What Is Computer Erasing?
The definition given by the Computer Management and Supervision Department of the Ministry of Public Security is: The so-called computer crime refers to the use of computer information systems or computer information knowledge as a means in the field of information activities, or the computer information systems that cause harm to countries, groups or individuals. The law stipulates that penalties should be imposed.
- Clearly defining the regulatory object is an important part of legal regulation. The emergence of new legal fields always inevitably involves the correct definition and identification of certain types of crimes. When scholars first discussed legislation on computer abuse, they quickly realized the problem. A unified definition of computer crime is of great benefit to both law enforcement and general business enterprises. Clearly defining the regulatory object is an important part of legal regulation. The emergence of new legal fields always inevitably involves the correct definition and identification of certain types of crimes.
- The definition given by the Computer Management and Supervision Department of the Ministry of Public Security is: The so-called computer crime is the use of information in the field of information activities.
- Computer crime falls into three broad categories:
- (1) Computer-based crimes, such as attacks against personal computers or networks by perpetrators. These attacks include "illegal access to information stored on the target computer or network, or illegal destruction of such information; stealing the electronic identity of others, etc. ";
- (2) Computer-based crimes, such as hacking, Trojan horses, worms, spreading viruses, and logic bombs when the computer is the crime scene, the source, cause, or specific form of property damage;
- (3) Traditional crimes where computers are used as criminal tools, such as the use of computer systems to steal credit card information of others, or to store, spread obscene items, and spread child pornography through computers connected to the Internet [1]
- For different types of crimes, such as computer-based crimes, the investigative methods used should also be classified and organized in an orderly manner. The steps involved in the investigation are nothing more than the following: on-site investigation; determination of whether the evidence and materials are filed; analysis of the case and formulation of an investigation plan; seizure and identification of evidence; reduction of the detection of the case; As far as the investigation focus and requirements of several types of typical computer crimes are concerned, there are the following aspects:
- Key points and requirements for investigation of cases of illegal intrusion into computer information systems
- This aspect includes log file analysis, electronic file comparison query, IP positioning, electronic evidence extraction and preservation, daily management, supervision and inspection. Many Internet users and individuals have a weak awareness of security, and there are situations of emphasis on application, security, efficiency, and management, such as user passwords being too simple and server systems failing to download upgrade patches in a timely manner. Management responsibilities, especially for key units, should be strengthened by inspection and supervision.
- Key points and requirements for investigation of cases of computer information system breach
- The focus of investigation on the crime of undermining the information system is generally reflected in: first, timely detection of the offender's means of committing crimes; investigators must break through the existing imprisonment technically; second, the design of investigation experiments; Investigators need to make a comprehensive analysis from the environment, technology, motivational purpose, and obtained witness and material evidence, based on the crime method, establish an indirect evidence system with electronic evidence as the core, and identify criminal suspects.
- Key points and requirements of investigations in cases of illegal production and dissemination of computer viruses
- The investigation of this type of cases is also difficult, and the focus of investigating activities should be on deciphering the source code and obtaining indirect evidence. At the same time, due to the difficulty of investigating such cases, while conducting conventional investigation measures, If necessary, experts who specialize in computer virus research should be hired to assist in the investigation. Our investigators must not only master advanced scientific and technological methods, but also need to be proficient in applying various traditional investigative methods.
- Focus and requirements of computer-based crime investigation
- For the crimes of misappropriation of network equipment and various resources, the focus of investigations on crimes committed by computers as tools and the requirements for crimes of misappropriation of network equipment and various resources should be carefully investigated, and careful analysis of possible electronic evidence and Vulnerabilities are flawed. If necessary, relevant computer professionals must be hired to assist in the investigation. The investigation of cases of embezzlement of public and private property should focus on the analysis of log files and management records. Personnel's access to the machine and the Internet can be found from the management records. The investigation of criminal acts that use the Internet to produce and disseminate obscene items should strengthen the monitoring of Internet information and extract evidence in a timely and effective manner.
- Site survey technology
- Site survey technology is divided into eight categories. Including data recovery technology, data monitoring technology, data encryption and decryption technology, data replication technology, data deception technology, scanning technology, data interception technology and data hiding technology, etc.
- Evidence analysis technology
- The focus of the evidence analysis phase is to examine and analyze the collected evidence to find out the association with the criminal act to prove the facts of the case. The evidence analysis technology mainly includes log analysis technology, comparative search technology, data mining technology, attack source tracking technology, etc., which makes the distribution of the intrusion tracking system a foundation for realization.
- Evidence preservation technology
- Evidence preservation refers to keeping the obtained evidence and ensuring that its data integrity, confidentiality and non-repudiation are not damaged. The technologies that belong to the evidence preservation category include data replication technology, data encryption technology, digital signature technology, digital time stamp technology, and digital digest technology [2] .