A Defined Digital Forensic Criteria for Cybercrime Reporting

摘要

In recent years a large proportion of cybercrime attacks are text-data based, whereby the cyberattack propagation method is non-technical. Though copious information about these attacks, mainly, the meta-data can be extracted, such information is usually unavailable for digital forensic (DF) investigation because these cyber-attacks are often unreported. One of the reasons for victim under-reporting of cybercrime is the lack of an anonymous system to report cybercrime, as well as the lack of digital forensic defined criteria for cybercrime reporting. The problem identified by this paper, therefore, is the lack of defined digital forensic criteria for reporting cybercrime attacks anonymously. A defined digital forensic (DF) criteria for cybercrime reporting is proposed to address this problem. The method employed is to firstly, develop a generic DF cybercrime reporting data collection system that uses a DF cybercrime incident criteria definition that is also privacy enhanced. Secondly, the creation of a natural language data preparation semantic builder that is integrated to store mapped semantics data used to create defined DF criteria for a cybercrime language database. Thirdly, the integrated database (DB) defined DF cybercrime semantic DB can be analysed to formulate a digital forensic readiness architecture for cybercrime language detection. The generated natural language (NL), semantic data of potential cybercrime language, could be developed as a plugin and APIs, pluggable to any DF investigations, tools and applications. The benefits of the proposed defined DF cybercrime reporting criteria include the following; (i) It is a medium for cybercrime victims to report a crime. (ii) The proposed system generates useful data for the implementation of digital forensic readiness architecture and planning that is re-usable and scalable to accommodate other forms of intrusion detection techniques and processes (iii) To design and develop cyber- attack reporting tools and techniques using the information provided by the victims, especially in a text-based cyber-attack. (iv) To provide research data for cybercrime data analytics using the gathered reported data. (v) The proposed criteria ensure that the victims of cybercrime could report cyber-attacks anonymously while maintaining privacy. The findings of this paper pave the way to develop a readily available, easily accessible and defined digital forensic criteria for cybercrime reporting.