A high-tech R & D Agenda.A Dartmouth College Dartmouth College, at Hanover, N.H.; coeducational; chartered 1769, opened 1770, the ninth colonial college (see Wheelock, Eleazar). Originally a men's college, Dartmouth began admitting women in 1972. think tank, the Institute for Security Technology Studies (ISTS ISTS Institute for Security Technology Studies ISTS Individual Sewage Treatment Systems ISTS Institute for Space and Terrestrial Science ISTS Intel Science Talent Search ISTS International Sea Turtle Society ISTS Ion Source Test Stand ), released the third of three reports that analyze and prioritize the technology needs of cyberattack investigators. While the first paper collected data from these cybercrime cybercrime also known as computer crime Any use of a computer as an instrument to further illegal ends, such as committing fraud, trafficking in child pornography and intellectual property, stealing identities, or violating privacy. fighters and the second provided a gap analysis showing the products that exist to assist law enforcement in fighting online crime, the third, Law Enforcement Tools and Technologies for Investigating Cyber Attacks: A National Research and Development Agenda, describes the "critical problem areas encountered during cyber attack investigations that may be addressed through research and development." Researchers concluded that new technologies could help investigators during the initial investigation in areas such as automating the collection of data from multiple operating systems Operating systems can be categorized by technology, ownership, licensing, working state, usage, and by many other characteristics. In practice, many of these groupings may overlap. and graphically representing network topologies See topology. to expedite investigations "and alleviate dependence on insiders during data collection tasks." They also noted that law enforcement needs ways to analyze large data sets often found in cybercrime cases; for example, the report notes that from 2002 to 2003, the amount of data examined by the FBI's Computer Analysis and Response team increased by a staggering 432 petabytes. Later in the investigation, other needed tools include reasonably priced log analysis software that provides findings in easily understood graphical format that can help juries understand technical evidence. Also needed is technology that would "provide the capability to detect, trace, and counter IP spoofing Inserting the IP address of an authorized user into the transmission of an unauthorized user in order to gain illegal access to a computer system. Routers and other firewall implementations can be programmed to identify this discrepancy. See firewall. ," an area the report calls a "difficult, yet essential, research challenge." The only software available to detect spoofing (1) Faking the sending address of a transmission in order to gain illegal entry into a secure system. See e-mail spoofing. (2) Creating fake responses or signals in order to keep a session active and prevent timeouts. are the same ones used by attackers and "are not intended as forensically sound utilities." Finally, the report examined technologies that require significant research and development. These include tools to overcome the use of encryption (which emerged as the most critical concern in the previous report) and steganography, in which evidence is hidden in innocent-looking images or files. @ Read the full report at SM Online. |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion