scholarly journals Investigating Visualisation Techniques for Rapid Triage of Digital Forensic Evidence

2019 ◽  
pp. 277-293
Author(s):  
Gavin Hales ◽  
Ethan Bayne
Keyword(s):  
Forensic Evidence ◽  
Digital Forensic

Forensic Data Extraction and Analysis of Left Artifacts on emulated Android Phones: A Case Study of Instant Messaging Applications

2017 ◽  
Vol 2 (11) ◽  
pp. 8-16
Author(s):  
Moses Ashawa ◽  
Innocent Ogwuche
Keyword(s):  
Mobile Phones ◽  
Instant Messaging ◽  
Data Extraction ◽  
Digital Evidence ◽  
Cyber Attack ◽  
Forensic Evidence ◽  
Digital Forensic ◽  
Proportional Increase ◽  
Forensic Tools

The fast-growing nature of instant messaging applications usage on Android mobile devices brought about a proportional increase on the number of cyber-attack vectors that could be perpetrated on them. Android mobile phones store significant amount of information in the various memory partitions when Instant Messaging (IM) applications (WhatsApp, Skype, and Facebook) are executed on them. As a result of the enormous crimes committed using instant messaging applications, and the amount of electronic based traces of evidence that can be retrieved from the suspect’s device where an investigation could convict or refute a person in the court of law and as such, mobile phones have become a vulnerable ground for digital evidence mining. This paper aims at using forensic tools to extract and analyse left artefacts digital evidence from IM applications on Android phones using android studio as the virtual machine. Digital forensic investigation methodology by Bill Nelson was applied during this research. Some of the key results obtained showed how digital forensic evidence such as call logs, contacts numbers, sent/retrieved messages, and images can be mined from simulated android phones when running these applications. These artefacts can be used in the court of law as evidence during cybercrime investigation.

Forensic Analysis of Telegram Desktop-based Applications using the National Institute of Justice (NIJ) Method

2020 ◽  
Vol 8 (4) ◽  
pp. 381
Author(s):  
I Gusti Ngurah Guna Wicaksana ◽  
I Ketut Gede Suhartana
Keyword(s):  
Instant Messaging ◽  
Personal Information ◽  
Forensic Analysis ◽  
Criminal Cases ◽  
Forensic Evidence ◽  
Digital Forensic ◽  
National Institute Of Justice ◽  
Evidence Analysis ◽  
The Media ◽  
Log File

Abstract The development of telecommunications has increased very rapidly since the internet-based instant messaging service has spread rapidly to Indonesia. Telegram application is one of the growing and well-known application services in Indonesia, Desktop or smartphone-based Telegram applications, it is very possible to use digital crimes by using services, user personal information, or by hacking the Telegram application. This study explains the stages of investigation of cybercrime cases that occurred in desktop-based telegram. The method used for this research refers to the stage of investigation that was carried out in previous studies, namely using the National Institute of Justice (NIJ) method with the stages of the preparation stage, the collection stage, the examination stage, the analysis stage, and the reporting stage. The media used in this study is a desktop-based Telegram application that is synchronized with an Android-based Telegram. In this process, the location of the log file, cache, and digital proof image file was obtained in the conversation of a desktop-based Telegram application. Digital forensic evidence obtained is expected to strengthen evidence of criminal cases in court in the form of digital evidence analysis results. Keywords: Telecommunications, Digital Forensic, Telegram, Investigation, Cybercrime

Challenges to Digital Forensic Evidence in the Cloud

2013 ◽  
pp. 59-78 ◽  
Author(s):  
Fred Cohen
Keyword(s):  
Cloud Computing ◽  
Forensic Evidence ◽  
Digital Forensic ◽  
Computing Environments

Digital forensic evidence is subject to a variety of challenges, and these challenges apply in the Cloud as anywhere else. This chapter is an overview of these issues specifically oriented toward the Cloud Computing environments of today.

A study on block-based recovery of damaged digital forensic evidence image

2011 ◽  
Vol 57 (2) ◽  
pp. 407-422 ◽  
Author(s):  
Eun-Gyeom Jang ◽  
Byong-Soo Koh ◽  
Yong-Rak Choi
Keyword(s):  
Forensic Evidence ◽  
Digital Forensic ◽  
Block Based

scholarly journals Smart Digital Forensic Readiness Model for Shadow IoT Devices

2022 ◽  
Vol 12 (2) ◽  
pp. 730
Author(s):  
Funmilola Ikeolu Fagbola ◽  
Hein Venter
Keyword(s):  
Information Technology ◽  
Internet Of Things ◽  
Conceptual Model ◽  
Criminal Activity ◽  
Forensic Evidence ◽  
Device Identification ◽  
Digital Forensic ◽  
Privacy Breach ◽  
Evidence Gathering ◽  
Iot Devices

Internet of Things (IoT) is the network of physical objects for communication and data sharing. However, these devices can become shadow IoT devices when they connect to an existing network without the knowledge of the organization’s Information Technology team. More often than not, when shadow devices connect to a network, their inherent vulnerabilities are easily exploited by an adversary and all traces are removed after the attack or criminal activity. Hence, shadow connections pose a challenge for both security and forensic investigations. In this respect, a forensic readiness model for shadow device-inclusive networks is sorely needed for the purposes of forensic evidence gathering and preparedness, should a security or privacy breach occur. However, the hidden nature of shadow IoT devices does not facilitate the effective adoption of the most conventional digital and IoT forensic methods for capturing and preserving potential forensic evidence that might emanate from shadow devices in a network. Therefore, this paper aims to develop a conceptual model for smart digital forensic readiness of organizations with shadow IoT devices. This model will serve as a prototype for IoT device identification, IoT device monitoring, as well as digital potential evidence capturing and preservation for forensic readiness.

Sign in / Sign up

Export Citation Format

Share Document