File000096

565 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
565
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
13
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

File000096

  1. 1. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3659                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  Computer Hacking Forensic Investigator (CHFI) Module XLIII: Investigating Trademark and Copyright Infringement Exam 312-49
  2. 2. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3660                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   News: BlackBerry Maker, NTP Ink $612 Million Settlement Source: http://money.cnn.com/ BlackBerry maker Research in Motion said that it is ready to pay $612.5 million to patent holding company NTP to resolve the dispute that threatened to close its popular wireless email services for its 3 million users. Canadian-based Research in Motion announced the settlement ahead of a U.S. judge’s expected ruling of damages in the case. In the settlement, NTP granted RIM the power to run its Blackberry business, the company said in a statement. The agreement is finalized and NTP’s lawsuit against RIM has been dismissed by a court order, Canadian company said. The settlements means there is no further court proceedings or decisions about damages are necessary. "The settlement basically makes the pre-warning irrelevant," said Peter Misek, an analyst with Canaccord Capital. The parent office made a second final rejection of NTP’s patents, which means that the the patents could be ruled invalid. But this development was too late to be relevant to the district court proceedings. RIM negotiated a 2004 settlement with NTP of $450 million, but the deal fell apart before it was completed.
  3. 3. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3661                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   News: Recent Patent Infringement Cases Filed in U.S. District Courts Source: http://www.setexasrecord.com/ Mobile Micromedia Solutions LLC vs. BMW of North America and Hyundai Motor America Plaintiff Mobile Micromedia Solutions (MMS), a Texas Limited Liability Company based in Texarkana, claims:  It owns the rights to U.S. Patent No. 5,420,931 issued May 30, 1995, and U.S. Patent No. 5,722,069 issued Feb. 24, 1998  Auto makers BMW and Hyundai are infringing on the patents-in-suit "Upon information and belief, defendants have in the past and continue to infringe the patents by making, using, selling and/or offering to sell, in this judicial district and elsewhere in the United States, products and services which are covered by at least one claim of patents," the complaint states. "As a consequence of the infringement by defendants complained of herein, MMS has been irreparably damaged to an extent not yet determined and will continue to be irreparably damaged by such acts in the future unless defendants are enjoined by this court from committing further acts of infringement. In the event the Court determines that it will not enter injunctive relief, then it should require defendants to continue to pay royalties for their infringement of the patents on a going-forward basis." MMS seeks injunctive relief, interest, treble damages, costs, and attorneys' fees where Nicholas Patton of Texarkana is representing the plaintiff and the case is assigned to U.S. court of law.
  4. 4. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3662                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  Module Objective This module will familiarize you with:  Trademarks  Characteristics of Trademarks  Service Mark and Trade Dress  Trademark Infringements  Steps for Investigating Trademark Infringement  Copyright  Investigating Copyright Status  How Are Copyrights Enforced?  Copyright Infringement Plagiarism  Plagiarism Detection Tools  Patent Infringement  Domain Name Infringement  Investigating Intellectual Property Theft  Digital Rights Management
  5. 5. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3663                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  Module Flow
  6. 6. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3664                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.      Trademark Infringement
  7. 7. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3665                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Trademarks Source: www.uspto.gov “A trademark is a word, phrase, symbol or design, or a combination of words, phrases, symbols or designs, which identifies and distinguishes the source of the goods of one party from those of others.” Brand name, symbols, slogans, design of a product including the packaging style, specific words, smell, specific color, or a combination of any of these that helps the consumer to distinguish a particular product or service from others of the same trade classify as trademarks. Trademarks are of the following three types, namely: Service mark “A service mark is any word, name, symbol, device, or any combination, used, or intended to be used, in commerce, to identify and distinguish the services of one provider from services provided by others, and to indicate the source of the services.” It is similar to trademark, the only difference being that a service mark is used to identify and differentiate the service of one company with another in the same area of the trade. Collective mark “A collective mark is a trademark or service mark used or intended to be used, in commerce, by the members of a cooperative, an association, or other collective group or organization, including a mark, which indicates membership in a union, an association, or other organization.” Certification mark “Certification mark is any word, name, symbol, device, or any combination, used, or intended to be used, in commerce with the owner’s permission by someone other than its owner, to certify regional or other geographic origin, material, mode of manufacture, quality, accuracy, or other characteristics of someone's goods or services, or that the work or labor on the goods or services was performed by members of a union or other organization”
  8. 8. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3666                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Trademark Eligibility and Benefits of Registering It An individual or business unit intending to use a unique identifier to categorize its goods or services can qualify as a trademark. The trademark should be unique and not misleading. To own a trademark, a trademark application form should be filed at the USPTO. The application form should include the following before the USPTO accepts it:  Applicant’s name  A name and address required for correspondence  An apparent depiction of the mark  A list of the goods or services provided  The application filing fee for at least one set of goods or services Following are the benefits of registering a trademark:  Protects an organization’s name/logo, which is an important asset  Owner attains exclusive rights of the mark and protection against the trademark infringement  Gives more visibility to the product from other products in the same trade  Once a trademark is registered, it gets updated in the trademark search database, which helps to discourage other applicants from filing a similar kind of trademark  If a registered trademark is infringed, the owner of the registered trademark can ask the infringer to pay for damages and also demand the attorneys’ fees that the plaintiff incurred while filing the lawsuit  Provides a base for filing the registration for that particular trademark in a foreign country
  9. 9. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3667                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Service Mark and Trade Dress There is a thin line difference between a trademark and a service mark, where trademark differentiates products of the same trade while service mark differentiates services of the same trade. The symbol SM is for an unregistered service mark. TM is for an unregistered trademark. According to www.nolo.com, “In addition to a label, logo, or other identifying symbol, a product may be known by its distinctive packaging”. This is called trade dress. Color, pattern, shape, design, arrangement of letters/words, packaging style, and graphical presentation form a part of trade dress. In the early days, trade dress was referred to the way in which a product was packaged to be launched in the market, but now even the product design is an inclusion element of trade dress. Elements of trade dress of a particular product do not affect the way in which the product is used. Federal law for trademark applies to trade dress also. There is no distinction between trade dress and trademark because the Lanham Act, also known as the “Trademark Act of 1946”, does not provide any distinction between the two.
