Spelling suggestions: "subject:"computer crimes -- 1nvestigation"" "subject:"computer crimes -- anvestigation""
21 |
A Multi-Modal Insider Threat Detection and Prevention based on Users' BehaviorsHashem, Yassir 08 1900 (has links)
Insider threat is one of the greatest concerns for information security that could cause more significant financial losses and damages than any other attack. However, implementing an efficient detection system is a very challenging task. It has long been recognized that solutions to insider threats are mainly user-centric and several psychological and psychosocial models have been proposed. A user's psychophysiological behavior measures can provide an excellent source of information for detecting user's malicious behaviors and mitigating insider threats. In this dissertation, we propose a multi-modal framework based on the user's psychophysiological measures and computer-based behaviors to distinguish between a user's behaviors during regular activities versus malicious activities. We utilize several psychophysiological measures such as electroencephalogram (EEG), electrocardiogram (ECG), and eye movement and pupil behaviors along with the computer-based behaviors such as the mouse movement dynamics, and keystrokes dynamics to build our framework for detecting malicious insiders. We conduct human subject experiments to capture the psychophysiological measures and the computer-based behaviors for a group of participants while performing several computer-based activities in different scenarios. We analyze the behavioral measures, extract useful features, and evaluate their capability in detecting insider threats. We investigate each measure separately, then we use data fusion techniques to build two modules and a comprehensive multi-modal framework. The first module combines the synchronized EEG and ECG psychophysiological measures, and the second module combines the eye movement and pupil behaviors with the computer-based behaviors to detect the malicious insiders. The multi-modal framework utilizes all the measures and behaviors in one model to achieve better detection accuracy. Our findings demonstrate that psychophysiological measures can reveal valuable knowledge about a user's malicious intent and can be used as an effective indicator in designing insider threat monitoring and detection frameworks. Our work lays out the necessary foundation to establish a new generation of insider threat detection and mitigation mechanisms that are based on a user's involuntary behaviors, such as psychophysiological measures, and learn from the real-time data to determine whether a user is malicious.
|
22 |
The psychological effects experienced by computer forensic examiners working with child pornographyWhelpton, Juliette 02 1900 (has links)
Convergence of technology has made access to the Internet faster, easier and cheaper. Criminals, including paedophiles, child abusers and pornography traders make use of this technology to commit criminal offences. Computer Forensic Examiners (CFEs) are members of the Cyber Crime Unit, a professional, specialised unit of the South African Police Service (SAPS) who are responsible for computer forensic examination including the investigation of child pornographic images. The aim of the study was to seek understanding on what psychological effects the CFEs experienced when working with the images and was conducted from within the social constructionism and the narrative frameworks. The images had a severe impact on the CFEs as was clearly uncovered in the stories of six CFEs who participated in this study. The participants' stories were recorded and transcribed after which the application of thematic content analysis found that the participants all suffered similar negative effects. These findings were integrated with the findings of a focus group as well as with the findings of a similar study that was conducted during the same time by the Crimes against Children Research Center at the University of New Hampshire and resulted in identifying symptoms of trauma and stress experienced by the CFEs. Based on these results recommendations regarding the support for the CFEs were made. / Psychology / M.A. (Psychology)
|
23 |
Computer seizure as technique in forensic investigationNdara, Vuyani 19 March 2014 (has links)
The problem encountered by the researcher was that the South African Police Service Cyber-Crimes Unit is experiencing problems in seizing computer evidence. The following problems were identified by the researcher in practice: evidence is destroyed or lost because of mishandling by investigators; computer evidence is often not obtained or recognised, due to a lack of knowledge and skills on the part of investigators to properly seize computer evidence; difficulties to establish authenticity and initiate a chain of custody for the seized evidence; current training that is offered is unable to cover critical steps in the performance of seizing computer evidence; computer seizure as a technique requires specialised knowledge and continuous training, because the information technology industry is an ever-changing area.
An empirical research design, followed by a qualitative research approach, allowed the researcher to also obtain information from practice. A thorough literature study, complemented by interviews, was done to collect the required data for the research. Members of the South African Police Cyber-crime Unit and prosecutors dealing with cyber-crime cases were interviewed to obtain their input into, and experiences on, the topic.
