ajnelson-nist
commented
1 month ago This proposal was posted as part of the DFRWS-USA 2024 Rodeo event, which comprised of a set of forensic capture-the-flag challenges. I did not suggest or develop this challenge, but I did agree to judge submission completeness. The challenge prompting this proposal read:
Category: Project Vic
Title: Shape_The_Future
Create and submit a change proposal to the Unified Cyber Ontology project on Github that presents a new or updated concept related to crimes against children investigations. Submit link to the change proposal in Github as the flag.
Link to the Unified Cyber Ontology: https://github.com/ucoProject/UCO/tree/master/ontology/uco
Link to the project's Change Request template: https://github.com/ucoProject/UCO/issues/new?assignees=&labels=change+request&projects=&template=change-request.md&title=
You will need a GitHub account to login and submit the change proposal.
To get credit for the flag, the change proposal form needs to be completely filled out.
sbarnum
Background
The investigation of crimes against children, especially those involving online activities, presents unique challenges that require specialized concepts and properties within the Unified Cyber Ontology (UCO). This proposal aims to enhance UCO by introducing a new concept related to the categorization and investigation of crimes against children. The primary objective is to provide investigators and analysts with a more robust and precise ontology to support their work in identifying, categorizing, and analyzing evidence related to such crimes.
Requirements
Requirement 1
Introduce a new class, ChildExploitationCrime, under the existing CyberCrime class to categorize crimes specifically related to the exploitation of children.
Requirement 2
Define properties for ChildExploitationCrime to capture specific details, including but not limited to:
victimAgeRange crimeType (e.g., grooming, trafficking, child pornography) onlinePlatformUsed offenderProfile
Risk / Benefit analysis
Benefits
Improved Investigation Framework: Providing a dedicated class and properties for crimes against children helps investigators and analysts structure and analyze data more effectively.
Enhanced Data Interoperability: Standardizing the representation of child exploitation crimes ensures better data sharing and interoperability between different law enforcement agencies and tools.
Focused Analytical Capabilities: By capturing specific details of these crimes, analytical tools can provide more focused insights, potentially leading to faster identification and intervention.
Risks
The submitter is unaware of risks associated with this change.
Competencies demonstrated
Competency 1
Providing a detailed ontology for crimes against children enhances the ability to answer specific investigative questions and supports more focused data analysis.
Competency Question 1.1
Can we identify all cases of child exploitation involving online grooming over a specific period?
Result 1.1
A SPARQL query can retrieve cases where crimeType is "grooming" and filter by date.
Competency Question 1.2
Which online platforms are most frequently used for child exploitation crimes?
Result 1.2
A SPARQL query can aggregate and list onlinePlatformUsed for all instances of ChildExploitationCrime.
Solution suggestion
Define the new class ChildExploitationCrime under CyberCrime. Add properties: victimAgeRange (datatype: string) crimeType (datatype: string) onlinePlatformUsed (datatype: string) offenderProfile (datatype: string) Implement unit tests to validate the new class and properties. Provide example instances demonstrating the use of the new class and properties.
@prefix uco: https://unifiedcyberontology.org/uco# . @prefix owl: http://www.w3.org/2002/07/owl# . @prefix xsd: http://www.w3.org/2001/XMLSchema# .
Define the ChildExploitationCrime class
uco:ChildExploitationCrime a owl:Class ; rdfs:subClassOf uco:CyberCrime ; rdfs:label "Child Exploitation Crime" ; rdfs:comment "A crime category specific to offenses that involve the exploitation of children." .
Define properties specific to the class
uco:victimAgeRange a owl:ObjectProperty ; rdfs:domain uco:ChildExploitationCrime ; rdfs:range xsd:string ; rdfs:label "Victim Age Range" ; rdfs:comment "The age range of the victim(s) involved in the child exploitation crime." .
uco:crimeType a owl:ObjectProperty ; rdfs:domain uco:ChildExploitationCrime ; rdfs:range xsd:string ; rdfs:label "Crime Type" ; rdfs:comment "The specific type of child exploitation crime, such as grooming, trafficking, or possession of illicit material." .