A formal proposal for a dissertation that will be submitted in partial

fulfillment of a University of Greenwich Master Degree

IT Countermeasures and Identity Theft/Fraud

Name: Rizwan Ali

Student ID: RA/MSC-CSA/0609/8011

Programme of Study: MSc Computing with Security Management

Date Proposal Submitted: 18/01/2010

Project Hand In Date: 31/04/2010

Supervisor: Mr.Kola Kolade

Topic Area: IS security, Social Engineering, Encapsulation Techniques,

Access Controls, Biometrics measures, off shoring, phishing,

Keywords associated with the project: Wireless network Security,

Biometrics, Data protection Act, and SLA.

MSc Courses studied that contribute towards this dissertation:

IS Audit Process, Security of IS Infrastructure, IS Risks Management,
Business Continuity Planning and Disaster Recovery, Software
Engineering and security architecture, IS Management and Research
Method and Scientific Writing.
1.Overview
Identity and personal inormation are very valuable and sensitive .Crimimals can find out
your personal details like Date of birth ,secutiy passwords,bank/building society
account details etc and use them to open furhter bank accounts and apply credit
cards ,loans,state benefits,mobile Phone connections and documents such as passports
and driving license with your name.
“Identity Theft has been refered as a crime of the new millennium.It can be
accomplished anonymously,easily,throuogh a variety of means,and the consequences to
the victimc can be devastasting .Identity theft is simply the theft of identity information
such as name,date of birht,social secutiy numbers(SSN) ,or a credit card number.The
mundane activities of typical consumer during the course of a regular day may provide
tremendous opportunities fo and identity theif:renting a car,vidoe,or home-
improvements tools;purchasing gifts or trading stock on-line;receiving mail;or taking
out the garbage or recycling.Any activity in which identity information is shared or
made available to others creates an opportunitity for identity theff.
It is estimated that identity theft has become the fastest growing financial cime in
America ,and perhapes ,the fastest growing crime of any kind in our society.According
to Federal Trade Commission(FTC),it recieved the highest number of consumer fruad
compaints in 2001.Identtity theft acconted for Forty-tow percent of 204,000 .”(Hoar ,
2001)
Despite widespread public perception that the internet is major contributor to the rise in
identity theft/fraud,surverys indicates that comparatively few individuals who know how
a thief acquired their personally identifiable information (PII) cite the internet.
Some attribute the rise in the identity theft instead to carelessness by businesses in
handling PII,and by credit isssuers that grant credit without proper check .Identity
theft /fraud can be separated into l”low-tech”crimes by theives who acquire PII through
traditional means such as lost or stolen wallets or “dumpster driving” and “high-tech”
crime by thieves who compromise computer database or use the internet .
A survery released in january 2005 found that computer crime accounted for 11.6% of
Identity theft/fraud cases in 2004,compared with 68% from paper sources.

Phishing is a form of social engineering in which an attacker /hacker,as known as

phisher attempts to fruadulently retrieve legitimate users’confdential or sensivitve
credentials by mimicking electronic communications from a trustworthy or public

MSc Project Proposal Page 1

organization in an automated fashion .Such communications ae most frequently done
thorough emails that directs users to fraudulent websites that in turn collects the
credentials in question.Examples of credentials frequently of interest to publisher are
passwords,credit card number,and national insurance numbers.
According to credit information provider Equifax,fraudsters could make off with users’
personal infomation in order to commit ID theft –and the company is urging web users
to limit the amount of information they post online.
The primary aim of this research work is to compare differnt IT tools and techniques to
prevent identity theft or identity fraud.Some are given below
In this research I am focusing on onternet ,web, and other IT issues that are involved in
Identity theft/Fraud and also social engineering that can not be ignored in a competative
business market.

2.Aim & Objectives

In the initial chapter I will describe the different between indentity theft and identty
frauds .
The primary aim of this research work is to evaluate differnt IT tools and techniques
to reduce identity theft or identity fraud.
Main objective will be on analysis of appropriate measures for the reduction of
crimes causes by Identity theft/fraud.
After evaluating available tools and techniques I will provide and my suggestions
and recommendation based on my research.

