Social and Behavioral Sciences Commons^™

Investigating Information Structure Of Phishing Emails Based On Persuasive Communication Perspective, Ki J. Lee, Il-Yeol Song

Journal of Digital Forensics, Security and Law

Current approaches of phishing filters depend on classifying messages based on textually discernable features such as IP-based URLs or domain names as those features that can be easily extracted from a given phishing message. However, in the same sense, those easily perceptible features can be easily manipulated by sophisticated phishers. Therefore, it is important that universal patterns of phishing messages should be identified for feature extraction to serve as a basis for text classification. In this paper, we demonstrate that user perception regarding phishing message can be identified in central and peripheral routes of information processing. We also present a …

Monitoring And Surveillance In The Workplace: Lessons Learnt? – Investigating The International Legal Position, Verine Etsebeth

Journal of Digital Forensics, Security and Law

When considering the legal implications of monitoring and surveillance in the workplace, the question may be asked why companies deploy computer surveillance and monitoring in the first place. Several reasons may be put forward to justify why more than 80% of all major American firms monitor employee e-mails and Internet usage. However, what most companies forget is the fact that the absence or presence of monitoring and surveillance activities in a company holds serious legal consequences for companies. From the discussion in this paper it will become apparent that there is a vast difference in how most countries approach this …

The Evolution Of Internet Legal Regulation In Addressing Crime And Terrorism, Murdoch Watney

Journal of Digital Forensics, Security and Law

Internet regulation has evolved from self-regulation to the criminalization of conduct to state control of information available, accessed and submitted. Criticism has been leveled at the different forms of state control and the methods employed to enforce state control. After the terrorist attack on the USA on 11 September 2001, governments justify Internet state control as a law enforcement and national security tool against the abuse and misuse of the Internet for the commission of serious crimes, such as phishing, child pornography; terrorism and copyright infringement. Some Internet users and civil rights groups perceive state control as an abomination which …

Information Technology Act 2000 In India - Authentication Of E-Documents, R. G. Pawar, B. S. Sawant, A. Kaiwade

Journal of Digital Forensics, Security and Law

The Information Technology Act 2000 has enacted in India on 9th June 2000. This Act has mentioned provision of authentication of electronic document. It is the need of hour at that time that such provision is needed in the Indian Law system, especially for electronic commerce and electronic governance. Electronic commerce”, which involve the use of alternatives to paper based methods of communication and storage information. To do electronic commerce there should be authentication of particular document. The working of internet is the documents are traveling in terms of bits from one destination to other destination, through various media like …

The Common Body Of Knowledge: A Framework To Promote Relevant Information Security Research, Kenneth J. Knapp, F. N. Ford, Thomas E. Marshall, R. K. Rainer

Journal of Digital Forensics, Security and Law

This study proposes using an established common body of knowledge (CBK) as one means of organizing information security literature. Consistent with calls for more relevant information systems (IS) research, this industrydeveloped framework can motivate future research towards topics that are important to the security practitioner. In this review, forty-eight articles from ten IS journals from 1995 to 2004 are selected and cross-referenced to the ten domains of the information security CBK. Further, we distinguish articles as empirical research, frameworks, or tutorials. Generally, this study identified a need for additional empirical research in every CBK domain including topics related to legal …

An Exploratory Analysis Of Computer Mediated Communications On Cyberstalking Severity, Stephen D. Barnes, David P. Biros

Journal of Digital Forensics, Security and Law

The interaction between disjunctive interpersonal relationships, those where the parties to the relationship disagree on the goals of the relationship, and the use of computer mediated communications channels is a relatively unexplored domain. Bargh (2002) suggests that CMC channels can amplify the development of interpersonal relationships, and notes that the effect is not constant across communications activities. This proposal suggests a line of research that explores the interaction between computer mediated communications (CMC) and stalking, which is a common form of disjunctive relationships. Field data from cyberstalking cases will be used to look at the effects of CMC channels on …

Making Molehills Out Of Mountains: Bringing Security Research To The Classroom, Richard G. Taylor

