Beginner's Guide for Cybercrime Investigators

In the real world there are people who enter the homes and steal everything they find valuable. In the virtual world there are individuals who penetrate computer systems and "steal" all your valuable data. Just as in the real world, there are uninvited guests and people feel happy when they steal or destroy someone else's property, the computer world could not be deprived of this unfortunate phenomenon. It is truly detestable the perfidy of these attacks. For if it can be observed immediately the apparent lack of box jewelry, penetration of an accounting server can be detected after a few months when all clients have given up the company services because of the stolen data came to competition and have helped it to make best deals. Cybercrime is a phenomenon of our time, often reflected in the media. Forensic investigation of computer systems has a number of features that differentiate it fundamentally from other types of investigations. The computer itself is the main source of information for the investigator. CONTENTS: Computing systems and storage media - Computing devices - - Peripheral devices - - External drives for media storage - Typology of data stored on specific supports – File systems - - Program that allows working with ” inactive” space - Information that can be obtained from the computing system environment Computer networks - Copper wire in computer networks - Optical fibers - Wireless LAN - Internet and Intranet Software and services - Client/server architecture - Protocols and Standards - Internet Services - - e-Mail - - - Spam - - HTTP - - Web address - URL - - Web browsers - - - Browser cookies - - Working with web pages - - - Choosing your favorite web pages - - - Keeping track of visited web pages - - - Saving web pages - - Proxy servers - - Privacy on the Internet - FTP - Instant Messaging - Peer-to-peer networks Vulnerabilities - The first attacks on the Internet - Cybercrime - - Typologies of cyber attackers - - - Classification of cyber attackers according to their skills and objectives - Classification of risks and incidents in cyberworld - - Classification as a list of terms - - List of categories - - Categories of results - - Empirical lists - Events, attacks and incidents - Online security events, actions, and targets - - Actions - - Targets - Attacks - - Tools - - Vulnerabilities - - Unauthorized results Cybercrime laws - The concept of "cybercrime" Investigations - Computer forensic investigations - Digital evidence - Digital sampling during investigations - The suspect - Witnesses in cybercrime - Transporting of samples in laboratory - Analysis of samples - Preparing team members - Computer tools Convention on Cybercrime - Preamble - Chapter I – Use of terms - Chapter II – Measures to be taken at the national level - - Section 1 – Substantive criminal law - - - Title 1 – Offences against the confidentiality, integrity and availability of computer data and systems - - - Title 2 – Computer-related offences - - - Title 3 – Content-related offences - - - Title 4 – Offences related to infringements of copyright and related rights - - - Title 5 – Ancillary liability and sanctions - - Section 2 – Procedural law - - - Title 1 – Common provisions - - - Title 2 – Expedited preservation of stored computer data - - - Title 3 – Production order - - - Title 4 – Search and seizure of stored computer data - - - Title 5 – Real-time collection of computer data - - Section 3 – Jurisdiction - Chapter III – International co-operation - - Section 1 – General principles - - - Title 1 – General principles relating to international co-operation - - - Title 2 – Principles relating to extradition - - - Title 3 – General principles relating to mutual assistance - - - Title 4 – Procedures pertaining to mutual assistance requests in the absence of applicable international agreements - - Section 2 – Specific provisions - - - Title 1 – Mutual assistance regarding provisional measures - - - Title 2 – Mutual assistance regarding investigative powers - - - Title 3 – 24/7 Network - Chapter IV – Final provisions Recommendation No. R (95) 13 - Appendix to Recommendation No. R (95) 13 - - I. Search and seizure - - II. Technical surveillance - - III. Obligations to co-operate with the investigating authorities - - IV. Electronic evidence - - V. Use of encryption - - VI. Research, statistics and training - - VII. International co-operation Rules for obtaining digital evidence by police officers Standards in the field of digital forensics Principles in digital evidence Procedures model for the forensic examination - Hard disk examination Code of Ethics Sources and references About - Nicolae Sfetcu - - By the same author - - Contact Publishing House - MultiMedia Publishin

