Blockchain Based Framework to Maintain Chain of Custody (CoC) in a Forensic Investigation

2021 ◽  
pp. 37-46
Author(s):  
Sarishma ◽  
Abhishek Gupta ◽  
Preeti Mishra
Keyword(s):  
Forensic Investigation ◽  
Chain Of Custody

Forensic Acquisition Methods for Cloud Computing Environments

2021 ◽  
pp. 462-472
Author(s):  
Diane Barrett
Keyword(s):  
Cloud Computing ◽  
Final Section ◽  
Forensic Investigation ◽  
Digital Forensic ◽  
Chain Of Custody ◽  
Computing Environments ◽  
Acquisition Processes

Cloud computing environments add an inherent layer of complication to a digital forensic investigation. The content of this article explores current forensic acquisition processes, how current processes need to be modified for cloud investigations, and what new acquisition methods can help when it is necessary to garner evidence from a cloud computing-based environment. A section will be included that provides a recommendation on how to acquire evidence from cloud-based environments while maintaining chain of custody. A final section will include recommendations for additional areas of research in the area of investigating cloud computing environments and acquiring cloud computing-based evidence.

scholarly journals Comparative Study and Analysis on Integrity of Data Files Using Different Tools and Techniques

2021 ◽  
Vol 4 (1) ◽  
pp. 43-54
Author(s):  
Kumarshankar Raychaudhuri ◽  
M. George Christopher ◽  
Nayeem Abbas Hamdani
Keyword(s):  
Comparative Study ◽  
Data File ◽  
Digital Evidence ◽  
Forensic Investigation ◽  
Digital Devices ◽  
Sample Data ◽  
Chain Of Custody ◽  
Data Files ◽  
Forensic Tools ◽  
Tools And Techniques

Digital forensic investigation is the scientific process of collection, preservation, examination, analysis, documentation and presentation of digital evidence from digital devices, so that the evidence is in compliance with legal terms and acceptable in a court of law. Integrity of the digital evidence is an indispensable part of the investigation process and should be preserved to maintain the chain of custody. This is done through hashing technique using standardized forensic tools. However, while handling the evidences , lack of knowledge might lead to unintentional alteration of computed hash. This violates the chain of custody and makes the evidence inadmissible in a court of law. In this paper, our objective is to determine the different conditions under which the original hash value of a digital evidence changes. For this, we create different scenarios using sample data files and compute their hash values. A comparative study and analysis are done to determine in which scenario the original hash value of the data file changes. The results of the research will prove useful and essential for Criminal Justice Functionaries in gaining knowledge about various conditions leading to the change in hash value of digital evidence and therefore, avoid its accidental alteration during forensic investigation/examination.

scholarly journals MF-Ledger: Blockchain Hyperledger Sawtooth-enabled Novel and Secure Multimedia Chain of Custody Forensic Investigation Architecture

IEEE Access ◽  
2021 ◽  
pp. 1-1
Author(s):  
Abdullah Ayub Khan ◽  
Mueen Uddin ◽  
Aftab Shaikh ◽  
Asif Ali Laghari ◽  
Adil Rajput
Keyword(s):  
Forensic Investigation ◽  
Chain Of Custody

Forensic Investigation-Based Framework for SDN Using Blockchain

2021 ◽  
pp. 74-98
Author(s):  
Sonam Bhardwaj ◽  
Rochak Swami ◽  
Mayank Dave
Keyword(s):  
Network Management ◽  
Architectural Design ◽  
Unique Characteristic ◽  
Network Services ◽  
Forensic Investigation ◽  
Literature Study ◽  
Blockchain Technology ◽  
Attack Scenario ◽  
Chain Of Custody ◽  
Networking Technology

Software-defined networking (SDN) is a promising networking technology that provides a new way of network management to the customers. SDN provides more programmable and flexible network services. SDN breaks the vertical integration of control and data planes and promotes centralized network management. This unique characteristic of SDN offers security features to deal with the malicious activities. However, architectural design of SDN makes it vulnerable to several attacks. Therefore, it is important to investigate the crime through various forensic techniques. This work discusses a literature study of some possible forensic techniques. A framework is also presented for forensic investigation of SDN environment in attack scenario. The proposed framework includes the collection of evidence and preserves them against any damage. During investigation, protection of evidence and chain of custody are of utmost importance to avoid misleading of the investigators. The safe storage strategy as well as maintaining the custody link can be achieved through blockchain technology.

