THE CYBER EFFECT

THE CYBER EFFECT

FADI ABU ZUHRI

INTRODUCTION

The world has transformed over the ages. Long ago, people used to use postage to convey information or messages. Today, emails have replaced postage. Then came the newspapers and magazines to share information on a periodic basis with a larger mass market. Today, people can find information on the World Wide Web through various search engines (Hay, Meldrum, & Mann, 2010). While all this seems quite exciting for the population, advancement in technology does not always mean that the world is progressing in the right direction. This is referred to as “The Cyber Effect” where advancement in technology or life may be good but at the same time pose serious threats and risks to the people.

CYBER-UTOPIANISM

According to Aiken (2016), people need to find a balance in an era of cyber-utopianism. Cyber-utopianism is the belief that online communication is liberating and that the Internet is the platform for sharing ideas and thoughts. Ideally, cyber-utopianism is that naive belief that the web favors the oppressed rather than the oppressor. Aiken (2016) compares the current situation to what existed several years ago when making her argument. She states that the world without the Internet was simple. People who were in that era knew what they have, who they are, and what their values were. After the advancement in technology, things changed. Values were broken and people started to behave differently. Despite the fact that advancement in technology acted as a source of information to many people, it leads to the deterioration of moral standards. This is the first adverse Cyber Effect.

In her book, Aiken (2016) further stated that cyber-utopianism is like that moment where one is going on a trip and as they are heading out of the door with their luggage, they have to confirm and make sure that they have everything that they need before they embark on their trip. Before a country embarks on a journey of technological advancement, it has to make sure that enough security measures are in place to mitigate any risks and threats that may come as a result. Countries ought to invest in strong security measures and seal all loopholes before advancing its technology to prevent any loss of confidential data and information (Naughton, 2016). This is the second adverse Cyber Effect.

CYBER SPACE

According to Aiken (2016), the world is not prepared for cyberspace. She describes cyberspace as a place that is separate from us (Ahuja, 2016). Aiken (2016) anticipates that by 2020, technology would have advanced to a point where people would be immersed in their smart homes and smart cars and they would be clad in wearable technologies. During that time, she anticipates that their babies would be in captivating seats with their tablets and they would be wearing face-obscuring helmets. Besides, their age-mates would be fractured in various social networking sites and platforms, human labour would be replaced with robots, and dark thoughts would pervade the country (Ronson, 2016). This is the third negative Cyber Effect. Here, it is evident that cyber space would change the lives of people and thus lead to deterioration of moral standards, loss of jobs, complex lives and cyber threats such as cyber-bullying and cyber-terrorism.

FORENSIC CYBER PSYCHOLOGY

The main question that arises in Aiken’s (2016) book is that we cannot afford losing out on forensic science (Spiegel & Grau, 2016). According to Aiken (2016), forensic science is the study of physical evidence of a crime scene such as body fluids, fibres and fingerprints. Aiken (2016) further states that even if the world is changing, the physical evidence of a crime scene from fossils will still remain the same over years to come. Aiken (2016) states that forensic cyber psychology will remain to be the same for generations to come (Steiner-Adair, 2016). Forensic cyber psychology means the cyber behavioural evidence that are left online. Apparently, every contact or user leaves a trace and thus add his or her footprint on cyber space.

Cyber space is also beneficial to a country. The internet could be used to arrest the biggest human trafficker and curb internet crimes against children (CBS NEWS, 2016). Aiken (2016) gives an example of how the Internet could be used by the law enforcement agencies to curb crime. It is, therefore, evident that cyber space has both negative and positive effects.

CONCLUSION

People nowadays are living through an exciting moment of history since lives are being transformed through advancement in technology. However, everything new is not always good and advancement in technology does not always mean that a country is progressing. Having cyber space may have several effects such as deterioration of moral standards, security threats, loss of jobs as humans are replaced with robots, change in the ways of lives of people, cyber threats such as cyber bullying and adoption of complicated lives by people (Ando & Sakamoto, 2008). To conclude, one thing that has not changed and that is not bound to change despite the advancement in technology is human emotions and cultural affinity among people. However as people move more of their lives online, one is left to wonder if technology can improve emotional intelligence.

REFERENCES

  1. Anjana, Ahuja (2016). The Cyber Effect by Mary Aiken review. Financial Times. Retrieved June 19, 2017, from, https://www.ft.com/content/8d571710-8bdf-11e6-8cb7-e7ada1d123b1
  2. Alexandra, Frean (2016). The Cyber Effect by Mary Aiken. The Times. Retrieved June 19, 2017, https://www.thetimes.co.uk/article/the-cyber-effect-a-pioneering-cyberpsychologist-explains-how-human-behaviour-changes-online-by-mary-aiken-fwkxkj3t6
  3. Ando, R., & Sakamoto, A. (2008). The effect of cyber-friends on loneliness and social anxiety: Differences between high and low self-evaluated physical attractiveness groups. Computers in Human Behavior24(3), 993-1009.

  4. CBS News (August 23, 2016). Cyberpsychologist Aiken on catching online bullies. Retrieved June 20, 2017, from, http://www.cbsnews.com/news/cyberbullying-prevention-social-media-teenagers-mary-aiken-cyberpsychologist/
  5. Catherine, Steiner-Adair (2016). Who are we and who are we becoming in the cyber-world? Cyber effect Review. Retrieved June 19, 2017, from, https://www.washingtonpost.com/opinions/who-are-we–and-who-are-we-becoming–in-the-cyber-world/2016/08/18/30c1068e-60cc-11e6-af8e-54aa2e849447_story.html?utm_term=.58038d402277
  6. Hay, C., Meldrum, R., & Mann, K. (2010). Traditional bullying, cyber bullying, and deviance: A general strain theory approach. Journal of Contemporary Criminal Justice26(2), 130-147.

  7. John, Naughton (2016). The Cyber Effect by Mary Aiken – review. Retrieved June 19, 2017, from, https://www.theguardian.com/books/2016/aug/14/the-cyber-effect-mary-aiken-review-internet-social-media-psychology
  8. Jon, Ronson (2016). The cyber effect Review: A Pioneering Cyberpsychologist Explains How Human Behavior Changes Online by Mary Aiken. Retrieved June 19, 2017, from, https://www.nytimes.com/2016/09/11/books/review/cyber-effect-mary-aiken.html
  9. Mary, Aiken (2016). The cyber effect: A Pioneering cyberpsychologist explains how human behavior changes online. Retrieved June 19, 2017, from, http://www.maryaiken.com/cyber-effect/
  10. Spiegel & Grau (2016). The cyber effect: A Pioneering Cyberpsychologist Explains How Human Behavior Changes Online. KIRKUS Review. Retrieved June 19, 2017, from, https://www.kirkusreviews.com/book-reviews/mary-aiken/the-cyber-effect/

HOW YOU STILL EXIST HERE, WHEN YOU ARE ALREADY THERE

HOW YOU STILL EXIST HERE, WHEN YOU ARE ALREADY THERE

FADI ABU ZUHRI

INTRODUCTION

The advancement of technology has brought about changes in how people interact and perceive each other and their environment. The presence of online gaming, Virtual Reality and Augmented Reality has paved the way not only in the perception of reality but also in the enjoyment of games, improvement of services, advancement of healthcare and business innovation.

This paper will focus on the characteristics, features and challenges of online gaming, Virtual Reality (VR) and Augmented Reality (AR).

ONLINE GAMING

Online gaming is an activity using a video game that is connected to the Internet or another computer network where a number of users are participating in one game (Rollings & Hall, 2006). Online gaming has become a popular activity for children, teenagers, young and old adults. A significant amount of time is spent gamers online where they can participate in games that offer club-like virtual communities. With this, the players can virtually socialize and participate in competitive gaming and computer-mediated encounters with other players around the world (Voiskounsky, Mitina, & Avetisova, 2004).

Interaction with fellow gamers is considered to be the highlight of this virtual experience (Lewinski, 2000; Csikszentmihalyi, 1997; Mithra, 1998). Laurel (1993) defined interaction as conduct of communication between two or more people and how this communication affects them (Laurel, 1993). For instance, an online game where a player interact with a certain monster, defeating and killing the monster, the player is rewarded depending on the monster’s response. This kind of interaction has a substantial effect on the popularity of online gaming as it immerses the player in a virtual world through narratives, missions and personalized avatars (Lewinski, 2000; Ju & Wagner, 1997; Cummins, 2002; Eskelinen, 2001). This phenomenon has encouraged online game developers to offer a unique out-of-this-world experience in the games they build (Lewinski, 2000; Johnson, 1998; Gillespie, 1997).

In spite of its popularity, online gaming faces several challenges that hinder the development of enabling technologies that improve the interaction and experience in online gaming. Secretly held engineering practices and proprietary approaches to building games have made it impossible to create online gaming standards. Life span of a game is limited where evolution, upgrading, and new missions are no longer available upon reaching a certain level. A lack of game play description hinders the analysis and creation of new gaming environment (Morgan, 2009).

VIRTUAL REALITY

Virtual Reality (VR) describes a virtually and digitally developed space or environment that a person can access only through the usage of highly technological equipment (Lanier, 1992; Rheingold, 1991; Sutherland, 1968). When a person is inside the created space, the person can travel from one place to another, virtually interacting with the objects and people present in that digital environment. Decades ago, the concept of VR was coupled with images of people wearing futuristic headgears, gloves and full-body suits. This has become the symbol of an emerging technological advancement that can be seen nowadays. VR is continually improving as scientists and artists are working on how this technology can be further optimized to create out-of-the-body experience (Fox, Arena, & Bailenson, 2009).

Virtual reality refers to a virtual environment. This environment is a rendered digital space where the user is placed upon entering a VR experience. In this place, the user’s movements are tracked, surroundings are created, and the user’s experience is rendered based on their reactions to the interactions. To illustrate, in an online game, where keys are used to move forward or sideward, which in effect cause the game to create a new environment based on this movement. The virtual environment makes use of the cues coming from the movement of the player to render new environments, replacing the real actual environment with the virtual environment (Fox, Arena, & Bailenson, 2009).

According to Biocca and Levy (1995), an effective virtual environment is one where the player’s sensory impressions are blocked and separated from the real world environment. The bodily senses of the players must be immersed in the digital world while the user’s physical body is visible to the real world. The player is immersed in the virtual world created by the game where the user’s emotional and psychological being is experiencing a different version of themselves, separate from the physical world (Witmer & Singer, 1998). There are several versions on how a virtual environment can be rendered and experienced. It can be through computer-based platforms, mobile phones and portable electronics like tablets, desktop monitors or wearable VR gadget where a player can move their entire body and interact with the virtual world (Fox, Arena, & Bailenson, 2009).

The Virtual Reality and the virtual environment constantly tracks the user and renders the environment accordingly, thereby enhancing user experience. Unlike the usual games, Virtual Reality provides an optimal level of interaction with the digital world. In the virtual environment, the gamer is given a role where the flow of the game itself can be modified depending on the gamer’s achievements and upgrades. This interaction alone inhibits the gamer to use their cognitive and active participation to realize their progress while playing. Thus, Virtual Reality promotes interactivity between the gamer and the game, which make it more realistic albeit abstract. (Fox, Arena, & Bailenson, 2009)

AUGMENTED REALITY

Augmented Reality (AR) is a different flavour of Virtual Reality or virtual environment. Augmented reality combines the element of the physical world and the digital world. Unlike Virtual Reality, where the gamer is immersed in a rendered environment, Augmented Reality allows the gamer to perceive the real world, virtually, in real time. However, in Augmented Reality, despite the appearance of the physical world, composite virtual objects are continuously rendered and imposed (Azuma, 1997).