  10. 10. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3668                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Trademark Infringement According to www.legal-definitions.com “An infringement is the unauthorized use of another’s right or privilege, usually an intellectual property right, such as a patent, copyright, or trademark”. A party that owns the rights to a particular trademark can sue other parties for trademark infringement based on the standard “likelihood of confusion”. According to the Trademark Act of 1946 statutes §1114 and § 1125 specify in particular for trademark infringement. Source: http://www4.law.cornell.edu/ TITLE VI REMEDIES §32 (15 U.S.C. §1114). Remedies; infringement; innocent infringers 1) Any person who shall, without the consent of the registrant— (a) Use in commerce any reproduction, counterfeit, copy, or colorable imitation of a registered mark in connection with the sale, offering for sale, distribution, or advertising of any goods or services on or in connection with which such use is likely to cause confusion, or to cause mistake, or to deceive; or (b) Reproduce, counterfeit, copy or colorably imitate a registered mark and apply such reproduction, counterfeit, copy or colorable imitation to labels, signs, prints, packages, wrappers, receptacles or advertisements intended to be used in commerce upon or in connection with the sale, offering for sale, distribution, or advertising of goods or services on or in connection with which such use is likely to cause confusion, or to cause mistake, or to deceive, shall be liable in a civil action by the registrant for the remedies hereinafter provided. Under subsection (b) hereof, the registrant shall not be entitled to recover profits or damages unless the acts have been committed with knowledge that such imitation is intended to be used to cause confusion, or to cause mistake, or to deceive. As used in this paragraph, the term “any person” includes the United States, all agencies and instrumentalities thereof, and all individuals, firms, corporations, or other persons acting for the United States and with the authorization and consent of the United States, and any State, any instrumentality of a State, and any officer or employee of a State or instrumentality of a State acting in his or her official capacity. The United States, all agencies and instrumentalities thereof, and all individuals, firms, corporations, other persons acting for the United States and with the authorization and consent of the United States, and any State, and any such instrumentality, officer, or employee, shall be subject to the provisions of this Act in the same manner and to the same extent as any nongovernmental entity. (2) Notwithstanding any other provision of this Act, the remedies given to the owner of a right infringed under this Act or to a person bringing an action under section 43(a) or (d) shall be limited as follows:
  11. 11. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3669                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  (A) Where an infringer or violator is engaged solely in the business of printing the mark or violating matter for others and establishes that he or she was an innocent infringer or innocent violator, the owner of the right infringed or person bringing the action under section 43(a) shall be entitled as against such infringer or violator only to an injunction against future printing. (B) Where the infringement or violation complained of is contained in or is part of paid advertising matter in a newspaper, magazine, or other similar periodical or in an electronic communication as defined in section 2510(12) of title 18, United States Code, the remedies of the owner of the right infringed or person bringing the action under section 43(a) as against the publisher or distributor of such newspaper, magazine, or other similar periodical or electronic communication shall be limited to an injunction against the presentation of such advertising matter in future issues of such newspapers, magazines, or other similar periodicals or in future transmissions of such electronic communications. The limitations of this subparagraph shall apply only to innocent infringers and innocent violators. (C) Injunctive relief shall not be available to the owner of the right infringed or person bringing the action under section 43(a) with respect to an issue of a newspaper, magazine, or other similar periodical or an electronic communication containing infringing matter or violating matter where restraining the dissemination of such infringing matter or violating matter in any particular issue of such periodical or in an electronic communication would delay the delivery of such issue or transmission of such electronic communication after the regular time for such delivery or transmission, and such delay would be due to the method by which publication and distribution of such periodical or transmission of such electronic communication is customarily conducted in accordance with sound business practice, and not due to any method or device adopted to evade this section or to prevent or delay the issuance of an injunction or restraining order with respect to such infringing matter or violating matter. (D)(i)(I) A domain name registrar, a domain name registry, or other domain name registration authority that takes any action described under clause (ii) affecting a domain name shall not be liable for monetary relief or, except as provided in sub clause (II), for injunctive relief, to any person for such action, regardless of whether the domain name is finally determined to infringe or dilute the mark. (II) A domain name registrar, domain name registry, or other domain name registration authority described in sub clause (I) may be subject to injunctive relief only if such registrar, registry, or other registration authority has— (aa) not expeditiously deposited with a court, in which an action has been filed regarding the disposition of the domain name, documents sufficient for the court to establish the court’s control and authority regarding the disposition of the registration and use of the domain name; (bb) transferred, suspended, or otherwise modified the domain name during the pendency of the action, except upon order of the court; or (cc) willfully failed to comply with any such court order. (ii) An action referred to under clause (i) (I) is any action of refusing to register, removing from registration, transferring, temporarily disabling, or permanently canceling a domain name— (I) In compliance with a court order under section 43(d); or (II) In the implementation of a reasonable policy by such registrar, registry, or authority prohibiting the registration of a domain name that is identical to, confusingly similar to, or dilutive of another’s mark. (iii) A domain name registrar, a domain name registry, or other domain name registration authority shall not be liable for damages under this section for the registration or maintenance of a domain name for another absent a showing of bad faith intent to profit from such registration or maintenance of the domain name. (iv) If a registrar, registry, or other registration authority takes an action described under clause (ii) based on a knowing and material misrepresentation by any other person that a domain name is identical to, confusingly similar to, or dilutive of a mark, the person making the knowing and material misrepresentation shall be liable for any damages, including costs and attorney’s fees, incurred by the domain name registrant as a result of such action. The court may also grant injunctive relief to the domain
  12. 12. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3670                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  name registrant, including the reactivation of the domain name or the transfer of the domain name to the domain name registrant. (v) A domain name registrant whose domain name has been suspended, disabled, or transferred under a policy described under clause (ii) (II) may, upon notice to the mark owner, file a civil action to establish that the registration or use of the domain name by such registrant is not unlawful under this Act. The court may grant injunctive relief to the domain name registrant, including the reactivation of the domain name or transfer of the domain name to the domain name registrant. (E) As used in this paragraph—(i) the term “violator” means a person who violates section 43(a); and (ii) The term “violating matter” means matter that is the subject of a violation under section 43(a). (Amended Oct. 9, 1962, 76 Stat. 773; Nov. 16, 1988, 102 Stat. 3943; Oct. 27, 1992, 106 Stat. 3567; Oct. 30, 1998, 112 Stat. 3069; Aug. 5, 1999, 113 Stat. 218; Nov. 29, 1999, 113 Stat. 1501A-549.) TITLE VIII - FALSE DESIGNATIONS OF ORIGIN, FALSE DESCRIPTIONS. AND DILUTION FORBIDDEN §43 (15 U.S.C. §1125). False designations of origin; false description or representation (a) (1) Any person who, on or in connection with any goods or services, or any container for goods, uses in commerce any word, term, name, symbol, or device, or any combination thereof, or any false designation of origin, false or misleading description of fact, or false or misleading representation of fact, which— (A) Is likely to cause confusion, or to cause mistake, or to deceive as to the affiliation, connection, or association of such person with another person, or as to the origin, sponsorship, or approval of his or her goods, services, or commercial activities by another person, or (B) In commercial advertising or promotion, misrepresents the nature, characteristics, qualities, or geographic origin of his or her or another person’s goods, services, or commercial activities, Shall be liable in a civil action by any person who believes that he or she is or is likely to be damaged by such act (2) As used in this subsection, the term “any person” includes any State, instrumentality of a State or employee of a State or instrumentality of a State acting in his or her official capacity. Any State, and any such instrumentality, officer, or employee, shall be subject to the provisions of this Act in the same manner and to the same extent as any nongovernmental entity. (3) In a civil action for trade dress infringement under this Act for trade dress not registered on the principal register, the person who asserts trade dress protection has the burden of proving that the matter sought to be protected is not functional. (b) Any goods marked or labeled in contravention of the provisions of this section shall not be imported into the United States or admitted to entry at any customhouse of the United States. The owner, importer, or consignee of goods refused entry at any customhouse under this section may have any recourse by protest or appeal that is given under the customs revenue laws or may have the remedy given by this Act in cases involving goods refused entry or seized. (c) (1) The owner of a famous mark shall be entitled, subject to the principles of equity and upon such terms as the court deems reasonable, to an injunction against another person’s commercial use in commerce of a mark or trade name, if such use begins after the mark has become famous and causes dilution of the distinctive quality of the mark, and to obtain such other relief as is provided in this subsection. In determining whether a mark is distinctive and famous, a court may consider factors such as, but not limited to— (A) The degree of inherent or acquired distinctiveness of the mark; (B) The duration and extent of use of the mark in connection with the goods or services with which the mark is used; (C) The duration and extent of advertising and publicity of the mark; (D) The geographical extent of the trading area in which the mark is used;
  13. 13. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3671                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  (E) The channels of trade for the goods or services with which the mark is used; (F) The degree of recognition of the mark in the trading areas and channels of trade used by the mark’s owner and the person against whom the injunction is sought; (G) The nature and extent of use of the same or similar marks by third parties; and (H) Whether the mark was registered under the Act of March 3, 1881, or the Act of February 20, 1905, or on the principal register. (2) In an action brought under this subsection, the owner of the famous mark shall be entitled only to injunctive relief as set forth in section 34 unless the person against whom the injunction is sought willfully intended to trade on the owner’s reputation or to cause dilution of the famous mark. If such willful intent is proven, the owner of the famous mark shall also be entitled to the remedies set forth in sections 35(a) and 36, subject to the discretion of the court and the principles of equity. (3) The ownership by a person of a valid registration under the Act of March 3, 1881, or the Act of February 20, 1905, or on the principal register shall be a complete bar to an action against that person, with respect to the mark, that is brought by another person under the common law or a statute of a State and that seeks to prevent dilution of the distinctiveness of a mark, label or form or advertisement. (4) The following shall not be actionable under this section: (A) Fair use of a famous mark by another person in comparative commercial advertising or promotion to identify the competing goods or services of the owner of the famous mark. (B) Noncommercial use of a mark. (C) All forms of news reporting and news commentary. (d)(1)(A) A person shall be liable in a civil action by the owner of a mark, including a personal name which is protected as a mark under this section, if, without regard to the goods or services of the parties, that person— (i) Has a bad faith intent to profit from that mark, including a personal name which is protected as a mark under this section; and (ii) Registers, traffics in, or uses a domain name that— (I) In the case of a mark that is distinctive at the time of registration of the domain name, is identical or confusingly similar to that mark; (II) In the case of a famous mark that is famous at the time of registration of the domain name, is identical or confusingly similar to or dilutive of that mark; or (III) Is a trademark, word, or name protected by reason of section 706 of title 18, United States Code, or section 220506 of title 36, United States Code. (B)(i) In determining whether a person has a bad faith intent described under subparagraph (A), a court may consider factors such as, but not limited to— (I) The trademark or other intellectual property rights of the person, if any, in the domain name; (II) The extent to which the domain name consists of the legal name of the person or a name that is otherwise commonly used to identify that person; (III) The person’s prior use, if any, of the domain name in connection with the bona fide offering of any goods or services; (IV) The person’s bona fide noncommercial or fair use of the mark in a site accessible under the domain name; (V) The person’s intent to divert consumers from the mark owner’s online location to a site accessible under the domain name that could harm the goodwill represented by the mark, either for commercial gain or with the intent to tarnish or disparage the mark, by creating a likelihood of confusion as to the source, sponsorship, affiliation, or endorsement of the site;
  14. 14. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3672                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  (VI) The person’s offer to transfer, sell, or otherwise assign the domain name to the mark owner or any third party for financial gain without having used, or having an intent to use, the domain name in the bona fide offering of any goods or services, or the person’s prior conduct indicating a pattern of such conduct; (VII) The person’s provision of material and misleading false contact information when applying for the registration of the domain name, the person’s intentional failure to maintain accurate contact information, or the person’s prior conduct indicating a pattern of such conduct; (VIII) The person’s registration or acquisition of multiple domain names which the person knows are identical or confusingly similar to marks of others that are distinctive at the time of registration of such domain names, or dilutive of famous marks of others that are famous at the time of registration of such domain names, without regard to the goods or services of the parties; and (IX) The extent to which the mark incorporated in the person’s domain name registration is or is not distinctive and famous within the meaning of subsection (c)(1) of section 43. (ii) Bad faith intent described under subparagraph (A) shall not be found in any case in which the court determines that the person believed and had reasonable grounds to believe that the use of the domain name was a fair use or otherwise lawful. (C) In any civil action involving the registration, trafficking, or use of a domain name under this paragraph, a court may order the forfeiture or cancellation of the domain name or the transfer of the domain name to the owner of the mark. (D) A person shall be liable for using a domain name under subparagraph (A) only if that person is the domain name registrant or that registrant’s authorized licensee. (E) As used in this paragraph, the term “traffics in” refers to transactions that include, but are not limited to, sales, purchases, loans, pledges, licenses, exchanges of currency, and any other transfer for consideration or receipt in exchange for consideration. (2)(A) The owner of a mark may file an in rem civil action against a domain name in the judicial district in which the domain name registrar, domain name registry, or other domain name authority that registered or assigned the domain name is located if— (i) The domain name violates any right of the owner of a mark registered in the Patent and Trademark Office, or protected under subsection (a) or (c); and (ii) The court finds that the owner— (I) Is not able to obtain in personam jurisdiction over a person who would have been a defendant in a civil action under paragraph (1); or (II) Through due diligence was not able to find a person who would have been a defendant in a civil action under paragraph (1) by— (aa) sending a notice of the alleged violation and intent to proceed under this paragraph to the registrant of the domain name at the postal and e-mail address provided by the registrant to the registrar; and (bb) publishing notice of the action as the court may direct promptly after filing the action. (B) The actions under subparagraph (A)(ii) shall constitute service of process. (C) In an in rem action under this paragraph, a domain name shall be deemed to have its sites in the judicial district in which— (i) The domain name registrar, registry, or other domain name authority that registered or assigned the domain name is located; or (ii) Documents sufficient to establish control and authority regarding the disposition of the registration and use of the domain name are deposited with the court. (D)(i) The remedies in an in rem action under this paragraph shall be limited to a court order for the forfeiture or cancellation of the domain name or the transfer of the domain name to the owner of the
  15. 15. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3673                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  mark. Upon receipt of written notification of a filed, stamped copy of a complaint filed by the owner of a mark in a United States district court under this paragraph, the domain name registrar, domain name registry, or other domain name authority shall— (I) Expeditiously deposit with the court documents sufficient to establish the court’s control and authority regarding the disposition of the registration and use of the domain name to the court; and (II) Not transfer, suspend, or otherwise modify the domain name during the pendency of the action, except upon order of the court. (ii) The domain name registrar or registry or other domain name authority shall not be liable for injunctive or monetary relief under this paragraph except in the case of bad faith or reckless disregard, which includes a willful failure to comply with any such court order. (3) The civil action established under paragraph (1) and the in rem action established under paragraph (2), and any remedy available under either such action, shall be in addition to any other civil action or remedy otherwise applicable. (4) The in rem jurisdiction established under paragraph (2) shall be in addition to any other jurisdiction that otherwise exists, whether in rem or in personam. (Amended Nov. 16, 1988, 102 Stat. 3946; Oct. 27, 1992, 106 Stat. 3567; Jan. 16, 1996, 109 Stat. 985; Aug. 5, 1999, 113 Stat. 218; Nov. 29, 1999, 113 Stat. 1501A-545)
  16. 16. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3674                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Monitoring Trademark Infringements Trademark infringement is a threat to a successful product or brand. It not only attacks the direct revenue of the branded product, but also defames the product by offering poor quality products. It causes confusion for customers in choosing appropriate products, thus it is necessary for an individual to monitor these infringements. The following are the guidelines for monitoring trademark infringements:  Check whether the infringement has been caused by a distributor, employee, or customer  Check the third party who is involved in the infringement process  Government authorities should identify the problem in third-party trademark application filings and domain name registrations  Be up to date with the news, articles, and consumer’s comments through which an infringement can be solved in its initial stage  Analyze an infringement with the use of search engines  Make use of trademark infringement monitoring services such as CyberAlert, AdGooroo etc. for detailed monitoring Example: An organization has trademark as “WEED EATER” (successful brand product) and organization X has trademark “weedeater” (Infringer with a poor quality product). An unaware user, in need of a “WEED EATER” product might end up with a “weedeater.”