Adoption of Chain of Custody Improves Digital Forensic Investigation Process

2018 ◽  
Vol 1 (2) ◽  
pp. 13-23
Author(s):  
Talib Mohammed Jawad
Keyword(s):  
Practical Method ◽  
Digital Evidence ◽  
Successful Implementation ◽  
Forensic Investigation ◽  
Digital Forensic ◽  
Experimental Environment ◽  
Wide Range ◽  
Chain Of Custody ◽  
Acceptable Method ◽  
Investigation Process

Chain of custody plays an important role in determine integrity of digital evidence, because the chain of custody works on a proof that evidence has not been altered or changed through all phases, and must include documentation on how evidence is gathered, transported, analyzed and presented. The aims of this work is first to find out how the chain of custody has been applied to a wide range of models of the digital forensic investigation process for more than ten years. Second, a review of the methods on digitally signing an evidence that achieves the successful implementation of chain of custody through answering a few questions "who, when, where, why, what and how", and thus providing digital evidence to be accepted by the court. Based on the defined aims an experimental environment is being setup to outline practically an acceptable method in chain of custody procedure. Therefore, we have adopted SHA512 for hashing and regarding encryption RSA and GnuGP is applied where according to the defined requirement a combination of this algorithms could be adopted as a practical method.

Digital Chain of Custody

2017 ◽  
Vol 7 (7) ◽  
pp. 117
Author(s):  
Matthew N.O. Sadiku ◽  
Adebowale E. Shadare ◽  
Sarhan M. Musa
Keyword(s):  
Digital Evidence ◽  
Chain Of Custody ◽  
Digital Investigation ◽  
A Chain ◽  
Admissible Evidence ◽  
Investigation Process

Digital chain of custody is the record of preservation of digital evidence from collection to presentation in the court of law. This is an essential part of digital investigation process.  Its key objective is to ensure that the digital evidence presented to the court remains as originally collected, without tampering. The chain of custody is important for admissible evidence in court. Without a chain of custody, the opposing attorney can challenge or dismiss the evidence presented. The aim of this paper is to provide a brief introduction to the concept of digital chain custody.

Chain of custody; recommendations for acceptance and analysis of evidentiary geochemical samples

Circular ◽  
1997 ◽  
Author(s):  
Christine M. Murphy ◽  
Paul H. Briggs ◽  
Betty M. Adrian ◽  
Steve A. Wilson ◽  
Phil L. Hageman ◽  
...  
Keyword(s):  
Chain Of Custody

A Robust Blind Image Forensic-Detection Method based on Fuzzy Technique

2019 ◽  
Vol 8 (3) ◽  
pp. 5926-5929
Keyword(s):  
Research Direction ◽  
Geometric Transformation ◽  
Detection Accuracy ◽  
Forensic Investigation ◽  
Image Forensic ◽  
Fuzzy Logic Approach ◽  
Logic Approach ◽  
Tampered Image ◽  
New Research ◽  
Blind Image

Blind forensic-investigation in a digital image is a new research direction in image security. It aims to discover the altered image content without any embedded security scheme. Block and key point based methods are the two dispensation options in blind image forensic investigation. Both the techniques exhibit the best performance to reveal the tampered image. The success of these methods is limited due to computational complexity and detection accuracy against various image distortions and geometric transformation operations. This article introduces different blind image tampering methods and introduces a robust image forensic investigation method to determine the copy-move tampered image by means of fuzzy logic approach. Empirical outcomes facilitate that the projected scheme effectively classifies copy-move type of forensic images as well as blurred tampered image. Overall detection accuracy of this method is high over the existing methods.

Sign in / Sign up

Export Citation Format

Share Document