scholarly journals Computer forensic analysis protocols review focused on digital evidence recovery in hard disks devices

2019 ◽  
Vol 1418 ◽  
pp. 012008 ◽  
Author(s):  
H F Villar-Vega ◽  
L F Perez-Lopez ◽  
J Moreno-Sanchez
Keyword(s):  
Forensic Analysis ◽  
Digital Evidence ◽  
Hard Disks ◽  
Computer Forensic

Forensic Analysis of Artifacts of Giant Instant Messaging “WhatsApp” in Android Smartphone

2018 ◽  
Vol 5 (2) ◽  
pp. 73-83
Author(s):  
Hussein Abed Ghannam
Keyword(s):  
Instant Messaging ◽  
Smart Phone ◽  
Forensic Analysis ◽  
Digital Evidence ◽  
Terror Attack ◽  
Left Behind ◽  
Digital Crime ◽  
Internal Storage ◽  
Network Forensic ◽  
Electronic Crime

WhatsApp is a giant mobile instant message IM application with over 1billion users. The huge usage of IM like WhatsApp through giant smart phone “Android” makes the digital forensic researchers to study deeply. The artefacts left behind in the smartphone play very important role in any electronic crime, or any terror attack. “WhatsApp” as a biggest IM in the globe is considered to be very important resource for information gathering about any digital crime. Recently, end-to-end encryption and many other important features were added and no device forensic analysis or network forensic analysis studies have been performed to the time of writing this paper. This paper explains how can we able to extract the Crypt Key of “WhatsApp” to decrypt the databases and extract precious artefacts resides in the android system without rooting the device. Artefacts that extracted from the last version of WhatsApp have been analysed and correlate to give new valuable evidentiary traces that help in investigating. Many hardware and software tools for mobile and forensics are used to collect as much digital evidence as possible from persistent storage on android device. Some of these tools are commercial like UFED Cellebrite and Andriller, and other are open source tools such as autopsy, adb, WhatCrypt. All of these tools that forensically sound accompanied this research to discover a lot of artefacts resides in android internal storage in WhatsApp application.

scholarly journals A Comparative UAV Forensic Analysis: Static and Live Digital Evidence Traceability Challenges

Drones ◽  
2021 ◽  
Vol 5 (2) ◽  
pp. 42
Author(s):  
Fahad E. Salamh ◽  
Umit Karabiyik ◽  
Marcus K. Rogers ◽  
Eric T. Matson
Keyword(s):  
High Volume ◽  
Forensic Analysis ◽  
Digital Evidence ◽  
Incident Response ◽  
Scientific Contribution ◽  
Response Plan ◽  
Technical Challenges ◽  
And Control ◽  
The Impact ◽  
Categorization Model

The raising accessibility of Unmanned Aerial Vehicles (UAVs), colloquially known as drones, is rapidly increasing. Recent studies have discussed challenges that may come in tow with the growing use of this technology. These studies note that in-depth examination is required, especially when addressing challenges that carry a high volume of software data between sensors, actuators, and control commands. This work underlines static and live digital evidence traceability challenges to further enhance the UAV incident response plan. To study the live UAV forensic traceability issues, we apply the `purple-teaming’ exercise on small UAVs while conducting UAV forensic examination to determine technical challenges related to data integrity and repeatability. In addition, this research highlights current static technical challenges that could pose more challenges in justifying the discovered digital evidence. Additionally, this study discusses potential drone anti-forensic techniques and their association with the type of use, environment, attack vector, and level of expertise. To this end, we propose the UAV Kill Chain and categorize the impact and complexity of all highlighted challenges based on the conducted examination and the presented scientific contribution in this work. To the best of our knowledge, there has not been any contribution that incorporates `Purple-Teaming’ tactics to evaluate UAV-related research in cybersecurity and digital forensics. This work also proposes a categorization model that classifies the discovered UAV static and live digital evidence challenges based on their complexity and impact levels

A Survey of Cloud Computing Challenges from a Digital Forensics Perspective

2012 ◽  
pp. 1221-1236
Author(s):  
Gregory H. Carlton ◽  
Hill Zhou
Keyword(s):  
Cloud Computing ◽  
Digital Forensics ◽  
Service Providers ◽  
Communication Technologies ◽  
Forensic Analysis ◽  
Remote Locations ◽  
System Components ◽  
Computing Environments ◽  
Computer Forensic ◽  
Associated Data

Computing and communication technologies have merged to produce an environment where many applications and their associated data reside in remote locations, often unknown to the users. The adoption of cloud computing promises many benefits to users and service providers, as it shifts users’ concerns away from the physical location of system components and toward the accessibility of the system’s services. While this adoption of cloud computing may be beneficial to users and service providers, it increases areas of concern for computer forensic examiners that need to obtain data from cloud computing environments for evidence in legal matters. The authors present an overview of cloud computing, discuss the challenges it raises from a digital forensics perspective, describe suitable tools for forensic analysis of cloud computing environments, and consider the future of cloud computing.