  17. 17. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3675                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Key Considerations before Investigating Trademark Infringements The following are the key considerations before investigating the trademark infringements:  Look if the trademark owner has it registered or applied for registration in the country where the infringement has occurred  Check if the country is the member of Paris convention or the Madrid protocol  Check the existence and strength of the laws addressing infringement  Look for the availability of adequate and strong enforcement mechanisms  Check whether the trademark is in use in the relevant country or if it is vulnerable to cancellation
  18. 18. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3676                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Steps for Investigating Trademark Infringements Trademark infringement is an illegal action that causes loss of fame and market value to the product. The steps for investigating trademark infringement are as follows:  Check the type of infringement that occurred  Investigate the infringement o Check if the trademark owner has prior rights with the scope of infringement o If the owner has prior rights, look for either a settlement or go for court proceedings o Obtain photographs and video footage outside the subject location i.e. property, area, buildings, signs, etc. o Obtain any available literature, brochures, business cards, and print-outs from any sales software available o Document any promotional program that is in use o Maintain a record of conversations with owner or employees
  19. 19. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3677                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  o Do background research on the subject’s entity - local, county, state, and federal business registrations and licenses o Obtain video footage of on location using hidden cameras  Search for any article or advertisement related to the issue that was published in a newspaper or magazine  Obtain civil, criminal, and family or criminal background on the owners or business  Document the intellectual property of the business or owner  Investigate the history of the registration and license filed in the court  Check conversations with neighboring businesses or residents  Document pending changes that are noted during the investigation  Document and investigate new locations  Keep an updated record of changes in promotional programs for presenting the evidence in the court of law  Monitor changes after the proceedings in the court
  20. 20. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3678                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.                  Copyright Infringement
  21. 21. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3679                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Copyright According to USPTO, “Copyright is a form of protection provided to the authors of “original works of authorship” including literary, dramatic, musical, artistic, and certain other intellectual works, both published and unpublished”. Though not compulsory to include copyright notice for works that are published for the first time after March 1, 1989; it is advisable to include one. The 1976 Copyright Act empowers the owner of copyright to reproduce and distribute the copyrighted work and prepare a derivative of the works. It also gives the owner of the copyright the right to showcase the copyrighted work in public as well as sell, and gives rights of the copyrighted work to others. The owner is also allowed to transfer the copyrighted work to a publication house and charge royalties from them. A copyright notice for visually perceptible copies should have the word “Copyright” followed by the symbol “©”, published date, and name of the author/owner of the entire copyright rights in the published work. Works published before March 1989 required a valid copyright notice to be protected under the laws governing copyright. From March 1st, 1989 the enforcement of copyright notice along with the works published was removed. Works published after this date need not have copyright notice to be protected by the copyright law.
  22. 22. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3680                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Investigating Copyright Status There are three basic ways by which an investigator can investigate the copyright status of a particular work. 1. The first way is by examining the copy of the work to find elements that need to be included in the copyright notice. However, works published after March 1, 1989 need not have copyright notice along with the copyrighted work. So, the investigator has to do extensive research by using easily available tools such as the search engines for checking the status of the copyrighted work. 2. The second way by which the investigator can search for the status of the copyrighted work is by searching the database of the United States Copyright Office. The investigator can visit the URL of the U.S. Copyright office http://www.copyright.gov/records/. This search method is recommended for users who search the database occasionally. The search page is categorized into three categories according to the nature of works. If the investigator wants to search a particular document, he should click on the document tab. For an advanced search the investigator should use Library of Congress information System (LOCIS). The LOCIS usage guide should be read before connecting to LOCIS. LOCIS runs on command prompt. 3. The third way is to approach the United States Copyright Office to do a search for the requested category. After the request is made for a copyright search, the United State Copyright Officials will search the records for a fee of $75 per hour. A typewritten/oral report would be sent depending on the preference of the requester. While investigating, the status changes made under the Copyright Act of 1976, the Berne Convention Implementation Act of 1988, the Copyright Renewal Act of 1992, and the Sonny Bono Copyright Term Extension Act of 1998 must be considered. It is important that the investigator has a clear understanding of these mentioned laws. Overview of LOCIS: Library of Congress information System (LOCIS) is an online utility that helps an investigator/user to search for copyright records. LOCIS runs on a command prompt. There is a link on the web page to connect to LOCIS. Follow the onscreen instructions to search the database of LOCIS. Typing help at the command prompt shows the help screen at any point during the session. Information related to copyright, Braille and audio, and federal legislation can be obtained from the database.
  23. 23. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3681                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   How Long Does a Copyright Last? The duration of a copyright is different for joint works, anonymous works, works that have pseudo names, or for “work for hire” kinds of works. In general, copyrights for works that are published after 1977 are valid for the life span of the author plus another 70 years after his or her death. Works published before 1923 in the USA are in the public domain. Copyrights for works published between 1923 and 1977 have a validity of 95 years from the date of first publication. Validity of copyright for joint works: Works done by two or more authors are called joint works. Validity of the copyright for these works is until the death of the last surviving author of that particular work and the next 70 years beyond. Validity of copyright for anonymous work/ pseudonymous works and “made for hire” works: The validity of copyright is for either for a period of 95 years from the year when the work was published or for a period of 120 years from the year when the work was created. The copyright for such kind of works is valid depending on whichever term expires. Renewal and extension of copyrights for “work for hire” kinds of works is for a term of 67 years by owner request.
