Hi-Tech Crime is the “Real Thing”

Len Hynds, is head of the UK-based National Hi-tech Crime Unit in the UK. The Unit has been around since 2001 and is endeavouring to bridge the gap in information sharing between law enforcement and the security commmunity to eradicate hi-tech crime. The expression “Hi-Tech Crime” is a classic oxymoron. We are talking about cutting edge technology when we talk of matters “hi-tech” — conjuring positive, forward thinking, images. And then we link this term with “crime.” Little wonder then that my colleagues in mainstream policing assign it specialist status. And hardly surprising I suppose that IT security is rarely seen as a board level portfolio for the business community. We must recognize hi-tech crime for what it really is — if we are to combat it. It is every type of crime but with a component placing it in the digital environment. It is able to operate instantaneously, remotely, and with disregard for sovereignty and geography. It also becomes easier for criminals to target multiple-victims, hide assets, and cover the evidential trail.     

Analysis of crime patterns through the integration of an agent-based model and a population microsimulation

In recent years, criminologists have become interested in understanding crime variations at progressively finer spatial scales, right down to individual streets or even houses. To model at these fine spatial scales, and to better account for the dynamics of the crime system, agent-based models of crime are emerging. Generally, these have been more successful in representing the behaviour of criminals than their victims. In this paper it is suggested that individual representations of criminal behaviour can be enhanced by combining them with models of the criminal environment which are specified at a similar scale. In the case of burglary this means the identification of individual households as targets. We will show how this can be achieved using the complementary technique of microsimulation. The work is significant because it allows agent-based models of crime to be refined geographically (to allow, for example, individual households with varying wealth or occupancy measures) and leads to the identification of the characteristics of individual victims.     

计算机犯罪与计算机犯罪取证技术发展的研究

如今的计算机和计算机网络充斥着各种犯罪活动,与现实生活中的犯罪活动不同的是,目前对网络犯罪的监管力度远远低于现实生活中的犯罪活动,并且由于计算机罪犯往往可以不受限制的获取进行犯罪所需的专业知识,实施犯案行为不受地域限制,并具有高隐蔽性的特征,所以增长十分迅速。计算机犯罪已经不是单靠防御就能解决问题,而是需要更多的主动性手段来打击和威慑计算机犯罪。     

Computer crime — Risk management and computer security

An analysis will be made on 95 cases of computer fraud and over 60 cases of computer crime reported in the U.K. from various private and public sources to establish the pattern of abuse and the modus operandi in various crime perpetration — who are the victims, who are the computer criminals, size of loss, penalties and detection and lessons learnt from the reported cases.The paper moves on to discuss the various options of risk control and crime prevention, risk analysis and business impact review, and how to set a budget for control of abuse.The paper closes with a discussion of the future implications from the proliferation of personal computers, office systems and distributed processing. What advantages would the future criminal gain from these activities? What would the auditor or security manager have to do to combat the potential new crime wave?     

Decision support systems for police: Lessons from the application of data mining techniques to “soft” forensic evidence

The paper sets out the challenges facing the Police in respect of the detection and prevention of the volume crime of burglary. A discussion of data mining and decision support technologies that have the potential to address these issues is undertaken and illustrated with reference the authors’ work with three Police Services. The focus is upon the use of “soft” forensic evidence which refers to modus operandi and the temporal and geographical features of the crime, rather than “hard” evidence such as DNA or fingerprint evidence. Three objectives underpin this paper. First, given the continuing expansion of forensic computing and its role in the emergent discipline of Crime Science, it is timely to present a review of existing methodologies and research. Second, it is important to extract some practical lessons concerning the application of computer science within this forensic domain. Finally, from the lessons to date, a set of conclusions will be advanced, including the need for multidisciplinary input to guide further developments in the design of such systems. The objectives are achieved by first considering the task performed by the intended systems users. The discussion proceeds by identifying the portions of these tasks for which automation would be both beneficial and feasible. The knowledge discovery from databases process is then described, starting with an examination of the data that police collect and the reasons for storing it. The discussion progresses to the development of crime matching and predictive knowledge which are operationalised in decision support software. The paper concludes by arguing that computer science technologies which can support criminal investigations are wide ranging and include geographical information systems displays, clustering and link analysis algorithms and the more complex use of data mining technology for profiling crimes or offenders and matching and predicting crimes. We also argue that knowledge from disciplines such as forensic psychology, criminology and statistics are essential to the efficient design of operationally valid systems.     

