CHAPTER ONE
INTRODUCTION
Attacks on computers by outside intruders receive more attention, but insider attacks are far more common and often more devastating. Insiders pose the greatest threat to computer security since they are intimately familiar with their company’s operations and computer systems. They have the necessary access and secrecy to carry out these attacks. An insider attack has a better chance of successfully breaking into the system and retrieving sensitive data. Insiders also pose the greatest threat to the firm network’s security because they have authorized access to the file system.
In order to achieve maximum profitability in a network, it is necessary to monitor the activities carried out so that network activity can be observed in real time and secret information can be protected.
The question is, which system would be developed, and how would it be developed, to show all of these potentialities?
By monitoring file access and process activity, a network activity monitoring system can detect inside threats (Behr et al, 2009). It’s a powerful tool for tracking any local area network, providing you with the most complete information on when, how, and what your network users do on a regular basis. Activity Monitor provides effective management over any network, whether it is a public library network, a university network, or a commercial company network. This project aims to monitor every user’s activities in a computer network and increase the organization’s or corporate body’s security.
BACKGROUND OF THE STUDY
Since 1943, the Federal Inland Revenue Service (FIRS) has been one of the federal ministries in charge of accessing, collecting, and accounting for various taxes owed to the federal government.
Tax revenue has been consistent over time, and it helps the government make decisions and plan for development and administrative planning. As a result, the organization’s or ministry’s human resource is considered to be their most valuable asset if properly harnessed and well motivated to perform their assigned tasks in order to further the organization’s goals and objectives.
In cases of computer misuse and fraud, a computer network activity monitoring system has become one of the most important tools for gathering evidence. Unwanted conduct against individuals, organizations, or assets is increasingly being committed, enabled, or supported by computers and other technology. Although network activity monitoring systems are most commonly connected with the investigation of a wide range of computer crimes, they can also be employed in civil cases. Data recovery techniques and principles are used in this area. and the computer stores a lot more information than most people believe. It’s also more difficult to totally erase data than most people believe. For these and other reasons, network activity monitoring systems may frequently locate evidence or even completely recover lost or deleted data, even if it was destroyed on purpose.
STATEMENT OF PROBLEM
The existing system utilized by FIRS has proven difficult for them to work with. The following are some of the issues that prevent the FIRS from keeping consistent and credible accounting statistics and estimates:
Because there is no backup of the activity log in the existing system, employees can easily erase or add data to cover up their fraud. Loss or damage to money or securities occurring directly from the use of any computer to fraudulently cause a transfer of money or other property from inside the premises to a person at a location outside the premises is known as computer fraud.
For both units in the department, their method of functioning is inefficient (Operations and Reconciliation units).
Both units are unable to function at the same time.
OBJECTIVES OF THE STUDY
This project aims to discover what should be done to improve the existing system, monitor the daily activities of every user in a network, and use it to provide evidence to frauds or crimes committed using computer technology, which some people refer to as “digital crime.”
The goal of this project is to create a system that will be able to
1. Monitor the daily activities of every user in a network in real time.
2. Detect active users.
3. Provide accurate evidence on corporate fraud when investigation is being carried out in an organization.
4. Has a good memory management for efficient carrying out of activities.
SIGNIFICANCE OF THE STUDY
This project was started for numerous reasons, which are explained below, and it provides solutions to some of the following questions:
What are the advantages of implementing an investigative system?
Why should you devote your time and resources to this?
What are the advantages for businesses?
As a result, the following are some of the relevance and benefits of this work:
Increased employer loyalty: Meeting and exceeding the expectations of the employer is what ultimately builds loyalty.
Maintaining the integrity of the system.
Maintaining a current understanding of work status in order to assess how well the organization is performing.
Ensure correct investigation handling in computing: This is why, in the first place, we need a cautious, methodical approach for obtaining digital data, and why we need a network activity monitoring system.
SCOPE OF THE STUDY
Despite the fact that a network activity monitoring system can handle a wide range of tasks and activities, we were unable to use this program on any operating system other than Windows owing to a lack of time and space (that is from windows XP to windows operating system of higher versions). Furthermore, this project did not include internet connectivity or virus detection in a network.
LIMITATION OF THE STUDY
Many things conspired against the completion of this project, including the following:
Insufficient funds
Refusal of the Federal Inland Revenue Service, Awka, to provide thorough responses to some inquiries, and in some cases, no response at all.
This project is limited to all data related with information obtained from the Federal Inland Revenue Service commission, and not all commissions were contacted for data and information owing to time constraints.
DEFINITION OF TERMS
NAMS (Network activity monitoring system): This is a system that monitors each user’s daily activities on a network.
Corporate fraud refers to deception perpetrated by insiders and/or senior executives of a major, publicly listed (or private) organization.
Real time: This is utilized for tasks like navigation, where the computer must react to a constant stream of fresh information without interruption.
LAN (local area network): A LAN (local area network) is a computer network that spans a small area. The majority of LANs are restricted to a single building or a small number of buildings.
Suid is a file attribute that enables a program to operate as a certain user regardless of who runs it.