2021 International Conference on Computing, Communication, and Intelligent Systems (ICCCIS)
The Impact of India’s Cyber Security Law and
Cyber Forensic On Building Techno-Centric
2021 International Conference on Computing, Communication, and Intelligent Systems (ICCCIS) | 978-1-7281-8529-3/20/$31.00 ©2021 IEEE | DOI: 10.1109/ICCCIS51004.2021.9397243
Smartcity IoT Environment
Md Iman Ali
Department of Computer Application
Lovely Professional University
Phagwara, Punjab, India
mdiman@rediffmail.com
Abstract— Cyber Security and Cyber forensic infrastructure has
always been a dependent component to achieve the goal of smart city,
techno-centric ecosystem development. The non-existence of a
Technology-Driven collaborated ecosystem of Cyber defense, cyber
forensic, and cyber law has led to a situation of fragmenting the
objective of techno-centric smart city evolvement. Trends of connecting
humans and things in smart cities have merged everything in a single
digital network and cybercriminals are getting integrated platforms to
conduct cybercrimes. This indicates that there is a need for
collaboration of Cybersecurity and cyber forensic infrastructure with
the PPP model at the national and international levels for securing
cyberspace. Different countries have adopted different approaches to
deal with the exponential growth of cyber attacks depending upon the
country’s specific cyber law. Due to lack of Integration between India’s
Smart City Development Policy and Cyber Security Policy leading to a
major roadblock in smart city development. Achievement of major
Smart city objective of India become critical due to non-existence of
collaborative approach between different cyber defense ecosystem
pillars and country-specific regional cyber law. India’s Cybersecurity
policy “National Cyber Security Policy” 2013 is significant approach
but not enough to create a robust techno-centric smart city. In this
paper, we have proposed collaborative PPP model cyber law and
cybersecurity technology ecosystem to enable secured cyber confident
citizenship in the techno-centric smart city environment of India. This
paper addressed the need for a dynamic technology-driven
cybersecurity law ecosystem , “Call the police” by technology in smart
city to build India’s techno-centric stable smart city ecosystem.
Keywords—Cyberlaw, Cyber Security, Cyber Forensic, IoT,
Smart city.
I. INTRODUCTION
The importance of Cyber Security law reformation has a
positive and strong correlation with Digital transformation,
cybercrime and cyber forensic investigation. A techno-centric
smart city movement and providing cyber confident citizenship
requires an inline technology-driven cyber law system
otherwise aim of building the digital transformation and
ecosystem might get fragmented. On average, it takes 23.6 hours
[1] to address cybercrime aftermath where we need to address
this in less than 1 minute. Indian Cybersecurity law is
formulated multiple times and regulated by ten [2] different
authorities according to the time and depending upon situations
arising in the cybercrime world. Bits and pieces of cybersecurity
law have been established and amended but the orientation of a
ISBN: 978-1-7281-8529-3/21/$31.00 ©2021 IEEE
Authorized licensed use limited to: Nitte Meenakshi Institute of Technology. Downloaded on June 03,2022 at 11:38:51 UTC from IEEE Xplore. Restrictions apply.
Dr. Sukhkirandeep Kaur
School of Computer Science and Engineering
Lovely Professional University
Phagwara, Punjab, India
sukhkirandeep.23328@lpu.co.in
complete end-to-end technology-driven cybersecurity law
ecosystem is not matured to cope up with current threat
management. Is existing cyber security landscape is sufficient
enough to build and protect the country from cyber threats or it
needs transformation is a major question.
Indian Cybersecurity law transformation question cannot be
answered until an in-depth analysis is performed for smart city
movement, existing cyber law system and cybercrime
landscape.
A. India Smart City movement
In June 2015 The Ministry of Urban Development initiated
a smart city project[3] towards the movement of urbanization.
In the digital world, IoT and BYOD become part of the human
ecosystem. In the smart city ecosystem, a human-independent
comfortable lifestyle is expected for digital transformation and
urbanization. Most of the countries in the world are working
towards urbanization, where India is also part of the
transformation. The increased rate of urbanization is the
objective of the smart city. In India, 63% of GDP contributors
are from Urban Area. By the year 2030, 75% of GDP
contributors will be from Urban areas as per the census done in
2011[3]. The use of IoT and BYOD devices is increasing
exponentially, by the year 2020 more than 50 Billion IoT
devices will get on board in the world[4]. India’s Smart city is
designed to enable IT services for all citizens. The smart city
project aims to improve the quality of life, People must be happy
and motivated to use the advanced technology of the smart city
system[5]. The growing rate of IoT and BYOD devices
increased the rate of cybercrime which becomes a challenging
factor to address. In a study, India’s Rank on cybercrime is 11th
in the world [6]. Rampant growth in Cybercrime has been seen
over time with new tools and techniques. Criminal activities are
increasing in this borderless world of cyberspace and these
crimes have become a serious matter over time. Types of fraud
are evolving depending on the technology change. The fast-
growing technology has opened the door for cybercrime
activities in the digital world either internal cybercrime or
external cyber fraud. More than 20 billion IoT devices are
expected to communicate with each other by 2020[7] which will
escalate the number of cybercrime. The cybercrime
investigation portfolio has changed. Different category of cyber
forensic technology has been broadly identified as Email
751
1
 2021 International Conference on Computing, Communication, and Intelligent Systems (ICCCIS)
Forensic, Mobile Forensic, Data Leak Forensic, Cloud Forensic,

27482
Malware Analysis Forensic, Computer Forensic, E-discovery 35000

NUMBEROFCRIME
Forensic, Network Forensic, ERP Application Forensic. Cyber 30000
Fraud Risk Assessment Forensic area becomes one important 2013
25000