浅析跨国网络犯罪的特征及防控

计算机信息技术的迅速发展和普及在给人们提供方便快捷的同时,也给了不法分子以可乘之机。跨国网络犯罪的滋生、蔓延和扩大不仅侵害到了人们的财产、隐私及安全,还对社会政治、经济秩序造成了严重的影响。把握跨国网络犯罪的特征,并提出切实有效的防控对策才能遏制和打击跨国网络犯罪的发展及其危害的扩大。     

Branch Network and Modular Service Optimization for Community Banking

In the information society, what is clearly changing is the role and image of bank branches in order to satsify in a more efficient way customers' needs. This paper develops an integrated approach to assist the bank's management in reconfiguring a branch network according to the dictates of the market. We are seeking the optimum number of branches and the optimum mix of services that each branch should offer in order to maximize the revenue–generating measures of the branches within a community. The problem is modeled using a linear program that accounts for community performance as a function of performance variables that are explained by a set of external and internal factors, which reflect community characteristics and modular branch banking parameters, respectively. The relationships between factor and performance variables are identified using regression analysis. An iterative algorithm allows convergence to a solution that provides the best configuration of branches after all possible branch mergers and modular branch adjustments are accomplished.     

基于聚类的数据加权优化在犯罪预测中的应用

近年来，我国传统暴力犯罪与成年人犯罪呈下降态势，但是，犯罪案由层出不穷。为有效提升公安实践工作中犯罪预测能力，打击各类违法犯罪事件,本文针对犯罪数据，提出一种新型犯罪预测模型。利用密度聚类分析方法将犯罪数据分类，然后进行数据降维提取关键属性生成特征数据，继而对特征数据进行加权优化并采用机器学习的方式对特征数据进行学习，从而预测犯罪案由。实验结果表明，与传统方法相比，本文方法具有更好的预测效果，为公安实践工作中类似案件的侦破和预防，提供新的路径支撑。     

Built environment and violent crime: An environmental audit approach using Google Street View

Recent studies empirically support the role of the built environment in inducing or hindering violent crime. Particularly, studies of the broken window theory have provided evidence that physical disorder is an environmental correlate of crime. This includes broken windows, vacant/abandoned housings, abandoned cars on street, graffiti, and decayed street lighting, among other things. Current studies are limited by the difficulty involved in collecting fine-scale quantitative environmental data. The conventional environmental audit approach, which aims to assess environmental features, is costly, time-consuming, and burdensome. In this study, we use Google Street View to study the relationship between violent crime and physical features of urban residential environment. More concretely, a Poisson regression model with spatial filtering is used to identify socio-economic correlates of violent crime. Parting from the hypothesis that omission of built environmental factors results in systematic residual pattern, we proceed to analyze the spatial filter to select sites for virtual environmental audits. A series of physical environmental factors are identified using contingency table analysis. The results provide both theoretical and practical implications for several theories of crime and crime prevention efforts.     

A supervised machine learning framework with combined blocking for detecting serial crimes

Applied Intelligence - Detecting serial crimes is to find criminals who have committed multiple crimes. A classification technique is often used to process serial crime detection, but the pairwise...     

Little brother: could and should wearable computing technologies be applied to reducing older people’s fear of crime?

