An International Perspective on Fighting Cybercrime - PowerPoint PPT Presentation

Loading...

PPT – An International Perspective on Fighting Cybercrime PowerPoint presentation | free to download - id: 5e7b-NTRkN



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

An International Perspective on Fighting Cybercrime

Description:

Tajikistan - Expanding Finance in Rural Areas. 1 ... Tajikistan - Expanding Finance in Rural Areas. 2. ????? ???????????. ???? ? ??????? ???????????? ... – PowerPoint PPT presentation

Number of Views:526
Avg rating:3.0/5.0
Slides: 32
Provided by: wingya
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: An International Perspective on Fighting Cybercrime


1
An International Perspective on Fighting
Cybercrime
  • Robert Chang, Wingyan Chung, Hsinchun Chen,
    Shihchieh Chou
  • NSF/NIJ Symposium on Intelligence and Security
    Informatics, Tucson, Arizona, June 2003

2
Agenda
  • Introduction
  • An Overview of Cybercrime
  • Approaches to Fighting Cybercrime
  • Fighting Cybercrime in Taiwan A Case Study
  • Recommendations
  • Conclusions and the Future

3
Introduction
4
The Internet and Cybercrime
  • As the Internet becomes a part of our daily
    lives, criminals increasingly are using it to
    conduct cybercrime
  • The 2002 Computer Crime and Security Survey
    conducted by Computer Security Institute and the
    FBI shows that
  • 90 of respondents detected computer security
    breaches over the past twelve months
  • 80 acknowledged financial losses due to computer
    breaches, and
  • 71 detected unauthorized access by insiders

5
Research in Cybercrime
  • Because cybercrime is an emerging phenomenon of
    the information age, much research is at the
    inception stage
  • In this presentation, we
  • Provide an overview of cybercrime and review
    existing approaches to fighting it,
  • Present a case study of fighting cybercrime in
    Taiwan, and
  • Propose recommendations to the community of
    researchers, policy makers, and practitioners who
    are involved in fighting cybercrime

6
An Overview of Cybercrime
7
Definition of Cybercrime
  • Most researchers agree that it is any illegal
    activities conducted through computer, but some
    disagree on where cybercrime takes place
  • We define cybercrime as illegal
    computer-mediated activities that often take
    place in the global electronic networks
  • Types of cybercrime
  • Computer hacking, Internet fraud, virus
    spreading, and theft of confidential information,
    cyber-piracy, and others

8
Examples of Cybercrime
Sales of illegal items
Pirated software and CDs
Hacking
Fencing stolen goods
Slander
EC Fraud
Spread of viruses
Sales of personal information
Illegal gambling
9
Types of Cybercrime (1)
  • Computer hacking or network intrusion refers to
    the unauthorized access of a computer or a
    computer network
  • Motives can be political or personal
  • Weapons cyber-terrorism, logic bombs and
    electromagnetic bombs
  • Internet fraud refers to deceptive behavior
    conducted through the Internet in an illegal
    manner
  • Financial and personal benefits are the major
    motivations

10
Types of Cybercrime (2)
  • Spreading of malicious code refers to the sending
    of a virus, a Trojan horse through a computer
    network to affect its normal operation
  • Cyber-piracy is the illegal copying and trading
    of software through the Internet
  • Other types of cybercrime include identity theft,
    electronic property theft, money laundering, and
    cyber-pornography

11
Approaches to Fighting Cybercrime
  • An International Perspective

12
Fighting Cybercrime
  • Data mining techniques have been used to analyze
    cybercrime
  • e.g., Unsolicited email identification,
    authorship analysis, link analysis, sequential
    pattern mining, association rule mining
  • In addition, fighting cybercrime involves
    government, public and private organizations,
    legislation, technologies, and cooperation from
    other countries

13
Fighting Cybercrime in Different Countries
  • Three approaches are typically used legal,
    organizational, and technological
  • Legal approach aims to restrict cybercrime
    activities through legislation
  • Organizational approach aims to enforce laws, to
    promote cooperation, and to educate the public
    through the establishment of dedicated
    organizations
  • Technological approach aims to increase the
    effectiveness and efficiency of cybercrime
    analysis and investigation with the help of new
    technologies

14
Legal Approach
  • Within-country strategies
  • The U.S. The National Infrastructure Protection
    Act of 1996, The Cyberspace Electronic Security
    Act of 1999, The Patriot Act of 2001
  • England The Data Protection Act of 1984 and the
    Computer Misuse Act of 1990 Regulation of
    Investigatory Powers (RIP) Bill in July 2000
  • Law enforcement agencies have greater
    investigative power
  • Australia The Australian Cybercrime Act, 2001
  • Defines the following as criminal behaviors
    unauthorized access, modification or impairment
    of restricted data
  • Mandates ISP to keep data between 6 and 12 months

15
Legal Approach
  • Across-country strategies
  • Group of Eight (G8) The 1997 Ministers
    Communiqué mandates that member countries take
    appropriate measures to criminalize cybercrime
  • Protect confidentiality, integrity, and
    availability of data and systems against
    unauthorized impairment
  • Council of Europe (CE) The 2001 Cybercrime
    convention
  • First international convention passed by U.S.,
    Canada, South Africa, Japan
  • Mandates members to have unified legislation on
    cybercrime