Boosting the precision of virtual call integrity protection with partial pointer analysis for C++

© 2017 Association for Computing Machinery. We present, Vip, an approach to boosting the precision of Virtual call Integrity Protection for large-scale real-world C++ programs (e.g., Chrome) by using pointer analysis for the first time. Vip introduces two new techniques: (1) a sound and scalable partial pointer analysis for discovering statically the sets of legitimate targets at virtual callsites from separately compiled C++ modules and (2) a lightweight instrumentation technique for performing (virtual call) integrity checks at runtime. Vip raises the bar against vtable hijacking attacks by providing stronger security guarantees than the CHA-based approach with comparable performance overhead. Vip is implemented in LLVM-3.8.0 and evaluated using SPEC programs and Chrome. Statically, Vip protects virtual calls more effectively than CHA by significantly reducing the sets of legitimate targets permitted at 20.3% of the virtual callsites per program, on average. Dynamically, Vip incurs an average (maximum) instrumentation overhead of 0.7% (3.3%), making it practically deployable as part of a compiler tool chain

Health Infomatics Using Multy-Keyword Rank Search Over Cloud

This projects targets on the productivity of the cloud computing technology in health care industry. Health care sector is one of the largest sectors in the world. Health care industry depends mainly on Information Technology to provide best service and accuracy of information to their patients. System deals with the cloud technology to create network between patients, doctors and health care institution by providing applications services and also by keeping the data in the cloud. System define and solve the challenging problem of privacy preserving multi-keyword search over encrypted cloud data by providing searching through index. Through analysis investigating privacy and efficiency guarantee of proposed schemes is given, and experiments on the real world’s data set further show proposed schemes indeed introduce low overhead on computation and communication. DOI: 10.17762/ijritcc2321-8169.15011

EdgeSense: Edge-Mediated Spatial-Temporal Crowdsensing

Edge computing recently is increasingly popular due to the growth of data size and the need of sensing with the reduced center. Based on Edge computing architecture, we propose a novel crowdsensing framework called Edge-Mediated Spatial-Temporal Crowdsensing. This algorithm targets on receiving the environment information such as air pollution, temperature, and traffic flow in some parts of the goal area, and does not aggregate sensor data with its location information. Specifically, EdgeSense works on top of a secured peer-To-peer network consisted of participants and propose a novel Decentralized Spatial-Temporal Crowdsensing framework based on Parallelized Stochastic Gradient Descent. To approximate the sensing data in each part of the target area in each sensing cycle, EdgeSense uses the local sensor data in participants\u27 mobile devices to learn the low-rank characteristic and then recovers the sensing data from it. We evaluate the EdgeSense on the real-world data sets (temperature [1] and PM2.5 [2] data sets), where our algorithm can achieve low error in approximation and also can compete with the baseline algorithm which is designed using centralized and aggregated mechanism

Fair and Scalable Orchestration of Network and Compute Resources for Virtual Edge Services

The combination of service virtualization and edge computing allows for low latency services, while keeping data storage and processing local. However, given the limited resources available at the edge, a conflict in resource usage arises when both virtualized user applications and network functions need to be supported. Further, the concurrent resource request by user applications and network functions is often entangled, since the data generated by the former has to be transferred by the latter, and vice versa. In this paper, we first show through experimental tests the correlation between a video-based application and a vRAN. Then, owing to the complex involved dynamics, we develop a scalable reinforcement learning framework for resource orchestration at the edge, which leverages a Pareto analysis for provable fair and efficient decisions. We validate our framework, named VERA, through a real-time proof-of-concept implementation, which we also use to obtain datasets reporting real-world operational conditions and performance. Using such experimental datasets, we demonstrate that VERA meets the KPI targets for over 96% of the observation period and performs similarly when executed in our real-time implementation, with KPI differences below 12.4%. Further, its scaling cost is 54% lower than a centralized framework based on deep-Q networks