Правовые справочные документы 8 страница

^[619] Regarding the distribution of hacking tools, see: CC Cert, "Overview of Attack Trends", 2002, page 1, available at: http://www.cert.org/archive/pdfattack_trends.pdf.

^[620] See CC Cert, "Overview of Attack Trends", 2002, page 1, available at: http://www.cert.org/archive/pdf/attack_trends.pdf.

^[621] Nearly 50% of all fraud complains reported to the United States Federal Trade Commission are related to a amount paid between 0 and 25 USD. See Consumer Fraud and Identity Theft Complain Data - January - December 2006, Federal Trade Commission, available at: http://www.consumer.gov/sentinel/pubs/Top10Fraud2006.pdf.

^[622] See 'spam Issue in Developing Countries", Page 4, available at: http://www.oecd.org/dataoecd/5/47/34935342.pdf

^[623] Gordon Moore observed that the power of computers per unit cost doubles every 24 months (Moore's Law).

^[624] Regarding the attacks, see: Lewis, "Cyber Attacks Explained", 2007, available at: http://www.csis.org/media/csis/pubs/070615_cyber_attacks.pdf; "A cyber-riot", The Economist, 10.05.2007, available at: http://www.economist.com/world/europe/PrinterFriendly.cfm?story_id=9163598; "Digital Fears Emerge After Data Siege in Estonia", The New York Times, 29.05.2007, available at:

http://www.nytimes.com/2007/05/29/technology/29estonia.html?ei=5070&en=2e77eb21a1ab42ac&ex=1188360000&pagewanted=print.

^[625] See: Toth, "Estonia under cyber attack", http://www.cert.hu/dmdocuments/Estonia_attack2.pdf.

^[626] See: lanelli/Hackworth, "Botnets as a Vehicle for Online Crime", 2005, page 3, available at: http://www.cert.org/archive/pdf/Botnets.pdf;

^[627] See: lanelli/Hackworth, "Botnets as a Vehicle for Online Crime", 2005, available at: http://www.cert.org/aichive/pdfBotnets.pdf; Barford/Yegneswaran, "An Inside Look at Botnets", available at: http://pages.cs.wisc.edu/~pb/botnets_final.pdf; Jones, "BotNets: Detection and Mitigation".

^[628] See "Emerging Cybersecurity Issues Threaten Federal Information Systems", GAO, 2005, available at: http://www.gao.gov/new.items/d05231.pdf.

^6zt2 Keizer, Duch "Botnet Suspects Ran 1.5 Million Machines", TechWeb, 21.10.2005, available at http://www.techweb.com/wire/172303160

^[630] See Weber, "Criminals may overwhelm the web", BBC News, 25.01.2007, available at http://news.bbc.co.uk/go/pr/fr/-/1/hi/business/6298641.stm.

^[631] E.g. Botnets were used for the DoS attacks against computer systems in Estonia. See: Toth, "Estonia under cyber attack", http://www.cert.hu/dmdocuments/Estonia_attack2.pdf.

^[632] "Over one million potential victims of botnet cyber crime", United States Department of Justice, 2007, available at: http://www.ic3.gov/media/initiatives/BotRoast.pdf.

^[633] Staniford/Paxson/Weaver, "How to Own the Internet in Your Space Time", 2002, available at: http://www.icir.org/vern/papers/cdc-usenix- sec02/cdc.pdf.

^[634] Gercke, DUD 2003, 477 et seq.; Lipson, "Tracking and Tracing Cyber-Attacks: Technical Challenges and Global Policy Issues".

^[635] Regarding the necessary instruments, see below: Chapter 6.2. One solution that is currently being discussed is data retention. Re the possibilities and risks of data retention, see: Allitsch, "Data Retention on the Internet - A measure with one foot offside?", Computer Law Review International 2002, page 161 et seq.

