scholarly journals Digital investigations: relevance and confidence in disclosure

ERA Forum ◽  
2021 ◽  
Author(s):  
Philip Anderson ◽  
Dave Sampson ◽  
Seanpaul Gilroy
Keyword(s):  
Mobile Phone ◽  
Digital Forensics ◽  
Digital Evidence ◽  
Digital Devices ◽  
Digital Forensic ◽  
Different Types ◽  
New Challenges ◽  
Stored Information

AbstractThe field of digital forensics has grown exponentially to include a variety of digital devices on which digitally stored information can be processed and used for different types of crimes. As a result, as this growth continues, new challenges for those conducting digital forensic examinations emerge. Digital forensics has become mainstream and grown in importance in situations where digital devices used in the commission of a crime need examining. This article reviews existing literature and highlights the challenges while exploring the lifecycle of a mobile phone examination and how the disclosure and admissibility of digital evidence develops.

Characteristic evidence, counter evidence and reconstruction problems in forensic computing

2015 ◽  
Vol 57 (6) ◽  
Author(s):  
Andreas Dewald
Keyword(s):  
Digital Forensics ◽  
Forensic Sciences ◽  
Digital Evidence ◽  
Digital Devices ◽  
Great Responsibility ◽  
Different Types

AbstractWith the ever increasing number of crimes in which computers or other digital devices are used, digital forensics plays an increasingly important role in today's jurisdiction. The acquisition and investigation of the devices is done by forensic experts, whose reports and personal explanations then form the basis of justice. Because of this great responsibility of the experts, the quality of their investigations has to meet the highest standards. Historically, forensic computing (as digital forensics) developed pragmatically, driven by specific technical needs. Indeed, in comparison with other forensic sciences the field still is rather immature and has many deficits, such as the unclear terminology used in court. In this paper, we introduce notions of (digital) evidence, characteristic evidence, and (characteristic) counter evidence, as well as the definitions of two fundamental forensic reconstruction problems. We show the relation of the observability of the different types of evidence to the solvability of those problems. By doing this, we wish to exemplify the usefulness of formalization in the establishment of a precise terminology. While this will not replace all terminological shortcomings, it (1) may provide the basis for a better understanding between experts, and (2) helps to understand the significance of different types of digital evidence to answer questions in an investigation.

Analisis Kelayakan Integrated Digital Forensics Investigation Framework Untuk Investigasi Smartphone

2016 ◽  
Vol 7 (4) ◽  
Author(s):  
Ruuhwan Ruuhwan ◽  
Imam Riadi ◽  
Yudi Prayudi
Keyword(s):  
Digital Forensics ◽  
Electronic Media ◽  
Digital Data ◽  
Digital Evidence ◽  
Forensic Investigation ◽  
Digital Forensic ◽  
Forensic Examination ◽  
Different Types ◽  
Valid Evidence

Abstract. The handling of digital evidence each and every digital data that can proof a determination that a crime has been committed; it may also give the links between a crime and its victims or crime and the culprit. How to verify a valid evidence is to investigate using the approach known as the Digital Forensic Examination Procedures. Integrated Digital Forensic Investigation Framework (IDFIF) is the latest developed method, so that it is interesting to further scrutinize IDFIF, particularly in the process of investigation of a smartphone. The current smartphone devices have similar functions with computers. Although its functions are almost the same as the computer, but there are some differences in the process of digital forensics handling between computer devices and smartphones. The digital evidence handling process stages need to overcome the circumstances that may be encountered by an investigator involving digital evidence particularly on electronic media and smartphone devices in the field. IDFIF needs to develop in such a way so it has the flexibility in handling different types of digital evidence.Keywords: digital evidence, IDFIF, investigation, smartphoneAbstraks. Penanganan bukti digital mencakup setiap dan semua data digital yang dapat menjadi bukti penetapan bahwa kejahatan telah dilakukan atau dapat memberikan link antara kejahatan dan korbannya atau kejahatan dan pelakunya. Cara pembuktian untuk mendapatkan bukti valid adalah dengan melakukaninvestigasi dengan pendekatan Prosedur Pemeriksaan Digital Forensic. Integrated Digital Forensics Investigation Framework (IDFIF) merupakan metode terbaru sehingga IDFIF ini menarik untuk diteliti lebih lanjut terutama dalam proses investigasi smartphone. Saat ini perangkat smartphone memiliki fungsi yang sama dengan komputer. Meskipun demikian, ada beberapa perbedaan dalam proses penanganan digital forensics diantara perangkat komputer dan smartphone. Tahapan proses penanganan barang bukti digital seharusnya dibuat untuk mengatasi keadaan umum yang mungkin dihadapi oleh investigator yangmelibatkan barang bukti digital terutama pada perangkat smartphone dan media elektronik terkait di lapangan. IDFIF perlu dikembangkan sehingga memiliki fleksibilitas dalam menangani berbagai jenis barang bukti digital.Kata Kunci: bukti digital, IDFIF, investigasi, smartphone

scholarly journals Identifying Digital Forensic Frameworks Based on Processes Models

2021 ◽  
pp. 249-258
Author(s):  
Talib M. Jawad Abbas ◽  
Ahmed Salem Abdulmajeed
Keyword(s):  
Forensic Science ◽  
Digital Forensics ◽  
Digital Evidence ◽  
Digital Devices ◽  
Digital Forensic ◽  
Reliable Evidence ◽  
Basic Concepts ◽  
Investigation Process

Digital forensic is part of forensic science that implicitly covers crime related to computer and other digital devices. It‟s being for a while that academic studies are interested in digital forensics. The researchers aim to find out a discipline based on scientific structures that defines a model reflecting their observations. This paper suggests a model to improve the whole investigation process and obtaining an accurate and complete evidence and adopts securing the digital evidence by cryptography algorithms presenting a reliable evidence in a court of law. This paper presents the main and basic concepts of the frameworks and models used in digital forensics investigation.

scholarly journals The Search and Seizure of Digital Evidence by Forensic Investigators in South Africa

2019 ◽  
Vol 22 ◽  
pp. 1-42 ◽  
Author(s):  
Jacobus Gerhardus Nortje ◽  
Daniel Christoffel Myburgh
Keyword(s):  
Information Technology ◽  
Police Officers ◽  
Digital Forensics ◽  
Legal Framework ◽  
Legal Aspects ◽  
Search And Seizure ◽  
Digital Evidence ◽  
Digital Forensic ◽  
Chain Of Custody ◽  
Principles And Standards

The discipline of digital forensics requires a combination of skills, qualifications and knowledge in the area of forensic investigation, legal aspects and information technology. The uniqueness of digital evidence makes the adoption of traditional legal approaches problematic. Information technology terminology is currently used interchangeably without any regard to being unambiguous and consistent in relation to legal texts. Many of the information technology terms or concepts have not yet achieved legal recognition. The recognition and standardisation of terminology within a legal context are of the utmost importance to ensure that miscommunication does not occur. To provide clarity or guidance on some of the terms and concepts applicable to digital forensics and for the search and seizure of digital evidence, some of the concepts and terms are reviewed and discussed, using the Criminal Procedure Act 51 of 1977 as a point of departure. Digital evidence is often collected incorrectly and analysed ineffectively or simply overlooked due to the complexities that digital evidence poses to forensic investigators. As with any forensic science, specific regulations, guidelines, principles or procedures should be followed to meet the objectives of investigations and to ensure the accuracy and acceptance of findings. These regulations, guidelines, principles or procedures are discussed within the context of digital forensics: what processes should be followed and how these processes ensure the acceptability of digital evidence. These processes include international principles and standards such as those of the Association of Chiefs of Police Officers and the International Organisation of Standardisation. A summary is also provided of the most influential or best-recognised international (IOS) standards on digital forensics. It is concluded that the originality, reliability, integrity and admissibility of digital evidence should be maintained as follows: Data should not be changed or altered. Original evidence should not be directly examined. Forensically sound duplicates should be created. Digital forensic analyses should be performed by competent persons. Digital forensic analyses should adhere to relevant local legal requirements. Audit trails should exist consisting of all required documents and actions. The chain of custody should be protected. Processes and procedures should be proper, while recognised and accepted by the industry. If the ACPO (1997) principles and ISO/IEC 27043 and 27037 Standards are followed as a forensic framework, then digital forensic investigators should follow these standards as a legal framework.  

