DOCSLIB.ORG

Copyrighted Material

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Copyrighted Material ind JWBK226/Bidgoli July 10, 2008 13:36 Char Count= Index Abrams v. United States, 476 American Arbitration Association (adr.org), 39 Access: American Bar Association Task Force, 98 codes, 842 American Civil Liberties Union (ACLU): Digital Divide and, 524–525 ACLU v. Miller, 468 privacy and, 412 Ashcroft v. ACLU, 15, 59, 448 wireless attacks and, 753 challenges to Patriot Act and DHS Accessdata’s Password Recovery Toolkit (PRTK), 370 surveillance/investigation techniques, 165, Access Device Fraud Act (1984), 42 166 Access point (AP), 751, 779 defined, 556, Accountability, 414–415 Reno v. ACLU, 13, 14, 58, 59, 265, 447, 641 Account misuse detection, 712 American Express, 29, 30 ACLU. See American Civil Liberties Union (ACLU) American Guarantee & Liability Insurance Co. v. Ingram ACPA. See Anticybersquatting Consumer Protection Micro, Inc., 32 Act of 1999 (ACPA) American Law Institute (ALI), 325 ADA (American Dental Association), 556 American Libraries Association v. Pataki, 266, 348 Adapters, 505, 510 American Library Association v. United States, 63 Adaptive literacy, 518 American Management Association (AMA), 419, 421 Adbusters group, 307–308 American Mobile Satellite (AMSAT), 734 Address translation services, 504 American National Standards Institute (ANSI) Adjudication. See Criminal justice system X12N, 541–542, 555, 558 Ad networks, 426–427, 432 American Society for Crime Lab Directors/Lab ADRs. See Alternative dispute resolution techniques Accreditation Board (ASCLD/LAB), 377 (ADRs) Americans with Disabilities Act (1990), 801–802 Advanced Encryption Standard (AES), 365, 581 America Online (AOL): Affirmative defense, defined, 121 America Online, Inc. v. Does, 268, 272 Afghanistan, 150 America Online, Inc. v. Hawke, 254, 268, 272 Afternapster.com, 71 America Online, Inc. v. LCGM, Inc., 223 Age. See Demographic groups and anonymity on, 12 Internet/technologyhttp://www.pbookshop.com use AOL versus CN Productions, 270 Age Discrimination in Employment Act (1967), 801 domination of, 44 Air Force’s Office of Special Investigations (AFOSI), employee e-mail and, 796 119 Geoff v. AOL, Inc., 19 Air traffic blackout, 129 spamming and spammers, 252, 267–268, 270, 276, Alappat, In re, 658 284 ALCOA case, 632 Ameritrade, 836 Al-Hussayen (UnitedCOPYRIGHTED States of America vs. Sami Omar A&M MATERIAL Music, 232 Al-Hussayen), 141 Amnesty International, 611 Al-Jazeera, 149 A&M Records v. Napster, 6, 71 AllAdvantage.com, 428 Amsan LLC v. Prophet 21 Inc., 25 Alta Vista Technology, 69 Analog, defined, 779 Alternative dispute resolution techniques (ADRs), Anonymity/identity on Internet, 457–478 38–39, 44 anonymous domain registrant, 473–477 Altus Net, 773 contrarians, 475–477 Amazon.com: court rulings, 466–468 Associate program, 40 determining identity on the Internet, 460–462 denial of service attacks, 26 Internet anonymity and the law, 468–469 one-click, patent, 12, 494, 658–659 mechanics of, 459–460 participants, 490, 614 overview/introduction, 457–458, 477 851 ind JWBK226/Bidgoli July 10, 2008 13:36 Char Count= 852 Index Anonymity/identity on Internet (Continued ) Authentication: remailers, 478 authorization and, 716 reverence for anonymity in U.S. political tradition, defined, 510, 587 465–466 electronic transactions security and, 843 secure socket layer (SSL), 463, 478, 739 services, 503 