Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
DETECTION AND PROTECTION OF CYBER CRIME By Sajeev Kumar J S S I of Police, Aluva P S. KERALA POLICE Outline This presentation highlights Introduction of cyber crime techniques and tools for the two realms of cyber crime: Detection Prevention Dr. N. K. Amin (ACP) Gujarat Police HISTORY The first recorded cyber crime took place in the year 1820! In 1820, Joseph-Marie Jacquard, a textile manufacturer in France, produced the loom. This device allowed the repetition of a series of steps in the weaving of special fabrics. This resulted in a fear amongst Jacquard's employees that their traditional employment and livelihood were being threatened. They committed acts of sabotage to discourage Jacquard from further use of the new technology. This is the first recorded cyber crime! Dr. N. K. Amin (ACP) Gujarat Police Introduction Cyber crime is the latest and perhaps the most complicated problem in the cyber world. “Cyber crime may be said to be those species, of which, genus is the conventional crime, and where either the computer is an object or subject of the conduct constituting crime” Dr. N. K. Amin (ACP) Gujarat Police CONVENTIONAL CRIME Crime is a social and economic phenomenon and is as old as the human society. Crime is a legal concept and has the sanction of the law. Crime or an offence is “a legal wrong that can be followed by criminal proceedings which may result into punishment.” A crime may be said to be any conduct accompanied by act or omission prohibited by law and consequential breach of which is visited by penal consequences. Dr. N. K. Amin (ACP) Gujarat Police Definition “Any criminal activity that uses a computer either as an instrumentality, target or a means for perpetuating further crimes comes within the ambit of cyber crime” “ unlawful acts wherein the computer is either a tool or target or both” “Illegal computer-mediated activities that can be conducted through global electronic networks” Dr. N. K. Amin (ACP) Gujarat Police Understand the Fundamentals Internet has offered us a much more convenient way to share information across time and place. Cyberspace also opened a new venue for criminal activities. Cyber attacks Distribution of illegal materials in cyberspace Computer-mediated illegal communications within big crime groups or terrorists Dr. N. K. Amin (ACP) Gujarat Police Understand the Fundamentals . Cyber crime has become one of the major security issues for the law enforcement community. The anonymity of cyberspace makes identity tracing a significant problem which hinders investigations. Dr. N. K. Amin (ACP) Gujarat Police CLASSIFICATION OF CYBERCRIME 1.Computer as Target 2.Computer as an instrumentality 3.Computer as an incidental or other crime 4.Crime associated with the prevalence of computers. THE ABOVE CATEGORIES ARE NOT ISOLATED COMPATMENTS CRIME MAY OFTEN SPILL OVER FROM ONE CATEGORY TO THE OTHER Dr. N. K. Amin (ACP) Gujarat Police COMPUTER AS A TARGET OF A CRIME Physical damage, Theft or destruction of information (data). The spread of viruses, worms, software piracy, hacking etc. A computer virus is a self-replicating computer program written to alter the way a computer operates, without the permission or knowledge of the user. Dr. N. K. Amin (ACP) Gujarat Police Computer as an instrumentality. This category include such crimes were either computers or their contents bare used in furtherance of crime or those offences which are committed by manipulating contents of computer systems. They could include sending emails, r ransom notes or manipulating computer contents for credit card frauds telecommunication frauds or theft. Dr. N. K. Amin (ACP) Gujarat Police Computer as incidental or other crime. This category includes conventional crimes, and with the advent of computer the criminal have started using the technology as an aid for its perpetuation. They include use of computers as an aid for drug trafficking, money laundering, child pornography etc Dr. N. K. Amin (ACP) Gujarat Police 4. Crime associated with the prevalence of computers. copyright violation, software piracy, component theft etc. Dr. N. K. Amin (ACP) Gujarat Police Types of cyber crime-1 Financial crimes -cheating, credit card frauds, money laundering Forgery etc. Cyber pornography Sale of illegal articles: Online gambling: Intellectual Property crimes Dr. N. K. Amin (ACP) Gujarat Police Types of cyber crime-2 Email spoofing Cyber Defamation Cyber stalking Unauthorized access to computer systems or network Hacking Dr. N. K. Amin (ACP) Gujarat Police Types of cyber crime-3 Theft of information contained in electronic form Email bombing Data diddling Salami attacks Dr. N. K. Amin (ACP) Gujarat Police Types of cyber crime-4 Denial of Service attack Virus / worm attacks Logic bombs Trojan attacks Internet time theft Web jacking Theft of computer system