^[636] The term "quick freeze" is used to describe the immediate preservation of data on request of law enforcement agencies. For more information, see below: Chapter 6.2.4.

^[637] The 24/7 network point pursuant to Art. 35 Convention on Cybercrime is a contact point appointed to reply to requests from law enforcement agencies outside the country. For more information, see below: Chapter 6.3.8.

^[638] The graphical user interface called World Wide Web (WWW) was created in 1989.

^[639] The development of the graphical user interface supported content-related offences in particular. For more information, see above: Chapter 2.5.

^[640] For more information see above: Chapter 2.5.5.

^[641] Regarding the interception of VoIP by law enforcement agencies, see Bellovin and others, "Security Implications of Applying the Communications Assistance to Law Enforcement Act to Voice over IP", available at http://www.itaa.org/news/docs/CALEAVOIPreport.pdf; Simon/Slay, "Voice over IP: Forensic Computing Implications", 2006, available at:

http://scissec.scis.ecu.edu.au/wordpress/conference_proceedings/2006/forensics/Simon%20Slay%20-%20Voice%20over%20IP- %20Forensic%20Computing%20Implications.pdf.

^[642] With regard to the interception of peer-to-peer based VoIP communications, law enforcement agencies need to concentrate on carrying out the interception by involving the Access Provider.

^[643] Regarding the implication of the use of cell phones as storage media on computer forensics, see: Al-Zarouni, "Mobile Handset Forensic Evidence: a challenge for Law Enforcement", 2006, available at: http://scissec.scis.ecu.edu.au/wordpress/conference_proceedings/2006/forensics/Al- Zarouni%20-%20Mobile%20Handset%20Forensic%20Evidence%20-%20a%20challenge%20for%20Law%20Enforcement.pdf.

^[644] On the advantages of wireless networks for the development of an IT infrastructure in developing countries, see: "The Wireless Internet Opportunity for Developing Countries", 2003, available at: http://www.firstmilesolutions.com/documents/The_WiFi_Opportunity.pdf.

^[645] Regarding the challenges related to anonymous communication see: Sobel, The Process that "John Doe" is Due: Addressing the Legal Challenge to Internet Anonymity, Virginia Journal of Law and Technology, Symposium, Vol.5, 2000, available at: http://www.vjolt.net/vol5/symposium/v5i1 a3- Sobel.html.

^[646] Re legislative approaches requiring identification prior to the use of public terminals, see Art. 7 of the Italian Decree-Law No. 144. For more information see Hosse, Italy: Obligatory Monitoring of Internet Access Points, Computer und Recht International, 2006, page 94 et seq. and below:

_[647] Chapter 6.2.14

⁶⁶¹ Regarding the difficulties that are caused if offenders use open wireless networks, see above: Chapter 3.2.3.

^[648] Regarding technical approaches in tracing back users of Anonymous Communication Servers based on the TOR structure see: Forte, Analyzing the Difficulties in Backtracing Onion Router Traffic, International Journal of Digital Evidence, Vol. 1, Issue 3, available at: https://www.utica.edu/academic/institutes/ecii/publications/articles/A04AA07D-D4B8-8B5F-450484589672E1F9.pdf;

^[649] See: Claessens/Preneel/Vandewalle, 'solutions for Anonymous Communication on the Internet", 1999.

^[650] Regarding the possibilities of tracing offenders using e-mail headers, see: Al-Zarouni, "Tracing Email Headers", 2004, available at: http://scissec.scis.ecu.edu.au/publications/forensics04/Al-Zarouni.pdf.

^[651] Donath, 'sociable Media", 2004, available at: http://smg.media.mit.edu/papers/Donath/SociableMedia.encyclopedia.pdf.