In essence, Augmented Reality is merely a combination of real and virtual environments. In AR, the interaction is in real time and it operates and uses 3D environment. The technology in Augmented Reality allows certain digital objects presented visually but cannot be detected alone by the gamer without any interface. This kind of reality, allows a gamer to perceive graphical interfaces combined with the real world in the real time. The use of Augmented Reality involves the combination of advanced technologies that are responsible in materializing digital content with the gamer’s perception of the environment. The technology of Augmented Reality is basically a gold mine for possibilities as it can be used not just in games but also in sports, entertainment, education, medicine, and businesses. (Kipper & Rampolla, 2012)

According to Boyajian (2017) the launch of Pokémon Go in 2016 popularised AD to the rest of the world. The presence and use of Augmented Reality overshadowed the popularity of Virtual Reality (Boyajian, 2017).

The advancement of Augmented Reality and Virtual Reality has proven to be useful in the scenarios like education, medicine and business. However, there are challenges in further enhancement of Augmented Reality and it mass popularity. The first challenge is the limited availablity and cost of AR hardware like headsets. As such, the usage of these headsets is restricted to enterprise and military use. Most developed hardwares are not even available to the public. Aside from price and limited supply, the portability and convenience is also an issue because some hardware needs to be tethered to a computer (Boyajian, 2017).

A second challenge for Augmented Reality is the content which means the corresponding applications that must be installed for the AR and its hardware. As such, hardware manufacturers make sure that their market has already installed the suitable applications in their mobile phones or computers to make use of the hardware.  In addition to this, it is essential for the company to develop 3D content to integrate with their applications and provide optimal virtual experience. However, developing 3D content is costly and time consuming (Boyajian, 2017).

The final challenge facing Augmented Reality is educating the mass market. Vast majority of consumers do not have the knowledge or even awareness of Augmented Reality. There may be others who have exposure, but their experience in Augmented Reality is limited and does not focus on practical aspects of their lives.  Because of this, there is an opportunity for AR and VR to be mainstreamed in the educational curriculum so that students have better grasp about this technology and can think of innovations that are applicable and necessary to the real world (Boyajian, 2017).

CONCLUSION

The introduction of online gaming, Virtual Reality and Augmented Reality has shattered the typical perception on what is present and what it not. These technologies allowed a user to be physically present but mentally and psychologically detached to the real world, fully immersed with the 2D/3D environment he is in, interacting and making progress. With the Augmented Reality, a person can see objects digitally rendered that are not possible to be physically present, but with the help of hardwares and graphical interface, can be present and allow interaction. These technologies are not just for games but can be widely used in practical ways like education, medicine, sports among other applications.

It is only a matter or time before these applications become commonplace given the fast pace of technological advancements. It is too early to evaluate the security considerations related to AR/ VR. Forensic science is still grappling with how to understand psychological behaviour in virtual environments. Would these applications take into consideration the cultural and emotional element of human interaction? These and many other questions remain unanswered as we pump millions of dollars into developing better gaming environments.

REFERENCES

  1. Azuma, R. T. (1997). A Survey of Augmented Reality. Presence: Teleoperators and Virtual Environments, 355-385.
  2. Biocca, F., & Levy, M. (1995). Communication applications of Virtual Reality. In F. Biocca, & M. Levy, Communication in the age of Virtual Reality (pp. 127–157). Hillsdale, NJ: Erlbaum.
  3. Boyajian, L. (2017, February 27). The 3 biggest challenges facing Augmented Reality. Retrieved June 19, 2017, from Network World: http://www.networkworld.com/article/3174804/mobile-wireless/the-3-biggest-challenges-facing-augmented-reality.html
  4. Csikszentmihalyi, M. (1997). Finding flow: the psychology of engagement with everyday life. New York: Basic Books.
  5. Cummins, N. (2002). Integrating e-commerce and games. Personal and Ubiquitous , 362–370.
  6. Eskelinen, M. (2001). Towards computer game studies. Digital Creativity, 175–183.
  7. Fox, J., Arena, D., & Bailenson, J. N. (2009). Virtual Reality: A Survival Guide for the Social Scientist. Journal of Media Psychology, 95–113.
  8. Gillespie, T. (1997). Digital storytelling and computer game design. Proceeding of the 1997 CHI Conference on Human Factors in Computing Systems, (pp. 148–149).
  9. Johnson, J. (1998). Simplifying the controls of an interactivemovie game. Proceeding of the 1998 CHI Conference on Human Factors in Computing Systems, (pp. 65-72).
  10. Ju, E., & Wagner, C. (1997). Personal computer adventure games: their structure, principles, and applicability for training. The DATA BASE for Advancesin Information Systems.
  11. Kipper, G., & Rampolla, J. (2012). Augmented Reality: An Emerging Technologies Guide to AR. Elsevier.
  12. Lanier, J. (1992). Virtual reality: The promise of the future. Interactive Learning International, 275–279.
  13. Laurel, B. (1993). Computer as theatre. New York: Addison-Wesley.
  14. Lewinski, J. (2000). Developer’s guide to computer game design. Portland: Wordware Publishing Inc.
  15. Mithra, P. (1998). 10 ways to destroy a perfectly good game idea. Proceeding of the 1998 CHI Conference on Human Factors in Computing Systems, (p. 377).
  16. Morgan, G. (2009). Challenges of Online Game Development: A Review. Simulation & Gaming.
  17. Rheingold, H. (1991). Virtual reality. New York: Simon & Schuster.
  18. Rollings, A., & Hall, E. A. (2006). Fundamentals of Game Design. Prentice Hall.
  19. Sutherland, I. (1968). A head mounted three dimensional display. Proceedings of the Fall Joint Computer Conference.
  20. Voiskounsky, A. E., Mitina, O. V., & Avetisova, A. A. (2004). Playing Online Games: Flow Experience . PsychNology Journal, 259 – 281.
  21. Witmer, B., & Singer, M. (1998). Measuring presence in virtual environments: A presence questionnaire. PRESENCE: Teleoperators and Virtual Environments, 225–240.

CYBER FORENSIC CHALLENGES

CYBER FORENSIC CHALLENGES

FADI ABU ZUHRI

 

INTRODUCTION

The increase in the number of people using networked digital devices has led to incidences of crime that call for forensic investigations (Brown, 2015). The existence of Cyber Forensics skills has made it possible to gather evidence from such devices. The evidence collected is used in courts to establish the crime and bring Cyber criminals to justice. Cyber Forensic investigators and analysts are often entrusted with the task of finding, recording, analysing, and reporting of digital evidence. The whole process of gathering forensic evidence has a number of challenges. These challenges are categorized into five broad areas: hardware challenges, software challenges, cloud forensic challenges, legal challenges and human challenges (Karie, & Venter, 2015; Lindsey, 2006; Mohay, 2005).

HARDWARE CHALLENGES

Hardware challenges are linked to the needs of the modulated technology and enhancements of the hardware. Studies suggested that some criminal suspects change the hard disk within their devices before the Cyber Forensic expert can gain access to the device (National Institute of Justice, 2002; Brown, 2015). In such cases, the suspects use the write blockers to shift information between the two hard disks. The main effect is that a forensic examination of the new hard disk, may not display some of the relevant evidence. On the other hand, the evidence gathered from the new hard disk will lack consistency, and may not be apparent (Brown, 2015; Spafford, 2006).

Further, the evidence gathered from a device that was reset, may accentuate the problem since during the reset process, a small portion of the backup information is likely to have been reinstalled. For example, different mobile devices have hard disks that have enmeshed algorithm that are responsible for erasing the data automatically. Since the technology for collecting information from unused devices or devices where information was deleted by a user is still under development, there is likely to be some delays in obtaining such information. It is for this reasons that some Cyber Forensic experts have reported tremendous challenges in retrieving information from content that was deleted from the device (Spafford, 2006).

SOFTWARE CHALLENGES

The current era of technological advancements and changes in gathering forensic evidence has resulted into the birth of Platform as a Service (PaaS) and Software as a Service (SaaS), which have brought a number of changes into the computing structure. The use of new software and new technology has brought about a number of challenges. One of the challenges is lined to the well-developed device operating system. The current operating systems have been log enabled, and now requires a Cyber Forensic expert to gather background information on the device, which includes the information on accessibility of the application, usage of the application, and the level of information provided by the specific user of the application. Even though the new development appears like a progress for the different devices, the development requires some time for it to mature (Spafford, 2006; Giordano & Maciag, 2002).

Several challenges have been reported on the application accessibility since the application and the operating system are defined differently (Giordano & Maciag, 2002). For example, any alteration made on the file content may not be tracked until it is compared with subsequent/previous file versions or, if it is compared with the modified version of the time stamp. In case the Cyber Forensic expert suspects some manipulation on the document, it would be a challenge to determine the extent of manipulation (Brown, 2015).

Further, some forms of applications and log information that are collected by the application or the operating system, could be useful as evidence in certain cases. Despite the usefulness of the application, the awareness of its use is still at an infant stage making it difficult for the Cyber Forensic experts to ensure the effective use of the application. For example, an operating system like Windows 8 will collect information on all the Wi-Fi networks that have been accessed together with the transmission of the data. The information gathered would help investigations, such as those investigations that involve theft of data or in cases of network intrusion. However, a correlation between the gathered information, from the sources, and the event violation in the gathered information is a concept under research and experimentation (Giordano & Maciag, 2002).

The high number of mobile messaging applications available across the globe uses a software that automatically erase the information that is shared. The main challenge here is that it will be complex for a Cyber Forensic expert to gather such information that was deleted. Another challenge is the encryption in different mobile devices with intention of having the information protected especially during the process of gathering data. For example, gathering data from encrypted mobile chat applications may pose a challenge in certain situations. Contrary to popular belief all mobile chat applications are not encrypted. Certain mobile chats allow a secure connection between the sender and the receiver with no option to retrieve the message after a set time period. Other sessions are simply saved as text messages in the phone storage allowing anyone with the mobile phone passcode to access all stored messages. Even without a passcode, it is technically possible for the chat server to provide chat history with the right encryption key. The decryption of devices may be a challenge to some investigations where the storage or device itself is encrypted (Giordano & Maciag, 2002).

Not handing over mobile device PIN and passwords could lead to legal consequences in certain countries. For example, not giving passwords can get someone arrested according to Schedule 7 of Terrorism Act in the United Kingdom (legislation.gov.uk, 2008; Mandhai, 2017).

CLOUD FORENSIC CHALLENGES

Cloud computing is now used by smart mobile devices. The flexibility and scalability of cloud computing poses a huge challenge to forensic investigation (Lopez, Moon, & Park, 2016). The data in these devices, maybe able to be accessed everywhere hence posing another challenge to the investigators. It is a challenge for the investigator to locate the data in a way that ensures the privacy rights of the users. The investigators require the knowledge on anti-forensic tools, practices, and tools that help ensure that the forensic analysis is done accordingly (Spafford, 2006; Lopez, Moon, & Park, 2016).

Cloud-based applications also enable users to ensure that data is accessed from various devices. For example, if one of the two devices of a single user is compromised and both devices lead to some changes in the application, it would be difficult for the Cyber Forensic expert to identify the real source of the change. High risks may compromise credentials and theft of the identity in an environment that is cloud-based and lead to changes that are unknown such as the evidence remaining unknown. On the other hand, an email viewed using a user’s smart mobile device and deleted may not be traced easily. In most cases, it would be difficult to examine severs of the mail and identify the evidence of the deleted communication (Lopez, Moon, & Park, 2016).

