SlideShare a Scribd company logo

Cyber crime and forensic

Download as PPT, PDF
SANTANU KUMAR DAS
SANTANU KUMAR DAS
Technology
1 of 43
CYBER CRIME & FORENSICS Presented By Saisha sukla (u112105) Samikhya Joshi (u112106) Santanu Kumar Das (u112107) Satyanarayana Das (u112108)
Introduction to Cybercrime  Computer or computer networks are used as a tool or a target or a place of criminal activity.  First recorded cyber crime took place in the year 1820 in France.  Unauthorized access to computer systems, data destruction, data alteration, theft of intellectual property.  Most important revenue sector for global organized crime.
How it differs from terrestrial crime?  easy to learn how to commit  require few resources relative to the potential damage caused  can be committed in a jurisdiction without being physically present in it  are often not clearly illegal
Types of Cybercrime • Hacking • Financial crimes • Phishing • Sale of illegal articles • Software Piracy • Intellectual Property crimes • Cyber Stalking • Forgery • Denial of Service • Cyber Defamation
Hacking • The actual word is “Cracking” and not “Hacking”. • "Deliberately gaining unauthorized access to an information system.“ • They help the government to protect national documents of strategic importance, help organizations to protect documents and company secrets, • A Cracker breaks into someone else's computer system, often on a network, bypasses passwords or licenses in computer programs or in other ways intentionally breaches computer security. • But with time , both the word are used interchangeably.
Phishing Acquiring information such as usernames, password and credit card details by disguising as a trustworthy entity. India is among the top 15 countries hosting "phishing" sites which aims at stealing confidential information such as passwords and credit card details.
Cyber Stalking Cyber stalking is use of the Internet or other electronic means to stalk someone. This term is used interchangeably with online harassment and online abuse. Denial of Service •floods the bandwidth of the victim’s network •fills his e-mail box with spam mail •deprives him of the services he is entitled to access or provide •uses a technique called spoofing and buffer overflow
Software Piracy • illegal copying of genuine programs • counterfeiting and distribution of products Examples of software piracy End user copying Hard disk loading Counterfeiting Illegal downloads from the Internet
Virus Dissemination •A program that can ‘infect’ other legitimate programs by modifying them to include a possibly ‘evolved’ copy of itself. •Viruses can spread themselves, without the knowledge or permission of the users, to potentially large numbers of programs on many machines. Typical action of a virus •Erase files •Scramble data on a hard disk •Cause erratic screen behavior •Halt the PC •Just replicate itself!
Cybercriminals
Motivating factors for Cybercrimes  The challenge….. “because it’s there!”  Ego  Espionage  Ideology  Mischief  Money (Extortion or Theft) Revenge
Cost of Cyber crime in India In India in 2010  29.9 million people fell victim to cyber crime  $ 4 billion in direct losses  $ 3.6 billion in time spent to resolve crimes  80% of cyber users have been a victim of cyber crime  17% of adults online have experienced cybercrime on their mobile phone Source : Nortan Cyber Crime Report2011
Why India?  A rapidly growing online user  121 million internet users  65 million active internet users, up 28% from 51 million in 2010  50 million users shop online on ecommerce and online shopping sites  46+ million social network users  346 million mobile users had subscribed to data packages Source : IAMAI; Juxt; wearesocial 2011
Combating Cybercrimes  Technological measures: Public key cryptography, Digital signatures ,Firewalls, honey pots  Cyber investigation: Computer forensics is the process of identifying, preserving, analyzing and presenting digital evidence in a manner that is legally acceptable in courts of law. These rules of evidence include admissibility (in courts), authenticity (relation to incident), completeness, reliability and believability.  Legal framework-laws & enforcement
International Legislation Initiatives  OECD 1983 – research in criminal law problems of computer related crimes 1992 – Guidelines for the security of information systems  G8 1997 – Subgroup of High – Tech Crime  OAS 1999 – Established a group of government experts on cyber crime  APEC 2002 – commitment to enact a comprehensive set of laws relating to cyber security and cyber crime
International Legislation Initiatives  ASEAN and China 2003 – Formulate cooperative and emergency response procedures for enhancing cyber security and combating cyber crime  United Nations 1998-2000 – Resolution on developments in the field of Information and Telecommunication in the context of International security 2003 – Resolutions on combating the criminal misuse of Information Technology & on the creation of a global culture of cyber security.  Europe union 2003-2005 – Council framework decision on attacks against information system