^[652] Regarding the possibilities of tracing offenders of computer-related crimes, see: Lipson, "Tracking and Tracing Cyber-Attacks: Technical Challenges and Global Policy Issues". Regarding the benefits of anonymous communication see: Du Pont, The time has come for limited liability for operators of true Anonymity Remails in Cyberspace: An Examination of the possibilities and perils, Journal of Technology Law and Policy, Vol. 6, Issue 2, available at: http://grove.ufl.edu/~techlaw/vol6/issue2/duPont.pdf.

^[653] (33) The introduction of itemised bills has improved the possibilities for the subscriber to check the accuracy of the fees charged by the service provider but, at the same time, it may jeopardise the privacy of the users of publicly available electronic communications services. Therefore, in order to preserve the privacy of the user, Member States should encourage the development of electronic communication service options such as alternative payment facilities which allow anonymous or strictly private access to publicly available electronic communications services [...]. Source: Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications).

^[654] Article 37 - Traffic and billing data 1. Without prejudice to the provisions of paragraphs 2, 3 and 4, traffic data relating to users which are processed and stored to establish calls and other connections over the telecommunications network shall be erased or made anonymous upon termination of the call or other connection. - Regulation (EC) no 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data.

⁶® See below: Chapter 6.2.11.

^[656] Decree-Law 27 July 2005, no. 144. - Urgent measures for combating international terrorism. For further information on the Decree-Law, see, for example, the article "Privacy and data retention policies in selected countries", available at: http://www.ictregulationtoolkit.org/en/PracticeNote.aspx?id=2026.

^[657] Regarding the technical discussion about traceability and anonymity, see: "CERT Research 2006 Annual Report", page 7 et seqq., available at: http://www.cert.org/archive/pdf/cert_rsch_annual_rpt_2006.pdf.

^[658] Regarding the impact on computer forensic and criminal investigations, see: See Huebner/Bem/Bem, "Computer Forensics - Past, Present And Future", No.6, available at: http://www.scm.uws.edu.au/compsci/computerforensics/ Publications/Computer_Forensics_Past_Present_Future.pdf.

^[659] 74 per cent of respondents of the 2006 E-Crime Watch Survey mentioned encryption technology as one of the most efficient e-crime fight technologies. For more information, see: "2006 E-Crime Watch Survey", page 1, available at: http://www.cert.org/archive/pdf/ecrimesurvey06.pdf

^[660] Singh; "The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography", 2006; D 'Agapeyen, "Codes and Ciphers - A History of Cryptography", 2006; "An Overview of the History of Cryptology", available at: http://www.cse-cst.gc.ca/documents/about- cse/museum.pdf.

^[661] Regarding the consequences for the law enforcement, Denning observed: "The widespread availability of unbreakable encryption coupled with anonymous services could lead to a situation where practically all communications are immune from lawful interception and documents from lawful search and seizure, and where all electronic transactions are beyond the reach of any government regulation or oversight. The consequences of this to public safety and social and economic stability could be devastating". Excerpt from a presentation given by Denning, "The Future of Cryptography", to the joint Australian/OECD conference on Security, February, 1996. Regarding practical approaches to recover encrypted evidence see: Casey Practical Approaches to Recovering Encrypted Digital Evidence, International Journal of Digital Evidence, Vol. 1, Issue 3, available at: https://www.utica.edu/academic/institutes/ecii/publications/articles/A04AF2FB-BD97-C28C-7F9F4349043FD3A9.pdf.

^[662] Regarding the use of cryptography by terrorists, see: Zanini/Edwards, "The Networking of Terror in the Information Age", in Arquilla/Ronfeldt, "Networks and Netwars: The Future of Terror, Crime, and Militancy", page 37, available at: http://192.5.14.110/pubs/monograph_reports/MR1382/MR1382.ch2.pdf. Flamm, "Cyber Terrorism and Information Warfare: Academic Perspectives: Cryptography", available at: http://www.terrorismcentral.com/Library/Teasers/Flamm.html.