This paper considers whether emerging wearable computing technologies could and should be applied to reducing older people’s fear of crime. The paper begins by exploring the sociological and criminological literature, which debates why older people are most likely to fear crime, even though they are least likely to be victims. It goes on to report findings from ethnographic studies of key care and social service professionals in an English city. This field work reflects the ways in which assistive technologies for older people can function as signs of vulnerability, and also reports the uses of relatively simple information and communication technologies in providing critical backup and reassurance for elderly users. The fear of crime is then considered as an information problem centring on three questions: what’s going on, what can I do about it and can I get help? Possible applications of emerging wearable surveillance technologies are then explored through a design concept called the Cambadge. This is a wearable, wireless webcam for older people to broadcast video and audio data to police or community Web sites. This concept is situated with reference to a company developing a similar technology and to related fields. It is argued that the design problems of such surveillance technology are inherently political. The case is made with reference to the history and philosophy of surveillance and the massive demographic shifts of the ageing population. It is argued that utopian visions of the uses of such technology under-theorise power and accountability. The paper concludes that technological innovations will not adequately address older people’s fear of crime without accompanying social and cultural change.     

浏览器取证技术

随着信息时代的来临,一些不法分子在实施犯罪之前往往会上网查询信息,他们所用的浏览器便成了司法机关取证的关键. 能否提取有效的犯罪线索或证据,取决于浏览器取证方法的好坏,本文介绍了目前主流的火狐浏览器、IE浏览器的取证技术,概述了IE缓存文件和基于SQLite数据库的火狐浏览器历史系统的日志文件结构,提出了信息恢复方法. 通过对已删除日志文件或缓存文件信息提取,来达到获取证据的目的,分析用户的行为.     

常见计算机窃密技术分析及安全防范措施

随着信息化和网络技术的不断发展,以计算机为工具来盗取用户信息的犯罪日益增加。尤其是通过网络窃取上网计算机涉密信息,已经成为国内外不法分子窃取我国秘密信息的重要手段。本文对国内外计算机窃密与反窃密技术的各种手段进行研究与分析,并通过理论与实际的相结合,提出安全与实用并重的防范措施。     

A novel electronic cash system with trustee-based anonymity revocation from pairing

Untraceable electronic cash is an attractive payment tool for electronic-commerce because its anonymity property can ensure the privacy of payers. However, this anonymity property is easily abused by criminals. In this paper, several recent untraceable e-cash systems are examined. Most of these provide identity revealing only when the e-cash is double spent. Only two of these systems can disclose the identity whenever there is a need, and only these two systems can prevent crime. We propose a novel e-cash system based on identity-based bilinear pairing to create an anonymity revocation function. We construct an identity-based blind signature scheme, in which a bank can blindly sign on a message containing a trustee-approved token that includes the user’s identity. On demand, the trustee can disclose the identity for e-cash using only one symmetric operation. Our scheme is the first attempt to incorporate mutual authentication and key agreement into e-cash protocols. This allows the proposed system to attain improvement in communication efficiency when compared to previous works.     

The impact of the retention of traffic and location data on the internet user

Summary  The data retention directive brings along both promise and peril, while it is not clear which will prevail. The wording of the directive allows for broad interpretation at several points during its implementation in the national legislations of the Member States. Upper goal of the directive was the fight against terrorism and organised crime and the collection of semi-permanent storage of data makes it definitely possible to capture some criminals, especially if their communication consists mainly in email traffic and the servers used are located within the European Union. In this paper we have discussed possibilities and methods to achieve a similar high rate of identification with less privacy invading techniques, like it is the case in web surfing. In addition, we listed a number of threats that are imminent due to the amount and types of data collected, which can turn against every Internet user, by disclosing their private communication and social networks to the public. Finally we have shown that the circumvention of the effect of the directive is possible for technically educated people and technologically savvy criminals, thus rendering it practically ineffective against them.

---

Zusammenfassung  Die Autoren diskutieren die Vorratsdatenspeicherung kritisch vor dem Hintergrund der Auswirkungen auf die „durchschnittlichen“ Internet-User.

