Spelling suggestions: "subject:"computer crimes"" "subject:"coomputer crimes""
141 |
A Privacy-Preserving, Context-Aware, Insider Threat prevention and prediction model (PPCAITPP)Tekle, Solomon Mekonnen 07 1900 (has links)
The insider threat problem is extremely challenging to address, as it is committed by insiders who are
trusted and authorized to access the information resources of the organization. The problem is further
complicated by the multifaceted nature of insiders, as human beings have various motivations and
fluctuating behaviours. Additionally, typical monitoring systems may violate the privacy of insiders.
Consequently, there is a need to consider a comprehensive approach to mitigate insider threats. This
research presents a novel insider threat prevention and prediction model, combining several approaches,
techniques and tools from the fields of computer science and criminology. The model is a Privacy-
Preserving, Context-Aware, Insider Threat Prevention and Prediction model (PPCAITPP). The model is
predicated on the Fraud Diamond (a theory from Criminology) which assumes there must be four elements
present in order for a criminal to commit maleficence. The basic elements are pressure (i.e. motive),
opportunity, ability (i.e. capability) and rationalization. According to the Fraud Diamond, malicious
employees need to have a motive, opportunity and the capability to commit fraud. Additionally, criminals
tend to rationalize their malicious actions in order for them to ease their cognitive dissonance towards
maleficence. In order to mitigate the insider threat comprehensively, there is a need to consider all the
elements of the Fraud Diamond because insider threat crime is also related to elements of the Fraud
Diamond similar to crimes committed within the physical landscape.
The model intends to act within context, which implies that when the model offers predictions about threats,
it also reacts to prevent the threat from becoming a future threat instantaneously. To collect information
about insiders for the purposes of prediction, there is a need to collect current information, as the motives
and behaviours of humans are transient. Context-aware systems are used in the model to collect current
information about insiders related to motive and ability as well as to determine whether insiders exploit any
opportunity to commit a crime (i.e. entrapment). Furthermore, they are used to neutralize any
rationalizations the insider may have via neutralization mitigation, thus preventing the insider from
committing a future crime. However, the model collects private information and involves entrapment that
will be deemed unethical. A model that does not preserve the privacy of insiders may cause them to feel
they are not trusted, which in turn may affect their productivity in the workplace negatively. Hence, this
thesis argues that an insider prediction model must be privacy-preserving in order to prevent further
cybercrime. The model is not intended to be punitive but rather a strategy to prevent current insiders from
being tempted to commit a crime in future.
The model involves four major components: context awareness, opportunity facilitation, neutralization
mitigation and privacy preservation. The model implements a context analyser to collect information related
to an insider who may be motivated to commit a crime and his or her ability to implement an attack plan.
The context analyser only collects meta-data such as search behaviour, file access, logins, use of keystrokes
and linguistic features, excluding the content to preserve the privacy of insiders. The model also employs
keystroke and linguistic features based on typing patterns to collect information about any change in an
insider’s emotional and stress levels. This is indirectly related to the motivation to commit a cybercrime.
Research demonstrates that most of the insiders who have committed a crime have experienced a negative
emotion/pressure resulting from dissatisfaction with employment measures such as terminations, transfers
without their consent or denial of a wage increase. However, there may also be personal problems such as a
divorce. The typing pattern analyser and other resource usage behaviours aid in identifying an insider who
may be motivated to commit a cybercrime based on his or her stress levels and emotions as well as the
change in resource usage behaviour. The model does not identify the motive itself, but rather identifies those
individuals who may be motivated to commit a crime by reviewing their computer-based actions. The model
also assesses the capability of insiders to commit a planned attack based on their usage of computer
applications and measuring their sophistication in terms of the range of knowledge, depth of knowledge and
skill as well as assessing the number of systems errors and warnings generated while using the applications.
The model will facilitate an opportunity to commit a crime by using honeypots to determine whether a
motivated and capable insider will exploit any opportunity in the organization involving a criminal act.
Based on the insider’s reaction to the opportunity presented via a honeypot, the model will deploy an
implementation strategy based on neutralization mitigation. Neutralization mitigation is the process of
nullifying the rationalizations that the insider may have had for committing the crime. All information about
insiders will be anonymized to remove any identifiers for the purpose of preserving the privacy of insiders.
The model also intends to identify any new behaviour that may result during the course of implementation.
