User profiling via application usage pattern on digital devices for digital forensics

2021 ◽  
Vol 168 ◽  
pp. 114488
Author(s):  
Hongkyun Kwon ◽  
Sangjin Lee ◽  
Doowon Jeong
Keyword(s):  
Digital Forensics ◽  
User Profiling ◽  
Usage Pattern ◽  
Digital Devices

Privacy Concerns with Digital Forensics

2016 ◽  
pp. 145-162
Author(s):  
Neil C. Rowe
Keyword(s):  
Digital Forensics ◽  
Digital Data ◽  
Commercial Software ◽  
Privacy Concerns ◽  
Digital Space ◽  
Digital Devices ◽  
Privacy Laws ◽  
Private Spaces ◽  
Detailed Search

Digital forensics is a rapidly growing technology for examining the contents of computers and digital devices. It raises many challenges to conventional notions of privacy because it involves a considerably more detailed search of digital data than is possible with other techniques, and it can be done surreptitiously. However, there are analogies to homes and the rights of individuals to be free from unwarranted searches and seizures in their private spaces. Even though commercial software and data comprises most of digital space, there are clearly enclaves of data that deserves to be kept private. We discuss the techniques of digital forensics and investigative targets. We identify key challenges to privacy, and outline both the legal protections and the technical protections available. Unfortunately, privacy laws are ineffective in most countries, and users need to take their own measures to protect themselves.

Development and Various Critical Testing Operational Frameworks in Data Acquisition for Cyber Forensics

2020 ◽  
pp. 88-102
Author(s):  
Abhineet Anand ◽  
M. Arvindhan
Keyword(s):  
Data Acquisition ◽  
Digital Forensics ◽  
Digital Data ◽  
Court Cases ◽  
Cyber Forensics ◽  
Digital Devices ◽  
Private Lives ◽  
Or Methodology ◽  
Crime Detection ◽  
Operational Frameworks

Digital forensics is the science of preserving and analyzing digital data; this data can then be used in court cases as well as for crime detection and prevention. Digital forensics began in the 1970s and was initially used as a tool for fighting financial crime. Today, with computers and digital devices being an integral part of our professional and private lives, digital forensics are used/needed in a wide variety of disputes. Data Acquisitions is described and discuss different techniques or methodology obtain the data, facts, and figures from different resource and at a different level of the system.

scholarly journals An Improved Bytewise Approximate Matching Algorithm Suitable for Files of Dissimilar Sizes

Mathematics ◽  
2020 ◽  
Vol 8 (4) ◽  
pp. 503
Author(s):  
Víctor Gayoso Martínez ◽  
Fernando Hernández-Álvarez ◽  
Luis Hernández Encinas
Keyword(s):  
Digital Forensics ◽  
Ad Hoc ◽  
Full Description ◽  
Matching Algorithm ◽  
Approximate Matching ◽  
Digital Devices ◽  
Signature Generation ◽  
Actual Content ◽  
Similarity Preserving ◽  
Generation Procedure

The goal of digital forensics is to recover and investigate pieces of data found on digital devices, analysing in the process their relationship with other fragments of data from the same device or from different ones. Approximate matching functions, also called similarity preserving or fuzzy hashing functions, try to achieve that goal by comparing files and determining their resemblance. In this regard, ssdeep, sdhash, and LZJD are nowadays some of the best-known functions dealing with this problem. However, even though those applications are useful and trustworthy, they also have important limitations (mainly, the inability to compare files of very different sizes in the case of ssdeep and LZJD, the excessive size of sdhash and LZJD signatures, and the occasional scarce relationship between the comparison score obtained and the actual content of the files when using the three applications). In this article, we propose a new signature generation procedure and an algorithm for comparing two files through their digital signatures. Although our design is based on ssdeep, it improves some of its limitations and satisfies the requirements that approximate matching applications should fulfil. Through a set of ad-hoc and standard tests based on the FRASH framework, it is possible to state that the proposed algorithm presents remarkable overall detection strengths and is suitable for comparing files of very different sizes. A full description of the multi-thread implementation of the algorithm is included, along with all the tests employed for comparing this proposal with ssdeep, sdhash, and LZJD.

Data Handling of Digital Forensics Cloud Computing

2013 ◽  
Vol 756-759 ◽  
pp. 1739-1743
Author(s):  
Gang Zeng
Keyword(s):  
Cloud Computing ◽  
Digital Forensics ◽  
Data Handling ◽  
Digital Devices

With development of network and digital devices, traditional digital forensics tools show their drawbacks, and investigators need new forensics tools to deal with enormous digital evidences. Therefore, this paper introduces digital forensics and cloud computing, then lists the advantages of private forensics cloud computing, proposes a model of Data Handling of Digital Forensics Cloud Computing.

scholarly journals Keyword Indexing And Searching Tool (KIST): A Tool to Assist the Forensics Analysis of WhatsApp Chat

2020 ◽  
Vol 6 (1) ◽  
pp. 23
Author(s):  
Syafiqah Hanisah Shahrol Nizam ◽  
Nurul Hidayah Ab Rahman ◽  
Niken Dwi Wahyu Cahyani
Keyword(s):  
Mobile Phones ◽  
Digital Forensics ◽  
Forensic Analysis ◽  
User Testing ◽  
Analysis Software ◽  
Digital Devices ◽  
Analysis Tools ◽  
Private And Public ◽  
Public Sectors ◽  
Keyword Searching