What about the law? (Indian perspective) Information Technology Act (Amendment) Act 2008 – Chapter XI  65 – Tempering with computer source documents  66 – Computer related offences  66A – punishment for sending offensive messages through communication services etc.  66B – Punishment for dishonestly receiving stolen computer resources or communication devices  66C – Punishment for identity theft  66D – Punishment for cheating by personation by using computer device  66E – Punishment for violation of privacy  66F – punishment for cyber terrorism  67 – punishment for publishing or transmitting obscene material in electronic form
Major Objectives  Create effective cyber crime laws  Develop acceptable practices for search and seizure  Handle jurisdiction issues  Cooperate in international investigations  Establish effective public/private sector interaction
Safety tips to avoid Cybercrime  Use anti-virus software and firewalls  Don't share access to your - keep them up to date computers with strangers  Keep your operating system up to  If you have a Wi-Fi network, date with critical security updates and password protect it patches  Disconnect from the Internet  Don't open emails or attachments when not in use from unknown sources  Reevaluate your security on a  Use hard-to-guess passwords. Don’t regular basis use words found in a dictionary. Remember that password cracking  Make sure your employees and tools exist family members know this info too!  Back-up your computer data on disks or CDs often
Prominent news for Cyber crimes  Kevin Mitnick’s (“Condor”) hacking spree cost high-tech companies at least $ 291.8 million over a two year span before his capture  David L. Smith, a31 year old programmer ,pleaded guilty to creating the Melissa virus and using an ex-rated web site to spread it through cyberspace, causing $80 million damages.  Four high school Kids hacked into a Bay Area internet server and used stolen credit card number to order computer equipment: $200k  A temporary employer broke into Forbes, computers, caused a computer crash, that cost Forbes $100,000 to restore
Case study 1 The Chennai city police have busted an international gang involved in cyber crime, with arrest of Deepak Prem Manwani (22), who was caught red handed while breaking into an ATM in the city. The dimensions of the city cops’ achievement can be gauged from the fact that they have netted a man who is on the wanted list of formidable FBI of US. At the time of his detention, he had with him Rs 7.5 lakhs knocked off from two ATMs in T Nagar and Abiramipuram in the city. Prior to that, he had walked away with Rs 50,000 from an ATM in Mumbai. While investigating it was found that his audacious crime career started in the internet café. While browsing the net one day, he got attracted to a site which offered him assistance in breaking into the ATMs
Case study 1 His contacts sitting some where in Europe were ready to give him credit card numbers of few American banks for $5 per card. This site also offered the magnetic codes of these cards, but charged $200 per code. The operators of the site had devised a fascinating idea to get the PIN of the card users. They floated a new site which resembled that of a reputed telecom company. That company has millions of subscribers. The fake site offered the visitors to return $11.75 per head which, the site promoters said, had been collected in excess by mistake from them. Believing that it was a genuine offer from the telecom company in question, several lakh subscribers logged on the site to get back the little money. But in the process parted with their PINs
Case study 1 Armed with all requisite data to hack the bank ATMs, the gang started its systematic looting. Apparently Manwani and many others of his group entered into a deal with the gang behind the site and could purchase any amount of data. Meanwhile, Manwani also managed to generate 30 plastic cards that contained necessary data to enable him to break into ATMs. He was so enterprising that he was able to sell away a few such cards to his contacts in Mumbai. On receipt of large scale complaints from the billed credit card users and banks in the US, the FBI started investigation into the affair and also alerted the CBI Manwani has since been enlarged on bail after interrogation by CBI. But the city police believe that this is the beginning of a major cyber crime.