LEGAL CHALLENGES

There have been some changes in the data protection and privacy regulations in different countries across the globe (Garrie & Morrissy, 2014). Cyber laws and regulations in different jurisdiction vary and many do not take into account, the complexity in collecting forensic evidence. For example, in the machine of a suspect, the information that is available is likely to have some personal information that could be crucial in an investigation. However, accessibility to such private information is likely to be considered as a violation of user privacy (Spafford, 2006).

On the other hand, the era of companies giving some provision to their employees to use their individual devices in accessing the official communication is likely to contribute to several challenges involved in data gathering. Accessing the email of a user, for instance, using webmail and a smart mobile device together with downloading the involved attachments is an example of theft of personal data. In the current era, collecting specific information from a user device is in itself a challenge (Kaur & Kaur, 2012).

HUMAN CHALLENGES

Cyber Forensic experts are tasked with collecting and analysing the role of identifying criminals and going through all the evidence gathered against the criminals. These are well-trained professionals working for the public law enforcement agencies or in the private sector to perform roles that are associated to the collection and analysis of forensic evidence. The Cyber Forensic experts also come up with reports that are majorly used in the legal settings for investigations. Besides working in the laboratory, Cyber Forensic experts take up the role of applying the techniques of forensic investigation in the field uncovering the data that is relevant for the court (Karie & Venter, 2015).

The Cyber Forensic experts have the ability of recovering data, which was deleted previously, hidden in the mobile folds, or encrypted. The court, in most cases, calls the Cyber Forensic experts to provide testimony in the court and elaborate on the evidence reports during a given investigation. As such, the Cyber Forensic investigators get involved in complicated cases that may include examining Internet abuse, determining the digital resources that are misused, verifying the offenders’ alibis, and examining how the network was used to come up with forensic threats. There are times when the Cyber Forensic expert is expected to offer support to cases that deal with intrusions, breaching of data, or any form of incident. Through the application of the relevant software and techniques, the device, system or the platform is examined for any kind of evidence on the persons involved on the crime (Karie, & Venter, 2015).

In a forensic examination, data is retrieved from the digital devices, which are considered to be evidence required for the investigations. In most cases, a systematic approach may be used to analyse the evidence, which would be presented in the court at the time of the proceedings. At an early stage of the investigation, the Cyber Forensic expert is required to get involved in gathering evidence. Early engagement in the investigation process helps the Cyber Forensic expert to be in a position to restore all the content without causing damage to the integrity (Karie, & Venter, 2015).

There are different types of forensic cases that are handled by the Cyber Forensic experts. Some of the cases deal with intruders getting into the victim’ devices and stealing their data, other cases, are for the crime offenders who launch attacks on several websites or those who try to gain some access to the names of the users and the password so as to engage in identity fraud. A Cyber Forensic expert has the ability to explore the type of fraud committed by analysing the evidence and using the required techniques. Despite the reason behind the investigation, the experts go through the process procedurally to ensure the findings recorded or gathered are sound. After opening a given case, the items that would be seized include the digital devices, software, and other media equipment’s so as to run the investigation. In the retrieval process, the items considered essential will be gathered so as to give the analyst everything that would be required for the testimony (Karie, & Venter, 2015).

Another human-related challenge faced by Cyber Forensics is spoliation (Cavaliere 2001; Mercer 2004). Spoliation occurs when the person handling evidence fails to preserve, alters evidence, or destroys evidence that could be useful in pending ligation (Watson, 2004). Spoliation may be caused by negligent on the part of the party handling the litigation or handling evidence and intentional destroying evidence by the handler.

OTHER CHALLENGES

Elsewhere, in a literature-based study, Karie and Venter (2015) identified and categorized cyber forensic challenges into four: technical challenges, law enforcement or legal system challenges, personal-related challenges and operational challenges.

Technical Challenges were identified as vast volume of data; bandwidth restrictions; encryption; volatility of digital evidence; incompatibility among heterogeneous forensic techniques; the digital media’s limited lifespan; emerging devices and technologies, sophistication of digital crimes; anti-forensics; emerging cloud forensic challenge.

Legal Challenges were identified as jurisdiction, admissibility of digital forensic techniques and tools; prosecuting digital crimes; privacy; ethical issues; lack of sufficient support for civic prosecution or legal criminal prosecution.

Personnel-related Challenges were identified as semantic disparities in Cyber Forensics; insufficient qualified Cyber Forensic personnel; insufficient forensic knowledge and the reuse among personnel; strict Cyber Forensic investigator licensing requirements; and lack of formal unified digital forensic domain knowledge.

Lastly, Operational Challenges were identified as significant manual analysis and intervention; incidence detection, prevention and response; lack of standardized procedures and processes; and trust of Audit Trails (Vaciago, 2012; Mercuri, 2009; Bassett, Bass, & O’Brien, 2006; Liu, & Brown, 2006; Richard, & Roussev, 2006; Arthur, & Hein, 2004; Mohay, 2005).

CONCLUSION

This paper revealed several challenges faced by Cyber Forensics. These challenges can be categorized into five: hardware, software, cloud, legal and human. They can also be categorized into technical challenges, law enforcement or legal system challenges, personal-related challenges, and operational challenges. While the available literature has sufficient details on the technical aspects of Cyber Forensic investigation, the human element only seems to touch the surface. There is a huge gap in terms of understanding the emotional and cultural aspects of the stakeholders involved in the investigation process. This calls for a review of Cyber Forensics where elements of Emotional Intelligence (EQ), Cultural Intelligence (CQ) and People Intelligence (PQ) are further investigated for a better understanding.

REFERENCES

  1. Arthur, K.K., & Hein, S.V. (2004). An investigation into computer forensic tools. Proceedings of the ISSA conference; Midrand, South Africa. Piscataway, NJ: IEEE Computer Society Publishers; 1–11.
  2. Bassett, R., Bass, L., & O’Brien, P. (2006). Computer forensics: an essential ingredient for cyber security. J Inform Sci Technol; 3:22–32.
  3. Brown, C. (2015) Investigating and prosecuting cybercrime: Forensic dependencies and Barriers to Justice. International Journal of Cyber Criminology, 9 (1): 55-119.
  4. Cichonski, P., Millar, T., Grance, T., & Scarfone, K. (2012). Computer security incident handling guide. Revision 2. National Institute of Standards and Technology; 2012 Aug.; NIST Special Publication 800-61
  5. Cavaliere, F. J. (2001). “The Web-wise Lawyer,” Practical Lawyer; 47(4): 9-10.
  6. Garrie, D. & Morrissy, D. (2014). Digital forensic evidence in the courtroom: Understanding content and quality. Northwest Journal of technology and intellectual property, 12 (2): 121.
  7. Giordano, J & Maciag, C. (2002). Cyber forensic: A military operations perspective. International Journal of digital evidence, 1 (2): 1-13.
  8. Kaur, R & Kaur, A. (2012). Digital Forensics. International Journal of Computer Application, 50(5): 0975-887.
  9. Karie, N.M., & Venter, H.S. (2015). Taxonomy of challenges for digital forensics. Journal Forensics, Sci, 60(4): 885-893.
  10. Liu, V., & Brown, F. (2006). Bleeding-edge anti-forensics. Proceedings of the InfoSec World Conference & Expo; Orlando, FL. Washington, DC: NIST Special Publication; 800–86.
  11. Lopez, E.M. & Moon, S.Y., & Park, H.J. (2016). Scenario-Based Digital Forensics Challenges in Cloud Computing. Symmetry, 8 (107): 2-20.
  12. Lindsey, T. (2006). Challenges in Digital Forensics. Retrieved on 8th May 2017 from http://www.dfrws.org/2006/proceedings/Lindsey-press.pdf
  13. legislation.gov.uk. (2008). Counter-Terrorism Act 2008. Retrieved May 23, 2017, from http://www.legislation.gov.uk/ukpga/2008/28/schedule/7
  14. Mandhai, S. (2017, May 15). Cage activist faces charges for not giving up passwords. Retrieved May 23, 2017, from http://www.aljazeera.com/news/2017/05/cage-activist-faces-charges-giving-passwords-170515130616563.html
  15. Mercer, L. D. (2004). “Characteristics and Preservation of Digital Evidence,” FBI Law Enforcement Bulletin 73(3): 28-34.
  16. Mercuri, R. (2009). Criminal defense challenges in computer forensics. Proceedings of the Digital Forensics and Cyber Crime Conference, Albany, NY. Berlin/Heidelberg: Springer Berlin Heidelberg Publishers.
  17. Mohay, G. (2005). Technical Challenges and Directions for Digital Forensics in 1st International Workshop on Systematic Approaches to Digital Forensic Engineering.
  18. National Institute of Justice. (2002). Results from Tools and Technology Working Group, Governors Summit on Cybercrime and Cyber terrorism, Princeton NJ.
  19. Richard, G.G., & Roussev, V. (2006). Digital forensics tools – the next generation.
    Hershey, PA: Idea Group Inc; 76–91.
  20. Vaciago, G. (2012). Cloud computing and data jurisdiction: a new challenge for
    digital forensics. Proceedings of the third International Conference on Technical and Legal Aspects of the e-Society; Valencia, Spain. IARIA XPS Press; 7–12.
  21. Spafford E. (2006). Some Challenges in Digital Forensics. In: Olivier M.S., Shenoi S. (eds) Advances in Digital Forensics II. IFIP Advances in Information and Communication, vol 222. Springer, Boston, MA
  22. Watson, L. M. (2004). “Anticipating electronic discovery in commercial cases,” Michigan Bar Journal. 83(31), 23-45.

LIE DETECTION – A MYTH OR SCIENCE?

LIE DETECTION – A MYTH OR SCIENCE?

FADI ABU ZUHRI

INTRODUCTION

In the current era of technological advancements, there is an increasing interest of testing the lie detection methods. Different scholars have gained interest in testing whether lie detection is a science or myth. What is evident is that, in most cases, liars may not offer telltale signs of their dishonesty. As such, it is difficult to identify the persons who are telling the truth or those who tell lies. In most cases, a lie could be embedded in some truth. There is also a small difference between the people telling the truth and those who tell lies. A common mistake that has been made by lie detectors is putting so much emphasis on the nonverbal cues. For example, lie detectors neglect the actions of an individual when he or she is telling the truth. They only record the actions of liars when they are lying. Lie detectors have also proved to be overly confident in their skill of detection (Ask, Granhag, Juhlin, & Vrij, 2013). In this case, there have been a number of misconceptions when it comes to deceptions. This paper discusses the fact that lie detection is science rather that a myth believed by some proponents.

WHAT IS LYING

Lying can be defined using many approaches. Lying is seen as communication that is falsified and intended to benefit only one party. This classification covers a broad range of subjects – from humans to plants. In a plant, deception may be experienced in a situation where a male wasp is seduced by orchid flower, which produces smell creating an illusion of mating. The gainer is the orchid because, in the course of deception, the wasp acts as an agent of pollination. This approach is not conventionally used because it includes an act of misleading as a way of deception. Lying can be defined as an act that is meant to manipulate other people believe something he or she knows is untrue (Zuckerman, DePaulo, & Rosenthal, 1981; Krauss, 1981). Lying is a part of everyday life, sometimes causing harm and sometimes “white lies” may even benefit the lie receiver by acting as a social lubricant (Vrij, 2008).

