Collecting Digital Evidence on Intrusion Cases of Cyber Crimes
|關鍵字:||電腦鑑識科學;數位證據;computer forensics science;digital evidence|
Internet has become an important media of communication and has added a new dimension to doing business and even to our life style. On the negative side, criminals have also utilized this open environment to gain advantages. On-line gambling, smearing, violation of intellectual property, infringement on personal privacy is just some of those crimes. In this thesis, the author addresses the issue on collecting evidence to help police officials to fight those cyber crimes. Being different from the evidence collected for investigating traditional crimes, evidential documents exist, now, in digital form. Establishing a systematic procedure for collecting digital evidence is a necessity, if the evidence is to be admissible to the court. The author extends a formal procedure for the traditional crime investigation presented by Henry Lee to serve this purpose, adding more steps adapted from principles of computer forensic science. To validate the feasibility of the extended procedure, it is applied, step by step, to investigate a case of network intrusion. The investigation has not been completed, because the criminal apparently intruded the system from nodes located in foreign countries and international coordination must have been involved if a complete investigation demanded. The case study, however, demonstrates the first effort, in this country, to establish such a formal procedure. In the mean time, the author has surveyed several software tools applicable to digital-evidence collection. The author hopes that the result of this thesis research can help law enforcement officials to fight against cyber crimes, in particular, against the crimes involving network intrusions.
|Appears in Collections:||Thesis|