12317
11592
area. 2014
20000

9622
B. India’s Digital Adoption Landscape 15000 2015

4356
The smart city movement is a complete ecosystem movement 10000 2016
towards digitization. In a study conducted by Mckinsey, Digital 5000
Adoption in India has increased. The below figure shows the 2017
0
index of India’s digitization.
2013 2014 2015 2016 2017
YEAR
Digital Adoption Index
150 Fig. 3. Cybercrime record from 2014 to 2016.
99

90

75

73
67

67
66

66
65
64
64
61

58
57

100

50
47

35
50
In India Crime, fraud, bribery has increased which indicates
that there is a serious need for the advancement of a technology-
0
South…
South…

driven law enforcement system to reduce crime and a strong

UK
China

Canada
Australia
Italy

Brazil
USA
France

Singapore
Indonesia

India
Germany

Russia
Japan

Sweden
anti-corruption system to be built. Hackers get huge
opportunities because of the enhanced threat surface in a Smart
city environment/IoT environment. The entire techno-driven
smart city can get compromised with a single intrusion[12].
Fig.1. Digital adoption from 2014-2017, source Mckinsey: [8]. Cybersecurity has always been a pain point. This indicates that
India's Cyber Security Law is not up to date to cope up with
Index of Digital Adoption is showing that out of multiple current threats, crimes, and fraud management. There is a need
countries India is moving fast towards digitalization. As per to draw a complete circle system of Smart cities, technology,
World Economic Forum 2016, the Index of India in Network people, process and devices.
Readiness as below fig.2.
Forensics outlook 2018[7] of EY In a survey done by EY’s
EMEIA Fraud Survey 2017 the result shows the index of India
is significantly on the higher side.

Briberyandcorruptpractices

Inda
51
71 UAE

SouthAfrica
61 27
Emergingmarket
Fig. 2. The Network Readiness Index of India. 79 Global
These statistics clearly show that there is a serious
requirement of exploring the landscape of Indian Cyber Security Fig. 4. Bribery and Crime Practice Index.
Law whether cybersecurity law is inline or not. As per the study
of PWC “Global Crisis Survey[9]” Cybersecurity risk is a major A study of the Cyber Security model concluded in 2019 that
digital business risk today. Cyber Security threat is the second- there is a definite need of establishing a formal framework for
highest risk for the organization as per KPMG 2018 Global CEO Cyber Security as Cyber resilience and a trusted environment
outlook [10]. The movement towards IoT/BYOD is also one of are going to increase the cyber confidence of the citizen. [13].
the major challenges in smart city development as a Global Innovation Index 2017 of the United nation stated:
cybersecurity risk[11]. “emerging innovation center in Asia”[14]. This is a clear demand
C. Cybercrime Landscape that India has to reform the cybersecurity law to gear up with
business movement else fragmentation of upward movement is
Due to the increased amount of digital adoption,
definite. Cybersecurity is considered the fastest global risk by the
cybersecurity risk has also increased. The below figure shows
World Economic Forum, to tackle cybersecurity threat WEF has
the increased rates of Cyber Crime as per the National Crime
launched the “Global Center for Cyber Security” in 2018[15].
Record Bureau of India from 2014 to 2017.
All these facts and figures indicate that India indeed needs an
advanced level of cybersecurity strategy which can prevent the
country's intellectual properties and reduce cyber threat. To

752
2

Authorized licensed use limited to: Nitte Meenakshi Institute of Technology. Downloaded on June 03,2022 at 11:38:51 UTC from IEEE Xplore. Restrictions apply.
 2021 International Conference on Computing, Communication, and Intelligent Systems (ICCCIS)
support building Smart City and cyber secured Techno Centric Post Cyberattack in 2010, the government has built a
Citizenship, strategy to be built as One Team, One Goal to Taskforce on Cyber Defense and Preparedness which was
prevent damage and loss due to modern tools and techniques of chaired by NTRO (National Technical Research Organization ).
cybercrime. The same Taskforce has contributed to formalizing India’s first
“National Cyber Security Policy” in 2013. THE PERSONAL
In this approach, the article is organized step by Step in detail. DATA PROTECTION BILL, 2018 was the movement towards
The rest of the paper is ordered as followed: In section , we data protection, notification, and appointing a data protection
have mentioned the initiative and strategy of Govt of India personal[19]. National Cyber Security strategy defines the future
concerning Cybersecurity. In section , Methodology and readiness of the Cyber Security infrastructure of India which has
Framework are described. The case study is discussed in section a positive correlation to the development of technology-driven
. The Result and Discussion are mentioned in section . In smart city movement.
section , contains the conclusion, and the Current and Future
Development section VII is mentioned before the Declaration, Cyber Security Organizations and hierarchical bodies are
Acknowledgement and Reference Section. shown in the figure below:
II. INDIA CYBER CRIME PREVENTION STRATEGY
A. Indian Cyber Security Law
Existing Cyber project running in India are at different levels
and being run by different entities. Cyber Security law in India
was initially recorded in the Information Technology Act 2000
and the I.T. Amendment Act 2008 to regulate and address issues
related to electronic offense. Cyber Crime is not defined in detail
in this Act either in the Information Technology Act 2000 or in
the Amendment Act 2008.
Fig. 5. Indian Cyber Security hierarchy.
IT Act 2008 stated in the preface “to provide legal
recognition for transactions carried out employing electronic Table  shows different organizations of Cyber Security bodies
data interchange and other means of electronic communication, under different organizations.
commonly referred to as "electronic commerce", which involve The key point of the highlight is an integration of these Cells
the use of alternatives to paper-based methods of communication with collaboration and exchange of data until in-depth
and storage of information, to facilitate electronic filing of collaboration within these cybersecurity cells with Law and
documents with the Government agencies and further to amend enforcement happens, India’s Cyber Security can’t be a
the Indian Penal Code, the Indian Evidence Act, 1872, the successful model. The major impact of the development of
Bankers' Books Evidence Act, 1891 and the Reserve Bank of technology-driven Smart cybersecurity exists in this silo model
India Act, 1934 and for matters connected therewith or incidental of cybersecurity strategy.
thereto.” Post an impetus of globalization and computerization.
India Smart City dream project can’t be a technology-driven TABLE . SHOWS DIFFERENT ENTITY OF CYBER SECURITY CELL
project until cyber Security Law is in line with the Smart city MINISTRY OF COMMON
development techno-centric project. There are certain needs for PM OFFICE/CABINET SECY INFO TECHNOLOGY
cyber policy [16]or technology policy in digital India and smart (PMO/CAB SEC) (MCIT)
city project transformation. In Canada, Germany, UK, the Department Of Information
National Security Council (NSC) Technology (DIT)
internet policy has been reformed, whereas the Indian Internet National Technical Research Org
policy is still traditional which is not at all connecting people, (NTRO) Department of Telecom (DoT)
policy, and technology altogether. Different interpretations of
rules and regulations in India’s Cyber Security can’t be denied. National Critical Info Infrastructure Indian Computer Emergency
Protection Centre (NCIIPC) Response Team CERT-IN
In 1970 under the Programme of UNDP (United Nations Educational Research Network
Development Programme), India started working towards Joint Intelligence (ERNET)
computing in India for formulating the strategy. In 1995, the
Internet became available to Indian Public and since then internet Research & Analysis Wing (RAW) Informatics Center (NIC)
Centre for Development of
usage is increasing. National Cyber Security Policy 2013 was Multi Agency Center Advanced Computing C-DAC
formalized with a vision of securing the critical infrastructure of Standardisati on, Testing and
Cyberspace for Citizen, Government, and business. India was not National Information Board (NIB) Quality Certification (STQC)
having any Cyber Security laws till 2013. Cyber Security, MINISTERY OF HOME NON GOVT
technology laws, and innovation depend on the index of India's AFFAIRS (MHA) ORGANIZATION (NGO)
standing rank. In “Global Tech readiness countries” according National Cyber Corrd Centre Cyber Security And Anti
(NCCC) Hacking Organisation (CSAHO)
to the World economic forum [17] ranking of India is 89. The
Directorate of Forensic Science
network readiness index in 2016 become 91 as per World (DFS) Cyber Society of India (CSI)
Economic Forum 2016[18].
National Disaster Mgt Authority Centre of Excellence for Cyber
(NDMA) Security Research &

