Author: FADI

DARKER SIDE OF CRYPTOCURRENCY AND THE ROLE OF DARTH VADER

DARKER SIDE OF CRYPTOCURRENCY AND THE ROLE OF DARTH VADER

FADI ABU ZUHRI

INTRODUCTION

Cryptocurrency is the latest innovation in currency that has been introduced in the world today. It involves the use of digital assets to work as a medium of exchange by the use of cryptography. In 2009, Bitcoin became the first company to decentralize cryptocurrency and ever since, many companies have mushroomed to provide the same services (Gao, Clark, & Lindqvist, 2016).

The introduction of this particular medium of exchange was aimed at reducing the production of currency and makes the whole idea of digital assets come to play. The various reasons that have made this particular medium of exchange grow in popularity is the fact that this particular exchange has the ability to reduce the amount of currency that is circulating in various financial institutions that are present today. Also, the assets that have been transformed to the form of Cryptocurrency are less culpable to be followed up as far as legal matters are concerned.

To take an example, Bitcoins have suddenly become a major topic of financial innovation all over the world. There are various benefits of Bitcoin. For instance, Bitcoin has no transaction costs. It is transparent and very open (VPRO, 2015). The development of this technology also comes up with some hitches despite the fact that more and more people are using it as the most preferred medium of exchange. It is estimated that more than 10 million people hold Bitcoin wallets (Burniske & White, 2017). For these reasons, we take a look at the darker side of Crytocurrency.

BLOCKCHAINS EXPLAINED

A blockchain consists of blocks, each holding some data, linked with other blocks. A block of data, in Bitcoin for example, is limited to one megabyte and there is no limit on the number of transactions that can fit in a block (BitcoinWiki, 2016). A blockchain is open, distributed and ensures that the transactions are immutable and can be verified. This is achieved by unique hashing algorithm, like SHA-256. A hashing algorithm provides a unique sequence of bits to authenticate the integrity of the data. Any change in the data leads to a different hash. The hash of one block gets embedded in the next block and so on (Sims, 2017). While this ensured integrity it did not prevent anyone from replicating the blockchain. This is solved by the use of cryptographic nonce (Rogaway, 2004). A nonce is an arbitrary number added within the block to generate a specific type of hash. This, for example in 2017, is a sequence of seventeen zeros at the beginning of the hash. Recreating this hash sequence is infeasible due to the massive computing power required.

MISUNDERSTANDING CRYTOCURRENCY

A lack of public awareness is a cause of misunderstanding Cryptocurrency. People haven’t had enough time to educate themselves about how these systems works (Baur, Bühler, Bick, & Bonorden, 2015). Cryptocurrency is a very young technology when it comes to dealing with currency. People embraced this new idea but not everyone has evaluated the pros and cons of owning and transacting in Cryptocurrencies. This makes them vulnerable to being conned and even losing their fortune.

RISK AND VOLATILITY

Bitcoin and other Cryptocurrencies are still growing and undergoing various developments. Blockchains use private key (secret key) to access digital currency wallets, trade and transact. Thus, protecting your private key is of utmost importance, as it is irreplaceable if lost or stolen, just like cash. It is estimated that the value of lost Bitcoins is US$ 950 million (Berke, 2017). If Darth Vader lost his private key, his money is forever lost in Internet’s virtual space.

Popularity of Cryptocurrency is also increasing as evidenced by the fact that daily Bitcoin transactional volume is over $200 million (Burniske & White, 2017). There is a great risk that this high demand of this Bitcoins may fail to be satisfied raising skepticism from the client on whether the company can meet the demand of the customers. Also, there is a big risk when it comes to the idea of volatility involving the change in prices of the Bitcoin (Kostakis & Giotitsas, 2014). Currently, the Bitcoin prices change every day due to the events related to the production and trade of Cryptocurrencies. There is a risk because at this infancy stage of Bitcoins, there might be loopholes that have not been discovered and it would be important to discover them and cover them as soon as possible to avoid future catastrophe in the transactions.

Your computing power could be used without your knowledge by Cybercriminals for Cryptocurrency mining operations. Such an attack was reported recently when unpatched Windows 2003 Webservers were infected with modified mining software (Monero). The loss was estimated at more than US$ 63,000 in digital currency (Seals, 2017).

PRONE TO MALWARE ATTACK

Cryptocurrency works on a technology of storing assets on a publicly accessible digital platform that could attract cyber-criminals. They could be a constant attempt to try to come up with malware with an attempt of stealing this money (Kostakis & Giotitsas, 2014). Hackers from all corners of the world always try to come up with ways to break the cipher on which these particular Cryptocurrencies have been encrypted. Bitfinex is the largest US dollar-based Bitcoin exchange in the world. It suffers from the effects of a DDoS attack on its systems. Apart from the attacks against the Cryptocurrency exchanges, DDoS has also attacked the Russian exchange BTC-e. Bitcoin inherits decentralization, which is of advantage but also one of its biggest risks and challenges (Muncaster, 2017).

Also, there is a risk of malware in the form or viruses and even Trojans. The fact that all the transactions involving Cryptocurrencies are conducted via the Internet puts this particular type of exchange at the risk of being attacked by malware on the Internet that might decipher or corrupt information that is present about the Bitcoin. The most probable attack by malware is through ransomware where criminals will intercept the information and demand money in exchange.

DECRIMINALISING CRYTOCURRENCY

It is well known within the law enforcement circles that civilian-type vehicles are a preferred choice to blend in with the crowd and go unnoticed. Vehicles such as Toyota Corolla sedans, Ford F-150 pickups, or Chevrolet Malibu sedans are popular choices by both drug dealers and narcotics officers in the United States (Clinton, 2014). Does that mean an unmarked Toyota Corolla should be suspected an accomplice to a crime?

Anyone who has seen the movie “Jaws” will remember how deadly sharks can be. But in reality, you are more likely to be killed by a deer than by sharks, bears and alligators combined. Statistics show that for every one shark related death on average in the United States, 120 deaths are due to deers, 58 due to flying insects and 28 due to dogs. This is in stark contrast to 0.18 deaths per year by a wolf, or on average one person every 5 years (Lopez, 2016). These examples are just a reminder to how people are quick to dismiss Cryptocurrency because the ransomware perpetrators demanded money in Bitcoins. It almost seems as if the media is bent upon projecting Cryptocurrency as the iconic evil currency, similar to Darth Vader of Star Wars fame.

It is argued that for currency to be a suitable medium of exchange, it should be easily dispersed and easily spent. This is not the case for Cryptocurrencies since it is not easily liquidated and thus it cannot be spent as easily as cash. This limitation makes it hard for the Cryptocurrencies to be popular among those engaged in “dark business” (Rogojanu & Badea, 2014). As much as it is touted that Crytocurrencies work outside the traditional modes of banking, evading detection, law enforcement agencies might have access to tools to keep track of the transactions that take place with Cryptocurrency. These arguments suggest that it is a common misconception that Cryptocurrency is a trading ground for illegal business such as Money Laundering and Drug Trafficking.

CONCLUSION

Cryptocurrency is a revolutionary concept that is sure to disrupt the market. It has come with many advantages over the current medium of exchange. These advantages have led to a lot of people to adopt this technology sometimes without having the full knowledge of how this particular business is conducted (Al Kawasmi, Arnautovic, & Svetinovic, 2015).

This particular technology could be the next big thing as a medium of exchange, but there must be a lot of policy formulation that must follow up to ensure that there is minimal fraud. Also, this technology being at an infancy stage there should be a lot of development that should take place to ensure that this whole system functions well and without any doubt from the clients.

While fiat currencies are backed by the government, Cryptocurrencies are generated on a computer system with no governmental guarantees. While some find comfort in government backing, it also means that the government can print an unlimited amount of fiat currency. Fiat currency, in some cases, is not backed up any physical asset like gold. On one had the value of fiat currencies are subject to regulations, market and political forces; on the other hand, Crytocurrencies are influenced by supply and demand.

Owning a Toyota Corolla is not illegal even though it s popular vehicle for criminals who wish to go unnoticed. Popular culture criminalizes the wolf and the shark for killing one and five people every 5 years. The lovely deer is not criminalized even after it is responsible for 120 deaths a year.

Cryptocurrencies are not without its challenges. While there are voices asking for stronger government regulation, does it not defeat the whole premise of decentralization that Cryptocurrency stands for? Despite the name Cryptocurrency, is it not just another asset class that presents a convenient form of value exchange? Why regulate it anymore than you would any taxable good of value?

Is there a solution to recovering your encrypted assets locked by a private key? Can you be given ownership of your Cryptocurreny wallet if it was lost or stolen? Losing ownership of one’s private key is seen as the ultimate risk with no signs of a viable solution.

REFERENCES

1.Al Kawasmi, E., Arnautovic, E., & Svetinovic, D. (2015). BitcoinBased Decentralized Carbon Emissions Trading Infrastructure Model. Systems Engineering , 18 (2), 115-130.

2.Baur, A. W., Bühler, J., Bick, M., & Bonorden, C. S. (2015). Cryptocurrencies as a disruption? empirical findings on user adoption and future potential of bitcoin and co. In Conference on e-Business, e-Services and e-Society (pp. 63-80). Springer International Publishing.

3.Berke, A. (2017, March 7). How Safe Are Blockchains? It Depends. Retrieved 2017, from https://hbr.org/2017/03/how-safe-are-blockchains-it-depends

4.BitcoinWiki. (2016, April 11). Block size limit controversy. Retrieved 2017, from https://en.bitcoin.it/wiki/Block_size_limit_controversy

5.Burniske, C., & White, A. (2017, January). Bitcoin: Ringing the bell for a new asset class. Retrieved 2017, from Ark Invest: http://research.ark-invest.com/bitcoin-asset-class

6.Clinton, P. (2014, March). Driving a Drug Dealer’s Car. Retrieved 2017, from http://www.government-fleet.com/channel/procurement/article/story/2014/03/driving-a-drug-dealer-s-car.aspx

7.Gao, X., Clark, G. D., & Lindqvist, J. (2016). Of Two Minds, Multiple Addresses, and One Ledger: Characterizing Opinions, Knowledge, and Perceptions of Bitcoin Across Users and Non-Users. Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems, (pp. 1656-1668). Santa Clara, California.

8.Kostakis, V., & Giotitsas, C. (2014). The (A) political economy of Bitcoin. Communication, Capitalism & Critique. Open Access Journal for a Global Sustainable Information Society , 12 (2), 431-440.

9.Lopez, G. (2016, September 24). You are way more likely to be killed by deer than by sharks, bears, and gators combined. Retrieved 2017, from https://www.vox.com/2016/9/24/13032272/killer-animals-deer-sharks-bears

10.Muncaster, P. (2017, June 15). World’s Largest Bitcoin Exchange Bitfinex Crippled by DDoS. Retrieved 2017, from https://www.infosecurity-magazine.com/news/worlds-largest-bitcoin-exchange/

11.Rogaway, P. (2004). Nonce-Based Symmetric Encryption. In B. Roy, & W. Meier (Eds.), Fast Software Encryption. FSE 2004. Lecture Notes in Computer Science (Vol. 3017, pp. 348-358). Berlin, Heidelber: Springer.

12.Rogojanu, A., & Badea, L. (2014). The issue of competing currencies. Case study–Bitcoin. Theoretical and Applied Economics , 21 (1), 103-114.

