Call for Chapter Proposals
Submission Deadline: January 5, 2005
http://cgi.di.uoa.gr/~nkolok/Idea.html
Digital Crime and Forensic Science in Cyberspace
yA book edited by
Dr. P. Kanellis, Prof. E. Kiountouzis, Dr. N. Kolokotronis, and
Associate Prof. D. Martakos
Introduction
The Organization for Economic Co-Operation and Development (OECD)
defines "digital crime" as "...any illegal, unethical or unauthorized
behaviour relating to the automatic processing and transmission of
data." Computer attacks and digital crime are now commonplace,
achieving national and international press coverage and thus becoming
parts of everyday reality. Understanding the motives behind such
incidents, the many forms that they can take and managing the
complexity related to achieving a level of readiness to confront them
are issues that no organization - public or private - can afford to
ignore. It is a sign of the times that in 2003, 82% of U.S. companies
surveyed by the Computer Security Institute faced security problems
and dealt with damages that were estimated at $27.3 million.
The use of scientifically derived and proven methods toward the
collection, management and use of evidence derived from digital
sources for the purpose of facilitating or furthering the
reconstruction of events assessed as being criminal or helping to
anticipate unauthorized actions shown to be disruptive to planned
operations are called Digital Forensics (DF). But, although DF has the
traditional forensics science as a base from which to borrow and grow,
in contrast to traditional crime the context, content and processes
associated with being digital are so unique and still emerging that it
is a sobering realization the fact that we are and will continue to be
exposed and vulnerable with the crimes committed passing undetected
and unpunished. More so, if we accept that more than ten years after
the first meetings of the Digital Forensics Research Workshop there
are still no standards developed or a significant corpus of knowledge
for DF.
The timeliness of this edited volume is unquestionable as the urgency
for developing and maintaining a digital forensics capability, as part
of a holistic risk management framework, is evidenced by the
directives and announcements by various standards bodies. For example,
the Basel Committee on banking supervision recommends in the 14th
principle for risk management: "... banks should develop... A process
for collecting and preserving forensic evidence to facilitate
appropriate post-mortem reviews of any e-banking incidents as well as
to assist in the prosecution of attackers..."
Overall objectives
There is a single objective that this edited volume will seek to
achieve: to present the state of the art in DF covering selective
topics that hold significant weight as priorities in understanding the
complexity and multidimensionality of the issues at hand so as to
become the primary reference source for academics that research and
practitioners that practice DF.
The editors approach DF as a scientific field in its infancy with many
sub-disciplines and at least 3 different 'application' areas (Law
Enforcement, Military, and Business & Industry) with various
stakeholders having different demands. Moreover, the highlight its
difference from other forensic sciences as the media examined and the
methods or techniques available to the examiners are to large extent
market-driven products hastily launched with a lack of theoretical
background and empirical proofs, giving rise to questions of
validity. Thus, it is imperative that prospective authors will need to
ensure that the following primary criteria are met and provide
evidence in their chapter proposals:
* The importance of the proposed topic and the weight it holds as
a priority in helping us to unravel the complexities associated with
DF, furthering our current understanding and pointing out the
directions where further inquiry will be heading.
* The solutions proposed to particular and well-defined challenges
are the state of the art as far as both research and practice are
concerned and the theory that supports them offers no grounds for
concerns regarding their validity.
Target audience
The audience for which the book is intended is as follows:
* Academics in the fields of Computer Science, Software
Engineering and Information Systems who need a source of reference
that covers the state of research in DF.
* IT managers that must have the necessary know-how in order to
handle an investigation and deal with cyber-investigators.
* Security professionals and internal & external auditors that
must be aware of computer and network forensics issues in order to
informatively choose the proper action plan and the corresponding
methods and tools.
* Employees and home users who care about privacy issues and wish
to know what constitutes evidence for computer crime.
Recommended topics
Recommended topics for chapters include but are not limited to the following:
* Cyber-space, Digital Crime and Digital Forensics: cyber-space
characteristics; actors identified in cyber-space; cyber-suspects
subculture, profiling, and tactics; cyber-crime statistics; types and
impact of cyber-crimes; overview and role of computer/network security
policies.
* Incident Response: verification of computer breaches; incident
response strategies and procedures; reporting process; organizational
and cost factors; procedure standardization issues; personnel
expertise and training; current status analysis of procedures governed
and/or accepted by law; future challenges.
* Cyber-investigation Principles: cyber-investigation life cycle;
responsibilities of actors involved; legal methods to obtain a
computer and/or digital evidence; jurisdictions and agencies;
investigative methods; trans-national issues.
* Digital Evidence Collection and Handling: working with ISPs and
telephone operators; examination of digital media; digital evidence
integrity and safety; digital evidence metrics and implications on the
information that need to be collected; aspects of individual privacy
versus investigation needs.
* Legal and Litigation Issues: description and comparison of
international legal frameworks established; legal ways to seize
digital evidence, constraints implied by law, types of digital
evidence accepted in courts; investigative and testimonial challenges,
future challenges.
* Computer and Network Forensics: tools, techniques and methods
for collection and analysis purposes, intrusion detection systems,
future technologies, strengths and weaknesses, limitations; open
research problems; legal barriers.
Submission procedure
Researchers and practitioners are invited to submit on or before
January 5, 2004, an extended summary, not exceeding 3000 words. The
proposal should include title, author's names and affiliations, a list
of keywords, a tentative table of contents, references, and a short
biographical note. The expected contribution of the proposal towards
achieving the objectives of the book should be clearly stated.
Authors of accepted proposals will be notified by February 5, 2005
about the status of their proposals and sent chapter organizational
guidelines. Full chapters are expected to be submitted by April 15,
2005. All chapters will be reviewed on a blind review basis.
The book is scheduled to be published by Idea Group, Inc., publisher
of Idea Group Publishing, Information Science Publishing, IRM Press,
CyberTech Publishing, and Idea Group Reference imprints, in 2005.
Book editors affiliations
Dr. Panagiotis Kanellis
Department of Informatics
Athens University of Economics & Business
pkanellis@ktpae.gr
Professor Evangelos Kiountouzis
Department of Informatics
Athens University of Economics & Business
eak@aueb.gr
Dr. Nicholas Kolokotronis
Department of Informatics & Telecommunications
National & Kapodistrian University of Athens
nkolok@di.uoa.gr
Associate Professor Drakoulis Martakos
Department of Informatics & Telecommunications
National & Kapodistrian University of Athens
martakos@di.uoa.gr
Contact person
Inquiries and submissions should be forwarded electronically (in MS
Word) to Dr. Panagiotis Kanellis, tel: (+30) 210-9288751, fax: (+30)
210-9231897.