Case study 2 In 1988 Robert Morris, Jr. a 23 year old graduate student in computer science at Cornell and the son of a NSA computer security expert, wrote an experimental, self replicating, self-propagating program called a worm (99 lines of code) and injected into the internet. He choose to release it from MIT, to disguise the fact that the warm came from Cornell. 60,000 computer site at university sites, hospitals, research facilities, corporations and govt. institutions were affected; the estimated cost of dealing with the worms ranged from $200 to $50,000 for each site. Morris was convicted of violating the computer fraud and Abuse Act; he received 3 years probation, 400 hours of community service and a fine of $10050
Next steps
A final word Treat your password like you treat your tooth brush. Never give to any one else to use, and change it every few months.
CYBER FORENSICS
FORENSICS  Forensic Science or forensic is the application of broad spectrum of sciences to answer to questions related to legal system, may be for crime or civil actions.  The use of science and technology to investigate and establish facts in criminal or civil courts of law.
COMPUTER FORENSICS Goal of computer forensics is to examine digital media in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing and presenting facts and opinions about the information.
HISTORY  Michael Anderson “Father of computer forensics” special agent with IRS  Meeting in 1988 (Portland, Oregon) creation of IACIS, the International Association of Computer Investigative Specialists the first Seized Computer Evidence Recovery Specialists (SCERS) classes held
WHY?  The main task or the advantage from the computer forensic is to catch the culprit or the criminal who is involved in the crime related to the computers.  Computer forensics has emerged as important part in the disaster recovery management  Ability to search through a massive amount of data- Quickly, Thoroughly and In any language  The importance lies mainly in handling criminal actions such as fraud, phishing, identity theft or many other criminal activities
WHO USES FORENSICS  Criminal Prosecutors  Civil litigators  Insurance Companies  Corporations  Law Enforcement Officials  Individuals
What cyber forensics aims at?  Identify root cause of an event to ensure it won’t happen again – Must understand the problem before you can be sure it won’t be exploited again.  • Who was responsible for the event?  • Most computer crime cases are not prosecuted – Consider acceptability in court of law as our standard for investigative practice. – Ultimate goal is to conduct investigation in a manner that will stand up to legal scrutiny. – Treat every case like a court case!
STEPS FOR COMPUTER FORENSICS: Acquisition Identification Evaluation Presentation
1) Shut Down the Computer 2) Document the Hardware Configuration of The System 3) Transport the Computer System to A Secure Location 4) Make Bit Stream Backups of Hard Disks and Floppy Disks 5) Mathematically Verify Data on All Storage Devices 6) Document the System Date and Time METHEDOLOGY: 7) Make a List of Key Search Words 8) Evaluate the Windows Swap File 9) Evaluate File Slack 10) Evaluate Unallocated Space (Erased Files) 11) Search Files, File Slack and Unallocated Space for Key Words 12) Document File Names, Dates and Times 13) Identify File, Program and Storage Anomalies 14) Evaluate Program Functionality 15) Document Your Findings
EVIDENCES: Forensics involves collection of evidences as an important part for investigation. 5 rules of evidences: 1) Admissible Must be able to be used in court or elsewhere. 1) Authentic Evidence relates to incident in relevant way. 1) Complete Exculpatory evidence for alternative suspects. 1) Reliable No question about authenticity & veracity. 1) Believable Clear, easy to understand, and believable by a jury.
TOP 10 LOCATION FOR EVIDENCE 1) Internet History Files 2) Temporary Internet Files 3) Slack/Unallocated Space 4) Buddy lists, personal chat room records, P2P, others saved areas 5) News groups/club lists/posting 6) Settings, folder structure, file names 7) File Storage Dates 8) Software/Hardware added 9) File Sharing ability 10) E-mails
TOOLS AND TECHNIQUES  There are two types of computer data 1. Persistent data 2. Volatile data  There are different tools used to collect data  An essential toolkit should contain-backup, authentication, decryption, disk editing, log file auditing, IP tracking, data recovery, and file examination.  Tools used depend on what data has to be analyzed
Some common tools:  Drivespy  Encase  Forensic tool kit  I Look  Norton utilies  Xways
TECHNIQUES: Cross Drive Analysis Deleted files analysis Live analysis
DISADVANTAGES  It may happen in some cases that the privacy of the client is compromised.  There are also the chances of introduction of some malicious programs in the computer system that may corrupt the data at a later stage of time.  It is also possible that the data is in dispute and neither of the disputing parties can use the data. Due to this reason the business operations may also be affected.  Producing electronic records & preserving them is extremely costly  Legal practitioners must have extensive computer knowledge and vice versa
THANK YOU