13.Seals, T. (2017, September 29). Monero-Mining Campaign Takes the Easy Road to Cash Gains. Retrieved 2017, from https://www.infosecurity-magazine.com/news/moneromining-campaign-takes-cash/

14.Sims, G. (2017, September 29). What is a blockchain. Retrieved 2017, from https://www.youtube.com/watch?v=KN-FQR7A6Iw&feature=youtu.be

15.VPRO. (2015, November 1). The Bitcoin Gospel. Retrieved 2017, from https://topdocumentaryfilms.com/bitcoin-gospel/

Dr. Berg’s New Body Type Guide: Get Healthy Lose Weight & Feel Great

Dr. Berg’s New Body Type Guide: Get Healthy Lose Weight & Feel Great Hardcover – October 24, 2017

The New Body Type Guide by Eric Berg, DC, is a major upgraded and improved version of his best selling book, The 7 Principles of Fat Burning. In his recent years, many new discoveries and observations prompted Dr. Berg to come out with a new version to bust through any slow metabolism. Dr. Berg will teach you how to take your results to a whole new level and get your body into super health state. Also added is several additional chapters on acupressure techniques to rid stress, pleasure food recipes that are healthy and how to stick to your plan no matter what comes up. But the major change is in what you are going to be eating. Forget about cravings, blood sugar imbalances and the numerous continued problems people have when they struggle to lose weight. This is your personal guild to customize your results based on your body type – let the adventure begin!
(Eric Berg, DC)

UNETHICAL RECRUITER PIMP INDULGES JOBSEEKERS WEAKNESS AND WISHES

UNETHICAL RECRUITER PIMP INDULGES JOBSEEKERS WEAKNESS AND WISHES

FADI ABU ZUHRI

INTRODUCTION

Having a decent job that meets a person’s needs and expectations is a vital necessity for any adult. According to Calenda (2016), the need sometimes becomes crucial for individuals who have just completed their education or in dire need for employment. This high demand sometimes leads to desperation which makes a job seeker vulnerable and at the disposal of their potential employees. This issue is very common that is why there are agencies created by laws to handle these cases. It is, therefore, important for us to understand some of these unethical issues and also understand how we can deal with these particular issues.

Various ways will display the wrong approach when it comes to the recruitment process (Shaffer, Bakhshi, & Kim, 2015). Any of the following behaviors are conducted by recruiters, they should be considered unethical and should be reported to ensure that they are not repeated and promote a high level of professionalism.

PHISHING FOR PERSONAL INFORMATION

Fake job interviews are increasingly becoming common. This is one way for fraudsters to fish for personal information and money. Scammers use sophisticated tools and techniques to obtain sensitive personal financial information from prospective candidates. Stealing identity is quite valuable as it can be sold over the “dark net” for money (Williams & Pellecchia, 2017).

There are also instances of people roping in the expertise of job seekers for free under the delusion that they are being interviewed for a fancy job. Job seekers, therefore, need to be vigilant and ask relevant questions on the hiring process. They need to be beware of undue appreciation and for people who do not paint a consistent picture of the job profile (Ryan, 2017).

USING EXPLODING JOB OFFERS

Exploding job offers are job offers with a short expiry date. The regular period that has been set for the period between the announcement and the date of recruitment is not less than two weeks, anything less than this is considered to be an exploding job offer. Exploding job offers are not encouraged since they put pressure on the candidate to beat the deadline and make the necessary arrangements for the job (Shaffer, Bakhshi, Dutka, & Phillips, 2016). Ample time is required to be given to a candidate of any interview so that they can gather all the materials that are needed for the recruitment, gather the materials that they think will assist them to secure the job and also prepare themselves psychologically. It is considered unethical if one will be informed of the availability of a job opportunity less than two weeks before the day of the interview, this will be practically preparing them to fail.

TYING BONUS SIGNING TO EXPLODING JOB OFFERS

The issue of tying of bonus signing comes with a lot of controversies given that these unique gifts come with certain terms and conditions (Calenda, 2016). It is, therefore, prudent for someone to understand these particular conditions before he or she signs the given bonus to avoid situations where they get caught up in compromising situations when they are to leave the company.

USING HIGH-PRESSURE INTERVIEW TACTICS

Some approaches during interviews tend to scare away the candidates and lower their confidence in front of the panel. Interviews are meant to gauge the candidates’ knowledge and ability to carry out the various tasks that are required of them (de Silva, Opatha, & Gamage, 2016). There are incidents where the recruiters will use techniques that are meant to scare the candidates from attending the interview or even reduce the number of the people so that they can deal with just a few candidates. These tactics of scaring away the candidates are not encouraged given that it denies candidates a chance to express themselves in a more comfortable environment. An example of these tactics involves asking the candidate irrelevant questions for example; what your worst experience is? These questions are supposed to be asked in an informal context. Asking these questions leaves the candidate confused on how to respond to the questions since they find it awkward.

REVOKING ON A JOB OFFER TO A CANDIDATE

Revoking a job offer to a candidate is something that should highly be avoided. Job offers are open to all candidates provided that they meet the requirement of the job as indicated in the announcement. There are cases when recruiters just decide to revoke the offers to some candidates without any solid grounds for this particular action. This is considered to be unethical because if an individual has met the entire requirement that he or she is expected to have attained, then it is very rightful of them to claim the job.

WITHHOLDING RELEVANT INFORMATION IN EXTENDING A JOB OFFER

When announcing for a particular interview, it is important for the recruiters always to disclose all the information about the jobs that are being offered. Information such as job salary, relocation allowance, starting date and job title are very vital, and it is important that these particular items are included (Jeske & Shultz, 2016). To understand the importance of including this information, let us consider the issue of salary. What motivates people to go for particular work is the salary; the salary usually goes hand in hand with experience and the level of knowledge and education. Including information about the salary minimizes the cases of underpayment.

EXHIBITING UNPROFESSIONAL BEHAVIOR

The recruitment process of employees should be done by any given organization or companies with maximum consideration to professionalism just like any other formal activity of the organization. Any personal behavior that depicts unprofessional conduct in any recruitment process is highly discouraged. There are various forms of unethical conduct including fraternizing and harassment. These two particular acts may be different in this context but should not be entertained.

Fraternizing involves associating with the candidates in a personal and friendly manner. It is not expected that the recruiting panel starts treating the candidates in a very friendly manner that will suggest any form of favors. This particular act of fraternizing might compromise the whole process of recruitment leading to the recruiting of incompetent employees. Another unprofessional conduct during the process of recruitment is harassment (Shaffer et al., 2016). Harassment of candidates includes all forms of harassments including sexual, personal, racial, age and even bullying. All these acts do not provide a comfortable environment for the candidates and are highly discouraged.

CONCLUSION

An unethical recruiter is a pimp who advertises and indulges jobseekers weakness and/ or wishes to gain something at the expense of the job seeker. Although certain activities are not criminalized in the real world, it is pretty close to human slavery as the jobseeker is victimised by being coerced into taking up a job offer that is not worth it.

It is so unjust and unethical for recruiters to take advantage of those who step at their doorstep in search of a livelihood (Wong & Li, 2015). This issue has undermined the professionalism of the company that is recruiting its employees, and it may lead to employing of incompetent people. So, this issue is considered misconduct and those who are victims should report these cases to ensure that the perpetrators face the law.

REFERENCES

  1. Calenda, D. (2016). Sustainable recruitment’of foreign-educated nurses: ethical and work related issues. The case of Finland. Robert Schuman Centre for Advanced Studies Research Paper .
  2. de Silva, V. A., Opatha, H. H., & Gamage, A. S. (2016). Towards Extending the Ethical Dimension of Human Resource Management. International Business Research , 9 (10), 151.
  3. Jeske, D., & Shultz, K. S. (2016). Using social media content for screening in recruitment and selection: pros and cons. Work, Employment & Society , 30 (3), 535-546.
  4. Ryan, L. (2017, August 8). Ten Signs You’re Interviewing For A Fake Job Opportunity. Retrieved 2017, from https://www.forbes.com/sites/lizryan/2017/08/08/ten-signs-youre-interviewing-for-a-fake-job-opportunity/#43cbd2987aaa
  5. Shaffer, F. A., Bakhshi, M., & Kim, E. M. (2015). Business Case for Ethical Recruitment. Nurse Leader , 13 (5), 40-48.
  6. Shaffer, F. A., Bakhshi, M., Dutka, J. T., & Phillips, J. (2016). Code for ethical international recruitment practices: the CGFNS Alliance case study. Human Resources for Health , 14 (31).
  7. Williams , A., & Pellecchia, R. (2017, July 6). Fake Online Job Interviews Phishing for Your Personal Information. Retrieved 2017, from Financial Industry Regulatory Authority: http://www.finra.org/newsroom/2017/fake-online-job-interviews-phishing-your-personal-information
  8. Wong, S. C., & Li, J. S. (2015). Will hotel employees’ perception of unethical managerial behavior affect their job satisfaction? A study of Chinese hotel employees in China. International Journal of Contemporary Hospitality Management , 27 (5), 853-877.

CYBER BODY LANGUAGE

CYBER BODY LANGUAGE

FADI ABU ZUHRI

INTRODUCTION

For several hundreds of years, official agencies have been studying techniques and mechanisms to identify individuals. They started off by passports and identity cards and later developed to more controversial schemes like DNA profiling and body surveillance (Caplan & Torpey, 2001).

It is estimated that there are 39 million web servers worldwide that host 3 billion indexable web pages with 20 billion links. There is an ever increasing surveillance by government as well as telecom operators at the cost of privacy of netizens (Batty, 2003). Technological advances in identity and behaviour mapping have become more daring in the recent times. The handheld mobile phones and other gadgets have made it possible for businesses get to know about the behaviour of the people and allow them to gather vital information that can help them reach out to these users. Phone manufacturers, software developers and internet search engines are now able to detect the behaviour and interests of the users through integrated algorithms and computing devices.

Cyber Body Language is best understood as “Context-Awareness” where a device or software is designed, primarily or partly, to analyse the behaviour or pattern of the users and apply information gathered to automatically assert products, services, or other purposes such as security monitoring.

This article covers the implications of Cyber Body Language’s Context-Awareness and how it will affect the users in terms of privacy, finances and consumption. The review of related literature discusses Cyber Body Language, Context-Awareness, Context-Awareness Computing, Privacy, Geolocations and Targeted Ads through personalized hypermedia application.

CYBER BODY LANGUAGE

According to Oracle (2014), Cyber Body Language or “Digital Body Language” is similar to facial expression or behaviour a user makes when interacting in the cyber world. In an online equivalent, these behaviours and expressions could be web browsing history, download history, web searches and online communication. This behaviour is the raw data that provides informaton about the user’s interests, needs and so on. Even the schedule of the user’s online presence can be useful information for the organizations monitoring the user’s behaviour (Oracle, 2014).

The transformative shift of physical activities such as online shopping transactions had created a marketing challenge of comprehending online consumer behaviour (Woods, 2009). Oracle (2014) stated that marketing and sales operations need to be adapted to ensure that it is Context-Aware or able to comprehend the Cyber Body Language of the consumers. It is imperative that the organization must first have a broad understanding of the impact of the shift and how all the processes came to change with it. An organization must be well-equipped with the necessary technology and infrastructure to be able to synthesize the information based on the consumer behaviour. (Oracle, 2014)

CONTEXT-AWARENESS

Dey (2001) defined context as any data that can be utilized to describe the environment of an entity. According to him, an entity can be the user, location or a thing that is significant in the domain of the application or software (Dey, 2001). On the other hand, Context-Awareness is defined as someone who is the user of the information. In such as case, a system is said to be Context-Aware when it has the ability to gather and synthesize the context information and apply it in the improvement and adaptability of the device (Byun & Cheverst, 2004).

Context-Awareness is aimed to provide efficiency and usability of service offered to the users and this is only possible through being flexible and aware of the changing behaviors of the users (Bolchini, Schreiber, & Tanca, 2007; Dey, 2001; Zhu, Mutka, & Ni, 2005). It has been said that context played a very crucial role because it is built up from user information and included data on status, location and interests (Korpipää, Mäntyjärvi, Kela, Keränen, & Malm, 2003; Kwon, 2004).

