Cyber Crime & Investigation
Presented by:Arnel C. Reyes
IT Security Consultant
Fast Growth of Cyber Crime
Converged Telecom and Information TechnologiesFrequent Transnational CommunicationHighly Organized and Globalized Management of Crime RingsIneffective Investigation with Joint Effort of Multi-countries
Globalized Cyber Crime
Where is the swindler?
Cloud Computing = Network ComputingThrough Internet, computers can cooperate with each other, or services are available more far-reaching...
Globalized Cyber Crime
Source: http://www.darkgovernment.com/news/fbi-warning-cyber-threat-bigger-than-ever
Common Cyber Crime Features
Criminals
Internet
Technical Skills
Criminal Model
Emerging ICT Technologies
Internet as primary criminal tools, places, or targets
High technical skill at all online and network services
Predict and profile the characteristics of unknown criminal subjects or offenders
New Converged ICT Technologies
Investigation on Criminals
e-Positioning Tracking
Monitoring Lawful Intercept
Victim & Witness Interview Interrogation
Database Lookup Warrant & Confiscation
Traditional investigation on criminals is commonly applied in cyber crime events quite often.
How to Identify Criminal Hard to Conduct Analysis of Large Volume of Data
Hard to Track Transnational Communication
Hard to Maintain Integrity of Data
Difficulties of Investigation
Hard to Locate Network Route Hard to Identify Anonymity or Dummy Account
Different Investigation Processes
Process Flow for Cyber Investigation
Primary Data Sourcing
Primary Data Study &
Deeper Source Collection
Further Investigation
Suspects Arrest & Evidence Collection
Follow-up
Clues, informer, case claim, daily crime information collection and integration, sourcing
Study primary data, cross check databases in Police Department, Google on Internet and confirm crime type in order to prepare investigation
Phone record, lawful intercept, tracking, location positioning, knowledge of crime organization and members
Arrest all suspects, confiscate all evidences, check all computers, telephone record, booking record etc...
Follow-up investigation on related targets & evidence and hunting for clues from other members to combat all gangsters
e-Detective Tactical ServerBest Tactical Solution for:
Network Protocol Decoding and Content ReconstructionAuditing and Record Keeping with ISO 27001, SOX, HIPPA etc…Internet Surveillance/Monitoring & Network Behavior RecordingForensics Analysis and Cyber Investigation
Internet Surveillance and Forensics Analysis System
Lawful Interception Solution
Corporate Interception Solution
INTERNET
HTTPS MITM(ED2S)
Targeted Users HTTPS traffic needs tobe routed or redirected to this
MITM system.
GatewayRouter
L3 Core Switch
(Re-routing Function)
Web/Mail ServerHTTPS/SSL
1
2
Target Users
HTTPS/SSL Interception Solution
e-Detective is Easy to Operate
1. Just use IE Browser login system from local or remote2. Uses https protocol for security protection3. Multi password, user’s name and User’s Group for
system login control
e-Detective: Homepage
e-Detective: Email – POP3/SMTP/IMAP
e-Detective: Web Mail (Read)
e-Detective: Web Mail (Sent)
e-Detective: IM/Chat - Yahoo
e-Detective: File Transfer - FTP
e-Detective: File Transfer – P2P
e-Detective: HTTP – Link/Content
e-Detective: HTTP Upload/Download
e-Detective: HTTP Video Stream
e-Detective: Search – Condition/Parameter
e-Detective: Search – Association/Relation
External Storage (SAN/NAS/CD/DVD)for preserving digital assets &
for future recovery of DATA(Backup CD Reader SW is provided)
e-Detective: Backup Storage
Types Of Companies Need E-Detective Aside from Government
Companies that install E-Detective as a Deterrent, will inform their staffs that Internet activities are being fully monitored.
Financial, Banking and Investment Companies such as derivatives, futures, etc. All transactions to be monitored.
Companies like marketing, design house, high technologies, which critically need to prevent leakage of data. Staffs communicate with customers or vendors through web-based system need E-Detective to archive data.
Who Needs e-Detective?
Crackdown on Fraud Rings
Thailand
China
IndonesiaMalaysia
Philippines
Taiwan
Europe
Vietnam
US
Africa
DECISION GROUP INC.
E-DetectiveWireless-Detective
E-Detective Decoding Centre
Data Retention Management System
NIT (Network Investigation Toolkit)Network Packet Forensic Analysis Training
FIT (Forensics Investigation Toolkit)VoIP DetectiveHTTPS/SSL Interceptor
E-Detective LEMFCentralized Management System
Enterprise Data Guard System
National Security Surveillance TrainingCyber Crime Investigation Training
Network Forensics and Lawful Interception
Thank you!!!
I hope you find it informative…
Email Me @[email protected]
Visit our website @www.tasaheelglobal.com