-LiFT - Windows Based Live Forensics Tool Win-LiFT 2.0 is a Windows Based Live Forensics Tool consisting of Win-LiFT ImagerBuilder and Win-LiFT Analyzer. Live Forensics involves acquisition of volatile data from the Suspect's machine and analysis of the acquired data. Win-LiFT 2.0 enables volatile data acquisition Features Facility to enter case details Facility to select/deselect the list of volatile artifacts to be collected from the Suspect's system. Facility to select USB/Hard Disk drive to which the Win-LiFTImager tool is to be built. Win-LiFTImager - Forensic Volatile Data Acquisition Tool Win-LiFTImager is used for acquiring customized Live Forensics Data from Suspect's machine. Features Capturing following volatile artifacts from a running windows system to the USB device. System Information Stored Passwords System Users Screen Capture IP Configuration and Event Logs MD5 hashing of all acquired files. Log and Report Generation. Network Forensics ToolsNetForce Suite: NeSA - Packet Analysis Tool, CyberInvestigator- Log Analysis Tool EmailTracer -Email Tracing Tool PC Inspector File Recovery: PC Inspector File Recovery is a freely available forensic tool. This tool serves two main purposes. Firstly, to reveal the contents of all storage media attached to the computer system and, secondly, to recover any deleted data from the media. Encase®:
Encase is a commercial forensic tool developed by Guidance Software. It was introduced to the forensics market in 1998. Encase’s functionalities include disk imaging, data verification and data analysis. An important feature is the recovery of data through the inspection of unallocated spaces. We must remember that these unallocated spaces could contain information relevant to an investigation. Vital information such as last access, time created, and last modifications of a file are all provided by this tool. Forensic Tool Kit: Forensic Tool Kit is a commercial forensics tool developed by AccessData. This tool allows the CFS to view all files on the chosen storage device. A function of this tool includes immediate generation of hash values for files that are viewed within an investigation. Unlike the above mentioned forensic tools, Forensic Tool Kit does not support data recovery. Since the data discovery functionality of the tool is not effective, data analysis and recovery are both affected. In light of all this, it is important to mention that all investigations were conducted on a trial version of Forensic Tool Kit. Therefore, it is our view that the full version does incorporate more effective and comprehensive functionality

Recommandé

Cyber crime & security final tapan
Cyber crime & security final tapanCyber crime & security final tapan
Cyber crime & security final tapan
Tapan Khilar
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Muhammad Zeeshan Muzaffar
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
Dipesh Waghela
 
Cyber crime ✔
Cyber crime ✔Cyber crime ✔
Cyber crime ✔
hubbysoni
 
CYBER CRIME
CYBER CRIMECYBER CRIME
CYBER CRIME
amani kadope
 
Cybercrime: A Seminar Report
Cybercrime: A Seminar ReportCybercrime: A Seminar Report
Cybercrime: A Seminar Report
Arindam Sarkar
 
Cyber laws in India
Cyber laws in IndiaCyber laws in India
Cyber laws in India
saumi17
 
Cyber crime-140128140443-phpapp02 (1)
Cyber crime-140128140443-phpapp02 (1)Cyber crime-140128140443-phpapp02 (1)
Cyber crime-140128140443-phpapp02 (1)
Anshuman Tripathi
 

Recommandé

Cyber crime & security final tapan
Cyber crime & security final tapanCyber crime & security final tapan
Cyber crime & security final tapan
Tapan Khilar
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Muhammad Zeeshan Muzaffar
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
Dipesh Waghela
 
Cyber crime ✔
Cyber crime ✔Cyber crime ✔
Cyber crime ✔
hubbysoni
 
CYBER CRIME
CYBER CRIMECYBER CRIME
CYBER CRIME
amani kadope
 
Cybercrime: A Seminar Report
Cybercrime: A Seminar ReportCybercrime: A Seminar Report
Cybercrime: A Seminar Report
Arindam Sarkar
 
Cyber laws in India
Cyber laws in IndiaCyber laws in India
Cyber laws in India
saumi17
 
Cyber crime-140128140443-phpapp02 (1)
Cyber crime-140128140443-phpapp02 (1)Cyber crime-140128140443-phpapp02 (1)
Cyber crime-140128140443-phpapp02 (1)
Anshuman Tripathi
 
Cyber crime.pptx
Cyber crime.pptxCyber crime.pptx
Cyber crime.pptx
Dawood Faheem Abbasi
 
Cyber security and cyber laws
Cyber security and cyber lawsCyber security and cyber laws
Cyber security and cyber laws
Dr. Prashant Vats
 
Cyber crime
Cyber crime Cyber crime
Cyber crime
Jayant Raj
 
Hacking Vs Cracking in Computer Networks
Hacking Vs Cracking in Computer NetworksHacking Vs Cracking in Computer Networks
Hacking Vs Cracking in Computer Networks
Srikanth VNV
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime ppt
MOE515253
 
Cyber Crime
Cyber Crime Cyber Crime
Cyber Crime
bhavya mohindru
 
Cyber crimes in the digital age
Cyber crimes in the digital ageCyber crimes in the digital age
Cyber crimes in the digital age
atuljaybhaye
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Rohitha Sankar
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
Mazhar Nazik
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
Avinash Rajput
 
Cyber law
Cyber lawCyber law
Cyber law
Arnab Roy Chowdhury
 
Introduction to cybercrime
Introduction to cybercrime Introduction to cybercrime
Introduction to cybercrime
Anjana Ks
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Md. Atiqur Rahman
 
Cyber crime ppt new
Cyber crime ppt newCyber crime ppt new
Cyber crime ppt new
Onkar1431
 
Cybercrime presentation
Cybercrime presentationCybercrime presentation
Cybercrime presentation
Rajat Jain
 
Cyber crime presentation
Cyber crime presentation Cyber crime presentation
Cyber crime presentation
Priya Saluja
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime ppt
Journalist Ish
 
cyber crime
cyber crimecyber crime
cyber crime
Mosuud jilani lipon
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
Md Nishad
 
It act and cyber crime
It act and cyber crimeIt act and cyber crime
It act and cyber crime
Dheeraj Dani
 
CYBER CRIME - A Threat To Internet Users
CYBER CRIME - A Threat To Internet UsersCYBER CRIME - A Threat To Internet Users
CYBER CRIME - A Threat To Internet Users
Aman Sharma
 
Cyber crime
Cyber crime Cyber crime
Cyber crime
Soreingam Ragui
 

Contenu connexe

Tendances

Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime ppt
MOE515253
 
Cyber crime presentation
Cyber crime presentation Cyber crime presentation
Cyber crime presentation
Priya Saluja
 

Tendances (20)

Cyber crime.pptx
Cyber crime.pptxCyber crime.pptx
Cyber crime.pptx
 
Cyber security and cyber laws
Cyber security and cyber lawsCyber security and cyber laws
Cyber security and cyber laws
 
Cyber crime
Cyber crime Cyber crime
Cyber crime
 
Hacking Vs Cracking in Computer Networks
Hacking Vs Cracking in Computer NetworksHacking Vs Cracking in Computer Networks
Hacking Vs Cracking in Computer Networks
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime ppt
 
Cyber Crime
Cyber Crime Cyber Crime
Cyber Crime
 
Cyber crimes in the digital age
Cyber crimes in the digital ageCyber crimes in the digital age
Cyber crimes in the digital age
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber law
Cyber lawCyber law
Cyber law
 
Introduction to cybercrime
Introduction to cybercrime Introduction to cybercrime
Introduction to cybercrime
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber crime ppt new
Cyber crime ppt newCyber crime ppt new
Cyber crime ppt new
 
Cybercrime presentation
Cybercrime presentationCybercrime presentation
Cybercrime presentation
 
Cyber crime presentation
Cyber crime presentation Cyber crime presentation
Cyber crime presentation
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime ppt
 
cyber crime
cyber crimecyber crime
cyber crime
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
It act and cyber crime
It act and cyber crimeIt act and cyber crime
It act and cyber crime
 

Similaire à Cyber Law & Forensics

cybersecurityawareness-presentation-170627121043.pdf
cybersecurityawareness-presentation-170627121043.pdfcybersecurityawareness-presentation-170627121043.pdf
cybersecurityawareness-presentation-170627121043.pdf
ssuserd25aae
 
English in written
English in writtenEnglish in written
English in written
azhar manap
 
