SoTE: Strategy of Triple-E on solving Trojan defense in Cyber-crime cases

Cyber activity has become an essential part of the general public's everyday life. The hacking threats of Cyber-crime are becoming more sophisticated as internet communication services are more popular. To further confirm the final finding of Cyber-crime, this study proposes three analytical tools to clarify the Cyber-crime issues by means of Ideal Log, M-N model and MDFA (Multi-faceted Digital Forensics Analysis) strategy, where Ideal Log is identified as a traceable element of digital evidence including four elements of IP Address, Timestamp, Digital Action, and Response Message. M-N model applies a formal method for collating and analyzing data sets of investigation-relevant logs in view of connected time with ISP logs. MDFA strategy attempts to outline the basic elements of Cyber-crime using new procedural investigative steps, and combining universal types of evidential information in terms of Evidence, Scene, Victim, and Suspect. After researchers figure out what has happened in Cyber-crime events, it will be easier to communicate with offenders, victims or related people. SoTE (Strategy of Triple-E) is discussed to observe Cyber-crime from the viewpoints of Education, Enforcement and Engineering. That approach is further analyzed from the fields of criminology, investigation and forensics. Each field has its different focus in dealing with diverse topics, such as: the policy of 6W1H (What, Which, When, Where, Who, Why, and How) questions, the procedure of MDFA strategy, the process of ideal Logs and M-N model. In addition, the case study and proposed suggestion of this paper are presented to counter Cyber-crime.