GOOD LIARS AND POOR LIARS

Vrij (2008) argues that everybody has an idea of what lying is. Everybody knows that lying is something that is not acceptable in the society. The myth here is pretending that we seldom lie because humans cannot accept themselves as miserable liars. Since lying is unacceptable in society, people opt for others means of deceit. In the long run, they spend little time with liars and completely avoid them. Most individuals in the world are sick liars; they forget that they are lying and reveal their deceit by being nervous or avoiding eye contact. The author notes that people tend to be good detectors when monitoring their children, and close friends. Criminals accomplish their objective by deceiving others. Then there are professional lie catchers who are technically trained to catch lies. There has been a revolution in technology with the development of machines technically designed to detect lies. An example is the brain-scanner, which is used by researchers to monitor the thoughts and feeling of somebody directly (Vrij, 2008).

There is a big difference between good liars and poor lie detectors. Most people assume that they don’t lie and by so doing they are underestimating their ability to lie. There are many ways of telling why people believe that they are the worst liars than they thought. First, they overestimate how honest they are with their feelings and thought to others. By saying so, Vrij (2008) implied that people believe that their lies trend all the way. Second, the selfish act makes people see themselves as more morally upright than others (Kaplar & Gordon, 2004). When someone admits that he or she is a good liar, he or she complicates the good self-image. People will tend to disclose their white lies and hide dangerous lies (Elaad, 2003). This shows that it is easy to detect a dangerous lie compared to white lie because people will remember the lies that can be easily noticed. Lastly, people will remember instances when they lied and were detected that than instances when they lied successfully. When people forget how easily they can lie, they are underestimating their ability to lie (Vrij, 2008).

WHY LIES REMAIN UNNOTICED

The reason why people lies go unnoticed is that no efforts are put in detecting them, and they do not want to know the truth. Vrij (2008) calls it the ostrich effect and states that there are at least three reasons as to why people don’t like to know or accept the truth. One, the truth may be bitter and people prefer to stay ignorant by believing a more “pleasant” lie. Second, people fear consequences that the truth may present. They are afraid of what they would need to do if they were to accept the truth. Third, people fear not knowing what to do if they came to know the truth.

THE TECHNOLOGY BEHIND LIE DETECTION

Even though, lie detection has been used in many contexts, the technique has been misunderstood in many ways. Lie detection is one complex technique and requires a personal judgment. The scientific underpinnings used in lie detection are less straightforward than other tests like the breath-alcohol test. The nature of lie detection makes it interesting to analyze especially from the basis of science. It uses the methods and conclusions of a number of disciplines that deal with behavior and human physiology. Lie detection also offers a vital probability issue that is applicable in criminal law (O’Sullivan, 2007).

In 1895, a mix of pulse reading and blood pressure was used to investigate crime. Other experiments done in lie detection have used blood pressure, and respiratory recordings. The science of lie detection was equally tested by the polygraph created by Larson John. The polygraph used the three measurements (pulse, blood pressure, and respiration) in lie detection. The Keeler, made by Leonarder Keeler, introduced the galvanic response of the skin to the list. The key improvement in the Keeler is the ability to obviate and record the blood pressure distortions especially in the readings that could result from muscular flexing (Evans & Stanovich, 2013).

In most cases, the procedure used in lie detection such as the polygraph test is done by experienced examiners in a controlled environment. The examiner will engage in questions that depend on the preliminary interview results together with different circumstances and facts that create an accusation basis. Some questions would be variable depending on the individual being questioned. Many studies on lie detection have proposed the use of some systematically designed models as ways of measuring the physiological activities and creating the last credibility judgment (Frank & Ekman, 2004).

Even though lie detection appears extremely useful, a number of results obtained from lie detectors have been excluded from trial (Albrechtsen, Meissner, & Susa, 2009). There is a possibility that the validation and the verdict could be wrong just like the lie detector (Etcoff, Ekman, Magee, & Frank, 2000). In this case, lie detection procedures have no independent means of checking the phenomena which is lying or confirming whether the accused person lied.

DIFFICULTIES WITH DETECTING LIES

Detecting liars and lies is not an easy task. Even professional lie detectors, like police officers and intelligence officers, fail to do so in most cases. Research shows that professionals also make wrong decisions and fail to distinguish between a lie and truth. One reason behind failing to detect a lie is due to the complexity of the task. There is no single response from a liar that a lie detector can rely on to truly capture a liar. A liar who is determined to lie will avoid being caught at all cost, and there will be an attempt to hide nonverbal, psychological and verbal signs. Liars will try at all cost to create an accurate impression to lie detectors to avoid being caught. They will employ informed tactics to fool whoever is trying to fool them, living the lie detector with mixed feelings about the situation. There are many errors committed by lie detectors that hinder them from knowing the truth; they may tend to focus more on signs that are not linked with the lie. This may be contributed to the fact that they were trained to do so. Some of the techniques the detectors are trained to might be well known by the liars thus making it hard for them to separate the truth from a lie (Vrij, 2008).

Lack of realism is another contributor to the lack of ability to detect lies. Many studies mention that a lie can be detected by observing how people are behaving, screening their speech and analyzing their psychological responses. When lie detectors are conversant with these principles, they are so proud to have the ability to detect deception. Research experts have claimed to have the capacity to detect lies, but they fail to support their study with evidence. Interestingly, lie detectors who have been trained to look for certain cues tend to perform worse than those who do not (Kassin & Fong, 1999; Mann, Vrij, & Bull, 2004).

CONCLUSION

Lie detection is a science and not a myth since the procedure used in lie detection follows a practical and intellectual activity involving a systematic study of behavior and structure of the natural and physical world using experiment and observation (Moore, Cappelli, Caron, Shaw, Spooner, & Trzeciak, 2011). The process of lie detection, however, could be improved if methods of testing the validity are improved.

While it is important to understand nonverbal, verbal, and physiological indicators of deceit, it is equally important for a lie detector to know which is indicator is more valuable. We sometimes tend to place more emphasis on nonverbal cues when detecting deception, however differences in cultural behaviors may define nonverbal indicators more than lying itself. This leads us to suggest that Emotional Intelligence (EQ), a combination of People Intelligence (PQ) and Cultural Intelligence (CQ), has a key role to play in lie detection.

REFERENCES

1.Albrechtsen, J. S., Meissner, C. A., & Susa, K. J. (2009). Can intuition improve deception detection performance? Journal of Experimental Social Psychology , 45, 1052–1055.

2.Ask, K., Granhag, P. A., Juhlin, F., & Vrij, A. (2013). Intending or pretending? Automatic evaluations of goal cues discriminate true and false intentions. Applied Cognitive Psychology , 27, 173–177.

3.Elaad, E. (2003). Effects of feedback on the overestimated capacity to detect lies and the underestimated ability to tell lies. Applied Cognitive Psychology , 17, 349–363.

4.Etcoff, N. L., Ekman, P., Magee, J. J., & Frank, M. G. (2000). Lie detection and language comprehension. Nature , 405, 159.

5.Evans, J. S., & Stanovich, K. E. (2013). Dual-process theories of higher cognition: Advancing the debate. Perspectives on Psychological Science , 8, 223–241.

6.Frank, M. G., & Ekman, P. (2004). Appearing truthful generalizes across different deception situations. Journal of Personality and Social Psychology , 86, 486–495.

7.Frank, M. G., & Feeley, T. H. (2003). To catch a liar: Challenges for research in lie detection training. Journal of Applied Communication Research , 31, 58-75.

8.Kaplar, M. E., & Gordon, A. K. (2004). The enigma of altruistic lying: Perspec- tive differences in what motivates and justifies lie telling within romantic relationships. Personal Relationships , 11, 489–507.

9.Kassin, S. M., & Fong, C. T. (1999). “I’m innocent!”: Effects of training on judgments of truth and deception in the interrogation room. Law and Human Behavior , 23, 499–516.

10.Krauss, R. M. (1981). Impression formation, impression management, and nonverbal behaviors. In E. T. Higgins, C. P. Herman, & M. P. Zanna, Social cognition: The Ontario Symposium (Vol. 1, pp. 323–341). Hillsdale, NJ: Erlbaum.

11.Mann, S., Vrij, A., & Bull, R. (2006). Looking through the eyes of an accurate lie detector. Journal of Credibility Assessment and Witness Psychology , 7 (1–16).

12.Moore, P., Cappelli, D., Caron, T., Shaw, E., Spooner, D., & Trzeciak, R. (2011). A preliminary model of insider theft of intellectual property. Retrieved 2016, from http://www.sei.cmu.edu

13.O’Sullivan, M. (2007). Unicorns or Tiger Woods: are lie detection experts myths or rarities? A Response to on lie detection “wizards” by Bond and Uysal. Law Hum Behav , 31 (1), 117-23.

14.Vrij, A. (2008). Detecting Lies and Deceit: Pitfalls and Opportunities (Second ed.). Chichester, West Sussex, England : John Wiley & Sons Ltd.

15.Zuckerman, M., DePaulo, B. M., & Rosenthal, R. (1981). Verbal and non- verbal communication of deception. In L. Berkowitz, Advances inexperimental social psychology. 14, 1–57.

THE EFFECTIVE ROLE OF CYBER FORENSIC INVESTIGATION IN INTELLECTUAL PROPERTY VIOLATIONS

THE EFFECTIVE ROLE OF CYBER FORENSIC INVESTIGATION IN INTELLECTUAL PROPERTY VIOLATIONS

FADI ABU ZUHRI

INTRODUCTION

Cyber Forensics has been defined in different terms in available literature. ISO (2012) terms it the identification, collection, acquisition and preservation of digital evidence of substantial value. A better, more broadbased definition that clarifies the legal context is credited to Easttom (2013), which defines Cyber Forensics as the identification, preservation, collection, transportation, analysis, and presentation of digital evidence according to legally accepted processes and procedures.

This paper focuses on the crucial role of Cyber Forensic investigation as related to Intellectual Property. In this context, Intellectual Property is classified as copyright, trademark, trade secrets, licensing and patents. Copyright protects the original “author” or owner the exclusive right to reproduce the work. Definition of copyright might vary across countries. The World Intellectual Property Organization clarifies that computer programs, databases, designs and architecture also counts as copyright (WIPO, 2003). Trademark is a brand name and includes a word, a name, a symbol or a a combination of these to uniquely identify the goods/ services. Trade secrets are confidential business information. Licensing refers to the legal agreement between the Intellectual Property rights owner and another party (licensee). Patents are Intellectual Property rights granted by the government to the inventor. Patents are usually for limited durations (Stephenson, 2014).

INVESTIGATION STEPS

Cyber Forensics is tasked with a structured investigation that will maintain a chain of custody. In many cases, the Cyber Forensic investigation follows set procedures that are based on well-established scientific principles (Stephenson, 2014). The device in question would be isolated to ensure it cannot be contaminated accidentally. Then, the investigators prepare a copy of the storage media in the device. After copying that original media, the information will be locked in a safe facility to ensure that the pristine conditions are maintained. Then, investigation will be carried out on the stored copy of digital media.

More often than not, the investigators may apply different techniques and the proprietary software in examining and searching all the hidden files. All the unallocated disk space with deleted, damaged, or encrypted files are checked as well. The evidence found on the device is then documented carefully as a report. The evidence will then be verified and made ready for the legal proceedings. The legal proceedings involve depositions, actual litigation and discovery of the collected evidence.

WHY INSIDERS STEAL INFORMATION?