Cyber crime final report
Cyber crime final report Cyber crime final report
Cyber crime final report
Shishupal Nagar
 

Similaire à Cyber Law & Forensics (20)

CYBER CRIME - A Threat To Internet Users
CYBER CRIME - A Threat To Internet UsersCYBER CRIME - A Threat To Internet Users
CYBER CRIME - A Threat To Internet Users
 
Cyber crime
Cyber crime Cyber crime
Cyber crime
 
Types Of Computer Crime
Types Of Computer CrimeTypes Of Computer Crime
Types Of Computer Crime
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
 
Cyber crime and security 1
Cyber crime and security 1Cyber crime and security 1
Cyber crime and security 1
 
Cyber Laws.ppt
Cyber Laws.pptCyber Laws.ppt
Cyber Laws.ppt
 
Module vi mis
Module vi misModule vi mis
Module vi mis
 
First Lecture- Cyber Security-Bangladesh.pptx
First Lecture- Cyber Security-Bangladesh.pptxFirst Lecture- Cyber Security-Bangladesh.pptx
First Lecture- Cyber Security-Bangladesh.pptx
 
UNIT 1.pptx
UNIT 1.pptxUNIT 1.pptx
UNIT 1.pptx
 
Computer crime
Computer crimeComputer crime
Computer crime
 
cybersecurityawareness-presentation-170627121043.pdf
cybersecurityawareness-presentation-170627121043.pdfcybersecurityawareness-presentation-170627121043.pdf
cybersecurityawareness-presentation-170627121043.pdf
 
Cyber security awareness presentation
Cyber security awareness presentationCyber security awareness presentation
Cyber security awareness presentation
 
CYBER.pptx
CYBER.pptxCYBER.pptx
CYBER.pptx
 
Cybercrime 111205224958-phpapp02
Cybercrime 111205224958-phpapp02Cybercrime 111205224958-phpapp02
Cybercrime 111205224958-phpapp02
 
English in written
English in writtenEnglish in written
English in written
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber Crime Types & Tips
Cyber Crime Types & TipsCyber Crime Types & Tips
Cyber Crime Types & Tips
 
Cyber crime final report
Cyber crime final report Cyber crime final report
Cyber crime final report
 

Plus de Harshita Ved

Plus de Harshita Ved (7)

Cyber Law & Forensics
Cyber Law & ForensicsCyber Law & Forensics
Cyber Law & Forensics
 
Cyber Law & Forensics
Cyber Law & ForensicsCyber Law & Forensics
Cyber Law & Forensics
 
Cyber Law & Forensics
Cyber Law & ForensicsCyber Law & Forensics
Cyber Law & Forensics
 
Cyber Crime Investigation
Cyber Crime InvestigationCyber Crime Investigation
Cyber Crime Investigation
 
Multimedia system, Architecture & Databases
Multimedia system, Architecture & DatabasesMultimedia system, Architecture & Databases
Multimedia system, Architecture & Databases
 
Ink jet and thermal printers
Ink jet and thermal printersInk jet and thermal printers
Ink jet and thermal printers
 
clock synchronization in Distributed System
clock synchronization in Distributed System clock synchronization in Distributed System
clock synchronization in Distributed System
 

Dernier

(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Call Girls in Nagpur High Profile
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Arindam Chakraborty, Ph.D., P.E. (CA, TX)
 
notes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptnotes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.ppt
MsecMca
 
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoorTop Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
dharasingh5698
 
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
Asst.prof M.Gokilavani
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
roncy bisnoi
 
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night StandCall Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
amitlee9823
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Call Girls in Nagpur High Profile
 

Dernier (20)

(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
(INDIRA) Call Girl Bhosari Call Now 8617697112 Bhosari Escorts 24x7
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
 
Intro To Electric Vehicles PDF Notes.pdf
Intro To Electric Vehicles PDF Notes.pdfIntro To Electric Vehicles PDF Notes.pdf
Intro To Electric Vehicles PDF Notes.pdf
 
chapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineeringchapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineering
 
Double Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueDouble Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torque
 
Unleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapUnleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leap
 
notes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.pptnotes on Evolution Of Analytic Scalability.ppt
notes on Evolution Of Analytic Scalability.ppt
 
Work-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxWork-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptx
 
Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - V
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . ppt
 
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoorTop Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
 
Block diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptBlock diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.ppt
 
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced LoadsFEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
 
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
 
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night StandCall Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In Bangalore ☎ 7737669865 🥵 Book Your One night Stand
 
NFPA 5000 2024 standard .
NFPA 5000 2024 standard .NFPA 5000 2024 standard .
NFPA 5000 2024 standard .
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
 

Cyber Law & Forensics

  • 1. UNIT-3: Introduction to computer and cyber-crimes. Cyber-crimes and related concepts, distinction between cyber-crimes and conventional crimes, Cyber criminals and their objectives. Kinds of cyber-crimes cyber stalking; cyber pornography, forgery and fraud, crime related to IPRs, cyber-terrorism; computer vandalism etc. Cyber forensics, computer forensics and the law, forensic evidence, computer forensic tools. 1. Introduction to computer and cyber crime Computer Crime: It is an act performed by the knowledgeable computer user generally known as hacker that illegally tries to steal company’s or individual’s private information. In some cases, the person or group of persons may be malicious and destroy or corrupt the computer or data file. Computer crime, or cybercrime, is crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. Debarati Halder and K. Jaishankar define cybercrimes as: "Offences that are committed against individuals or groups of individuals with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm, or loss, to the victim directly or indirectly, using modern telecommunication networks such as Internet (Chat rooms, emails, notice boards and groups) and mobile phones (SMS/MMS)". Such crimes may threaten a nation's security and financial health. Issues surrounding these types of crimes have become high-profile, particularly those surrounding hacking, copyright infringement, child pornography, and child grooming. There are also problems of privacy when confidential information is intercepted or disclosed, lawfully or otherwise. Difference between cyber-crime and computer crime “Computer Crime” encompasses crimes committed against the computer, the materials contained therein such as software and data, and its uses as a processing tool. These include hacking, denial of service attacks, unauthorized use of services and cyber vandalism. “Cyber Crime” describes criminal activities committed through the use of electronic communications media. One of the greatest concerns is with regard to cyber-fraud and identity theft through such methods as phishing, pharming, spoofing and through the abuse of online surveillance technology. There are also many other forms of criminal behaviour perpetrated through the use of information technology such as harassment, defamation, pornography, cyber terrorism, industrial espionage and some regulatory offences. 2. Cyber law and related concepts In the era of cyber world as the usage of computers became more popular, there was expansion in the growth of technology as well, and the term ‘Cyber’ became more familiar to the people. The evolution of Information Technology (IT) gave birth to the cyber space wherein internet provides equal opportunities to all the people to access any information, data storage, analyses etc. with the use of high technology. Due to increase in the number of netizens, misuse of technology in the cyberspace was clutching up which gave birth to cyber-crimes at the domestic and international level as well.  Cyber Crimes Actually Means: It could be hackers vandalizing your site, viewing confidential information, stealing trade secrets or intellectual property with the use of internet. It can also include ‘denial of services’ and viruses’ attacks preventing regular traffic from reaching your site. Cyber-crimes are not limited to outsiders except in case of viruses and with respect to security related cyber- crimes that usually done by the employees of particular company who can easily access the password and data storage of the company for their benefits. Cyber-crimes also include criminal activities done with the use of computers which further perpetuates crimes i.e. financial crimes, sale of illegal articles, pornography, online gambling, intellectual property crime, e-mail, spoofing, forgery, cyber defamation, cyber stalking, unauthorized access to Computer system, theft of information contained in the electronic form, e- mail bombing, physically damaging the computer system etc.  Classifications of Cyber Crimes: Cyber Crimes which are growing day by day, it is very difficult to find out what is actually a cyber- crime and what is the conventional crime so to come out of this confusion, cyber-crimes can be classified under different categories which are as follows: 1. Cyber Crimes against Persons: There are certain offences which affects the personality of individuals can be defined as:  Harassment via E-Mails: It is very common type of harassment through sending letters, attachments of files & folders i.e. via e- mails. At present harassment is common as usage of social sites i.e. Facebook, Twitter etc. increasing day by day.  Cyber-Stalking: It means expressed or implied a physical threat that creates fear through the use to computer technology such as internet, e-mail, phones, text messages, webcam, websites or videos.  Dissemination of Obscene Material: It includes Indecent exposure/ Pornography (basically child pornography), hosting of web site containing these prohibited materials. These obscene matters may cause harm to the mind of the adolescent and tend to deprave or corrupt their mind.  Defamation: It is an act of imputing any person with intent to lower down the dignity of the person by hacking his mail account and sending some mails with using vulgar language to unknown persons mail account.  Hacking: It means unauthorized control/access over computer system and act of hacking completely destroys the whole data as well as computer programmers. Hackers usually hacks telecommunication and mobile network.  Cracking: It is amongst the gravest cybercrimes known till date. It is a dreadful feeling to know that a stranger has broken into your computer systems without your knowledge and consent and has tampered with precious confidential data and information.
  • 2.  E-Mail Spoofing: A spoofed e-mail may be said to be one, which misrepresents its origin. It shows its origin to be different from which actually it originates. Email Spoofing is changing the email header so it looks like it’s coming from someone else. This is sadly easy to do. This is also used to try to trick people into giving out personal information. This is illegal under the CAN-SPAM Act.  SMS Spoofing: Spoofing is a blocking through spam which means the unwanted uninvited messages. Here an offender steals identity of another in the form of mobile phone number and sending SMS via internet and receiver gets the SMS from the mobile phone number of the victim. It is very serious cyber-crime against any individual.  Carding: It means false ATM cards i.e. Debit and Credit cards used by criminals for their monetary benefits through withdrawing money from the victim’s bank account mala-fidely. There is always unauthorized use of ATM cards in this type of cybercrimes.  Cheating & Fraud: It means the person who is doing the act of cyber-crime i.e. stealing password and data storage has done it with having guilty mind which leads to fraud and cheating.  Child Pornography: It involves the use of computer networks to create, distribute, or access materials that sexually exploit underage children.  Assault by Threat: refers to threatening a person with fear for their lives or lives of their families through the use of a computer network i.e. E-mail, videos or phones. 2. Crimes Against Persons Property: As there is rapid growth in the international trade where businesses and consumers are increasingly using computers to create, transmit and to store information in the electronic form instead of Conventional paper documents. There are certain offences which affects person’s property which are as follows:  Intellectual Property Crimes: Intellectual property consists of a bundle of rights. Any unlawful act by which the owner is deprived completely or partially of his rights is an offence. The common form of IPR violation may be said to be software piracy, infringement of copyright, trademark, patents, designs and service mark violation, theft of computer source code, etc.  Cyber Squatting: It means where two persons claim for the same Domain Name either by claiming that they had registered the name first on by right of using it before the other or using something similar to that previously. For example, two similar names i.e. www.yahoo.com and www.yaahoo.com.  Cyber Vandalism: Vandalism means deliberately destroying or damaging property of another. Thus cyber vandalism means destroying or damaging the data when a network service is stopped or disrupted. It may include within its purview any kind of physical harm done to the computer of any person. These acts may take the form of the theft of a computer, some part of a computer or a peripheral attached to the computer.  Hacking Computer System: Hacktivism attacks those included Famous Twitter, blogging platform by unauthorized access/control over the computer. Due to the hacking activity there will be loss of data as well as computer. Also research especially indicates that those attacks were not mainly intended for financial gain too and to diminish the reputation of particular person or company.  Transmitting Virus: Viruses are programs that attach themselves to a computer or a file and then circulate themselves to other files and to other computers on a network. They usually affect the data on a computer, either by altering or deleting it. Worm attacks plays major role in affecting the computerize system of the individuals.  Cyber Trespass: It means to access someone’s computer without the right authorization of the owner and does not disturb, alter, misuse, or damage data or system by using wireless internet connection.  Internet Time Thefts: Basically, Internet time theft comes under hacking. It is the use by an unauthorized person, of the Internet hours paid for by another person. The person who gets access to someone else’s ISP user ID and password, either by hacking or by gaining access to it by illegal means, uses it to access the Internet without the other person’s knowledge. You can identify time theft if your Internet time has to be recharged often, despite infrequent usage. 3. Cybercrimes Against Government: There are certain offences done by group of persons intending to threaten the international governments by using internet facilities. It includes:  Cyber Terrorism: Cyber terrorism is a major burning issue in the domestic as well as global concern. The common form of these terrorist attacks on the Internet is by distributed denial of service attacks, hate websites and hate e-mails, attacks on sensitive computer networks etc. Cyber terrorism activities endanger the sovereignty and integrity of the nation.  Cyber Warfare: It refers to politically motivated hacking to conduct sabotage and espionage. It is a form of information warfare sometimes seen as analogous to conventional warfare although this analogy is controversial for both its accuracy and its political motivation.  Distribution of pirated software: It means distributing pirated software from one computer to another intending to destroy the data and official records of the government.  Possession of Unauthorized Information: It is very easy to access any information by the terrorists with the aid of internet and to possess that information for political, religious, social, ideological objectives. 4. Cybercrimes Against Society at large: An unlawful act done with the intention of causing harm to the cyberspace will affect large number of persons. These offences includes:
  • 3.  Child Pornography: It involves the use of computer networks to create, distribute, or access materials that sexually exploit underage children. It also includes activities concerning indecent exposure and obscenity.  Cyber Trafficking: It may be trafficking in drugs, human beings, arms weapons etc. which affects large number of persons. Trafficking in the cyberspace is also a gravest crime.  Online Gambling: Online fraud and cheating is one of the most lucrative businesses that are growing today in the cyber space. There are many cases that have come to light are those pertaining to credit card crimes, contractual crimes, offering jobs, etc.  Financial Crimes: This type of offence is common as there is rapid growth in the users of networking sites and phone networking where culprit will try to attack by sending bogus mails or messages through internet. Ex: Using credit cards by obtaining password illegally.  Forgery: It means to deceive large number of persons by sending threatening mails as online business transactions are becoming the habitual need of today’s life style. Case Study-Attacks on Cyberspace:  Worm Attack: The Robert Tappan Morris well Known as First Hacker, Son of former National Security Agency Scientist Robert Morris, was the first person to be prosecuted under the ‘Computer and Fraud Act, 1986’. He has created worm while at Cornell as student claiming that he intended to use the worm to check how large the internet was that time. The worm was uncontrollable due to which around 6000 computer machines were destroyed and many computers were shut down until they had completely malfunctioned. He was ultimately sentenced to three years’ probation, 400 hours of community service and assessed a fine of $10500. So there must be strict laws to punish the criminals who are involved in cybercrime activities.  Hacker Attack: Fred Cohen, a Ph.D. student at the University of Southern California wrote a short program in the year 1983, as an experiment, that could “infect” computers, make copies of itself, and spread from one machine to another. It was beginning & it was hidden inside a larger, legitimate program, which was loaded into a computer on a floppy disk and many computers were sold which can be accommodate at present too. Other computer scientists had warned that computer viruses were possible, but Cohen’s was the first to be documented. A professor of his suggested the name “virus”. Cohen now runs a computer security firm.  Internet Hacker: Wang Qun, who was known by the nickname of “playgirl”, was arrested by Chinese police in the Hubei province first ever arrest of an internet hacker in China. He was a 19-year-old computing student, arrested in connection with the alleged posting of pornographic material on the homepages of several government-run web sites. Wang had openly boasted in internet chat rooms that he had also hacked over 30 other web sites too. Phishing is a scam where an official-looking email is sent to an unsuspecting user to try to trick them out of their username, password, or other information. They are usually directed to click onto a link that goes to a fake (spoofed) version of a real organizations website. This is called Pagejacking. The address bar can even be altered so it appears to be the official website. If you ever get an email requesting that you verify information by clicking on a link, you should insteadGO DIRECTLY TO THEIR WEBSITE WITHOUT CLICKING ON THE LINK, to verify it. Lately phishing is even occurring in instant message programs that appear to be coming from a friends IM signature. Always be cautious in this situation. Vishing is short for 'Voice phishing' and is the latest scam. It may start with an email or it may start with a phone call. These calls can be very believable because often the caller already has your credit card number and just needs you to verify the 3-digit security code on the back of your card. Or it could be an automated system asking you to type in your credit card or account number to verify who you are, which sounds realistic enough. Keystroke Phishing is when a Trojan program is unknowingly downloaded onto your computer that tracks the keystrokes you enter into the computer, and sends it back to the scammer, who hopes to get a username and password from it. Identity Theft is where a person gathers your personal information and poses as you to get credit, merchandise, services, or to use the identity to commit other crimes. They obtain this personal information by phishing, database cracking, or survey. Survey is seemingly innocent questions about mother's maiden name, children and pet names, and birth dates that can give access to a surprising amount of passwords and usernames. Once a phisher has your credit card number it can be sold to someone who then creates a credit card to use on an ATM machine. Identity theft is spreading on the internet, but surprisingly it is still safer to give out your credit card number on the internet then to give it to an unknown salesperson or waiter. 97% of all identity theft crimes are caused from offline instances, not online. For instance, two places that identity thieves get your information from are your mailbox, and your trash can. Protect Yourself from Identity Theft  Cross-shed documents  Review your credit report twice a year  Be aware of billing cycles and put vacation holds on mail  Never reveal your Social Security number unless absolutely necessary  Don't carry seldom used credit cards or unnecessary id's  Be aware that identity stealers are not always strangers  Don't give out personal information over the phone, mail or posts on the internet
  • 4.  Take out the hard drive from a computer and destroy it before discarding. Even if deleted, personal information can still be recovered from a computer's hard drive Cookie Poisoning is the modification of cookies that are put on your computer by an attacker to gain information about a user. Spyware is software that is downloaded onto a user’s computer without his knowledge and used for malevolent purposes. It can be downloaded simply by going to a website (called Drive-by Downloads), or it can be downloaded unknowingly while installing another program. Spyware can crash computers, slow performance, track emails and visited websites, and track keystrokes that capture the user’s personal information. Programs such as Spybot, Spy Sweeper, and Ad-Aware can be good for checking and removing these unwanted harmful programs from your computer. Malware is the malicious software that is developed for the purpose of doing harm. Malware examples are Computer Viruses, Worms, and Trojan horses. A Worm is a self-replicating virus that continues to duplicate itself taking up memory and resources. A Trojan horse is a hidden program that later gains control and causes damage to your computer. Wardriving is the practice of driving around in a vehicle with a Wi-Fi enabled laptop looking for available signals to use. Wardriving steals internet access and is considered a crime of telecommunications theft. Wireless signals can be transmitted 500 feet or more and should be protected with passwords. Pod Slurping is stealing data by use of iPods, or downloading malicious software via iPods. Cyberstalking is a crime where the attacker harasses the victim using electronic communication such as email, IM's, chat rooms, discussion groups. Cyber stalkers rely on the anonymity of the Internet thinking they cannot be caught. This may continue to actual physical stalking. Federal law imposes a $1,000 fine or 5 years’ imprisonment for anyone transmitting in interstate commerce a threat to injure or kidnap someone. Trojan Horse: A deceptive program that steals passwords. Trapdoors: Gains entry through access points for system maintenance. Spoofing: Tie up network computers by sending them tons of bogus enquiries. Data Didding: A fraud that input involves input manipulation. Salami Technique- Thin slices of information are removed and send to other accounts. Distributed DOS A distributed denial of service (DoS) attack is accomplished by using the Internet to break into computers and using them to attack a network. Hundreds or thousands of computer systems across the Internet can be turned into “zombies” and used to attack another system or website. Types of DOS There are three basic types of attack: a. Consumption of scarce, limited, or non-renewable resources like NW bandwidth, RAM, CPU time. Even power, cool air, or water can affect. b. Destruction or Alteration of Configuration Information c. Physical Destruction or Alteration of Network Components Preventive Measures for Cyber Crimes: Prevention is always better than cure. A netizen should take certain precautions while operating the internet and should follow certain preventive measures for cyber-crimes which can be defined as:  Identification of exposures through education will assist responsible companies and firms to meet these challenges.  One should avoid disclosing any personal information to strangers via e-mail or while chatting.  One must avoid sending any photograph to strangers by online as misusing of photograph incidents increasing day by day.  An update Anti-virus software to guard against virus attacks should be used by all the netizens and should also keep back up volumes so that one may not suffer data loss in case of virus contamination.  A person should never send his credit card number to any site that is not secured, to guard against frauds.
  • 5.  It is always the parents who have to keep a watch on the sites that your children are accessing, to prevent any kind of harassment or depravation in children.  Web site owners should watch traffic and check any irregularity on the site. It is the responsibility of the web site owners to adopt some policy for preventing cyber-crimes as number of internet users are growing day by day.  Web servers running public sites must be physically separately protected from internal corporate network.  It is better to use a security programmer by the body corporate to control information on sites.  Strict statutory laws need to be passed by the Legislatures keeping in mind the interest of netizens.  IT department should pass certain guidelines and notifications for the protection of computer system and should also bring out with some more strict laws to breakdown the criminal activities relating to cyberspace.  As Cyber Crime is the major threat to all the countries worldwide, certain steps should be taken at the international level for preventing the cybercrime.  A complete justice must be provided to the victims of cyber-crimes by way of compensatory remedy and offenders to be punished with highest type of punishment so that it will anticipate the criminals of cyber-crime. Conventional Crime Vs Cyber Crime S.NO. Cyber Crime Conventional Crime 1. One of the differences between cybercrime and Conventional crime is the evidence of the offenses. cybercriminals rely on the Internet via which they commit their crimes, and it leaves very little evidence about the cybercrime. Forensic investigators usually experience great difficulty in gathering evidence that could lead to the conviction of cybercriminals Conventional criminals usually leave traces of a crime, through either fingerprints or other physical evidences 2. since these criminals can freely change their identities. The Internet also allows the anonymity of its users, and this implies that cybercriminals can use any pseudonyms for their identification. it is difficult for Conventional criminals to fake them gender, race, or age. 3. this leads to the second difference between Conventional and cybercrimes, length of investigations. Since cybercrime involves perpetrators using falsified names and working from remote locations, it usually takes longer to identify the real cybercriminals and apprehend them. In most cases, cybercriminals (such as hackers) escape from arrest because the investigators cannot locate them. Conventional crimes take shorter time period to investigate because the criminals usually leave evidence that can be used to spot them. For instance, Conventional criminals can leave evidence such as DNA, fingerprints, photographs and videos captured on surveillance cameras, or personal belongings such as identity cards, and this makes it easy for investigators to identify and capture the culprits. In addition, such evidence makes it easy for the judiciary to convict the offenders. 4. difference between Conventional crimes and cybercrimes is the force involved. Cybercrimes do not require the use of any force since the criminals merely use the identities of their victims to steal from them. For ex, cybercriminals use spoofing and phishing to obtain personal information such as credit card numbers from their victims, or use encrypted emails to coordinate violence remotely. Most of the Conventional crimes (such as rape, murder, arson, and burglary among others) involve the use of excessive force that results in physical injury and trauma on the victims. Cyber criminals and their objectives  Hacking for fun- to prove their technical skills in breaching digital security systems. Such hackers are not interested in the information they access from hacking other computers.  Criminal gain- to defraud their victims by accessing and manipulating their personal data. Such hackers use financial information and passwords of the victims to transfer their funds into private accounts, and this may result in massive financial losses to the victims.  Making statements (hacktivists)- to make ideological or political points by stealing classified information from business and government databases. In most cases, the hackers attack these organizations to protest against inactivity by the government in addressing various issues or injustices perpetrated by private businesses.  Improving security (blue hat hackers)- Such individuals are usually employed to identify any vulnerabilities and bugs in the digital security systems of companies. This helps the companies in improving the safety of their systems and prevent attacks by malicious hackers. This is done to find weaknesses, vulnerabilities, and bugs in computer systems.
  • 6.  Personal Profit- High Skilled IT professional are attracted by this dark side.  Curiosity- They start to search for information and end up stealing and selling  Disgruntled employees- with the increase independence on computers and the automation of processes, it is easier for disgruntled employees to do more harm to their employers by committing computer related crimes, which can bring entire systems down. Kinds of Cyber Crimes Cyberstalking Cyberstalking is the use of the Internet or other electronic means to stalk or harass an individual, a group, or an organization.[1] It may include false accusations, defamation, slander and libel. It may also include monitoring, identity theft, threats, vandalism, solicitation for sex, or gathering information that may be used to threaten or harass. Cyberstalking is often accompanied by real time or offline stalking.[2] Both are criminal offenses.[3] Both are motivated by a desire to control, intimidate or influence a victim.[4] A stalker may be an online stranger or a person whom the target knows. He may be anonymous and solicit involvement of other people online who do not even know the target. Cyberstalking is a criminal offense under various state anti-stalking, slander and harassment laws. A conviction can result in a restraining order, probation, or criminal penalties against the assailant, including jail. A number of key factors have been identified in cyberstalking:  False accusations. Many cyberstalkers try to damage the reputation of their victim and turn other people against them. They post false information about them on websites. They may set up their own websites, blogs or user pages for this purpose. They post allegations about the victim to newsgroups, chat rooms, or other sites that allow public contributions such as Wikipedia or Amazon.com.  Attempts to gather information about the victim. Cyberstalkers may approach their victim's friends, family and work colleagues to obtain personal information. They may advertise for information on the Internet, or hire a private detective  Monitoring their target's online activities and attempting to trace their IP address in an effort to gather more information about their victims.  Encouraging others to harass the victim. Many cyberstalkers try to involve third parties in the harassment. They may claim the victim has harmed the stalker or his/her family in some way, or may post the victim's name and telephone number in order to encourage others to join the pursuit.  False victimization. The cyberstalker will claim that the victim is harassing him/her. Bocij writes that this phenomenon has been noted in a number of well-known cases.  Attacks on data and equipment. They may try to damage the victim's computer by sending viruses.  Ordering goods and services. They order items or subscribe to magazines in the victim's name. These often involve subscriptions to pornography or ordering sex toys then having them delivered to the victim's workplace.  Arranging to meet. Young people face a particularly high risk of having cyberstalkers try to set up meetings between them.  The posting of defamatory or derogatory statements. Using web pages and message boards to incite some response or reaction from their victim. 1.1. Types 1. Staking by Strangers 2. Gender based Stalking 3. Of intimate partners 4. Of Celebrities and public person 5. Corporate Cyberstalking 6. Anonymous online mobs
  • 7. 1.2. Motives and profile Mental profiling of digital criminals has identified psychological and social factors that motivate stalkers as: envy; pathological obsession (professional or sexual); unemployment or failure with own job or life; intention to intimidate and cause others to feel inferior; the stalker is delusional and believes he/she "knows" the target; the stalker wants to instill fear in a person to justify his/her status; belief they can get away with it (anonymity); intimidation for financial advantage or business competition; revenge over perceived or imagined rejection. [30][31] Four types of cyberstalkers: Preliminary work by Leroy McFarlane and Paul Bocij has identified four types of cyberstalkers: the vindictive cyberstalkers noted for the ferocity of their attacks; the composed cyberstalker whose motive is to annoy; the intimate cyberstalker who attempts to form a relationship with the victim but turns on them if rebuffed; and collective cyberstalkers, groups with a motive. Cyber Pornography Cyber pornography is the act of using cyberspace to create, display, distribute, import, or publish pornography or obscene materials, especially materials depicting children engaged in sexual acts with adults. Cyber pornography is a criminal offense, classified as causing harm to persons. There is no settled definition of pornography or obscenity. What is considered simply sexually explicit but not obscene in USA may well be considered obscene in India. There have been many attempts to limit the availability of pornographic content on the Internet by governments and law enforcement bodies all around the world but with little effect. Pornography on the Internet is available in different formats. These range from pictures and short animated movies, to sound files and stories. The Internet also makes it possible to discuss sex, see live sex acts, and arrange sexual activities from computer screens. Although the Indian Constitution guarantees the fundamental right of freedom of speech and expression, it has been held that a law against obscenity is constitutional. The Supreme Court has defined obscene as “offensive to modesty or decency; lewd, filthy, repulsive. Section 67 of the IT Act is the most serious Indian law penalizing cyber pornography. Other Indian laws that deal with pornography include the Indecent Representation of Women (Prohibition) Act and the Indian Penal Code. Internet pornography is any pornography that is accessible over the Internet, primarily via websites, peer-to-peer file sharing, or Usenet newsgroups. The availability of widespread public access to the World Wide Web in 1991 led to the growth of Internet pornography. A 2015 study finds "a big jump" in pornography viewing over the past few decades, with the largest increase occurring between people born in the 1970s and those born in the 1980s. While the study's authors note this increase is "smaller than conventional wisdom might predict," it's still quite significant. Children born in the 1980s onward are also the first to grow up in a world where they have access to the Internet beginning in their teenage years, and this early exposure and access to Internet pornography may be the primary driver of the increase. 2. History and methods of distribution 2.1. Before the World Wide Web Pornography is regarded by some as one of the driving forces behind the expansion of the World Wide Web, like the camcorder VCR and cable television before it.[2] Pornographic images had been transmitted over the Internet as ASCII porn but to send images over network needed computers with graphics capability and also higher network bandwidth. 2.2. Usenet Groups Usenet newsgroups provided an early way of sharing images over the narrow bandwidth available in the early 1990s. Because of the network restrictions of the time, images had to be encoded as ascii text and then broken into sections before being posted to the Alt.binaries of the usenet. These files could then be downloaded and then reassembled before being decoded back to an image. 2.3. Free vs. commercial On the Web, there are both commercial and free pornography sites. The bandwidth usage of a pornography site is relatively high, and the income a free site can earn through advertising may not be sufficient to cover the costs of that bandwidth. 2.3.1. TGP The most common form of adult content is a categorized list (more often it's a table) of small pictures (called "thumbnails") linked to galleries. These sites are called a Thumbnail gallery post (TGP). As a rule, these sites sort thumbs by category and type of content available on a linked gallery. Sites containing thumbs that lead to galleries with video content are called MGP (Movie Gallery Post). The main benefit of TGP/MGP is that the surfer can get a first impression of the content provided by a gallery without actually visiting it. 2.3.2. Link lists Link lists unlike TGP/MGP sites do not display a huge amount of pictures. A link list is a (frequently) categorized web list of links to so called "free sites*", but unlike TGPs, links are provided in a form of text, not thumbs.
  • 8. 2.3.3. Usenet Another free source of pornography on the Internet are the Usenet newsgroups that were the first home to such material. Newsgroups tend to be poorly organized and flooded with content that is off-topic or spam. Commercial software and websites are available that allow browsing the images or videos on newsgroups, sometimes with galleries of thumbnail images. 2.3.4. Peer-to-peer Peer-to-peer file sharing networks provide another form of free access to pornography.  Child pornography The Internet has radically changed how child pornography is reproduced and disseminated, and, according to the United States Department of Justice, resulted in a massive increase in the "availability, accessibility, and volume of child pornography."[7] The production of child pornography has become very profitable, bringing in several billion dollars a year, and is no longer limited to pedophiles  Section 67 of the IT Act is the most serious Indian law penalizing cyber pornography. Other Indian laws that deal with pornography include the Indecent Representation of Women (Prohibition) Act and the Indian Penal Code. According to Section 67 of the IT Act Whoever publishes or transmits or causes to be published in the electronic form, any material which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave and corrupt persons who are likely, having regard to all relevant circumstances, to read, see or hear the matter contained or embodied in it, shall be punished on first conviction with imprisonment of either description for a term which may extend to five years and with fine which may extend to one lakh rupees and in the event of a second or subsequent conviction with imprisonment of either description for a term which may extend to ten years and also with fine which may extend to two lakh rupees. Forgery and Fraud Forgery is the process of making, adapting, or imitating objects, statistics, or documents with the intent to deceive for the sake of altering the public perception, or to earn profit by selling the forged item. Copies, studio replicas, and reproductions are not considered forgeries, though they may later become forgeries through knowing and willful misrepresentations. Forging money or currency is more often called counterfeiting. But consumer goods may also be counterfeits if they are not manufactured or produced by the designated manufacture or producer given on the label or flagged by the trademark symbol. When the object forged is a record or document it is often called a false document. How is Forgery Facilitated in order to Commit Identity Theft? Forgery charges can span the realm of legality; both the nature, as well as the crime itself – with regard to any or all the victims involved – with allow for a shift within the respective setting in which the act of forgery takes place: Electronic Forgery The misuse of computer networks, the internet, and various avenues within the online community in order to defraud potential victims of identity theft is classified as electronic – or online forgery. Electronic Forgery is quite common within the digital age, which can include the illegal and unlawful reproduction of endorsements in the form of electronic signatures in order to illicitly assume the identity of the victim of identity theft. Financial Forgery Criminal – fraudulent - activity applicable to the events involving the exchange and circulation of monies or currency may be classified as financial forgery. Identity theft resulting from this type of forgery can occur in a variety of fashions, including fraudulent purchases through the use of finances – and financial information – belonging to the victims of this crime. Commercial Forgery Forgery involving business activities, commercial endeavors, or professional operation of the provision of products or services is classified as commercial forgery; items unlawfully purchased with illegal and illicit finances may result from identity theft. Governmental and Administrative Forgery Administrative forgery includes the vast expanses of laws, acts, ordinances, and legislation with regard to the Federal Government of the United States; identity theft in an administrative realm may include the unlawful duplication of documentation or the illegal officiating of government-mandated forms and requirements. How to Prevent Electronic Identity Theft Due to technological innovation, electronic identity theft is considered by many to be one of the most recently-developed crimes, credited – in part - to the ongoing advent of computer-based technology. This type of technology relies heavily on the Internet and online
  • 9. activity, and as a result, regulations and oversight of this type of activity has been expressed in the spectrum of preventative measures involving the cessation of electronic identity theft. Companies providing methods of Identity theft prevention - including Lifelock, which is one of the most widely-acclaimed and recognized – have employed protective measures ranging from securing online perimeters to communicative transmission inquiring about the validity of unsubstantiated activity; these types of companies have found their respective niche within the prevention of identity fraud upon providing protection in lieu of infringing on personal privacy. In law, fraud is deliberate deception to secure unfair or unlawful gain, or to deprive a victim of a legal right. Fraud itself can be a civil wrong (i.e., a fraud victim may sue the fraud perpetrator to avoid the fraud and/or recover monetary compensation), a criminal wrong (i.e., a fraud perpetrator may be prosecuted and imprisoned by governmental authorities) or it may cause no loss of money, property or legal right but still be an element of another civil or criminal wrong.[1] The purpose of fraud may be monetary gain or other benefits, such as obtaining a driver's license or qualifying for a mortgage by way of false statements.[2] A hoax is a distinct concept that involves deliberate deception without the intention of gain or of materially damaging or depriving a victim. Cyber fraud also refers to data break-ins, identity theft, and cyberbullying, all of which are seriously damaging. Tips for Avoiding Credit Card Fraud:  Don’t give out your credit card number online unless the site is secure and reputable. Sometimes a tiny icon of a padlock appears to symbolize a higher level of security to transmit data. This icon is not a guarantee of a secure site, but provides some assurance.  Don’t trust a site just because it claims to be secure.  Before using the site, check out the security/encryption software it uses.  Make sure you are purchasing merchandise from a reputable source.  Do your homework on the individual or company to ensure that they are legitimate?  Obtain a physical address rather than simply a post office box and a telephone number, and call the seller to see if the telephone number is correct and working.  Send an e-mail to the seller to make sure the e-mail address is active, and be wary of those that utilize free e-mail services where a credit card wasn’t required to open the account.  Consider not purchasing from sellers who won’t provide you with this type of information.  Check with the Better Business Bureau from the seller’s area.  Check out other websites regarding this person/company.  Don’t judge a person or company by their website; flashy websites can be set up quickly.  Be cautious when responding to special investment offers, especially through unsolicited e-mail.  Be cautious when dealing with individuals/companies from outside your own country.  If possible, purchase items online using your credit card. You can often dispute the charges if something goes wrong.  Make sure the transaction is secure when you electronically send your credit card number.  Keep a list of all your credit cards and account information along with the card issuer’s contact information. If anything looks suspicious or you lose your credit card(s), contact the card issuer immediately. Crime Related to IPR Intellectual property (IP) theft is defined as theft of material that is copyrighted, the theft of trade secrets, and trademark violations. Examples of copyrighted material commonly stolen online are computer software, recorded music, movies, and electronic games. Theft of trade secrets means the theft of ideas, plans, methods, technologies, or any sensitive information from all types of industries including manufacturers, financial service institutions, and the computer industry. A trademark violation involves counterfeiting or copying brand name products such as well-known types of shoes, clothing, and electronics equipment and selling them as the genuine or original product. The two forms of IP most frequently involved in cybercrime are copyrighted material and trade secrets. Piracy is a term used to describe IP theft—piracy of software, piracy of music, etc. Theft of IP affects the entire U.S. economy. Billions of dollars are lost every year to IP pirates. For example, thieves sell pirated computer software for games or programs to millions of Internet users. The company that actually produced the real product loses these sales and royalties rightfully due to the original creator. Cyber Terrorism
  • 10. Cyberterrorism is the act of Internet terrorism in terrorist activities, including acts of deliberate, large-scale disruption of computer networks, especially of personal computers attached to the Internet, by the means of tools such as computer viruses. Cyberterrorism is a controversial term. Some authors choose a very narrow definition, relating to deployments, by known terrorist organizations, of disruption attacks against information systems for the primary purpose of creating alarm and panic. By this narrow definition, it is difficult to identify any instances of cyberterrorism. Cyberterrorism can be also defined as the intentional use of computer, networks, and public internet to cause destruction and harm for personal objectives.[1] Objectives may be political or ideological since this can be seen as a form of terrorism. 3. Types of cyberterror capability The following three levels of cyberterror capability is defined by Monterey group  Simple-Unstructured: The capability to conduct basic hacks against individual systems using tools created by someone else. The organization possesses little target analysis, command and control, or learning capability.  Advanced-Structured: The capability to conduct more sophisticated attacks against multiple systems or networks and possibly, to modify or create basic hacking tools. The organization possesses an elementary target analysis, command and control, and learning capability.  Complex-Coordinated: The capability for a coordinated attack capable of causing mass-disruption against integrated, heterogeneous defenses (including cryptography). Ability to create sophisticated hacking tools. Highly capable target analysis, command and control, and organization learning capability. Examples:  In March 2013, the New York Times reported on a pattern of cyber-attacks against U.S. financial institutions believed to be instigated by Iran as well as incidents affecting South Korean financial institutions that originate with the North Korean government.[15]  In August 2013, media companies including the New York Times, Twitter and the Huffington Post lost control of some of their websites Tuesday after hackers supporting the Syrian government breached the Australian Internet company that manages many major site addresses. The Syrian Electronic Army, a hacker group that has previously attacked media organizations that it considers hostile to the regime of Syrian president Bashar al-Assad, claimed credit for the Twitter and Huffington Post hacks in a series of Twitter messages. Electronic records showed that NYTimes.com, the only site with an hours-long outage, redirected visitors to a server controlled by the Syrian group before it went dark.[28]  Pakistani Cyber Army is the name taken by a group of hackers who are known for their defacement of websites, particularly Indian, Chinese, and Israeli companies and governmental organizations, claiming to represent Pakistani nationalist and Islamic interests.[29] The group is thought to have been active since at least 2008,[30] and maintains an active presence on social media, especially Facebook. It's members have claimed responsibility for the hijacking of websites belonging to Acer, [31] BSNL,[32] India's CBI, Central Bank, and the State Government of Kerala. Cyberterrorism is an attractive option for modern terrorists for several reasons. • First, it is cheaper than traditional terrorist methods. All that the terrorist needs is a personal computer and an online connection. Terrorists do not need to buy weapons such as guns and explosives; instead, they can create and deliver computer viruses through a telephone line, a cable, or a wireless connection. • Second, cyberterrorism is more anonymous than traditional terrorist methods. Like many Internet surfers, terrorists use online nicknames—” screen names”—or log on to a website as an unidentified “guest user,” making it very hard for security agencies and police forces to track down the terrorists’ real identity. And in cyberspace there are no physical barriers such as checkpoints to navigate, no borders to cross, and no customs agents to outsmart. • Third, the variety and number of targets are enormous. The cyberterrorist could target the computers and computer networks of governments, individuals, public utilities, private airlines, and so forth. The sheer number and complexity of potential targets guarantee that terrorists can find weaknesses and vulnerabilities to exploit. Several studies have shown that critical infrastructures, such as electric power grids and emergency services, are vulnerable to a cyberterrorist attack because the infrastructures and the computer systems that run them are highly complex, making it effectively impossible to eliminate all weaknesses. • Fourth, cyberterrorism can be conducted remotely, a feature that is especially appealing to terrorists. Cyberterrorism requires less physical training, psychological investment, risk of mortality, and travel than conventional forms of terrorism, making it easier for terrorist organizations to recruit and retain followers. • Fifth, as the I LOVE YOU virus showed, cyberterrorism has the potential to affect directly a larger number of people than traditional terrorist methods, thereby generating greater media coverage, which is ultimately what terrorists want. Cyber Vandalism Vandalism is "action involving deliberate destruction of or damage to public or private property". Cyber vandals are individuals who damage information infrastructures purely for their own enjoyment and pleasure. Their primary motivation is not financial; it is the desire to prove that the feat could be accomplished. Once inside they leave their mark so there is no denying their presence. Computer vandalism is a type of malicious behaviour that involves damages computers and data in various ways and potentially disrupting businesses. Typical computer vandalism involves the creation of malicious programs designed to perform harmful tasks such as erasing hard drive data or extracting login credentials. Computer vandalism differs from viruses, which attach themselves to existing programs Types of computer vandals:
  • 11. In the early days of the development of malware, the majority of computer viruses and Trojans were created by students and other young programmers – plus some older, more experienced programmers. Today, there are still four main types of computer vandal:  Skilled students… showing off! In many cases, students – that have just mastered the use of a programming language – may want to try out their skills, test their ability, or prove how clever they are. Fortunately, many of these malware creators do not actually distribute their malware – instead, they may send the virus or worm virus to an antivirus company.  Inexperienced youths… assisted by the Internet Young people that haven’t quite mastered the art of programming may also turn to computer vandalism – sometimes to prove their ‘self-worth’. In the past, this resulted in primitive viruses. However, there are now numerous websites that explain how to write and distribute computer viruses – and how viruses can sidestep antivirus software. So the Internet has made it much easier for the inexperienced to create their own viruses.  ‘Professional developers’ As young virus writers mature; their experience can make their activities much more dangerous. Older, talented programmers can create very ‘professional’ computer viruses. These can be sophisticated programs that use innovative methods to intrude into data system domains, or can exploit security vulnerabilities within operating environments, capitalize on social engineering, or use a range of other tricks.  Researchers These are shrewd programmers that are capable of inventing new methods of infecting computers, concealing the infection, and resisting the actions of antivirus software. The programmer’s objective is to research the potential of ‘computer fauna’. The programmer may choose not to spread their creations – but actively promote their ideas, via numerous Internet resources that are devoted to the creation of computer viruses. Those ideas and ‘research viruses’ may then be used by malicious individuals or criminals. Various vandal A vandal is an executable file, usually an applet or an ActiveX control, associated with a Web page that is designed to be harmful, malicious, or at the very least inconvenient to the user. Since such applets or little application programs can be embedded in any HTML file, they can also arrive as an e-mail attachment or automatically as the result of being pushed to the user. Vandals can be viewed as viruses that can arrive over the Internet stuck to a Web page. Vandals are sometimes referred to as "hostile applets." Vandals can be harmful in two general ways:  They can get access to sensitive information within the computer system where they execute, such as passwords and encryption keys.  They can cause loss or denial of service within the local computer system. For example, they can flood the system with data so that it runs out of memory, or they can slow down Internet connections. The best way to protect yourself against a hostile applet is to know who you are downloading a Web page from or who has sent you an HTML page as an e-mail attachment. Major corporate Web sites or major Web publishers are unlikely to be the source of a vandal (but it can happen). One recent scam in late 1997 involved a pornography site that invited the downloading of a page whose ActiveX control reconnected the user to the Web through an expensive international phone number. In another incident, a group of German crackers demonstrated an ActiveX control that could transfer funds from one bank account to another without having to enter a user identification number. 2. How to protect yourself against Computer Vandalism Anti-malware software is vital in defending your computer, mobile devices, and data against computer vandalism, viruses, worms, Trojans, and other malware. Recent Events  Unidentified hackers gained access to the United States Justice Department's Web site on Aug. 16 and replaced it with a hate-filled diatribe labeled the ``Department of Injustice'' that included a swastika and a picture of Adolf Hitler. "  Prosecutors in Fairfax County, Virginia, filed criminal charges against two Georgia Mason University students for hacking their way into university computers and sending derogatory e-mail under the names of random students and staff members. Cyber Squatting: cybersquatting is registering, trafficking in, or using a domain name with bad-faith intent to profit from the goodwill of a trademark belonging to someone else. The term derives from squatting, the practice of inhabiting someone else's property without their permission. Many cybersquatters reserve common English words, reasoning that sooner or later someone will want to use one for their Web site. Another target is mis-typed spellings of popular web sites. Cybersquatters will also regularly comb lists of recently expired domain names, hoping to sell back the domain name to a registrant who inadvertently let his domain name expire. Since there is an initial and yearly fee for owning a domain name, some cybersquatters reserve a long list of names and defer paying for them until forced to - preempting their use by others at no cost to themselves. The registry companies are working on this problem. Meanwhile, the Internet Corporation for Assigned Names and Numbers (ICANN), which licenses the domain name registrars, is working
  • 12. on a process for resolving domain name disagreements outside of the regular court system. Although trademark laws may offer some protection, it is often cheaper to buy the domain name from the cybersquatters than it is to sue for its use. Cyber Forensics: Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law. The goal of computer forensics is to perform a structured investigation while maintaining a documented chain of evidence to find out exactly what happened on a computing device and who was responsible for it. Two basic types of data are collected in computer forensics. Persistent data is the data that is stored on a local hard drive (or another medium) and is preserved when the computer is turned off. Volatile data is any data that is stored in memory, or exists in transit, that will be lost when the computer loses power or is turned off. Volatile data resides in registries, cache, and random access memory (RAM). Since volatile data is ephemeral, it is essential an investigator knows reliable ways to capture it. Forensic investigators typically follow a standard set of procedures:  After physically isolating the device in question to make sure it cannot be accidentally contaminated; investigators make a digital copy of the device's storage media.  Once the original media has been copied, it is locked in a safe or other secure facility to maintain its pristine condition. All investigation is done on the digital copy.  Investigators use a variety of techniques and proprietary software forensic applications to examine the copy, searching hidden folders and unallocated disk space for copies of deleted, encrypted, or damaged files.  Any evidence found on the digital copy is carefully documented in a "finding report" and verified with the original in preparation for legal proceedings that involve discovery, depositions, or actual litigation. Computer forensics has become its own area of scientific expertise, with accompanying coursework and certification. 1. Disk Forensics 2. Network Forensics 3. Mobile Device Forensics 4. Live Forensics. 5. Memory Forensics 6. Multimedia Forensics 7. Internet Forensics Forensic process Computer forensic investigations usually follow the standard digital forensic process or phases: acquisition, examination, analysis and reporting. Investigations are performed on static data (i.e. acquired images) rather than "live" systems. This is a change from early forensic practices where a lack of specialist tools led to investigators commonly working on live data. 1.1. Techniques A number of techniques are used during computer forensics investigations and much has been written on the many techniques used by law enforcement in particular. Cross-drive analysis A forensic technique that correlates information found on multiple hard drives. The process, still being researched, can be used to identify social networks and to perform anomaly detection. Live analysis The examination of computers from within the operating system using custom forensics or existing sysadmin tools to extract evidence. The practice is useful when dealing with Encrypting File Systems, for example, where the encryption keys may be collected and, in some instances, the logical hard drive volume may be imaged (known as a live acquisition) before the computer is shut down. Deleted files A common technique used in computer forensics is the recovery of deleted files. Modern forensic software have their own tools for recovering or carving out deleted data.[11] Most operating systems andfile systems do not always erase physical file data, allowing investigators to reconstruct it from the physical disk sectors. File carving involves searching for known file headers within the disk image and reconstructing deleted materials. Stochastic forensics A method which uses stochastic properties of the computer system to investigate activities lacking digital artifacts. Its chief use is to investigate data theft. Steganography One of the techniques used to hide data is via steganography, the process of hiding data inside of a picture or digital image. An example would be to hide pornographic images of children or other information that a given criminal does not want to have discovered. Computer