socks server, 478 Authenticity: subpoenas seeking identity of anonymous speakers, certificates of, 652 471–473 defined, 322 technical solutions, 462–464 Automated transactions, 327 terms defined, 477–478 Availability: wartime, anonymity during, 469–470 defined, 587 Anonymizers, 464, 705 disruption of, 727 (see also Denial of service (DoS) Anonymous DSL (digital subscriber line), 464, 477 attacks) Anonymous surfing site, defined, 477 efficient/effective operation and, 834 ANSI X12N, 541–542, 555, 558 e-government security, 568–573 Anticybersquatting Consumer Protection Act of classes of attacks (physical/logical), 572 1999 (ACPA), 8–9, 45 denial of service concerns, 570 Antiglobalization/anticapitalism movements, 315 fault-related availability concerns, 568–569 APEC (Asia Pacific Economic Council), 669, 681, individual or informally organized hackers, 686–688 570–571 APOP (authenticated post office protocol), 771, intrinsic availability concerns, 569–570 779 logical attacks, 572–573 Apparent identity, 459 nonstate organizations, 571–572 Apple, 7, 232, 301, 302 physical attacks, 572 Applied Info. Mgmt. Co. v. Icart, 345 sources of denial of service attacks, 570 Appropriation, tort of, 411 state-sponsored attacks, 572 Arizona’s Roosevelt Dam, 132, 133 e-government security mechanisms/techniques Arms Export Control Act (1978), 650 for, 578–579 Arpanet, 249 information assurance and, 748 ASCII, 392 wireless information warfare and, 727–732 ASEAN (Association of South East Asian Nations), 669, 681, 682–683, 686 Backdoors, 753, 770 ASEANAPOL, 686 Backups files, 220–221, 838 Ashcroft v. ACLU, 15, 59, 448 Bailye, John, 474 Ashcroft v. Free Speech Coalition, 116 Ballmer Steve, 310–311 Asia, 11, 193, 605, 639, 607, 820 Bally v. Faber, 16 cybersquatting, 11 Baltimore Technologies, 331–332 lack of civil society structures, 605 Bandwidth, communications, 724 Asian Productivity Organization, 530 Banks/financial institutions: Asia Pacific Economic Council (APEC), 669 computer security, 487 Assent/consent, defined, 352 Financial Services Modernization Act of 1999 Association for Interactive Marketing (AIM), 263 (Gramm-Leach-Bliley Act), 13, 412, 432, Association of American Physicians and Surgeons 483 (AAPS), 556 http://www.pbookshop.comprivacy of records, 412 Association of Metropolitan Water Agencies terrorism and, 236–237 (AMWA), 168 Barbie Liberation Organisation, 309 Asymmetric: Barlow, John Perry, 628 defined, 587 Barnesandnoble.com, 659 response, 150, 172 Barron’s Online, 36 warfare, 731–732, 779 Bateman v. Mnemonics, Inc., 229 Asynchronous transfer mode (ATM), 779 BBB Online Privacy Program, 78–79, 429 Atari Games Corp. v. Nintendo of America, Inc., 229 BEA Systems, 491, 509 ATM (asynchronous transfer mode), 779 Behavioral methods, information leak detection, ATM withdrawal, sequence diagram, 492 711 Atomic Tangerine, 193 BellSouth, 246 AT&T, 253, 529 Bench trial, defined, 121 Attack(s). See Wireless information warfare (WIW) Berube v. Fashion Centre Ltd., 799 Attack/defense scenario (A/D), 779 BestCrypt, 364 Attacker identification, 772 BGP. See Border gateway protocol (BGP) Attractors, 597, 598, 622 Bidder’s Edge, 41, 213 At-will employment, 798, 814–816, 824–825 Bill of rights. See Constitution of United States Australia, 36, 133, 188, 273, 529, 599, 606, 634, Biometric security measures, 607, 838, 839 653, 686–688, 820 Bird v. Parsons, 266 Authenticated post office protocol (APOP), 771, 779 