Physically damaging a computer system Dr. N. K. Amin (ACP) Gujarat Police Email related crime 1. Email spoofing 2. Sending malicious codes through email 3. Email bombing 4. Sending threatening emails 5. Defamatory emails 6. Email frauds Dr. N. K. Amin (ACP) Gujarat Police CYBER CRIMINALS: Children and adolescents between the age group of 6 – 18 years – Organised hackers Professional hackers / crackers – Discontented employees- Dr. N. K. Amin (ACP) Gujarat Police Characteristics of Computer Crime: Silent in Nature: Computer crime could be committed in privacy without reaching to scene of crime physically i.e. no eye witnesses. There is no signs of physical violence or struggle. Global in character: No national borders. By sitting comfortably far away from the country the entire economy of the country could be destroyed. As digital evidences are fragile in nature one has to respond quickly. Non existence of Physical Evidence: No physical evidence to indicate that crime has been committed. Only on a closer look the trained person could find out the evidences which are not in the traditional format but are in digital format. Dr. N. K. Amin (ACP) Gujarat Police Characteristics of Computer Crime: Creates high Impact: Impact is severe and may be long term. It can damage the victim system permanently. Loss of good will. High Potential and Easy to Perpetrate: A software developer who did not get enough money or good job would turn to criminal world for their survival. Therefore, the computer crimes have a potential to increase. Hence organized mafia may enter into this sector. Dr. N. K. Amin (ACP) Gujarat Police Investigating officer’s inspection 1. Hardware is contraband or fruits of crimes-. (stolen, misappropriated, illegal hardware) 2. Hardware as instrumentality (hard ware designed specifically for crime.) 3. Hardware as evidence (CD writer being used for duplicating pornographic CD) Dr. N. K. Amin (ACP) Gujarat Police Investigating officer’s inspection 4. Information as contraband or fruits of crime pirated computer program, stolen trade secret, passwords and any other information obtained by criminal means Dr. N. K. Amin (ACP) Gujarat Police Investigating officer’s inspection 5. Information as an instrumentality Program that will help gaining unauthorized access to computer systems 6. Information as evidence(threatening letter stored in a computer of a suspect, e- mail message in the mail box or various documents, which support the prosecution in presenting case.) Dr. N. K. Amin (ACP) Gujarat Police Detection /investigation is a team effort law enforcement agencies forensic scientist Lawyers Computer security professional Dr. N. K. Amin (ACP) Gujarat Police DETECTION - PREVENTION SETTING UP A CYBER CRIME INVESTIGATION CELL To prevent the various cyber crimes that take place every day it is essential to establish a dedicated cell. Need for a Cyber Forensic Cell Dr. N. K. Amin (ACP) Gujarat Police Basic Cyber Crime Investigation Tool Forensic Software Window GUI Technology base Forensic Software for examination of File systems FAT12, FAT16, FAT32, NTFS, LINUX, UNIX, MACINTOSH, CDROM and DVD-R. It should able to examine and extracting slack space. It should be able to create image of the storage media e.g. hard disk, Floppy disk. It should show emails in developer’s format. (With headers and attachments) It should open document in language other English spouted by Unicode e.g. Arabian language. It should show Internet history. Forensic Cell phone Seizure kit with write block facility and will all required cables and adapters. Forensic Hardware: One computer PIV 3.2 GHz with 1 GB DDR RAM and other required peripheral One hard disk write block device Dr. N. K. Amin (ACP) Gujarat Police software requirements -- Robust operating system software Other application software facilitating word processing, spread sheet, electronic mails, multimedia, imaging and for identifying various other kinds of file formats during the course of examination Case management software for keeping records of the cases being examined and for tracking case details at short notice Bootable disks to let the forensic specialist boot from such disks instead of the suspect’s bootable disk Dr. N. K. Amin (ACP) Gujarat Police Advanced cyber forensic software Bit-stream back up of data The forensic procedure prohibits examination of the original media to prevent any accidental erasure or interference during examination of such media. Powerful password recovery tool Dr. N. K. Amin (ACP) Gujarat Police Advanced cyber forensic software Recovery of deleted data, image and multimedia among other kinds of files . For generating reports based on the analysis of the information contained on the suspect storage media Searching tool for locating folders and files on the suspect storage media. Dr. N. K. Amin (ACP) Gujarat Police REQUIREMENTS Partition