  24. 24. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3682                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   U.S. Copyright Office According to www.law.cornell.edu, Article 1, Section 8 of the U.S. Constitution empowers the Congress “To promote the progress of science and useful arts, by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries”. According to http://www.copyright.gov/, ‘The First Congress implemented the Copyright Law in 1790. In 1890 under the guidance of Librarian Ainsworth Rand Spofford, the Library of Congress centralized the copyright functions. In 1897 the U.S Copyright Office came into existence as a separate department of the Library of Congress, with Thorvald Solberg appointed as the first Registrar of Copyrights. The Copyright Office is located at 101 Independence Ave. S.E. in Washington, D.C and employs 500 people.’ Following are the missions of the U.S. Copyright Office:  To govern the copyright law  To create and maintain the public record  To impart technical support to Congress  To offer information service to the public  To serve as a resource to international and domestic communities  To provide support to the Library of Congress
  25. 25. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3683                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   How Are Copyrights Enforced? The former President of the U.S.A., Bill Clinton, signed the Uruguay Round Agreements Act (URAA) on December 8, 1994. Under this agreement, the Notice of Intent to Enforce (NIE) came into existence. According to URAA, the owner of a restored work should notify the reliance parties if there is a plan to enforce copyrights for the particular work. A reliance party is an individual or business who uses the work when the status of the work was in the public domain, prior to the URAA agreement. The URAA directs the owner of a restored work of the right to confront the reliance party directly by providing an actual notice or by providing a constructive notice by filing a Notice of Intent to Enforce (NIE) with the United States Copyright office. A lawsuit can be filed against anyone who has violated the rights of the copyright owner. Infringers who violate the “fair use” doctrine and try to commercialize the work of copyrighted owners by portraying it as their own often have to face a lawsuit filed against them by the owners of the copyrighted work. In this regard, the copyright owner can:  Issue orders to prevent escalation of copyrights  Ask for compensation from the infringer for the damage done  Ask the infringer to pay the attorneys’ fees
  26. 26. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3684                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Copyright Infringement: Plagiarism According to www.hyperdictionary.com, plagiarism “is an act of taking someone's words or ideas as if they were your own.” Plagiarism can prove costly, especially to students. They will be given a failing grade for a particular paper or a class etc. Paraphrasing original ideas without quoting the source is also an act of plagiarism. Examining the writing style, gray letters in the text while making printouts, poor layout formatting style, and references that do not exist on the web or which do not open online, are a few points by which one may conclude that the student has plagiarized his or her work. Paper mills Paper mills are online websites, which provide students with research works, completed documents on particular topics, essays, etc. There are paper mills that are available for free. The source of revenue for these websites is advertisements from various agencies that advertise on these sites. All a student has to do is give a username and email id to retrieve these resources. Following are the links for few paper mills available on the web: 1. http://www.cheathouse.com 2. http://www.essaysonfile.com 3. http://www.gradesaver.com 4. http://www.mightystudents.com
  27. 27. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3685                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Types of Plagiarism Source: http://www.plagiarism.org/ Plagiarism is copyright infringement and committing it is recognized as a crime which has legal punishments. Plagiarism is categorized into various types depending upon their nature: 1. Sources not cited: a. Ghost writing: Entire work taken away from one source, without even altering key words or phrases b. Poor masking: Poor masking is changing the appearance of information by altering keywords or phrases but still the source admin is able to make out that information is taken from the source c. Photo copying: It refers to copying a few portions of information straight from one site without any alteration. d. Pot lucking: Using phrases from many sources, tweaking the sentences so as to fit them together, thus retaining most of the original phrasing (Content assembling) e. Laziness: Working on rewording or paraphrasing without concentrating on self research/original work f. Self plagiarizing: Copying information from previous works thus violating policies, rules, and regulations 2. Sources cited: a. Omitting or misguiding source: Avoiding to cite or misguiding the user to the resource b. Perfect paraphrasing: Perfect paraphrasing is citing the source and avoiding quotation marks for straight away copied information
  28. 28. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3686                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Steps for Plagiarism Prevention Various steps to be followed for the prevention of plagiarism are as follows:  Know in detail the types of plagiarism  Understand the facts and myths about plagiarism  Cite the source if the information is directly taken from it  Quote the information if it cannot be reworded  Learn to paraphrase as it avoids plagiarism to an extent  Be aware of detection tools  Be aware of policies and procedures  Be aware of legal acts (penalties) taken if the information is plagiarized
  29. 29. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3687                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Plagiarism Detection Factors Following are the plagiarism detection factors:  Change of vocabulary: If the vocabulary used by the author differs from the text that is taken into consideration, then it seems that the author has committed plagiarism.  Incoherent text: If the text is not in the proper style and it appears to be written by many people, the text may be entirely plagiarized.  Punctuation: If two texts are taken into consideration and the punctuation marks used in one text are the same as the other, plagiarism is said to be involved in it. It is not possible for two different authors to use the same punctuation marks while writing the text.  Dependence on certain words and phrases: If certain words and phrases are used by one author as well as by another author, then plagiarism is said to be involved, since different authors use various word preferences.  Amount of similarity between texts: If two texts written by various users share large amounts of similar text, then plagiarism must be checked for the texts.  Long sequences of common text: If you find long sequences of common words or phrases in the text, then it implies that the plagiarism is involved.  Similarity in the order of text: If two texts have the same order of words and phrases, then there is a possibility of plagiarism.  Frequency of words: If two texts contain the same frequency of words that is written by various authors, then plagiarism is said to be involved.  Common spelling mistakes: If an independent author makes the same spelling mistakes repetitively as found in another author’s work, it is a sign of plagiarism.  Distribution of words: The distribution of word usage by an independent author appears in the same fashion throughout the document as another’s work.  Syntactic structure of the text: If two texts written by various authors have similar syntactic structure, then plagiarism is said to be involved because different authors use different syntactic rules.  Preference for the use of long/short sentences: If the sentence is long and shows no meaning in the text, then it is believed that the author has combined the sentences copied from another text.
  30. 30. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3688                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Readability of written text: If the same readability is found in the works of two different authors, then plagiarism is said to be involved.  Inadequate reference: If references appear only in the text, but not in the bibliography, then this type of plagiarism is said to be involved.
  31. 31. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3689                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.      Plagiarism Detection Tools
  32. 32. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3690                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Plagiarism Detection Tools There are three categories of plagiarism detection tools: 1. Tools to detect plagiarism in text a. Submit.ac.uk & CopyCatch are available free for higher educational institutions in the U.K b. Even helps in checking plagiarism in works submitted in MS Word, Corel Word Perfect/ documents in text format 2. Tools to detect plagiarism in source code a. JPlag helps in finding similar source code from multiple sets b. CodeMatch claims to have algorithm, which is superior to other tools 3. Tools which assist in the process of such data collection a. BOSS is an online submission system for assessing the work of students from Warwick University's computer science department
  33. 33. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3691                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Turnitin Source: http://www.turnitin.com/ Turnitin is an online plagiarism detection tool mainly targeted at educators and students. Turnitin detects plagiarism by a comparative study of the work submitted to pages available on the Internet and its database. Key features include: 1) Plagiarism prevention: A plagiarism prevention system is a handy tool, which helps in identifying the plagiarized work of students. It is also acts as a deterrent by stopping plagiarism before it starts. 2) Peer review It is a utility that helps students review each other’s work. A peer review assignment is a collection of questions that require answers in the form of an essay. 3) Grademark This tool helps instructors in assessing works submitted by students without much hassle. Instructors can add comments to the submitted work without altering the formatting of the document. 4) Gradebook It is similar to a paper gradebook. Here the instructor can manage assignments and grade students in a more organized manner. 5) Digital portfolio It is an online achieving tool, which helps in tracking student records for academic purposes or for placements.
