Investigating visualisation techniques for rapid triage of digital forensic evidence

This study investigates the feasibility of a tool that allows digital forensics (DF) investigators to efficiently triage device datasets during the collection phase of an investigation. This tool utilises data visualisation techniques to display images found in near real-time to the end user. Findings indicate that participants were able to accurately identify contraband material whilst using this tool, however, classification accuracy dropped slightly with larger datasets. Combined with participant feedback, the results show that the proposed triage method is indeed feasible, and this tool provides a solid foundation for the continuation of further work

Cybercrime is (often) boring: maintaining the infrastructure of cybercrime economies

It is generally accepted that the widespread availability of specialist services has helped drive the growth of cybercrime in the past fifteen to twenty years. Individuals and groups involved in cybercrime no longer need to build their own botnet or send their own spam because they can pay others to do these things. What has seldom been remarked upon is the amount of tedious administrative and maintenance work put in by these specialist suppliers. There is much discussion of the technically sophisticated work of developing new strains of malware or identifying zero-day exploits but the mundane nature of the day to day tasks of operating infrastructure has been almost entirely overlooked. Running bulletproof hosting services, herding botnets, or scanning for reflectors to use in a denial of service attack is unglamorous and tedious work, and is little different in character from the activity of legitimate sysadmins. We provide three case studies of specialist services that underpin illicit economies and map out their characteristics using qualitative sociological research involving interviews with infrastructure providers and scraped data from webforums and chat channels. This enables us to identify some of the distinct cultural and economic factors which attend this infrastructural work and to note, in particular, how its boring nature leads to burnout and the withdrawal of services. This leads us to suggest ways in which this new understanding could open novel avenues for the disruption of cybercrime.This work was supported by the Engineering and Physical Sciences Research Council (EPSRC)

Re-territorialising the policing of cybercrime in the post-COVID-19 era:towards a new vision of local democratic cyber policing

Purpose: The purpose of this study is to develop the theorisation of cybercrime in the context of the pandemic, and to sketch out a vision of how law enforcement might respond to a transformed landscape of online crime and offending.Design/methodology/approach: This conceptual paper draws on empirical evidence from a range of sources (including official statistics) and the existing research literature, and revisits routine activities theory to illuminate the way that cybercrime patterns are being transformed by the pandemic.Findings: The pandemic is reshaping the routine activities of societies en masse, leading to changes in the ecology of risk and opportunity for cybercrime. There is evidence of a large increase in the prevalence of cybercrime as a result, yet much of this has a paradoxically “local” character.Practical implications: The authors identify specific practical implications for law enforcement, namely, that the role of local police in policing cybercrime should be re-envisioned, with a democratic, community-oriented approach at its heart. Originality/value: The theoretical perspective outlined is a novel and critical development of a well-established framework, opening up new paths to the theorisation of cybercrime and cybercrime policing. The authors’ suggestions for practitioners have the potential for direct impact, both at the level of practice and in terms of broader imaginaries and organisation of police and policing.</p

Investigating and Validating Scam Triggers: A Case Study of a Craigslist Website

The internet and digital infrastructure play an important role in our day-to-day live, and it has also a huge impact on the organizations and how we do business transactions every day. Online business is booming in this 21st century, and there are many online platforms that enable sellers and buyers to do online transactions collectively. People can sell and purchase products that include vehicles, clothes, and shoes from anywhere and anytime. Thus, the purpose of this study is to identify and validate scam triggers using Craigslist as a case study. Craigslist is one of the websites where people can post advertising to sell and buy personal belongings online. However, with the growing number of people buying and selling, new threats and scams are created daily. Private cars are among the most significant items sold and purchased over the craigslist website. In this regard, several scammers have been drawn by the large number of vehicles being traded over craigslist. Scammers also use this forum to cheat others and exploit the vulnerable. The study identified online scam triggers including Bad key words, dealers’ posts as owners, personal email, multiple location, rogue picture and voice over IP to detect online scams that exists in craigslist. The study also found over 360 ads from craigslist based on our scam trigger. Finally, the study validated each and every one of the scam triggers and found 53.31% of our data is likelihood to be considered as a scam