Recommended

Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics sunanditaAnand
 
Cybercrime investigation
Cybercrime investigationCybercrime investigation
Cybercrime investigationProf. (Dr.) Tabrez Ahmad
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Difference between Cyber and digital Forensic.pptx
Difference between Cyber and digital Forensic.pptxDifference between Cyber and digital Forensic.pptx
Difference between Cyber and digital Forensic.pptxApplied Forensic Research Sciences
 
Cyber Crime Investigation
Cyber Crime InvestigationCyber Crime Investigation
Cyber Crime InvestigationHarshita Ved
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 
Investigation of a cyber crime
Investigation of a cyber crimeInvestigation of a cyber crime
Investigation of a cyber crimeatuljaybhaye
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsRoberto Ellis
 

Recommended

Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics sunanditaAnand
 
Cybercrime investigation
Cybercrime investigationCybercrime investigation
Cybercrime investigationProf. (Dr.) Tabrez Ahmad
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptPriya Manik
 
Difference between Cyber and digital Forensic.pptx
Difference between Cyber and digital Forensic.pptxDifference between Cyber and digital Forensic.pptx
Difference between Cyber and digital Forensic.pptxApplied Forensic Research Sciences
 
Cyber Crime Investigation
Cyber Crime InvestigationCyber Crime Investigation
Cyber Crime InvestigationHarshita Ved
 
mobile forensic.pptx
mobile forensic.pptxmobile forensic.pptx
mobile forensic.pptxAmbuj Kumar
 
Investigation of a cyber crime
Investigation of a cyber crimeInvestigation of a cyber crime
Investigation of a cyber crimeatuljaybhaye
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsRoberto Ellis
 
Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDr Raghu Khimani
 
Cyber crime defination, meaning and history
Cyber crime defination, meaning and historyCyber crime defination, meaning and history
Cyber crime defination, meaning and historygururaj lulkarni
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics pptNikhil Mashruwala
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensicspranjal dutta
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime pptRitesh Thakur
 
Computer Forensics ppt
Computer Forensics pptComputer Forensics ppt
Computer Forensics pptOECLIB Odisha Electronics Control Library
 
Digital investigation
Digital investigationDigital investigation
Digital investigationunnilala11
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsMithileysh Sathiyanarayanan
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber CrimeAvinash Rajput
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeSanket Gogoi
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensicsprimeteacher32
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic toolsSonu Sunaliya
 
Email investigation
Email investigationEmail investigation
Email investigationAnimesh Shaw
 
Digital Forensic Case Study
Digital Forensic Case StudyDigital Forensic Case Study
Digital Forensic Case StudyMyAssignmenthelp.com
 
What is malware
What is malwareWhat is malware
What is malwareMalcolm York
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1Manu Mathew Cherian
 
Spoofing Techniques
Spoofing TechniquesSpoofing Techniques
Spoofing TechniquesRaza_Abidi
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2Manu Mathew Cherian
 
Network forensics and investigating logs
Network forensics and investigating logsNetwork forensics and investigating logs
Network forensics and investigating logsanilinvns
 
Digital forensics
Digital forensicsDigital forensics
Digital forensicsyash sawarkar
 
Smart Card Security
Smart Card SecuritySmart Card Security
Smart Card SecurityPrav_Kalyan
 
Smart card system ppt
Smart card system ppt Smart card system ppt
Smart card system ppt Dewanshu Haswani
 

More Related Content

What's hot

Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDr Raghu Khimani
 
Cyber crime defination, meaning and history
Cyber crime defination, meaning and historyCyber crime defination, meaning and history
Cyber crime defination, meaning and historygururaj lulkarni
 
Digital investigation
Digital investigationDigital investigation
Digital investigationunnilala11
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic toolsSonu Sunaliya
 
Email investigation
Email investigationEmail investigation
Email investigationAnimesh Shaw
 
Spoofing Techniques
Spoofing TechniquesSpoofing Techniques
Spoofing TechniquesRaza_Abidi
 
Network forensics and investigating logs
Network forensics and investigating logsNetwork forensics and investigating logs
Network forensics and investigating logsanilinvns
 

What's hot (20)

Digital Evidence by Raghu Khimani
Digital Evidence by Raghu KhimaniDigital Evidence by Raghu Khimani
Digital Evidence by Raghu Khimani
 
Cyber crime defination, meaning and history
Cyber crime defination, meaning and historyCyber crime defination, meaning and history
Cyber crime defination, meaning and history
 
Computer forensics ppt
Computer forensics pptComputer forensics ppt
Computer forensics ppt
 
Cyber forensics
Cyber forensicsCyber forensics
Cyber forensics
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime ppt
 
Computer Forensics ppt
Computer Forensics pptComputer Forensics ppt
Computer Forensics ppt
 
Digital investigation
Digital investigationDigital investigation
Digital investigation
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Mobile Forensics
Mobile ForensicsMobile Forensics
Mobile Forensics
 
cyber security and forensic tools
cyber security and forensic toolscyber security and forensic tools
cyber security and forensic tools
 
Email investigation
Email investigationEmail investigation
Email investigation
 
Digital Forensic Case Study
Digital Forensic Case StudyDigital Forensic Case Study
Digital Forensic Case Study
 
What is malware
What is malwareWhat is malware
What is malware
 
Cyber Forensics Module 1
Cyber Forensics Module 1Cyber Forensics Module 1
Cyber Forensics Module 1
 