CONTEXT-AWARENESS COMPUTING

In understanding Cyber Body Language, there were Context-Aware Systems developed that take advantage of user behaviour. Context-Aware Systems gather context, analyse such context gathered and then with the information acquired is used to customize the system based on the behaviour or changing situation of the user (Khattak et al., 2014).

Facebook plans to figure out the emotional state of the users. It files a stir of patents that try to find out our emotions. One of the patents is Augmenting Text Messages with Emotion Information which involves decorating the text messages to fit the people’s moods. Therefore, Facebook intends to join some features with words to show the impressions of the sender (Vaas, 2017).

The other proposed Emotion-Reading patent is Techniques for Emotion Detection and Content Delivery. It plans to own its path to the cameras on our phones, tablets, and laptops by observing us as we peer at the screens. Another Emotion-Gleaning technology has been described where one will generate emojis based on the user’s facial Expression. These types of technology tools can be used by the marketers to gauge the reaction of the consumers and cater to them (Vaas, 2017).

In short, Context-Aware Systems are made to adapt their systems in accordance to the context of the user without their active participation in such changes (Khattak, et al., 2014). The development of these Context-Aware Systems synthesizes the behaviour and environment of the user with an aim to ensure that such systems will continually be usable and effective throughout time (Baldauf, Dustdar, & Rosenberg, 2007; Khattak, et al., 2011; Chen, Nugent, & Wang, 2012).

Context-Aware Systems are becoming more popular and have been developed into diverse domains or interface such as Location-Based Systems (Want, Hopper, Falcão, & Gibbons, 1992), Context-Aware file system (Hess & Campbell, 2003), Context-Aware Security (Covington, Fogla, Zhiyuan, & Ahamad, 2002), Context-Aware Activity Recognition (Khattak, et al., 2011), Context Based Searching (Ding, et al., 2004; Khattak, Ahmad, Mustafa, Pervez, Latif, & Lee, 2013), and Intelligent Healthcare Systems (Khattak, Ahmad, Mustafa, Pervez, Latif, & Lee, 2013; Khattak, Pervez, Lee, & Lee, 2011; Hussain, et al., 2013; Khattak, Pervez, Han, Lee, & Nugent, 2012). Nowadays, the use of Context-Aware Systems has become commonplace and part of everyday life for users of the cyber world. In fact, Cyber Behaviour sensing and computing devices are known to have been already installed in most smart devices (Khattak, Ahmad, Mustafa, Pervez, Latif, & Lee, 2013; Khattak, Pervez, Lee, & Lee, 2011; Han, Vinh, Lee, & Lee, 2012).

The context gathered from the users is classified as internal or external (Hofer, Schwinger, Pichler, Leonhartsberger, & Altmann, 2013). But the quality of information derived by the Context-Aware Systems is not dependent on whether it is internal or external. Such systems are designed to acquire and synthesize context in order to make it useful and effective for further processing (Baldauf, Dustdar, & Rosenberg, 2007; Han, Vinh, Lee, & Lee, 2012).

Another domain of Context-Awareness is a personalised hypermedia application. It is a hypermedia system which, like any Context-Aware Systems, applies the information, structure and the physical attributes of the networked hypermedia objects to the user’s environment, characterization and behaviour. This Context-Aware domain is considered as an interactive system. This means that users are allowed to navigate a network of linked hypermedia objects. Examples of hypermedia are the web pages which contain various media types like text, photos, videos, clips, applications and other similar elements. (Kobsa, Koenemann, & Pohl, 2001)

PRIVACY

User behaviour in the internet has become subject to breach of privacy and security. Smith et al. (1996) enumerated the four instances where the issue of privacy concerns arise, to wit: the gathering of personal information, unapproved indirect use of personal information, supplying of wrong personal information, and unauthorized access to personal data (Stewart & Segars, 2002). These concerns in online marketing are being applied in the same regards like collection of the personal information, storage and control of these information and observance of the privacy practices and use such data in a way that promotes marketing without breaching the sensitive line of privacy (Malhotra, Kim, & Agarwal, 2004). On the other hand, most consumers are concerned on the unapproved indirect use of data and the supplying of wrong personal information (Brown & Muchira, 2004). There will be a possibility that the consumer may lose his trust to the vendor when the latter insisted on getting the information evoking privacy concerns (Camp, 2003).

Google and Microsoft argue that it has the right to scan all emails passing through its systems. This means that Google can read keywords that can trigger relevant advertisements (Schofield, 2013). Facebook has a privacy setting to allow users to stop the collection of behavioural information. However by default this is set to allow the collection of private information. Even if one were to opt out, it does not stop advertisements on Facebook (Smith L. , 2016).

There are various instances that are possible to happen in terms of breaching of privacy with the utilization of Cyber Body Language . Context-Aware Systems are made smart and adaptable, mostly users are caught off guard, but their behavioural patterns are already studied in the furtherance of the systems they use. Most of the time, this Context-Aware devices are useful, but unauthorized access or misused of the data gathered from the user might post a security threat. Although there may be concerns that Context-Aware Systems can be very damaging to the privacy of the user, it should also consider that these Context-Aware Systems can also provide security. This way, the Context-Aware Systems can intelligently analyse the behaviour of the user, assess the possible breach of security and synthesize those information to strengthen the security systems.

According to Milne and Gordon (1993), the collection of such Personal Information called for the proper treatment as it is considered to be an “Implied Social Contract” with the consumer. The consumer has a right to sue and be entitled with compensation if there such an instance where his trust has been breached by the vendor (Solove, 2006). Because of this, the vendor is always required to ensure that he observed fair information practices to guarantee the consumer that his personal information is well-respected and well-preserved (Culnan, 2000; Dinev & Hart, 2006).

GEOLOCATIONS

One of the domains of Context-Aware Services popularly applied is the location-based services. These services are usually present in mobile services that follow the location of their users (Rao & Minakakis, 2003) which basically the primary market of the Context-Awareness. One location-based services application widely used is the Geo-Fencing and also its allied services like a notification signal wherein it reminds user when it enters a certain area like a nearby police station or school grounds. (Namiot, 2013)

According to Rivero-Rodriguez et al. (2016), there can be issues or problems can arise from the inability to secure location privacy in an Location-Based Context-Aware environment One of the issues in location-enabled aware device is the spamming where the user is barraged by advertisements of the products or services from businesses. The second issue is the threat to personal safety of the user where he can be easily targeted of harassment, assault or any crime because his location is easily traced. The last issue is the ability of other users to access the spatio temporal information of a user where their Privacy, Personal Information, Religious and Political views are located. (Rivero-Rodriguez, Pileggi, & Nykänen, 2016)

TARGETED ADS

Advertisements are targeted to users that meet certain behavioural characteristics. An example of this is the tool created by Cambridge University called “Apply Magic Sauce” which is said to predict the Psycho-Demographic profile of the user based on the footprints left on the social media like Twitter and Facebook. This is developed to give specific perception on the behaviour, personality, attitude, interest and level of interest of the user (Psychometric Centre of University of Cambridge, 2017).

Another tool called “Crystal” is also created to predict the profile of a user by analyzing the email history and LinkedIn profile of a user. This tool can also be used against the email contacts to analyse their behaviour for the user will have a perception of his contact’s behaviour or character. The main objective of this tool is for the user to become a good communicator (Crystal Project Inc., 2017).

CONCLUSION

The use of Cyber Body Language is a result of the evolutionary process of computing systems were user’s patterns and behaviors are studied to become the trigger points for enhancement, upgradation or replacement of systems installed. This adaptability mechanism of devices has been developed really well to read Cyber Body Languages that it became a source of concern for all. Since most users had already experienced how it can exploit, harass, bombard or sneak into their personal space where security and privacy is at great risk. However, it cannot be discounted that the utilization of Cyber Body Languages is a mine-field for discoveries that can help continuously upgrade and advance technologies without explicit participation from the users. Keeping in mind the age-old respect of one’s privacy and personal space, it is only logical to suggest that the development of Cyber Body Languages should be regulated.