Cyber Forensic has been used to deal with threats of Intellectual Property initiated internally, by former or current employees and externally, by business partners, contractors and third parties. This section reviews the motivation behind theft of Intellectual Property based on established models. There are two dominant models that explain information stealing within organizations. One is the Entitled Independent model where an insider is acting alone to steal information to help in a new job or own business. The other model is the Ambitious Leader model where a leader, someone with a larger purpose, recruits insiders to steal information.

According to the Entitled Independent model, without an interview, it would be difficult to find out the magnitude to which an insider would feel in charge of the information stolen. In a number of cases, the interviews and findings found out that 60% of the class of insiders who had their information stolen supported the hypothesis that they felt in charge of the stolen information. About three quarters of the entitled independents had their information stolen in their responsibility area, and 37% of the cases were involved partially in developing the stolen information. About 42% of the Entitled Independents had stolen the information or products despite having signed the Intellectual Property agreement with specific organizations (Moore et al., 2011).

Figure 1: Insider theft and deception (Moore et al., 2011)

Moore et al. (2011) found out that this kind of entitlement may be severe especially once the insider considers his function important in product development. In a case where the role of the insider is focused on contributing to a specific product, the insider would have a greater ownership sense regarding the information and product resulting into a huge entitlement. Different from the good management practice, individuals could get positive feedback due to their efforts and could interpret it as some kind of reinforcement provided their predispositions.

A number of cases depicted evidence of entitlement. For example, an entitled independent who stole, and marketed a copy of his employer’s critical software established a huge manuscript that detailed his innocence and considered the persons involved in the trial dead. Similarly, another insider stole the database of the client and offered the company some threats just because he was denied a raise (Moore et al., 2011).

Some dissatisfaction had a role to play in about 33% of the cases of independent entitlement. In most cases, the dissatisfaction came about from insider’s denial of requests. The requests denied in the cases studied involved benefits and raises, promotion application, and relocation requests. Some dissatisfaction also lead to threats of layoff in the organization victim (Moore et al., 2011).

Some of the things that trigger an insider into contemplating to steal information include the insider’s plan to move into the competing organization, dissatisfaction with their job, and the sense of entitlement to the products. As a result, the need to steal information became strong resulting into theft. Some organization may not be able to detect the theft. In some organization, the employee’s actions which appear suspicious may be observed and action taken (Moore et al., 2011).

The concerns over being caught when stealing could make the insider not to steal the information. This could be explained by the psychological predisposition of entitlement that makes an individual overestimate his abilities while underestimating the capabilities of other. Even though, the agreement of Intellectual Property may be in place, in any cases, a very low percentage of the entitled independents attempt to deceive the organization when they try to take the information (Moore et al., 2011).

According to the Ambitious Leader model, some leader may recruit the insider to steal some information especially for a larger purpose. Some of the cases include the specific plans in developing competing product or using information in attracting clients away from the organization victim. More than 50% of cases of the stealing Intellectual property fall in this category. About 38% of the cases involve insiders who were working with the competing organization so as to help his new employer. About 30% fall in this category. The last category of insider involves those who sell the information to competing firms. About 10% of the cases may fall in this category (Moore et al., 2011).

Figure 2: Theft planning by Ambitious Leader (Moore et al., 2011)

The cases where foreign entities were benefitted fit into the Ambitious Leader scenario. The study also showed that the loyalty to the native country was higher than the loyalty to the employer. Some insiders who stole the Intellectual Property were influenced by the Ambitious Leader. The insiders with loyalty to the foreign country were influenced by the goal to bring value to and relocate to the given country. All the cases of the Ambitious Leader involved an individual being influenced and motivated to promote the crime (Moore et al., 2011).

COPYRIGHT INFRINGEMENT

Cyber Forensic investigation helps establish the provisions that target the infringement of Intellectual Property. For example, the United States No Electronic Theft Act attempts to criminalize noncompetitive infringement. On the other hand, the Digital Millennium Copyright Act offers penalties for crimes like conduct, and the circumventing of the codes designed to have the copyright material protection (Moohr, 2001).

Cyber Forensic investigation helps prevent theft of copyright. For example, the Copyright Law targeted at preventing the infringement by the competitors holding copyright. The law acknowledges that the infringement by competitors for commercial reasons is a crime classified as misdemeanor. Initially, the criminal offense was applicable to only the people who infringed for reasons of profit and the economic competitors were subjected to some liability. However, the new legislation included a penalty to protect different type of copyright material and increased the criminal penalties severity, while ensuring that the quasi-copyright material is protected by the criminal provisions. In this case, the infringement of copy right for private financial gain, and commercial advantage were included in the law provision (Moohr, 2001).

The goal of the Copyright Law is to benefit the public through the promotion of the ideas and learning. To promote this law, authors are granted exclusive rights. The law protects the interest of the author as ways of having an end protection. In this case, the law provides access to the authors work when the statutory grant expires (Moohr, 2001).

The law offers some rights to the initial expression of ideas to overly restrict the access by the public. Confining the protection involves setting out limited rights and restricting the period of time for the rights, while maintaining an existence of material in the public domain. The law helps others to build on ideas freely.

CONCLUSION

From the study, it is evidenced that Cyber Forensic investigation helps prevent theft of Intellectual Property, helps establish the provisions that target the infringement of copyright, helps identify the motivation behind theft of Intellectual Property, and helps deal with the threats of Intellectual Property. Some of the reasons behind theft of Intellectual Property involve benefiting the foreign entities, stealing information especially for a larger purpose, insider’s plan to move into the competing organization, dissatisfaction with their job, and the sense of entitlement to the products. The two theories used to explain the insider’s motivation include the Ambitious Leader model, and the Entitled Independent model. Laws like the Copyright Law have been enacted to protect the authors against theft of Intellectual Property. In summary, Cyber Forensic investigators need to give sufficient importance to Intellectual Property rights when obtaining and reviewing digital evidence.

REFERENCES

1.Easttom, C. (2013). System forensics, investigation and response 2nd ed. . Burlington, MA: Jones & Bartlett Learning.

2.ISO. (2012). ISO/IEC 27037:2012 Information technology — Security techniques — Guidelines for identification, collection, acquisition and preservation of digital evidence. Retrieved from https://www.iso.org/obp/ui/#iso:std:iso-iec:27037:ed-1:v1:en

3.Moohr, G. (2001). The crime of copyright infringement: An inquiry based on morality, harm, and criminal theory. Retrieved October 2016, from https://www.law.uh.edu/faculty/gmoohr/Criminal.pdf

4.Moore, P., Cappelli, D., Caron, T., Shaw, E., Spooner, D., & Trzeciak, R. (2011). A preliminary model of insider theft of intellectual property. Retrieved October 9, 2016, from http://www.sei.cmu.edu

5.Stephenson, P. (2014). Official (ISC)2® Guide to the CCFP CBK. CRC Press.

6.WIPO. (2003, June). What is Intellectual Property? Retrieved 2017, from World Intellectual Property Organization: http://www.wipo.int/edocs/pubdocs/en/intproperty/450/wipo_pub_450.pdf

WHY ARE CYBERCRIMINALS ATTRACTED TO COMMIT CRIMES

WHY ARE CYBERCRIMINALS ATTRACTED TO COMMIT CRIMES

FADI ABU ZUHRI

INTRODUCTION

Cybercrime has emerged as a new form of crime following the introduction of the internet. The actions of these crimes range from petty theft to destruction with malicious intent. Individuals who engage in cybercrime have a psychological mindset that is attuned to it. Like other forms of physical crime, cybercriminals are drawn to committing cybercrimes because of certain factors. As such, to curb cybercrime, law enforcement officers must understand their nature, why they get attracted to it, and how they can effectively reduce criminal behaviour. This paper discusses the motive behind cybercrime and what makes cybercrime attractive to cybercriminals.

Cybercrime attracts individuals with a will and ability to choose between right and wrong. The will to choose is influenced by the environment and heredity factors. Rogers (2010) believes that characteristic such as personality traits and socio-demographics and others correlate with the type of crime a cybercriminal commits. Rogers (2010) asserts that psychologists can develop taxonomies of criminals and their profiles based on these common features. These categories can be useful to law enforcement officers when developing effective and practical approaches to help reduce cybercrimes.

NINE MODELS OF CYBERCRIMINALS

Rogers, Smoak and Jia (2006) categorizes cybercrimes into nine models: Scrip Kiddies (SK) or Novice (NV), Cyber Punks (CP), Hachtivist (H) or Political Activists (PA), Thieves (T) or Petty Thieves (PT), Virus Writers (VW), Internals (IN), Old Guard Hackers (OG), Professional Group (P) or Professional Criminals (PC), Cyber-Terrorist (CT) or Information Warriors (IW).

The Novice (NV) criminals have limited programming and computer skills. They can only conduct their attacks when they have toolkits. Their motives for committing a cybercrime is primarily media attention. Cyber-Punks (CP) have advanced technical skills and can write their own software. They are well informed about the system they attack with many engaging in telecommunication fraud and stealing credit card numbers. Internals (IN) include the disgruntled ex-employees or employees, Petty Thieves (PT), Virus Writers (VW), Information Warriors (IW), Professional Criminals (PC), and Old Guard Hackers (OG). Virus Writers (VW) are coders that write script and use automated tools. They basically mentor Novice (NV). They seek to gain prestige and power. They have the capability of using strong malware such as Trojans to commit cybercrime. Disgruntled ex-employees or employees with technological know-how pose a security threat. They use the privileges of knowing the system to commit cybercrime (Rogers, Siegfried, & Tidke, 2006).

Hachtivist (H) or Political Activists (PA) comprises individuals or a group that justify their behaviour on moral grounds like political issues. However, it is very difficult to ascribe whether these motives are political as their actions have aspects of revenge, power, greed or just public attention (Rogers, Siegfried, & Tidke, 2006).

Petty Thieves (PT) are opportunistic computer literate people who take advantage of the organization’s poor internal security. Old Guard Hackers (OG) seem not to have the intention to commit a crime and are disinterested in intellectual activities. They disrespect personal property. Professional Criminals (PC) are specific in their activities. They hire guns and engage in corporate espionage. They have access to the necessary state-of-the-art equipment. They are also highly trained. Lastly, Information Warriors (IW) are well funded to participate in cyber attacks that may be politically motivated (Rogers, Siegfried, & Tidke, 2006).

Rogers (2010) combines the skill level and motivation into a circumflex model as shown in Figure 1. The four motivational aspects are (1) revenge, (2) financial, (3) notoriety and (4) curiosity. Information Warriors (IW), Professional Criminals (PC), Political Activists (PA) and Old Guard Hackers (OG) are at the highest level of skills. Internals (IN) and Virus Writers (VW) are motivated by revenge; Information Warriors (IW), Petty Thieves (PT) and Professional Criminals (PC) are motivated by financial motives; Cyber Punks (CP) and Political Activists (PA) are motivated by notoriety; and Novice (NV) and Old Guard Hackers (OG) are motivated by curiosity.

Figure 1: A circumplex model describing nine models of cybercriminals, their skill level and motives [Source (Rogers, 2010)]

SOCIAL LEARNING THEORY

Various theories from criminology, sociology and psychology explain why people offend. These theories suggest that the aetiology of cybercriminal behaviour is influenced by diverse factors: social control, industrialization, learning, psychopathologies, class strain and physiological deficiencies. Moral Disengagement and Social Learning Theories are the most popular theories used to explain what attracts cybercriminals to commit their criminals’ activities (Rogers, 2006).