  34. 34. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3692                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  Figure 42-1: Turnitin Screenshots
  35. 35. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3693                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   CopyCatch Source: http://www.copycatchgold.com/ CopyCatch is gaining popularity in educational institutions and universities because of its immediate response in checking plagiarism. The Internet contains a plethora of information, making plagiarism more complex for teachers to recognize. Recognizing the source of copied material, or detecting similar work done by two students, has become more and more difficult, but CopyCatch provides the solution to the intricacies of plagiarism. CopyCatch’s accuracy in scanning documents enables teachers to detect plagiarized material in a few seconds. CopyCatch supports various formats such as rtf, doc and txt. After checking documents for plagiarism, this utility highlights the changes on the screen and saves them in rtf format. This tool does not require external a registration procedure for staff and students and there are no legal issues related to its usage. There have been advancements in functionality of CopyCatch that permit web-search comparison, zip archive submission, and course/module filtering. CopyCatch serves various purposes such as detection, deterrence, and investigation.
  36. 36. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3694                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  Figure 42-2: CopyCatch Screenshot
  37. 37. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3695                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Copy Protection System (COPS) Source: http://ir.shef.ac.uk/ The COpy Protection System (COPS) is an experimental working prototype of a copy detection system that can be used in a digital library. The COPS part of the project is to detect exact or partial copies of documents in the library due to the ease with which information can be copied and plagiarized. The system is technically referred to as a copy detection service and deals only with copy detection that contains documents in Tex, DVI and Troff format. These documents are converted into ASCII format before registration and similar document detection. The system looks for documents with significant overlap as well as exact copies. These documents are divided into sentences called units, and these sentences are further grouped together to form a series of sentences called chunks. These sentences are stored in a registration server that is simply a large hash table using standard hashing algorithm. These chunks are compared with the other documents to check whether the overlapping is done or not done. If the documents share a pre-set number of sentences then a violation is flagged. The possible violations that can occur between documents include plagiarism of a few sentences, exact replication of the document, and stages in between. Following is the COPS architecture:
  38. 38. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3696                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  Figure 42-3: Working of COpy Protection System (COPS)  SCAM (Stanford Copy Analysis Mechanism) Source: http://ir.shef.ac.uk/ The system is designed for detecting plagiarism, copies, extracts, and strongly similar documents in digital libraries. The main objective for building the system was as a method for supporting the copyright of documents stored in a library to detect cases of unauthorized copying. The main difference between SCAM and COPS is that SCAM is a word-based scheme, whereas COPS was sentence-based. The problem with simply comparing sentences is that partial sentence overlaps are not detected. Functionality of SCAM: Test to ASCII DVI to ASCII Troff to ASCII Sentence identification and hashing Document Processing Query Processing Database
  39. 39. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3697                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  Figure 42-4: Functionality of SCAM The documents are divided into words (units) and these are grouped to form chunks. The chunks are inserted into the repository in an inverted index structure and used to compare with new document arrivals. SCAM uses words as chunks for comparison, allowing the system to detect partial sentence overlap. SCAM uses a derivative of the Vector-Space Model to measure similarity between documents. This is a popular IR technique, and operates by storing the normalized frequency of words within the document as a vector. The vectors are then compared for similarity, using a measure such as the vector- dot product or cosine-similarity measure and a resulting value, if exceeding a pre-defined threshold, is flagged.  CHECK Source: http://ir.shef.ac.uk/ CHECK maintains a database for registered documents in order to compare them with the new document. With the help of Information Retrieval (IR) system, CHECK filters out the probable plagiarism candidates. Later the IR process is applied to sections, subsections, paragraphs, and finally to sentences. Comparison of two documents is mainly based on keywords because they identify the semantic meaning of the document. Computer programs are well structured and preserve the parse tree of the original program, even though changes were done to them. Finding plagiarism in a document is harder because the document protects the semantics of the original. However, it makes more changes when compared to the computer program. CHECK merges the weighted words into the parse tree to capture a better representation that is resistant to simple document modifications. It identifies the LATEX documents at the time of writing. CHECK works in the following ways:  Document Recognition: LATEX recognizer parses the documents and creates a new document tree  Keyword Extraction: IR techniques are used to extract the words. These words explain the semantics of the document. These words are classified into two classes. o Open-class: It consists of nouns, verbs, adjectives, and adverbs o Closed-class: It consists of prepositions, pronouns, conjunctions, and interjections  Generate Structural Characteristics: For each and every document, Structural Characteristic (SC) must be generated. It looks like a document that is mixed with an extracted set of keywords. Web Server Mail Server Bulk Loader Copy detection Engine Chunk er Parse r Postscript, HTML, Word, LaTex documents Mailing lists, Web pages and Netnews
  40. 40. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3698                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   JPlag Source: https://www.ipd.uni-karlsruhe.de/ JPlag detects software plagiarism. It identifies the similarities between a multiple set of code files. It does not compare the bytes of the text. Yet it knows about the programming language syntax and program structure. So, it can easily distinguish the similarities between plagiarized files. Features of JPlag:  It supports programming languages like Java, C and C++. It also supports scheme and natural language texts.  It detects and discourages the copying of student exercise programs, which are not allowed in programming education. It also detects the stolen software parts between source files and texts that are slightly modified.  It is used frequently by expert witnesses for cases based on intellectual property.  It has a powerful graphical interface to display the results. Figure 42-5: JPlag Search Result
  41. 41. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3699                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   VAST Source: http://cise.lsbu.ac.uk/ Visual Analysis of Similar Tool (VAST) offers an interactive visualization of the overlapping of two different documents and highlights the areas that are plagiarized. It is used to investigate the extent and similarity of the text that is detected by the tools like PRAISE. This tool is set to 1000 pixels wide and 800 pixels long, because it displays the image and the documents with ease. VAST needs this space to comfortably display the image and the documents. The amount of space allocated to the various parts of the interface can be adjusted by dragging on the dividing bars. Figure 42-6: VAST Screenshot In the current version the only way to load documents into VAST is to paste them into the upper and lower text windows on the right-hand side of the tool.
  42. 42. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3700                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  Figure 42-7: VAST Screenshot In this image, the upper document was downloaded from the web and the lower document was an assignment submitted by a computing student. Once two documents have been pasted, the type of image can be selected and pressing the Create Image button will start the generation of the image. The default image type is Unsequenced which ignores the sequence in which words common to both documents appear. The alternative is Sequenced which includes this information. However, the sequenced option takes significantly longer to prepare. Two totally identical documents would generate a square image with a single dark band along the prime upper-left, lower-right diagonal. This image indicates that the start of both documents is similar; following which there is some non similar material in the lower document. The two areas mirrored across the diagonal suggest some simple rearrangement of the web upper document in the lower document, following which there is a long similar section. The document ends with some original material in the lower document before another small similar section. Projecting the dark areas onto a horizontal line indicates how much of the upper document appears in the lower one. Likewise, a vertical projection indicates how much of the lower document appears in the upper. The markee, displayed as a red rectangle, can be moved by dragging on the solid rectangle at the top left- hand corner. It can be resized by dragging on the open rectangle in the lower right-hand corner.