recovery and analysis software for recovering information lost due to partitioning of a suspect hard-disk drive Firewalls and Intrusion Detection Systems would also help in detection of network penetration crimes directed against the cyber forensics cell itself. Dr. N. K. Amin (ACP) Gujarat Police REQUIREMENTS Updated Anti-virus programs would be essential to prevent breakdown of systems due to any malicious codes such as viruses and worms. Other necessary application software programs as would be required from time to time to analyze various files during forensic examination. Dr. N. K. Amin (ACP) Gujarat Police Hardware requirements Powerful computer systems with hot swappable bays and standard peripherals having support for the following: Fast disk imaging and cloning Various kinds of removable storage media (e.g., JAZZ Cartridges and ZIP cartridges) CD / DVD Readers and writers Tape drives Other kinds of electronic storage devices (CompactFlash, SmartMedia, Memory Stick) IDE hard drives SCSI hard drives Notebook Hard Drives Dr. N. K. Amin (ACP) Gujarat Police Hardware requirements Write protect devices to prevent any information being written on to the suspect storage media Additional storage devices for making bitstream copies or clones of the suspect storage media for examination purposes External CD Writers for portability Card-readers for analyzing information from various types of cards that store information inK. Amin magnetic form Dr. N. (ACP) Gujarat Police THE CARDINAL RULES OF COMPUTER FORENSICS ARE: Never mishandle the evidence Never work on the original evidence Never trust the SUBJECTS operating system Document all the findings. Results should be repeatable, reproducible and verifiable by third party. Dr. N. K. Amin (ACP) Gujarat Police PREVENTION OF CYBER CRIME Prevention is always better than cure. It is always better to take certain precaution while operating the net. Dr. N. K. Amin (ACP) Gujarat Police A netizen should keep in mind the following things-1 To prevent cyber stalking avoid disclosing any information pertaining to oneself. Always avoid sending any photograph online Always use latest and up date anti virus software to guard against virus attacks. Always keep back up volumes so that one may not suffer data loss in case of virus contamination Never send your credit card number to any site that is not secured, to guard against frauds. Dr. N. K. Amin (ACP) Gujarat Police A netizen should keep in mind the following things-2 Always keep a watch on the sites that your children are accessing It is better to use a security programme that gives control over the cookies web site owners should watch traffic and check any irregularity on the site. Use of firewalls may be beneficial. Dr. N. K. Amin (ACP) Gujarat Police Prevention of hacking Almost all hackers can be deterred with commonsense policies. Although the largest threat is often from within an organization i.e. - employees / students, it is essential that any computer network has properly configured firewall protection as well as intrusion detection and other filtering software. Dr. N. K. Amin (ACP) Gujarat Police identification and Authentication. Identification is the service where an identity is assigned to a specific individual, Authentication the service designed to verify a user’s identity. The person can be identified and authenticated by what he knows (e.g. password), by what he owns (e.g. smart card) or by his human characteristics (biometrics). Dr. N. K. Amin (ACP) Gujarat Police Biometrics Biometric technologies are applied in the following sectors: Pubic Services, Law Enforcement, Banking, Physical Access Control and Computer & Networks. Dr. N. K. Amin (ACP) Gujarat Police Biometric techniques 1. Signature Verification 2. Iris Analysis 3. Facial Analysis 4. Fingerprint verification 5. Hand Geometry 6. Voice Verification Dr. N. K. Amin (ACP) Gujarat Police Cell phones are mini computer don't for mobile user Please do not click photographs without permission by your mobile phones. Do not send obscene/pornographic text, images. SMS. Do not send obscene/pornographic text, MMS (multimedia messaging service) Do not receive from or reply to sms/mms of strangers. Do not transmit obscene/ pornographic material, as it is an offence under Information Technology act – 2000.punishment is 5 yrs imprisonment and 1lac rupees fine. Dr. N. K. Amin (ACP) Gujarat Police Cell phones are mini computer don't for mobile user Do not call to the unknown phone/mobile numbers you get while chatting or exhibited on various profiles on Internet. Do not keep your Blue tooth open to all, you may receive obscene/phornographic text, images and viruses. Do not give your mobile numbers while chatting on INTERNET to avoid “STALKING”. DO not handover your mobile phone to unauthorised service center, to avoid CLONING. Dr. N. K. Amin (ACP) Gujarat Police Cell phones are mini computer Do’s for mobile user Note down your IMEI number. Security pin code should be used to avoid misuse of your mobile phones. mms/sms received should be checked before opening the message. Delete obscene/phornographic text, images. SMS/MMS.from your mobile phones. Anti-virus software should be loaded in the mobile phone. Mobile phone keypad should be locked after every use. Use your mobile phone when necessary Dr. N. K. Amin (ACP) Gujarat Police Child Pornography How do Pedophiles Operate Pedophiles use false identity to trap the children/teenagers Pedophiles contact children/teens in various chat rooms which are used by children/teen to interact with other children/teen. Befriend the child/teen. Extract personal information from the child/teen by winning his confidence. Gets the e-mail address of the child/teen and starts making contacts on the victim’s e-mail address as well. Dr. N. K. Amin (ACP) Gujarat Police Child Pornography How do Pedophiles Operate Starts sending pornographic images/text to the victim including child pornographic images in order to help child/teen shed his inhibitions so that a feeling is created in the mind of the victim that what is being fed to him is normal and that everybody does it. Extract personal information from child/teen At the end of it, the pedophile set up a meeting with the child/teen out of the house and then drag him into the net to further sexually assault him or to use him as a sex object. Dr. N. K. Amin (ACP) Gujarat Police Tips For Children Do not give out identifying information such as name, home address, school name or telephone number in a chat room. Do not send your photograph to any one on the Net without initially checking with the parent or guardian. Dr. N. K. Amin (ACP) Gujarat Police Tips For Children Do not respond to messages or bulletin board items that are obscene, belligerent or threatening. Never arrange a face to face meeting without informing your parent or guardian. Remember that people online may not be who they seem to be Dr. N. K. Amin (ACP) Gujarat Police Are You A Safe Cyber Surfer? Fortunately, there are steps you can take to protect your computer, Make sure your passwords have both letters and numbers, and are at least eight characters long. Avoid common words: some hackers use programs that can try every word in the dictionary. Don’t use your personal information, your login name or adjacent keys on the keyboard as passwords-and don’t share your passwords online or over the phone. Dr. N. K. Amin (ACP) Gujarat Police Are You A Safe Cyber Surfer? Protect yourself from viruses by installing anti-virus software and updating it regularly. Prevent unauthorized access to your computer through firewall software or hardware. Dr. N. K. Amin (ACP) Gujarat Police Are You A Safe Cyber Surfer? Don’t open a file attached to an e-mail unless you are expecting it or know what it contains. If you send an attachment, type a message explaining what it is. Never forward any e-mail warning about a new virus. It may be a hoax and could be used to spread a virus. When something bad happens-you think you’ve been hacked or infected by a viruse-mail a report of the incident to your Internet provider Dr. N. K. Amin (ACP) Gujarat Police Take a test before opening e-mail attachment Is the email from someone that you know? Have you received email from this sender before? Were you expecting email with an attachment from this sender? Does email from the sender with the contents as described in the Subject line and the name of the attachment(s) make sense? Does this email contain a virus? To determine this, you need to install and use an anti-virus program. Dr. N. K. Amin (ACP) Gujarat Police What is computer security? Detection helps you to determine whether or not someone attempted to break into your system, if they were successful, and what they may have done. Computer security is the process of preventing and detecting unauthorized use of your computer. Prevention measures help you to stop unauthorized users (also known as "intruders") from accessing any part of your computer system. Dr. N. K. Amin (ACP) Gujarat Police Why should I care about computer security? We use computers for everything from banking and investing to shopping and communicating with others through email or chat programs. Dr. N. K. Amin (ACP) Gujarat Police Who would want to break into my computer at home? Intruders (also referred to as hackers, attackers, or crackers) . Often they want to gain control of your computer so they can use it to launch attacks on other computer systems. Dr. N. K. Amin (ACP) Gujarat Police How easy is it to break into my computer? intruders are always discovering new vulnerabilities (informally called "holes") to exploit in computer software. When holes are discovered, computer vendors will usually develop patches to address the