Social Learning Theory posts that a high-level learning process can produce conforming or deviant behaviour. These theories view learning process as operating within the context of interactions, social structure and situations. It is suggested that the conforming or criminal behaviour resulting from the learning process is a function of reinforcement and other variables associated with social learning process. In view of Akers cited in Rogers and Siegfried and Tidke (2006) an individual is more likely to engage in cybercrime when the following circumstances exist. Firstly, the individual is differently related to other individuals who support, commit or model the legal and social norms. Secondly, the individual is less exposed to conforming models and more exposed to deviant models. Thirdly, the individual’s learning favours engaging in deviant acts. Lastly, the individual’s violative behaviour is supported and reinforced at the expense of the behaviour that supports the conformity to existing norms.

Social Learning Theory also suggests that differential imitation and reinforcement are the primary learning mechanisms for a cybercriminal. From this perspective, the learning mechanisms are influenced by and operate through differential association process. The social environment for the criminals is created through differential association (Rogers, 2006). The social environment exposes these offenders to imitation and definitions of models. While in a social environment, cybercriminals acquire definitions by observing, learning and imitation. Similarly, external and internal sources create differential reinforcement that presents themselves in the form of tangible rewards of the criminal activity. The rewards may include social rewards, money and increase in the status of the peer. Over time, the actions’ consequences and reinforcement prominently determines the probability with which the criminal activity will be sustained as imitation become less important. Social Learning Theory suggests that errant behaviour is likely to increase and continue unabated where there is very high ratio of two variables namely positive reinforcement and punishment. In view of this theory traditional learning mechanisms namely operant and classical learning influence the offender’s criminal behaviour. Again, it becomes difficult for law enforcement officers to neutralize the criminal’s errant behaviour where the there is a resilient learning paradigm that is caused by variation in the ratio of positive reinforcement to the punishment administered (Rogers, 2006).

MORAL DISENGAGEMENT MODEL

The Moral Disengagement model by Bandura (1996) examines the process via which criminals justify and rationalize their aberrant or deviant behaviour. The moral engagement asserts that individuals tend to participate in behaviour that goes against their moral standards, and that these actions may lead to self-sanctions and possibly self-condemnation. Bandura (1990) argues that individual behaviours are influenced by moral standards. Bandura (1990)’s self-regulatory system only functions when activated. Bandura (1990) held that it is possible to disengage self-sanctions from behaviour. From the Social Cognitive Theory perspective, these mechanisms are viewed as Moral Disengagement (Bandura, Barbaranelli, Caprara, & Pastorelli, 1996).

In view of this theory, cybercriminals may defeat their internal moral control in the self-regulatory systems by ensuring their internal moral control decoupled from detrimental conduct in four ways identified in Bandura et al. (1996). These include obscuring personal causal agency, disregarding or misrepresenting the action’s negative consequences, re-construing the conduct, and vilifying the victims, blaming them and mistreating them. Evidence show that cybercriminals often reduce self-censure by using these four methods of Moral Disengagement. It is believed that these criminals often misconstrue or minimize the consequences.

It is also believed that individuals who engage in cybercrimes demonstrate higher rates of differential reinforcement, differential association, and moral disengagement as compared to non-criminals. It is also believed that a combination of these three (i.e., moral disengagement, differential reinforcement and differential association) better predicts the behaviour of a cybercriminal (Rogers, Siegfried, & Tidke, 2006). Social Learning Theory posits that the continuation of a criminal activity may be influenced by the interaction between the reinforcement and the neutralizing definitions.

SOCIAL CONTROL THEORY

Social Control Theory on the other hand provides an explanation on why people obey rules and how behaviour conforms to expectations in society. Social Control Theory suggests that internal constraints develop during childhood and crime occurs because of inadequate constraints. In other words, the free will gives offenders the choice and consequently responsibility for their deviant behaviour (Kempf-Leonard & Morris, 2012).

Social Control Theory supports the assertion that online anonymity encourages permissiveness. According to Social Control Theory, individuals are compelled to refrain from criminal and deviant behaviours where social controls, including social ostracisation and laws are present. However, the deviance grows where the controls or assumed power of controls are missing or diminished (Rogers, Siegfried, & Tidke, 2006).

ANONYMITY

Lastly, a unique factor in cybercrime that attracts cybercriminals is anonymity. Internet protocols allows individuals to operate virtually anonymously. The anonymity afforded by Internet has been leveraged by cyber-predators and paedophiles that gain the victims’ trust by pretending to be young females. Internet’s underlying protocols and technology allows these criminals to make it virtually impossible for victims to track them by obfuscating their physical locations. Studies on individuals’ behaviour online have revealed that individual’s real world behaviour differs from online behaviour. It is believed that people reflect their true nature in the real world where self-control and societal pressures and norms regulate behaviour (Rogers, 2006). It is believed that real world moderate individuals’ behaviour is based on social identity that incorporates cultural morality and social norms.

CONCLUSION

As technology becomes pervasive in our connected world, it has brought certain deviant characters along with it. These cybercriminals have developed their skills to a level where they can cause massive destruction to social life and commerce. This article tries examines the motives behind cybercriminals to understand who engages in these activities and why they do it.

Even though cybercrime is considered a new type of crime, the motives behind it are not new. A model was presented that classifies cybercriminals based on their skill levels and their motives. Motives have been broadly categorised in four – revenge, financial, notoriety and curiosity. Four different social theories were examined – Social Control Theory, Moral Disengagement Theory and Social Control Theory. Anonymity is also seen as a contributor to deviant behaviour.

REFERENCES

Baggili, I. (2009). Effects of anonymity, pre-employment integrity and anti-social behavior on self-reported cyber crime engagement: An exploratory study. Purdue University.

Bandura, A. (1990). Mechanisms of moral disengagement. In W. Reich, Origins of Terrorism; Psychologies, Ideologies, Theologies, States of Mind (pp. 161-191). New York: Cambridge University Press.

Bandura, A., Barbaranelli, C., Caprara, G., & Pastorelli, C. (1996). Mechanisms of moral disengagement in the exercise of moral agency. Journal of Personality and Social Psychology , 71, 364-374.

Bednarz, A. (2004). Profiling cybercriminals: A promising but immature science. Retrieved 2016 from Network World: http://www.networkworld.com/article/2327820/lan-wan/profiling-cybercriminals–a-promising-but-immature-science.html

Rogers, M. K. (2006). The development of a meaningful hacker taxonomy: A two dimensional approach. Digital Investigations , 97–102.

Rogers, M. K. (2010). The Psyche of Cybercriminals: A Psycho-Social Perspective. In S. Ghosh, & E. Turrini, Cybercrimes: A Multidisciplinary Analysis (pp. 217–235). Berlin: Springer-Verlag.

Rogers, M. K., Siegfried, K., & Tidke, K. (2006). Self-reported computer criminal behavior: A psychological analysis. Lafayette: The Digital Forensic Research Conference.

Rogers, M. K., Smoak, N., & Jia, L. (2006). Self-reported criminal computer behavior: A big-5, moral choice and manipulative exploitive behavior analysis. Journal of Deviant Behavior , 27 (3), 245–268.

The Need For A Comprehensive Methodology For Profiling Cyber-Criminals

THE NEED FOR A COMPREHENSIVE METHODOLOGY FOR PROFILING CYBER-CRIMINALS

FADI ABU ZUHRI

Since the middle ages era, the definition of crime has been limited to types of crimes committed in the physical world. In the same way, theories aimed at explaining crime including the Conflict Theory, the Theory of Social Control among others have defined crime within the confines of the physical world. Strategies aimed at dealing with criminal activities have also been limited in their scope when defining crime within the context of the physical world. However, the growth of information systems, ICT, mass media, and increased interconnectivity facilitated by the internet has revealed a new and unique form of crime: the digital world crime. These types of crimes present several challenges including legal, geographic, and Web barriers as well as the anonymity of the internet. The environment in which these crimes occur also pose a create challenge to crime specialists. These challenges have created the need to identify and modify techniques used to combat crime committed in the physical world such as criminal profiling with a view to make them applicable to e-crimes. This paper discusses the possibility of penetrating these barriers by applying the modified version of criminal profiling techniques to e-crimes.

PROFILING CYBER CRIMINALS IN THE PHYSICAL WORLD

Since 1970s, experts within the Behavioral Science Unit (BSU) of the FBI have been helping Federal, local and state law enforcement agencies in investigating violent crimes. This practice was initiated the idea of offender profiling with a view to providing personality and behavioral traits of the perpetrator. It started as an analytical technique for identifying the characteristics of the offender based on the examination of the crime scene and crime dynamics and continued developing over years as a tool for investigation aimed at aiding security officers to advance their casework and narrow down a suspect pool (Alison et al., 2010). The offender profiling was offered within the BSU as analytical tool and a product of training programs.

Currently, forensic psychologists often employ deductive or inductive profiling in dealing with crimes committed in the physical world. They often apply these techniques to ascertain the characteristics of criminals in the physical world. Deductive profiling techniques involve the use of data including crime scene evidence, forensic evidence, offender characteristics and victimology. In deductive profiling, the available information is processed by applying personal experiences with the profiler assuming one or more facts of a case as self-evident about an offender or crime and then following hunches and work experience, arrives at conclusions. The “truth” of facts or conclusions arrived at using deductive profiling is depends upon the truth (i.e., contingent truth). Also, in deductive profiling method, the conclusions are true if the hypothesis and the premises are true and valid. On the other hand, inductive criminal profiles are created by studying statistical data including studying the demographic characteristics and behavioral patterns shared by criminals. Inductive profiling is also theory-driven and based on the available cases of crime. The inductive profiling relies on information collected through interviews with offenders and this forms the foundation for investigators’ profiles. Again, the inductive profile technique involves hypothesis (formalized operational definitions) for testing, the coding of data to allow for statistical analysis.

The applicable of these techniques has been possible in crimes committed in the physical world. However, the applicability of these techniques to deal with crimes committed in the digital world is still debatable. It has been argued that criminal profiling is an immature but promising science. Perhaps this may explain the little attention given to the technique by both the academicians and practitioners. In the digital world, forensic psychologists have the knowledge about the law, criminology and psychology and understand the technological aspects relating to the scene of crime in order to develop cyber-criminal profiles. As such, they are required to take an interdisciplinary approach when dealing with cyber crimes. Unfortunately, highlighted issues of tractability, geography, law and anonymity makes it difficult for forensic psychologists to collect any information about criminals and cyber-crimes (Tompsett, Marshall, & Semmens, 2005). Again, most cyber-crimes go either unnoticed or unreported and hence go unpunished. Importantly, it is possible to draw some parallels between non-cyber-crimes and cyber crimes. It is also possible to develop a profile from the existing techniques that can be used for law enforcement.

APPLICATION OF THE DEDUCTIVE AND INDUCTIVE PROFILING TECHNIQUES TO PROFILE CYBER CRIMINALS

From the perspective of the deductive profiling methods, cyber-criminal profile should be developed in a four-step process. The first step of the four-step process is the victomology. This stage involves understanding the aspects of organization and individuals attract cyber-criminals. Today, criminals victimize both organizations and individuals. This stage leads to and is associated with motive identification, which is the next step. Victimology helps the security specialists to understand the offender’s motive behind the crime. Victomology include the following: (1) politically motivated crimes (i.e., cyber-terrorists); (2) crimes committed driven by emotional reasons (i.e., cyber-stalking); (3) crimes committed and driven by sexual impulses (i.e., paedophiles); and (4) crimes known to be less dangerous such as sharing software by individuals, sharing copyrighted movies (Shinder, 2010).