753
3

Authorized licensed use limited to: Nitte Meenakshi Institute of Technology. Downloaded on June 03,2022 at 11:38:51 UTC from IEEE Xplore. Restrictions apply.
 2021 International Conference on Computing, Communication, and Intelligent Systems (ICCCIS)
Development in
(CECSRDI)
Central Forensic Science Lab
(CFSL) Cyber Security of India (CSI)
National Cyber Security of India
Intelligence Bureau (IB) (NCS)
Cyber Attacks
MINISTRY OF DEFENCE Management Plan of India
(MOD) (CACMP)
MINISTRY OF EXTERNAL
Tri-Service Cyber Command AFFAIRS (MEA)
Army (MI) Ambassadors & Ministers
Navy (NI) Defense Attaches
Air Force (AFI) Joint Secretary (IT)
Def Info Assurance & Research
Agency (DIARA) ---
Defense Intelligence Agency (DIA) ---
Defense Research Dev Authority
(DRDO) ---
B. Smart city, Cyber Security and Cyber Law
Cyber Security Law has a positive correlation with Cyber
forensic which has to go hand in hand. Digital investigation
process development depends on the back-end framework of
Cyberlaw. Forensic investigation component which is [20]
Network Forensic, Computer Forensic, Mobile Forensic,
Database Forensic. This again is dependent on Cyberlaw which
connects people. cyber forensic component which connects [21]
(a) Human, (b) digital evidence, and (c) Process. International
level initiatives have been taken to the advancement of Cyber
Security law in different countries. The requirement of
Improvement in Cyber Security standards has been identified
globally. The USA government has taken the initiative to
improve the Cyber Security law and released The Internet of
Things Cyber Security improvement act, 2017[22].CPS public
working group (CPWG) of National Institute of Standard and
Technology in 2017 released Cyber Security strategy and
privacy for the common elements – Identification, Monitoring
and implementation of Cyber Security services[23] which is a
continuous initiative of Cyber Security law to cope up with the
different cyber attacks. “Cyber Security and Resilience of
Intelligent Public Transport” released in 2015, European Union
Agency for Network and Information Security[24] towards
Cyber Security on smart city public transport, security and
resilience including involvement of framework “Certification
Framework for Devices” consisting of rules evaluation of
security properties in 2017[25] was released in this direction.
European progress on cyber-crisis situation cybersecurity
policies is defined on the “European Union (EU) Network and
Information Security (NIS) Directive for Sectoral Supervision”
for network and information security systems in line with law
enforcement system. This development indicates that
cybersecurity Law should be adequate to support today’s
advanced level Cyber activities and should be improved
continuously.
C. Indian Cyber Police and Technology Police
India’s Cyber Police or Indian Technology police initiate has
not yet turned up which is the most significant requirement.
Authorized licensed use limited to: Nitte Meenakshi Institute of Technology. Downloaded on June 03,2022 at 11:38:51 UTC from IEEE Xplore. Restrictions apply.
India Central surveillance and technology-driven crime activity
monitoring system is not yet in place to handle exponential
growth rates of crimes. The complete new cadre in police needs
to be built in all the states with the most recent technology
experts which will be called “Cyber Police” or the “Technology
Police”[16]. However, the Crime & Criminal Tracking Network
Crisis and Systems (CCTNS)[26] project initiate the Digital Police
Portal which was launched in 2017, which was initiated to be part
of the digital India movement with the core concept of
computerized police process. This project again needs to have
further collaboration with similar project initiatives.
D. PPP model of Cyber response Team
20th March 2018, [27]Ministry of Home Affairs, Govt of
India has initiated the PPP model of the cyber response team for
digital safety and cybersecurity. The intelligent Cyber response
and immediate monitoring systems are not possible with a single
entity to fight against international level cyber-crimes. There is a
need for the PPP model Cyberthreat response team that should
include multiple private organizations, agency, government,
national and international level collaboration. Cyber threat has
become the world's top major risk as a global threat, which needs
a PPP model of a collaborative approach for addressing cyber
threats [28] as per Forbes.
E. Dedicated Cyber Police station and Cyber Crime Court
Setting up a dedicated Cyber Police station with advanced
level technology and tools are the fundamental needs. Setting up
such a Cyber Police Station and related Cyber Security
Jurisdiction system is a correlated requirement. Currently,
Mumbai becomes the first State of setting up 4 numbers of Cyber
Police stations. Bandra Kurla Complex, Mumbai, India is the
first cyber police station where some more police stations are
coming up in the pipeline.
This indicates that if the Indian Cyber Security law
framework can be addressed the need for cyber police, cyber
incident management, the cyber forensic system as a technology-
driven cyber defense system, then India's techno-centric smart
city ecosystem can be addressed to cyber confident citizenship.
This study has explored how technology-driven cyber defense
ecosystems can be built to protect the country and being part of
the global cyber defense ecosystem.
III. METHODOLOGY AND FRAMEWORK
The enactment of the India Smart city project to build a smart