Digital forensics is a field that concerned with finding and presenting evidence sourced from digital devices, such as computers and mobile phones. Most of the forensic analysis software is proprietary, and eventually, specialized analysis software is developed in both the private and public sectors. This paper presents an alternative of forensic analysis tools for digital forensics, which specifically to analyze evidence through keyword indexing and searching. Keyword Indexing and Searching Tool (KIST) is proposed to analyze evidence of interest from WhatsApp chat text files using keyword searching techniques and based on incident types. The tool was developed by adopting the Prototyping model as its methodology. KIST includes modules such as add, edit, remove, display the indexed files, and to add WhatsApp chat text files. Subsequently, the tool is tested using functionality testing and user testing. Functionality testing shows all key functions are working as intended, while users testing indicates the majority of respondents are agree that the tool is able to index and search keyword and display forensic analysis results.

scholarly journals Effective resource management in digital forensics

2019 ◽  
Vol 43 (1) ◽  
pp. 77-90 ◽  
Author(s):  
Dana Wilson-Kovacs
Keyword(s):  
Police Officers ◽  
Digital Forensics ◽  
Methodological Approach ◽  
Forensic Analysis ◽  
Careful Consideration ◽  
Systematic Evaluation ◽  
Structured Interviews ◽  
Content Type ◽  
Digital Devices ◽  
Police Forces

Purpose Building on the findings of a British Academy-funded project on the development of digital forensics (DF) in England and Wales, the purpose of this paper is to explore how triage, a process that helps prioritise digital devices for in-depth forensic analysis, is experienced by DF examiners and police officers in four English police forces. It is argued that while as a strategy triage can address the increasing demand in the examination of digital exhibits, careful consideration needs to be paid to the ways in which its set-up, undertaking and outcomes impact on the ability of law enforcement agencies to solve cases. Design/methodology/approach The methodological approach adopted here builds on the ethnographic turn in criminology. The analysis draws on 120 h of ethnographic observations and 43 semi-structured interviews. Observational data of the working DF environment at each location and a systematic evaluation of internal documents, organisational settings and police priorities helped refine emergent analysis threads, which were analytically compared between sites and against the testimonies of members of different occupational groups to identify similarities and differences between accounts. Findings The findings emphasise the challenges in the triage of digital exhibits as they are encountered in everyday practice. The discussion focusses on the tensions between the delivery of timely and accurate investigation results and current gaps in the infrastructural arrangements. It also emphasises the need to provide police officers with a baseline understanding of the role of DF and the importance of clearly defined strategies in the examination of digital devices. Originality/value This paper aims to bridge policy and practice through an analysis of the ways in which DF practitioners and police officers in four English constabularies reflect on the uses of triage in DF to address backlogs and investigative demands. Highlighting the importance of digital awareness beyond the technical remit of DF units, it offers new insights into the ways in which police forces seek to improve the evidential trail with limited resources.

Characteristic evidence, counter evidence and reconstruction problems in forensic computing

2015 ◽  
Vol 57 (6) ◽  
Author(s):  
Andreas Dewald
Keyword(s):  
Digital Forensics ◽  
Forensic Sciences ◽  
Digital Evidence ◽  
Digital Devices ◽  
Great Responsibility ◽  
Different Types

AbstractWith the ever increasing number of crimes in which computers or other digital devices are used, digital forensics plays an increasingly important role in today's jurisdiction. The acquisition and investigation of the devices is done by forensic experts, whose reports and personal explanations then form the basis of justice. Because of this great responsibility of the experts, the quality of their investigations has to meet the highest standards. Historically, forensic computing (as digital forensics) developed pragmatically, driven by specific technical needs. Indeed, in comparison with other forensic sciences the field still is rather immature and has many deficits, such as the unclear terminology used in court. In this paper, we introduce notions of (digital) evidence, characteristic evidence, and (characteristic) counter evidence, as well as the definitions of two fundamental forensic reconstruction problems. We show the relation of the observability of the different types of evidence to the solvability of those problems. By doing this, we wish to exemplify the usefulness of formalization in the establishment of a precise terminology. While this will not replace all terminological shortcomings, it (1) may provide the basis for a better understanding between experts, and (2) helps to understand the significance of different types of digital evidence to answer questions in an investigation.

Privacy Concerns With Digital Forensics

2019 ◽  
pp. 1464-1481
Author(s):  
Neil C. Rowe
Keyword(s):  
Digital Forensics ◽  
Digital Data ◽  
Commercial Software ◽  
Privacy Concerns ◽  
Digital Space ◽  
Digital Devices ◽  
Privacy Laws ◽  
Private Spaces ◽  
Detailed Search

Digital forensics is a rapidly growing technology for examining the contents of computers and digital devices. It raises many challenges to conventional notions of privacy because it involves a considerably more detailed search of digital data than is possible with other techniques, and it can be done surreptitiously. However, there are analogies to homes and the rights of individuals to be free from unwarranted searches and seizures in their private spaces. Even though commercial software and data comprises most of digital space, there are clearly enclaves of data that deserves to be kept private. We discuss the techniques of digital forensics and investigative targets. We identify key challenges to privacy, and outline both the legal protections and the technical protections available. Unfortunately, privacy laws are ineffective in most countries, and users need to take their own measures to protect themselves.

Sign in / Sign up

Export Citation Format

Share Document