  • 13. forensics professionals can fight this by looking at the hash of the file and comparing it to the original image (if available.) While the image appears exactly the same, the hash changes as the data changes. Computer Forensics and the Law Legal issues may confuse or distract from a computer examiner’s findings. An example here would be the ‘Trojan Defense. A Trojan is a piece of computer code disguised as something benign but which carries a hidden and malicious purpose. Trojans have many uses, and include key-logging), uploading and downloading of files and installation of viruses. A lawyer may be able to argue that actions on a computer were not carried out by a user but were automated by a Trojan without the user’s knowledge; such a Trojan Defense has been successfully used even when no trace of a Trojan or other malicious code was found on the suspect’s computer. In such cases, a competent opposing lawyer, supplied with evidence from a competent computer forensic analyst, should be able to dismiss such an argument. Increasingly, laws are being passed that require organizations to safeguard the privacy of personal data. It is becoming necessary to prove that your organization is complying with computer security best practices. If there is an incident that affects critical data, for instance, the organization that has added a computer forensics capability to its arsenal will be able to show that it followed a sound security policy and potentially avoid lawsuits or regulatory audits. There are three areas of law related to computer security that are important to know about. For e.g. in US, the first is found in the United States Constitution which allows for protection against unreasonable search and seizure, and allows for protection against self-incrimination. Second, anyone concerned with computer forensics must know how three U.S. Statutory laws affect them: • Wiretap Act (18 U.S.C. 2510-22) • Pen Registers and Trap and Trace Devices Statute (18 U.S.C. 3121-27) • Stored Wired and Electronic Communication Act (18 U.S.C. 2701-120) Third, the U.S. Federal rules of evidence about hearsay, authentication, reliability, and best evidence must be understood. In the U.S. there are two primary areas of legal governance affecting cyber security actions related to the collection of network data: (1) authority to monitor and collect the data and (2) the admissibility of the collection methods. Of the three areas above, the U.S. Constitution and U.S. Statutory Laws primarily govern the collection process, while the Federal Rules of Evidence deal mostly with admissibility. Forensic Evidence Evidence usable in a court, specially the one obtained by scientific methods such as ballistics, blood test, and DNA test. Forensic evidence is evidence obtained by scientific methods such as ballistics, blood test, and DNA test and used in court. Forensic evidence often helps to establish the guilt or innocence of possible suspects. Analysis of forensic evidence is used in the investigation and prosecution of civil as well as criminal proceedings. Forensic evidence can be used to link crimes that are thought to be related to one another. For example, DNA evidence can link one offender to several different crimes or crime scenes. This linking of crimes helps the police authorities to narrow the range of possible suspects and to establish patterns of for crimes to identify and prosecute suspects. Common Types of Evidence Fragile or Transient Evidence - Hairs, fibers, glass, fractured objects - Shoe and tire impressions - Bare foot impressions (latent) - Bare foot impressions (in blood) - Fire accelerants (point of origin) - Body fluids (blood, semen, saliva) - Skin cells (items touched or worn) - Latent fingerprints - Gunshot residue and patterns Solid or Tangible Evidence - Tool marks (focus on point of entry) - Firearms - Other weapons (knives, clubs, etc.) - Fired bullets - Fired cartridge cases - Unfired cartridges - Drugs and paraphernalia - Documents (checks, notes, receipts) - Computers and devices 1. Fingerprints: Fingerprints are the most incriminating types of evidence used in criminal cases because it’s one of the most reliable forms of identification. No two people have the same fingerprint, making it a truly fundamental tool for accurate identification of criminals. Only when fingerprints can’t be traced back to a person with a criminal history do they have less power in an investigation. However, if the suspects can be narrowed down, their fingerprints can be tested to see which one matches.
  • 14. 2. Blood: Blood is an incriminating type of evidence for various reasons. DNA can be extracted from blood to find a criminal and blood type can be analyzed to help rule out suspects. Blood splatters can also help investigators piece together crime scenes and it provides more evidence to test. 3. Hair: Hair is another useful type of evidence that can bring police closer to a criminal. A strand of hair collected from a crime scene can be submitted for DNA testing. Forensic scientists may have a better chance at testing the DNA if the hair follicle is still intact. In addition, the color of a hair strand can also be used to rule out suspects whose hair does not match the recovered hair sample. 4. Skin: Although difficult to see at a crime scene, skin can be analyzed and tested to find a criminal. Like hair, skin samples can help determine the skin color of the person involved in the crime and DNA can be extracted for a more accurate identification of criminals. Skin can also be a harbinger of other evidence at the scene, which brings police closer to finding the criminal and understanding the crime in greater detail. 5. Written Documents: One of the worst things you can do as a criminal if you want to evade the law is write things down. Some criminals write in dairies, journals, letters and even e-mails to chronicle their plan of action or confess their guilt. Suspects may be in correspondence with others who can present these documents to police, or investigators may find such documents when searching a suspect’s home. 6. Semen: Semen can be used in several ways to verify rape accusations, as well as extract DNA to identify the criminal. Semen can also be analyzed and tested to determine if there was more than one person involved in a sexual crime. 7. Shoe Prints: Shoe prints are extremely useful in police investigations and they can be a very incriminating type of evidence. Police can tell by a lot about a shoe print, such as the make, model and size of a shoe, as well as the gender and approximate height of the person. Shoe prints also indicate the activity of the wearer when the print was made and, if the impressions are visible, police may be able to trace the criminal’s moves and follow their prints to the next destination, such as a nearby home or woods. 8. Videotapes/Photographs: Videotapes and photographs are both compelling and incriminating types of evidence. Whether the videos or photos capture the crime taking place or the people present during or after the crime, it is valuable evidence that can be used to rule out suspects and find the criminal. 9. Ballistics: Ballistics is the study of firearms and ammunition. This technical form of evidence includes shell casings, gun powder, bullets, gunshots and other firing characteristics of a weapon. Even the slightest remnants of a gunshot can be traced to a specific firearm, where it’s sold and its owner, if registered. Computer Forensics tools: Disk Forensics tools: CyberCheck Suite CyberCheck Suite is a comprehensive collection of disk forensics tools to perform data acquisition of digital evidence, analysis, data recovery and reporting TrueBack - Digital Evidence Seizure and Acquisition Tool CyberCheck - Data Recovery & Analysis Tool Mobile Forensics Tools- MobileCheck - Software solution for acquisition and analysis of mobile phones, smart phones, Personal Digital Assistants (PDA) and other mobile devices, Advik CDRAnalyzer - Software for analyzing Call Data Records of various service providers and SIMXtractor - Forensic solution for imaging and analyzing SIM cards. Live Forensics Tool Win-LiFT - Software solution for acquisitions and analysis of volatile data present in running Windows systems. Win-LiFT - Windows Based Live Forensics Tool Win-LiFT 2.0 is a Windows Based Live Forensics Tool consisting of Win-LiFT ImagerBuilder and Win-LiFT Analyzer. Live Forensics involves acquisition of volatile data from the Suspect's machine and analysis of the acquired data. Win-LiFT 2.0 enables volatile data acquisition Features Facility to enter case details Facility to select/deselect the list of volatile artifacts to be collected from the Suspect's system. Facility to select USB/Hard Disk drive to which the Win-LiFTImager tool is to be built. Win-LiFTImager - Forensic Volatile Data Acquisition Tool Win-LiFTImager is used for acquiring customized Live Forensics Data from Suspect's machine. Features Capturing following volatile artifacts from a running windows system to the USB device. System Information Stored Passwords System Users Screen Capture IP Configuration and Event Logs MD5 hashing of all acquired files. Log and Report Generation. Network Forensics ToolsNetForce Suite: NeSA - Packet Analysis Tool, CyberInvestigator- Log Analysis Tool EmailTracer -Email Tracing Tool PC Inspector File Recovery: PC Inspector File Recovery is a freely available forensic tool. This tool serves two main purposes. Firstly, to reveal the contents of all storage media attached to the computer system and, secondly, to recover any deleted data from the media. Encase®:
  • 15. Encase is a commercial forensic tool developed by Guidance Software. It was introduced to the forensics market in 1998. Encase’s functionalities include disk imaging, data verification and data analysis. An important feature is the recovery of data through the inspection of unallocated spaces. We must remember that these unallocated spaces could contain information relevant to an investigation. Vital information such as last access, time created, and last modifications of a file are all provided by this tool. Forensic Tool Kit: Forensic Tool Kit is a commercial forensics tool developed by AccessData. This tool allows the CFS to view all files on the chosen storage device. A function of this tool includes immediate generation of hash values for files that are viewed within an investigation. Unlike the above mentioned forensic tools, Forensic Tool Kit does not support data recovery. Since the data discovery functionality of the tool is not effective, data analysis and recovery are both affected. In light of all this, it is important to mention that all investigations were conducted on a trial version of Forensic Tool Kit. Therefore, it is our view that the full version does incorporate more effective and comprehensive functionality