Application of new methods and methods cyber criminalistics | Статья в журнале «Молодой ученый»

Отправьте статью сегодня! Журнал выйдет 28 декабря, печатный экземпляр отправим 1 января.

Опубликовать статью в журнале

Автор:

Рубрика: Информационные технологии

Опубликовано в Молодой учёный №19 (153) май 2017 г.

Дата публикации: 16.05.2017

Статья просмотрена: 35 раз

Библиографическое описание:

Нуржабова, Д. Ш. Application of new methods and methods cyber criminalistics / Д. Ш. Нуржабова. — Текст : непосредственный // Молодой ученый. — 2017. — № 19 (153). — С. 32-35. — URL: https://moluch.ru/archive/153/42670/ (дата обращения: 19.12.2024).



This article is devoted to application of new methods and methods cyber criminalistics. Problems of cybercrime are considered in this article and given new methods.

Key words: cyber, criminalistics, cybercrime

We live in the information space. I can not say exactly how this information closer to reality or engage in fraud on the Internet, hacking passwords in large company sites or e-mail to threaten a person's life on the Internet, engage in hacking and other place around us every second growing cybercrime. What is cybercrime, and when there was this term in the Criminal Code. Computer security experts are well aware of the term and know what kinds of threats are struggling against them and define the concept of cybercrime [1,3].

Cybercrime- crimes are committed by people using information technologies for criminal purposes. In foreign countries, particularly the United States, have become widespread fraud related to the sale of domain names made a mass mailing e-mail messages in which, for example, the report attempts to unknown people register domain names similar to addresses belonging to the recipients and site owners are invited to register unnecessary their domain name to get ahead of these people. So, shortly after the attacks of September 11, 2001 US Federal Trade Commission said the fact the mass sale of domain names zone «USA». These groups of infringements are special part of the institution of criminal law the responsibility for these acts can not accommodate the Criminal Code of the Republic of Uzbekistan. As an independent institution for the first time is not isolated and requires special adopted article which refers to sub institute «Crimes against public safety and public order». Kinds of objects are considered crimes of public relations related to security of information and information processing systems by a computer.
Cybercrime information are: illegal access to computer information, creation, use and distribution of malicious computer programs [2,4].

Violation of the rights of information and unauthorized access to data remains sometimes a mystery, about the concept of cybercrime identified which is studied science Cybercrime happening crime with information technology. Fighting to cybercrime requires international co-operation, etc. This law is adopted by Council of Europe Convention on Cybercrime.

Council of Europe Convention on Cybercrime divides into four groups:

‒ The first group of offenses against the confidentiality, integrity and availability of computer data and systems are: illegal access (Art. 2), illegal interception (v. 3), the impact on computer data (wrongful intentional damage, deletion, deterioration, alteration or suppression of computer data) (Art. 4) or the system (Art. 5). Also in this group of crimes include illegal use of special technical devices (v. 6) — software designed or adapted for the commission of offenses set forth in Art. 2–5, as well as computer passwords, access codes, their analogues, by which can be accessed by the computer system as a whole or some part in there). In Art. 6 rates apply only if the use of (distribution) of special technical devices aimed at the commission of unlawful acts.

‒ The second group consists of crimes are associated with the use of computer tools. These include fraud, forgery and use of computer technologies (Art. 7–8). Forgery using computer technology includes malicious and unlawful entry, modification, deletion or suppression of computer data, entailing inauthentic data with the intent that it be considered or acted upon for legal purposes as authentic.

‒ The third group of production (for distribution through a computer system), supply and (or) provision for the use, distribution and purchase of child pornography and possession of child pornography in a computer memory (v. 9).

‒ The fourth group consists of offenses related to infringements of copyright and related to rights.

Under the Convention, each of the State Party is required to create the necessary legal conditions for the provision of the following rights and duties of the competent authorities to combat cybercrime: seizure of a computer system or part of the carrier; manufacturing and confiscation of copies of computer data; ensure the integrity and preservation of stored computer data relating to the case; destruction or suppression of computer data in a computer system.

The Convention also requires the necessary legal conditions in touch of Internet providers to collect and to fix or intercept the information you need with the help of available technology and promote the law enforcement agencies. It is recommended to oblige providers to maintain absolute confidentiality about the facts of this cooperation.

In early 2002, is admitted to Protocol № 1 of the Convention on Cybercrime, which adds to the list of crimes of dissemination of racist and other nature, inciting to violence, hatred or discrimination against a person or group of people based on the racial, ethnic, religious or ethnic affiliation.

The next step interaction with the subject is a subject of authentication. Authentication of the subject — is the subject of authentication with the ID. The authentication procedure determines whether the subject what himself declared [4,5].

After identification and authentication of the subject of the authorization procedure is performed. Under the threat of information security in computer network (COP) to understand an event or action that may cause a change in the functioning of the COP related to violation of protection of the processed information in it. Vulnerability information — is the possibility of such a state in which the conditions for the implementation of information security threats [4,5].

The attack on the Constitutional Court referred to the action taken by the infringer, which is to search for and use of a particular vulnerability. In other words, an attack on the COP is the implementation of information security threats in it.

Problems are arising from the security information transmission when the computer networks can be divided into three main types:

‒ interception of information — data integrity is preserved, but her privacy violated;

‒ modification of information — the original message is changed or completely replaced by others, and sent to the addressee;

‒ substitution of the authorship information. This problem can have serious consequences.

The specifics of computer networks, in terms of their vulnerability, mainly associated with the presence of an intense information exchange between geographically dispersed and diverse (heterogeneous) elements.