ecosystem is arguably reflecting a negative direction due to
India's Cyber Security Laws and Cyber Threat Mechanism
System. In this study, few techniques are demonstrated and
developed a technology-driven law enforcement system. This
study has built a model of Cyber Security Law and cybercrime
investigation background system for a sustainable smart city
techno policy-driven system. This technology-driven cybercrime
response system or the Cyber forensic team is enabled
automatically based on the category of crime detection. Before
any crime is conducted, if the cybercrime response can be
automated then this will reduce the number of crimes and even
post crime if automated incident management can be done with
the cyber forensic investigation then smart city techno-driven
project can be successful, which was addressed in this
framework.
754
4
 2021 International Conference on Computing, Communication, and Intelligent Systems (ICCCIS)
A. Automated Cyber Incident Alert Management
Real-time sharing of cyber threats with cyber defense teams
and law enforcement agencies [29] becomes a critical
requirement to fight against cybercrime. In this phase, the
concept of the alert system to Cyber Police is explored. From the
perimeter Firewall or Perimeter web gateway of the organization
alert system to cyber police in initial observation if malicious
activity is observed. In this approach recently a novel algorithm
was created to deal with malicious agents [30]. This system
generating an alert to the cybercrime police station to analyze
malicious activity. The figure below shows that Perimeter
firewall generating alerts to cybercrime police to start monitoring
malicious activity and source of the attack. This needs integration
between every organization's external firewall/web gateways to
the cybercrime police station, national Cybercrime system.
Fig.6. Integration of Digital Police System with the Technology-Driven
System, Organizations.
more productivity. This design has given a more collaborated
cyber defense ecosystem.
The collaboration of Cyber Police, technology police from all
different tangents of the digital business transformation model is
the next step to move forward. This required public, private
organization collaboration. Construction of cyberthreat system,
digital crime branch including all organization, national,
international level technology expert which will form a
governance body of cyberthreat security body. A PPP model
cybersecurity system is required as announced by Obama, USA
president in 2016 to improve the national cybersecurity
system[32].
D. Integration of Smart City, Organization, Cloud, Service
Provider, Government Entity, People Process Under a
Single Platform
Protecting Critical infrastructure is difficult because of the
integration of IT and things as most of the critical infrastructure
in a smart city zone is owned by the private sector and regulated
by the public sector[28]. This phase of the implementation is
connecting all organizations, government entities, institutions,
smart city development projects under a single platform and
connect to the digital crime detection and protection mechanism.
This will integrate all private organizations security gateways,
cloud security, monitoring system.
The below figure shows the integration system to build a
cybersecurity model.

B. Development of Cyber Police, Technology Police System.

Development of Cyber Police [16] or Technology Police
system becomes fundamental needs in every level with special
training and advanced level cybersecurity knowledge. This
requirement is addressed with this technology-driven police
system, and police stations with high technology play a key role
to build a smart cyber defense system.
The need for a Digital Cyber Police station (DCPS) set up at
all levels with integration and collaboration is addressed with this
model. This DCPS has a correlative view of all cybercrimes,
malicious activities across the industry, organization, smart city
environment, IoT, BYOD, and service provider traffic ingress
and egress point. Integration of all the perimeter level firewalls,
Web security gateways with all the Internet exit and entry points.
This meets the requirement of real-time [29] alert update of
malicious activities to the cyber defense system. This integration
with DCPS with the norms of the General Data Protection
Regulations (GDPR). The DCPS was integrated with the
organization’s perimeter devices and the event of the malicious Fig. 7. Technology-driven Cyber Security model
activities is sent towards the DCPS alert correlation system. Then
DCPS again back to back connected with the PPP model of cyber Collaboration model for developing the techno-driven
forensic investigation system as Cyber Lab is opened in the USA cybersecurity law and enforcement platform.
with a collaboration with cisco[31].
E. Integration of Forensic investigation under PPP model
C. Construct PPP Model Cyber Police, Technology Police, Enhancement of current tools and techniques[33] of cyber
and Technology Jurisdiction forensic has become a continuous requirement to conduct a
The ministry of home affairs notification dated 20th march cyber-forensic investigation.
2018 regarding the PPP model of the cyber response system was
a major initiative[27], which needed more collaborated This phase integrates all the forensic investigation projects,
integration. This need for cybercrime digital police systems has technology under a single platform with specific types of access
control mechanisms. A Secured integration model of Forensic