Black-box testing, 379 ind JWBK226/Bidgoli July 10, 2008 13:36 Char Count= Index 853 Black lists, 248, 285 Canada: Blakey v. Continental Airlines, 26, 800 anonymity of juveniles, 26 Blocking programs, 450–452 antispam legislation, 280 Blogs/bulletin boards, 169, 705, 720 Canadian Human Rights Act, 61 Blue Cross & Blue Shield of Michigan, 799 Convention on Cyber-Crime treaty, 190, 673 Boeing, 529, 810 copyright law, 66 Bombing, Oklahoma City, 105, 572 Criminal Code, 185 “Bomb shelter” legislation (UCITA; Uniform democratic deficit, 608 Computer Information Transactions Act), fraudulent wrongful function of computer system, 324, 327, 345, 346–347, 349, 352 82 Bonito Boats, Inc. v. Thunder Craft Boats, Inc., 342 free speech, 55 Booher, Charles, 245 Group of 8, 681 Border gateway protocol (BGP), 148–150, 172 hate speech, 61 Bots/cyberbots, 223–224, 285, 731 Personal Information Protection and Electronic Bounce, 285 Documents Act, 14 Boureguard, In re, 658 privacy, 14, 73, 820 Bowers, Harold, 341 Royal Canadian Mounted Police, Tech Crime Bowers v. Baystate Technologies, Inc., 229, 230, 340, Unit, 188 341, 343 voting rights, 85 Boy Scouts, 410 Canexus.com, 72 BPP (business owner’s package policy), 32 CAN-SPAM Act. See Spam, federal CAN-SPAM Briggs v. Am. Air Filter Co., 217 Act (Controlling the Assault of Non-Solicited Broadband, 520–521, 530–531 Pornography and Marketing Act of 2003) Broker-dealer operations, 27 Cantrell v. Forest City Publishing Co., 411 Brower v. Gateway 2000, Inc., 24 Carbon Defense League, 308 Browser privacy issues, 422 Carnivore, 165, 166, 418, 470, 647, 648 Browsewrap agreements, 334–337 CART (Computer Analysis and Response Team), Browsewrap license, 352 FBI, 393 Brussels Convention, 635 Caruso, J. T., 136 Buckley v. American Constitutional Law Foundation, Caspi v. Microsoft Network, 338 467, 468 Cato, 465 Buffer overflows, 755 CAUCE. See Coalition Against Unsolicited Bunner, Andrew, 16 Commercial E-mail (CAUCE) Burger King, 7, 8 Caveat emptor, 347–348 Business(es): CCIPS (Computer Crime and Intellectual Property corporate spying (see Corporate spying) Section), 187 corporate use of personal information, 77–78 CDA. See Communications Decency Act of 1996 cyberterrorism and, 158–161, 169–170 (CDA) employee privacy policies, 420–421 CDMA. See Code division multiple access (CDMA) global e-government and, 609 Cells, 736 government, compulsory/voluntary cooperation Cellular digital packet data (CDPD), 739, 779 with, 237–238 Cellular phones, 500, 779 privacy issues for, 419–421 Censorship, 437–453 terrorism and financialhttp://www.pbookshop.com institutions, 236–237 circumstantial, 438 USA PATRIOT ACT, and government spying, content filtering, 453 and, 236–238 defining, 438–439, 453 virus/worm attacks, estimates, 183 First Amendment and, 439–441 wiretap laws and, 418–419 government,
Load more

Recommended publications
  • Digital Investigation and Trojan Defense.Pdf
    Digital Investigation and the Trojan Defense, Revisited Golden G. Richard III Professor of Computer Science and University Research Professor Director, Greater New Orleans Center for Information Assurance (GNOCIA) University of New Orleans GIAC-certified Digital Forensics Investigator Founder, Arcane Alloy, LLC [email protected] / [email protected] / @nolaforensix http://www.cs.uno.edu/~golden 2 Who? Professor of Computer Science and University Research Professor, Director, Greater New Orleans Center for