Vulnerable are literally all the main structural and functional elements of the Computer System: workstations, servers (Host-machine), bridging (gateways, switching centers), communication channels, etc. A large number of diverse security threat information from various sources [4,5]. In literature there are many different classifications, where the dividing criteria used types of dangers posed by the degree of malice, source of the threats, etc. One of the most basic classifications is shown in Fig. 1.

Natural threat — the threat is caused by exposure to the elements of the COP and its objective physical or natural processes of nature, beyond the control of man.

Artificial threat — a threat to the COP caused by human activity. Among them, based on the motivation of actions can be distinguished:

‒ unintended (inadvertent, accidental) threats caused by errors in the design of the COP and its components, software errors, errors in the actions of personnel, etc.;

‒ deliberate (intentional) threats associated with selfish aspirations of the people (hackers).

According to international standard GOSTR ISO / IEC 17799–2005, the information security policy should establish the responsibility of management, as well as to present the organization's approach to managing information security [4,5]. In accordance with this standard requires that the information security policy of the enterprise as a minimum, include:

‒ definition of information security, its overall objectives and scope, as well as disclosure of the importance of security as a tool that provides the ability to share information;

‒ presentation of the purposes and principles of information security formulated by the leadership;

‒ summary of the most important for the organization of security policies, guidelines, rules and regulations, such as:

‒ comply with legal requirements and contractual obligations;

‒ requirements for security training;

‒ prevention and detection of viruses and other malicious software;

‒ business continuity management;

‒ responsibility for violations of security policy.

‒ definition of general and specific obligations of employees in the management of information security, including information on incidents of violation of information security;

‒ links to documents that complement the information security policy, for example, more detailed policies and procedures for specific information systems, as well as the safety rules are followed by users.

Information Security Policy of the company must be approved by management, published and communicated to all employees in an accessible and understandable form [3].

Fig.1. General classification of security threats.

References:

  1. The Council of Europe Convention-11.12.2008, www.coe.int
  2. Fundamentals of Information Security. Textbook for high schools / EB Belov, VP Moose, RV Meshcheryakov AA Shelupanov. -M.: 2006–544
  3. Vikhorev SV Kobtsev RY How to determine the sources of threats? // Open systems № 7–8 / 2002. http://www.elvis.ru/files/howto.pdf.
Основные термины (генерируются автоматически): COP, GOSTR, IEC, ISO.


Ключевые слова

cyber, criminalistics, cybercrime

Похожие статьи

The role of multimedia in the coverage of theoretical aspects of musicology

This article discusses the importance of multimedia materials in the education system in covering the theoretical aspects of musicology.

Speech error classifications in the context of teaching EFL

In this article we examine various speech error classifications and suggest possible ways of using them in the process of teaching English as a foreign language.

Etymology of the idiom «kangaroo court» and its semantic analysis

The article is dedicated to the origin of the idiom «kangaroo court» and its meaning through semantic analysis.

Methods of teaching the concept of work and energy in secondary schools

This article reveals the physical meaning of the concept of mechanical work and energy and the connection between them, studied in secondary schools.

Management of the formation of ecological culture of students in a rural school

The article discusses environmental problems in a rural school and ways to solve them using the formation of the ecological culture of schoolchildren.

The usage of economic terms: analysis, comparative studies

The article deals with the issues based on analyzing the usage economic terms in the process of marketing. We analyzed scientists works on terms and defined them in the article.

Challenges in creating web-based activities in teaching and learning English

This paper tries to highlight the challenges in creating teaching materials which is based on web teaching and learning foreign language as well as Web based language activities and its efficiency while learning English language.

The role of analytical methods in the assessment of food quality indicators

The article provides a brief description of analytical methods for assessing the quality and consumer properties of food products. The importance of the concepts of quality and food safety is noted.

On the importance of music therapy in childcare

The article on the importance of music therapy, its role and benefits in early development of children supported by neurological and medical research.

International law and integration of international organizations in the Republic of Uzbekistan

This article discusses the development and formation of international law in the Republic of Uzbekistan, the entry of Uzbekistan into international organizations, as well as the training of qualified specialists.

Похожие статьи

The role of multimedia in the coverage of theoretical aspects of musicology

This article discusses the importance of multimedia materials in the education system in covering the theoretical aspects of musicology.

Speech error classifications in the context of teaching EFL

In this article we examine various speech error classifications and suggest possible ways of using them in the process of teaching English as a foreign language.

Etymology of the idiom «kangaroo court» and its semantic analysis

The article is dedicated to the origin of the idiom «kangaroo court» and its meaning through semantic analysis.

Methods of teaching the concept of work and energy in secondary schools

This article reveals the physical meaning of the concept of mechanical work and energy and the connection between them, studied in secondary schools.

Management of the formation of ecological culture of students in a rural school

The article discusses environmental problems in a rural school and ways to solve them using the formation of the ecological culture of schoolchildren.

The usage of economic terms: analysis, comparative studies

The article deals with the issues based on analyzing the usage economic terms in the process of marketing. We analyzed scientists works on terms and defined them in the article.

Challenges in creating web-based activities in teaching and learning English

This paper tries to highlight the challenges in creating teaching materials which is based on web teaching and learning foreign language as well as Web based language activities and its efficiency while learning English language.

The role of analytical methods in the assessment of food quality indicators

The article provides a brief description of analytical methods for assessing the quality and consumer properties of food products. The importance of the concepts of quality and food safety is noted.

On the importance of music therapy in childcare

The article on the importance of music therapy, its role and benefits in early development of children supported by neurological and medical research.

International law and integration of international organizations in the Republic of Uzbekistan

This article discusses the development and formation of international law in the Republic of Uzbekistan, the entry of Uzbekistan into international organizations, as well as the training of qualified specialists.

Задать вопрос