755
5

Authorized licensed use limited to: Nitte Meenakshi Institute of Technology. Downloaded on June 03,2022 at 11:38:51 UTC from IEEE Xplore. Restrictions apply.
 2021 International Conference on Computing, Communication, and Intelligent Systems (ICCCIS)
technology between Government, private and public
organizations which also should further interconnect with
international forensic organizations, the Indian Inter pole system,
CBI, CID, State Digital crime branch police, the private entity of
forensic project all need to get integrated.
F. Integration of Indian Crime Jurisdiction Law Enforcement
Agency, International Level Law Enforcement Agency
There should be one team, one goal approach. An
international collaboration of cybercrime is a fundamental
requirement to conduct a criminal investigation without which it
is next to impossible to stand as one team against the global
largest man-made risk. National, international level
collaboration between Interpol, CBI, FBI and multiple country
Interpol(NCBs of Interpol) collaboration was indeed a
requirement to conduct cybercrime investigation, find the digital
evidence[34], develop international technical standards and
share information quickly. There is a need for integration of
special crime Jurisdiction, all the cybercrime law enforcement
teams, an International level collaboration of crime jurisdiction
system which will act immediately on run time basis
dynamically. Suppose a crime is detected, action on immediate
effect needs to be triggered like taking action through the digital
system and online punishment system as lockout bank account
and system involved in the crime and stop transactions, etc
should be considered. Certain action needs to be triggered on a
run-time basis so that criminal comes back to the system
automatically rather than running behind with the criminal. The
collaboration of countries, technologies, forensic investigation
private-public agencies are addressed in this study. Fig. 7. shows
that collaboration, integration have resulted in a successful
model of the cyber forensic system to conduct a cyber-forensic
investigation and built a forensic readiness techno smart city
ecosystem.
G. Re-structuring of Cybercrime Policy In International
Collaboration
In India, there are different interpretations of Cyber Security
laws, rules, and regulations with different organizations and
people. Cyber Security system is not itself technology-driven in
India. Complex and Incomplete Rules and Cyber Laws in India
need to be of international standard. A collaboration of Cyber
Law with a single policy for all the countries for cybercrime
should be in effect and action. Multi-dimensional classification
of laws and regulations are required to build sustainable smart
ecosystem development. Transformation of existing Cyber
Security Law is required and should be a technology-driven
framework. This study has explored that international
collaboration of Cyber Security law and integration has a major
contribution to protect the country and contribution to the global
cyber defense network.
IV. CASE STUDY
A. Technology-driven Hierarchical Cyber Threat detection
and protection mechanism.
World Economic Forum recommends that the Private,
Public, partnership[29] model can be a successful model for
Cyberthreat management to fight against cybercrime. The
industry of cyber crimes is growing like anything, so there is a
need for advanced level technology-driven hierarchical Cyber
756
6
Authorized licensed use limited to: Nitte Meenakshi Institute of Technology. Downloaded on June 03,2022 at 11:38:51 UTC from IEEE Xplore. Restrictions apply.
threat detection and protection emergency response team which
will connect from the state level, national level, international and
public-private organization collaboration which need to be
confined with single cyber law.
The number of IoT devices is increasing which is an
indication that a Smart city environment and IoT environment
will increase the number of devices so that cybercrimes will also
get increased.
B. The United State of America one team, one goal strategy
One team one goal approach of cybersecurity and cyber
defense model is a successful model. The United state of
America’s National Cyber forensic approach is one of the
success model for other countries. Different organizations,
companies, private sector and research centers' collaboration
approach results in a great success model to mitigate attack risk
and prevention even before the attack occurs. The two-way
collaboration model of the National Cyber Forensic and Training
Alliance (NCFTA) shows how to identify the potential attack
before the attack disrupts and mitigation. Running different
programs under one umbrella transformed the ecosystem
towards a matured model. Running program under this model is
BCP (Brand Consumer Protection), Cyber financial (Cyfin) and
Malware Cyberthreat[35]. Like malware and Cyber threat
program[36] focused on only technical threats along with the
trend of dark-web. Likewise many programs running under this
umbrella. Cyber threats and Cyber labs both are integral to cyber
law. In this direction, the First world City-based Cyber Lab is
opened in the USA with a collaboration with cisco[31] for Cyber
Intrusion Command Center.
As NCTFA is result-focused to prevent potential loss.
Results show that worth $1 billion potential loss was prevented
and also a significant contribution of this approach is shown in
table .
TABLE . NCTFA CASES AND SUCCESS DATA DURING 2015-2019[35]
Prevented Intelligence Case referred Arrested by law
finical loss reported to law and and
enforcement enforcement
$2.26 15187 2517 1096
This result depicts a significant success of the partnering
model of the cyber defense system. Sensitive information
sources have been always explored by the intelligence teams.
Apart from this Federal trade commission[37] which is
protecting America’s consumer space, the United State
Securities and Exchange[38] also been engaged to contribute in
monitoring strictly about policy enforcement in various entities,
inline support has been also provided to these organization by a
central body to handle with the situation. National Cyber
Forensic Task Force consistently developing the ecosystem with
partners, domestic authorities, public and private sector for
national security solutions and investigation of crimes. Finally,
the FBI plays a core master role in the risk and consequence of
the cyber attack. One step ahead has always been planned by the
core team and the counter-terrorism department contributes
towards the planning before the attack, how attackers are
planning for the crime so that massive attack can be protected.
For example, NSA and FBI [39] unfolded the sophisticated
malware from Russia as well. All these successes indicate a
 2021 International Conference on Computing, Communication, and Intelligent Systems (ICCCIS)
partnering model is a successful model and keynote is the “One 2017 AVERAGE CYBER CRIME
Team, One Goal” model. City-based PPP model Cybersecurity VICTIM SPENT TIME AFTERMATH

55.1
50.7
strategy is one of the key approaches in the USA where a large

47.9
60
number of security events are analyzed [31] which contribute 50

34.1
33.9
towards a Cyber Secured Citizenship.

