A comparison of open source and proprietary digital forensic software
- Authors: Sonnekus, Michael Hendrik
- Date: 2015
- Subjects: Computer crimes , Computer crimes -- Investigation , Electronic evidence , Open source software
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4717 , http://hdl.handle.net/10962/d1017939
- Description: Scrutiny of the capabilities and accuracy of computer forensic tools is increasing as the number of incidents relying on digital evidence and the weight of that evidence increase. This thesis describes the capabilities of the leading proprietary and open source digital forensic tools. The capabilities of the tools were tested separately on digital media that had been formatted using Windows and Linux. Experiments were carried out with the intention of establishing whether the capabilities of open source computer forensics are similar to those of proprietary computer forensic tools, and whether these tools could complement one another. The tools were tested with regards to their capabilities to make and analyse digital forensic images in a forensically sound manner. The tests were carried out on each media type after deleting data from the media, and then repeated after formatting the media. The results of the experiments performed demonstrate that both proprietary and open source computer forensic tools have superior capabilities in different scenarios, and that the toolsets can be used to validate and complement one another. The implication of these findings is that investigators have an affordable means of validating their findings and are able to more effectively investigate digital media.
- Full Text:
- Date Issued: 2015
A process maturity framework of information security policy development life cycle
- Authors: Tuyikeze, Tite
- Date: 2014-12
- Subjects: Computer security , Information technology , Computer crimes
- Language: English
- Type: Doctoral theses , text
- Identifier: http://hdl.handle.net/10353/26797 , vital:66010
- Description: Information security policy development involves more than policy formulation and implementation. Unless organisations explicitly recognise the various steps required in the development of a security policy, they run the risk of developing policies that are poorly thought out, incomplete, redundant and, irrelevant and which will not be fully supported by the users. This study argues that an information security policy has an entire life cycle through which it must pass through during its useful lifetime. A content analysis on information security policy development methods was conducted using secondary sources in the relevant literature. The outcome of the content analysis resulted in the proposal of a framework of information security policy development and implementation. The proposed framework outlines the various steps required in the development, implementation and enforcement of an effective information security policy. A survey of 400 security professionals was conducted in order to evaluate the concepts contained in the framework.This study also emphasises the importance of integrating a security maturity assessment process into the information security policy development life cycle. A key finding of this study is the proposed maturity assessment framework which offers a structured methodology for evaluating the maturity level of an information security policy. The framework presents an integrated and holistic approach to ensure the incremental process maturity of the organisation’s information security policy development process. In addition, organisations using the proposed framework will be able both to determine the current maturity levels of their information security policy development process and also to plan enhancements in the correct sequence. , Thesis (PhD) -- Faculty of Management and Commerce, 2014
- Full Text:
- Date Issued: 2014-12
An exploration into the use of webinjects by financial malware
- Authors: Forrester, Jock Ingram
- Date: 2014
- Subjects: Malware (Computer software) -- Analysis , Internet fraud , Computer crimes , Computer security , Electronic commerce
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4697 , http://hdl.handle.net/10962/d1012079 , Malware (Computer software) -- Analysis , Internet fraud , Computer crimes , Computer security , Electronic commerce
- Description: As the number of computing devices connected to the Internet increases and the Internet itself becomes more pervasive, so does the opportunity for criminals to use these devices in cybercrimes. Supporting the increase in cybercrime is the growth and maturity of the digital underground economy with strong links to its more visible and physical counterpart. The digital underground economy provides software and related services to equip the entrepreneurial cybercriminal with the appropriate skills and required tools. Financial malware, particularly the capability for injection of code into web browsers, has become one of the more profitable cybercrime tool sets due to its versatility and adaptability when targeting clients of institutions with an online presence, both in and outside of the financial industry. There are numerous families of financial malware available for use, with perhaps the most prevalent being Zeus and SpyEye. Criminals create (or purchase) and grow botnets of computing devices infected with financial malware that has been configured to attack clients of certain websites. In the research data set there are 483 configuration files containing approximately 40 000 webinjects that were captured from various financial malware botnets between October 2010 and June 2012. They were processed and analysed to determine the methods used by criminals to defraud either the user of the computing device, or the institution of which the user is a client. The configuration files contain the injection code that is executed in the web browser to create a surrogate interface, which is then used by the criminal to interact with the user and institution in order to commit fraud. Demographics on the captured data set are presented and case studies are documented based on the various methods used to defraud and bypass financial security controls across multiple industries. The case studies cover techniques used in social engineering, bypassing security controls and automated transfers.