This research contributes to existing scientific knowledge in the insider threat domain and can be used as a
point of departure for future researchers in the area. Organizations could use the model as a framework to
design and develop a comprehensive security solution for insider threat problems. The model concept can
also be integrated into existing information security systems that address the insider threat problem / Information Science / D. Phil. (Information Systems)
|
142 |
Exploring the value of computer forensics in the investigation of procurement fraudThemeli, Aluwani Rufaroh 01 1900 (has links)
The research problem for this study was that forensic investigators in the Forensic Services (FS) of the City of Tshwane (CoT) are unable to successfully deal with procurement fraud as a result of the lack of knowledge, skills and resources required to conduct computer forensics during the investigation of procurement fraud. This research was conducted to ascertain the value of computer forensics in the investigation of procurement fraud. Further, the study sought to determine how to improve the CoT forensic investigators’ knowledge and competence regarding the application of computer forensics in the investigation of procurement fraud.
The purpose of this study was to explore the procedures that should be followed by CoT forensic investigators when conducting computer forensics during the investigation of procurement fraud. The research also aimed to discover new information, not previously known to the researcher, related to computer forensics during the investigation of procurement fraud by exploring national and international literature. In addition, the study explored existing practices so as to use this information to improve the current CoT procedure, within the confines of the legislative requirements.
The overall purpose of this study is to provide practical recommendations for best practices, based on the results of the data analysis, which address the problem and enhance the investigative skills of CoT forensic investigators. The study established that it is imperative and compulsory to apply computer forensics in any procurement fraud investigation in order to efficiently track down cyber criminals and solve complicated and complex computer crimes. It was also established that forensic investigators within the FS in the CoT lack the necessary computer skills to optimally investigate procurement fraud. It is therefore recommended that CoT forensic investigators acquire the necessary skills and essential training in computer forensics in order to improve their knowledge and competence regarding the application and understanding of the value of computer forensics in the investigation of procurement fraud. / School of Criminal Justice / M.Tech. (Forensic Investigation)
|
143 |
Computer seizure as technique in forensic investigationNdara, Vuyani 19 March 2014 (has links)
The problem encountered by the researcher was that the South African Police Service Cyber-Crimes Unit is experiencing problems in seizing computer evidence. The following problems were identified by the researcher in practice: evidence is destroyed or lost because of mishandling by investigators; computer evidence is often not obtained or recognised, due to a lack of knowledge and skills on the part of investigators to properly seize computer evidence; difficulties to establish authenticity and initiate a chain of custody for the seized evidence; current training that is offered is unable to cover critical steps in the performance of seizing computer evidence; computer seizure as a technique requires specialised knowledge and continuous training, because the information technology industry is an ever-changing area.
An empirical research design, followed by a qualitative research approach, allowed the researcher to also obtain information from practice. A thorough literature study, complemented by interviews, was done to collect the required data for the research. Members of the South African Police Cyber-crime Unit and prosecutors dealing with cyber-crime cases were interviewed to obtain their input into, and experiences on, the topic.
The aim of the study was to explore the role of computers in the forensic investigation process, and to determine how computers can be seized without compromising evidence. The study therefore also aimed at creating an understanding and awareness about the slippery nature of computer evidence, and how it can find its way to the court of law without being compromised. The research has revealed that computer crime is different from common law or traditional crimes. It is complicated, and therefore only skilled and qualified forensic experts should be used to seize computer evidence, to ensure that the evidence is not compromised. Training of cyber-crime technicians has to be priority, in order to be successful in seizing computers. / Department of Criminology / M.Tech. (Forensic Investigation)
|
144 |
Probing Cyber-Bullying Experiences of First Year University Students at a Selected Rural University in South AfricaTsorai, Precious Pachawo 18 May 2018 (has links)
MGS / Institute for Gender and Youth Studies / Most people view bullying as a childhood challenge which children outgrow with age.
However, bullies grow up and even go to universities where they continue with their
bullying tactics; harassing their fellow students. The development of technology has
allowed bullying to be taken to adulthood through cyber-bullying. Technology has
become a big part of young people’s lives and it plays an increasingly important role
in their day-to-day activities. However, it has also become a platform for young
people to intimidate and harass each other. Cyber-bullying has become a huge
problem for university students, which can cause long term effects to victims. It
involves sending hurtful, threatening or embarrassing messages to one another.