REFERENCES

  1. Baldauf, M., Dustdar, S., & Rosenberg, F. (2007). A Survey on context-aware systems. Int. J. Ad Hoc Ubiquitous Comput , 263-277.
  2. Batty, M. (2003). The Next Big Thing: Surveillance from the Ground up. Environment and Planning B: Urban Analytics and City Science , 30 (3).
  3. Bolchini, C., Schreiber, F. A., & Tanca, L. (2007). A methodology for a very small database designs. Information Systems , 61-82.
  4. Brown, M., & Muchira, R. (2004). Investigating the Relationship between Internet Privacy Concerns and Online Purchase Behavior. Journal of Electronic Commerce Research , 62-70.
  5. Camp, L. J. (2003). Design for trust. In R. Falcone, Trust, Reputation and Security: Theories and Practice,. Springer-Verlang.
  6. Caplan, J., & Torpey, J. (2001). Documenting Individual Identity: The Development of State Practices in the Modern World. Princeton, NJ: Princeton University Press.
  7. Chen, L., Nugent, C., & Wang, H. (2012). A knowledge-driven approach to activity recognition in smart homes. IEEE Transactions on Knowledge and Data Engineering , 961–974.
  8. Covington, M., Fogla, P., Zhiyuan, Z., & Ahamad, M. (2002). A context-aware security architecture for emerging applications. 18th Annual Computer Security Applications Conference, (pp. 249-258). Las Vegas, NV.
  9. Crystal Project Inc. (2017). Crystal. Retrieved May 15, 2017 from Crystal Knows: https://www.crystalknows.com/
  10. Culnan, M. J. (2000). Protecting Privacy Online: Is Self-Regulation Working? . Journal of Public Policy and Marketing , 20-26.
  11. Dey, A. K. (2001). Understanding and using context. Personal and Ubiquitous Computing , 4-7.
  12. Dinev, T., & Hart, P. (2006). An Extended Privacy Calculus Model for E-Commerce Transactions. Information Systems Research , 61-80.
  13. Ding, L., Finin, T., Joshi, A., Pan, R., Scott Cost, R., Peng, Y., et al. (2004). Swoogle: A search and metadata engine for the semantic web. 13th ACM International Conference on Information and Knowledge Management, , (pp. 8-13). Washington, DC.
  14. Han, M., Vinh, L., Lee, Y., & Lee, S. (2012). Comprehensive context recognizer based on multimodal sensors in a smartphone. Sensors , 12588–12605.
  15. Hess, C., & Campbell, R. (2003). An application of a context-aware file system. Personal and Ubiquitous Computing , 339–352.
  16. Hofer, T., Schwinger, W., Pichler, M., Leonhartsberger, G., & Altmann, J. (2013). Context-awareness on mobile devices-The hydrogen approach. 36th Annual Hawaii International Conference on System Sciences, (pp. 6-9). Big Island, HI, USA.
  17. Hussain, M., Khattak, A., Khan, W., Fatima, I., Amin, M., Pervez, Z., et al. (2013). Cloud-based Smart CDSS for chronic diseases. Health Technology , 153-175.
  18. Khattak, A. M., Akbar, N., Aazam, M., Ali, T., Khan, A. M., Jeon, S., et al. (2014). Context Representation and Fusion: Advancements and Opportunities. Sensors , 9628–9668.
  19. Khattak, A., Ahmad, N., Mustafa, J., Pervez, Z., Latif, K., & Lee, S. (2013). Context-aware Search in Dynamic Repositories of Digital Documents. 16th IEEE International Conference on Computational Science and Engineering (CSE 2013), (pp. 3-5). Sydney, Australia.
  20. Khattak, A., Pervez, Z., Han, M., Lee, S., & Nugent, C. (2012). DDSS: Dynamic decision support system for elderly. 25th IEEE International Symposium on Computer-Based Medical Systems (CBMS 2012), (pp. 20-22). Rome, Italy.
  21. Khattak, A., Pervez, Z., Lee, S., & Lee, Y. (2011). Intelligent healthcare service provisioning using ontology with low-level sensory data. KSII Transactions on Internet and Information Systems , 2016–2034.
  22. Khattak, A., Truc, P., Hung, L., Vinh, L., Dang, V., Guan, D., et al. (2011). Towards smart homes using low level sensory data. Sensors , 11581–11604.
  23. Kobsa, A., Koenemann, J., & Pohl, W. (2001). Personalised hypermedia presentation techniques for improving online customer relationships. The Knowledge Engineering Review , 111-155.
  24. Korpipää, P., Mäntyjärvi, J., Kela, J., Keränen, H., & Malm, E. J. (2003). Managing context information in mobile devices. IEEE Pervasive Computing , 42-51.
  25. Kwon, O. B. (2004). Modeling and generating context-aware agent-based applications with amended colored petri nets. Expert Systems with Applications , 609-621.
  26. Malhotra, N., Kim, S. S., & Agarwal, J. (2004). Internet Users’ Information Privacy Concerns (IUIPC): The Construct, the Scale, and a Causal Model. Information Systems Research , 336-355.
  27. Milne, G. R., & Gordon, M. E. (1993). Direct mail privacy-efficiency trade-offs within an implied social contract framework. Journal of Public Policy Marketing , 206–215.
  28. Namiot, D. (2013). GeoFence Services. International Journal of Open Information Technologies , 30-33.
  29. Oracle. (2014). Digital Body Language: Reading and Responding to Online Digital Body Behaviors. Digital Body Language Guide .
  30. Psychometric Centre of University of Cambridge. (2017). Facebook and Twitter Prediction. Retrieved May 15, 2017 from Psychometric Centre of University of Cambridge: https://applymagicsauce.com/demo.html
  31. Rao, B., & Minakakis, L. (2003). Evolution of Mobile Location-based Services. Commun. ACM , 61-65.
  32. Rivero-Rodriguez, A., Pileggi, P., & Nykänen, O. A. (2016). Mobile Context-Aware Systems: Technologies Resources and Applications. International Journal of Interactive Mobile Technologies , 25-32.
  33. Schofield, J. (2013, August 15). Is Gmail secure enough for my private emails? Retrieved 2017 from https://www.theguardian.com/technology/askjack/2013/aug/15/gmail-google-email-privacy
  34. Smith, H. J., Milberg, S., & Burke, S. (1996). Information privacy: Measuring individuals’ concerns about organizational practices. MIS Quarterly , 167-196.
  35. Smith, L. (2016, June 3). You Need to Update Your Facebook Privacy Settings — Again. Retrieved 2017 from http://www.goodhousekeeping.com/life/news/a38801/targeted-facebook-ads-privacy-settings/
  36. Solove, D. J. (2006). A Taxonomy of Privacy. University of Pennsylvania Law Review , 477.
  37. Stewart, K. A., & Segars, A. H. (2002). An empirical examination of the concern for information privacy instrument. Information Systems Research , 36-49.
  38. Vaas, L. (2017, June 12). Facebook wants to feel your pain (and your joy). Retrieved 2017 from https://nakedsecurity.sophos.com/2017/06/12/facebook-wants-to-feel-your-pain-and-your-joy/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+nakedsecurity+%28Naked+Security+-+Sophos%29
  39. Want, R., Hopper, A., Falcão, V., & Gibbons, J. (1992). The active badge location system. ACM Transactions on Information Systems , 91-102.
  40. Woods, S. (2009). Digital Body Language: Deciphering Customer Intentions in an Online World. Danville, CA: New Year Publishing.
  41. Zhu, F., Mutka, M. W., & Ni, L. M. (2005). Service discovery in pervasive computing environments. IEEE Pervasive Computing , 81-90.

 

CHALLENGES FACED BY CYBER FORENSIC INVESTIGATOR – CONCEPTS AND TECHNIQUES

CHALLENGES FACED BY CYBER FORENSIC INVESTIGATOR – CONCEPTS AND TECHNIQUES

FADI ABU ZUHRI

INTRODUCTION

This paper looks at the techniques and tools used by Cyber Forensic Investigators in various scenarios that prove to be quite challenging. Cyber Forensic Investigators are tasked with presenting digital evidence to the courts. The courts would only accept evidence that is based on reliable principles and methods. One therefore needs to have a way to distinguish reliable techniques from unreliable ones. For example, certain groups consider evidence from astronomy reliable while evidence from astrology is not considered reliable even though they both use the same tools – star charts, planetary positions, telescopes, etc. Cyber Forensic techniques and tools need to be evaluated for reliability before presenting to the courts.

LIVE FORENSICS

Live forensic is mostly applied when the item under investigation is rather too large to be represented practically by imaging (Karie & Venter, 2015). Also, there are situations where the system that is to be investigated is too big to be broken down for postmortem. There also occurs a situation where the computer that is to be investigated is very far away from the Cyber Forensic Investigator. This entire situation will have required the technique of live forensics to be applied. However, the whole case does not mean that one would have to download all these details from a remote location since this will require a more sophisticated network to perform this operation (Christopher, 2006). Additionally, there are cases where the aspect of capture cannot be used for the purpose of postmortem analysis for example memory contents, open ports and other operating aspects of a running computer. In this case, it is advisable that one should use court tested methods to avoid a situation where you will be required to prove the viability of the method in question. According to Peter (2005), the most used situation where the assistance of live forensics is required is in the cases of digital forensic incidence response where it is used if one has an understanding of what is in the memory, what is being communicated out by the computer and what processes and ports are running.

There has been the migration of organization’s data to storage in the cloud at a high rate by various corporations. Many decision makers of technology have invested their businesses in the cloud services. Based on the experience of the organizations, there are three main challenges that one ought to overcome to perform sound data collection in the cloud. Firstly, it is easy to get in, but hard to get back the organization’s data out once it has been drawn to the cloud. Secondly, data protection laws are different in various countries. Thirdly, Office 365, which is seeing a growing adoption among organizations, are inadequate for large-scale collection creating a great challenge for data collection (Barocchini & Maccherola, 2017).

DATA RECOVERY

Reliable methods of data recovery are critical for any Forensic Investigator as the situation of losing data is sometimes inevitable during criminal investigations (Rogers & Seigfried, 2014). For any Cyber Forensic Investigator, information is key and therefore it is highly recommended that measures are put in place to ensure that information can be recovered once lost. In case the information is lost, effective methods of data recovery should be put forward. For example, when one loses a file that he or she has no extra copy of; it would really be easy for them to recover the file if the file were recent and not overwritten. The methods to be deployed in the process of data recovery depend on whether one wants to get the data in in-depth or just a copy of the file. For the case of the whole file, it is possible to recover the file by bookmarking the file as you analyze them bit by bit as you go just like in document forensics (Karie & Venter, 2015). For the case of a copy of the file, computer forensics allows one to get the file from the Image as a stand-alone file.

RECOVERING POTENTIALLY OVERWRITTEN FILES

Digital storage is designed in such a way that when one deletes a file, it stays saved in the digital memory to allow natural restoration of the file. But there is a situation, mainly as a result of disk fragmentation, which could result in this particular data being lost. Fragmentation results in the overwriting of this particular files and it would be possible to recover these files using the file table (Samy et al., 2017). The file table is what determines the way files are stored physically within that particular storage. If the data has been partially overwritten, it will be possible to recover the data by reconstruction of the file header. If the file header has been overwritten, file carving is used (Rogers & Seigfried, 2014).

PASSWORD RECOVERY

Passwords are put in place to ensure data security, and there comes a time when the password itself becomes a threat to data security. For this reason, it is important that measures for password recovery should be in place. The process may be easy or hard depending on the type of password that is being recovered (Bennet, 2012). The easiest way to password recovery is the dictionary. This tool assumes that the passwords are a dictionary and through trial and error the appropriate password is found. After the dictionary attack, hash or password replacement is the next step of password recovery. This case does not apply to all situations given that other systems are complex. If the dictionary attack is not successful in password recovery, then another process called brute force can be used. This process is a widely known password recovery process but is time consuming. The time factor here is determined by the number of possible combination in order to receive the actual password that is required.

FORENSIC IMAGE ANALYSIS

Forensic Image Analysis uses search indexing and file filtering techniques. Index search technique is used in where the data has been grouped into various categories using the index. Digital devices store data using the index for the purpose of aiding people to retrieve data. The file filtering tool, on the other hand, uses hashes to gain access to the necessary files (Karie & Venter, 2015).

The general idea about forensic image analysis lies in the various tools that are used for this challenge. The most used tool is the search tool which includes two types of search. Index search is the easiest form of search that involves the search of the database. When an application is processing the disk for image analysis, it creates then indexes table in the back-end database. Searching of the image will be done through the aid of this particular index. The second technique that is applied is the file filtering. The file filtering tool uses hashes to gain access to the necessary files. This method works by eliminating the undesirable item and select those that the forensic investigator prefers (Simon & Choo, 2014).

CRYPTANALYSIS AND STEGANALYSIS

Steganalysis is the process of finding hidden data within digital objects. This is similar to cryptanalysis applied to cryptography. Information can be hidden in messages, images, or file within another message (Otair, 2015).

The idea of encryption has always been a major obstacle to most of the Cyber Forensic Investigators since they are very hard to break and also due to the fact that not all encryption is the same. The process of encryption is usually done by an application which most of the time leave trails of plaintext behind. These plain texts are hard to find, yet they provide all the necessary requirements to break encryption. The first step towards breaking encryption is to identify the type of application that has been used. Some applications are good in deleting all traces of plain text, but it would be still possible to break the encryption if the plaintext was saved elsewhere of even in another version. The next step is you identify the weakness of the application that has been used for encryption then you exploit the weakness then you can finally access the file if you know the file name (Quick & Choo, 2016).

FORENSIC NETWORK ANALYSIS

Sniffing is the process of analyzing all the data that passes through a given network. Sniffers are available as open-source, commercial and more sophisticated ones (Dykstra & Sherman, 2013). For sniffers to work in a particular network, it must be configured in promiscuous mode allowing them to receive network traffic even if not addressed to this particular Network Interface Cards (NICs) (Gordon, 2016).

BIG DATA

The challenge of big data is to try to isolate the useful data from the vast amounts of data available. In forensics, big data is randomly distributed as compared to simple data, which is stratified, and its analysis requires just simple methods of data mining. After separation of the data, cluster analysis is the step that follows. Cluster analysis involves using a given criteria to try to group the data in an orderly manner depending on the attributes of the data (Rogers & Seigfried, 2014).

The criteria that will be used in the grouping will be up to the efforts of the Cyber Forensic Investigator. Another method that is very vital here is detection, which looks at the data in a perspective which is different from that of the Cyber Forensic Investigator. The last approach is independencies which use some rule to try to find the various relationships of the data that interest the Cyber Forensic Investigator (Gordon, 2016).

SAFE ANALYSIS OF MALWARE

Cyber Forensic Investigators need to identify and if possible, eliminate all imminent dangers posed by malware before analyzing digital evidence. The most common method used for this particular challenge is sandboxing. Sandboxing involves creating a virtual machine on the physical computer that can be operated in the computer as a separate entity (Rogers & Seigfried, 2014).

Which this approach, it will be possible for one to undertake high-risk activities using the virtual machine and deal will eliminate the malware that pose a threat to the work being done by the Cyber Forensic Investigator. According to Samy et al. (2017), the sandboxing tools also have the capability of encapsulating a computer in web-browsing thus providing security from drive-by malware.