Spoofing Techniques
Spoofing TechniquesSpoofing Techniques
Spoofing Techniques
 
Cyber Forensics Module 2
Cyber Forensics Module 2Cyber Forensics Module 2
Cyber Forensics Module 2
 
Network forensics and investigating logs
Network forensics and investigating logsNetwork forensics and investigating logs
Network forensics and investigating logs
 
Digital forensics
Digital forensicsDigital forensics
Digital forensics
 

Viewers also liked

Smart Card Security
Smart Card SecuritySmart Card Security
Smart Card SecurityPrav_Kalyan
 
Firewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
Firewall, Trusted Systems,IP Security ,ESP Encryption and AuthenticationFirewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
Firewall, Trusted Systems,IP Security ,ESP Encryption and AuthenticationGopal Sakarkar
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensicsRahul Baghla
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentationSomya Johri
 

Viewers also liked (7)

Smart Card Security
Smart Card SecuritySmart Card Security
Smart Card Security
 
Smart card system ppt
Smart card system ppt Smart card system ppt
Smart card system ppt
 
Firewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
Firewall, Trusted Systems,IP Security ,ESP Encryption and AuthenticationFirewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
Firewall, Trusted Systems,IP Security ,ESP Encryption and Authentication
 
Computer +forensics
Computer +forensicsComputer +forensics
Computer +forensics
 
Smart card
Smart cardSmart card
Smart card
 
Trusted systems
Trusted systemsTrusted systems
Trusted systems
 
Computer forensics powerpoint presentation
Computer forensics powerpoint presentationComputer forensics powerpoint presentation
Computer forensics powerpoint presentation
 

Similar to Cyber crime and forensic

Cybercrimeandforensic 120828021931-phpapp02
Cybercrimeandforensic 120828021931-phpapp02Cybercrimeandforensic 120828021931-phpapp02
Cybercrimeandforensic 120828021931-phpapp02Gol D Roger
 
cybersecurityawareness-presentation-170627121043.pdf
cybersecurityawareness-presentation-170627121043.pdfcybersecurityawareness-presentation-170627121043.pdf
cybersecurityawareness-presentation-170627121043.pdfssuserd25aae
 
Cyber security awareness presentation
Cyber security awareness presentationCyber security awareness presentation
Cyber security awareness presentationAshokkumar Gnanasekar
 
Cyber crime and laws
Cyber crime and lawsCyber crime and laws
Cyber crime and lawsAjnish Rana
 
Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010Vicky Shah
 
Cyber Crime and Security ppt by Neeraj Ahirwar
Cyber Crime and Security ppt by Neeraj AhirwarCyber Crime and Security ppt by Neeraj Ahirwar
Cyber Crime and Security ppt by Neeraj AhirwarNeeraj Ahirwar
 
Cyber crime ✔
Cyber crime ✔Cyber crime ✔
Cyber crime ✔hubbysoni
 
Cyber Security in Society
Cyber Security in SocietyCyber Security in Society
Cyber Security in SocietyRubal Sagwal
 
Cybercrime
CybercrimeCybercrime
CybercrimeSERCOD
 
cyber crime
cyber crimecyber crime
cyber crimeMukund10
 
Cyber crime & security final tapan
Cyber crime & security final tapanCyber crime & security final tapan
Cyber crime & security final tapanTapan Khilar
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securityMuhammad Hamza
 
Cyber Law and Cyber Crime
Cyber Law and Cyber CrimeCyber Law and Cyber Crime
Cyber Law and Cyber CrimeSyangba132
 

Similar to Cyber crime and forensic (20)

Cybercrimeandforensic 120828021931-phpapp02
Cybercrimeandforensic 120828021931-phpapp02Cybercrimeandforensic 120828021931-phpapp02
Cybercrimeandforensic 120828021931-phpapp02
 
cybersecurityawareness-presentation-170627121043.pdf
cybersecurityawareness-presentation-170627121043.pdfcybersecurityawareness-presentation-170627121043.pdf
cybersecurityawareness-presentation-170627121043.pdf
 
Cyber security awareness presentation
Cyber security awareness presentationCyber security awareness presentation
Cyber security awareness presentation
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber crime and laws
Cyber crime and lawsCyber crime and laws
Cyber crime and laws
 
Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010Cyber Security Awareness at Dadar April 25, 2010
Cyber Security Awareness at Dadar April 25, 2010
 
Cyber Crime and Security ppt by Neeraj Ahirwar
Cyber Crime and Security ppt by Neeraj AhirwarCyber Crime and Security ppt by Neeraj Ahirwar
Cyber Crime and Security ppt by Neeraj Ahirwar
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber crime ✔
Cyber crime ✔Cyber crime ✔
Cyber crime ✔
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber Security in Society
Cyber Security in SocietyCyber Security in Society
Cyber Security in Society
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
cyber crime
cyber crimecyber crime
cyber crime
 