^[663] See: Wolak/Finkelhor/Mitchell, "Child-Pornography Possessors Arrested in Internet-Related Crimes: Findings From the National Juvenile Online Victimization Study", 2005, page 9, available at: http://www.missingkids.com/en_US/publications/NC144.pdf.

^[664] Denning/Baugh, Encryption and Evolving Technologies as Tolls of Organised Crime and Terrorism, 1997, available at: http://www.cs.georgetown.edu/~denning/crypto/oc-rpt.txt.

^[665] Regarding the most popular tools, see: Frichot, "An Analysis and Comparison of Clustered Password Crackers", 2004, page 3, available at: http://scissec.scis.ecu.edu.au/publications/forensics04/Frichot-1.pdf; Regarding practical approaches in responding to the challenge of encryption see: Siegfried/Siedsma/Countryman/Hosmer, Examining the Encryption Threat, International Journal of Digital Evidence, Vol. 2, Issue 3, available at: https://www.utica.edu/academic/institutes/ecii/publications/articles/A0B0C4A4-9660-B26E-12521C098684EF12.pdf;

^[666] Examples include the software Pretty Good Privacy (see http://www.pgp.com) or True Crypt (see http://www.truecrypt.org).

^[667] See "Data Encryption, Parliament Office for Science and Technology No. 270", UK, 2006, page 3, available at: http://www.parliament.uk/documents/upload/postpn270.pdf.

^[668] Brute force attack is one method of defeating a cryptographic scheme by trying a large number of possible codes.

^[669] Schneier, "Applied Cryptography", Page 185; Bellare/Rogaway, "Introduction to Modern Cryptography", 2005, page 36, available at: http://www.cs.ucdavis.edu/~rogaway/classes/227/spring05/book/main.pdf.

^[670] 1099512 seconds.

^[671] Equivalent to 10790283070806000000 years.

^[672] This technology is called BitLocker. For more information, see: "Windows Vista Security and Data Protection Improvements", 2005, available at: http://technet.microsoft.com/en-us/windowsvista/aa905073.aspx.

^[673] See Leyden, "Vista encryption 'no threat' to computer forensics", The Register, 02.02.2007, available at: http://www.theregister.co.uk/2007/02/02/computer_forensics_vista/.

^[674] Regarding the encryption technology used by Skype (www.skype.com), see: Berson, "Skype Security Evaluation", 2005, available at: http://www.skype.com/security/files/2005-03l%20security%20evaluation.pdf.

^[675] Phil Zimmermann, the developer of the encryption software PGP developed a plug-in for VoIP software that can be used to install added encryption, in addition to the encryption provided by the operator of the communication services. The difficulty arising from the use of additional encryption methods is the fact that, even if the law enforcement agencies intercept the communications between two suspects, the additional encryption will hinder the analysis. For more information on the software, see: Markoff, "Voice Encryption may draw US Scrutiny", New York Times, 22.05.2006, available at: http://www.nytimes.com/2005/05/22/technology/22privacy.html?ex=1305950400&en=ee5ceb135748c9a1&ei=5088

Regarding the related challenges for law enforcement agencies, see: Simon/Slay, "Voice over IP: Forensic Computing Implications", 2006, available at: http://scissec.scis.ecu.edu.au/wordpress/conference_proceedings/2005/forensics/Simon%20Slay%20-%20Voice%20over'%20IP- %20Forensic%20Computing%20Implications.pdf.

^[676] Simon/Slay, "Voice over IP: Forensic Computing Implications", 2006, available at: http://scissec.scis.ecu.edu.au/wordpress/conference_proceedings/2006/forensics/Simon%20Slay%20-%20Voice%20over%20IP- %20Forensic%20Computing%20Implications.pdf.

^[677] For farther information, see: Provos/Honeyman, "Hide and Seek: An Introduction to Steganography", available at: http://niels.xtdnet.nl/papers/practical.pdf; Kharrazi/Sencar/Memon, "Image Steganography: Concepts and Practice", available at: http://isis.poly.edu/~steganography/pubs/ims04.pdf; Labs, "Developments in Steganography", available at: http://web.media.mit.edu/~jrs/jrs_hiding99.pdf; Anderson/Petitcolas, "On The Limits of Steganography", available at:

http://www.cl.cam.ac.uk/~rja14/Papers/jsac98-limsteg.pdf; Curran/Bailey, An Evaluation of Image Based Steganography Methods, International Journal of Digital Evidence, Vol. 2, Issue 2, available at: https://www.utica.edu/academic/institutes/ecii/publications/articles/A0AD275C-EACF- 6F38-E32EFA1ADF1E36CC.pdf.

^[678] For practical detection approaches see: Jackson/Grunsch/Claypoole/Lamont, Blind Steganography Detection Using a Computational Immune: A Work in Progress, International Journal of Digital Evidence, available at:

https://www.utica.edu/academic/institutes/ecii/publications/articles/A04D31C4-A8D2-ADFD-E80423512B5AF885.pdf; Farid, Detecting Steganographic Messages in Digital Images, Technical Report TR2001-412, 2001; Friedrich/Goljan, Practical Steganalysis of Digital Images, Proceedings of SPIE Photonic West 2002: Electronic Imaging, Security and Watermarking of Multimedia Content IV, 4575, page 1 et seq.; Johnson/Duric/Jajodia, Information Hiding: Steganography and Watermarking, Attacks and Countermeasures, 2001.

^[679] See below: Chapter 5.2.9.

^[680] See below: Chapter 5.2.9.

^[681] See above: Chapter 3.2.8.

^[682] See BBC News, "Hacking: A history", 27.10.2000, available at: http://news.bbc.co.uk/1/hi/sci/tech/994700.stm.

^[683] An example of the integration of digital sources is Section 11, Subsection 3 of the German Penal Code: "Audio & visual recording media, data storage media, illustrations and other images shall be the equivalent of writings in those provisions which refer to this subsection."

^[684] Within this process the case law based Anglo-American Law System shows advantage with regard to the reaction time.

^[685] Computer Emergency Response Team. The CERT Coordination Center was founded in 1988 after the Morris worm incident, which brought 10 percent of internet systems to a halt in November 1988. For more information on the history of the CERT CC see: http://www.cert.org/meet_cert/; Goodman, Why the Police don't Care about Computer Crime, Harvard Journal of Law and Technology, Vol. 10, Issue 3, page 475.

^[686] Examples of international cooperation in the fight against cybercrime include the Council of Europe Convention on Cybercrime and the UN Resolution 55/63.

^[687] See below: Chapter 5.

^7œ See above: Chapter 2.7.1.

^[689] Regarding the offences recognised in relation to online games see above: Chapter 2.5.5.

^[690] Regarding the trade of child pornography in Second Life, see for example BBC, "Second Life "child abuse" claim", 09.05.2007, at: http://news.bbc.co.uk/go/pr/fr/-/1/hi/technology/6638331.stm; Reuters, Virtual Child Pornography illegal in Italy, 23.02.2007, at: http://secondlife.reuters.com/stories/2007/02/23/virtual-child-porn-illegal-in-italy/.

₇°₆ Gercke, Zeitschrift fuer Urheber- und Medienrecht 2007, 289 et seqq;

^[692] Reuters, "UK panel urges real-life treatment for virtual cash", 14.05.2007, available at: http://secondlife.reuters.com/stories/2007/05/14/uk-panel- urges-real-life-treatment-for-virtual-cash/.

^[693] Re the use of ICTs by terrorist groups, see: Conway, "Terrorist Use of the Internet and Fighting Back", Information and Security, 2006, page 16. Hutchinson, "Information terrorism: networked influence", 2006, available at: http://scissec.scis.ecu.edu.au/wordpress/conference_proceedings/2006/iwar/Hutchinson%20-

%20Information%20terrorism_%20networked%20influence.pdf. Gercke, "Cyberterrorism", Computer Law Review International 2007, page 64.