Information Assurance (GNOCIA), University of New Orleans http://www.cs.uno.edu/~golden Digital forensics, OS internals, reverse engineering, offensive computing, pushing students to the brink of destruction, et al. Founder, Arcane Alloy, LLC. http://www.arcanealloy.com Digital forensics, reverse engineering, malware analysis, security research, tool development, training. Co-Founder, Partner / Photographer, High ISO Music, LLC. http://www.highisomusic.com Music. Rock stars. Earplugs. Copyright 2015 by Golden G. Richard III (@nolaforensix) 3 Digital Forensics “Tools and techniques to recover, preserve, and examine digital evidence stored on or transmitted by digital devices.” Computers, PDAs, cellular phones, videogame consoles, digital cameras, copy machines, printers, digital voice recorders… 4 What That Really Means • Data. “You only think it’s gone.” • Sensitive data tenaciously clings to life. • The vast majority of users—and lots of technical people, too— have no idea what’s really stored on their digital devices… • …and no ability to properly “clean up” even if they do suspect what’s there Copyright 2015 by Golden G. Richard III (@nolaforensix) 5 Where’s the Evidence? Files and Filesystem Application Windows Deleted Files metadata metadata registry Print spool Hibernation Temp files Log files files files Browser Network Slack space Swap files caches traces RAM: OS and app data Volatile Evidence structures Copyright 2015 by Golden G.
    [Show full text]
  • Protecting the Children: Challenges That Result In, and Consequences Resulting From, Inconsistent Prosecution of Child Pornography Cases in a Technical World, 16 Rich
    Richmond Journal of Law and Technology Volume 16 | Issue 3 Article 5 2010 Protecting The hiC ldren: Challenges That Result In, And Consequences Resulting From, Inconsistent Prosecution Of Child Pornography Cases In A Technical World Francis S. Monterosso Follow this and additional works at: http://scholarship.richmond.edu/jolt Part of the Computer Law Commons, and the Internet Law Commons Recommended Citation Francis S. Monterosso, Protecting The Children: Challenges That Result In, And Consequences Resulting From, Inconsistent Prosecution Of Child Pornography Cases In A Technical World, 16 Rich. J.L. & Tech 11 (2010). Available at: http://scholarship.richmond.edu/jolt/vol16/iss3/5 This Article is brought to you for free and open access by UR Scholarship Repository. It has been accepted for inclusion in Richmond Journal of Law and Technology by an authorized administrator of UR Scholarship Repository. For more information, please contact [email protected]. Richmond Journal of Law & Technology Volume XVI, Issue 3 PROTECTING THE CHILDREN : CHALLENGES THAT RESULT IN, AND CONSEQUENCES RESULTING FROM , INCONSISTENT PROSECUTION OF CHILD PORNOGRAPHY CASES IN A TECHNICAL WORLD By Francis S. Monterosso * Cite as: Francis S. Monterosso, Note: Protecting the Children: Challenges that Result In, and Consequences Resulting From, Inconsistent Prosecution of Child Pornography Cases in a Technical World , XVI Rich. J.L. & Tech. 11 (2010), http://jolt.richmond.edu/v16i3/ article11.pdf. INTRODUCTION Of all the sinister things that Internet viruses do, this might be the worst: They can make you an unsuspecting collector of child pornography. Heinous pictures and videos can be deposited on computers by viruses—the malicious programs better known for swiping your credit card numbers.