DATA VISUALIZATION

A common tool for data visualization in Cyber Forensics is link analysis. This particular tool includes the use of graphs, pie charts, and crosstabs, among others to try to create a visual impression. This is a more practical approach in the field of forensic analysis where it is more interactive and literarily visual (Bennet, 2012).

Ruan et al. (2011) indicate that data visualization entirely depends on the visualization tools possess by Cyber Forensic Investigator meaning that there are many open-source and commercial visualization tools present in the market. The basic idea of data visualization is to aid people to understand the data by seeing the data. (Ruan, Carthy, Kechadi, & Crosbie, 2011).

CONCLUSION

A national workshop found that the most important challenges in Cyber Forensics were education, training and funding, the size of memory, data volume, and understanding of technology (Baggili & Breitinger, 2017). Cyber forensic investigators are very vital in various cases today given that there has been a rapid change in technology over the years. This knowledge is very crucial today especially in court cases where the use of this kind of technology has seen into it that there has been a change in the way various cases that proved hard to make a conclusion be easy.

REFERENCES

  1. Baggili, I., & Breitinger, F. (2017, June 22). NSF National Workshop on Redefining Cyber Forensics. Retrieved 2017, from https://www.youtube.com/watch?v=RBHWVclGmmk&feature=youtu.be
  2. Barocchini, A., & Maccherola, S. (2017, May 31). 3 Challenges to Data Collection in the Cloud. Retrieved 2017, from http://accessdata.com/blog/3-challenges-to-data-collection-in-the-cloud
  3. Bennet, D. W. (2012). The Challenges Facing Computer Forensics Investigators in Obtaining Information from Mobile Devices for Use in Criminal Investigations. Information Security Journal: A Global Perspective , 21 (3), 159-168.
  4. Brown, C. L. (2006). Computer Evidence Collection & Preservation. Massachusetts: Charles River Media, Inc.
  5. Dykstra, J., & Sherman, A. T. (2013). Design and implementation of FROST: Digital forensic tools for the OpenStack cloud computing platform. Digital Investigation , 10, 87-95.
  6. Karie, N. M., & Venter, H. S. (2015). Taxonomy of challenges for digital forensics. Journal of forensic sciences , 60 (4), 885-893.
  7. Quick, D., & Choo, K. (2016). Big forensic data reduction: digital forensic images and electronic evidence. Cluster Computing , 19 (2), 723-740.
  8. Rogers, M. K., & Seigfried, K. (2014). The future of computer forensics: a needs analysis survey. Computers & Security , 23 (1), 12-16.
  9. Ruan, K., Carthy, J., Kechadi, T., & Crosbie, M. (2011). Cloud forensics. IFIP International Conference on Digital Forensics (pp. 35-46). Berlin: Springer.
  10. Samy, G. N., Shanmugam, B., Maarop, N., Magalingam, P., Perumal, S., & Albakri, S. H. (2017). Digital Forensic Challenges in the Cloud Computing Environment. International Conference of Reliable Information and Communication Technology , 669-676.
  11. Simon, M., & Choo, K. (2014). Digital forensics: challenges and future research directions. http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2421339. In I.-S. Kim, & J. Liu, Contemporary Trends in Asian Criminal Justice: Paving the Way for the Future (pp. 105-146). Seoul, South Korea: Korean Institute of Criminology.
  12. Stephenson, P. (n.d.). (ISC)² Guide to the CCFP CBK.

THE CYBER EFFECT

THE CYBER EFFECT

FADI ABU ZUHRI

INTRODUCTION

The world has transformed over the ages. Long ago, people used to use postage to convey information or messages. Today, emails have replaced postage. Then came the newspapers and magazines to share information on a periodic basis with a larger mass market. Today, people can find information on the World Wide Web through various search engines (Hay, Meldrum, & Mann, 2010). While all this seems quite exciting for the population, advancement in technology does not always mean that the world is progressing in the right direction. This is referred to as “The Cyber Effect” where advancement in technology or life may be good but at the same time pose serious threats and risks to the people.

CYBER-UTOPIANISM

According to Aiken (2016), people need to find a balance in an era of cyber-utopianism. Cyber-utopianism is the belief that online communication is liberating and that the Internet is the platform for sharing ideas and thoughts. Ideally, cyber-utopianism is that naive belief that the web favors the oppressed rather than the oppressor. Aiken (2016) compares the current situation to what existed several years ago when making her argument. She states that the world without the Internet was simple. People who were in that era knew what they have, who they are, and what their values were. After the advancement in technology, things changed. Values were broken and people started to behave differently. Despite the fact that advancement in technology acted as a source of information to many people, it leads to the deterioration of moral standards. This is the first adverse Cyber Effect.

In her book, Aiken (2016) further stated that cyber-utopianism is like that moment where one is going on a trip and as they are heading out of the door with their luggage, they have to confirm and make sure that they have everything that they need before they embark on their trip. Before a country embarks on a journey of technological advancement, it has to make sure that enough security measures are in place to mitigate any risks and threats that may come as a result. Countries ought to invest in strong security measures and seal all loopholes before advancing its technology to prevent any loss of confidential data and information (Naughton, 2016). This is the second adverse Cyber Effect.

CYBER SPACE

According to Aiken (2016), the world is not prepared for cyberspace. She describes cyberspace as a place that is separate from us (Ahuja, 2016). Aiken (2016) anticipates that by 2020, technology would have advanced to a point where people would be immersed in their smart homes and smart cars and they would be clad in wearable technologies. During that time, she anticipates that their babies would be in captivating seats with their tablets and they would be wearing face-obscuring helmets. Besides, their age-mates would be fractured in various social networking sites and platforms, human labour would be replaced with robots, and dark thoughts would pervade the country (Ronson, 2016). This is the third negative Cyber Effect. Here, it is evident that cyber space would change the lives of people and thus lead to deterioration of moral standards, loss of jobs, complex lives and cyber threats such as cyber-bullying and cyber-terrorism.

FORENSIC CYBER PSYCHOLOGY

The main question that arises in Aiken’s (2016) book is that we cannot afford losing out on forensic science (Spiegel & Grau, 2016). According to Aiken (2016), forensic science is the study of physical evidence of a crime scene such as body fluids, fibres and fingerprints. Aiken (2016) further states that even if the world is changing, the physical evidence of a crime scene from fossils will still remain the same over years to come. Aiken (2016) states that forensic cyber psychology will remain to be the same for generations to come (Steiner-Adair, 2016). Forensic cyber psychology means the cyber behavioural evidence that are left online. Apparently, every contact or user leaves a trace and thus add his or her footprint on cyber space.

Cyber space is also beneficial to a country. The internet could be used to arrest the biggest human trafficker and curb internet crimes against children (CBS NEWS, 2016). Aiken (2016) gives an example of how the Internet could be used by the law enforcement agencies to curb crime. It is, therefore, evident that cyber space has both negative and positive effects.

CONCLUSION

People nowadays are living through an exciting moment of history since lives are being transformed through advancement in technology. However, everything new is not always good and advancement in technology does not always mean that a country is progressing. Having cyber space may have several effects such as deterioration of moral standards, security threats, loss of jobs as humans are replaced with robots, change in the ways of lives of people, cyber threats such as cyber bullying and adoption of complicated lives by people (Ando & Sakamoto, 2008). To conclude, one thing that has not changed and that is not bound to change despite the advancement in technology is human emotions and cultural affinity among people. However as people move more of their lives online, one is left to wonder if technology can improve emotional intelligence.

REFERENCES

  1. Anjana, Ahuja (2016). The Cyber Effect by Mary Aiken review. Financial Times. Retrieved June 19, 2017, from, https://www.ft.com/content/8d571710-8bdf-11e6-8cb7-e7ada1d123b1
  2. Alexandra, Frean (2016). The Cyber Effect by Mary Aiken. The Times. Retrieved June 19, 2017, https://www.thetimes.co.uk/article/the-cyber-effect-a-pioneering-cyberpsychologist-explains-how-human-behaviour-changes-online-by-mary-aiken-fwkxkj3t6

  3. Ando, R., & Sakamoto, A. (2008). The effect of cyber-friends on loneliness and social anxiety: Differences between high and low self-evaluated physical attractiveness groups. Computers in Human Behavior24(3), 993-1009.

  4. CBS News (August 23, 2016). Cyberpsychologist Aiken on catching online bullies. Retrieved June 20, 2017, from, http://www.cbsnews.com/news/cyberbullying-prevention-social-media-teenagers-mary-aiken-cyberpsychologist/
  5. Catherine, Steiner-Adair (2016). Who are we and who are we becoming in the cyber-world? Cyber effect Review. Retrieved June 19, 2017, from, https://www.washingtonpost.com/opinions/who-are-we–and-who-are-we-becoming–in-the-cyber-world/2016/08/18/30c1068e-60cc-11e6-af8e-54aa2e849447_story.html?utm_term=.58038d402277

  6. Hay, C., Meldrum, R., & Mann, K. (2010). Traditional bullying, cyber bullying, and deviance: A general strain theory approach. Journal of Contemporary Criminal Justice26(2), 130-147.

  7. John, Naughton (2016). The Cyber Effect by Mary Aiken – review. Retrieved June 19, 2017, from, https://www.theguardian.com/books/2016/aug/14/the-cyber-effect-mary-aiken-review-internet-social-media-psychology
  8. Jon, Ronson (2016). The cyber effect Review: A Pioneering Cyberpsychologist Explains How Human Behavior Changes Online by Mary Aiken. Retrieved June 19, 2017, from, https://www.nytimes.com/2016/09/11/books/review/cyber-effect-mary-aiken.html
  9. Mary, Aiken (2016). The cyber effect: A Pioneering cyberpsychologist explains how human behavior changes online. Retrieved June 19, 2017, from, http://www.maryaiken.com/cyber-effect/
  10. Spiegel & Grau (2016). The cyber effect: A Pioneering Cyberpsychologist Explains How Human Behavior Changes Online. KIRKUS Review. Retrieved June 19, 2017, from, https://www.kirkusreviews.com/book-reviews/mary-aiken/the-cyber-effect/

HOW YOU STILL EXIST HERE, WHEN YOU ARE ALREADY THERE

HOW YOU STILL EXIST HERE, WHEN YOU ARE ALREADY THERE

FADI ABU ZUHRI

INTRODUCTION

The advancement of technology has brought about changes in how people interact and perceive each other and their environment. The presence of online gaming, Virtual Reality and Augmented Reality has paved the way not only in the perception of reality but also in the enjoyment of games, improvement of services, advancement of healthcare and business innovation.

This paper will focus on the characteristics, features and challenges of online gaming, Virtual Reality (VR) and Augmented Reality (AR).

ONLINE GAMING

Online gaming is an activity using a video game that is connected to the Internet or another computer network where a number of users are participating in one game (Rollings & Hall, 2006). Online gaming has become a popular activity for children, teenagers, young and old adults. A significant amount of time is spent gamers online where they can participate in games that offer club-like virtual communities. With this, the players can virtually socialize and participate in competitive gaming and computer-mediated encounters with other players around the world (Voiskounsky, Mitina, & Avetisova, 2004).

Interaction with fellow gamers is considered to be the highlight of this virtual experience (Lewinski, 2000; Csikszentmihalyi, 1997; Mithra, 1998). Laurel (1993) defined interaction as conduct of communication between two or more people and how this communication affects them (Laurel, 1993). For instance, an online game where a player interact with a certain monster, defeating and killing the monster, the player is rewarded depending on the monster’s response. This kind of interaction has a substantial effect on the popularity of online gaming as it immerses the player in a virtual world through narratives, missions and personalized avatars (Lewinski, 2000; Ju & Wagner, 1997; Cummins, 2002; Eskelinen, 2001). This phenomenon has encouraged online game developers to offer a unique out-of-this-world experience in the games they build (Lewinski, 2000; Johnson, 1998; Gillespie, 1997).

