Crime data mining: A general framework and some examples

A general framework for crime data mining that draws on experience gained with the Coplink project at the University of Arizona is presented. By increasing efficiency and reducing errors, this scheme facilitates police work and enables investigators to allocate their time to other valuable tasks.published_or_final_versio

Mobile device vulnerabilities & securities

An investigation on current mobile vulnerabilities and research into security. Also, a proof of concept to show the ease of injecting an Android phone with a virus

The Impact of Culture and Religion on Digital Forensics: The Study of the Role of Digital Evidence in the Legal Process in Saudi Arabia

This work contributes to the multi-disciplinary community of researchers in computer science, information technology and computer forensics working together with legal enforcement professionals involved in digital forensic investigations. It is focused on the relationship between scientific approaches underpinning digital forensics and the Islamic law underpinning legal enforcement. Saudi Arabia (KSA) is studied as an example of an Islamic country that has adopted international guidelines, such as ACPO, in its legal enforcement procedures. The relationship between Islamic law and scientific ACPO guidelines is examined in detail through the practices of digital forensic practitioners in the process of discovery, preparation and presentation of digital evidence for use in Islamic courts in KSA. In this context, the influence of religion and culture on the role and status of digital evidence throughout the entire legal process has been the main focus of this research. Similar studies in the literature confirm that culture and religion are significant factors in the relationship between law, legal enforcement procedure and digital evidence. Islamic societies, however, have not been extensively studied from this perspective, and this study aims to address issues that arise at both professional and personal levels. Therefore the research questions that this study aims to answer are: in what way and to what extent Islamic religion and Saudi culture affect the status of digital evidence in the KSA legal process and what principles the practitioners have to observe in the way they treat digital evidence in judicial proceedings. The methodology is based on a mixed-method approach where the pilot questionnaire identified legal professionals who come into contact with digital evidence, their educational and professional profiles. Qualitative methods included case studies, interviews and documentary evidence to discover how their beliefs and attitudes influence their trust in digital evidence. The findings show that a KSA judge would trust witnesses more than digital evidence, due to the influence of tradition, which regards justice and law to arise from the relationship between Man and God. Digital evidence, as it arises from the scientific method, is acceptable, but there is underlying lack of trust in its authenticity, reliability and credibility. In the eyes of the legal enforcement professionals working in all areas of the KSA legal process, acceptance of digital evidence in the KSA judicial system can best be improved if knowledge, education and skills of digital forensics specialists is improved also, so that they can be trusted as expert witnesses. This further shows the significance of KSA laws, regulations and education of digital forensic experts as the primary means for establishing trust in digital evidence. Further research following from this study will be focused on comparative studies of other Islamic non-Islamic legal systems as they adopt and adapt western guidelines such as ACPO to their religion, culture and legal systemsSaudi Cultural Bureau,London, U

Criminal Victimisation in Taiwan: an opportunity perspective

Environmental criminology concerns the role of opportunities (both people and objects) existing in the environment that make crimes more likely to occur. Research consistently shows that opportunity perspectives (particularly with regard to individuals’ lifestyles and routines) help in explaining the prevalence and concentration of crimes. However, there is a paucity of studies investigating crime patterns from an opportunity perspective both outside western countries and in relation to cybercrimes. Hence, it is not clear whether non-Western and online contexts exhibit similar patterns of crime as would be predicted by an opportunity perspective. This thesis is concerned with criminal victimisation in Taiwan – a less researched setting in the field of environmental criminology. It covers both offline victimisation (with a focus on burglary) and online victimisation from the aforementioned opportunity perspective. The goal of this thesis is to identify individual- and area-level characteristics that affect the patterns of victimisation in Taiwan. To achieve this, the thesis draws on a range of secondary datasets, including police recorded crime statistics, the Taiwan Area Victimisation Survey, and the Digital Opportunity Survey for Individuals and Households. With the application of quantitative modelling, the thesis suggests that the generalisability the lifestyle-routine activity approach in explaining crime patterns in Taiwan should be taken with caution. The findings provide partial support for its applicability in relation to burglary and cybercrime in Taiwan. Furthermore, the findings reported here in relation to patterns of repeat and near repeat victimisation depart from those observed in the western literature. The thesis concludes by discussing the implications of the findings for academic research and practice in crime prevention

Cashing in on ATM Malware. A Comprehensive Look at Various Attack Types

ATM malware is one of the digital threats that have been around for a while now, with the discovery of the first known variant dating back to 2009. It should not be a surprise that it has become a mainstay in many cybercriminals’ arsenal because it can, plainly put, steal cold, hard cash. Trend Micro Forward-Looking Threat Research (FTR) Team and Europol’s European Cybercrime Centre (EC3

Calm before the storm: the challenges of cloud computing in digital forensics

Cloud computing is a rapidly evolving information technology (IT) phenomenon. Rather than procure, deploy and manage a physical IT infrastructure to host their software applications, organizations are increasingly deploying their infrastructure into remote, virtualized environments, often hosted and managed by third parties. This development has significant implications for digital forensic investigators, equipment vendors, law enforcement, as well as corporate compliance and audit departments (among others). Much of digital forensic practice assumes careful control and management of IT assets (particularly data storage) during the conduct of an investigation. This paper summarises the key aspects of cloud computing and analyses how established digital forensic procedures will be invalidated in this new environment. Several new research challenges addressing this changing context are also identified and discussed

Resource materials on technology-enabled crime

Designed to assist prosecutors and members of the judiciary faced with proceedings involving technology-enabled crime, the report will be a useful general guide to concepts and terms for other non-technical people

Knowledge Production from Social Networks Sites. Using Social Media Evidence in the Criminal Procedure

This thesis focuses on the interaction between social network sites (SNS) and the legal system, trying to answer a specific question, that is, through introducing social media evidence, whether there is a change of finding facts and identifying the truth in criminal proceedings. To achieve the research objectives, three sub-topics should be discussed in turn; first, how can we transform information on social network sites to valuable evidence in court? In this part, the research will explore the proceedings of extracting information on SNS, such as posts, photos, check-in on Facebook etc., in order to use as evidence in the courtroom from the perspectives of law and internet forensic. Second, considering characteristics of these social media evidence, e.g. easy to be copied, deleted, tampered and transmitted, is it necessary to separate from evidence obtained through other technology or forensic science? Should the legal system need a new set of regulation on social media evidence? Third, how can we conquer challenges to core values in legal system, such as the privilege against self-incrimination or expectation of innocent in this digital era? As the positive contribution, this research tries to answer whether social network sites are a convenient tool for criminal prosecution, and whether internet forensics is useful to assist the investigational authority accusing the crime and finding the truth more accurately, to achieve the ultimate goal of the criminal procedure