Cyber-bullying causes problems such as depression, anxiety, suicide, poor school
attendance and performance for the victims of such an act. Both males and females
take part in cyber-bullying. Avenues for cyber-bullying by students include emails,
blogs, text messages, and social network sites such as Facebook, My Space,
Whatsapp, Instagram and twitter among others. The main aim of this study was to
probe cyber-bullying experiences of both male and female first year students at the
University of Venda. Qualitative research approach was used. Snowball sampling, a
subtype of non-probability sampling was used to select the respondents for the
study. Semi-structured interviews were used as the data collecting tool. The data
was analysed using thematic analysis. Confidentiality, anonymity, voluntary
participation and informed consent were among the ethical considerations that were
followed. The study found that cyber-bullying is prevalent at the University of Venda
and it socially, academically, psychologically and physically affects students. More
female students were found to be victims of cyber-bullying when compared to male
students. In view of the magnitude of cyber-bullying among university students; there
is a need for urgent action by the University of Venda management to come up with / NRF
|
145 |
The Effect of Cyber Security on Citizens Adoption of e-Commerce Services: The Case of Vhembe District in Limpopo Province of South AfricaNetshirando, Vusani 18 May 2019 (has links)
MCom (Business Information Systems) / Department of Business Information Systems / Today, information and communication technologies (ICT) have become an integral part of humans lives more especially in business, be it those in developed or developing countries. The evolution of ICT’s has also led to the introduction of e-Commerce services. Both the public and private sectors, develop these technologies with customer satisfaction in mind. Out of all the efforts by businesses and ICT experts, e-commerce systems continue to fail because of low user acceptance and user attitude, especially in developing nations. Security issues are known to be of top most concern for online shoppers. A survey was administered to 161 respondents, to find out how cyber security affects consumer’s intentions and actual use of e-commerce systems. The study encompasses both users of e-commerce systems and non-users of e-commerce systems across Vhembe district of Limpopo Province in South Africa. A quantitative research approach was used. The findings revealed that perceived security was the main concern for non-users of e-commerce intentions to use e-commerce systems because of lack of information and lack of trust on e-commerce systems. The study also revealed that users of e-commerce systems are still concerned about security, even though they intend to continue using e-commerce systems. For the success of e-commerce in rural communities, government needs to join hands with retailers and SME’s to start awareness campaigns that will clarify how e-commerce systems work and eradicate negative perception on e-commerce systems. / NRF
|
146 |
The moderating effect of information security on the adoption of mobile marketing transactions among South African tertiary studentsDonga, Gift Taruwandira January 2020 (has links)
PhD (Business Management) / Department of Business Management / Despite the fast pace of development within the mobile commerce industry globally, marketers in developing countries are still lagging in understanding why and how consumers participate in mobile marketing transactions. The literature reporting on mobile marketing transactions’ adoption in a South African context remains largely inconsistent and fragmented as most previous studies are based on the experience of consumers in a non-South African (and nondeveloping country) context. Therefore, this study identifies a literature gap, in that there lacks a sufficient critical mass of studies into the moderating effect of information security on consumer adoption of mobile marketing transactions in South Africa particularly among the youth who have a strong affinity for constant mobile connectivity. Furthermore, confronted with rapid changes in emerging technology, previous models of technology adoption are slowly becoming outmoded. Consequently, this study considered testing a proposed model on the predictive power of marketing-related mobile activity to help improve understanding and prognosis of the adoption of mobile marketing transactions in South Africa. Specifically, in order to render these tests robust, perceived information security was applied as a moderator variable to increase the explanatory power of the model. The objectives set out for this research were measured utilising a single cross-sectional approach, guided by the positivist paradigm. In keeping with the dictates of ensuring the highest levels of reliability and validity, a measuring instrument developed from past studies was used. Using a self-administered questionnaire, data were collected from a sample of 810 students from selected South African universities. Descriptive and multivariate statistical tests including the moderated hierarchical regression analysis were used to analyse data. The implication of the study is that it provides both marketers and policymakers with a set of controllable variables that may be manipulated to promote the adoption of mobile marketing transactions. / NRF
|
147 |
Utilising advanced accounting software to trace the reintegration of proceeds of crime, from underground banking into the formal banking systemBotes, Christo 30 April 2008 (has links)
The aim of this paper is to research how advanced accounting software can be used by police detectives, financial risk specialists and forensic investigation specialists, who are responsible for the investigation and tracing of the reintegration of proceeds of crime, from underground banking into formal banking system (pro active and reactive money laundering investigation) with a view on criminal prosecution.
The research started of by looking at the basic ways how proceeds of crime are smuggled before it is integrated into the formal banking system. In that context, the phenomenon of Underground banking was researched. Currency smuggling, Hawala currency transfer schemes and the way in which it is used to move proceeds of crime were discussed in detail. Thereafter Formal banking and the way in which proceeds of crime is reintegrated from underground banking structures into formal banking systems were discussed.
The use of advanced accounting software to trace the point where proceeds of crime are reintegrated into formal banking were researched extensively. Accounting software and investigative techniques on how to trace financial transactions which might be tainted with proceeds of crime were discussed. Accounting software which can be used on office computers such as laptops were discussed and more advanced automated systems which can be used to trace proceeds of crime transactions in the formal banking systems were also discussed. In specific, the investigative techniques on how to use these systems as investigative tools were discussed in great detail. This research paper gives a truly unique perspective on the financial investigative and analytical angle on proceeds of crime and money laundering detection. / Criminal Justice / M.Tech. (Forensic Investigation)
|
148 |
Utilising advanced accounting software to trace the reintegration of proceeds of crime, from underground banking into the formal banking systemBotes, Christo 30 April 2008 (has links)
The aim of this paper is to research how advanced accounting software can be used by police detectives, financial risk specialists and forensic investigation specialists, who are responsible for the investigation and tracing of the reintegration of proceeds of crime, from underground banking into formal banking system (pro active and reactive money laundering investigation) with a view on criminal prosecution.