Networks, complexity and internet regulation: scale-free law

No description supplie

The Effects of Computer Crimes on the Management of Disaster Recovery

The effects of a technology disaster on an organization can include a prolonged disruption, loss of reputation, monetary damages, and the inability to remain in business. Although much is known about disaster recovery and business continuance, not much research has been produced on how businesses can leverage other technology frameworks to assist information technology disaster recovery. The problem was the lack of organizational knowledge to recover from computer crime interruptions given the maturity level of existing disaster recovery programs. The purpose of this Delphi study was to understand how disaster recovery controls and processes can be modified to improve response to a computer crime caused business interruption. The overarching research question in this study was to understand what factors emerge relative to the ability of disaster recovery programs to respond to disasters caused by computer crimes. The conceptual framework included a maturity model to look at how programs might be improved to respond to the computer crimes threat. Research data were collected from a 3 round Delphi study of 22 disaster recovery experts in the fields of disaster recovery and information security. Results from the Delphi encompass a consensus by the panel. Key findings included the need for planning for cyber security, aligning disaster recovery with cyber security, providing cyber security training for managers and staff, and applying lessons learned from experience. Implications for positive social change include the ability for organizations to return to an acceptable level of operation and continue their service benefiting employees, customers, and other stakeholders

Creation and Testing of a Semi-Automated Digital Triage Process Model

Digital forensics examiners have a growing problem caused by their own success. The need for digital forensics is increasing and so are the devices that need examining. Not only are the number of devices growing, but so is the amount of information those devices can hold. One result of this problem is a growing backlog that could soon overwhelm digital forensics labs across the country. One way to combat this growing problem is to use digital triage to find the most pertinent information first. Unfortunately, although several digital forensics models have been created, very few digital triage models have been developed. This results in most organizations, if they perform digital triage at all, performing digital triage in an untested ad hoc fashion that varies from office to office. This dissertation will contribute to digital forensics science by creating and testing a digital triage model. This model will be semi-automated to allow for the use by untrained users; it will be as operating system independent as possible; and it will allow the user to customize it based on a specific crime class or classes. The use of this model will decrease the amount of time it takes a digital triage examiner to make a successful assessment concerning evidence

The Evolving Challenges, Issues of Cybercrime, Law Enforcement Personnel, Preparedness, and Training

Cybercrime is an escalating phenomenon recognized by law enforcement personnel and others as a serious ever-increasing problem. The need is critical to equip police with cybercrime preparedness to combat and eradicate the problem. Cyber-attacks have negatively impacted the growing epidemic needing constructive solutions. The police personnel’s experiences provided essential cybercrime preparedness, acquired in diverse locations, and applied in the workplace with preventive cybercrime recommendations. Moustakas provided the overall design with theoretical underpinnings of the cybercrime phenomenon with a scientific design. The sample size was eight participants who met the inclusion criteria with the underlying principles of Kolb’s experiential learning theory incorporating van Kaam’s extensive seven-step Modified data analyses. The inclusion required the personnel eighteen or older, a current employee, a contractual individual, or a volunteer for an agency with cybercrime preparedness. Police personnel included one captain, one lieutenant, two sergeants, one officer, one civilian, one police assistant patrol officer, and one volunteer police college intern. The data was systematically evaluated with an analysis of each research question. The literary gap was closed focusing on cybercrime preparedness enhanced by learning styles transitioning from theoretical to pragmatic. Valuable evidence-based contributions emerged to combat cybercrime with in-depth insight into critical infrastructure strategies. Additional research will assist individuals, agencies, and others to bring positive social change, mitigate cyber-attacks, and uproot cyber-terrorism with transferability