28.3
40

22.1

19.8
19.2
18.9

22
16.2
30

14.8
14.6

14.6
C. Central control strategy of the USA FBI Model

16
10.3
20

5.6

5.6
Fighting against the cyber threat for a long time and

9
10
investigation of one crime to un-fold other related and expected 0
crime which is a quite proactive approach in the USA. FBI

MAXICO

UK
CANADA

SPAIN
CHINA

INDIA
INDONESIA

USA
AUSTRALIA

GERMANY
HONGKONG

JAPAN

UAE
BRAZIN

FRANCH

ITALY

NEWZEELAND
NEITHERLAND

SINGAPORE

SWADEN
agency looks at this matter in a closer way which is a unique
approach to battle with cyber-crime. This approach finally
becomes harder for the criminal to conduct a further crime.

World-class capability, talents are engaged and leveraged the
partnership model with all different authorities. Innovation,
evolution and adoption of new approaches become symbolic for
the USA to combat cybercrime. It is believed that cyber-terror
can steal US financial data, IP and damage US network which
cant be addressed by a single body. To build a cyber secured
ecosystem FBI play a key role in partnering with different federal
counterparts, private agency and multi-country strategy in
developing the right strategy. Along with the law and
enforcement sector and intelligence team for taking action to
defend and monitor malicious cyber activities. No matter who
will get the credit but all together wherever they are during the
crisis situation to defend [40] with the situation which is a central
approach collaborating the public, private sector agency or even
with other govt agency. Different institutions, universities,
research organizations, NGOs and companies altogether in
collaboration with the central FBI task force makes the
ecosystem very strong to defend against crime. National Cyber
investigation joint Task Force (NCIJTF) [41] collaborates with
more than 30 different intelligence teams, communities and law
and enforcement agencies to stand strong and strengthen the
capabilities of the cyber defense model. Resultant of this
approach builds a powerful analytical and operational team of
Cyberattack Defense System. Since the government can’t do it
alone so the collaboration approach is followed to build nation’s
cyber strategy. Cyber defense mission was again boost up by
engaging multiple agencies, public private sectors by the
National Cyber Security alliance (NCSA)[42] which is again
collaborations of contractors, alliances sit together to form cyber
secured intelligence system. New York City and Pittsburgh
collaboration center with different partners, research institutes,
financial sectors, corporate industries by National Cyber forensic
and training alliance increased the capability of the cyber defense
system. Identification then mitigation and disrupt cyber crime
was the main goal of the National Cyber forensic and training
alliance NCFTA([35].
V. RESULTS AND DISCUSSION
A. Cyberdefense Response Time
This designed framework of Technology-driven
cybersecurity, law enforcement, and cyber defense ecosystem
has addressed the response time of cybercrime. A significant
change in cyber defense response time from 23.5 hrs on average
to less than 5 minutes with a comparison of the existing
traditional model and suggested model is shown below.
DAYS
Fig. 8. Average cybercrime report, Source: Nortel Cyber Security Inside
Report[1]
In the existing model average Cyber Response Time to deal
aftermath country-wise as per Nortel Cybersecurity Inside
Report[1]
The significant result of the change in cybercrime response
time on the proposed design is comparative law.
TABLE . EVENT AND RESPONSE TIME
Sl No Event type Response time
1 First alert generation Less than 60 second
2. Investigation time will be reduced 23.5 hrs divided by 12
because as the collaboration of cyber entity=1.95 hrs
defense system of PPP model, tools and
technology used to investigate will be
divided by the number of the entity in
collaboration because consolidate view
information is available from the
centralized system
As a result of this collaboration, the cyber defense system is
reduced from 23.5 hrs which is quite acceptable. In case if more
numbers of collaboration entities, tools, and technology can be
used in optimal design this will give a better time duration to
address cybercrime.
B. Forensic Investigation Advancement
Realtime vulnerability[43] correlation and the number is
large from a single interface. In a smart city IoT environment,
these numbers are expected to compound exponential value. This
threat management handling technique needs a very strong
network of forensic investigation platform and collaboration.
Cyber Forensic investigation time has a positive correlation to
reduce the cyber threat. If the forensic investigation cannot be
completed within time and cannot present digital evidence to law
enforcement agencies in a shorter time then crimes are expected
to increase. The average investigation time to resolve a case is
approx. 40 hrs [44] which is quite high. The suggested model
reduces this time drastically because of the PPP model of the
forensic investigation process having a collaboration of
advanced level tools and techniques under a single network. In
order to get the significant advance on this model , it required
reformations of regional country-specific cybersecurity law,
especially Indian cybersecurity law alignment with the smart city