The research started of by looking at the basic ways how proceeds of crime are smuggled before it is integrated into the formal banking system. In that context, the phenomenon of Underground banking was researched. Currency smuggling, Hawala currency transfer schemes and the way in which it is used to move proceeds of crime were discussed in detail. Thereafter Formal banking and the way in which proceeds of crime is reintegrated from underground banking structures into formal banking systems were discussed.
The use of advanced accounting software to trace the point where proceeds of crime are reintegrated into formal banking were researched extensively. Accounting software and investigative techniques on how to trace financial transactions which might be tainted with proceeds of crime were discussed. Accounting software which can be used on office computers such as laptops were discussed and more advanced automated systems which can be used to trace proceeds of crime transactions in the formal banking systems were also discussed. In specific, the investigative techniques on how to use these systems as investigative tools were discussed in great detail. This research paper gives a truly unique perspective on the financial investigative and analytical angle on proceeds of crime and money laundering detection. / Criminal Justice / M.Tech. (Forensic Investigation)
|
149 |
Strafregtelike beskerming van inligtingNienaber, Catharina Wilhelmina 11 1900 (has links)
In hierdie proefskrif is die belangrike rol wat inligting tans en toenemend in die samelewing speel ondersoek, om te beklemtoon hoe noodsaaklik dit tans is om `n misdryf wat die wederregtelike en opsetlike verkryging van inligting strafbaar sal reël, te verorden. Die rol wat industriële spioenasie in die verband speel word uitgelig. As gevolg van die bepaalde onliggaamlike aard van inligting kan inligting nie soos liggaamlike eiendom `n persoon ontneem word nie. Inligting word gewoonlik bloot gekopieer en die oorspronklike houer van die inligting behou die inligting hoewel die dader ook die inligting verkry. Die gemeenregtelike misdaad van diefstal maak dus nie voorsiening vir die diefstal van inligting waar die inligting bloot gekopieer of gedupliseer is nie.
Om te bepaal hoe hierdie bepaalde probleem in ander lande se regstelsels aangespreek word en om kennis op te doen oor hoe dit in die Suid-Afrikaanse reg aangespreek behoort te word, is die strafregtelike bepalings en selfs nie-strafregtelike bepalings in lande soos Engeland, Amerika, Kanada en Nederland ondersoek.
Ten einde vas te stel welke inligting deur die strafreg beskerm behoort te word, is selfs sekere nie-strafregtelike bepalings van vermelde lande en van die Suid-Afrikaanse reg nagegaan. Insigte is verkry oor welke elemente sodanige inligting aan moet voldoen en `n definisie van beskermwaardige inligting word aanbeveel. Vir hierdie doel is `n nuwe begrip van beskermwaardige inligting geskep.
Die redes waarom diefstal van inligting nie in Suid-Afrikaanse en die ander lande se regstelsels nie erken word nie, is bespreek. Die wyse waarop die gemeenregtelike misdaad van diefstal na die diefstal van onliggaamlike geld uitgebrei is, is ondersoek waarna `n aanbeveling gemaak word oor hoe die definisie van diefstal uitgebrei kan word om ook ander onliggaamlike objekte in te sluit. As gevolg van die bepaalde aard van inligting kan die gemeenregtelike definisie van diefstal nie uitgebrei word om inligting as `n objek in te sluit nie en word `n statutêre misdryf van diefstal van inligting voorgestel. / Jurisprudence / LL. D.
|
150 |
Cyber crime: a comparative law analysisMaat, Sandra Mariana 11 1900 (has links)
The Electronic Communications and Transactions Act, 25 of 2002, eradicated various lacunae that previously existed in respect of cyber crimes. Cyber crimes such as inter alia hacking, rogue code, unauthorised modification of data and denial of service attacks have now been criminalised. Specific criminal provisions in relation to spamming, computer-related fraud and extortion have also been included in the Act. It is argued that theft of incorporeal items such as information has already been recognised in our law, but has not been taken to its logical conclusion in our case law. However, there are instances where neither the common law nor our statutory provisions are applicable and where there is still a need for legislative intervention. The Act sufficiently deals with jurisdiction, the admissibility of data messages, the admissibility of electronic signatures and the regulation of cryptography. Cyber inspectors are a new addition to law enforcement. / Jurisprudence / L. L. M.
|
Page generated in 0.0766 seconds