25 resultados para Theft.
em Queensland University of Technology - ePrints Archive
Resumo:
In New Zealand, 200,000 licensed shooters (5.5% of the population) own an estimated 1 million firearms, 9 times more guns per capita than in England and Wales and 20% more than in Australia. Based on a 3 year study of firearm theft in New Zealand, this paper concludes that insecure storage of lawfully held weapons by licensed owners poses a significant public health and safety risk. Furthermore, this paper concludes that the failure of the police to enforce New Zealand gun security laws, and the government's hesitancy to develop firearm education and regulation policies, exacerbates insecure firearm storage, a key factor in firearm-related theft, injury, suicide, violence and criminal activity.
Resumo:
The increase of online services, such as eBanks, WebMails, in which users are verified by a username and password, is increasingly exploited by Identity Theft procedures. Identity Theft is a fraud, in which someone pretends to be someone else is order to steal money or get other benefits. To overcome the problem of Identity Theft an additional security layer is required. Within the last decades the option of verifying users based on their keystroke dynamics was proposed during login verification. Thus, the imposter has to be able to type in a similar way to the real user in addition to having the username and password. However, verifying users upon login is not enough, since a logged station/mobile is vulnerable for imposters when the user leaves her machine. Thus, verifying users continuously based on their activities is required. Within the last decade there is a growing interest and use of biometrics tools, however, these are often costly and require additional hardware. Behavioral biometrics, in which users are verified, based on their keyboard and mouse activities, present potentially a good solution. In this paper we discuss the problem of Identity Theft and propose behavioral biometrics as a solution. We survey existing studies and list the challenges and propose solutions.
Resumo:
The analysis and value of digital evidence in an investigation has been the domain of discourse in the digital forensic community for several years. While many works have considered different approaches to model digital evidence, a comprehensive understanding of the process of merging different evidence items recovered during a forensic analysis is still a distant dream. With the advent of modern technologies, pro-active measures are integral to keeping abreast of all forms of cyber crimes and attacks. This paper motivates the need to formalize the process of analyzing digital evidence from multiple sources simultaneously. In this paper, we present the forensic integration architecture (FIA) which provides a framework for abstracting the evidence source and storage format information from digital evidence and explores the concept of integrating evidence information from multiple sources. The FIA architecture identifies evidence information from multiple sources that enables an investigator to build theories to reconstruct the past. FIA is hierarchically composed of multiple layers and adopts a technology independent approach. FIA is also open and extensible making it simple to adapt to technological changes. We present a case study using a hypothetical car theft case to demonstrate the concepts and illustrate the value it brings into the field.
Resumo:
Advances in information and communications technologies during the last two decades have allowed organisations to capture and utilise data on a vast scale, thus heightening the importance of adequate measures for protecting unauthorised disclosure of personal information. In this respect, data breach notification has emerged as an issue of increasing importance throughout the world. It has been the subject of law reform in the United States and in other international jurisdictions. Following the Australian Law Reform Commission’s review of privacy, data breach notification will soon be addressed in Australia. This article provides a review of US and Australian legal initiatives regarding the notification of data breaches. The authors highlight areas of concern based on the extant US literature that require specific consideration in Australia regarding the development of an Australian legal framework for the notification of data breaches.
Resumo:
As network capacity has increased over the past decade, individuals and organisations have found it increasingly appealing to make use of remote services in the form of service-oriented architectures and cloud computing services. Data processed by remote services, however, is no longer under the direct control of the individual or organisation that provided the data, leaving data owners at risk of data theft or misuse. This paper describes a model by which data owners can control the distribution and use of their data throughout a dynamic coalition of service providers using digital rights management technology. Our model allows a data owner to establish the trustworthiness of every member of a coalition employed to process data, and to communicate a machine-enforceable usage policy to every such member.
Resumo:
Public and private sector organisations are now able to capture and utilise data on a vast scale, thus heightening the importance of adequate measures for protecting unauthorised disclosure of personal information. In this respect, data breach notification has emerged as an issue of increasing importance throughout the world. It has been the subject of law reform in the United States and in other jurisdictions. This article reviews US, Australian and EU legal developments regarding the mandatory notification of data breaches. The authors highlight areas of concern based on the extant US experience that require further consideration in Australia and in the EU.