Journal of Digital Forensics, Security and Law

Security research published in academic journals rarely finds its way to the business community or into the classroom. Even though the research is of high quality, it is written in a manner that is difficult to read and to understand. This paper argues that one way to get this academic research into the business community is to incorporate it into security classrooms. To do so, however, academic articles need to be adapted into a classroom-friendly format. This paper suggests ways to do this and provides an example of an academic article that was adapted for use in a security management …

Computer Crimes: A Case Study Of What Malaysia Can Learn From Others?, Janaletchumi Appudurai, Chitra L. Ramalingam

Journal of Digital Forensics, Security and Law

Rapid development of information technology (IT) has brought with it many new applications such as e-commerce and global business. The past few years have seen activities in the legislative arena covering issues such as digital signatures, the international recognition of electronic documents and privacy and data protection. Both the developed and developing countries have exhibited keenness to embrace the IT environment. Securing this electronic environment from intrusion, however, continues to be problematic. A particular favorite form of computer crime would be ‘hacking’. As more computer systems move on to on-line processing and improved telecommunications, computer hackers are now a real …

Providing A Foundation For Analysis Of Volatile Data Stores, Timothy Vidas

Journal of Digital Forensics, Security and Law

Current threats against typical computer systems demonstrate a need for forensic analysis of memory-resident data in addition to the conventional static analysis common today. Certain attacks and types of malware exist solely in memory and leave little or no evidentiary information on nonvolatile stores such as a hard disk drive. The desire to preserve system state at the time of response may even warrant memory acquisition independent of perceived threats and the ability to analyze the acquired duplicate.

Tools capable of duplicating various types of volatile data stores are becoming widely available. Once the data store has been duplicated, current …

Education Organization Baseline Control Protection And Trusted Level Security, Wasim A. Al-Hamdani

Journal of Digital Forensics, Security and Law

Many education organizations have adopted for security the enterprise best practices for implementation on their campuses, while others focus on ISO Standard (or/and) the National Institution of Standards and Technology.

All these adoptions are dependent on IT personal and their experiences or knowledge of the standard. On top of this is the size of the education organizations. The larger the population in an education organization, the more the problem of information and security become very clear. Thus, they have been obliged to comply with information security issues and adopt the national or international standard. The case is quite different when …

Securitycom: A Multi-Player Game For Researching And Teaching Information Security Teams, Douglas P. Twitchell

Journal of Digital Forensics, Security and Law

A major portion of government and business organizations’ attempts to counteract information security threats is teams of security personnel. These teams often consist of personnel of diverse backgrounds in specific specialties such as network administration, application development, and business administration, resulting in possible conflicts between security, functionality, and availability. This paper discusses the use of games to teach and research information security teams and outlines research to design and build a simple, team-oriented, configurable, information security game. It will be used to study how information security teams work together to defend against attacks using a multi-player game, and to study …

Information Governance: A Model For Security In Medical Practice, Patricia A. Williams

Journal of Digital Forensics, Security and Law

Information governance is becoming an important aspect of organisational accountability. In consideration that information is an integral asset of most organisations, the protection of this asset will increasingly rely on organisational capabilities in security. In the medical arena this information is primarily sensitive patient-based information. Previous research has shown that application of security measures is a low priority for primary care medical practice and that awareness of the risks are seriously underestimated. Consequently, information security governance will be a key issue for medical practice in the future. Information security governance is a relatively new term and there is little existing …

The Design And Implementation Of An Automated Security Compliance Toolkit: A Pedagogical Exercise, Guillermo Francia, Brian Estes, Rahjima Francia, Vu Nguyen, Alex Scroggins

Journal of Digital Forensics, Security and Law

The demand, through government regulations, for the preservation of the security, integrity, and privacy of corporate and customer information is increasing at an unprecedented pace. Government and private entities struggle to comply with these regulations through various means—both automated and manual controls. This paper presents an automated security compliance toolkit that is designed and developed using mostly open source tools to demonstrate that 1) meeting regulatory compliance does not need to be a very expensive proposition and 2) an undertaking of this magnitude could be served as a pedagogical exercise for students in the areas of collaboration, project management, software …

Network And Database Security: Regulatory Compliance, Network, And Database Security - A Unified Process And Goal, Errol A. Blake

Journal of Digital Forensics, Security and Law

Database security has evolved; data security professionals have developed numerous techniques and approaches to assure data confidentiality, integrity, and availability. This paper will show that the Traditional Database Security, which has focused primarily on creating user accounts and managing user privileges to database objects are not enough to protect data confidentiality, integrity, and availability. This paper is a compilation of different journals, articles and classroom discussions will focus on unifying the process of securing data or information whether it is in use, in storage or being transmitted. Promoting a change in Database Curriculum Development trends may also play a role …

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.