^[694] Data retention describes the collection of certain data (such as traffic data) through obliged institutions e.g., Access Providers. For more details, see below: Chapter 6.2.5.

^[695] Related to these concerns, see: "Advocate General Opinion", 18.07.2007, available at: http://eur- lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:62006C0275:EN:NOT#top.

^[696] Giordano, Electronic Evidence and the Law, Information Systems Frontiers, Vol. 6, No.2, 2006, page 161; Willinger/Wilson, Negotiating the Minefields of Electronic Discovery, Richmond Journal of Law & Technology, 2004, Vol.X, No.5.

^[697] Lange/Nimsger, Electronic Evidence and Discovery, 2004, 6.

^[698] Casey, Digital Evidence and Computer Crime, 2004, page 11; Lange/Nimsger, Electronic Evidence and Discovery, 2004, 1; Hosmer, Proving the Integrity of Digital Evidence with Time, International Journal of Digital Evidence, 2002, Vol.1, No.1, page 1.

^[699] Lange/Nimsger, Electronic Evidence and Discovery, 2004, 1; Regarding the historic development of computer forensics and digital evidence see: Whitcomb, An Historical Perspective of Digital Evidence: A Forensic Scientist's View, International Journal of Digital Evidence, 2002, Vol.1, No.1.

^[700] Casey, Digital Evidence and Computer Crime, 2004, page 12; The admissibility of Electronic evidence in court: fighting against high-tech crime, 2005, Cybex, available at: http://www.cybex.es/agis2005/elegir_idioma_pdf.htm.

^[701] Regarding the difficulties of dealing with digital evidence on the basis of the traditional procedures and doctrines see: Moore, To View or not to view: Examining the Plain View Doctrine and Digital Evidence, American Journal of Criminal Justice, Vol. 29, No. 1, 2004, page 57 et seq.

^[702] Hosmer, Proving the Integrity of Digital Evidence with Time, International Journal of Digital Evidence, 2002, Vol.1, No.1, page 1.

^[703] Moore, To View or not to view: Examining the Plain View Doctrine and Digital Evidence, American Journal of Criminal Justice, Vol. 29, No. 1, 2004, page 58.

^[704] Nolan/O'Sullivan/Branson/Waits, First Responders Guide to Computer Forensics, 2005, page 88.

^[705] See Haldermann/Schoen/Heninger/Clarkson/Paul/Calandrino/Feldmann/Applebaum/Felten, Lest We Remember: Colt Boot Attacks on Encryption Keys.

^[706] Casey, Digital Evidence and Computer Crime, 2004, page 20.

^[707] Regarding the different models of Cybercrime investigations see: Ciardhuain, An Extended Model of Cybercrime Investigation, International Journal of Digital Evidence, 2004, Vol.3, No.1; See as well Ruibin/Gaertner, Case-Relevance Information Investigation: Binding Computer Intelligence to the Current Computer Forensic Framework, International Journal of Digital Evidence, 2005, Vol. 4, No. 1 who are differentiating between six different phases.

^[708] This includes the development of investigation strategies

^[709] The second phase does especially cover the work of the so-called „First responder" and includes the entire process of collecting digital evidence. See: Nolan/O'Sullivan/Branson/Waits, First Responders Guide to Computer Forensics, 2005, page 88.

^[710] See Giordano, Electronic Evidence and the Law, Information Systems Frontiers, Vol. 6, No.2, 2006, page 162; Vacca, Computer Forensics, Computer Crime Scene Investigation, 2nd Edition, 2005, page 21; Ruibin/Gaertner, Case-Relevance Information Investigation: Binding Computer Intelligence to the Current Computer Forensic Framework, International Journal of Digital Evidence, 2005, Vol. 4, No. 1; Reith/Carr/Gunsch, Examination of Digital Forensic Models, International Journal of Digital Evidence, 2002, Vol.1, No.2, page 3.