16
Organizational Approach
  • Within-country strategies
  • The U.S. FBI, National Infrastructure
    Protection Center, National White Collar Crime
    Center, Internet Fraud Complaint Center, etc.
  • Computer forensics, search of computer evidence
  • Support law enforcement agencies on preventing
    and investigating cybercrime
  • Canada The Canadian Polices Information
    Technology Security Branch
  • Performs security evaluation and inspection
    functions
  • Taiwan Cybercrime Prevention and Fighting Center
    of the Investigation Bureau in the Ministry of
    Justice, Telecommunication Police Squad, etc.

17
Organizational Approach
  • Across-countries strategies
  • G8 mandates that all member countries to have a
    point of contact on a 24 ? 7 basis
  • Cybercrime training for all law enforcement
    personnel
  • CE Requires member countries to set up
    organizations to execute Cybercrime Convention
  • International cooperation and extradition,
    obtaining evidence for investigation

18
Technological Approach
  • Within-country strategies
  • The FBI has developed Carnivore, a computer
    surveillance system for cybercrime investigation
  • The Canadian has introduced Internet training
    that is specifically designed for police officers

  • The British government has applied technologies
    of filtering and rating to protect minors from
    inappropriate material on the Web
  • The Australian Computer Crime Program has
    developed various tools for police agencies to
    investigate cybercrime
  • The Japanese government established Cyber Force
    Center and developed the Real Time Intrusion
    Detection Network

19
Technological Approach
  • Across-countries strategies
  • G8 recommends member countries to use IT to
    prevent and detect network abuse, facilitate
    tracing of criminals and collect forensic
    evidence
  • Two articles in Cybercrime Convention by CE deal
    with using IT to collect and intercept data for
    law enforcement agencies

20
Fighting Cybercrime in Taiwan A Case Study
  • Based on statistics collected by Taiwan Criminal
    Investigation Bureau between 1999 and 2002

21
Cybercrime in Taiwan
  • The Internet population has been growing much
    faster than the total population
  • The numbers of cybercrime cases and suspects have
    been increasing much faster than even the
    Internet population and reached a record high in
    2002
  • Also, cybercrime suspects are becoming younger
  • Cybercrime is conducted by highly educated
    people
  • Only 21 (1050) of all 5035 suspects in
    cybercrime cases had not completed high school,
    compared with about 60 of all suspects of
    general criminal cases

22
(No Transcript)
23
Fighting Cybercrime in Taiwan
  • Legal approach
  • Amended ten articles of Criminal Law to deal with
    cybercrime in 1997
  • Another legislation targeting computer hacking
    and virus spreading is under review
  • Technological approach
  • CIB has developed proprietary software tools and
    hardware equipment for cybercrime investigation,
    e.g.,
  • Internet Patrol Agent, Globe IP Tracer, Evidence
    Collector, Packet Analyzer, Remote Monitor

24
Fighting Cybercrime in Taiwan
  • Organizational approach
  • The Ministry of Justice has established a
    Cybercrime Prevention and Fighting Center in
    Prosecutors Office
  • Established a Computer Crime Unit in every county
    police department in 2000
  • Telecommunication Police Squad was set up in 1997
    to clamp down on illegal use of radio frequencies
    and investigating cybercrime

25
The Agencies of Fighting Cybercrime in Taiwan
NICI, Executive Yuan
National Information and Communications Initiative

MoTC

Directorate Gen. of Telecommunication
Prosecutors office, the High Court
National Police Administration
Information Office Investigation Bureau
Computer Crime Unit, County PD
Telecommunication Police Squad
Cybercrime Prevention Fighting Center
Cybercrime Investigation Unit
Computer Crime Squad, CIB
26
Problems and Lessons Learned
  • Limited identification of Internet and cellular
    phone users
  • Difficult to trace the activities of
    overseas-hosted illegal Web sites
  • Many ISPs, Internet Content Providers (ICPs), and
    Internet companies keep users log files for only
    a short time (1-3 months)
  • Internet Cafe House safe heavens for
    cybercriminals
  • Lessons legal and technical knowledge for
    cybercrime investigation

27
Recommendations
28
Recommendations
  • Updating existing laws
  • e.g., laws regulating ISPs operations
  • Enhancing specialized task forces
  • e.g., Computer forensics training
  • Utilizing civic resources
  • e.g., technical support from universities or
    research organizations
  • Promoting cybercrime research

29
Conclusions and the Future
30
Conclusions
  • Summary Overview, international perspective on
    fighting cybercrime, Taiwan case studies,
    recommendations
  • Cybercrime greatly affects individuals,
    businesses, and national security due to the
    pervasiveness of the Internet
  • We believe that different countries should work
    together and use legal, organizational, and
    technological approaches to combat cybercrime
  • To reduce the damage to critical infrastructures

  • To protect the Internet from being abused

31
Thank you very much!
  • Questions and comments?
About PowerShow.com