A Grounded Theory Approach To Identifying And Measuring Forensic Data Acquisition Tasks, Gregory H. Carlton

Journal of Digital Forensics, Security and Law

As a relatively new field of study, little empirical research has been conducted pertaining to computer forensics. This lack of empirical research contributes to problems for practitioners and academics alike.

For the community of practitioners, problems arise from the dilemma of applying scientific methods to legal matters based on anecdotal training methods, and the academic community is hampered by a lack of theory in this evolving field. A research study utilizing a multi-method approach to identify and measure tasks practitioners perform during forensic data acquisitions and lay a foundation for academic theory development was conducted in 2006 in conjunction with …

Identifying Non-Volatile Data Storage Areas: Unique Notebook Identification Information As Digital Evidence, Nikica Budimir, Jill Slay

Journal of Digital Forensics, Security and Law

The research reported in this paper introduces new techniques to aid in the identification of recovered notebook computers so they may be returned to the rightful owner. We identify non-volatile data storage areas as a means of facilitating the safe storing of computer identification information. A forensic proof of concept tool has been designed to test the feasibility of several storage locations identified within this work to hold the data needed to uniquely identify a computer. The tool was used to perform the creation and extraction of created information in order to allow the analysis of the non-volatile storage locations …

Book Review: Conquest In Cyberspace: National Security And Information Warfare, Gary C. Kessler

Journal of Digital Forensics, Security and Law

This is the Book Review column for the JDFSL. It is an experiment to broaden the services that the journal provides to readers, so we are anxious to get your reaction. Is the column useful and interesting? Should we include more than one review per issue? Should we also review products? Do you have suggested books/products for review and/or do you want to write a review? All of this type of feedback -- and more -- is appreciated. Please feel free to send comments to Gary Kessler (gary.kessler@champlain.edu) or Glenn Dardick (gdardick@dardick.net).

Book Review: Computer Forensics: Principles And Practices, Gary C. Kessler

Journal of Digital Forensics, Security and Law

This issue presents the third Book Review column for the JDFSL. It is an experiment to broaden the services that the journal provides to readers, so we are anxious to get your reaction. Is the column useful and interesting? Should we include more than one review per issue? Should we also review products? Do you have suggested books/products for review and/or do you want to write a review? All of this type of feedback -- and more -- is appreciated. Please feel free to send comments to Gary Kessler (gary.kessler@champlain.edu) or Glenn Dardick (gdardick@dardick.net).

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.

Paper Session V: Forensic Software Tools For Cell Phone Subscriber Identity Modules, Wayne Jansen, Rick Ayers

Annual ADFSL Conference on Digital Forensics, Security and Law

Cell phones and other handheld devices incorporating cell phone capabilities (e.g., smart phones) are ubiquitous. Besides placing calls, cell phones allow users to perform other tasks such as text messaging and phonebook entry management. When cell phones and cellular devices are involved in a crime or other incident, forensic specialists require tools that allow the proper retrieval and speedy examination of data present on the device. For devices conforming to the Global System for Mobile Communications (GSM) standards, certain data such as dialed numbers, text messages, and phonebook entries are maintained on a Subscriber Identity Module (SIM). This paper gives …

Paper Session V: Steganography And Terrorist Communications - Current Information And Trends - Tools, Analysis And Future Directions In Steganalysis In Context With Terrorists And Other Criminals, William Eyre, Marcus Rogers

Annual ADFSL Conference on Digital Forensics, Security and Law

In ancient times, users communicated using steganography, “…derived from the Greek words steganos, meaning ‘covered’, and graphein, meaning ‘to write.’” (Singh, 1999, p.5) Steganography facilitates secret, undetected communication. In modern times, in the context of the Global War on Terror, national intelligence and law enforcement agencies need tools to detect hidden information (steganography) in various types of media, most specifically to uncover the placement of hidden information in images. This paper will look at steganography in general terms, presenting the theory of some common steganographic techniques and touching on some theoretical work in steganography. Then a discussion of how to …