scholarly journals THE VALUE OF DIGITAL EVIDENCE IN CRIMINAL INVESTIGATIONS

2019 ◽  
Vol 23 (1) ◽  
pp. 123-140
Author(s):  
Oleg A Ostrovsky
Keyword(s):  
Database Systems ◽  
Forensic Analysis ◽  
Computer Crime ◽  
Digital Evidence ◽  
Complex Task ◽  
Security Measures ◽  
Complex Processes ◽  
New Directions ◽  
E Learning ◽  
Irregular Data

Modern information systems, such as e-learning, e-voting, e-health, etc., are often used inappropriately for irregular data changes (data falsification). These facts force to review security measures and find a way to improve them. Proof of computer crime is accompanied by very complex processes that are based on the collection of digital evidence, forensic analysis and investigation. Forensic analysis of database systems is a very specific and complex task and therefore is the main source of inspiration for research. This article presents the fact that classical methods of collecting digital evidence are not suitable and effective. To improve efficiency, a combination of well-known, world-independent database technologies and their application in the field of forensic science are proposed. It also offers new directions for research in this area.

scholarly journals Forensic analysis of video steganography tools

2015 ◽  
Author(s):  
Thomas Sloan ◽  
Julio Hernandez-Castro
Keyword(s):  
State Of The Art ◽  
Freedom Of Speech ◽  
Forensic Analysis ◽  
Forensic Investigation ◽  
Video Steganography ◽  
The Past ◽  
Current State ◽  
Hidden Data ◽  
Computer Forensic ◽  
Privacy And Anonymity

Steganography is the art and science of concealing information in such a way that only the sender and intended recipient of a message should be aware of its presence. Digital steganography has been used in the past on a variety of media including executable files, audio, text, games and, notably, images. Additionally, there is increasing research interest towards the use of video as a media for steganography, due to its pervasive nature and diverse embedding capabilities. In this work, we examine the embedding algorithms and other security characteristics of several video steganography tools. We show how all feature basic and severe security weaknesses. This is potentially a very serious threat to the security, privacy and anonymity of their users. It is important to highlight that most steganography users have perfectly legal and ethical reasons to employ it. Some common scenarios would include citizens in oppressive regimes whose freedom of speech is compromised, people trying to avoid massive surveillance or censorship, political activists, whistle blowers, journalists, etc. As a result of our findings, we strongly recommend to cease any use of these tools, and to remove any contents that may have been hidden, and any carriers stored, exchanged and/or uploaded online. For many of these tools, carrier files will be trivial to detect, potentially compromising any hidden data and the parties involved in the communication. We finish this work by presenting our steganalytic results, that highlight a very poor current state of the art in practical video steganography tools. There is unfortunately a complete lack of secure and publicly available tools, and even commercial tools offer very poor security. We therefore encourage the steganography community to work towards the development of more secure and accessible video steganography tools, and make them available for the general public. The results presented in this work can also be seen as a useful resource for forensic examiners to determine the existence of any video steganography materials over the course of a computer forensic investigation.

scholarly journals Digital Forensic Analysis on Android Smartphones for Handling Cybercrime Cases

2019 ◽  
Vol 7 (2) ◽  
pp. 19 ◽  
Author(s):  
Firmansyah Gustav Hikmatyar ◽  
Bambang Sugiantoro
Keyword(s):  
Operating System ◽  
Forensic Analysis ◽  
Weighting Method ◽  
Final Project ◽  
Mobile Forensics ◽  
Storage Media ◽  
The Times ◽  
Computer Forensic ◽  
Crime Scenarios ◽  
Communication Lines

As the times progressed, forensic science has developed rapidly. The science of forensics extends to new areas of technology ranging from digital forensics, computer forensics and mobile forensics. Mobile forensics in analyzing and collecting data is obtained from various resources, such as operating systems, communication lines and also various storage media. The most popular mobile operating system of the day is a smartphone based on android operating system. With android technology, criminals can use that technology as a crime medium ranging from overriding crime ideas, crime targets and crime scenarios. In this Final Project use forensic mobile application to get data residing in cell phone actors, in the form of text, sound, picture and video that have or not yet deleted in smartphone. In this study, a model for investigating the crime scene is the author using the Generic Computer Forensic Investigation Model (GCFIM). On the GCFIM model the investigator may be able to return to the previous stage because of the possibility of a changeable situation (both physical and digital), the investigation tools used, the crime tools used, and the level of investigative expertise. In this research also added weighting method of word TF-IDF, where this method can help to find keyword in digital evidence in the form of word / text.

Sign in / Sign up

Export Citation Format

Share Document