Resumo:
Contemporary rural crime is more varied and sophisticated than it once was. The new forms range from agricultural crimes, such as the theft of water designated for agricultural production, to environmental crimes such as the illegal dumping of waste. They take place side by side with “traditional” rural crimes such as cattle duffing while “urban” crimes such as drug and alcohol abuse and violent assaults are also prevalent, and on the rise. Crime in Rural Australia covers them all. It brings together leading academics who examine the major dimensions of crime and justice in rural and regional Australia including: •the extent of rural crime •farm crime •violence •juvenile crime •policing •Indigenous crime and justice •crime prevention •drugs •fear of crime, and •sentencing and punishment. It includes vignettes on rural policing and the stock squad from the perspectives of the NSW police. An ideal text for rural crime and criminology courses, Crime in Rural Australia will also be of interest to criminal justice practitioners, policy-makers, and criminology scholars. Three of the editors, Dr Elaine Barclay, Dr John Scott and Associate Professor Russell Hogg, are associated with the Centre for Rural Crime at the University of New England. Professor Joseph F. Donnermeyer is the International Research Co-ordinator for the Rural Crime Centre and is a leading US scholar on rural crime at Ohio State University.
Resumo:
Transnational environmental crime must become a government priority, as organised criminal networks continue to exploit the environment with unprecedented profits. Such earnings come at a substantial social, economic and environmental expense for communities and their livelihoods. Indeed, organised environmental crime is identified by the United Nations as a key factor in the impoverishment, displacement and violent conflicts affecting millions of people — notably in developing societies.2 It is widely recognised that organised environmental crime syndicates, motivated by substantial financial rewards, continue to flourish and expand in disadvantaged societies with porous borders, where corruption is widespread and regulation is poor. The theft of biodiversity and the demise of animal species and habitats have resulted not only in financial loss, but also in an increase in “environmental refugees” — people dislocated and forced to migrate due to loss of livelihoods.
Resumo:
There is no doubt that social engineering plays a vital role in compromising most security defenses, and in attacks on people, organizations, companies, or even governments. It is the art of deceiving and tricking people to reveal critical information or to perform an action that benefits the attacker in some way. Fraudulent and deceptive people have been using social engineering traps and tactics using information technology such as e-mails, social networks, web sites, and applications to trick victims into obeying them, accepting threats, and falling victim to various crimes and attacks such as phishing, sexual abuse, financial abuse, identity theft, impersonation, physical crime, and many other forms of attack. Although organizations, researchers, practitioners, and lawyers recognize the severe risk of social engineering-based threats, there is a severe lack of understanding and controlling of such threats. One side of the problem is perhaps the unclear concept of social engineering as well as the complexity of understand human behaviors in behaving toward, approaching, accepting, and failing to recognize threats or the deception behind them. The aim of this paper is to explain the definition of social engineering based on the related theories of the many related disciplines such as psychology, sociology, information technology, marketing, and behaviourism. We hope, by this work, to help researchers, practitioners, lawyers, and other decision makers to get a fuller picture of social engineering and, therefore, to open new directions of collaboration toward detecting and controlling it.
Resumo:
A victim of phishing emails could be subjected to money loss and identity theft. This paper investigates the different types of phishing email victims, with the goal of increasing such victims' defences. To obtain this kind of information, an experiment which involves sending a phishing email to participants is conducted. Quantitative and qualitative methods are also used to collect users' information. A model for detecting deception has been employed to understand victims' behaviour. This paper reports the qualitative results. The findings suggest that victims of phishing emails do not always exhibit the same vulnerability. The cause of being a victim is a result of three weaknesses in the detection process: (1) lack of knowledge; (2) weak confirmation channel, and; (3) victims' high propensity towards risk-taking. Therefore, it is suggested that users be provided with suitable confirmation channels and be more risk averse in their behaviour so that they would not fall victim to phishing emails.