Paper Session Iv: Toward Understanding Digital Forensics As A Profession: Defining Curricular Needs (***Research In Process ***), Michelle Wolf, Alan Shafer, Michael Gendron

Annual ADFSL Conference on Digital Forensics, Security and Law

This research paper presents research in process which attempts to define the common body of knowledge (CBK) of digital forensics. Digital forensics is not well defined not does it have a generally accepted CBK. The first three phases of completed research, in a four-phase research process are discussed. The early results have created a preliminary CBK, and final validation is underway.

Paper Session Iv: Development And Delivery Of Coursework - The Legal/Regulatory/Policy Environment Of Cyberforensics, John W. Bagby, John C. Ruhnka

Annual ADFSL Conference on Digital Forensics, Security and Law

This paper describes a cyber-forensics course that integrates important public policy and legal issues as well as relevant forensic techniques. Cyber-forensics refers to the amalgam of multi-disciplinary activities involved in the identification, gathering, handling, custody, use and security of electronic files and records, involving expertise from the forensic domain, and which produces evidence useful in the proof of facts for both commercial and legal activities. The legal and regulatory environment in which electronic discovery takes place is of critical importance to cyber-forensics experts because the legal process imposes both constraints and opportunities for the effective use of evidence gathered through …

Paper Session Iii: Research Brief: A Curriculum For Teaching Information Technology Investigative Techniques For Auditors, Grover S. Kearns, Elizabeth V. Mulig

Annual ADFSL Conference on Digital Forensics, Security and Law

Recent prosecutions of highly publicized white-collar crimes combined with public outrage have resulted in heightened regulation and greater emphasis on systems of internal control. Because both white-collar and cybercrimes are usually perpetrated through computers, auditors’ knowledge of information technology (IT) is now more vital than ever. However, preserving digital evidence and investigative techniques, which can be essential to fraud examinations, are not skills frequently taught in accounting programs. Furthermore, many students are not instructed in the use of computer assisted auditing tools and techniques – applications that might uncover fraudulent activity. Only a limited number of university-level accounting classes provide …

Paper Session Ii: Forensic Scene Documentation Using Mobile Technology, Ibrahim Baggili

Annual ADFSL Conference on Digital Forensics, Security and Law

This paper outlines a framework for integrating forensic scene documentation with mobile technology. Currently there are no set standards for documenting a forensic scene. Nonetheless, there is a conceptual framework that forensic scientists and engineers use that includes note taking, scene sketches, photographs, video, and voice interview recordings. This conceptual framework will be the basis that a mobile forensic scene documentation software system is built on. A mobile software system for documenting a forensic scene may help in standardizing forensic scene documentation by regulating the data collection and documentation processes for various forensic disciplines.

Book Review: Digital Crime And Forensic Science In Cyberspace, Gary C. Kessler

Journal of Digital Forensics, Security and Law

This issue presents the first Book Review column for the JDFSL. It is an experiment to broaden the services that the journal provides to readers, so we are anxious to get your reaction. Is the column useful and interesting? Should we include more than one review per issue? Should we also review products? Do you have suggested books/products for review and/or do you want to write a review? All of this type of feedback -- and more -- is appreciated. Please feel free to send comments to Gary Kessler (gary.kessler@champlain.edu) or Glenn Dardick (gdardick@dardick.net).

The 2006 Analysis Of Information Remaining On Disks Offered For Sale On The Second Hand Market, Andy Jones, Craig Valli, Iain Sutherland, Paula Thomas

Journal of Digital Forensics, Security and Law

All organisations, whether in the public or private sector, use computers for the storage and processing of information relating to their business or services, their employees and their customers. A large proportion of families and individuals in their homes now also use personal computers and, both intentionally and inadvertently, often store on those computers personal information. It is clear that most organisations and individuals continue to be unaware of the information that may be stored on the hard disks that the computers contain, and have not considered what may happen to the information after the disposal of the equipment.

In …