    [Show full text]
  • Ethical Hacking
    Ethical Hacking Alana Maurushat University of Ottawa Press ETHICAL HACKING ETHICAL HACKING Alana Maurushat University of Ottawa Press 2019 The University of Ottawa Press (UOP) is proud to be the oldest of the francophone university presses in Canada and the only bilingual university publisher in North America. Since 1936, UOP has been “enriching intellectual and cultural discourse” by producing peer-reviewed and award-winning books in the humanities and social sciences, in French or in English. Library and Archives Canada Cataloguing in Publication Title: Ethical hacking / Alana Maurushat. Names: Maurushat, Alana, author. Description: Includes bibliographical references. Identifiers: Canadiana (print) 20190087447 | Canadiana (ebook) 2019008748X | ISBN 9780776627915 (softcover) | ISBN 9780776627922 (PDF) | ISBN 9780776627939 (EPUB) | ISBN 9780776627946 (Kindle) Subjects: LCSH: Hacking—Moral and ethical aspects—Case studies. | LCGFT: Case studies. Classification: LCC HV6773 .M38 2019 | DDC 364.16/8—dc23 Legal Deposit: First Quarter 2019 Library and Archives Canada © Alana Maurushat, 2019, under Creative Commons License Attribution— NonCommercial-ShareAlike 4.0 International (CC BY-NC-SA 4.0) https://creativecommons.org/licenses/by-nc-sa/4.0/ Printed and bound in Canada by Gauvin Press Copy editing Robbie McCaw Proofreading Robert Ferguson Typesetting CS Cover design Édiscript enr. and Elizabeth Schwaiger Cover image Fragmented Memory by Phillip David Stearns, n.d., Personal Data, Software, Jacquard Woven Cotton. Image © Phillip David Stearns, reproduced with kind permission from the artist. The University of Ottawa Press gratefully acknowledges the support extended to its publishing list by Canadian Heritage through the Canada Book Fund, by the Canada Council for the Arts, by the Ontario Arts Council, by the Federation for the Humanities and Social Sciences through the Awards to Scholarly Publications Program, and by the University of Ottawa.
    [Show full text]
  • Investigating and Prosecuting Cyber Crime: Forensic Dependencies and Barriers to Justice
    International Journal of Cyber Criminology Vol 9 Issue 1 January – June 2015 Copyright © 2015 International Journal of Cyber Criminology (IJCC) – Publisher & Editor-in-Chief – K. Jaishankar ISSN: 0973-5089 - January – June 2015. Vol. 9 (1): 55–119. DOI: 10.5281/zenodo.22387 This is an Open Access article distributed under the terms of the Creative Commons Attribution-NonCommercial-ShareAlikeHTU 4.0 International (CC-BY-NC-SA 4.0) License,UTH whichT permits unrestricted non-commercial use,T distribution, and reproduction in any medium, provided the original work is properly cited. ThisT license does not permit commercial exploitation or the creation of derivative works without specific permission. Investigating and Prosecuting Cyber Crime: Forensic Dependencies and Barriers to Justice Cameron S. D. Brown1 Australian National University, Australia Abstract The primary goal of this paper is to raise awareness regarding legal loopholes and enabling technologies, which facilitate acts of cyber crime. In perusing these avenues of inquiry, the author seeks to identify systemic impediments which obstruct police investigations, prosecutions, and digital forensics interrogations. Existing academic research on this topic has tended to highlight theoretical perspectives when attempting to explain technology aided crime, rather than presenting practical insights from those actually tasked with working cyber crime cases. The author offers a grounded, pragmatic approach based on the in-depth experience gained serving with police task-forces, government agencies, private sector, and international organizations. The secondary objective of this research encourages policy makers to reevaluate strategies for combating the ubiquitous and evolving threat posed by cyber- criminality. Research in this paper has been guided by the firsthand global accounts (via the author’s core involvement in the preparation of the Comprehensive Study on Cybercrime (United Nations Office on Drugs and Crime, 2013) and is keenly focused on core issues of concern, as voiced by the international community.