757
7

Authorized licensed use limited to: Nitte Meenakshi Institute of Technology. Downloaded on June 03,2022 at 11:38:51 UTC from IEEE Xplore. Restrictions apply.
 2021 International Conference on Computing, Communication, and Intelligent Systems (ICCCIS)
movement. Certain implications on this reformation are expected
because of the GDPR[45].
VI. CONCLUSION
“Call the Cyber Police by the Technology” is the key area
addressed in this study. The challenge of Cyber Security in Smart
City Development of India is one of the primary concern which
is addressed in this study by developing a technology-driven
cyber defense system. Smart Cyber Security, an advance level
forensic investigation mechanism is explored in this study.
Introduction of PPP model Cyber Police and Cyber Forensic
model is well addressed to fight against the exponential growth
of Cyberattack. In a study of the Mumbai Taj Attack in 2008,
where Mumbai police may have ignored important digital
intelligence information from the USA that warned of a potential
attack. The study also highlights that the attack could have been
avoided[46] if India's cybersecurity infrastructure had advanced
technology. This example is in line with what has been suggested
to have an advanced level of Cyber Police System or
Development of Technology Police, Digital Police, technology-
driven digital law enforcement system. The cyber confident
citizenship requirement is addressed by developing the PPP
model of a cyber defense system. Also, this study addresses the
need for Multi-Jurisdictional collaboration in Cyber Security
law. This study has explored the socio-economic technology-
driven model to build a sustainable techno smart city
environment
This study suggests conducting a further exploration of
Indian Cybersecurity Law alignment with Smart City
development. The further study strongly recommended for
building a model of end to end global cyber confident citizenship
as one team, one goal with national and international level
collaboration with the implication of PPP model for regional
country level law system to form a global technology-driven
cyber law ecosystem.
VII. CURRENT AND FUTURE DEVELOPMENT
The biggest platform for cybercriminals is getting the
accessibility of the digital world from anywhere and anytime.
Now the digital world becomes single by connecting a network
of networks and technology collaborated. Regional country-
specific cyber law becomes a roadblock to fight against advanced
cyber threats. Cybercriminals are using advanced tools and
technique in collaboration but cyber law are not connecting with
the digital world similarly.
This study suggests conducting a further exploration of
Indian Cybersecurity Law alignment with Smart City
development. The further study strongly recommended building
a model of end to end global cyber confident citizenship as “One
Team, One Goal” with national and international level
collaboration with the implication of PPP model with regional
country level law system to form a global technology-driven
cyber law ecosystems.
ACKNOWLEDGMENT
Heartiest Acknowledged to Ayush Upadhyay, for the
support, especially in formatting the paper, grammar check of
the article.
758
8
Authorized licensed use limited to: Nitte Meenakshi Institute of Technology. Downloaded on June 03,2022 at 11:38:51 UTC from IEEE Xplore. Restrictions apply.
DECLARATION
The research, hypothesis, assessments, and analysis
articulated in this paper are those of the authors alone and not the
organization with whom the authors are associated.
REFERENCES
[1] “2017 Norton Cyber Security Insights Report - Global Results,” p. 30,
2018.
[2] “International Comparative Legal Guides,” International Comparative
Legal Guides International Business Reports. https://iclg.com/practice-
areas/cybersecurity-laws-and-regulations/india (accessed Sep. 26,
2019).
[3] S. C. Mission, “Mission Statement and Guidelines-http://smartcities.
gov. in/writereaddata,” SmartCityGuidelines. pdf.
[4] C. Diwaker, A. Sharma, and P. Tomar, “IoT’s Future Aspects and
Environment Surrounding IoT,” in 2019 Amity International
Conference on Artificial Intelligence (AICAI), Dubai, United Arab
Emirates, Feb. 2019, pp. 752–755, doi: 10.1109/AICAI.2019.8701402.
[5] H. Kumar, M. K. Singh, M. P. Gupta, and J. Madaan, “Moving towards
smart cities: Solutions that lead to the Smart City Transformation
Framework,” Technological Forecasting and Social Change, p. 119281,
Apr. 2018, doi: 10.1016/j.techfore.2018.04.024.
[6] “Volume 9, Special Issue, April 2019, 4th National Conference On
Recent Trends in Humanities, Technology, Management & Social
Development (RTHTMS 2K19); KIET School Of Management,
Ghaziabad, UP, India,” Social Development, vol. 9, p. 15, 2019.
[7] A. Singh, “Forensic Outlook 2018,” p. 20.
[8] “Digital India: Technology to transform a connected nation |
McKinsey.” https://www.mckinsey.com/business-functions/digital-
mckinsey/our-insights/digital-india-technology-to-transform-a-
connected-nation (accessed Sep. 22, 2019).
[9] “PwC’s Global Crisis Survey 2019,” p. 22.
[10] “Consumer Loss Barometer 2019_KPMG International,” p. 32, 2019.
[11] “Cyber security - a necessary pillar of smart cities,” Smart City, p. 24.
[12] “Creating cyber secure smart cities,” p. 32.
[13] “Cybersecurity in smart cities - KPMG | IN,” KPMG, Feb. 22, 2019.
https://home.kpmg/in/en/home/insights/2019/02/cybersecurity-
smartcities.html (accessed Sep. 14, 2019).
[14] PTI, “India ranked top exporter of ICT services: UN report,”
@businessline.
https://www.thehindubusinessline.com/news/world/india-ranked-top-
exporter-of-ict-services-un-report/article9728432.ece (accessed Sep.
14, 2019).
[15] “To Prevent a Digital Dark Age: World Economic Forum Launches
Global Centre for Cybersecurity,” World Economic Forum.
https://www.weforum.org/press/2018/01/to-prevent-a-digital-dark-age-
world-economic-forum-launches-global-centre-for-cybersecurity/
(accessed Sep. 14, 2019).
[16] J. Saxena, “Development of Cyber Police,” vol. 2, no. 1, p. 5, 2019.
[17] S. Dutta, T. Geiger, B. Lanvin, World Economic Forum, and Insead, The
