A CYBER FORENSICS STUDY OF ATM DATA TRAFFIC
IJIRIS:: International Journal of Innovative Research in Information Security, Volume VII (Issue VII):
69-75 (August 2020)1. Adepoju, S. A.&AlhassanS. (2010). Challenges of ATM use and fraud occurrences in Nigeria: A case study of selected banks in Minna metropolis. Journal of Online Banking and Business, 15 (2), 1-10. 2. Adeoye, O. (2012). Evaluate the performance of two-factor authentication solutions in the banking sector. International Journal of Computer Science, 9 (4), 457-462. 3. Alblawi, U. Moon I., Kim, J., Suh, S.C. & Lee, W. (2014). A hybrid classifier with classification a binning for network application identification. Journal of Integrated Design and Operations Science, 18 (3), 3-22, 4. Banerjee, U.,Vashishtha, A.&Saxena M. (2010). Wireshark function evaluation as an intrusion detection tool. International Journal of Computer Applications, 6 (7), 1-5. https://Doi:10.5120/1092-1427. 5. Brunner, A., Decressin, J., Hardy, D., &Kudela, B. (2004). The German Banking System of Three Pillars: The European Transnational Perspective. Washington, DC: International Monetary Fund. 6. Chavalone, S. (2012). Banking fraud and ATM security. Retrieved from (Accessed 10th August, 2020) http://resources.infosecinstitute.com/bank-fraud-atm-security/. 7. Cisco Networking Academy. (2017). Basics of steering and switching. Hoboken, New Jersey: Cisco Press, 2017. 8. Debnath, R. Agrawal, B.&Vishnav, C. (2014). DES, AES, and Triple DES: Symmetric Key Cryptography Algorithms. International Journal of Scientific, Engineering and Technical Research, 3 (3), 652-654 9. Firewall. (Nd) Oxford Life Dictionary of the English Language. Retrieved from (Accessed 10th August, 2020) https://en.oxforddictionaries.com/definition/firewall. 10. Hussain, M. S. Russell, A.H.&RobidasL.C. (2015). Review of ATM services in Dhaka City for an analysis of factors affecting customer satisfaction. Journal of Business and Management IOSR, 17 (11) 1, 68-75. 11. Khan, F. (2015). How does an ATM machine work? Retrieved fromwww.quora.com/How-does-an-ATM-machine-work-1 12. Modern Ghana. (2013). Federal prosecutors say hackers stole $ 45 million in ATM card fraud. Retrieved from www.modernghana.com/news/463043/1/hackers-steal-45-million-in-atm-card-scam-Federal.html 13. Regular old phone service. (No date). On Wikipedia. Retrieved from (Accessed 10th August, 2020). https://en.wikipedia.org/wiki/Plain_old_telephone_service 14. Prodromo, A. (2019). TLS Security 6: Examples of TLS Attacks and Attacks. (Accessed 10th August, 2020) Taken from https://www.acunetix.com/blog/articles/tls-vulnerabilities-attacks-final-Part/143-153 15. Pymnts.com. (2017). Automated teller machines in the US have recently grown. Retrieved from https://www.pymnts.com/cash/2017/atmia-says-us-atms-finally-see-growth/(Accessed 10th August, 2020) 16. Robam, A., Verma, and A. And Singh A. (2013). A method for detecting beams using beam sniffing. International Journal of Computer Science and Engineering, 4 (3), 21-33. https://Doi:10.5121/ijcses.2013.4302. 17. Sidel, R. (2015). Debit card data theft from ATMs escalated. Retrieved from www.wsj.com/articles/theft-of-debit-card-data-from-atms-soars-1432078912(Accessed 10th August, 2020). 18. Payment Card Forensic Analysis: From Concept to Desktop and Mobile Analysis Tools. Digital Survey, 11 (3), 143-153. TechTarget Network. (Nada). What is Ethernet? Retrieved from. (Accessed 10th August, 2020). https://searchnetworking.techtarget.com/definition/Ethernet 19. TechTarget Network. (n.d). What is a local area network (LAN)? Retrieved from (Accessed 10th August, 2020)www.searchnetworking.techtarget.com/definition/local-area-network-LAN 20. Twum, F., Nti, IK, & Asante, M. (2016). Use multi-factor authentication to improve ATM security. International Journal of Science and Engineering Applications, 5 (3), 126-134. https://Doi:10.7753/ijsea0503.1003. 21. Wireshark. (No date). In Techopedia. Retrieved from www.techopedia.com/definition/25325/wireshark (Accessed 10th August, 2020) 22. Young, C. (2019). Introduce ZOMBIES POODLE and GOLDENDOODLE. Retrieved from https: (Accessed 10th August, 2020) //www.tripwire.com/zh-CN/state-of-security/vulnerability-management/zombie- 23. Zou Lin, Liao Ming, Yuan Cheng, Zhang Hai (2017). Use the expected packet size to detect low-speed DDoS attacks. Security and Communications Network, 2017 (1), 1-14. https://Doi:10.1155/2017/3691629.DOI: https://doi.org/10.26562/ijiris.2020.v0707.001
Abstract
For several years now, bank customers have become accustomed to the convenient use of Automated Teller Machines (ATM) to transfer money between accounts either within the same bank or to different banks. The ATM provides account balance information, enable customers to deposit and withdraw cash from their accounts and perform other transactions without physically meeting bank staff in banking hall for transactions. The use of ATMs for mobile banking has led to a significant increase in ATM fraud globally. Consumer confidence in the use of ATMs for banks transactions and credit card issuers has been impacted by fraudulent activities associated with ATMs.
Description
Automated Teller Machine (ATM) is electronic equipment which allows bank customers to perform some transactions either within or outside banking premises. Such transactions include: withdrawals, deposits, checking account balances, transferring of money within the same or different banks, paying utilities bills, to mention but a few. ATM facilitates a convenient method for customers to execute banking transactions and invariably provides avenues for committing cybercrime in cyberspace. Cyber forensics is a branch of computer science that deals with how to obtain, preserve, analyze, document and present digital data from cyber space. A cyber forensics investigator or cyber forensics analyst and is a professional or expert who obtain digital data from cyberspace, perform analysis and documents evidential data, which can be admissible in the law courts. When cybercrime is committed in ATM transactions, forensic experts are required to investigate and extract digital data from the cyberspace where the crime was committed with the aid of forensic tools. Using the ATM digital data traffic collected, the forensic expert conducts a forensic analysis of the ATM digital data traffic, preserves the integrity of the data, prepares a report which can be admissible in the court of law. Assets stolen can be recovered through Alternative Dispute Resolution (ADR) or through adjudication of law courts.
1.1 Problem Statement
Financial institutions and individual’s lose substantial amount of money from ATM fraud.
1.2 Significance of the problem
The study will enable the network cyber forensics investigator to extract digital evidence from the generated data packets from ATM networks. The investigator will be able to perform analysis on the data in a forensic laboratory and prepare a report that can be presented in the court of law to enable recovery of stolen assets.
1.3 Objectives
The objectives of the study include:
1. To capture data traffic generated from ATM networks
2. To provide digital evidence in court of law in case cybercrime is committed
3. To recover stolen money for individual or financial institutions