  43. 43. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3701                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  Figure 42-8: VAST Screenshot
  44. 44. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3702                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Software Similarity Tester (SIM) Source: http://portal.acm.org/ Software Similarity Tester (SIM) is used to detect the similarity between two computer programs. It is used to detect plagiarism among homework programs. It examines the correctness, style, and uniqueness of the program. It was first developed to detect the similarity between DNA strings. Functionality of the SIM It is implemented with 1780 lines of C++ and 393 lines of TCL/Tk. Each input C source file is passed to the lexical analyzer to generate a compact structure in terms of streams of integers known as tokens. Each token symbolizes either arithmetical or logical operations like a punctuation symbol, a C macro, a keyword, a numeric or string constant, a comment, or an identifier. After the two source files get tokenized, the token stream of the second program is divided into sections. Each section represents the module of the original program and each module gets support with the token stream of the first program separately. This technique enables SIM to detect the similarity even if the positions in the module are changed. By using the following scheme the actual alignment is scored:  a match involving two identifier tokens scores 2; other matches score 1  a gap scores -2  a mismatch involving two identifiers scores 0; other mismatches score -2 The total alignment score is calculated from the individual score for each block and then it is normalized.
  45. 45. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3703                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  Figure 42-9: Working of Software Similarity Tester  Urkund Source: http://www.urkund.com Urkund provides a completely automated system that solves the problem of plagiarism. This works when students submit their documents to the teacher in the form of email. These are checked against three main sources like an Internet web page, published material, and the documents that are presented by the students. If any document appears to be similar to another, then the system will mark this as plagiarism. After checking the documents, an overview of the document is sent to the teacher in the form of an email. Then the teacher makes a decision according to the analysis of the document. The following are the features of Urkund:  Quotation: It exempts the quotations from comparison.  Scalability: It is scalable to handle the peaks that are in use.  Security: It provides safe, physical operational security based on the regularity and reliability of the system. Compatibility: The Urkund system is designed to be easily integrated with other administrative and pedagogical systems like FirstClass, SharePoint, Fronter, Blackboard, and Ping Pong. It handles the documentation of several types of word processors. It also processes 300 different types of files.  WCopyfind Source: http://plagiarism.phys.virginia.edu/ WCopyfind examines a collection of document files. It extracts the text portions of those documents and looks through them for matching words in phrases of a specified minimum length. When it finds two files that share enough words in those phrases, WCopyfind generates html report files. These reports contain the document text with the matching phrases underlined thus helping the user know where the plagiarism is. It can handle text, html, and some word processor files (Microsoft Word documents in the old .doc format, but not the new .doc format). Source File Source File Scanner File1 Token Array File2 Token Array Tokens Tokens Function Separator Program Tokens Function Block Tokens Block Scores Alignment Sigma Normalized Score Output
  46. 46. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3704                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Glatt Source: http://www.plagiarism.com/  The Glatt Plagiarism Screening Program (GPSP) is the first comprehensive computer software program specifically designed for detecting plagiarism. The features of the Glatt plagiarism screening program are as follows:  Easy to use  Time and cost effective  Objective testing  Statistically valid  Complete accountability  Liability safeguard  Deterrent to plagiarists
  47. 47. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3705                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Plagiarism in University Environments: Special Interest Group (PLAGUE) Source: http://www.csse.monash.edu.au/ http://www.csse.monash.edu/ PLAGUE or Plagiarism in University Environments offers a flexible, open, reusable repository of resources assisting students and academics in detecting plagiarism and protecting themselves against it. The following are included while detecting plagiarism:  Comments and layout  Case  Identifier replacement  Program output variations  String/character constant variations  Order of functions, classes  Order of case/if-else branches  Redundant syntax  Lexical token streams  Artificial bias resulting from tight specifications or reusable exercise templates
  48. 48. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3706                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   SPlaT Source: http://splat.cs.arizona.edu/ SPlaT checks all the documents to ensure that there is a similarity between them. After the completion of checking, these documents are reported to the persons to identify if they are truly fraudulent papers or not. It is designed to generate warnings for those who make plagiarized documents. It functions in three modes:  Web spider mode: SplaT crawls through the websites of any department in the organization and downloads the research papers to search for the plagiarism.  Reviewer's workbench mode: SPlaT compares a paper under review to a record of the author's previously published articles extracted from their web site and online article repositories  Author mode: SPlaT allows authors, who are wary of committing self-plagiarism, by reusing one’s own previously published text, by accident, to check a new paper against their previous publications.
  49. 49. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3707                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  Figure 42-10: SPlaT Screenshot Local Search allows you to compare files already downloaded into a directory. Simply select the directory via the Browse button, or enter it manually. Select GO to compare all the files in the specified directory. You will see messages displayed in the log box in the bottom of the screen. When the comparison is complete, a window with the results will be shown.
  50. 50. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3708                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  Figure 42-11: SPlaT Screenshot The results page is launched in a new window. It will show a list of all comparisons that had non-zero overlap. You may sort them alphabetically or by cheat amount. Clicking on any entry will show the two files side by side with the overlaps highlighted. Figure 42-12: SPlaT Screenshot
  51. 51. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3709                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Sherlock: Plagiarism Detector Source: http://www.cs.usyd.edu.au/ Sherlock finds the similarities between textual documents. It uses digital signatures for finding a similar piece of the text in the documents. A digital signature is a number that is formed by turning several words in the input into a series of bits and joining those bits into a number. It works with text files like essays, computer source code files, and assignments that are in digital form. It will even work with Tar files, but not with compressed archives such as Gzipped or Zipped files. It is a command-line program. So, you can run it from an xterm or DOS window. The following commands show the usage of Urkund:  Sherlock *.txt o This compares the text files in the directory and produces a list of files that are similar  Sherlock *.java o This compares the source files in the directory  Sherlock *.java > results.txt o This creates a file called “results.txt” that contains results There are several command-line options to Sherlock:  -t threshold%: This controls how similar files must be before they will be mentioned. Increase this to 50% or higher if you only want to see very similar files. The default is 20%  -z zerobits: This controls the "granularity" of the comparison. The higher this number, the cruder the comparison but the faster it will proceed. The lower this number, the more exact the comparison, but it will be slower, and it may be harder to detect plagiarism because small changes will fool the program into thinking the files are different. The default is 4, but the number can range from 0 to 31.  -n number_of_words: This controls how many words are used to form one digital signature. This also contributes to the granularity of the comparison. A higher number is slower while a lower number is less exact. The default is 3 words, which works fine in most cases.  -o outfile: If using Windows it may be difficult to specify an output file on the command line. Use this option to specify the output file.
  52. 52. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3710                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.    Figure 42-13: Sherlock Screenshots
  53. 53. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3711                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   PRAISE Source: http://cise.lsbu.ac.uk/ PRAISE is an intra-corporal similarity detection and visualization tool. It examines all the documents that are collected and plots them on a tork in a sequence determined by gross non-originality. A group of documents that are associated with a particular document are highlighted. And a pair of documents is selected for further investigation in VAST. It works with plain text files, MS Word, and HTML documents.