Cyber crime & security final tapan
Cyber crime & security final tapanCyber crime & security final tapan
Cyber crime & security final tapan
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
Cyber crime
Cyber crime Cyber crime
Cyber crime
 
Cyber Law and Cyber Crime
Cyber Law and Cyber CrimeCyber Law and Cyber Crime
Cyber Law and Cyber Crime
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 

Recently uploaded

Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 

Recently uploaded (20)

Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 

Cyber crime and forensic

  • 1. CYBER CRIME & FORENSICS Presented By Saisha sukla (u112105) Samikhya Joshi (u112106) Santanu Kumar Das (u112107) Satyanarayana Das (u112108)
  • 2. Introduction to Cybercrime  Computer or computer networks are used as a tool or a target or a place of criminal activity.  First recorded cyber crime took place in the year 1820 in France.  Unauthorized access to computer systems, data destruction, data alteration, theft of intellectual property.  Most important revenue sector for global organized crime.
  • 3. How it differs from terrestrial crime?  easy to learn how to commit  require few resources relative to the potential damage caused  can be committed in a jurisdiction without being physically present in it  are often not clearly illegal
  • 4. Types of Cybercrime • Hacking • Financial crimes • Phishing • Sale of illegal articles • Software Piracy • Intellectual Property crimes • Cyber Stalking • Forgery • Denial of Service • Cyber Defamation
  • 5. Hacking • The actual word is “Cracking” and not “Hacking”. • "Deliberately gaining unauthorized access to an information system.“ • They help the government to protect national documents of strategic importance, help organizations to protect documents and company secrets, • A Cracker breaks into someone else's computer system, often on a network, bypasses passwords or licenses in computer programs or in other ways intentionally breaches computer security. • But with time , both the word are used interchangeably.
  • 6. Phishing Acquiring information such as usernames, password and credit card details by disguising as a trustworthy entity. India is among the top 15 countries hosting "phishing" sites which aims at stealing confidential information such as passwords and credit card details.
  • 7. Cyber Stalking Cyber stalking is use of the Internet or other electronic means to stalk someone. This term is used interchangeably with online harassment and online abuse. Denial of Service •floods the bandwidth of the victim’s network •fills his e-mail box with spam mail •deprives him of the services he is entitled to access or provide •uses a technique called spoofing and buffer overflow
  • 8. Software Piracy • illegal copying of genuine programs • counterfeiting and distribution of products Examples of software piracy End user copying Hard disk loading Counterfeiting Illegal downloads from the Internet
  • 9. Virus Dissemination •A program that can ‘infect’ other legitimate programs by modifying them to include a possibly ‘evolved’ copy of itself. •Viruses can spread themselves, without the knowledge or permission of the users, to potentially large numbers of programs on many machines. Typical action of a virus •Erase files •Scramble data on a hard disk •Cause erratic screen behavior •Halt the PC •Just replicate itself!
  • 11. Motivating factors for Cybercrimes  The challenge….. “because it’s there!”  Ego  Espionage  Ideology  Mischief  Money (Extortion or Theft) Revenge
  • 12. Cost of Cyber crime in India In India in 2010  29.9 million people fell victim to cyber crime  $ 4 billion in direct losses  $ 3.6 billion in time spent to resolve crimes  80% of cyber users have been a victim of cyber crime  17% of adults online have experienced cybercrime on their mobile phone Source : Nortan Cyber Crime Report2011
  • 13. Why India?  A rapidly growing online user  121 million internet users  65 million active internet users, up 28% from 51 million in 2010  50 million users shop online on ecommerce and online shopping sites  46+ million social network users  346 million mobile users had subscribed to data packages Source : IAMAI; Juxt; wearesocial 2011
  • 14. Combating Cybercrimes  Technological measures: Public key cryptography, Digital signatures ,Firewalls, honey pots  Cyber investigation: Computer forensics is the process of identifying, preserving, analyzing and presenting digital evidence in a manner that is legally acceptable in courts of law. These rules of evidence include admissibility (in courts), authenticity (relation to incident), completeness, reliability and believability.  Legal framework-laws & enforcement
  • 15. International Legislation Initiatives  OECD 1983 – research in criminal law problems of computer related crimes 1992 – Guidelines for the security of information systems  G8 1997 – Subgroup of High – Tech Crime  OAS 1999 – Established a group of government experts on cyber crime  APEC 2002 – commitment to enact a comprehensive set of laws relating to cyber security and cyber crime