    [Show full text]
  • The Trojan Horse Defense in Cybercrime Cases, 21 Santa Clara High Tech
    Santa Clara High Technology Law Journal Volume 21 | Issue 1 Article 1 2004 The rT ojan Horse Defense in Cybercrime Cases Susan W. Brenner Brian Carrier Jef Henninger Follow this and additional works at: http://digitalcommons.law.scu.edu/chtlj Part of the Law Commons Recommended Citation Susan W. Brenner, Brian Carrier, and Jef Henninger, The Trojan Horse Defense in Cybercrime Cases, 21 Santa Clara High Tech. L.J. 1 (2004). Available at: http://digitalcommons.law.scu.edu/chtlj/vol21/iss1/1 This Article is brought to you for free and open access by the Journals at Santa Clara Law Digital Commons. It has been accepted for inclusion in Santa Clara High Technology Law Journal by an authorized administrator of Santa Clara Law Digital Commons. For more information, please contact [email protected]. ARTICLES THE TROJAN HORSE DEFENSE IN CYBERCRIME CASES Susan W. Brennert & Brian Carrier with Jef Henninger* TABLE OF CONTENTS I. INTRODUCTION ............................................................. 3 II. LEGAL ISSUES ............................................................ 14 A. How the Trojan Horse Defense Is Used ...................... 16 1. Raise Reasonable Doubt ............................................ 16 2. Negate Mens Rea ..................................................... 18 3. Establishing the Defense .......................................... 18 B. How Can the Prosecution Respond? ............. .......... 21 1. Establish Defendant's Computer Expertise .............. 22 2. "Character" Evidence ..............................................
    [Show full text]
  • Resource Materials on Technology-Enabled Crime
    Resource materials on technology-enabled crime Gregor Urbas Kim-Kwang Raymond Choo Technical and Background Paper No. 28 © Australian Institute of Criminology 2008 ISSN 1445-7261 ISBN 978 1 921185 70 0 Apart from any fair dealing for the purpose of private study, research, criticism or review, as permitted under the Copyright Act 1968 (Cth), no part of this publication may in any form or by any means (electronic, mechanical, microcopying, photocopying, recording or otherwise) be reproduced, stored in a retrieval system or transmitted without prior written permission. Inquiries should be addressed to the publisher. Project no. 0074a Published by the Australian Institute of Criminology GPO Box 2944 Canberra ACT 2601 Tel: (02) 6260 9272 Fax: (02) 6260 9299 Email: [email protected] Website: http://www.aic.gov.au Please note: minor revisions are occasionally made to publications after release. The online versions available on this website will always include any revisions. Disclaimer: The views expressed do not necessarily represent the policies of the Australian Government or AHTCC. Edited and typeset by the Australian Institute of Criminology Resource materials on technology-enabled crime Gregor Urbas Kim-Kwang Raymond Choo Technical and Background Paper No. 28 Contents Foreword and acknowledgements v Introduction 1 Background 2 Terminology and definitions 2 Brief historical background 3 Main types of technology-enabled crime 5 Future trends 6 Prevalence and costs of technology-enabled crime 6 Issues for law enforcement agencies, prosecutors
    [Show full text]
  • Analysis of the Use of XOR As an Obfuscation Technique in a Real Data Corpus Carolina Zarate, Simson Garfinkel, Aubin Heffernan, Scott Horras, Kyle Gorak
    Analysis of the Use of XOR as an Obfuscation Technique in a Real Data Corpus Carolina Zarate, Simson Garfinkel, Aubin Heffernan, Scott Horras, Kyle Gorak To cite this version: Carolina Zarate, Simson Garfinkel, Aubin Heffernan, Scott Horras, Kyle Gorak. Analysis of theUse of XOR as an Obfuscation Technique in a Real Data Corpus. 10th IFIP International Conference on Digital Forensics (DF), Jan 2014, Vienna, Austria. pp.117-132, 10.1007/978-3-662-44952-3_9. hal-01393766 HAL Id: hal-01393766 https://hal.inria.fr/hal-01393766 Submitted on 8 Nov 2016 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Distributed under a Creative Commons Attribution| 4.0 International License Chapter 9 ANALYSIS OF THE USE OF XOR AS AN OBFUSCATION TECHNIQUE IN AREALDATACORPUS Carolina Zarate, Simson Garfinkel, Aubin Heffernan, Scott Horras and Kyle Gorak Abstract The only digital forensic tools known to provide an automated approach for evaluating XOR obfuscated data are DCCI Carver and DC3 Carver, two general-purpose carvingtools developed by the Defense Cyber Crime Center (DC3). In order to determine the use of XOR as an obfuscation technique and the need to adapt additional tools, we analyzed 2,411 drive images from devices acquired from countries around the world.