1. How the objectives will be achieved

To successfully conduct my research and analysis, the techniques to used are as follows
I. Study of implemented countermeasures for the prevention of crimes by Identity
theft or Identity fraud.
a) I will consult current available articles, newspapers, journals, TV news, different
search engines and other IT relating tools.

b) I will explore my textbooks and case studies published related to my research.

C) I will overview the same type of research /projects completed by other individuals.

II. Critically analyze and evaluate current tools or methods implemented

MSc Project Proposal Page 2

 a) Using regulatory Standards (Data protection act 1998), introduced by
Governments and Law enforcement Agencies.
b) Consulting standards introduced by other authorities (ISO etc)

III. Produce my own report of existing techniques & methods.

IV.With the highlight of the drawback of the current technologies, I will be able to
demonstrate the positive effects of my research work. I will provide my own
recommendation .My research will become a helpful source for future researches.

4. Resources

I. Internet and World Wide WEB

Now a days Internet is the best and the most convenient source of
information. Most of my research work will be from Internet sources. These
all source are not reliable but where there is an uncertainty I will clarify it.
Online forums also provide good understanding of complex problems.
II. E-books and Case studies
As it is not easy and affordable to buy books and it also takes a bit of time to
grab a book from a library so I will conduct my research mostly using book
available on the Internet. Case studies are efficient source of information
discussing real market scenarios .I will consult case studies from Internet
and other sources like newspapers etc
III. University library
My university will provide me access to its own resources; here I can find
books and researches submitted by others.
IV. Teacher and Supervisor
My teachers and supervisor will also guide me, where I can find particular
information.

5. Brief over view of The Chapter

Overall organisation of my research will be as follows

Chapter 1:
Introduction, background, and brief history: This will reflect the nature of topic and also
describe its background.
Chapter 2:
Literature Review: This will reflect the presentation and conceptualisation of academic
materials I have obtained for my project. It will represent my wrtten understanding on
the topic.
Chapter 3:
General introduction to current tools and methods implement to avoid identity
Theft/Fraud. Anti-virus, firewalls, access controls, programmes, SSL, VPN, biometric
controls, Encapsulation, Online banking transactions etc will be discussed in this
chapter.

Chapter 4.

MSc Project Proposal Page 3

A critical analysis of current tools will be conducted in this chapter.
Chapter 5.
After critically analysing current tools in the pervious chapter I will discuss my own
recommendations and suggestions.

Chapter 6.
In this chapter I will describe the conclusion of the research showing expected strength
and weakness as well as future of the mechanism presented in previous chapters.

6. References

HOAR,SEAN,B.(2001) “Current Developments Identity Theft:The crime of the New

Millennium”, HeinOnline’s Law journal Library, 80 Or.L .1423(2001),p.01

SOLVE, D.J. (2002-2003) Identity Theft, Privacy, and the Architecture of

Vulnerability.,54 Hasting:L.J

Myers ,Steven., 2007. Phishing and Contermeasures Understanding the

Increasing Problem of Electronic Identity Theft [e-book] Heboken, New
Jersey USA:JohnWiley&Sons,Inc.Availableat:http://books.google.co.uk/books?
hl=en&lr=&id=xxAbEcNlIwwC&oi=fnd&pg=PR19&dq=identity+theft&ots=JSlIytvkn
C&sig=kcLY4itRAMXSHlrzOFOPIS3SJUI#v=onepage&q=&f=true [ Accessed 14
January 2010].

http://www.identitytheft.org.uk/

http://www.opsi.gov.uk

http://www.iso.org

https://www.pcisecuritystandards.org/security_standards/pci_dss.shtml

http://www.silicon.com/legacy/research/specialreports/riskmanagement/0,3800013989,3
9167922,00.htm

MSc Project Proposal Page 4