In the real world there are people who enter the homes and steal everything they find valuable. In the virtual world there are individuals who penetrate computer systems and "steal" all your valuable data. Just as in the real world, there are uninvited guests and people feel happy when they steal or destroy someone else's property, the computer world could not be deprived of this unfortunate phenomenon. It is truly detestable the perfidy of these attacks. For if it can be observed immediately the apparent lack of box jewelry, penetration of an accounting server can be detected after a few months when all clients have given up the company services because of the stolen data came to competition and have helped it to make best deals.
Cybercrime is a phenomenon of our time, often reflected in the media. Forensic investigation of computer systems has a number of features that differentiate it fundamentally from other types of investigations. The computer itself is the main source of information for the investigator.
CONTENTS:
Computing systems and storage media
- Computing devices
- - Peripheral devices
- - External drives for media storage
- Typology of data stored on specific supports – File systems
- - Program that allows working with ” inactive” space
- Information that can be obtained from the computing system environment
Computer networks
- Copper wire in computer networks
- Optical fibers
- Wireless LAN
- Internet and Intranet
Software and services
- Client/server architecture
- Protocols and Standards
- Internet Services
- - e-Mail
- - - Spam
- - HTTP
- - Web address - URL
- - Web browsers
- - - Browser cookies
- - Working with web pages
- - - Choosing your favorite web pages
- - - Keeping track of visited web pages
- - - Saving web pages
- - Proxy servers
- - Privacy on the Internet
- FTP
- Instant Messaging
- Peer-to-peer networks
Vulnerabilities
- The first attacks on the Internet
- Cybercrime
- - Typologies of cyber attackers
- - - Classification of cyber attackers according to their skills and objectives
- Classification of risks and incidents in cyberworld
- - Classification as a list of terms
- - List of categories
- - Categories of results
- - Empirical lists
- Events, attacks and incidents
- Online security events, actions, and targets
- - Actions
- - Targets
- Attacks
- - Tools
- - Vulnerabilities
- - Unauthorized results
Cybercrime laws
- The concept of "cybercrime"
Investigations
- Computer forensic investigations
- Digital evidence
- Digital sampling during investigations
- The suspect
- Witnesses in cybercrime
- Transporting of samples in laboratory
- Analysis of samples
- Preparing team members
- Computer tools
Convention on Cybercrime
- Preamble
- Chapter I – Use of terms
- Chapter II – Measures to be taken at the national level
- - Section 1 – Substantive criminal law
- - - Title 1 – Offences against the confidentiality, integrity and availability of computer data and systems
- - - Title 2 – Computer-related offences
- - - Title 3 – Content-related offences
- - - Title 4 – Offences related to infringements of copyright and related rights
- - - Title 5 – Ancillary liability and sanctions
- - Section 2 – Procedural law
- - - Title 1 – Common provisions
- - - Title 2 – Expedited preservation of stored computer data
- - - Title 3 – Production order
- - - Title 4 – Search and seizure of stored computer data
- - - Title 5 – Real-time collection of computer data
- - Section 3 – Jurisdiction
- Chapter III – International co-operation
- - Section 1 – General principles
- - - Title 1 – General principles relating to international co-operation
- - - Title 2 – Principles relating to extradition
- - - Title 3 – General principles relating to mutual assistance
- - - Title 4 – Procedures pertaining to mutual assistance requests in the absence of applicable international agreements
- - Section 2 – Specific provisions
- - - Title 1 – Mutual assistance regarding provisional measures
- - - Title 2 – Mutual assistance regarding investigative powers
- - - Title 3 – 24/7 Network
- Chapter IV – Final provisions
Recommendation No. R (95) 13
- Appendix to Recommendation No. R (95) 13
- - I. Search and seizure
- - II. Technical surveillance
- - III. Obligations to co-operate with the investigating authorities
- - IV. Electronic evidence
- - V. Use of encryption
- - VI. Research, statistics and training
- - VII. International co-operation
Rules for obtaining digital evidence by police officers
Standards in the field of digital forensics
Principles in digital evidence
Procedures model for the forensic examination
- Hard disk examination
Code of Ethics
Sources and references
About
- Nicolae Sfetcu
- - By the same author
- - Contact
Publishing House
- MultiMedia Publishin