    [Show full text]
  • Prismvol. 7, No. 2 | 2017
    PRISMVOL. 7, NO. 2 | 2017 THE FIFTH DOMAIN PRISM VOL. 7, NO. 2 NO. VOL. 7, | 2017 cco.ndu.edu A JOURNAL OF THE CENTER FOR COMPLEX OPER ATIONS PRISM ABOUT VOL. 7, NO.2 2017 PRISM, a quarterly journal published by the Center for Complex Operations (CCO) at National Defense University, aims to illuminate and provoke debate on whole-of- government efforts to conduct reconstruction, stabilization, counterinsurgency, and EDITOR NDU’S CENTER FOR COMPLEX OPERATIONS irregular warfare operations. Since its inaugural issue in 2010, PRISM’s readership Mr. Michael Miklaucic has expanded to include more than 10,000 officials, servicemen and women, and The United States Congress in 2009 authorized the establishment of a Center for practitioners from across the diplomatic, defense, and development communities in Complex Operations (CCO) in response to a widely perceived need for interagency interoperability in analysis of, planning for, and intervening in complex operations DEPUTY EDITOR more than 88 countries. worldwide. These include reconstruction, stabilization, counterinsurgency, and Ms. Patricia Clough irregular warfare—operations that demand support from all elements of national COMMUNICATIONS power to succeed. WEBMASTER PRISM encourages authors to aggressively seek out and identify problems that should Created within DOD as a collaborative initiative with support from the Department be addressed irrespective of prevailing U.S. Government policy or current military of State and the U.S. Agency for International Development, the aim of CCO is to: Ms. Rebecca Harper doctrine. We welcome unsolicited manusscripts from policymakers, practitioners, and scholars, particularly those that present emerging thought, best practices, or ■ enable more effective networking, coordination, and synchronization of DESIGN training and education innovations.
    [Show full text]
  • Trusted Computing and the Digital Crime Scene
    ARTICLE: TRUSTED COMPUTING AND THE DIGITAL By Yianna Danidou and CRIME SCENE Burkhard Schafer This paper analyses the future of digital company that patrolled the house regularly and forensics in an environment where control is checked all rooms and storage facilities for increasingly taken away from PC users and intruders or explosive devices. The company had remotely managed by trusted third parties, outsourced several of its activities to other typically to improve internet security. Trusted partner companies, making copies of the key available to them as needed. Their records Computing (TC) is used as the most developed confirm without doubt that nobody but the owner example to illustrate some of the possible legal and employees or agents of the company entered issues that arise. the room between the time of the murder and the police search that seized the knife. Introduction Consider the following physical world crime scene What can we say in these four scenarios about the scenarios: evidential value of the knife? Intuitively, it seems clear that the owner of the house in scenario 1 has some 1. The house of a suspect in a murder inquiry is explaining to do. Objects found in his possession can searched. In a locked room, and a locked chest be clearly attributed to him, and there is no obvious within that room, a bloodied knife is found that explanation for the knife other than that he hid it has the DNA of a murder victim on its blade. The there. Equally, it seems intuitively clear that the room and the chest were securely locked, the situation is considerably different in scenario 2.
    [Show full text]
  • Download Download
    ARTICLE: DIGITAL FORENSICS INSTITUTE IN MALAYSIA: THE WAY FORWARD THE TROJAN HORSE DEFENCE – a modern PROBLEM OF DIGITAL EVIDENCE By Miha Šepec The Trojan horse defence is an important aspect He asserts that somebody else must have committed of the investigation of crimes involving digital the crime using malicious software, or placed it in his evidence. In raising this defence, the accused claims computer system. The prosecutor must prove that the that they are not responsible for some or all of the crime was not committed by malicious software or some digital evidence that forms the offence, but by someone other perpetrator using this software, which can be else who has abused their computer system with a difficult. The purpose of this defence is often to create Trojan horse or other malicious code. The prosecution doubt in the minds of the jury and the judge. The defence must refute such claims with certainty, otherwise will be hard to refute and will often suffice for an acquittal the court (or the jury) will have to find the defendant on the basis of reasonable doubt. innocent of the crime. At first glance it is obvious that this is an extremely difficult issue that requires the cooperation of various To avoid the Trojan horse defence, law enforcement experts – criminal lawyers that know the legal system, but agents will also, in addition to presenting digital evidence are restricted in terms of technical know-how; and digital (which must not only prove the existence of a crime, but evidence specialists, who have technical and expert also the absence of malicious codes and other offenders knowledge, but often lack knowledge of the legal system.