The motives and victimology leads to the identification of offender characteristics, which is the third stage. Several topologies and ways to classify cyber criminals based on offenders’ motives have been introduced (Rogers, 2006). However, changes in the criminal behavior changes with the changing technological environment necessitating modification and reclassification of existing schemes. Other studies, have suggested that crime can be addictive and that in the cyber world, criminals become addicted to the internet and computers (Nykodym et al., 2008). It is also argued that this addiction, aided by various opportunities including the access and availability of the internet and computers, and fueled by criminal’s motives, could facilitate the making of the cyber-criminal. This understanding may be used in analyzing the modus operandi of cyber-criminal. Modulus operandi reflects cybercriminal’s character (Lickiewicz, 2011). For instance, a cyber-criminal may destroy information by using a virus that is attached to the e-mail while another may hack into a computer system by attacking the server with a view to steal information. This suggests that one’s technical expertise helps him or her to understand the behavior of cyber-criminal. A cybercriminal may be required to have level of technical efficacy in order to successfully penetrate a highly sophisticated and secure network (Kirwan, & Power, 2013). On the other hand, “script kiddie” may use an already developed program to attack a computer system. It is worth noting that human elements such as social engineering skills possessed by some professional cyber-criminals should not be disregarded. This is because cyber-criminals with average technical skills can participate in a crime by simply employing simple techniques of subtle psychological manipulations and friendly persuasion. Kirwan, and Power (2013) affirm that indeed technical skills and other skills including social skills and motives determine the modus operandi of cyber-offender.

The stage four of the deductive cyber-profiling technique involves analyzing digital forensic evidence. Digital forensic is important because it is the means through which the cyber-criminal profiler can trace the offender in the event there is no physical evidence (Kwan, Ray, & Stephens, 2008). In view of Lickiewicz (2011) not all criminals are traceable as one out of three cyber-criminals manages to remove or modify the audit trail by wiping off their traceable digital footprints. The four-stage approach that has been suggested is an iterative process. The new information regarding the offender, motive, victim, the victim and forensic evidence could be revealed while in the process of investigation.

As for inductive profiling methods, they can be applied alongside the deductive techniques described above to help deal with the cyber-crimes. For example, the statistical analysis data technique that involve studying the demographic characteristics and behavioral patterns shared by criminals and breaches in cyber-security could be employed to identify trends in criminal attacks such as the motive for attack, the type of victims who are likely to be targeted by criminals, and the most common mode of attack used by cyber-criminals. This may help in identify serial offenders and other cases with similar modus operandi.

CONCLUSION

The techniques and tools discussed in this paper are worth testing in practical scenario. It is believed that if cyber-criminal profiling would be used effectively, the issue of cyber-crime in cyberspace would be a forgotten issue. Considering the current trend of increasing rates of cyber-crimes, it would be important for academic and practitioners to collaborate. These practices may be useful for law enforcement officers as it may help them gather legally valid and binding evidence from cyber-criminals in order to take appropriate actions against these criminals.

REFERENCES

Alison, L., Goodwill, A., Almond, Louise, Heuvel, C. & Winter, J. (2010) Pragmatic solutions to offender profiling and behavior investigative advice. Legal and criminological psychology, 15, 115-132.

Kirwan, G., & Power, A. (2013). Cybercrime: Psychology of cybercrime. Dublin: Dun Laoghaire Institute of Art, Design and Technology.

Kwan, L., Ray, P. and Stephens, G. (2008). Towards a Methodology for Profiling Cyber Criminals. IEEE Computer Society. Proceedings of the 41st Hawaii International Conference on System Sciences.

Lickiewicz, J. (2011). Cyber Crime psychology-proposal of an offender psychological profile. Problems of forensic sciences, 2(3): 239-252.

Nykodym, N., Ariss, S. and Kurtz, K. (2008) ‘Computer addiction and cyber crime’. Journal of Leadership, Accountability and Ethics, 35: 55-59.

Rogers, M. K. (2006) ‘A two-dimensional circumplex approach to the development of a hacker taxonomy’. Digital Investigation, 3 (2): 97-102.

Shinder, D. (2010) Profiling and categorizing cybercriminals. Retrieved on 6th July 2016 from http://www.techrepublic.com/blog/security/profiling-and-categorizing-cybercriminals/4069.

Tompsett, E.C., Marshall, A.M., & Semmens, C.N. (2005). Cyberprofiling: Offender Profiling and Geographic Profiling of Crime on the Internet. Computer Network Forensics Research Workshop.

Cyber Crime Offender Profiling: The Human Factor

CYBER CRIME OFFENDER PROFILING: THE HUMAN FACTOR

FADI ABU ZUHRI

The process of offender profiling draws on the human factor of the cyber Crime Offender profiling both the nonphysical and physical information. This includes evidence on what the offender did to the victim, the offender’s behavior before and after the offence, the sequence of events, and the layout of the crime and crime scene in relation to the absence or presence of significant items or the disposition of the victim. From these data, one can draw inferences about the possible motivation and meaning of the particular action (Kirwan, & Power, 2013). For instance, tying up the victim may suggest the necessity for control. Location of crime, characteristics of the victim, and use of vehicles may suggest demographic and social feature of the criminal offender, such as age, occupation, or race. The goal of criminal profiling is to try and narrow the area of investigation with the basic assumptions being that the behavior of the offender at the crime scene reflects the method of committing crime and consistencies in personality of the offender.

In majority of criminal cases, criminal profiling is useful in sexual assaults and serial crimes and in crime scenes that reflect psychopathology including rapes, cut and satanic killings and sadistic assaults (Kirwan & Power, 2013). Worth noting is that the human factor of cyber crime offender profiling draws on the offender’s characteristics. Human factor means the impact of background and personal characteristics of the offender/perpetrator in commissioning crimes and the internal and environmental factors that shape the criminal careers of the perpetrators (Aebi, et al., 2016).

In a nutshell the human factor addresses the human or social aspect of cybercrime. It focuses on exploring the perpetrators of cybercrimes, their criminal careers, their modus operandi, how criminal hackers pick or select their vulnerable targets, and how they can effectively be deterred. This paper explores these features.

In the era where computer criminals are becoming increasing difficult to combat, law enforcement specialists are increasingly becoming interested in the offenders themselves, their personalities, as well as traits existing in their actions in the broadest sense. The special role of identifying the human factor of cyber crime offender profiling is often played by a psychological profiler professional. Psychological profiling involves utilizing a method to map the psychological description of the unknown offender (Kirwan, & Power, 2013). The result of the process is the creation of the offender’s short, concise and dynamic profile describing the most important manifestations of behavior and characteristics of the unknown perpetrator. As observed by Tompsett, Marshall, & Semmens (2005) psychological experience and knowledge allows the security specialists to interpret the pieces of information and evidence found at the scene of the crime and enables them to further determine the personality type of the perpetrator.

The basic rules of offender profiling state that there is a correlation between the act committed by the offender and his or her personality (Tompsett, Marshall, & Semmens, 2005). As a result, one may infer about the offender’s psychophysical characteristics including his or her behavior and motivation based on the traces left by the offender and the modus operandi (the method of operating). Identical relations concerns hacks or network attacks. As suggested by Lickiewicz (2011), computer crime perpetrators count on internet anonymity. However, the anonymity of the internet does concern their signatures they leave, their motivation, and modus operandi.

According to Lickiewicz (2011) each cyber criminal is his unique way of doing thing with own software and techniques which he/she utilizes for break-ins. Generally, compute crimes are of the serial nature. As such, it is possible for the security specialists to determine the profile of the offender. Lickiewicz (2011) holds that it is important to prepare the profiles of the internet criminals since they are considered a threat to the network security. Of great importance when creating the perpetrator’s profile is the database. If properly prepared, database on offender profiling can enable the security specialists to accumulate information on perpetrators of crimes of similar nature. It also enables investigators and scientists to search for information and analogies in other future cases.

There are two types of investigations in computer crime related cases. First, a situation involving the occurrence of the network incidences in which the identity of the offender is unknown such as the network break-in cases. The second computer crime case involves a situation in which both the offender and crime are known. Sahito, and Slany (2013) emphasizes that in these types of investigations, deductive profiling is useful. However, it is somewhat difficult talking about offender profiling in the second case of computer crime. In investigative psychology, profiling is understood as involving the creation of the psychological profile of the unknown offender but not the individual who has been already arrested by security agencies. Sahito, and Slany (2012) suggest that when creating the offender profile, data should be analyzed in such as way that the analysts can narrow down the search process to a certain group. This way, one may define the offender’s motivation and his or her skills. The offender profile also includes information the area of the internet that should be searched for a given criminal.

Again, one should thoroughly analyze actions of the victim on the internet to establish the reason that may have compelled the offender to attack the victim. From this, one can draw up a detailed offender’s profile and set up a honeypot (future trap) for the offender. When creating the profile of the offender, assumptions should be made regarding the offender’s maturity and age. This allows the security agency to gain information on the offender’s aims, culture she/he grew up and the offender’s motivation. The culture in which the perpetrator grew up may condition his or her behavior. This will allow the use of psycholinguistic methods, which enables identification of offenders in future cases.

Profiling helps explain the behavior of the offender and the need for it to be fulfilled. Profiling also enable an investigator to determine the place where the offender committed the operation. A whole team consisting of internet technology specialists, lawyers, and security specialists are required to conduct offender profiling.

A cyber criminal possesses the following characteristics: at least certain minimal technical skills; a feeling that they are outside the reach of legal norms, and disrespect for legal norms; rich fantasy; a strong motivation of various types including the need for entertainment, motives of a political character, and the need to gain material goods (Lickiewicz, 2011). Computer criminals are also reported to have high technical abilities and skills to solve problems and higher than average IQ (intelligence quotient); are brilliant adolescents bore by poorly prepared teachers and an appropriate school system; they rebel against all authorities and symbols.

Technical skills are general knowledge regarding computer systems, programming languages, network security and functioning and have knowledge about applications used for data base development. Hackers also know the operating system and principles of sensing data (Kirwan, & Power, 2013). Having knowledge in these areas enables hackers to make use of the system weaknesses of the system when breaking in. hackers are identified with certain personality traits. They have crucial characteristics that are effective for attacks. They use social influence or technical methods to obtain information directly from the user. They also demonstrate a high degree of openness to new experiences and neuroticism. These features strongly motivate them to aspire and act to break in the system. A high degree of neuroticism conditions them to abuse the communication using the network. It also makes them to have strong want to maintain anonymity. Also, openness to new experiences determines the offenders’ desire to learn need systems; and the unconventionality and creativity to break the security measures (Kirwan, & Power, 2013). They are known to have the high tendency to violate rules being enforced at the workplace, coming into conflict with superiors and ignoring them.

The offender’s social skills constitute a dimension that determine their functioning in a group and how the internalize social norms and use them in professional and private life. Social skills of the offender remain in relation to technical and intelligence skills. It is emphasized in the literature that hackers often demonstrate low social skills. These skills consist of difficulties in relating with colleagues ad family, the inability to establish strong and close interpersonal relations, and a sense of alienation. Computer criminals are also associated with internet addiction. This element makes them to be effective in their attacks on the system. The time they devote to computers translate into knowledge and skills to use them (Lickiewicz, 2011). These characteristics form the human aspect of computer crime and form the basis for creating the hacker’s psychological profile.

