scholarly journals THE VALUE OF DIGITAL EVIDENCE IN CRIMINAL INVESTIGATIONS

2019 ◽  
Vol 23 (1) ◽  
pp. 123-140
Author(s):  
Oleg A Ostrovsky
Keyword(s):  
Database Systems ◽  
Forensic Analysis ◽  
Computer Crime ◽  
Digital Evidence ◽  
Complex Task ◽  
Security Measures ◽  
Complex Processes ◽  
New Directions ◽  
E Learning ◽  
Irregular Data

Modern information systems, such as e-learning, e-voting, e-health, etc., are often used inappropriately for irregular data changes (data falsification). These facts force to review security measures and find a way to improve them. Proof of computer crime is accompanied by very complex processes that are based on the collection of digital evidence, forensic analysis and investigation. Forensic analysis of database systems is a very specific and complex task and therefore is the main source of inspiration for research. This article presents the fact that classical methods of collecting digital evidence are not suitable and effective. To improve efficiency, a combination of well-known, world-independent database technologies and their application in the field of forensic science are proposed. It also offers new directions for research in this area.

Forensic Analysis of Artifacts of Giant Instant Messaging “WhatsApp” in Android Smartphone

2018 ◽  
Vol 5 (2) ◽  
pp. 73-83
Author(s):  
Hussein Abed Ghannam
Keyword(s):  
Instant Messaging ◽  
Smart Phone ◽  
Forensic Analysis ◽  
Digital Evidence ◽  
Terror Attack ◽  
Left Behind ◽  
Digital Crime ◽  
Internal Storage ◽  
Network Forensic ◽  
Electronic Crime

WhatsApp is a giant mobile instant message IM application with over 1billion users. The huge usage of IM like WhatsApp through giant smart phone “Android” makes the digital forensic researchers to study deeply. The artefacts left behind in the smartphone play very important role in any electronic crime, or any terror attack. “WhatsApp” as a biggest IM in the globe is considered to be very important resource for information gathering about any digital crime. Recently, end-to-end encryption and many other important features were added and no device forensic analysis or network forensic analysis studies have been performed to the time of writing this paper. This paper explains how can we able to extract the Crypt Key of “WhatsApp” to decrypt the databases and extract precious artefacts resides in the android system without rooting the device. Artefacts that extracted from the last version of WhatsApp have been analysed and correlate to give new valuable evidentiary traces that help in investigating. Many hardware and software tools for mobile and forensics are used to collect as much digital evidence as possible from persistent storage on android device. Some of these tools are commercial like UFED Cellebrite and Andriller, and other are open source tools such as autopsy, adb, WhatCrypt. All of these tools that forensically sound accompanied this research to discover a lot of artefacts resides in android internal storage in WhatsApp application.

scholarly journals A Comparative UAV Forensic Analysis: Static and Live Digital Evidence Traceability Challenges

Drones ◽  
2021 ◽  
Vol 5 (2) ◽  
pp. 42
Author(s):  
Fahad E. Salamh ◽  
Umit Karabiyik ◽  
Marcus K. Rogers ◽  
Eric T. Matson
Keyword(s):  
High Volume ◽  
Forensic Analysis ◽  
Digital Evidence ◽  
Incident Response ◽  
Scientific Contribution ◽  
Response Plan ◽  
Technical Challenges ◽  
And Control ◽  
The Impact ◽  
Categorization Model

The raising accessibility of Unmanned Aerial Vehicles (UAVs), colloquially known as drones, is rapidly increasing. Recent studies have discussed challenges that may come in tow with the growing use of this technology. These studies note that in-depth examination is required, especially when addressing challenges that carry a high volume of software data between sensors, actuators, and control commands. This work underlines static and live digital evidence traceability challenges to further enhance the UAV incident response plan. To study the live UAV forensic traceability issues, we apply the `purple-teaming’ exercise on small UAVs while conducting UAV forensic examination to determine technical challenges related to data integrity and repeatability. In addition, this research highlights current static technical challenges that could pose more challenges in justifying the discovered digital evidence. Additionally, this study discusses potential drone anti-forensic techniques and their association with the type of use, environment, attack vector, and level of expertise. To this end, we propose the UAV Kill Chain and categorize the impact and complexity of all highlighted challenges based on the conducted examination and the presented scientific contribution in this work. To the best of our knowledge, there has not been any contribution that incorporates `Purple-Teaming’ tactics to evaluate UAV-related research in cybersecurity and digital forensics. This work also proposes a categorization model that classifies the discovered UAV static and live digital evidence challenges based on their complexity and impact levels

scholarly journals Sistem Monitoring Bukti Digital Untuk Meningkatkan Kontrol Terhadap Kasus Cybercrime Di Indonesia

2019 ◽  
Vol 2 (1) ◽  
pp. 39-46
Author(s):  
Krisna Widatama
Keyword(s):  
Monitoring System ◽  
Computer Technology ◽  
Positive Impact ◽  
Integrated System ◽  
District Level ◽  
Computer Crime ◽  
Digital Evidence ◽  
Integrated Monitoring ◽  
Physical Evidence ◽  
Negative Impacts

Nowadays, the computer technology is growing rapidly. This has a positive impact, many people can be helped by the computer. In addition, the types of jobs available are in-creasing. But, there are also negative impacts, for example the computer crimes are growing dramatically. The komputer crimes will be handled where the place of computer crime occurred at the District Level (POLSEK). The problem occurs is when police agen-cies at the District Level do not have tools to investigate digital evidence. So the proce-dure to handle this computer crime is send the physical evidence to the Regional Level (POLDA) to be acquired and analyzed.It will make the digital evidence vulnerable to be acquired and manipulated when the physical evidence is sent to the Regional Police Agency by people who do not have au-thority. It is necessary to renew the procedure for handling digital evidence in the case of a computer crime and integrated system between them.This study will produce a procedure for handling digital evidence through an integrated monitoring system between POLSEK and POLDA agencies. It is hoped that through this monitoring system, authenticity can be maintained and the digital evidence can be ac-cepted by judge in the court.

Sign in / Sign up

Export Citation Format

Share Document