    [Show full text]
  • The Trojan Horse Defense Revisited
    Journal of Digital Forensics, Security and Law Volume 9 Number 4 Article 4 2014 Technical Soddi Defenses: The Trojan Horse Defense Revisited Chad M. Steel Steel George Mason University Follow this and additional works at: https://commons.erau.edu/jdfsl Part of the Computer Engineering Commons, Computer Law Commons, Electrical and Computer Engineering Commons, Forensic Science and Technology Commons, and the Information Security Commons Recommended Citation Steel, Chad M. (2014) "Technical Soddi Defenses: The Trojan Horse Defense Revisited," Journal of Digital Forensics, Security and Law: Vol. 9 : No. 4 , Article 4. DOI: https://doi.org/10.15394/jdfsl.2014.1192 Available at: https://commons.erau.edu/jdfsl/vol9/iss4/4 This Article is brought to you for free and open access by the Journals at Scholarly Commons. It has been accepted for inclusion in Journal of Digital Forensics, Security and Law by an authorized administrator of (c)ADFSL Scholarly Commons. For more information, please contact [email protected]. Technical SODDI Defenses: The Trojan Horse Defense Revisited JDFSL V9N4 This work is licensed under a Creative Commons Attribution 4.0 International License. TECHNICAL SODDI DEFENSES: THE TROJAN HORSE DEFENSE REVISITED Chad M. S. Steel George Mason University MS 2B5 Fairfax, VA 22030 [email protected] ABSTRACT In 2004, the Trojan horse defense was at a crossroads, having been successfully employed in two child pornography cases in the United Kingdom, resulting in acquittals. Despite the early successes, the Trojan horse defense has failed to become a regularly employed strategy. The original Trojan horse defense has now become part of the more general technical SODDI (Some Other Dude Did It) defense, which includes the possibility of unknown actors using unsecured Wi-Fi connections or having physical access to a computer to perform criminal acts.
    [Show full text]
  • To Download Notes on Unit 5 Notes Trojan Horse
    LNCT GROUP OF COLLEGES Name of Faculty: Shubha Mishra Designation: Assistant Professor Department: Information Technology Subject & Subject Code: WMC & IT-602 Unit: V Topic: Trojan Horse Defense LNCT GROUP OF COLLEGES Trojan Horse A Trojan horse or Trojan is a kind of malware that frequently changed as authentic software. Unlike computer worms and viruses, Trojans are not able to self-replicate. Hackers and cyber-thieves who try to gain access to a user’s system use Trojans. Users fall for some form of social engineering and accidentally load and execute Trojans onto their systems. After the activation process, Trojans allow cybercriminals to spy on the users, steal their personal data, and gain backdoor access to their system. Top 5 Actions of Trojan Horse Virus These actions can include: . Blocking data . Deleting data . Copying data . Modifying data . Disrupting the performance of computer networks or computers Types of Trojan Viruses Some of the key Trojan varieties include: . Trojan-Banker This Trojan has been designed for stealing account data for online banking systems, debit and credit cards. Rootkit This is a sophisticated type of Trojan capable of providing remote control of a victim’s device to the cybercriminal. These Trojans allow the victim’s device to be used as part of a botnet. Trojan-FakeAV This Trojan horse program misrepresents the security status of a computer. These programs convince the user to purchase software in order to remove non-existent malware or security risks from the computer. They continually prompt users to pay for the software using their credit cards. Some programs make use of strategies designed to disrupt or irritate the activities of the user until the software is purchased.
    [Show full text]