problem(s). However, it is up to you, the user, to obtain and install the patches, or correctly configure the software to operate more securely. Dr. N. K. Amin (ACP) Gujarat Police How easy is it to break into my computer? Also, some software applications have default settings that allow other users to access your computer unless you change the settings to be more secure. Examples include chat programs that let outsiders execute commands on your computer or web browsers that could allow someone to place harmful programs on your computer that run when you click on them. Dr. N. K. Amin (ACP) Gujarat Police Use Strong Password For each computer and service you use (e-mail, chatting, online purchasing, for example), you should have a password. You shouldn’t write them down nor should you share them with anyone, even your best friends. Computer intruders use trial-and-error, or brute-force techniques, to discover passwords. Use alphanumeric characters and special characters in your password. The length of password should be as long as possible (More than 8 characters). Do not write it to some place where it is visible to someone else. Dr. N. K. Amin (ACP) Gujarat Police Protect Your Personal Computer Use the latest version of a good anti-virus software package which allows updation from the Internet. Use the latest version of the operating system, web browsers and e-mail programs. Don’t open e-mail attachments unless you know the source. Attachments, especially executables (those having .exe extension) can be dangerous. Confirm the site you are doing business with. Secure yourself against "Web-Spoofing". Do not go to websites from email links. Dr. N. K. Amin (ACP) Gujarat Police Protect Your Personal Computer Create passwords containing atleast 8 digits. They should not be dictionary words. They should combine upper and lower case characters. Use different passwords for different websites. Send credit card information only to secure sites. Use a security program that gives you control over "Cookies" that send information back to websites. Letting all cookies in without monitoring them could be risky. Dr. N. K. Amin (ACP) Gujarat Police Protect Your Website Stay informed and be in touch with security related news. Watch traffic to your site. Put host-based intrusion detection devices on your web servers and monitor activity looking for any irregularities. Put in firewall. Configure your firewall correctly. Develop your web content off line. Make sure that the web servers running your public web site are physically separate and individually protected from your internal corporate network. Protect your databases. If your web site serves up dynamic content from database, consider putting that database behind a second interface on your firewall, with tighter access rules than the interface to your web server. Back up your web site after every update. Dr. N. K. Amin (ACP) Gujarat Police Protect Your Website Develop your web content off line. Make sure that the web servers running your public web site are physically separate and individually protected from your internal corporate network. Protect your databases. If your web site serves up dynamic content from database, consider putting that database behind a second interface on your firewall, with tighter access rules than the interface to your web server. Back up your web site after every update. Dr. N. K. Amin (ACP) Gujarat Police Identity Theft Identity theft occurs when somebody steals a personal name and other personal information for fraudulent purposes. Identity theft is a form of identity crime where somebody uses a false identity to commit a crime. It involves stealing victims’ personal information and credentials, often to make purchases. It is an act of impersonating another by means of using the person’s information, such as birth date, Social Security number, address, name, and bank account information. Dr. N. K. Amin (ACP) Gujarat Police Identity Theft It is an fact the co-option of another person’s personal information e.g., name, Social Security number, credit card number or passport without that person’s knowledge and the fraudulent use of such knowledge. Identity theft is deliberately assuming another person’s identity, usually to gain access to their finances or frame them for a crime. It can also be used to enable illegal immigration, terrorism, espionage, or changing identity permanently. Dr. N. K. Amin (ACP) Gujarat Police I.P. Address Each computer on the Internet has an IP address that uniquely identifies it from all other computers on the Internet. IP stands for Internet protocol, and these addresses are 32-bit numbers, normally expressed as 4 "octets" in a "dotted decimal number." A typical IP address looks like this: 203.217.36.138 The four numbers in an IP address are called octets, . Every machine on the Internet has a unique IP address. A server