The aim of the study was to explore the role of computers in the forensic investigation process, and to determine how computers can be seized without compromising evidence. The study therefore also aimed at creating an understanding and awareness about the slippery nature of computer evidence, and how it can find its way to the court of law without being compromised. The research has revealed that computer crime is different from common law or traditional crimes. It is complicated, and therefore only skilled and qualified forensic experts should be used to seize computer evidence, to ensure that the evidence is not compromised. Training of cyber-crime technicians has to be priority, in order to be successful in seizing computers. / Department of Criminology / M.Tech. (Forensic Investigation)
|
24 |
Exploring the value of computer forensics in the investigation of procurement fraudThemeli, Aluwani Rufaroh 01 1900 (has links)
The research problem for this study was that forensic investigators in the Forensic Services (FS) of the City of Tshwane (CoT) are unable to successfully deal with procurement fraud as a result of the lack of knowledge, skills and resources required to conduct computer forensics during the investigation of procurement fraud. This research was conducted to ascertain the value of computer forensics in the investigation of procurement fraud. Further, the study sought to determine how to improve the CoT forensic investigators’ knowledge and competence regarding the application of computer forensics in the investigation of procurement fraud.
The purpose of this study was to explore the procedures that should be followed by CoT forensic investigators when conducting computer forensics during the investigation of procurement fraud. The research also aimed to discover new information, not previously known to the researcher, related to computer forensics during the investigation of procurement fraud by exploring national and international literature. In addition, the study explored existing practices so as to use this information to improve the current CoT procedure, within the confines of the legislative requirements.
The overall purpose of this study is to provide practical recommendations for best practices, based on the results of the data analysis, which address the problem and enhance the investigative skills of CoT forensic investigators. The study established that it is imperative and compulsory to apply computer forensics in any procurement fraud investigation in order to efficiently track down cyber criminals and solve complicated and complex computer crimes. It was also established that forensic investigators within the FS in the CoT lack the necessary computer skills to optimally investigate procurement fraud. It is therefore recommended that CoT forensic investigators acquire the necessary skills and essential training in computer forensics in order to improve their knowledge and competence regarding the application and understanding of the value of computer forensics in the investigation of procurement fraud. / School of Criminal Justice / M.Tech. (Forensic Investigation)
|
25 |
Computer seizure as technique in forensic investigationNdara, Vuyani 19 March 2014 (has links)
The problem encountered by the researcher was that the South African Police Service Cyber-Crimes Unit is experiencing problems in seizing computer evidence. The following problems were identified by the researcher in practice: evidence is destroyed or lost because of mishandling by investigators; computer evidence is often not obtained or recognised, due to a lack of knowledge and skills on the part of investigators to properly seize computer evidence; difficulties to establish authenticity and initiate a chain of custody for the seized evidence; current training that is offered is unable to cover critical steps in the performance of seizing computer evidence; computer seizure as a technique requires specialised knowledge and continuous training, because the information technology industry is an ever-changing area.
An empirical research design, followed by a qualitative research approach, allowed the researcher to also obtain information from practice. A thorough literature study, complemented by interviews, was done to collect the required data for the research. Members of the South African Police Cyber-crime Unit and prosecutors dealing with cyber-crime cases were interviewed to obtain their input into, and experiences on, the topic.
The aim of the study was to explore the role of computers in the forensic investigation process, and to determine how computers can be seized without compromising evidence. The study therefore also aimed at creating an understanding and awareness about the slippery nature of computer evidence, and how it can find its way to the court of law without being compromised. The research has revealed that computer crime is different from common law or traditional crimes. It is complicated, and therefore only skilled and qualified forensic experts should be used to seize computer evidence, to ensure that the evidence is not compromised. Training of cyber-crime technicians has to be priority, in order to be successful in seizing computers. / Department of Criminology / M.Tech. (Forensic Investigation)
|
26 |
Procedures for searching evidence in the investigation of computer-related crime in Bulawayo, ZimbabweNcube, Njabulo 11 1900 (has links)
Text in English / The continued advancement in myriad technological, societal and legal issues has affected the investigation of computer aided crimes. The investigators are confronted with tremendous impediments as the computer aided and traditional crime scenes differ. The study sought to analyse the procedures for searching evidence in the investigation of computer-related crime with the intention to improve admissibility of such evidence.
The researcher employed empirical design to reach conclusions based upon evidence collected from observations and real life experiences. This aided the researcher to obtain information through face-to-face interviews. The study was qualitative in approach as it consisted of a set of interpretive and material practices that make the real social world visible.
