Network investigations of cyber attacks: the limits of digital evidence
Cyber attackers are rarely held accountable for their criminal actions. One explanation for the lack of successful prosecutions of cyber intruders is the dependence on digital evidence. Digital evidence is different from evidence created, stored, transferred and reproduced from a non-digital format....
| Main Author: | |
|---|---|
| Format: | Electronic Article |
| Language: | English |
| Published: |
2006
|
| In: |
Crime, law and social change
Year: 2006, Volume: 46, Issue: 4/5, Pages: 239-256 |
| Online Access: |
Volltext (lizenzpflichtig) |
| Journals Online & Print: | Drawer...
|
| Check availability: | HBZ Gateway |
| Keywords: |
MARC
| LEADER | 00000caa a22000002 4500 | ||
|---|---|---|---|
| 001 | 1882291395 | ||
| 003 | DE-627 | ||
| 005 | 20240529161937.0 | ||
| 007 | cr uuu---uuuuu | ||
| 008 | 240301s2006 xx |||||o 00| ||eng c | ||
| 024 | 7 | |a 10.1007/s10611-007-9058-4 |2 doi | |
| 035 | |a (DE-627)1882291395 | ||
| 035 | |a (DE-599)KXP1882291395 | ||
| 040 | |a DE-627 |b ger |c DE-627 |e rda | ||
| 041 | |a eng | ||
| 084 | |a 2,1 |2 ssgn | ||
| 100 | 1 | |a Chaikin, David A. |e VerfasserIn |0 (DE-588)1057796328 |0 (DE-627)795237855 |0 (DE-576)164555293 |4 aut | |
| 109 | |a Chaikin, David A. |a Chaikin, David | ||
| 245 | 1 | 0 | |a Network investigations of cyber attacks: the limits of digital evidence |c David Chaikin |
| 264 | 1 | |c 2006 | |
| 336 | |a Text |b txt |2 rdacontent | ||
| 337 | |a Computermedien |b c |2 rdamedia | ||
| 338 | |a Online-Ressource |b cr |2 rdacarrier | ||
| 520 | |a Cyber attackers are rarely held accountable for their criminal actions. One explanation for the lack of successful prosecutions of cyber intruders is the dependence on digital evidence. Digital evidence is different from evidence created, stored, transferred and reproduced from a non-digital format. It is ephemeral in nature and susceptible to manipulation. These characteristics of digital evidence raise issues as to its reliability. Network-based evidence - ie digital evidence on networks - poses additional problems because it is volatile, has a short life span, and is frequently located in foreign countries. Investigators face the twin obstacles of identifying the author of a cyber attack and proving that the author has "guilty knowledge." Even more is at stake when the cyber attacker is a trusted insider who has intimate knowledge of the computer security system of the organisation. As courts become more familiar with the vulnerabilities of digital evidence, they will scrutinise the reliability of computer systems and processes. It is likely that defence counsel will increasingly challenge both the admissibility and the weight of digital evidence. The law enforcement community will need to improve competencies in handling digital evidence if it is to meet this trend. | ||
| 650 | 4 | |a Child Pornography | |
| 650 | 4 | |a Intrusion Detection System | |
| 650 | 4 | |a Malicious Code | |
| 650 | 4 | |a Trojan Horse | |
| 650 | 4 | |a Virtual Private Network | |
| 773 | 0 | 8 | |i Enthalten in |t Crime, law and social change |d Getzville, NY : HeinOnline, 1991 |g 46(2006), 4/5, Seite 239-256 |h Online-Ressource |w (DE-627)320525325 |w (DE-600)2015096-9 |w (DE-576)252295854 |x 1573-0751 |7 nnns |
| 773 | 1 | 8 | |g volume:46 |g year:2006 |g number:4/5 |g pages:239-256 |
| 856 | 4 | 0 | |u https://doi.org/10.1007/s10611-007-9058-4 |x Resolving-System |z lizenzpflichtig |3 Volltext |
| 951 | |a AR | ||
| ELC | |a 1 | ||
| LOK | |0 000 xxxxxcx a22 zn 4500 | ||
| LOK | |0 001 4494796301 | ||
| LOK | |0 003 DE-627 | ||
| LOK | |0 004 1882291395 | ||
| LOK | |0 005 20240529161937 | ||
| LOK | |0 008 240301||||||||||||||||ger||||||| | ||
| LOK | |0 040 |a DE-21-110 |c DE-627 |d DE-21-110 | ||
| LOK | |0 092 |o n | ||
| LOK | |0 852 |a DE-21-110 | ||
| LOK | |0 852 1 |9 00 | ||
| LOK | |0 935 |a krzo | ||
| ORI | |a SA-MARC-krimdoka001.raw | ||