In spite of its popularity, online gaming faces several challenges that hinder the development of enabling technologies that improve the interaction and experience in online gaming. Secretly held engineering practices and proprietary approaches to building games have made it impossible to create online gaming standards. Life span of a game is limited where evolution, upgrading, and new missions are no longer available upon reaching a certain level. A lack of game play description hinders the analysis and creation of new gaming environment (Morgan, 2009).

VIRTUAL REALITY

Virtual Reality (VR) describes a virtually and digitally developed space or environment that a person can access only through the usage of highly technological equipment (Lanier, 1992; Rheingold, 1991; Sutherland, 1968). When a person is inside the created space, the person can travel from one place to another, virtually interacting with the objects and people present in that digital environment. Decades ago, the concept of VR was coupled with images of people wearing futuristic headgears, gloves and full-body suits. This has become the symbol of an emerging technological advancement that can be seen nowadays. VR is continually improving as scientists and artists are working on how this technology can be further optimized to create out-of-the-body experience (Fox, Arena, & Bailenson, 2009).

Virtual reality refers to a virtual environment. This environment is a rendered digital space where the user is placed upon entering a VR experience. In this place, the user’s movements are tracked, surroundings are created, and the user’s experience is rendered based on their reactions to the interactions. To illustrate, in an online game, where keys are used to move forward or sideward, which in effect cause the game to create a new environment based on this movement. The virtual environment makes use of the cues coming from the movement of the player to render new environments, replacing the real actual environment with the virtual environment (Fox, Arena, & Bailenson, 2009).

According to Biocca and Levy (1995), an effective virtual environment is one where the player’s sensory impressions are blocked and separated from the real world environment. The bodily senses of the players must be immersed in the digital world while the user’s physical body is visible to the real world. The player is immersed in the virtual world created by the game where the user’s emotional and psychological being is experiencing a different version of themselves, separate from the physical world (Witmer & Singer, 1998). There are several versions on how a virtual environment can be rendered and experienced. It can be through computer-based platforms, mobile phones and portable electronics like tablets, desktop monitors or wearable VR gadget where a player can move their entire body and interact with the virtual world (Fox, Arena, & Bailenson, 2009).

The Virtual Reality and the virtual environment constantly tracks the user and renders the environment accordingly, thereby enhancing user experience. Unlike the usual games, Virtual Reality provides an optimal level of interaction with the digital world. In the virtual environment, the gamer is given a role where the flow of the game itself can be modified depending on the gamer’s achievements and upgrades. This interaction alone inhibits the gamer to use their cognitive and active participation to realize their progress while playing. Thus, Virtual Reality promotes interactivity between the gamer and the game, which make it more realistic albeit abstract. (Fox, Arena, & Bailenson, 2009)

AUGMENTED REALITY

Augmented Reality (AR) is a different flavour of Virtual Reality or virtual environment. Augmented reality combines the element of the physical world and the digital world. Unlike Virtual Reality, where the gamer is immersed in a rendered environment, Augmented Reality allows the gamer to perceive the real world, virtually, in real time. However, in Augmented Reality, despite the appearance of the physical world, composite virtual objects are continuously rendered and imposed (Azuma, 1997).

In essence, Augmented Reality is merely a combination of real and virtual environments. In AR, the interaction is in real time and it operates and uses 3D environment. The technology in Augmented Reality allows certain digital objects presented visually but cannot be detected alone by the gamer without any interface. This kind of reality, allows a gamer to perceive graphical interfaces combined with the real world in the real time. The use of Augmented Reality involves the combination of advanced technologies that are responsible in materializing digital content with the gamer’s perception of the environment. The technology of Augmented Reality is basically a gold mine for possibilities as it can be used not just in games but also in sports, entertainment, education, medicine, and businesses. (Kipper & Rampolla, 2012)

According to Boyajian (2017) the launch of Pokémon Go in 2016 popularised AD to the rest of the world. The presence and use of Augmented Reality overshadowed the popularity of Virtual Reality (Boyajian, 2017).

The advancement of Augmented Reality and Virtual Reality has proven to be useful in the scenarios like education, medicine and business. However, there are challenges in further enhancement of Augmented Reality and it mass popularity. The first challenge is the limited availablity and cost of AR hardware like headsets. As such, the usage of these headsets is restricted to enterprise and military use. Most developed hardwares are not even available to the public. Aside from price and limited supply, the portability and convenience is also an issue because some hardware needs to be tethered to a computer (Boyajian, 2017).

A second challenge for Augmented Reality is the content which means the corresponding applications that must be installed for the AR and its hardware. As such, hardware manufacturers make sure that their market has already installed the suitable applications in their mobile phones or computers to make use of the hardware.  In addition to this, it is essential for the company to develop 3D content to integrate with their applications and provide optimal virtual experience. However, developing 3D content is costly and time consuming (Boyajian, 2017).

The final challenge facing Augmented Reality is educating the mass market. Vast majority of consumers do not have the knowledge or even awareness of Augmented Reality. There may be others who have exposure, but their experience in Augmented Reality is limited and does not focus on practical aspects of their lives.  Because of this, there is an opportunity for AR and VR to be mainstreamed in the educational curriculum so that students have better grasp about this technology and can think of innovations that are applicable and necessary to the real world (Boyajian, 2017).

CONCLUSION

The introduction of online gaming, Virtual Reality and Augmented Reality has shattered the typical perception on what is present and what it not. These technologies allowed a user to be physically present but mentally and psychologically detached to the real world, fully immersed with the 2D/3D environment he is in, interacting and making progress. With the Augmented Reality, a person can see objects digitally rendered that are not possible to be physically present, but with the help of hardwares and graphical interface, can be present and allow interaction. These technologies are not just for games but can be widely used in practical ways like education, medicine, sports among other applications.

It is only a matter or time before these applications become commonplace given the fast pace of technological advancements. It is too early to evaluate the security considerations related to AR/ VR. Forensic science is still grappling with how to understand psychological behaviour in virtual environments. Would these applications take into consideration the cultural and emotional element of human interaction? These and many other questions remain unanswered as we pump millions of dollars into developing better gaming environments.

REFERENCES

  1. Azuma, R. T. (1997). A Survey of Augmented Reality. Presence: Teleoperators and Virtual Environments, 355-385.
  2. Biocca, F., & Levy, M. (1995). Communication applications of Virtual Reality. In F. Biocca, & M. Levy, Communication in the age of Virtual Reality (pp. 127–157). Hillsdale, NJ: Erlbaum.
  3. Boyajian, L. (2017, February 27). The 3 biggest challenges facing Augmented Reality. Retrieved June 19, 2017, from Network World: http://www.networkworld.com/article/3174804/mobile-wireless/the-3-biggest-challenges-facing-augmented-reality.html
  4. Csikszentmihalyi, M. (1997). Finding flow: the psychology of engagement with everyday life. New York: Basic Books.
  5. Cummins, N. (2002). Integrating e-commerce and games. Personal and Ubiquitous , 362–370.
  6. Eskelinen, M. (2001). Towards computer game studies. Digital Creativity, 175–183.
  7. Fox, J., Arena, D., & Bailenson, J. N. (2009). Virtual Reality: A Survival Guide for the Social Scientist. Journal of Media Psychology, 95–113.
  8. Gillespie, T. (1997). Digital storytelling and computer game design. Proceeding of the 1997 CHI Conference on Human Factors in Computing Systems, (pp. 148–149).
  9. Johnson, J. (1998). Simplifying the controls of an interactivemovie game. Proceeding of the 1998 CHI Conference on Human Factors in Computing Systems, (pp. 65-72).
  10. Ju, E., & Wagner, C. (1997). Personal computer adventure games: their structure, principles, and applicability for training. The DATA BASE for Advancesin Information Systems.
  11. Kipper, G., & Rampolla, J. (2012). Augmented Reality: An Emerging Technologies Guide to AR. Elsevier.
  12. Lanier, J. (1992). Virtual reality: The promise of the future. Interactive Learning International, 275–279.
  13. Laurel, B. (1993). Computer as theatre. New York: Addison-Wesley.
  14. Lewinski, J. (2000). Developer’s guide to computer game design. Portland: Wordware Publishing Inc.
  15. Mithra, P. (1998). 10 ways to destroy a perfectly good game idea. Proceeding of the 1998 CHI Conference on Human Factors in Computing Systems, (p. 377).
  16. Morgan, G. (2009). Challenges of Online Game Development: A Review. Simulation & Gaming.
  17. Rheingold, H. (1991). Virtual reality. New York: Simon & Schuster.
  18. Rollings, A., & Hall, E. A. (2006). Fundamentals of Game Design. Prentice Hall.
  19. Sutherland, I. (1968). A head mounted three dimensional display. Proceedings of the Fall Joint Computer Conference.
  20. Voiskounsky, A. E., Mitina, O. V., & Avetisova, A. A. (2004). Playing Online Games: Flow Experience . PsychNology Journal, 259 – 281.
  21. Witmer, B., & Singer, M. (1998). Measuring presence in virtual environments: A presence questionnaire. PRESENCE: Teleoperators and Virtual Environments, 225–240.

CYBER FORENSIC CHALLENGES

CYBER FORENSIC CHALLENGES

FADI ABU ZUHRI

 

INTRODUCTION

The increase in the number of people using networked digital devices has led to incidences of crime that call for forensic investigations (Brown, 2015). The existence of Cyber Forensics skills has made it possible to gather evidence from such devices. The evidence collected is used in courts to establish the crime and bring Cyber criminals to justice. Cyber Forensic investigators and analysts are often entrusted with the task of finding, recording, analysing, and reporting of digital evidence. The whole process of gathering forensic evidence has a number of challenges. These challenges are categorized into five broad areas: hardware challenges, software challenges, cloud forensic challenges, legal challenges and human challenges (Karie, & Venter, 2015; Lindsey, 2006; Mohay, 2005).

HARDWARE CHALLENGES

Hardware challenges are linked to the needs of the modulated technology and enhancements of the hardware. Studies suggested that some criminal suspects change the hard disk within their devices before the Cyber Forensic expert can gain access to the device (National Institute of Justice, 2002; Brown, 2015). In such cases, the suspects use the write blockers to shift information between the two hard disks. The main effect is that a forensic examination of the new hard disk, may not display some of the relevant evidence. On the other hand, the evidence gathered from the new hard disk will lack consistency, and may not be apparent (Brown, 2015; Spafford, 2006).

Further, the evidence gathered from a device that was reset, may accentuate the problem since during the reset process, a small portion of the backup information is likely to have been reinstalled. For example, different mobile devices have hard disks that have enmeshed algorithm that are responsible for erasing the data automatically. Since the technology for collecting information from unused devices or devices where information was deleted by a user is still under development, there is likely to be some delays in obtaining such information. It is for this reasons that some Cyber Forensic experts have reported tremendous challenges in retrieving information from content that was deleted from the device (Spafford, 2006).

SOFTWARE CHALLENGES

The current era of technological advancements and changes in gathering forensic evidence has resulted into the birth of Platform as a Service (PaaS) and Software as a Service (SaaS), which have brought a number of changes into the computing structure. The use of new software and new technology has brought about a number of challenges. One of the challenges is lined to the well-developed device operating system. The current operating systems have been log enabled, and now requires a Cyber Forensic expert to gather background information on the device, which includes the information on accessibility of the application, usage of the application, and the level of information provided by the specific user of the application. Even though the new development appears like a progress for the different devices, the development requires some time for it to mature (Spafford, 2006; Giordano & Maciag, 2002).