  54. 54. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3712                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  Figure 42-14: PRAISE Screenshots
  55. 55. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3713                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   SafeAssignment Source: http://www.safeassignment.com/ SafeAssignment prevents plagiarism and checks for the originality of text in the academic environment. It helps the educators provide an effective solution for checking originality and deterring plagiarism within academia. It works with papers, in which students make use of this technology to find the unoriginal content that includes paraphrases and altered text. It compares the student text with other text, sentence by sentence, in order to determine whether the sentences are taken from the Internet or from its databases. In other words, it creates convenient and easy-to-read reports, where all the unoriginal content is highlighted and is linked to the Internet and its databases. Figure 42.2: Safe Assignment (Source: https://blackboard.uic.edu/) Originality detection process by SafeAssignment: The originality detection process is simple for both faculty and students and entirely automatic once the parameters of plagiarism-checked assignments have been set by instructors. Designed not only for control but also for learning, SafeAssignment can be configured by instructors to let students submit drafts of their papers and view their own SafeAssignment reports, bringing all instances of unintentional
  56. 56. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3714                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  plagiarism to students’ attention. Instructors can also choose if students should be able to submit their papers only once or resubmit them as many times as necessary before the due date. Features:  Powerful Plagiarism Detection Algorithm: SafeAssignment is based on a unique text- matching algorithm that is capable of detecting even inexact matching between a plagiarized paper and its source. This capability makes students learn to cite information sources properly instead of trying to disguise plagiarism by paraphrasing.
  57. 57. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3715                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Close Integration: SafeAssignment integrates all elements of the MyDropBox Suite and automatically checks for plagiarism on all papers submitted via MyDropBox. For example, when an instructor creates a "Safe Assignment," its due date is automatically marked in the online calendars of all students that have to submit the assignment, a corresponding entry in the online Gradebook is created, SafeAssignment originality reports are generated on all submitted papers, and all assignment-related information is archived after the corresponding course is over — all without any instructor or technical staff involvement.  Emphasis on Teaching: SafeAssignment is focused on teaching students to avoid plagiarism rather than on just identifying offenders. SafeAssignment's "Draft Assignment" and "Student Report" features give students an opportunity to submit drafts of their papers for checking and receive SafeAssignment reports highlighting all text that has to be referenced. This learning mode of SafeAssignment can be enabled by instructors and is very effective in preventing unintentional plagiarism.
  58. 58. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3716                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   EVE2 (Essay Verification Engine) Source: http://www.canexus.com/ EVE2 is a very powerful tool that determines if information is plagiarized from the World Wide Web. It accepts essays in plain text, Microsoft Word, or Corel Word Perfect formats and returns links to web pages from which material may have plagiarized. It has been developed to be powerful enough to find plagiarized material while not overwhelming the user with false links. Eve2 performs a large number of complex searches to find material from any Internet site. While it would be technically impossible with today's technology to build a program that could check every website on the entire Internet, EVE2 comes as close as possible by employing the most advanced searching tools available to locate suspect sites. Not only does it find these suspect sites, it then does a direct comparison of the submitted essay to the text appearing on the suspect site. If it finds evidence of plagiarism, the URL is recorded. Once the search is completed, a full report on the papers that containplagiarism, including the percent of the essay plagiarized, and an annotated copy of the paper showing plagiarism highlighted in red is presented to the superior. Processing occurs only when the tool is online and once the processing is finished, it will display a results window automatically. The features of EVE2 are as follows:  It accepts essays in plain text, Microsoft Word, or Corel Word Perfect format and returns links to web pages from which material may have plagiarized  It takes care to not provide a large number of false links  It performs complex searches, which is manually a tough job  It compares the current essay with the text on the site  It records the URL from which the content seems to be plagiarized
  59. 59. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3717                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.  Figure 42.15: EVE2 (Source: http://www.ascilite.org.au/)
  60. 60. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3718                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   iThenticate Source: http://static.ithenticate.com/ iThenticate provides plagiarism prevention services to publishers, corporations, law firms, and other professional establishments around the world. It compares documents to a publications database comprised of over 10,000 major newspapers, magazines, and journals. It is designed to provide service for corporate organizations. Figure 42-16: iThenticate Screenshot
  61. 61. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3719                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited. 
  62. 62. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3720                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Dupli Checker Source: http://www.duplichecker.com/ http://www.duplichecker.com/ is one of the online plagiarism detection tools that is freeware. The following are the instructions for using this online web plagiarism checking software:  Type the phrases or add the article that needs a plagiarism check in the box (space provided)  After choosing the quote or without quote options and the search engine, hit the search button  The new search page will show the results after breaking each sentence automatically against the website pages already indexed  Press the back button to search the next article
  63. 63. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3721                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited. 
  64. 64. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3722                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   http://www.plagiarismdetect.com/ Source: http://www.plagiarismdetect.com/ www.plagiarismdetect.com is a service that offers free online detection of plagiarism. The steps to detect plagiarism are as follows:  Sign up or sign in  Copy and paste your content in the text field or upload a file in such formats as .txt or .doc  Click analyze and the system will compare your text with the data of search engines  The user can look at the results and see a plagiarism percentage, as well as all the links of sources where plagiarism was found
  65. 65. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3723                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   http://www.plagiarism.org.uk/ Source: http://www.plagiarism.org.uk/ www.plagiarism.org.uk is part of the Forensic Linguistics Institute. It is one of the web's longest serving anti-plagiarism sites. Anti-plagiarism checklist:  It does a brief study of the field in which you have undertaken your research  It compares your research aims and the current research profile of the field  It compares your conclusions with what is already publicly available on the Internet  It offers a search for collocations of your keywords  It checks to see that important quotes have been properly referenced  It reports on any extent to which your work appears to infringe on existing works  It issues a certificate reporting the work that is undertaken
  66. 66. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3724                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited. 
  67. 67. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3725                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.      Patent Infringement
  68. 68. Computer Hacking Forensic Investigator Exam 312-49 Investigating Trademark and Copyright Infringement  Module XLIII Page | 3726                                                       Computer Hacking Forensic Investigator Copyright © by EC-Council      All Rights Reserved. Reproduction is Strictly Prohibited.   Patent A patent is a property right granted to the inventor by the Government "to exclude others from making, using, or selling the Invention”. The Patent and Trademark Office issues it. A patent is effective for up to 20 years from the date on which the patent application is filed. According to the patent law, patent is granted on the new article, not on the suggestions that claim to implement those ideas to make the article. Any article, process, or manufacture that claims patent is required to prove its usefulness. According to UCAR office of General Counsel, Patent law says that an invention cannot be patented if: “(a) the invention was known or used by others in this country, or patented or described in a printed publication in this or a foreign country, before the invention thereof by the applicant for patent,” or “(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on sale in this country more than one year prior to the application for patent in the United States.” Types of patents:  Utility patent - granted to an individual who discovers or invents a new machine, process, useful composition of matter, or manufactured item. For example: o Process: fraction distillation of petroleum o Manufactured item: paper, calculator o Composition of matter: alloys, drugs o Machine: motorbike, car  Design Patent: Design patent is granted to the individuals who invent a new original design for an article to be manufactured. It protects the appearance of an article. For example: computer cabinet, container.  Plant Patents: According to www.ipwatchdog.com, ‘Plant patents may be granted to an individual who invents, discovers, or asexually reproduces a new variety of plant’.

×