Resumo:
Royal commissions are approached not as exercises in legitimation and closure but as sites of struggle that are heavily traversed by power holders yet are open to the voices of alternative and unofficial social groups, social movements, and individuals. Three case studies are discussed that highlight the hegemony of the legal methodology and discourse that dominate many inquiries. The first case, involving a single-case miscarriage inquiry, involves a man who was accused, convicted, and served a prison sentence for the murder of his wife. Nineteen years following the murder another man confessed to the crime. The official inquiry found that nothing had gone wrong in the criminal justice process; it had operated as it should. Thus, in the face of evidence that the criminal justice process may be flawed, the discursive strategy became one of silence; no explanation was offered except for the declaration that nothing had gone wrong. The fallibility of the criminal justice system was thus hidden from public view. The second case study examines the Wood Royal Commission into corruption charges within the NSW Police Service. The royal commission revealed a bevy of police misconduct offenses including process corruption, improper associations, theft, and substance abuse, among others. The author discusses the ways in which the other criminal justice players, the judiciary and prosecuting attorneys, emerge only briefly as potential ethical agents in relation to police misconduct and corruption and then abruptly disappear again. Yet, these other players are absolved of any responsibility for police misconduct. The third case study involves a spin-off inquiry into the facts surrounding the Leigh Leigh rape and murder case. This case illustrates how official inquires can seek to exclude non-traditional viewpoints and methodologies; in this case, the views of a feminist criminologist. The third case also illustrates how the adversarial process within the legal system allows those with power to subjugate the viewpoints of others through the legitimate use of cross-examination. These three case studies reveal how official inquiries tend to speak from an “idealized conception of justice” and downplay any viewpoint that questions this idealized version of the truth.
Resumo:
Introduction Cybercrime consists of any criminal action or behaviour that is committed through the use of Information Technology. Common examples of such activities include cyber hacking, identity theft, cracking, spamming, social engineering, data tampering, online fraud, programming attacks, etc. The pervasive use of the internet clearly indicates that the impacts of cybercrime is far reaching and any one, may it be a person or an entity can be a victim of cybercriminal activities. Recently in the US, eight members of a global cybercrime ring were charged in one of the biggest ever bank heists. The cybercrime gang allegedly stole US$45 million by hacking into credit card processing firms and withdrawing money from ATMs in 27 countries (Jessica et al. 2013). An extreme example, the above case highlights how IT is changing the way crimes are being committed. No longer do criminals use masks, guns and get-a-way cars, criminals are able to commit crimes in the comfort of their homes, millions of miles from the scene of the crime and can access significant sums of money that can financially cripple organisations. The world is taking notice of this growing threat and organisations in the Pacific must also be proactive in tackling this emerging issue.
Resumo:
We introduce Kamouflage: a new architecture for building theft-resistant password managers. An attacker who steals a laptop or cell phone with a Kamouflage-based password manager is forced to carry out a considerable amount of online work before obtaining any user credentials. We implemented our proposal as a replacement for the built-in Firefox password manager, and provide performance measurements and the results from experiments with large real-world password sets to evaluate the feasibility and effectiveness of our approach. Kamouflage is well suited to become a standard architecture for password managers on mobile devices.
Resumo:
Phishing is deceptive collection of personal information leading to embezzlement, identity theft, and so on. Preventive and combative measures have been taken by banking institutions, software vendors, and network authorities to fight phishing. At the forefront of this resilience are consortiums such as APWG (Anti-Phishing Working Group) and PhishTank, the latter being a collaborative platform where everyone can submit potentially phishing web-pages and classify web-pages as either phish or genuine. PhishTank also has an API that the browsers use to notify users when she tries to load a phishing page. There are some organizations and individuals who are very active and highly accurate in classifying web-pages on PhishTank. In this paper, we propose a defense model that uses these experts to fight phishing.
Resumo:
Numeric set watermarking is a way to provide ownership proof for numerical data. Numerical data can be considered to be primitives for multimedia types such as images and videos since they are organized forms of numeric information. Thereby, the capability to watermark numerical data directly implies the capability to watermark multimedia objects and discourage information theft on social networking sites and the Internet in general. Unfortunately, there has been very limited research done in the field of numeric set watermarking due to underlying limitations in terms of number of items in the set and LSBs in each item available for watermarking. In 2009, Gupta et al. proposed a numeric set watermarking model that embeds watermark bits in the items of the set based on a hash value of the items’ most significant bits (MSBs). If an item is chosen for watermarking, a watermark bit is embedded in the least significant bits, and the replaced bit is inserted in the fractional value to provide reversibility. The authors show their scheme to be resilient against the traditional subset addition, deletion, and modification attacks as well as secondary watermarking attacks. In this paper, we present a bucket attack on this watermarking model. The attack consists of creating buckets of items with the same MSBs and determine if the items of the bucket carry watermark bits. Experimental results show that the bucket attack is very strong and destroys the entire watermark with close to 100% success rate. We examine the inherent weaknesses in the watermarking model of Gupta et al. that leave it vulnerable to the bucket attack and propose potential safeguards that can provide resilience against this attack.