scholarly journals Holistic Analytics of Digital Artifacts

2021 ◽  
Vol 13 (5) ◽  
pp. 78-100
Author(s):  
Ashok Kumar Mohan ◽  
Sethumadhavan Madathil ◽  
Lakshmy K. V.
Keyword(s):  
Digital Evidence ◽  
Forensic Investigation ◽  
Association Model ◽  
Digital Devices ◽  
Digital Forensic ◽  
Unique Mapping ◽  
Metadata Association ◽  
Almost All ◽  
Mapping Models ◽  
Unique Association

Investigation of every crime scene with digital evidence is predominantly required in identifying almost all atomic files behind the scenes that have been intentionally scrubbed out. Apart from the data generated across digital devices and the use of diverse technology that slows down the traditional digital forensic investigation strategies. Dynamically scrutinizing the concealed or sparse metadata matches from the less frequent archives of evidence spread across heterogeneous sources and finding their association with other artifacts across the collection is still a horrendous task for the investigators. The effort of this article via unique pockets (UP), unique groups (UG), and unique association (UA) model is to address the exclusive challenges mixed up in identifying incoherent associations that are buried well within the meager metadata field-value pairs. Both the existing similarity models and proposed unique mapping models are verified by the unique metadata association model.

Digital Forensics and Data Mining

2020 ◽  
pp. 240-247
Author(s):  
Mohammad Suaib ◽  
Mohd. Akbar ◽  
Mohd. Shahid Husain
Keyword(s):  
Data Mining ◽  
Digital Forensics ◽  
Traditional Approach ◽  
Information Age ◽  
Digital Evidence ◽  
Law Enforcement Agencies ◽  
Cyber Forensics ◽  
Data Mining Techniques ◽  
Digital Forensic ◽  
Efficiency And Reliability

Digital forensic experts need to identify and collect the data stored in electronic devices. Further, this acquired data has to be analyzed to produce digital evidence. Data mining techniques have been successfully implemented in various applications across the domains. Data mining techniques help us to gain insight from a large volume of data. It helps us to predict the pattern, classify the data, and other various aspects of the data based on the users' perspective. Digital forensics is a sophisticated area of research. As the information age is revolutionizing at an inconceivable speed and the information stored in digital form is growing at a rapid rate, law enforcement agencies have a heavy reliance on digital forensic techniques that can provide timely acquisition of data, zero fault data processing, and accurate interpretation of data. This chapter gives an overview of the tasks involved in cyber forensics. It also discusses the traditional approach for digital forensics and how the integration of data mining techniques can enhance the efficiency and reliability of the existing systems used for cyber forensics.

Security, Privacy, Forensics Analysis for Smartphones

2020 ◽  
pp. 1-25
Author(s):  
Monika Arora ◽  
Yogita Gigras
Keyword(s):  
Social Media ◽  
Mobile Phone ◽  
Digital Forensics ◽  
Senior Citizens ◽  
Basic Information ◽  
Android Apps ◽  
The Past ◽  
Digital Forensic ◽  
Traffic Growth ◽  
Secure Environment

The number of mobile phone users has increased exponentially in the past decade. In India itself, it has crossed to over 1.2 billion mobile phone users, with at least 45% being the smartphone users, and this number is growing by the day. Almost 75% of internet traffic is generated by Smartphone users, traffic growth is irrespective of the demography of users. In this chapter, the focus is on two main categories of users (i.e., adolescents and senior citizens), who are not very tech-savvy. It discusses the threat they face even in normal usage of smartphones, and how digital forensics shall provide a secure environment without compromising much on ease of usage. Android apps are prone to attacks by hackers as basic information shared by a user on social media turns out to be very lucrative information for intruders. This chapter discusses some of the methods adopted by digital forensic experts to deal with such cybercrimes, the software/hardware tools present in a smartphone, and what preventive steps shall be taken by users to safeguard themselves against cybercrimes.