The training curriculum for investigators should include aspects of computer-related crime investigation, search and seizure of computer evidence. Search and collection of computer-related evidence should be done preferably by qualified forensic experts, so that evidence is accepted in court. / Police Practice / M. Tech. (Forensic Investigation)
|
27 |
The psychological effects experienced by computer forensic examiners working with child pornographyWhelpton, Juliette 02 1900 (has links)
Convergence of technology has made access to the Internet faster, easier and cheaper. Criminals, including paedophiles, child abusers and pornography traders make use of this technology to commit criminal offences. Computer Forensic Examiners (CFEs) are members of the Cyber Crime Unit, a professional, specialised unit of the South African Police Service (SAPS) who are responsible for computer forensic examination including the investigation of child pornographic images. The aim of the study was to seek understanding on what psychological effects the CFEs experienced when working with the images and was conducted from within the social constructionism and the narrative frameworks. The images had a severe impact on the CFEs as was clearly uncovered in the stories of six CFEs who participated in this study. The participants' stories were recorded and transcribed after which the application of thematic content analysis found that the participants all suffered similar negative effects. These findings were integrated with the findings of a focus group as well as with the findings of a similar study that was conducted during the same time by the Crimes against Children Research Center at the University of New Hampshire and resulted in identifying symptoms of trauma and stress experienced by the CFEs. Based on these results recommendations regarding the support for the CFEs were made. / Psychology / M.A. (Psychology)
|
28 |
Investigating the use of forensic stylistic and stylometric techniques in the analyses of authorship on a publicly accessible social networking site (Facebook)Michell, Colin Simon 2013 July 1900 (has links)
This research study examines the forensic application of a selection of stylistic and stylometric techniques in a simulated authorship attribution case involving texts on the social networking site, Facebook. Eight participants each submitted 2,000 words of self-authored text from their personal Facebook messages, and one of them submitted an extra 2,000 words to act as the ‘disputed text’. The texts were analysed in terms of the first 1,000 words received and then at the 2,000-word level to determine what effect text length has on the effectiveness of the chosen style markers (keywords, function words, most frequently occurring words, punctuation, use of digitally mediated communication features and spelling). It was found that despite accurately identifying the author of the disputed text at the 1,000-word level, the results were not entirely conclusive but at the 2,000-word level the results were more promising, with certain style markers being particularly effective. / Linguistics / MA (Linguistics)
|
29 |
Investigating the use of forensic stylistic and stylometric techniques in the analyses of authorship on a publicly accessible social networking site (Facebook)Michell, Colin Simon 07 1900 (has links)
This research study examines the forensic application of a selection of stylistic and stylometric techniques in a simulated authorship attribution case involving texts on the social networking site, Facebook. Eight participants each submitted 2,000 words of self-authored text from their personal Facebook messages, and one of them submitted an extra 2,000 words to act as the ‘disputed text’. The texts were analysed in terms of the first 1,000 words received and then at the 2,000-word level to determine what effect text length has on the effectiveness of the chosen style markers (keywords, function words, most frequently occurring words, punctuation, use of digitally mediated communication features and spelling). It was found that despite accurately identifying the author of the disputed text at the 1,000-word level, the results were not entirely conclusive but at the 2,000-word level the results were more promising, with certain style markers being particularly effective. / Linguistics and Modern Languages / M.A. (Linguistics)
|
30 |
Utilising advanced accounting software to trace the reintegration of proceeds of crime, from underground banking into the formal banking systemBotes, Christo 30 April 2008 (has links)
The aim of this paper is to research how advanced accounting software can be used by police detectives, financial risk specialists and forensic investigation specialists, who are responsible for the investigation and tracing of the reintegration of proceeds of crime, from underground banking into formal banking system (pro active and reactive money laundering investigation) with a view on criminal prosecution.
The research started of by looking at the basic ways how proceeds of crime are smuggled before it is integrated into the formal banking system. In that context, the phenomenon of Underground banking was researched. Currency smuggling, Hawala currency transfer schemes and the way in which it is used to move proceeds of crime were discussed in detail. Thereafter Formal banking and the way in which proceeds of crime is reintegrated from underground banking structures into formal banking systems were discussed.
The use of advanced accounting software to trace the point where proceeds of crime are reintegrated into formal banking were researched extensively. Accounting software and investigative techniques on how to trace financial transactions which might be tainted with proceeds of crime were discussed. Accounting software which can be used on office computers such as laptops were discussed and more advanced automated systems which can be used to trace proceeds of crime transactions in the formal banking systems were also discussed. In specific, the investigative techniques on how to use these systems as investigative tools were discussed in great detail. This research paper gives a truly unique perspective on the financial investigative and analytical angle on proceeds of crime and money laundering detection. / Criminal Justice / M.Tech. (Forensic Investigation)
|
Page generated in 0.143 seconds