Project background and justification
Considering the amount of
ICT-related crime cases investigated by UCSC from the year 2003 (see
figure 1), no proper equipment has been used and no formal process has
been followed in solving them. Each case had been solved using an ad
hoc approach, and by trial and error. Even though this process works
for simple cases, as crime scenes become more and more advanced proper
equipment, software tools and a formal process are required.
Figure 1: Number of ICT crime cases investigated by UCSC experts
Table
2 (below) describes some of the above cases that were solved with the
help of computer experts in the UCSC. Unfortunately, due to a lack of
proper equipment, tools and investigative modal, evidence in some older
cases were incorrect handled, contrary to the five fundamental rules of
evidence gathering; that is whether it is admissible, authentic,
complete, reliable, and believable.
| Case No |
Date |
Description |
| 1 |
2003/11/03 |
Informing the Courts whether the software and data which was taken into custody from a private communication center should be confiscated
or not |
| 2 |
2004/06/24 |
To submit a report on whether any confidential matters were revealed through email communications from one establishment to another and also whether the data was copied and used for any purpose. |
| 3 |
2005/02/28 |
An accountant, whilst employed by a private firm, changed computer data and was involved in an illegal money transaction. |
| 4 |
2005/03/03 |
Changing website names and using websites for registration. |
5 2005/06/07 Using computers to forge the President’s signature.
|
6 2005/06/14
To check and report whether the computer and the CDs from a private
trading establishment contained any pornography and indecent films.
|
7 2005/10/18 To submit a report on using computers for making pornography and indecent films.
|
8 2006/07/05 To submit a report on whether a computer has been used for forging the issue of a Driving License.
|
9 2006/07/18
Using a computer to forge letters for money fraud at the Customs
Dept. and for fraudulently printing currency.
|
10 2006/08/08 To reveal whether any private information was included in a website without permission.
|
11 2006/08/21 To report whether any fraud occurred in the X Bank Treasury Bill Section.
|
12 2006/08/23
To report to a Technical Committee on whether a private trading firm
breached the copyright of software it used and then sold them.
|
13 2006/11/24 To submit a report to Courts on whether any virus was included through email
|
14 2007/01/16
To study and report whether any foreign funds that were collected by
an NGO were used to financially assist with terrorist activities.
Table 2: Selected Court cases since year 2003
With
the rapid increase in ICT crimes, failing to properly investigate them
may have a negative impact on Sri Lankan society. People may be
reluctant to trust proposed ICT solutions, and those who lack ICT
skills may become the victims of digital crimes. Even though the Sri
Lankan Parliament recently passed the Computer Crimes Act, a proper
digital forensic investigation lab is still required.
Project summary
Due to the increased number of ICT-related crimes reported in Sri Lanka, within the past few years, digital forensics has become a key area in law enforcement. A digital forensic investigation laboratory, compatible with a country’s legislation is vital when digital forensics are used in investigating ICT crimes.
The University of Colombo School of Computing (UCSC) assisted the Sri Lanka Police and the Criminal Investigation Department on over 50 court cases from 2003. Each of these cases has been unique and several ad hoc tools and forensic models have been used in order to solve them.
Known as a leader in applied computer research and education, UCSC hopes to build a national investigation center for Computer Forensic Investigation as there are no such centers available in Sri Lanka. However, building such a centre with the necessary equipment and commercial software is very expensive for a developing economy. Our solution would be to construct a low-cost Digital Forensic Laboratory (DFLab) consisting of the necessary hardware, software and investigation modal.
Establishing such a lab involves developing innovative procedures and methodologies. In addition, we will develop common digital forensic investigation methods that can be used now and in the future. Any documents and software produced under this project will include all applicable licenses.
We will also build our own forensic investigation terminals by using existing standard hardware instead of the more expensive proprietary hardware. Furthermore, we will develop user-friendly investigation software based on the open source forensic tools resulting in the production of low-cost forensic investigation terminals that comply with open standards.
Direct beneficiaries of this project will be victims of digital crimes, criminal investigation authorities, judicial services, bribery and corruption investigation officers and custom officers. In addition, this project will be indirectly useful for more than eighteen million people living in Sri Lanka.
This modal laboratory can be replicated in other countries that have similar social and legal infrastructures and would be very useful for the other Asian countries to adopt.
Organization profile
The University of Colombo School of Computing (UCSC) has the most advanced education resources in Sri Lanka in the field of Information and Communication Technology (ICT) with diverse academic staff in various computer science disciplines. It has a flat organization structure with a minimum of bureaucracy, one of the key factors for the efficient and smooth continuance of research and development projects.
Colombo offers the best available infrastructure to carry out R&D, and to access human resources both locally and internationally. UCSC has been a pioneer in cooperating with the Internet Society (ISOC), the Canadian International Development Research Centre (IDRC), the Japan International Corporate Agency (JICA), the Swedish Agency for International Development Cooperation (Sida)/The Department for Research Cooperation (SAREC) and the Swedish Program for Information and Communication Technology in Developing Regions (Spider) in the area of computer science by establishing some major ICT projects. These projects are considered to be the benchmarks of such projects in the world. The following table lists few selected projects:
- ICT in Academic Development in Sri Lanka, funded by Sida/SAREC
- Establishment of a national centre for e-learning, funded by Sida/SAREC
- Language Technology Research Laboratory, funded by IDRC
- Advanced Digital Media Technology Centre (ADMTC), funded by JICA
- Establishment of a national centre for Wireless Ad hoc and Sensor Networks (WASNs), funded by SPIDER
- Mobile ATMs for Developing Countries, funded by SPIDER
- The Smart Computer Laboratory, funded by ISOC
|