The modelling of a digital forensic readiness approach for Wireless Local Area Networks

Over the past decade, wireless mobile communication technology based on the IEEE 802.11 Wireless Local Area Networks (WLANs) has been adopted worldwide on a massive scale. However, as the number of wireless users has soared, so has the possibility of cybercrime. WLAN digital forensics is seen as not only a response to cybercrime in wireless networks, but also a means to stem the increase of cybercrime in WLANs. The challenge in WLAN digital forensics is to intercept and preserve all the communications generated by the mobile stations and to conduct a proper digital forensic investigation. This paper attempts to address this issue by proposing a wireless digital forensic readiness model designed to monitor, log and preserve wireless network traffic for digital forensic investigations. Thus, the information needed by the digital forensic experts is rendered readily available, should it be necessary to conduct a digital forensic investigation. The availability of this digital information can maximise the chances of using it as digital evidence and it reduces the cost of conducting the entire digital forensic investigation process.The Council for Scientific and Industrial Research (CSIR) and University of Pretoria, South Africa.http://www.jucs.org

Forensics of Software Copyright Infringement Crimes: The Modern POSAR Test Juxtaposed With The Dated AFC Test

This paper presents a new development in the forensics of software copyright through a juxtaposed comparison between the proven AFC test and the recent POSAR test, the two forensic procedures for establishing software copyright infringement cases. First, the paper separately overviews the 3-stage, linear sequential AFC test and then the 5-phase, cyclic POSAR test (as AFC’s logical extension). The paper then compares the processes involved in each of the 5 phases of the POSAR test with the processes involved in the 3 stages in the AFC test, for the benefit of forensic practitioners and researchers. Finally, the paper discusses some common areas where both the tests will need careful handling while implementing them in the judiciaries across the world

Social Construction of Internet Fraud as Innovation among Youths in Nigeria

The proliferation of internet technologies has shaped interactions in contemporary society. Despite the pivotal importance of the internet to the global economy, it has several negative consequences such as internet fraud. This study examined the perception that young adults in Nigeria hold about internet fraud as an innovative means to economic survival rather than as a criminal enterprise. Robert Merton’s Anomie/Strain Theory (AST) was adopted as the theoretical thrust of the study. Adopting a qualitative data collection method, 15 participants were selected using the non-probabilistic purposive and snowballing techniques while opinions were sampled through in-depth interviews in different locations within the Ibadan metropolis of Nigeria. Study findings revealed that youths are engaged in internet fraud mainly to support themselves financially despite harsh economic realities as a form of deviant innovation. The study established that internet fraudsters in Nigeria are socially organized based on specializations. Furthermore, the study established that the accumulation of wealth and “clients” are the major basis for hierarchy. Although there are extant laws on the prohibition and prosecution of internet crimes in Nigeria, the fraudsters claimed that the compromised security apparatus of the state is often manipulated to allow them to continue in the “business”. Only those who do not know their way are prosecuted while successful internet fraudsters gallivant and invest their illegal proceeds in legitimate businesses as cover-ups. The study established the need for value reorientation for youths as well as the creation of jobs

Google dorks: Use cases and adoption study

The information age brought about radical changes in our lives. More and more assets are getting connected to the Internet. On the one hand, the connectivity to this ever-growing network of connected devices and assets (the Internet) precipitates more convenience and access to various resources. However, on the downside, the Internet could be the hotbed for malicious actors like hackers, attackers, and cybercriminals’ communities. Continuous Penetration testing and monitoring of the sites, and forums providing illicit digital products and services is a must-do task nowadays. Advanced searching techniques could be employed for discovering such forums and sites. Google dorks that are utilizing Google’s advanced searching techniques could be applied for such purpose. Google dorks could be used for other areas that we will explain during this thesis in more detail like information gathering, vulnerability detection, etc. The purpose of this thesis is to propose advanced searching techniques that will help cybersecurity professionals in information gathering, reconnaissance, vulnerability detection as well as cyber criminal investigative tasks. Further, a usability study has been conducted to examine the acceptance of these techniques among a group of cybersecurity professionals. In this usability study, we will measure the significance of 5 variables in the innovation diffusion model (IDT) namely Complexity, Compatibility, Relative advantage, Trialability, and observability in the adoption of Google dorks for searchrelated tasks for cybersecurity professionals. Keywords: Google dorks, Cybercriminal forums, Information gathering, Dark web, Defaced sites, Innovation diffusion theor

Awareness and perception of phishing variants from Policing, Computing and Criminology students in Canterbury Christ Church University