Several challenges have been reported on the application accessibility since the application and the operating system are defined differently (Giordano & Maciag, 2002). For example, any alteration made on the file content may not be tracked until it is compared with subsequent/previous file versions or, if it is compared with the modified version of the time stamp. In case the Cyber Forensic expert suspects some manipulation on the document, it would be a challenge to determine the extent of manipulation (Brown, 2015).

Further, some forms of applications and log information that are collected by the application or the operating system, could be useful as evidence in certain cases. Despite the usefulness of the application, the awareness of its use is still at an infant stage making it difficult for the Cyber Forensic experts to ensure the effective use of the application. For example, an operating system like Windows 8 will collect information on all the Wi-Fi networks that have been accessed together with the transmission of the data. The information gathered would help investigations, such as those investigations that involve theft of data or in cases of network intrusion. However, a correlation between the gathered information, from the sources, and the event violation in the gathered information is a concept under research and experimentation (Giordano & Maciag, 2002).

The high number of mobile messaging applications available across the globe uses a software that automatically erase the information that is shared. The main challenge here is that it will be complex for a Cyber Forensic expert to gather such information that was deleted. Another challenge is the encryption in different mobile devices with intention of having the information protected especially during the process of gathering data. For example, gathering data from encrypted mobile chat applications may pose a challenge in certain situations. Contrary to popular belief all mobile chat applications are not encrypted. Certain mobile chats allow a secure connection between the sender and the receiver with no option to retrieve the message after a set time period. Other sessions are simply saved as text messages in the phone storage allowing anyone with the mobile phone passcode to access all stored messages. Even without a passcode, it is technically possible for the chat server to provide chat history with the right encryption key. The decryption of devices may be a challenge to some investigations where the storage or device itself is encrypted (Giordano & Maciag, 2002).

Not handing over mobile device PIN and passwords could lead to legal consequences in certain countries. For example, not giving passwords can get someone arrested according to Schedule 7 of Terrorism Act in the United Kingdom (legislation.gov.uk, 2008; Mandhai, 2017).

CLOUD FORENSIC CHALLENGES

Cloud computing is now used by smart mobile devices. The flexibility and scalability of cloud computing poses a huge challenge to forensic investigation (Lopez, Moon, & Park, 2016). The data in these devices, maybe able to be accessed everywhere hence posing another challenge to the investigators. It is a challenge for the investigator to locate the data in a way that ensures the privacy rights of the users. The investigators require the knowledge on anti-forensic tools, practices, and tools that help ensure that the forensic analysis is done accordingly (Spafford, 2006; Lopez, Moon, & Park, 2016).

Cloud-based applications also enable users to ensure that data is accessed from various devices. For example, if one of the two devices of a single user is compromised and both devices lead to some changes in the application, it would be difficult for the Cyber Forensic expert to identify the real source of the change. High risks may compromise credentials and theft of the identity in an environment that is cloud-based and lead to changes that are unknown such as the evidence remaining unknown. On the other hand, an email viewed using a user’s smart mobile device and deleted may not be traced easily. In most cases, it would be difficult to examine severs of the mail and identify the evidence of the deleted communication (Lopez, Moon, & Park, 2016).

LEGAL CHALLENGES

There have been some changes in the data protection and privacy regulations in different countries across the globe (Garrie & Morrissy, 2014). Cyber laws and regulations in different jurisdiction vary and many do not take into account, the complexity in collecting forensic evidence. For example, in the machine of a suspect, the information that is available is likely to have some personal information that could be crucial in an investigation. However, accessibility to such private information is likely to be considered as a violation of user privacy (Spafford, 2006).

On the other hand, the era of companies giving some provision to their employees to use their individual devices in accessing the official communication is likely to contribute to several challenges involved in data gathering. Accessing the email of a user, for instance, using webmail and a smart mobile device together with downloading the involved attachments is an example of theft of personal data. In the current era, collecting specific information from a user device is in itself a challenge (Kaur & Kaur, 2012).

HUMAN CHALLENGES

Cyber Forensic experts are tasked with collecting and analysing the role of identifying criminals and going through all the evidence gathered against the criminals. These are well-trained professionals working for the public law enforcement agencies or in the private sector to perform roles that are associated to the collection and analysis of forensic evidence. The Cyber Forensic experts also come up with reports that are majorly used in the legal settings for investigations. Besides working in the laboratory, Cyber Forensic experts take up the role of applying the techniques of forensic investigation in the field uncovering the data that is relevant for the court (Karie & Venter, 2015).

The Cyber Forensic experts have the ability of recovering data, which was deleted previously, hidden in the mobile folds, or encrypted. The court, in most cases, calls the Cyber Forensic experts to provide testimony in the court and elaborate on the evidence reports during a given investigation. As such, the Cyber Forensic investigators get involved in complicated cases that may include examining Internet abuse, determining the digital resources that are misused, verifying the offenders’ alibis, and examining how the network was used to come up with forensic threats. There are times when the Cyber Forensic expert is expected to offer support to cases that deal with intrusions, breaching of data, or any form of incident. Through the application of the relevant software and techniques, the device, system or the platform is examined for any kind of evidence on the persons involved on the crime (Karie, & Venter, 2015).

In a forensic examination, data is retrieved from the digital devices, which are considered to be evidence required for the investigations. In most cases, a systematic approach may be used to analyse the evidence, which would be presented in the court at the time of the proceedings. At an early stage of the investigation, the Cyber Forensic expert is required to get involved in gathering evidence. Early engagement in the investigation process helps the Cyber Forensic expert to be in a position to restore all the content without causing damage to the integrity (Karie, & Venter, 2015).

There are different types of forensic cases that are handled by the Cyber Forensic experts. Some of the cases deal with intruders getting into the victim’ devices and stealing their data, other cases, are for the crime offenders who launch attacks on several websites or those who try to gain some access to the names of the users and the password so as to engage in identity fraud. A Cyber Forensic expert has the ability to explore the type of fraud committed by analysing the evidence and using the required techniques. Despite the reason behind the investigation, the experts go through the process procedurally to ensure the findings recorded or gathered are sound. After opening a given case, the items that would be seized include the digital devices, software, and other media equipment’s so as to run the investigation. In the retrieval process, the items considered essential will be gathered so as to give the analyst everything that would be required for the testimony (Karie, & Venter, 2015).

Another human-related challenge faced by Cyber Forensics is spoliation (Cavaliere 2001; Mercer 2004). Spoliation occurs when the person handling evidence fails to preserve, alters evidence, or destroys evidence that could be useful in pending ligation (Watson, 2004). Spoliation may be caused by negligent on the part of the party handling the litigation or handling evidence and intentional destroying evidence by the handler.

OTHER CHALLENGES

Elsewhere, in a literature-based study, Karie and Venter (2015) identified and categorized cyber forensic challenges into four: technical challenges, law enforcement or legal system challenges, personal-related challenges and operational challenges.

Technical Challenges were identified as vast volume of data; bandwidth restrictions; encryption; volatility of digital evidence; incompatibility among heterogeneous forensic techniques; the digital media’s limited lifespan; emerging devices and technologies, sophistication of digital crimes; anti-forensics; emerging cloud forensic challenge.

Legal Challenges were identified as jurisdiction, admissibility of digital forensic techniques and tools; prosecuting digital crimes; privacy; ethical issues; lack of sufficient support for civic prosecution or legal criminal prosecution.

Personnel-related Challenges were identified as semantic disparities in Cyber Forensics; insufficient qualified Cyber Forensic personnel; insufficient forensic knowledge and the reuse among personnel; strict Cyber Forensic investigator licensing requirements; and lack of formal unified digital forensic domain knowledge.

Lastly, Operational Challenges were identified as significant manual analysis and intervention; incidence detection, prevention and response; lack of standardized procedures and processes; and trust of Audit Trails (Vaciago, 2012; Mercuri, 2009; Bassett, Bass, & O’Brien, 2006; Liu, & Brown, 2006; Richard, & Roussev, 2006; Arthur, & Hein, 2004; Mohay, 2005).

CONCLUSION

This paper revealed several challenges faced by Cyber Forensics. These challenges can be categorized into five: hardware, software, cloud, legal and human. They can also be categorized into technical challenges, law enforcement or legal system challenges, personal-related challenges, and operational challenges. While the available literature has sufficient details on the technical aspects of Cyber Forensic investigation, the human element only seems to touch the surface. There is a huge gap in terms of understanding the emotional and cultural aspects of the stakeholders involved in the investigation process. This calls for a review of Cyber Forensics where elements of Emotional Intelligence (EQ), Cultural Intelligence (CQ) and People Intelligence (PQ) are further investigated for a better understanding.

REFERENCES

  1. Arthur, K.K., & Hein, S.V. (2004). An investigation into computer forensic tools. Proceedings of the ISSA conference; Midrand, South Africa. Piscataway, NJ: IEEE Computer Society Publishers; 1–11.
  2. Bassett, R., Bass, L., & O’Brien, P. (2006). Computer forensics: an essential ingredient for cyber security. J Inform Sci Technol; 3:22–32.
  3. Brown, C. (2015) Investigating and prosecuting cybercrime: Forensic dependencies and Barriers to Justice. International Journal of Cyber Criminology, 9 (1): 55-119.
  4. Cichonski, P., Millar, T., Grance, T., & Scarfone, K. (2012). Computer security incident handling guide. Revision 2. National Institute of Standards and Technology; 2012 Aug.; NIST Special Publication 800-61
  5. Cavaliere, F. J. (2001). “The Web-wise Lawyer,” Practical Lawyer; 47(4): 9-10.
  6. Garrie, D. & Morrissy, D. (2014). Digital forensic evidence in the courtroom: Understanding content and quality. Northwest Journal of technology and intellectual property, 12 (2): 121.
  7. Giordano, J & Maciag, C. (2002). Cyber forensic: A military operations perspective. International Journal of digital evidence, 1 (2): 1-13.
  8. Kaur, R & Kaur, A. (2012). Digital Forensics. International Journal of Computer Application, 50(5): 0975-887.
  9. Karie, N.M., & Venter, H.S. (2015). Taxonomy of challenges for digital forensics. Journal Forensics, Sci, 60(4): 885-893.
  10. Liu, V., & Brown, F. (2006). Bleeding-edge anti-forensics. Proceedings of the InfoSec World Conference & Expo; Orlando, FL. Washington, DC: NIST Special Publication; 800–86.
  11. Lopez, E.M. & Moon, S.Y., & Park, H.J. (2016). Scenario-Based Digital Forensics Challenges in Cloud Computing. Symmetry, 8 (107): 2-20.
  12. Lindsey, T. (2006). Challenges in Digital Forensics. Retrieved on 8th May 2017 from http://www.dfrws.org/2006/proceedings/Lindsey-press.pdf
  13. legislation.gov.uk. (2008). Counter-Terrorism Act 2008. Retrieved May 23, 2017, from http://www.legislation.gov.uk/ukpga/2008/28/schedule/7
  14. Mandhai, S. (2017, May 15). Cage activist faces charges for not giving up passwords. Retrieved May 23, 2017, from http://www.aljazeera.com/news/2017/05/cage-activist-faces-charges-giving-passwords-170515130616563.html
  15. Mercer, L. D. (2004). “Characteristics and Preservation of Digital Evidence,” FBI Law Enforcement Bulletin 73(3): 28-34.
  16. Mercuri, R. (2009). Criminal defense challenges in computer forensics. Proceedings of the Digital Forensics and Cyber Crime Conference, Albany, NY. Berlin/Heidelberg: Springer Berlin Heidelberg Publishers.
  17. Mohay, G. (2005). Technical Challenges and Directions for Digital Forensics in 1st International Workshop on Systematic Approaches to Digital Forensic Engineering.
  18. National Institute of Justice. (2002). Results from Tools and Technology Working Group, Governors Summit on Cybercrime and Cyber terrorism, Princeton NJ.
  19. Richard, G.G., & Roussev, V. (2006). Digital forensics tools – the next generation.
    Hershey, PA: Idea Group Inc; 76–91.
  20. Vaciago, G. (2012). Cloud computing and data jurisdiction: a new challenge for
    digital forensics. Proceedings of the third International Conference on Technical and Legal Aspects of the e-Society; Valencia, Spain. IARIA XPS Press; 7–12.
  21. Spafford E. (2006). Some Challenges in Digital Forensics. In: Olivier M.S., Shenoi S. (eds) Advances in Digital Forensics II. IFIP Advances in Information and Communication, vol 222. Springer, Boston, MA
  22. Watson, L. M. (2004). “Anticipating electronic discovery in commercial cases,” Michigan Bar Journal. 83(31), 23-45.