  • 16. International Legislation Initiatives  ASEAN and China 2003 – Formulate cooperative and emergency response procedures for enhancing cyber security and combating cyber crime  United Nations 1998-2000 – Resolution on developments in the field of Information and Telecommunication in the context of International security 2003 – Resolutions on combating the criminal misuse of Information Technology & on the creation of a global culture of cyber security.  Europe union 2003-2005 – Council framework decision on attacks against information system
  • 17. What about the law? (Indian perspective) Information Technology Act (Amendment) Act 2008 – Chapter XI  65 – Tempering with computer source documents  66 – Computer related offences  66A – punishment for sending offensive messages through communication services etc.  66B – Punishment for dishonestly receiving stolen computer resources or communication devices  66C – Punishment for identity theft  66D – Punishment for cheating by personation by using computer device  66E – Punishment for violation of privacy  66F – punishment for cyber terrorism  67 – punishment for publishing or transmitting obscene material in electronic form
  • 18. Major Objectives  Create effective cyber crime laws  Develop acceptable practices for search and seizure  Handle jurisdiction issues  Cooperate in international investigations  Establish effective public/private sector interaction
  • 19. Safety tips to avoid Cybercrime  Use anti-virus software and firewalls  Don't share access to your - keep them up to date computers with strangers  Keep your operating system up to  If you have a Wi-Fi network, date with critical security updates and password protect it patches  Disconnect from the Internet  Don't open emails or attachments when not in use from unknown sources  Reevaluate your security on a  Use hard-to-guess passwords. Don’t regular basis use words found in a dictionary. Remember that password cracking  Make sure your employees and tools exist family members know this info too!  Back-up your computer data on disks or CDs often
  • 20. Prominent news for Cyber crimes  Kevin Mitnick’s (“Condor”) hacking spree cost high-tech companies at least $ 291.8 million over a two year span before his capture  David L. Smith, a31 year old programmer ,pleaded guilty to creating the Melissa virus and using an ex-rated web site to spread it through cyberspace, causing $80 million damages.  Four high school Kids hacked into a Bay Area internet server and used stolen credit card number to order computer equipment: $200k  A temporary employer broke into Forbes, computers, caused a computer crash, that cost Forbes $100,000 to restore
  • 21. Case study 1 The Chennai city police have busted an international gang involved in cyber crime, with arrest of Deepak Prem Manwani (22), who was caught red handed while breaking into an ATM in the city. The dimensions of the city cops’ achievement can be gauged from the fact that they have netted a man who is on the wanted list of formidable FBI of US. At the time of his detention, he had with him Rs 7.5 lakhs knocked off from two ATMs in T Nagar and Abiramipuram in the city. Prior to that, he had walked away with Rs 50,000 from an ATM in Mumbai. While investigating it was found that his audacious crime career started in the internet café. While browsing the net one day, he got attracted to a site which offered him assistance in breaking into the ATMs
  • 22. Case study 1 His contacts sitting some where in Europe were ready to give him credit card numbers of few American banks for $5 per card. This site also offered the magnetic codes of these cards, but charged $200 per code. The operators of the site had devised a fascinating idea to get the PIN of the card users. They floated a new site which resembled that of a reputed telecom company. That company has millions of subscribers. The fake site offered the visitors to return $11.75 per head which, the site promoters said, had been collected in excess by mistake from them. Believing that it was a genuine offer from the telecom company in question, several lakh subscribers logged on the site to get back the little money. But in the process parted with their PINs
  • 23. Case study 1 Armed with all requisite data to hack the bank ATMs, the gang started its systematic looting. Apparently Manwani and many others of his group entered into a deal with the gang behind the site and could purchase any amount of data. Meanwhile, Manwani also managed to generate 30 plastic cards that contained necessary data to enable him to break into ATMs. He was so enterprising that he was able to sell away a few such cards to his contacts in Mumbai. On receipt of large scale complaints from the billed credit card users and banks in the US, the FBI started investigation into the affair and also alerted the CBI Manwani has since been enlarged on bail after interrogation by CBI. But the city police believe that this is the beginning of a major cyber crime.
  • 24. Case study 2 In 1988 Robert Morris, Jr. a 23 year old graduate student in computer science at Cornell and the son of a NSA computer security expert, wrote an experimental, self replicating, self-propagating program called a worm (99 lines of code) and injected into the internet. He choose to release it from MIT, to disguise the fact that the warm came from Cornell. 60,000 computer site at university sites, hospitals, research facilities, corporations and govt. institutions were affected; the estimated cost of dealing with the worms ranged from $200 to $50,000 for each site. Morris was convicted of violating the computer fraud and Abuse Act; he received 3 years probation, 400 hours of community service and a fine of $10050
  • 26. A final word Treat your password like you treat your tooth brush. Never give to any one else to use, and change it every few months.
  • 28. FORENSICS  Forensic Science or forensic is the application of broad spectrum of sciences to answer to questions related to legal system, may be for crime or civil actions.  The use of science and technology to investigate and establish facts in criminal or civil courts of law.
  • 29. COMPUTER FORENSICS Goal of computer forensics is to examine digital media in a forensically sound manner with the aim of identifying, preserving, recovering, analyzing and presenting facts and opinions about the information.
  • 30. HISTORY  Michael Anderson “Father of computer forensics” special agent with IRS  Meeting in 1988 (Portland, Oregon) creation of IACIS, the International Association of Computer Investigative Specialists the first Seized Computer Evidence Recovery Specialists (SCERS) classes held
  • 31. WHY?  The main task or the advantage from the computer forensic is to catch the culprit or the criminal who is involved in the crime related to the computers.  Computer forensics has emerged as important part in the disaster recovery management  Ability to search through a massive amount of data- Quickly, Thoroughly and In any language  The importance lies mainly in handling criminal actions such as fraud, phishing, identity theft or many other criminal activities
  • 32. WHO USES FORENSICS  Criminal Prosecutors  Civil litigators  Insurance Companies  Corporations  Law Enforcement Officials  Individuals
  • 33.
  • 34. What cyber forensics aims at?  Identify root cause of an event to ensure it won’t happen again – Must understand the problem before you can be sure it won’t be exploited again.  • Who was responsible for the event?  • Most computer crime cases are not prosecuted – Consider acceptability in court of law as our standard for investigative practice. – Ultimate goal is to conduct investigation in a manner that will stand up to legal scrutiny. – Treat every case like a court case!
  • 35. STEPS FOR COMPUTER FORENSICS: Acquisition Identification Evaluation Presentation
  • 36. 1) Shut Down the Computer 2) Document the Hardware Configuration of The System 3) Transport the Computer System to A Secure Location 4) Make Bit Stream Backups of Hard Disks and Floppy Disks 5) Mathematically Verify Data on All Storage Devices 6) Document the System Date and Time METHEDOLOGY: 7) Make a List of Key Search Words 8) Evaluate the Windows Swap File 9) Evaluate File Slack 10) Evaluate Unallocated Space (Erased Files) 11) Search Files, File Slack and Unallocated Space for Key Words 12) Document File Names, Dates and Times 13) Identify File, Program and Storage Anomalies 14) Evaluate Program Functionality 15) Document Your Findings
  • 37. EVIDENCES: Forensics involves collection of evidences as an important part for investigation. 5 rules of evidences: 1) Admissible Must be able to be used in court or elsewhere. 1) Authentic Evidence relates to incident in relevant way. 1) Complete Exculpatory evidence for alternative suspects. 1) Reliable No question about authenticity & veracity. 1) Believable Clear, easy to understand, and believable by a jury.
  • 38. TOP 10 LOCATION FOR EVIDENCE 1) Internet History Files 2) Temporary Internet Files 3) Slack/Unallocated Space 4) Buddy lists, personal chat room records, P2P, others saved areas 5) News groups/club lists/posting 6) Settings, folder structure, file names 7) File Storage Dates 8) Software/Hardware added 9) File Sharing ability 10) E-mails
  • 39. TOOLS AND TECHNIQUES  There are two types of computer data 1. Persistent data 2. Volatile data  There are different tools used to collect data  An essential toolkit should contain-backup, authentication, decryption, disk editing, log file auditing, IP tracking, data recovery, and file examination.  Tools used depend on what data has to be analyzed
  • 40. Some common tools:  Drivespy  Encase  Forensic tool kit  I Look  Norton utilies  Xways
  • 41. TECHNIQUES: Cross Drive Analysis Deleted files analysis Live analysis
  • 42. DISADVANTAGES  It may happen in some cases that the privacy of the client is compromised.  There are also the chances of introduction of some malicious programs in the computer system that may corrupt the data at a later stage of time.  It is also possible that the data is in dispute and neither of the disputing parties can use the data. Due to this reason the business operations may also be affected.  Producing electronic records & preserving them is extremely costly  Legal practitioners must have extensive computer knowledge and vice versa