It is also worth noting that there is relationship between these human factor elements. For example, the cyber criminals’ method of attack is influence by their personality, and intelligence, technical and social skills. Social skills influence the decision they make with regard to the social techniques used during the attack. Technical skills possessed by offenders help them to master the system and influence the method used.

The success or effectiveness of an attack is determined by the criminal’s level of intelligence. The offender’s indigence and his or her ability to successful conceal traces at the crime scene condition his or her way of behavior while at the scene of the attack. Social skills are useful when utilizing other hackers’ help (Lickiewicz, 2011). Technical skills is related to the understanding the weak side of the system. They also determine the how the offender deals with the data obtained and determine the effectiveness of tasks executed. Methods used by hackers are largely conditioned by technical skills, personality and intelligence. The offender’s personality influences the break-in failure, and determines method used to deal with the broken system.

CONCLUSION

When profiling a person’s characteristics, the profiler of the offender assumes that the behavior of the offender is directed by his or her characteristics and the way he or she thinks. It is the work of the offender profiler to infiltrate the behavior of the person that is indicating of his characteristics rather the prevailing situation.

REFERENCES

Aebi, M., Bijleveld, C., Estrada, F., Getos, A., Kleemans, E., Levi, M., et al. (2016). Terrorism and Cybercrime: the Human Factor. The Position Paper. Retrieved July 5, 2016, from http//www.nscr.nl

Alison, L., Goodwill, A., Almond, L., Heuvel, C. v., & Winter, J. (2010). Pragmatic solutions to offender profiling and behavior investigative advice. Legal and criminological psychology , 15, 115-132.

Kirwan, G., & Power, A. (2013). Cybercrime: Psychology of cybercrime. Dun Laoghaire Institute of Art, Design and Technology, Dublin.

Lickiewicz, J. (2011). Cyber Crime psychology-proposal of an offender psychological profile. Problems of forensic sciences , 2 (3), 239-252.

Sahito, F. H., & Slany, W. (2013). Advanced Personnel Vetting Techniques in Critical Multi-Tennant Hosted Computing Environments. International Journal of Advanced Computer Science and Applications , 4 (5), 11-19.

Sahito, F. H., & Slany, W. (2012). Functional Magnetic Resonance Imaging and the Challenge of Balancing Human Security with State Security. Human Security Perspectives , 1, 38–66.

Tompsett, E. C., Marshall, A. M., & Semmens, C. N. (2005). Cyberprofiling: Offender Profiling and Geographic Profiling of Crime on the Internet. Computer Network Forensics Research Workshop.

The Profile Of A Cybercriminal

THE PROFILE OF A CYBERCRIMINAL

FADI ABU ZUHRI

Profiling is a technique or approach for solving crime. Some scientist define it as a forensic technique used by forensic investigators and law enforcement agencies to understand why criminals are committing crime, to classify criminal behavior and to solve crimes that have already been committed (Saroha, 2014). Others view it as a tool used by forensic experts to identify the offender’s behavioral tendencies, personality traits, demographic variables, and geographical variables based on the information and characteristics of the crime (Lickiewicz, 2011). However, the general consensus is that criminal profiling involves collecting inferences about the traits of the individual responsible for the series of crime or for a particular crime. It involves understanding what a particular crime says about the perpetrator (Kirwan, & Power, 2013). It is used by forensic investigators and law enforcement agencies to understand and apprehend criminal offenders. As a forensic technique, criminal profiling enables investigative agencies to use the specific information to focus their attention on people with personality traits that parallel those of other offenders who have committed other similar offences (Kirwan, & Power, 2013). Integrating the sciences and the arts, criminal profiling allows investigators to analyze victims and crime scene and comparing them to similar crimes committed by known offenders’ personalities and traits. From this, the criminal profiler can predict the unknown offender’s characteristics including sex, age, and level of mental stability, geographical location and motivation (Lickiewicz, 2011). The investigators can also link other offences committed by the offender from the offender’s signature and modus operandi identified from the physical evidence collected at the setting where the crime occurred and scene of crime (Saroha, 2014). As such, criminal profiling contains information about the perpetrators (Kirwan, 2011):

  • Likely demographics (i.e., gender and age)
  • Legal history including history of prior criminal convictions/offenses and any antecedence
  • Vocational backgrounds that is the work the perpetrator is likely to be involved in, if any
  • Social interests and habits (hobbies, sports, and other interests in which the perpetrator may have)
  • Family characteristics including the offender’s family background
  • Various personality characteristics including the offender’s appearance, demeanor etc
  • Mode of transport (i.e., type of vehicle that they offender may have)

In essence, criminal profiling is primarily based on the assertion that the format in which the offender committed the offence reflects his or her behavior and personality.

Modern criminal profiling takes two forms: the deductive and inductive approaches. He former is evidence-based involving analyzing the evidence found from the case in order to construct the offender’s behavioral profile. This way, the offender’s profile is constructed based on the evidences and information found at the crime scene (Kirwan, 2011). Professionals use this approach to get into the mind of the criminal. They try to think in the same way the offender may have thought whiling committing the crime. This type of criminal profiling is largely based on human intelligence rather than on statistical data. The later type of profiling uses the statistical analysis of the previous offender’s characteristics to generate a generalized behavioral pattern of the perpetrator. Comparative and statistical analyses are used to create the profile of the criminal. Information comes from results of studies of previously convicted criminals, their interviews, observation, data from official databases, and the usage of clinical methods. The profiler analyzes all these information and constructs a possible profile of the likely offender of the type of crime basing on the traits of criminals that committed similar types of crimes. The inductive technique is basically based on the inductive logic, which forms the basis of narrowing down and predicting who will commit specific types of crimes (Halder, & Jaishankar, 2011).

In addition to the offender’s biological information; it is worth noting that criminal profiles include information about the perpetrator’s residence and approximate location. This information is the product of geographic profiling. Regardless of the type of criminal profiling approach employed, criminal profiling alone can never solve crimes alone (Long, 2012).

Discerning the motivations for committing a particular cyber-crime is important as it helps the forensic expert to build a useful profile for the offender. It is suggested that people may be motivated by different factors to break the law. Based on the perpetrator’s motives, criminals can be categorized into two: criminals whose act of using the internet to commit crime is incidental; and criminals who intentionally and knowingly use the internet to commit crime. Criminals who knowingly use the internet to commit crime include white-collar criminals, hackers, computer con artists, network attackers and crackers (Long, 2012). The second type of criminals use the computer to keep record, use the network to identify and find victims, and those who use e-mail and other services to communicate with their accomplices. The motivations offered by cyber-criminal for their activity seems to be largely influenced by their sensitivity towards agendas raised by various groups to oppose hacking. For example, the computer security industry has been accused of over-emphasizing the pathological aspect of hacking and vandal-oriented motivations. The motivation behind the hacker participation in hacking can be categorized into six: peer recognition, enjoying feelings of power, the urge of curiosity, the feelings of addiction, boredom with education system, and political acts (Long, 2012). For some criminals, they are motivated to do the forbidden act while for others, crime offers them the opportunity to manipulate and control others. Most criminals committing crime in the cyber space are strongly motivated with their motivation ranging from simply want to have fun to the desire or need for emotional or sexual impulse, money, political motives, or compulsions caused by psychiatric conditions of mental illness (Long, 2012). On the other hand, some cybercriminals are driven by less noble motives such as lust, desperation, anger, or plain boredom. It is important to discern motives and motivations for committing a particular crime as forms an important part of creating a useful profile (Schinder, 2010).

Because of the influence of Hollywood and the untypical nature of crime today; there are many stereotypes on how cybercriminals appear. Some of the stereotypes include that all cybercriminals (1) are socially inept but bright; (2) have a great technical skills and knowledge and very high IQs; (3) are males and usually boys; (4) teenage boys with computers and dangerous criminals, and (5) all cybercriminals are never violent. According to Lickiewicz (2011) when creating a profile for cybercriminals, a law enforcement official should always begin with generalities that are identified and typical of cybercriminals. According to Lickiewicz (2011) for an individual to commit a cyber-crime, he or she should have the ability to perform basic tasks on the internet. Some crimes also require greater computer skill and knowledge. These types of criminals are same as those who commit crime in the physical world. They do not believe and respect the law. They believe that some laws should be broken because they are unreasonable. Many of these criminals use the internet to fulfill their fantasies. They use it to build new identities and to play other people’s role. Cybercriminals often use more energy than they get in return (Kirwan, 2011).

Understanding the motives of the criminals is also important because in many jurisdictions, one of the elements of providing that an accused individual is guilt is by showing that he or she posses each of the crime triangle: motive, the opportunity, and the means. The motive is the perpetrator’s reason for committing a crime (Atkinson, & Walker, 2015). The means is the perpetrator’s way of committing a crime. The opportunity is the offender being at the scene at the right time to enable him commits a crime. Therefore, understating the motive of the criminal in an investigation is useful for two reasons: (1) when creating the offender’s profile to help in the identification of the correct perpetrator; and (2) when presenting a case against the suspect. Common motives for criminals committing cybercrimes include: sexual impulses, political motives, monetary profit, just for fun, revenge, anger, and other emotional needs, and serious psychiatric illness (Atkinson, & Walker, 2015). These characteristics should be used when profiling cybercriminals. Every message, every word and every trace is important when creating criminal profile.

CONCLUSION

It is clear from this paper, that criminal profiling means a lot to the investigators. It allows investigators to link motive, character, act and behavior of the offender. Although it primarily focuses on serial violent offenses such as sexual assaults and murders, the changes in technology has increased the emphasis and interest on applying it to cybercrime. Most cybercrimes are by nature serial in that the offender habituates their behavior and commit multiple offenses. From this, signature and modus operandi can be drawn. For example, analysis of indicators of the attack’s “digital crime scene” can determine the computer hacker’s intrusion activity and provide them with an insight. As such, it is an important method when it comes to classifying criminal investigations.

When an investigator uses profiling as the method to solve a criminal case; it is always important to see the scene of crime, find traces, and evidence that a criminal leaves at the crime scene. This way, the profiler can make good profiler of the offender.

REFERENCES

Atkinson, S., & Walker, C. (2015). Psychology and the hacker – Psychological Incident. SANS Institute InfoSec Reading Room.

Halder, D., & Jaishankar, K. (2011), Cyber crime and the victimization of women: laws, rights and regulations, Information Science Reference.

Kirwan G (2011). The Psychology of Cyber Crime: Concepts and Principles. IGI Global.

Kirwan, G., & Power, A. (2013). Cybercrime: Psychology of cybercrime. Dublin: Dun Laoghaire Institute of Art, Design and Technology.

Lickiewicz, J. (2011). Cyber Crime psychology-proposal of an offender psychological profile. Problems of forensic sciences, 2(3): 239-252.

Long, L. (2012). Profiling Hackers. SANS Institute. Retrieved on 8th July 2016 from http://www.sans.org/readingroom/whitepapers/hackers/profiling-hackers-33864

Saroha, R. (2014). Profiling a Cyber Criminal. International Journal of Information and Computation Technology, 4(3): 253-258.

Schinder, D. (2010). Profiling and categorizing cybercriminals. Tech Republic Retrieved on 8 th July 2016 from http://www.techrepublic.com/blog/it-security/profiling-and-categorizing-cybercriminals/handling.

Tompsett, E.C., Marshall, A.M., & Semmens, C.N. (2005). Cyberprofiling: Offender Profiling and Geographic Profiling of Crime on the Internet. Computer Network Forensics Research Workshop.

Translate »