---

---

Lexi Pimenidis Researcher at RWTH Aachen University on Computer Science, specialized in Privacy, Communication, and IT-Security

---

Eleni Kosta Legal researcher, ICRI — K.U.Leuven Eleni is conducting research on privacy and data protection, focusing on electronic communications and new technologies     

Windows系统取证研究

为了有效打击计算机犯罪,解决计算机取证中的技术问题,文章对现有的计算机取证体系结构及Windows系统的取证关键技术进行分析,提出了基于Windows系统的犯罪现场易失性证据的收集和分析方法.     

Dirty money in clean systems

It is said that the laundering of the proceeds of crime is the third biggest industry by value worldwide. In the USA a survey stated that 90% of notes in circulation are tainted with narcotics. Governments all over the world are falling into line and drawing up legislation to control the movement of proceeds of crime. The EC (as it was) in 1991 accepted that it was not possible to control crime by targeting the criminal and that the only way of reducing crime seemed to be try to prevent criminals profiting from their labours. And of course, to profit, the criminal needs to spend money and, wherever money is spent, it sooner or later finds its way into the financial services industry through banking or investments.     

A primer on software piracy cases in the courts

As with much technological change, the law and judicial system have lagged behind in adapting to the changing world of computer and software development. Changes in software development have created new classes of criminals and contract violators, and new theories and techniques to catch them. This paper discusses the fate of one breed of computer criminal, the software pirate, before the courts.Software piracy is a relatively recent type of computer crime because software development or engineering is no longer a custom design operation for particular organizations on particular computers. Software is now being produced for mass consumption and the ‘generic’ software package is not far off. Software packages may be very valuable even though they may be stored in a compact place, (like jewelry or money) such as on a microprocessor chip or a floppy disk. Software packages may vary in price from tens of dollars to millions of dollors. As with the related and booming practice of video disk piracy, it is often easy to make multiple copies of software for a miniscule fraction of the average original development cost.Despite the widely acknowledged existence of widespread software piracy, there have been very few cases reaching the civil courts and nearly none before the criminal courts. There are several explanations: few pirates are caught, few owners of software are willing or able to press a claim in court, most cases are settled out of court, and perhaps there is not so much software piracy after all; or a combination of all of them.This paper does not try to answer the question of why there are so few cases. Instead, it presents the bare facts from the existing cases and categorizes the source of the piracy, i.e. how did the pirate or alleged pirate come to possess the software in the first instance and what happened to him or her.The presentation of cases here is not complete, for the legal reporting systems are also not up-to-date. Indeed, the phrase, “software piracy” does not appear in legal reports' indices, nor legal dictionaries. More research is needed, but the patterns found in the 31 cases here will probably continue as the sample increases. From such patterns, software owners and legal practitioners can better see what they are up against.     

Country crime analysis using the self-organizing map,with special regard to demographic factors

Modern research on criminal phenomena has been revolving not only around preventing existing offenses, but also around analyzing the criminal phenomena as a whole so as to overcome potential happenings of similar incidents. Criminologists and international law enforcement have been attracted to the cause of examining demographic context on which a crime is likely to arise. Traditionally, little has been explored in using demographic variables as determinants of the aggregate level of crime in the crime literature. Rapid development and ubiquitous application of information technology enables academic field to perform crime analysis using visualization techniques. Automation and networking make it available to access massive amounts of crime data, typically in the form of crime statistics. In numerous fields, studies and research have shown that visualization techniques are valuable; in crime research, nevertheless, there is a general lack of its application. In order to efficiently and effectively process crime data, criminologists and law enforcement are in demand of a more powerful tool. The self-organizing map (SOM), one of the widely used neural network algorithms, may be an appropriate technique for this application. The purpose of this study is to apply the SOM to mapping countries with different situations of crime. A total of 56 countries and 28 variables are included in the study. We found that some roughly definite patterns of crime situation can be identified in traditionally homogeneous countries. In different countries, positive correlation on crime in some countries may have negative correlation in other countries. Overall, correlation of some factors on crime can still be concluded in most groups. Results of the study prove that the SOM can be a new tool for mapping criminal phenomena through processing of large amounts of crime data.