This study focuses on gauging awareness of different phishing communication students in the School of Law, Policing and Social Sciences and the School of Engineering, Technology and Design in Canterbury Christ Church University and their perception of different phishing variants. There is an exploration of the underlying factors in which students fall victim to different types of phishing attacks from questionnaires and a focus group. The students’ perception of different types of phishing variants was varied from the focus group and anonymised questionnaires. A total of 177 respondents participated in anonymised questionnaires in the study. Students were asked a mixture of scenario-based questions on different phishing attacks, their awareness levels of security tools that can be used against some phishing variants, and if they received any phishing emails in the past. Additionally, 6 computing students in a focus group discussed different types of phishing attacks and recommended potential security countermeasures against them. The vulnerabilities and issues of anti-phishing software, firewalls, and internet browsers that have security toolbars are explained in the study against different types of phishing attacks. The focus group was with computing students and their knowledge about certain phishing variants was limited. The discussion within the focus group was gauging the computing students' understanding and awareness of phishing variants. The questionnaire data collection sample was with first year criminology and final year policing students which may have influenced the results of the questionnaire in terms of their understanding, security countermeasures, and how they identify certain phishing variants. The anonymised questionnaire awareness levels on different types of phishing fluctuated in terms of lack of awareness on certain phishing variants. Some criminology and policing students either did not know about phishing variants or had limited knowledge about different types of phishing communication, security countermeasures, the identifying features of a phishing message, and the precautions they should take against phishing variants from fraudsters

An assessment of the multi-disciplinary approach to investigate corruption in the South African public service

The aim of this study is to assess the multi-disciplinary approach in the investigation of corruption in the South African public service. Data was collected by means of in-depth interviews conducted with members of the Directorate for Priority Crime Investigation’s Anti-Corruption Task Team to gain a comprehensive understanding of their experiences regarding the effectiveness of the Anti-Corruption Task Team in the investigation of corruption within the public service. In addition, the researcher conducted a comprehensive literature study of local and international legislation to curb corruption, supplemented with various multi-disciplinary approaches employed internationally. Furthermore, various global Anti-Corruption Agencies were studied to comprehend their functions and efficacy. The findings of the research identified and described various impediments facing the Anti-Corruption Task Team’s effectiveness in investigating corruption within the public service. As a result, this study recommends the need to establish a single Anti-Corruption Agency with a comprehensive mandate to prevent, investigate, and educate on corruption, to critically safeguard the independence of the Anti-Corruption Task Team against political interference, as well as the allocation of adequate resources and budget for its effective operation. The research identified best practices globally to combat corruption, which can be used to amend the current anti-corruption practices to suit the South African public service. Consequently, this study