An Analysis Of Computer Forensic Activites In Data Network

49 PAGES (10864 WORDS) Computer Science Report

ABSTRACT The report summarizes that in this Information Technology age, the needs of law enforcement are changing. Some traditional crimes, especially those concerning finance and commerce, continue to be upgraded teehnological1~. Paper trails have become electronic trails. Crimes associated and manipulations of data are detected daily. According to the website www.cyber crime.com, an attack is defined as any kind of malicious activity targetted against computer s~ stem resources. including,but not limited to. a break—in (any unathourised access), virus infestation, data or destruction, or distributed denial of service attacks. In addition, some sLiggest attackers are likely to strike in the midst of confusion that people expect with the arrival of the Year 2000 computer problem. ‘l’ribe and Trinoo also may be more powerful than previous programs of the same kind. The duo, which started appearing in recent months, are steps above ~~hat has happened before, according to Dave Dittrich, a computer security technician at the University of Washington who wrote analyses of the programs. When installed onto hundreds or thousands 01’ computers. the programs simultaneously bombard a select point on the Internet. If’ the information from the attackers comes fast enough, the target computel’ freezes up. Flooding attacks such as ‘l’ribe and ‘l’rinoo are examples of so-called denial of-service attacks, a method that’s been around as long as there have been networks to inundate. ‘[here is a critical need in the la~\ enfireement community to ensure the reliability of computer forensic tools. I he goal of’ the Computer l”orensic l’ool ‘l’esting (CJFTT) project at the National institute of Standards and ‘l’echnology (NISI’) is to establish a methodology for testing computer forensic software tools by development of general tool specifications, test procedures, test criteria, test sets. and test hardware. [‘he results provide the information necessary for toolmakers to improve tools, for users to make informed choices about acquiring and using computer forensics tools, and [or interested parties to understand the tools capabilities. A capability is required to ensure that forensic sof ~ are tools consistently produce accurate and objective test results. Our approach for testing computer forensic tools is based on well-recognized international methodologies for conformance testing and quality testing. The researcher used intervie~\. questionnaire. observation and internet and reading materials in order to analyze, collect, and to gather e~ idence of criminal activity which is admissible in a court of law