cyber crime & investigation

31
Cyber Crime & Investigation Presented by: Arnel C. Reyes IT Security Consultant

Upload: elana

Post on 23-Feb-2016

95 views

Category:

Documents


5 download

DESCRIPTION

Cyber Crime & Investigation. Presented by: Arnel C. Reyes IT Security Consultant. Fast Growth of Cyber Crime. Converged Telecom and Information Technologies Frequent Transnational Communication Highly Organized and Globalized Management of Crime Rings - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: Cyber Crime & Investigation

Cyber Crime & Investigation

Presented by:Arnel C. Reyes

IT Security Consultant

Page 2: Cyber Crime & Investigation

Fast Growth of Cyber Crime

Converged Telecom and Information TechnologiesFrequent Transnational CommunicationHighly Organized and Globalized Management of Crime RingsIneffective Investigation with Joint Effort of Multi-countries

Page 3: Cyber Crime & Investigation

Globalized Cyber Crime

Where is the swindler?

Cloud Computing = Network ComputingThrough Internet, computers can cooperate with each other, or services are available more far-reaching...

Page 4: Cyber Crime & Investigation

Globalized Cyber Crime

Source: http://www.darkgovernment.com/news/fbi-warning-cyber-threat-bigger-than-ever

Page 5: Cyber Crime & Investigation

Common Cyber Crime Features

Criminals

Internet

Technical Skills

Criminal Model

Emerging ICT

Technologies

Internet as primary criminal tools, places, or targets

High technical skill at all online and network services

Predict and profile the characteristics of unknown criminal subjects or offenders

New Converged ICT Technologies

Page 6: Cyber Crime & Investigation

Investigation on Criminals

e-Positioning Tracking

Monitoring Lawful Intercept

Victim & Witness Interview Interrogation

Database Lookup Warrant & Confiscation

Traditional investigation on criminals is commonly applied in cyber crime events quite often.

Page 7: Cyber Crime & Investigation

How to Identify Criminal Hard to Conduct Analysis of Large Volume of Data

Hard to Track Transnational Communication

Hard to Maintain Integrity of Data

Difficulties of Investigation

Hard to Locate Network Route Hard to Identify Anonymity or Dummy Account

Page 8: Cyber Crime & Investigation

Different Investigation Processes

Page 9: Cyber Crime & Investigation

Process Flow for Cyber Investigation

Primary Data SourcingPrimary Data Study & Deeper Source CollectionFurther InvestigationSuspects Arrest & Evidence CollectionFollow-up

Clues, informer, case claim, daily crime information collection and integration, sourcing

Study primary data, cross check databases in Police Department, Google on Internet and confirm crime type in order to prepare investigation

Phone record, lawful intercept, tracking, location positioning, knowledge of crime organization and members

Arrest all suspects, confiscate all evidences, check all computers, telephone record, booking record etc...

Follow-up investigation on related targets & evidence and hunting for clues from other members to combat all gangsters

Page 10: Cyber Crime & Investigation

e-Detective Tactical ServerBest Tactical Solution for:

Network Protocol Decoding and Content ReconstructionAuditing and Record Keeping with ISO 27001, SOX, HIPPA etc…Internet Surveillance/Monitoring & Network Behavior RecordingForensics Analysis and Cyber Investigation

Internet Surveillance and Forensics Analysis System

Page 11: Cyber Crime & Investigation

Lawful Interception Solution

Page 12: Cyber Crime & Investigation

Corporate Interception Solution

Page 13: Cyber Crime & Investigation

INTERNET

HTTPS MITM(ED2S)

Targeted Users HTTPS traffic needs tobe routed or redirected to this

MITM system.

GatewayRouter

L3 Core Switch

(Re-routing Function)

Web/Mail ServerHTTPS/SSL

1

2

Target Users

HTTPS/SSL Interception Solution

Page 14: Cyber Crime & Investigation

e-Detective is Easy to Operate

1. Just use IE Browser login system from local or remote2. Uses https protocol for security protection3. Multi password, user’s name and User’s Group for

system login control

Page 15: Cyber Crime & Investigation

e-Detective: Homepage

Page 16: Cyber Crime & Investigation

e-Detective: Email – POP3/SMTP/IMAP

Page 17: Cyber Crime & Investigation

e-Detective: Web Mail (Read)

Page 18: Cyber Crime & Investigation

e-Detective: Web Mail (Sent)

Page 19: Cyber Crime & Investigation

e-Detective: IM/Chat - Yahoo

Page 20: Cyber Crime & Investigation

e-Detective: File Transfer - FTP

Page 21: Cyber Crime & Investigation

e-Detective: File Transfer – P2P

Page 22: Cyber Crime & Investigation

e-Detective: HTTP – Link/Content

Page 23: Cyber Crime & Investigation

e-Detective: HTTP Upload/Download

Page 24: Cyber Crime & Investigation

e-Detective: HTTP Video Stream

Page 25: Cyber Crime & Investigation

e-Detective: Search – Condition/Parameter

Page 26: Cyber Crime & Investigation

e-Detective: Search – Association/Relation

Page 27: Cyber Crime & Investigation

External Storage (SAN/NAS/CD/DVD)for preserving digital assets &

for future recovery of DATA(Backup CD Reader SW is provided)

e-Detective: Backup Storage

Page 28: Cyber Crime & Investigation

Types Of Companies Need E-Detective Aside from Government

Companies that install E-Detective as a Deterrent, will inform their staffs that Internet activities are being fully monitored.

Financial, Banking and Investment Companies such as derivatives, futures, etc. All transactions to be monitored.

Companies like marketing, design house, high technologies, which critically need to prevent leakage of data. Staffs communicate with customers or vendors through web-based system need E-Detective to archive data.

Who Needs e-Detective?

Page 29: Cyber Crime & Investigation

Crackdown on Fraud Rings

Thailand

China

IndonesiaMalaysia

Philippines

Taiwan

Europe

Vietnam

US

Africa

Page 30: Cyber Crime & Investigation

DECISION GROUP INC.

E-DetectiveWireless-Detective

E-Detective Decoding Centre

Data Retention Management System

NIT (Network Investigation Toolkit)Network Packet Forensic Analysis Training

FIT (Forensics Investigation Toolkit)VoIP DetectiveHTTPS/SSL Interceptor

E-Detective LEMFCentralized Management System

Enterprise Data Guard System

National Security Surveillance TrainingCyber Crime Investigation Training

Network Forensics and Lawful Interception

Page 31: Cyber Crime & Investigation

Thank you!!!

I hope you find it informative…

Email Me @[email protected]

Visit our website @www.tasaheelglobal.com