LIE DETECTION – A MYTH OR SCIENCE?

LIE DETECTION – A MYTH OR SCIENCE?

FADI ABU ZUHRI

INTRODUCTION

In the current era of technological advancements, there is an increasing interest of testing the lie detection methods. Different scholars have gained interest in testing whether lie detection is a science or myth. What is evident is that, in most cases, liars may not offer telltale signs of their dishonesty. As such, it is difficult to identify the persons who are telling the truth or those who tell lies. In most cases, a lie could be embedded in some truth. There is also a small difference between the people telling the truth and those who tell lies. A common mistake that has been made by lie detectors is putting so much emphasis on the nonverbal cues. For example, lie detectors neglect the actions of an individual when he or she is telling the truth. They only record the actions of liars when they are lying. Lie detectors have also proved to be overly confident in their skill of detection (Ask, Granhag, Juhlin, & Vrij, 2013). In this case, there have been a number of misconceptions when it comes to deceptions. This paper discusses the fact that lie detection is science rather that a myth believed by some proponents.

WHAT IS LYING

Lying can be defined using many approaches. Lying is seen as communication that is falsified and intended to benefit only one party. This classification covers a broad range of subjects – from humans to plants. In a plant, deception may be experienced in a situation where a male wasp is seduced by orchid flower, which produces smell creating an illusion of mating. The gainer is the orchid because, in the course of deception, the wasp acts as an agent of pollination. This approach is not conventionally used because it includes an act of misleading as a way of deception. Lying can be defined as an act that is meant to manipulate other people believe something he or she knows is untrue (Zuckerman, DePaulo, & Rosenthal, 1981; Krauss, 1981). Lying is a part of everyday life, sometimes causing harm and sometimes “white lies” may even benefit the lie receiver by acting as a social lubricant (Vrij, 2008).

GOOD LIARS AND POOR LIARS

Vrij (2008) argues that everybody has an idea of what lying is. Everybody knows that lying is something that is not acceptable in the society. The myth here is pretending that we seldom lie because humans cannot accept themselves as miserable liars. Since lying is unacceptable in society, people opt for others means of deceit. In the long run, they spend little time with liars and completely avoid them. Most individuals in the world are sick liars; they forget that they are lying and reveal their deceit by being nervous or avoiding eye contact. The author notes that people tend to be good detectors when monitoring their children, and close friends. Criminals accomplish their objective by deceiving others. Then there are professional lie catchers who are technically trained to catch lies. There has been a revolution in technology with the development of machines technically designed to detect lies. An example is the brain-scanner, which is used by researchers to monitor the thoughts and feeling of somebody directly (Vrij, 2008).

There is a big difference between good liars and poor lie detectors. Most people assume that they don’t lie and by so doing they are underestimating their ability to lie. There are many ways of telling why people believe that they are the worst liars than they thought. First, they overestimate how honest they are with their feelings and thought to others. By saying so, Vrij (2008) implied that people believe that their lies trend all the way. Second, the selfish act makes people see themselves as more morally upright than others (Kaplar & Gordon, 2004). When someone admits that he or she is a good liar, he or she complicates the good self-image. People will tend to disclose their white lies and hide dangerous lies (Elaad, 2003). This shows that it is easy to detect a dangerous lie compared to white lie because people will remember the lies that can be easily noticed. Lastly, people will remember instances when they lied and were detected that than instances when they lied successfully. When people forget how easily they can lie, they are underestimating their ability to lie (Vrij, 2008).

WHY LIES REMAIN UNNOTICED

The reason why people lies go unnoticed is that no efforts are put in detecting them, and they do not want to know the truth. Vrij (2008) calls it the ostrich effect and states that there are at least three reasons as to why people don’t like to know or accept the truth. One, the truth may be bitter and people prefer to stay ignorant by believing a more “pleasant” lie. Second, people fear consequences that the truth may present. They are afraid of what they would need to do if they were to accept the truth. Third, people fear not knowing what to do if they came to know the truth.

THE TECHNOLOGY BEHIND LIE DETECTION

Even though, lie detection has been used in many contexts, the technique has been misunderstood in many ways. Lie detection is one complex technique and requires a personal judgment. The scientific underpinnings used in lie detection are less straightforward than other tests like the breath-alcohol test. The nature of lie detection makes it interesting to analyze especially from the basis of science. It uses the methods and conclusions of a number of disciplines that deal with behavior and human physiology. Lie detection also offers a vital probability issue that is applicable in criminal law (O’Sullivan, 2007).

In 1895, a mix of pulse reading and blood pressure was used to investigate crime. Other experiments done in lie detection have used blood pressure, and respiratory recordings. The science of lie detection was equally tested by the polygraph created by Larson John. The polygraph used the three measurements (pulse, blood pressure, and respiration) in lie detection. The Keeler, made by Leonarder Keeler, introduced the galvanic response of the skin to the list. The key improvement in the Keeler is the ability to obviate and record the blood pressure distortions especially in the readings that could result from muscular flexing (Evans & Stanovich, 2013).

In most cases, the procedure used in lie detection such as the polygraph test is done by experienced examiners in a controlled environment. The examiner will engage in questions that depend on the preliminary interview results together with different circumstances and facts that create an accusation basis. Some questions would be variable depending on the individual being questioned. Many studies on lie detection have proposed the use of some systematically designed models as ways of measuring the physiological activities and creating the last credibility judgment (Frank & Ekman, 2004).

Even though lie detection appears extremely useful, a number of results obtained from lie detectors have been excluded from trial (Albrechtsen, Meissner, & Susa, 2009). There is a possibility that the validation and the verdict could be wrong just like the lie detector (Etcoff, Ekman, Magee, & Frank, 2000). In this case, lie detection procedures have no independent means of checking the phenomena which is lying or confirming whether the accused person lied.

DIFFICULTIES WITH DETECTING LIES

Detecting liars and lies is not an easy task. Even professional lie detectors, like police officers and intelligence officers, fail to do so in most cases. Research shows that professionals also make wrong decisions and fail to distinguish between a lie and truth. One reason behind failing to detect a lie is due to the complexity of the task. There is no single response from a liar that a lie detector can rely on to truly capture a liar. A liar who is determined to lie will avoid being caught at all cost, and there will be an attempt to hide nonverbal, psychological and verbal signs. Liars will try at all cost to create an accurate impression to lie detectors to avoid being caught. They will employ informed tactics to fool whoever is trying to fool them, living the lie detector with mixed feelings about the situation. There are many errors committed by lie detectors that hinder them from knowing the truth; they may tend to focus more on signs that are not linked with the lie. This may be contributed to the fact that they were trained to do so. Some of the techniques the detectors are trained to might be well known by the liars thus making it hard for them to separate the truth from a lie (Vrij, 2008).

Lack of realism is another contributor to the lack of ability to detect lies. Many studies mention that a lie can be detected by observing how people are behaving, screening their speech and analyzing their psychological responses. When lie detectors are conversant with these principles, they are so proud to have the ability to detect deception. Research experts have claimed to have the capacity to detect lies, but they fail to support their study with evidence. Interestingly, lie detectors who have been trained to look for certain cues tend to perform worse than those who do not (Kassin & Fong, 1999; Mann, Vrij, & Bull, 2004).

CONCLUSION

Lie detection is a science and not a myth since the procedure used in lie detection follows a practical and intellectual activity involving a systematic study of behavior and structure of the natural and physical world using experiment and observation (Moore, Cappelli, Caron, Shaw, Spooner, & Trzeciak, 2011). The process of lie detection, however, could be improved if methods of testing the validity are improved.

While it is important to understand nonverbal, verbal, and physiological indicators of deceit, it is equally important for a lie detector to know which is indicator is more valuable. We sometimes tend to place more emphasis on nonverbal cues when detecting deception, however differences in cultural behaviors may define nonverbal indicators more than lying itself. This leads us to suggest that Emotional Intelligence (EQ), a combination of People Intelligence (PQ) and Cultural Intelligence (CQ), has a key role to play in lie detection.

REFERENCES

1.Albrechtsen, J. S., Meissner, C. A., & Susa, K. J. (2009). Can intuition improve deception detection performance? Journal of Experimental Social Psychology , 45, 1052–1055.

2.Ask, K., Granhag, P. A., Juhlin, F., & Vrij, A. (2013). Intending or pretending? Automatic evaluations of goal cues discriminate true and false intentions. Applied Cognitive Psychology , 27, 173–177.

3.Elaad, E. (2003). Effects of feedback on the overestimated capacity to detect lies and the underestimated ability to tell lies. Applied Cognitive Psychology , 17, 349–363.

4.Etcoff, N. L., Ekman, P., Magee, J. J., & Frank, M. G. (2000). Lie detection and language comprehension. Nature , 405, 159.

5.Evans, J. S., & Stanovich, K. E. (2013). Dual-process theories of higher cognition: Advancing the debate. Perspectives on Psychological Science , 8, 223–241.

6.Frank, M. G., & Ekman, P. (2004). Appearing truthful generalizes across different deception situations. Journal of Personality and Social Psychology , 86, 486–495.

7.Frank, M. G., & Feeley, T. H. (2003). To catch a liar: Challenges for research in lie detection training. Journal of Applied Communication Research , 31, 58-75.

8.Kaplar, M. E., & Gordon, A. K. (2004). The enigma of altruistic lying: Perspec- tive differences in what motivates and justifies lie telling within romantic relationships. Personal Relationships , 11, 489–507.

9.Kassin, S. M., & Fong, C. T. (1999). “I’m innocent!”: Effects of training on judgments of truth and deception in the interrogation room. Law and Human Behavior , 23, 499–516.

10.Krauss, R. M. (1981). Impression formation, impression management, and nonverbal behaviors. In E. T. Higgins, C. P. Herman, & M. P. Zanna, Social cognition: The Ontario Symposium (Vol. 1, pp. 323–341). Hillsdale, NJ: Erlbaum.

11.Mann, S., Vrij, A., & Bull, R. (2006). Looking through the eyes of an accurate lie detector. Journal of Credibility Assessment and Witness Psychology , 7 (1–16).

12.Moore, P., Cappelli, D., Caron, T., Shaw, E., Spooner, D., & Trzeciak, R. (2011). A preliminary model of insider theft of intellectual property. Retrieved 2016, from http://www.sei.cmu.edu

13.O’Sullivan, M. (2007). Unicorns or Tiger Woods: are lie detection experts myths or rarities? A Response to on lie detection “wizards” by Bond and Uysal. Law Hum Behav , 31 (1), 117-23.

14.Vrij, A. (2008). Detecting Lies and Deceit: Pitfalls and Opportunities (Second ed.). Chichester, West Sussex, England : John Wiley & Sons Ltd.

15.Zuckerman, M., DePaulo, B. M., & Rosenthal, R. (1981). Verbal and non- verbal communication of deception. In L. Berkowitz, Advances inexperimental social psychology. 14, 1–57.

Translate »