scholarly journals Post-Genesis Digital Forensics Investigation

2017 ◽  
Author(s):  
Andysah Putera Utama Siahaan ◽  
Robbi Rahim
Keyword(s):  
Digital Forensics ◽  
Computer Forensics ◽  
Digital Evidence ◽  
Cyber Crime ◽  
Legal Process ◽  
Operational Procedure ◽  
Digital Footprint ◽  
Digital Forensic

Digital Forensics is a technique used to search for evidence of events that have occurred. This quest aims to reveal the hidden truth. The existence of digital forensic activities due to the occurrence of crimes both in the field of computers or other. Legal treatment in digital forensic field makes this area of science a compulsory device to dismantle crimes involving the computer world. In general, the cyber crime leaves a digital footprint, so it is necessary for a computer forensics expert to secure digital evidence. Computer forensics necessarily requires a standard operational procedure in taking digital evidence so as not to be contaminated or modified when the data is analyzed. The application of digital forensic is beneficial to the legal process going well and correctly.

scholarly journals Investigasi Aplikasi Messager Pada Smartphone Berbasis Android

2016 ◽  
Vol 4 (02) ◽  
Author(s):  
Haris Richard Adrian Taruma Selej
Keyword(s):  
Mobile Phone ◽  
Mobile Phones ◽  
Digital Forensics ◽  
Text Message ◽  
Forensic Investigation ◽  
Communication Tool ◽  
Basic Principles ◽  
Digital Forensic ◽  
Considerable Distance

in the era of technology has greatly advanced, mobile phones have become a necessity and a means of communicating with each other. even though they are separated by a considerable distance, no longer need to spend the time to meet physically. This reason also makes the phone as the primary choice for criminals to communicate. communication used a variety of purposes, such as positive or negative. In 2010, digital forensic analyst team has examined such as network Puslabfor drugs, pornography, gambling, corruption, defamation, fraud, bribery, and others. Of these, as many as 118 types of mobile phones in the form of evidence. It means that offenders still consider mobile phones as a primary communication tool. Digital forensic analysts and investigators, it shall be able to anticipate these things, so that when there is evidence of mobile phone, which was confiscated from criminals, can be checked properly in accordance with the basic principles of digital forensics. This study uses DFIF (Digital Forensic Investigation Framework) smartphone investigation by searching for evidence of a conversation via text message. the results of the investigation evidence to prove the offender information, the information will be presented in the form of a forensic report which will be used as evidence in court.

scholarly journals IDENTIFICATION OF DIGITAL EVIDENCE FACEBOOK MESSENGER ON MOBILE PHONE WITH NATIONAL INSTITUTE OF STANDARDS TECHNOLOGY (NIST) METHOD

Kursor ◽  
2019 ◽  
Vol 9 (3) ◽  
Author(s):  
Anton Yudhana ◽  
Imam Riadi ◽  
Ikhwan Anshori
Keyword(s):  
Social Media ◽  
Performance Evaluation ◽  
Mobile Phone ◽  
Digital Forensics ◽  
Negative Impact ◽  
Digital Evidence ◽  
Negative Effects ◽  
Acquisition Process ◽  
Digital Crime ◽  
Forensic Tools

Facebook Messenger is a popular social media. The increasing number of Facebook Messenger users certainly has a positive and negative impact, one of the negative effects is being used for digital crime. One of the sciences to get digital evidence is to do Digital forensics. Digital forensics can be done on a smartphone used by criminals. This research will carry out as much evidence of digital crime as possible from Facebook Messenger. In this study the forensic devices, Magnet AXIOM and Oxygen Forensics Suite 2014 were used using the National Institute of Standards Technology (NIST) method. NIST has work guidelines for both policies and standards to ensure that each examiner follows the same workflow so that their work is documented and the results can be repeated and maintained. The results of the research in the Magnet AXIOM and Oxygen Forensics Suite 2014 get digital evidence in the form of accounts, conversation texts, and images. This study successfully demonstrated the results of an analysis of forensic devices and digital evidence on Facebook Messenger. The results of the performance evaluation of forensic tools in the acquisition process using AXIOM Magnets are considered the best compared to Oxygen Forensics Suite 2014.

Sign in / Sign up

Export Citation Format

Share Document