contributes significantly towards effective anti-corruption investigation in the South African public service.Maikemišetšo a dinyakišišo tše ke go lekola mokgwa wa go kopanya dikarolo tše mmalwa tša thuto go nyakišiša bomenetša ka ditirelong tša setšhaba tša Afrika Borwa. Data e kgobokeditšwe ka mokgwa wa dipoledišano tše di tletšego tšeo di dirilwego le maloko a Sehlophatšhomo sa Twantšho ya Bomenetša sa Ofisi ya Molaodimogolo wa Dinyakišišo tša Bosenyi bjo Bogolo go hwetša kwešišo ya maitemogelo a bona a go šoma ga Sehlophatšhomo sa Twantšho ya Bomenetša mo go nyakišišeng bomenetša mo ditirelong tša setšhaba. Go tlaleletše, monyakišiša o dirile dinyakišišo tše di tletšego tša dingwalwa tša peomolao ya gae le ya ditšhabatšhaba tšeo maikemišetšo a tšona e lego go fokotša bomenetša le mekgwa ya go kopanya dikarolo tše mmalwa tša thuto yeo e dirišwago ditšhabatšhabeng. Go tlaleletša, mekgatlo ya twantšho ya bomenetša bja lefase ya go fapana e nyakišišitšwe go kwešiša mešomo le mehola ya yona. Monyakišiši o utollotše le go hlaloša mapheko a go fapana go moholo wa dinyakišišo ka Sehlophatšhomo sa Twantšho ya Bomenetša mo bomenetšeng ka ditirelong tša mmušo. Ka lebaka leo, dinyakišišo di digela tlhokego ya go thoma mokgatlo o tee wa go lwantšha bomenetša wa taolela ye kgolo ya go thibela, go nyakišiša le go ruta ka ga bomenetša; go šireletša boikemelo bja sehlophatšhomo sa twantšho ya bomenetša le go thibela go tsenatsena ga dipolotiki; le go aba methopo yeo e lekanego le ditekanetšo gore e šome gabotse. Dinyakišišo di utollotše tirišo ye botse go feta ka moka lefaseng ka moka go lwantšha bomenetša, yeo e swanetšwego go mpshafatšwa go fihlelela dinyakwa tša ditirelo tša setšhaba tša Afrika Borwa.Inhloso yalolu cwaningo ukuhlola inqubo ebandakanya amadisiplini ehlukene ukuphenyisisa ngenkohlakalo kwezezimali kumkhakha wabasebenzi bakahulumeni eNingizimu Afrika. Idata iqoqwe ngokwenza ama-interview ajulile enziwe nabethimba elilwisana nezinkohlakalo kwezezimali, i-Anti-Corruption Task team lwabophiko lwabenza uphenyiso lobugebengu obukhulu lwe-Directorate of Priority Crime Investigation ukuthola ukuqondisisa okujulile ngezipiliyoni zabo ngokusebenza ngendlela enomphumela kwethimba le-Anti-Corruption Task Team ekuphenyisiseni ngenkohlakalo kwezezimali kumkhakha wabasebenzi bakahulumeni. Nangaphezu kwalokho, umcwaningi uye wafunda ngokujulile ngemibhalo yocwaningo imibhalo yemithetho yezwe kanye nemithetho yamazwe omhlaba enenhloso yokulwisana nenkohlakalo kwezezimali, kanye nezinqubo ezihlanganisa amadisiplini ehlukene ezisetshenziswa kumazwe omhlaba. Nangaphezu kwalokho, ama-ejensi omhlaba alwa nezinkohlakalo nawo kwafundwa ngawo ukuqondisisa imisebenzi yawo kanye nemiphumela yemisebenzi yawo. Umcwaningi waphawula kanye nokuchaza izihibe ezihlukene maqondana nokusebenza ngendlela enomphumela kophenyisiso olwenziwa ngabethimba le-Anti-Corruption Task Team kwinkohlakalo kwezeziali emkhakheni wabasebenzi bakahulueni. Ngenxa yalokhu, ucwaningo luncoma isidingo sokuthi kusungulwe i-ejensi eyodwa enamagunya ajulile okuvimbela, ukuphenyisisa kanye nokufundisa ngezindlela zokulwa nenkohlakalo kwezezimali; ukuvikela ukuzimela kwethimba lokulwa nenkohlakalo kanye nokuvimbela ukuthi ithimba lingaphazanyiswa ngabezepolitiki; kanye nokuhlinzeka ngemithombo eyenele kanye namabhajethi ukuze ithimba lisebenze kahle ngendlela enomphumela. Ucwaningo luphawule izindlela ezingcono kuwo wonke umhlaba zokulwa nenkohlakalo kwezezimali, kanti futhi lezi zinqubo kumele zichitshiyelwe noma zihlelwe kabusha ukuhlangabezana nezidingo zomkhakha wabasebenzi bakahulumeni eNingizimu Afrika. Kanti-ke futhi emuva kwalokho, lolu cwaningo luthela esivivaneni kuphenyisiso olunomphumela lokulwa nenkohlakalo kwezezimali okwenziwa kumkhakha wabasebenzi bakahulumeni eNingizimu Afrika.Criminology and Security SciencePh. D. (Criminal Justice

