Investigating computer-related crime
著者
書誌事項
Investigating computer-related crime
CRC Press, c2000
大学図書館所蔵 件 / 全7件
-
該当する所蔵館はありません
- すべての絞り込み条件を解除する
注記
Includes bibliographical references and index
内容説明・目次
内容説明
Written by an experienced information security specialist, Investigating Computer-Related Crime is tailored to the needs of corporate information professionals and investigators. It gives a step-by-step approach to understanding and investigating security problems, and offers the technical information, legal information, and computer forensic techniques you need to preserve the security of your company's information.
Investigating Computer-Related Crime discusses the nature of cyber crime, its impact in the 21st century, its investigation and the difficulties encountered by both public law enforcement officials and private investigators. By detailing an investigation and providing helpful case studies, this book offers insights into collecting and preserving evidence, interrogating suspects and witnesses; handling the crime in progress, and issues in involving the authorities. The seasoned author offers valuable, firsthand information on using the forensic utilities for preserving evidence and searching for hidden information, to help you devise solutions to the computer-related crimes that threaten the well-being of your company.
目次
Forward by Michael Anderson-New Technologies, Inc., Former Special Agent IRS
Preface
What This Book is About
Who Should Read This Book
THE NATURE OF CYBER CRIME
Cyber Crime as We Enter the 21st Century
What is Cyber Crime?
How Does Today's Cyber Crime Differ From the Hacker Exploits of Yesterday?
The Reality of Information Warfare in the Corporate Environment
Industrial Espionage-Hackers For Hire
Public Law Enforcement's Role in Cyber Crime Investigations
The Role of Private Cyber Crime Investigators and Security Consultants in Investigations
The Potential Impacts of Cyber Crime
Data Thieves
Misinformation
Denial of Service
Rogue Code Attacks
Viruses, Trojan Horses and Worms
Logic Bombs
Responding to Rogue Code Attacks
Protection of Extended Mission Critical Computer Systems
Surgical Strikes and Shotgun Blasts
Symptoms of a Surgical Strike
Masquerading
Case Study: The Case of the Cyber Surgeon
Symptoms of Shotgun Blasts
"Up Yours"-Mailbombs
Data Floods
INVESTIGATING CYBER CRIME
A Framework for Conducting an Investigation of a Computer Security Incident
Managing Intrusions
Why We Need an Investigative Framework
What Should an Investigative Framework Provide?
Drawbacks for the Corporate Investigator
A Generalized Investigative Framework for Corporate Investigators
Look for the Hidden Flaw
The Human Aspects of Cyber Crime Investigation
Motive, Means and Opportunity
The Difference Between "Evidence" and "Proof"
Look for the Logical Error
Vanity
Analyzing the Remnants of a Computer Security Incident
What We Mean by a "Computer Security Incident"
We Never Get the Call Soon Enough
Cyber Forensic Analysis-Computer Crimes Involving Networks
Computer Forensic Analysis-Computer Crimes at the Computer
Software Forensic Analysis-Who Wrote the Code?
The Limitations of System Logs
The Logs May Tell the Tale-But There are No Logs
Multiple Log Analysis
Launching an Investigation
Securing the Virtual Crime Scene
Collecting and Preserving Evidence
Interrogating and Interviewing Suspects and Witnesses
Developing and Testing an Intrusion Hypothesis
Investigating Alternative Explanations
You May Never Catch the Culprit
Damage Control and Containment
Determining if a Crime Has Taken Place
Statistically, You Probably Don't Have a Crime
Believe Your Indications
What Constitutes Evidence?
Using Tools to Verify That a Crime Has Occurred
Unix Crash Dump Analysis
Recovering Data From Damaged Disks
Examining Logs-Special Tools Can Help
Clues From Witness Interviews
Maintaining Crime Scene Integrity Until You Make a Determination
Case Study: The Case of the CAD/CAM Cad
Case Study: The Case of the Client-Server
Handling the Crime in Progress
Intrusions-The Intruder is Still On-Line
Should You Trap, Shut Down or Scare Off the Intruder?
Trap and Trace Techniques
Legal Issues in Trap and Trace
Stinging-Goat Files and Honey Pots
"It Never Happened"-Cover-Ups are Common
Case Study: The Case of the Innocent Intruder
The Importance of Well Documented Evidence
Maintaining a Chain of Custody
Politically Incorrect-Understanding Why People Cover Up for a Cyber Crook
Involving the Authorities
Who Has Jurisdiction?
What Happens When You Involve Law Enforcement Agencies?
Making the Decision
When an Investigation Can't Continue
When and Why Should You Stop an Investigation?
Legal Liability and Fiduciary Duty
Political Issues
PREPARING FOR CYBER CRIME
Building a Corporate Cyber "SWAT Team"
Why Do Organizations Need a Cyber SWAT Team?
What Does a Cyber SWAT Team Do?
Who Belongs on a Cyber SWAT Team?
Training Investigative Teams
Privacy and Computer Crime
The Importance of Formal Policies
Who Owns the E-mail?
The Disk Belongs to the Organization, But What About the Data?
The "Privacy Act"(s)
Wiretap Laws
USING THE FORENSIC UTILITIES
Preface To This Section-How the Section is Organized
Preserving Evidence-First Steps
"Marking" Evidence With an MD5 Hash and M-Crypt
Taking a Hard Disk Inventory with FileList
Using SafeBack 2.0 To Take an Image of a Fixed Disk
Searching For Hidden Information
The Intelligent Filter
IP Filter
GetSlack
GetFree
SeeJunk
Text Search Pro
Using the Norton Utilities
Handling Floppy Disks
AnaDisk
Copying Floppies to a Work Disk
Disks Within Disks
「Nielsen BookData」 より