global information technology report 2015: ICTs for inclusive growth.
2015.
[18] S. Baller, S. Dutta, and B. Lanvin, The Global Information Technology
Report 2016: Innovating in the Digital Economy. 2016.
[19] “Draft Personal Data Protection Bill, 2018,” PRSIndia, Jul. 30, 2018.
https://prsindia.org/billtrack/draft-personal-data-protection-bill-2018
(accessed Sep. 14, 2019).
[20] Vishnu Institute of Technology, B. V. P. santhi, P. Kanakam, and S. M.
Hussain, “Cyber Forensic Science to Diagnose Digital Crimes- A
study,” International Journal of Computer Trends and Technology, vol.
50, no. 2, pp. 107–113, Aug. 2017, doi: 10.14445/22312803/IJCTT-
V50P119.
[21] Department of Informatics, Universitas Islam Indonesia, Yogyakarta,
Indonesia, Y. Prayudi, A. Ashari, and T. K Priyambodo, “A Proposed
Digital Forensics Business Model to Support Cybercrime Investigation
in Indonesia,” International Journal of Computer Network and
Information Security, vol. 7, no. 11, pp. 1–8, Oct. 2015, doi:
10.5815/ijcnis.2015.11.01.
[22] M. Warner, “IN THE SENATE OF THE UNITED STATES,” p. 20.
 2021 International Conference on Computing, Communication, and Intelligent Systems (ICCCIS)
[23] E. R. Griffor, C. Greer, D. A. Wollman, and M. J. Burns, “Framework [45] “General Data Protection Regulation (GDPR) guidance,” NHS Digital.
for cyber-physical systems: volume 1, overview,” National Institute of https://digital.nhs.uk/data-and-information/looking-after-
Standards and Technology, Gaithersburg, MD, NIST SP 1500-201, Jun. information/data-security-and-information-governance/information-
2017. doi: 10.6028/NIST.SP.1500-201. governance-alliance-iga/general-data-protection-regulation-gdpr-
[24] C. Lévy-Bencheton, E. Darra, European Union, and European Network guidance (accessed Sep. 26, 2019).
and Information Security Agency, Cyber security and resilience of [46] H. S. Lallie, “An overview of the digital forensic investigation
intelligent public transport: good practices and recommendations. infrastructure of India,” Digital Investigation, vol. 9, no. 1, pp. 3–7, Jun.
Heraklion: ENISA, 2015. 2012, doi: 10.1016/j.diin.2012.02.002.
[25] legroju, “The EU cybersecurity certification framework,” Digital Single
Market - European Commission, Sep. 19, 2017.
https://ec.europa.eu/digital-single-market/en/eu-cybersecurity-
certification-framework (accessed Sep. 14, 2019).
[26] “Ministry of Home Affairs | Digital Police.” https://digitalpolice.gov.in/
(accessed Sep. 14, 2019).
[27] “Cyber Security.”
https://pib.gov.in/newsite/PrintRelease.aspx?relid=177722 (accessed
Sep. 24, 2019).
[28] C. Brooks, “Public Private Partnerships And The Cybersecurity
Challenge Of Protecting Critical Infrastructure,” Forbes.
https://www.forbes.com/sites/cognitiveworld/2019/05/06/public-
private-partnerships-and-the-cybersecurity-challenge-of-protecting-
critical-infrastructure/ (accessed Sep. 25, 2019).
[29] “recommendations-for-public-private-partnership-against-cyber-
crime.” https://www.zurich.com/knowledge/topics/cyber and data
risks/recommendations-for-public-private-partnership-against-cyber-
crime (accessed Sep. 24, 2019).
[30] Y. Shang, “Consensus of hybrid multi-agent systems with malicious
nodes,” IEEE Transactions on Circuits and Systems II: Express Briefs,
pp. 1–1, 2019, doi: 10.1109/TCSII.2019.2918752.
[31] “Mayor Garcetti Launches Nation’s First City-Based Cyber Lab | City
of Los Angeles.” https://www.lacity.org/blog/mayor-garcetti-launches-
nations-first-city-based-cyber-lab (accessed Sep. 14, 2019).
[32] “National Cybersecurity: A Collaborative Approach is Required,”
blogs@Cisco - Cisco Blogs, Oct. 31, 2016.
https://blogs.cisco.com/security/national-cybersecurity-a-collaborative-
approach-is-required (accessed Sep. 14, 2019).
[33] B. Vanlalsiama and N. Jha, “Cyber Forensic: Introducing A New
Approach to Studying Cyber Forensic and Various Tools to Prevent
Cybercrimes,” vol. 6, no. 1, p. 6, 2015.
[34] A. Rees, “International Cooperation in Cybercrime Investigations,” p.
25, 2007.
[35] M. Jacobs, “Home,” The National Cyber-Forensics and Training
Alliance. https://www.ncfta.net/ (accessed Jan. 03, 2021).
[36] M. Jacobs, “Malware and Cyber Threat Program,” The National Cyber-
Forensics and Training Alliance. https://www.ncfta.net/malware-and-
cyber-threat-program/ (accessed Jan. 03, 2021).
[37] “About the FTC,” Federal Trade Commission, Mar. 01, 2013.
https://www.ftc.gov/about-ftc (accessed Jan. 03, 2021).
[38] “SEC.gov | HOME.” https://www.sec.gov/ (accessed Jan. 03, 2021).
[39] “NSA and FBI Expose Russian Previously Undisclosed Malware
‘Drovorub’ in Cybersecurity Advi,” National Security Agency Central
Security Service. https://www.nsa.gov/news-features/press-
room/Article/2311407/nsa-and-fbi-expose-russian-previously-
undisclosed-malware-drovorub-in-cybersecu/ (accessed Jan. 03, 2021).
[40] “CISA Cybersecurity Summit: Addressing Threats Through
Partnerships — FBI.” https://www.fbi.gov/news/speeches/cisa-
cybersecurity-summit-addressing-threats-through-partnerships
(accessed Jan. 03, 2021).
[41] “National Cyber Investigative Joint Task Force,” Federal Bureau of
Investigation. https://www.fbi.gov/investigate/cyber/national-cyber-
investigative-joint-task-force (accessed Jan. 03, 2021).
[42] “National Cyber Security Alliance (NCSA) – About Us,” Stay Safe
Online. https://staysafeonline.org/about/ (accessed Jan. 03, 2021).
[43] Z. Tian et al., “Real-Time Lateral Movement Detection Based on
Evidence Reasoning Network for Edge Computing Environment,” IEEE
Transactions on Industrial Informatics, vol. 15, no. 7, pp. 4285–4294,
Jul. 2019, doi: 10.1109/TII.2019.2907754.
[44] World Congress on Engineering and Computer Science et al., World
Congress on Engineering and Computer Science: WCECS 2017: 25-27
October, 2017, San Francisco, USA. volume 1: ... Hong Kong:
Newswood Limited, IAENG (International Association of Engineers),
2017.

9759

Authorized licensed use limited to: Nitte Meenakshi Institute of Technology. Downloaded on June 03,2022 at 11:38:51 UTC from IEEE Xplore. Restrictions apply.