has a static IP address that does not change very often. A home machine that is dialing up through a modem often has an IP address that is assigned by the ISP when you dial in. That IP address is unique for your session—it may be different the next time you dial in. This way, an ISP only needs one IP address for each modem it supports, rather than for each customer. Dr. N. K. Amin (ACP) Gujarat Police WIRELESS NETWORK SECURITY (i) Make the wireless network invisible by disabling identifier broadcasting, (ii) Rename the wireless network and change the default name. (iii) Encrypt the network traffic, Dr. N. K. Amin (ACP) Gujarat Police WIRELESS NETWORK SECURITY (iv) Change administrator’s password from the default password. If the wireless network does not have a default password, create one and use it to protect the network, (v) Use file sharing with caution. If the user does not need to share directories and files over his network, he should disable file sharing on his computers. Dr. N. K. Amin (ACP) Gujarat Police WIRELESS NETWORK SECURITY (vi) Keep the access point[6] software patched and up to date, (vii) Check internet provider’s wireless security options as it may provide information about securing your home wireless network, (viii) Do not auto-connect to open Wi-Fi (wireless fidelity) networks (ix) Turn off the network during extended periods of nonuse, etc. Dr. N. K. Amin (ACP) Gujarat Police preventing E-crime Ensure physical security of equipment and storage devices Don't share identification numbers and passwords Change passwords on a regular basis Regularly monitor dial-up facilities of users Cancel access to data when employees transfer, leave or no longer require access Dr. N. K. Amin (ACP) Gujarat Police preventing E-crime Review work quality and develop a sound system of controlling employees with access to data Install a firewall Install virus protection software and maintaining updates on a regular basis Dr. N. K. Amin (ACP) Gujarat Police preventing E-crime: Always check bank account transactions/balances and report discrepancies immediately to your financial institution Keep your computer in a family room so that you can monitor its use Report the matter quickly to police if it is a criminal matter Avoid opening unsolicited emails, delete them immediately and do not respond to the inquirer Retain original offensive/menacing/harassing emails Dr. N. K. Amin (ACP) Gujarat Police preventing E-crime Consider the use of a third party to hold payment in trust until you receive an item purchased via an online auction site Do not automatically check boxes before reading the contents of any agreement etc Educate yourself on a regular basis of the methods used by offenders to commit this type of crime Dr. N. K. Amin (ACP) Gujarat Police preventing E-crime: Do not automatically divulge personal information to persons who have solicited contact with you, without checking their credentials Store personal information such as passwords on a separate storage device rather than on the computer hard-drive Dr. N. K. Amin (ACP) Gujarat Police Classification of Offences detailed Under the IT Act, 2000. Section Offence Cognizable or Noncognizable Bailable or NonBailable By what court 65 Tempering with computer source code and documents Cognizable Non-Bailable Magistrate of the First Class 66 Hacking with computer system Cognizable Non-Bailable Magistrate of the First Class 67 Publishing of information which is obscene in electronic format Cognizable Non-Bailable First Conviction Magistrate of the First Class Second Conviction Court of session 68 Failure of comply with the directions of Controller Cognizable Non-Bailable Magistrate of the First Class 69 Failure to assist intercepting agency in decrypt-ion Cognizable Non-Bailable Magistrate of the First Class Dr. N. K. Amin (ACP) Gujarat Police Continue 70 Securing Access to a protected system 71 Cognizable Non-Bailable Court of Session Penalty for misrepresentation Non-Cognizable Bailable Any Magistrate 72 Breach of confidentiality and privacy Non-Cognizable Bailable Any Magistrate 73 Penalty for publishing Digital Signature Certificate false in certain particulars Non-Cognizable Bailable Any Magistrate 74 Publication for fraudulent purpose Non-Cognizable Bailable Any Magistrate 33 Failure to surrender license by Certifying Authority Non-Cognizable Bailable Any Magistrate Dr. N. K. Amin (ACP) Gujarat Police CONCLUSION It is not possible to eliminate cyber crime from the cyber space. It is quite possible to check them. History is the witness that no legislation has succeeded in totally eliminating crime from the globe The only possible step is to make people aware of their rights and duties Dr. N. K. Amin (ACP) Gujarat Police WARNING CYBERSPACE IS SAFE TO USE AND UNSAFE TO MISUSE Dr. N. K. Amin (ACP) Gujarat Police THANK YOU Dr. N. K. Amin (ACP) Gujarat Police