Call for Chapter Proposals Submission Deadline: January 5, 2005 http://cgi.di.uoa.gr/~nkolok/Idea.html Digital Crime and Forensic Science in Cyberspace yA book edited by Dr. P. Kanellis, Prof. E. Kiountouzis, Dr. N. Kolokotronis, and Associate Prof. D. Martakos Introduction The Organization for Economic Co-Operation and Development (OECD) defines "digital crime" as "...any illegal, unethical or unauthorized behaviour relating to the automatic processing and transmission of data." Computer attacks and digital crime are now commonplace, achieving national and international press coverage and thus becoming parts of everyday reality. Understanding the motives behind such incidents, the many forms that they can take and managing the complexity related to achieving a level of readiness to confront them are issues that no organization - public or private - can afford to ignore. It is a sign of the times that in 2003, 82% of U.S. companies surveyed by the Computer Security Institute faced security problems and dealt with damages that were estimated at $27.3 million. The use of scientifically derived and proven methods toward the collection, management and use of evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events assessed as being criminal or helping to anticipate unauthorized actions shown to be disruptive to planned operations are called Digital Forensics (DF). But, although DF has the traditional forensics science as a base from which to borrow and grow, in contrast to traditional crime the context, content and processes associated with being digital are so unique and still emerging that it is a sobering realization the fact that we are and will continue to be exposed and vulnerable with the crimes committed passing undetected and unpunished. More so, if we accept that more than ten years after the first meetings of the Digital Forensics Research Workshop there are still no standards developed or a significant corpus of knowledge for DF. The timeliness of this edited volume is unquestionable as the urgency for developing and maintaining a digital forensics capability, as part of a holistic risk management framework, is evidenced by the directives and announcements by various standards bodies. For example, the Basel Committee on banking supervision recommends in the 14th principle for risk management: "... banks should develop... A process for collecting and preserving forensic evidence to facilitate appropriate post-mortem reviews of any e-banking incidents as well as to assist in the prosecution of attackers..." Overall objectives There is a single objective that this edited volume will seek to achieve: to present the state of the art in DF covering selective topics that hold significant weight as priorities in understanding the complexity and multidimensionality of the issues at hand so as to become the primary reference source for academics that research and practitioners that practice DF. The editors approach DF as a scientific field in its infancy with many sub-disciplines and at least 3 different 'application' areas (Law Enforcement, Military, and Business & Industry) with various stakeholders having different demands. Moreover, the highlight its difference from other forensic sciences as the media examined and the methods or techniques available to the examiners are to large extent market-driven products hastily launched with a lack of theoretical background and empirical proofs, giving rise to questions of validity. Thus, it is imperative that prospective authors will need to ensure that the following primary criteria are met and provide evidence in their chapter proposals: * The importance of the proposed topic and the weight it holds as a priority in helping us to unravel the complexities associated with DF, furthering our current understanding and pointing out the directions where further inquiry will be heading. * The solutions proposed to particular and well-defined challenges are the state of the art as far as both research and practice are concerned and the theory that supports them offers no grounds for concerns regarding their validity. Target audience The audience for which the book is intended is as follows: * Academics in the fields of Computer Science, Software Engineering and Information Systems who need a source of reference that covers the state of research in DF. * IT managers that must have the necessary know-how in order to handle an investigation and deal with cyber-investigators. * Security professionals and internal & external auditors that must be aware of computer and network forensics issues in order to informatively choose the proper action plan and the corresponding methods and tools. * Employees and home users who care about privacy issues and wish to know what constitutes evidence for computer crime. Recommended topics Recommended topics for chapters include but are not limited to the following: * Cyber-space, Digital Crime and Digital Forensics: cyber-space characteristics; actors identified in cyber-space; cyber-suspects subculture, profiling, and tactics; cyber-crime statistics; types and impact of cyber-crimes; overview and role of computer/network security policies. * Incident Response: verification of computer breaches; incident response strategies and procedures; reporting process; organizational and cost factors; procedure standardization issues; personnel expertise and training; current status analysis of procedures governed and/or accepted by law; future challenges. * Cyber-investigation Principles: cyber-investigation life cycle; responsibilities of actors involved; legal methods to obtain a computer and/or digital evidence; jurisdictions and agencies; investigative methods; trans-national issues. * Digital Evidence Collection and Handling: working with ISPs and telephone operators; examination of digital media; digital evidence integrity and safety; digital evidence metrics and implications on the information that need to be collected; aspects of individual privacy versus investigation needs. * Legal and Litigation Issues: description and comparison of international legal frameworks established; legal ways to seize digital evidence, constraints implied by law, types of digital evidence accepted in courts; investigative and testimonial challenges, future challenges. * Computer and Network Forensics: tools, techniques and methods for collection and analysis purposes, intrusion detection systems, future technologies, strengths and weaknesses, limitations; open research problems; legal barriers. Submission procedure Researchers and practitioners are invited to submit on or before January 5, 2004, an extended summary, not exceeding 3000 words. The proposal should include title, author's names and affiliations, a list of keywords, a tentative table of contents, references, and a short biographical note. The expected contribution of the proposal towards achieving the objectives of the book should be clearly stated. Authors of accepted proposals will be notified by February 5, 2005 about the status of their proposals and sent chapter organizational guidelines. Full chapters are expected to be submitted by April 15, 2005. All chapters will be reviewed on a blind review basis. The book is scheduled to be published by Idea Group, Inc., publisher of Idea Group Publishing, Information Science Publishing, IRM Press, CyberTech Publishing, and Idea Group Reference imprints, in 2005. Book editors affiliations Dr. Panagiotis Kanellis Department of Informatics Athens University of Economics & Business pkanellis@ktpae.gr Professor Evangelos Kiountouzis Department of Informatics Athens University of Economics & Business eak@aueb.gr Dr. Nicholas Kolokotronis Department of Informatics & Telecommunications National & Kapodistrian University of Athens nkolok@di.uoa.gr Associate Professor Drakoulis Martakos Department of Informatics & Telecommunications National & Kapodistrian University of Athens martakos@di.uoa.gr Contact person Inquiries and submissions should be forwarded electronically (in MS Word) to Dr. Panagiotis Kanellis, tel: (+30) 210-9288751, fax: (+30) 210-9231897.