You are on page 1of 6

1.

1 PROLOGUE

The revolution in digital technology has been tremendous and has outpaced all other revolutions
of the past, be it the industrial or nuclear revolution. Over the last decade, principally due to
development of digital technology, the world has become a global village. Society has just started
to cultivate the legitimate and the beneficial potential of the rapidly changing and extremely
powerful digital technology for business, empowering individuals & communities and for
promoting economic development. World cultures are becoming more and more dependent on
digital computer systems and networks. Much like other cultural changes that have moved in to
transform our lives, the availability of digital technology inevitably leads to misuse by anti-social
or nefarious individuals. Unlike businesses, governments and individuals, the criminal elements
are taking unfair advantage of the enormous capabilities of this breathtaking and exciting new
technology. Hence technological crimes have grown at an alarming rate. Criminals are exploiting
digital technology to assist in committing traditional as well as innovative forms of unpredictable
and unforeseen crimes.

Today, computer frauds and cyber crimes are moving beyond the conventional realm. The use of
computers and Internet grows exponentially; so does the criminal abuse. Due to ubiquity of digital
technology, most of the crimes today have technological dimensions attached to them. As the
awareness of computers is reaching the grass root level and more sophisticated, powerful
machines and software are easily and economically available, the threat and impact of Computer
Frauds and Cyber Crimes [CFCC] looms large on the society. The CFCC are driven by the
fundamental principle of criminology that crime follows opportunity, motivation and skill;
opportunities and skills abound in today’s digital technology era.

1.2 BACKGROUND

For the criminals, CFCC including computer and digital technology related crimes are proving to
be a low investment, low risk, and low guilt method of making quick money and spreading
terrorism. CFCC leads to denial of information, loss of money, loss of intellectual property,
wastage of valuable time, mental harassment and attack on privacy of innocents. To make things
worse, the investigative and law enforcement agencies have been under-prepared to tackle this
exploding new form of crime, as there is lack of standard guidelines, methodologies, principles
and tools. Information technology related legislations worldwide are evolving and requires more
time and efforts as well as regular revisions, to be useful in the long run.

The other major requirement is that the methodologies and solutions for detecting and fixing the most common CFCC are to be developed in an affordable way. thus creating awareness to both the criminals and public. analysis. tools. or helping to anticipate unauthorized actions shown to be disruptive to planned operations as shown in Fig-1. existing practices. 1. In general.A proper classification of technological crimes. an urgent requirement is to look at the traditional forensic science principles in the light of advancements in digital technology and adapt the principles to the technology. interpretation.1.3 DIGITAL FORENSICS Forensic Science can be defined as the application of a broad spectrum of scientific methods and processes to answer questions of interest to the legal system. in turn. investigative agencies lag behind in adapting to new technologies and their approach is reactive rather than proactive. Digital Forensics [2] can be defined as the use of scientifically derived and proven methods. methodologies along with the problems encountered by investigating and law enforcement agencies are of paramount importance. Traditional forensic science uses science & technology to answer questions pertaining to investigation in an admissible manner primarily using physicochemical and biological characteristics of the entities involved. documentation and presentation of digital evidence. for the purpose of facilitating or furthering the reconstruction of events found to be criminal. validation. A successful investigation of CFCC ideally requires a set of trusted guiding principles to detect and fix the crime and to book the criminal (Human Being Involved). The best way to reduce the number of CFCC incidences is to detect them and book the persons behind them. have a far reaching impact in tackling CFCC. This will. But it has been observed that analyzing CFCC takes significantly more time than a perpetrator takes to actually commit it. identification. their impact. collection. The relationship of forensic science with law and science & technology is very clear and they influence each other. towards the preservation. For this. 2 . derived from digital sources. Another definition says “Forensic science is the application of science and engineering to assist legal proceedings to prove guilt and to save the innocent by applying investigation and analysis techniques to determine and acquire potential legal evidence” [1].

cyber forensics. New York.2). 2001. August 7-8. Utica. mobile phone forensics. 3 . embedded system forensics.1 Nucleus of Digital Forensic Research1 Digital forensics can be classified into computer forensics. software forensics. Report From the First Digital Forensic Research Workshop (DFRWS). 1 A Road Map for Digital Forensic Research. and digitized document forensics to cover major types of digital technological crimes. The study concentrates on following domains of digital forensics (Fig – 1. audio/ video forensics. Fig-1.

currency. also known as media forensics is that branch of digital forensic science.3. share certificates etc.2 Digital Forensics Classification 1. which come under this category. 1. free space. and document digital evidence from multiple.. searching various places where evidence can reside like slack space.g. which deals with the investigation and analysis of a stand-alone computer involved in crime.1 COMPUTER FORENSICS Computer Forensics. The computer forensics process includes imaging storage media. are fraudulent alteration or generation of counterfeited documents e. and preserving and analyzing collected information for presenting in the court of Law with appropriate interpretations and conclusions.3. DIGITAL FORENSICS COMPUTER FORENSICS CYBER FORENSICS SOFTWARE FORENSICS DIGITIZED DOCUMENT FORENSICS Fig-1. Crimes. is the use of scientifically proven techniques to collect. Computer Forensics methods are used for one computer at a time. identify. and hidden partitions. 4 . recovering deleted files. fuse. also known as network forensics. analyze. examine. certificates. Here the investigation gathers evidence from the computer media seized at the crime scene by extracting hidden or deleted information from the storage devices. correlate. In general.2 CYBER FORENSICS Cyber Forensics.

Crimes which come under this category include remote break-ins.3. which deals with development of methodologies to detect the fraudulent document and solutions to link generated fraudulent document to source (scanning and printing devices used) in an admissible manner. author of malicious code.4 SOME OPEN PROBLEMS The growing menace of CFCC has a lot of open problems for the digital forensic community. 1. hacking. and/or compromise system components as well as providing information to assist in response to or recovery from these activities. in addition to traditional post-mortem forensic analysis. in a proactive and preventive approach.and post- cyber attack periods. virus distribution. Crimes that are to be dealt with under this category are identification of plagiarism. E-mail and any other e-document. corrupt. 1.3. 1. Some of the major gaps in research are as follows: 5 . Cyber forensics deals with forensic analysis of digital evidence that is distributed across computer networks.3 SOFTWARE FORENSICS Software Forensics also called code analysis is that branch of digital forensics science. The key to identify the author of a suspect code is selection of appropriate body of code and appropriate features for comparison.4 DIGITIZED DOCUMENT FORENSICS Digitized Document Forensics can be defined as an upcoming branch of forensic science. Cyber forensics includes examination of data related to both trans. cyber harassment. These evidences are often transient in nature and are not preserved within a single storage media. it is imperative to perform forensic-like examinations of victim systems. intrusion etc. In a networked environment. or measured success of unauthorized activities meant to disrupt.actively processing and transmitting digital sources for the purpose of uncovering facts related to the planned intent. cracking. which deals with the identification and categorization of author of malicious code. phishing. profiling and categorization.

Lack of understanding and acceptance of digital forensic investigation process and evidences by the Judiciary. case studies in the different areas pertaining to CFCC have been carried out. Lack of availability of Standard Operating Procedures (SOP) for digital forensic investigation. 1. 4. Lack of understanding of corresponding legal issues and constraints of technology on computer frauds and cyber crimes and in turn to digital forensics. A successful digital forensic investigation requires digital investigation life cycle guided by sound principles and methodologies to gather digital evidences which are trustworthy and admissible in the court of law. In order to establish the enhanced forensic principle. artifacts and technology used in CFCC. Finally. Objective of this research is to analyze the open issues in forensic investigation of CFCC and hence to study and enhance the forensic principles to encompass the digital objects. Lack of available and scalable tools for digital forensic investigation in very fast changing technological scenario. 5. Lack of suitable forensic principles to encompass digital investigations 2. 3. 6 . the global nature of CFCC requires solutions to be developed. keeping in mind international legislations and requirements.