- Full Text:
- Date Issued: 2014
The representation of the use of social media for committing cyber-crimes in selected South African newspapers
- Authors: Hewana, Sandiswa
- Date: 2013
- Subjects: Computer crimes , Crime in mass media
- Language: English
- Type: Thesis , Masters , MA
- Identifier: http://hdl.handle.net/10948/6323 , vital:21073
- Description: This study aimed to provide insights into the manner in which the representation of social media usage in relation to cyber-related crimes within selected South African newspapers can potentially shape the ideas and perceptions that society may have towards social networking channels. Drawing on the literature from fields such as developmental studies, new media studies, identity formation and cyber-criminality, an analysis of the Price Water House Coopers Global Economic Survey (2011) was used to provide some insight into the issue of cyber-crime within South Africa. The survey which was conducted by Price Water House Coopers revealed that South Africa is ranked second in the world with the highest rate of reported fraud cases. According to them this rate is comparatively higher than the escalating percentage of cases reported in the United States and other nations. In order to correlate and illustrate some of the findings of the survey and that which was found through primary research, an in-depth content analysis applying limited designations analysis and detailed assertions analysis techniques (Du Plooy, 2007) has been performed on selected content from local print and online publications such as The Herald, Algoa Sun, The Weekend Post, The Sunday Times and News24, from the time period of January 2009 until January 2012. Herewith, a total of 125 articles were analysed in order to determine the tone and thematic nature of the communication within the respective platforms. Furthermore, the mass media has been argued as being the main platform of communication within society. Whereby, different communication techniques are used to communicate with different target audiences. On a theoretical level, the study explored whether or not social media perpetuates the prejudices of the modernisation theory or serves to challenge such prejudices. Furthermore, the study explored whether social media may potentially have an impact on the reported cyber-related crimes. Associated theory such as the representation theory, globalization, the privacy trust model, social contract theory, media richness theory, participatory theory, convergence, the digital divide, media-centricity, dependency and identity formation has been explored. It was found that social networking sites Facebook and Mxit have been represented as the most common platforms of cyber-related crime and women and teenagers are the most popular victims. The likelihood of individuals being exposed to cyber-crime within social networks is high due to the fact in order to develop online relationships, personal information needs to be shared. The Privacy Trust model was identified as being an important factor which shaped the findings of this study. This is due to the fact that a certain level of trust is held by social network subscribers to the Internet hosts who they entered into a social contract with and with their friends.
- Full Text:
- Date Issued: 2013
Cyber crime affecting some businesses in South Africa
- Authors: Herselman, Martha Elizabeth
- Date: 2003
- Subjects: Computer crimes , Business enterprises -- South Africa
- Language: English
- Type: Thesis , Masters , MTech (Business Information Systems)
- Identifier: vital:10793 , http://hdl.handle.net/10948/212 , Computer crimes , Business enterprises -- South Africa
- Description: This study shows that cyber crime is a recent addition to the list of crimes that can adversely affect businesses directly of indirectly. This phenomenon was not directly prosecutable in South Africa until the enactment of the ECT Act in July 2002. However this Act also prevents businesses to fully prosecute a hacker due to incompleteness. Any kind of commercially related crime can be duplicated as cyber crime. Therefore very little research appears or has been documented about cyber crime in South African companies before 2003.11.21 The motivation to do this study was that businesses often loose millions in cyber attacks, not necessarily through direct theft but by the loss of service and damage to the image of the company. Most of the companies that were approached for interviews on cyber crime were reluctant to share the fact that they were hacked or that cyber crime occurred at their company as it violates their security policies and may expose their fragile security platforms. The purpose of this study was to attempt to get an overall view on how South African businesses are affected by cyber crime in the banking and short term insurance sector of the South African industry and also to determine what legislation exist in this country to protect them. The case study approach was used to determine the affect of cyber crime on businesses like banks and insurance companies. Each case was interviewed, monitored and was observed over a period of a year. This study discloses the evaluation of the results of how cyber crime affected the cases, which were part of this study. The banks felt that they were at an increased risk both externally and internally, which is likely to increase as the migration towards electronic commerce occurs. The insurance industry felt that they are not yet affected by external cyber crime attacks in this country.
- Full Text:
- Date Issued: 2003