Prosedur penanganan Tindak pidana cybercrime dan problematika penumpukan perkara cybercrime di Polda Jateng

Manajemen penyidikan tindak pidana cybercrime Ditreskrimsus Polda Jateng berperan amat penting dalam penyelesaian penumpukan perkara, dikarenakan sumber daya yang terbatas. Seperti, personel, materi, waktu, dan dana yang harus dimobilisasikan secara terencana, terkendali serta terorganisir sehingga penyidikan yang efisien dan efektif tercipta dan pada hasilnya mewujudkan cita-cita Polisi Republik Indonesia (POLRI) kedepan akan adanya standar operasi prosedur bagi setiap tahapan penyidikan. Seiring dengan keberadaan Peraturan kepala Kepolisian Negara Republik Indonesia Nomor 14 Tahun 2012 Tentang Manajemen Penyidikan Tindak Pidana. Namun, kendala keterbatasan personil seperti tenaga ahli IT dan cyber forensic, fakta ini juga diperkuat oleh laporan dari Wakil Direktur Tindak Pidana Ekonomi Khusus Bareskrim Polri. Terbatasnya jumlah personil tenaga ahli. Lebih ironis lagi laporan tingkat kejahatan siber di Indoensia semakin meningkat, dengan keterbatasan personil dan tenaga ahli di pihak kepolisisan Indonesia maka penyelesaian kasus tersebut tidak bisa diselesaikan dengan cepat. Akibatnya dirasakan langsung oleh pihak korban atau kejahatan siber. Kendala lain yang krusial adalah terbatasnya dana anggaran operasional, masalah yang cukup krusial selain perangkat hukum, yaitu SDM yang belum mencukupi, anggaran serta sarana dan prasarana untuk menunjang pengungkapan kasus-kasus cybercrime. Sedangkan pada kenyataanya dalam satu bulan bisa mencapai 15 kasus. Oleh karena itu, peneliti ingin mengetahui bagimanakah prosedur penanganan perkara tindak pidana siber di Polda Jateng dan Bagaimana problematika dan penyelesaian penumpukan perkara cybercrime di Polda Jateng. Penelitian ini menggunakan jenis penelitian hukum kualitatif, yang menghasilkan deskriptif data. Dengan pendekatan yuridis empiris (non doktrinal). Sumber data dalam penelitian ini meliputi, data primer berupa sejumlah keterangan atau fakta yang diperoleh dari hasil wawancara dengan Ditreskrimsus Polda Jateng, data sekunder berupa data cybercrime di Ditreskrimsus Polda Jateng Tahun 2019–2020. Lokasi penelitian adalah Ditreskrimsus Polda Jateng yang menjadi tempat penelitian dan memperoleh data-data. Tehnik pengumpulan data yang di gunakan melalui wawancara dan dokumentasi. Adapun analisis data menggunakan penyajian data dan reduksi data kesimpulan dan verifikasi data lapangan. Hasil dari penelitian ini menyimpulkan bahwa penanganan Cybercrime oleh Polda Jateng telah sesuai dengan prosedur penanganan perkara tindak pidana Cybercrime. Kasus yang berhadapan dengan wilayah luar indonesia akan mempersulit penyelidikan apabila ada perbedaan pandangan hukum antara negara Indonesia dengan negara lain, karena kemungkinan negara di mana tempat pembuatan website/media sosial pelaku berada di wilayah yang tidak ada perjanjian diplomasi / perjanjian extradisi dengan Indonesia. Kendala yang krusial adalah terbatasnya dana anggaran operasional, masalah yang cukup krusial selain perangkat hukum, yaitu SDM yang belum mencukupi, anggaran serta sarana dan prasarana untuk menunjang pengungkapan kasus-kasus cybercrime

MANAGING CYBERSECURITY AS A BUSINESS RISK FOR SMALL AND MEDIUM ENTERPRISES

Cyberspace has become the “Wild West” of business opportunities for companies. The explosion of growth opportunities has also created substantial cyber insecurity for such companies. Large companies have the budget and resources to manage cybersecurity risks with the ability to hire experts to provide guidance and technology to address problems on a large corporate scale. Small and medium sized enterprises (SME), on the other hand, lack the funding, knowledge, and human capital to sufficient defend itself against the various criminals. This research analyzes three solutions for some of the major categorical problems for SMEs looking to manage cybersecurity risks without necessarily large investments in only highly technical solutions which include community policing for broad cooperation within industries, cyber insurance, and cyber hygiene. The research was based on literature review on existing literature including substantial government policy, and openly available information available on the Internet. Research yielded the necessity of adopting solutions beyond technology in order to improve security and resilience for SMEs. The proposed solutions are ideally applicable under specific scenarios for SMEs. Broad adoption may not yield the necessary security or resilience for companies without a clear understanding of its existing security strateg

School violence in selected schools in KwaZulu-Natal.

Doctoral Degree. University of KwaZulu-Natal, Durban.School violence has become pervasive and is on the upsurge in schools throughout South Africa, and more especially in the province of KwaZulu-Natal. The reality is that learners carry knives and guns to school, and many attend school under the influence of substances such as drugs and alcohol. Schools are meant to be a welcoming environment where educators can teach openly and learn without fear of victimisation and danger. Learners and educators who are exposed to violence on a regular basis suffer from various adverse psychological and physical effects. This research examined the causes, direct and indirect, of school-based violence and how it impacted both learners and teachers, using those who observed it and those who were victims of this scourge within a school setting. A qualitative research approach was adopted using educators and learners as key informants, and focus group participants, respectively. This study identified school-based violence, with specific reference to community violence and high rates of crime, as drivers of stress and fear among learners and educators. Reportedly, many learners in the schools under study exhibited behavioural problems due to the adverse socio-economic conditions they encountered and imbibed within their respective communities. Based on the findings, the study recommends that close collaboration and partnerships among schools, the community, and the police should be forged to address alcohol and drug peddling in and around schools in a concerted attempt to curb these societal problems. Moreover, parents and guardians need to take accountability for their children’s delinquent behaviour. A point of departure should be their active involvement in their children’s education through attendance of school meetings where issues of school violence, drugs, and weapons are discussed and resolved collaboratively