^[711] Lange/Nimsger, Electronic Evidence and Discovery, 2004, 3; Kerr, Searches and Seizure in a Digital World, Harvard Law Review, Vol 119, page

_[712] ^532.

⁷²⁶ Gordon/Hosmer/Siedsma/Rebovich, Assessing Technology, Methods, and Information for Committing and Combating Cyber Crime, 2002, page 57.

^[713] See Vacca, Computer Forensics, Computer Crime Scene Investigation, 2nd Edition, 2005, page 48; Lange/Nimsger, Electronic Evidence and Discovery, 2004, 9; Gordon/Hosmer/Siedsma/Rebovich, Assessing Technology, Methods, and Information for Committing and Combating Cyber Crime, 2002, page 63.

^[714] Ruibin/Gaertner, Case-Relevance Information Investigation: Binding Computer Intelligence to the Current Computer Forensic Framework, International Journal of Digital Evidence, 2005, Vol. 4, No. 1.

^[715] This does for example include the reconstruction of operating processes. See Vacca, Computer Forensics, Computer Crime Scene Investigation, 2nd Edition, 2005, page 30.

^[716] This does for example include the identification of storage locations. See Lange/Nimsger, Electronic Evidence and Discovery, 2004, 24.

^[717] Lange/Nimsger, Electronic Evidence and Discovery, 2004, 6; Gordon/Hosmer/Siedsma/Rebovich, Assessing Technology, Methods, and Information for Committing and Combating Cyber Crime, 2002, page 38.

^[718] Siegfried/Siedma/Countryman/Hosmer, Examining the Encrpytion Threat, International Journal of Digital Evidence, 2004, Vol. 2, No.3. Regarding the decryption process within forensic investigations see: Gordon/Hosmer/Siedsma/Rebovich, Assessing Technology, Methods, and Information for Committing and Combating Cyber Crime, 2002, page 59.

^[719] Regarding the differnet sources that can be used to extract traffic data see: Marcella/Marcella/Menendez, Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes, 2007, page 163 et seq.

^[720] Clarke/Sandberg/Wiley/Hong, "Freenet: a distributed anonymous information storage and retrieval system", 2001; Chothia/Chatzikokolakis, "A Survey of Anonymous Peer-to-Peer File-Sharing", available at: http://www.spinellis.gr/pubs/jrnl/2004-ACMCS-p2p/html/AS04.pdf; Han/Liu/Xiao;Xiao, "A Mutual Anonymous Peer-to-Peer Protocol Design", 2005. See also above: Chapter 3.2.l.

^[721] For an overview about the tools used, see Ealy, "A New Evolution in Hack Attacks: A General Overview of Types, Methods, Tools, and Prevention", available at: http://www.212cafe.com/download/e-book/A.pdf. For more information, see above: Chapter 3.2.h.

^[722] The term "Cybersecurity" is used to summarise various activities such as the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user's assets. Organization and user's assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment. Cybersecurity strives to ensure the attainment and maintenance of the security properties of the organization and user's assets against relevant security risks in the cyber environment. Regarding the definition of cybersecurity, ITU-T Recommendation X.1205 "Overview of Cybersecurity" provides a definition, description of technologies, and network protection principles. "Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user's assets. Organization and user's assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment. Cybersecurity strives to ensure the attainment and maintenance of the security properties of the organization and user's assets against relevant security risks in the cyber environment. The general security objectives comprise the following: Availability; Integrity, which may include authenticity and non- repudiation; Confidentiality." Also see ITU, List of Security-Related Terms and Definitions, available at: http://www.itu.int/dms_pub/itu-

---

Дата добавления: 2015-12-19; просмотров: 7; Мы поможем в написании вашей работы!

Поделиться с друзьями:

---

---

Мы поможем в написании ваших работ!