Cybercrime-fighting tools still lacking.Information-security trade shows abound with products promising to solve any cybersecurity problem from blocking hackers to tracking malicious insiders. But most of these vendors are aiming their products at IT professionals, not law enforcement investigators charged with fighting incidents of cybercrime cybercrime also known as computer crime Any use of a computer as an instrument to further illegal ends, such as committing fraud, trafficking in child pornography and intellectual property, stealing identities, or violating privacy. . [ILLUSTRATION OMITTED] To help bridge the chasm between commercial infosec products and those needed to fight cybercrime, the Institute for Security Technology Studies (ISTS ISTS Institute for Security Technology Studies ISTS Individual Sewage Treatment Systems ISTS Institute for Space and Terrestrial Science ISTS Intel Science Talent Search ISTS International Sea Turtle Society ISTS Ion Source Test Stand ), a Dartmouth College Dartmouth College, at Hanover, N.H.; coeducational; chartered 1769, opened 1770, the ninth colonial college (see Wheelock, Eleazar). Originally a men's college, Dartmouth began admitting women in 1972. think-tank, has released the Gap Analysis Report, a paper that looks at the needs of investigators and maps them against available software tools. It analyzes these needs and looks at more than 200 existing and in-development products to see what is missing. The report is the second of three ISTS papers on this subject. The first was a national needs assessment that examined the types of challenges that cyberinvestigators face and the kinds of tools they need. (See "Wanted: Tools, Expertise to Fight Cybercrime," "Tech Talk," September 2002.) The third report, Research and Development Agenda, is slated for release later this year. Data for the reports comes from national surveys, law enforcement interviews, and ISTS-led workshops. In the case of the Gap Analysis Report, researchers created a list of existing tools and their functions and presented it to a prioritization working group comprising investigators from the public, private, and academic sectors. This group was asked to vet vet common idiomatic version of veterinarian. the list of technology solutions to see whether it was complete and whether existing needs were addressed by these solutions. They were also asked to prioritize pri·or·i·tize v. pri·or·i·tized, pri·or·i·tiz·ing, pri·or·i·tiz·es Usage Problem v.tr. To arrange or deal with in order of importance. v.intr. any remaining needs that were not addressed. The resulting matrix shows where there are no, few, or many tools to meet each need. The analysis revealed needs in areas such as data collection, log analysis, and Internet protocol See Internet and TCP/IP. (networking) Internet Protocol - (IP) The network layer for the TCP/IP protocol suite widely used on Ethernet networks, defined in STD 5, RFC 791. IP is a connectionless, best-effort packet switching protocol. (IP) tracing. The report showed generally that the "needs of cyberattack investigators have not been met by the available technology solutions." Andrew MacPherson, technical program coordinator for the ISTS Technical Analysis Group, says one of the common themes of the report is that often tools "don't do things quickly enough, they don't automate To turn a set of manual steps into an operation that goes by itself. See automation. the process." Speed is of the essence in any investigation, and without automated data collection tools, cyberinvestigators cannot meet the challenge of collecting data from ISPs and other resources before the trail goes cold. An appendix presents the eighteen most critical needs requiring additional research and development. Encryption The reversible transformation of data from the original (the plaintext) to a difficult-to-interpret format (the ciphertext) as a mechanism for protecting its confidentiality, integrity and sometimes its authenticity. Encryption uses an encryption algorithm and one or more encryption keys. was the first problem area. And perhaps the most challenging. Law enforcement agencies A law enforcement agency (LEA) is a term used to describe any agency which enforces the law. This may be a local or state police, federal agencies such as the Federal Bureau of Investigation (FBI) or the Drug Enforcement Administration (DEA). are not likely to obtain the tools to crack encryption for another decade or two, if at all, MacPherson says. But, he adds, perhaps the report will spark "the entrepreneurial spirit to apply scientific advances to unique problems of our criminal justice system." @ Law Enforcement Tools and Technologies for Investigating Cyber Attacks: Gap Analysis Report is at SM Online. |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion