Development of conceptual framework for cyber fraud investigation

The increase in the number of internet users in Indonesia as much as 175.4 million as recorded in the Datareportal.com report and 4.83 billion globally, impact the increase in the number of cyber fraud cases. Data states that 96% of fraud cases are not resolved due to fraud methods carried out online and make it difficult for legal officers to obtain evidence. Previous fraud investigation research mainly focused on fraud detection, so this research focuses on submitting a framework for investigating cyber fraud cases. The cyber fraud case requires a new framework for investigation because in this fraud case, there is digital evidence that is very prone to be damaged, lost, or modified, which makes this case unsolved. This research aims to develop a framework that is expected to help auditors to uncover cases of cyber fraud so that resolved cyber fraud cases can increase. The method used in making this framework uses Jabareen's conceptual framework development method, which consists of 6 stages, namely, Mapping the selected data source, extensive reading and categorizing of the chosen data, Identifying and naming objects, Deconstructing and categorizing the concept, Integrating concept, Synthesis, resynthesis. And make it all sense. The framework for cyber fraud investigation uses 22 digital forensic frameworks and eight frameworks for fraud audit investigations. The results of developing a framework using the Jabareen method resulted in 8 stages, integrating various concepts selected from digital forensics and fraud audits. Evaluation of framework development was carried out by giving limited questionnaires to practitioners and academics, which produced 89% for the feasibility value and needs of the framework and 67% there is no need for changes to the framework being developed.

Download Full-text

The Search and Seizure of Digital Evidence by Forensic Investigators in South Africa

Potchefstroom Electronic Law Journal/Potchefstroomse Elektroniese Regsblad ◽

10.17159/1727-3781/2019/v22i0a4886 ◽

2019 ◽

Vol 22 ◽

pp. 1-42 ◽

Cited By ~ 1

Author(s):

Jacobus Gerhardus Nortje ◽

Daniel Christoffel Myburgh

Keyword(s):

Information Technology ◽

Police Officers ◽

Digital Forensics ◽

Legal Framework ◽

Legal Aspects ◽

Search And Seizure ◽

Digital Evidence ◽

Digital Forensic ◽

Chain Of Custody ◽

Principles And Standards

The discipline of digital forensics requires a combination of skills, qualifications and knowledge in the area of forensic investigation, legal aspects and information technology. The uniqueness of digital evidence makes the adoption of traditional legal approaches problematic. Information technology terminology is currently used interchangeably without any regard to being unambiguous and consistent in relation to legal texts. Many of the information technology terms or concepts have not yet achieved legal recognition. The recognition and standardisation of terminology within a legal context are of the utmost importance to ensure that miscommunication does not occur. To provide clarity or guidance on some of the terms and concepts applicable to digital forensics and for the search and seizure of digital evidence, some of the concepts and terms are reviewed and discussed, using the Criminal Procedure Act 51 of 1977 as a point of departure. Digital evidence is often collected incorrectly and analysed ineffectively or simply overlooked due to the complexities that digital evidence poses to forensic investigators. As with any forensic science, specific regulations, guidelines, principles or procedures should be followed to meet the objectives of investigations and to ensure the accuracy and acceptance of findings. These regulations, guidelines, principles or procedures are discussed within the context of digital forensics: what processes should be followed and how these processes ensure the acceptability of digital evidence. These processes include international principles and standards such as those of the Association of Chiefs of Police Officers and the International Organisation of Standardisation. A summary is also provided of the most influential or best-recognised international (IOS) standards on digital forensics. It is concluded that the originality, reliability, integrity and admissibility of digital evidence should be maintained as follows: Data should not be changed or altered. Original evidence should not be directly examined. Forensically sound duplicates should be created. Digital forensic analyses should be performed by competent persons. Digital forensic analyses should adhere to relevant local legal requirements. Audit trails should exist consisting of all required documents and actions. The chain of custody should be protected. Processes and procedures should be proper, while recognised and accepted by the industry. If the ACPO (1997) principles and ISO/IEC 27043 and 27037 Standards are followed as a forensic framework, then digital forensic investigators should follow these standards as a legal framework.

Download Full-text

Digital Forensics and Data Mining

Advances in Digital Crime, Forensics, and Cyber Terrorism - Critical Concepts, Standards, and Techniques in Cyber Forensics ◽

10.4018/978-1-7998-1558-7.ch014 ◽

2020 ◽

pp. 240-247

Author(s):

Mohammad Suaib ◽

Mohd. Akbar ◽

Mohd. Shahid Husain

Keyword(s):

Data Mining ◽

Digital Forensics ◽

Traditional Approach ◽

Information Age ◽

Digital Evidence ◽

Law Enforcement Agencies ◽

Cyber Forensics ◽

Data Mining Techniques ◽

Digital Forensic ◽

Efficiency And Reliability

Digital forensic experts need to identify and collect the data stored in electronic devices. Further, this acquired data has to be analyzed to produce digital evidence. Data mining techniques have been successfully implemented in various applications across the domains. Data mining techniques help us to gain insight from a large volume of data. It helps us to predict the pattern, classify the data, and other various aspects of the data based on the users' perspective. Digital forensics is a sophisticated area of research. As the information age is revolutionizing at an inconceivable speed and the information stored in digital form is growing at a rapid rate, law enforcement agencies have a heavy reliance on digital forensic techniques that can provide timely acquisition of data, zero fault data processing, and accurate interpretation of data. This chapter gives an overview of the tasks involved in cyber forensics. It also discusses the traditional approach for digital forensics and how the integration of data mining techniques can enhance the efficiency and reliability of the existing systems used for cyber forensics.

Download Full-text

Post-Genesis Digital Forensics Investigation

10.31227/osf.io/h5bds ◽

2017 ◽

Author(s):

Andysah Putera Utama Siahaan ◽

Robbi Rahim

Keyword(s):

Digital Forensics ◽

Computer Forensics ◽

Digital Evidence ◽

Cyber Crime ◽

Legal Process ◽

Operational Procedure ◽

Digital Footprint ◽

Digital Forensic

Digital Forensics is a technique used to search for evidence of events that have occurred. This quest aims to reveal the hidden truth. The existence of digital forensic activities due to the occurrence of crimes both in the field of computers or other. Legal treatment in digital forensic field makes this area of science a compulsory device to dismantle crimes involving the computer world. In general, the cyber crime leaves a digital footprint, so it is necessary for a computer forensics expert to secure digital evidence. Computer forensics necessarily requires a standard operational procedure in taking digital evidence so as not to be contaminated or modified when the data is analyzed. The application of digital forensic is beneficial to the legal process going well and correctly.

Download Full-text

Digital Forensics

Enterprise Information Systems Assurance and System Security ◽

10.4018/978-1-59140-911-3.ch020 ◽

2011 ◽

pp. 311-325

Author(s):

David A. Dampier ◽

A. Chris Bogen

Keyword(s):

Law Enforcement ◽

Digital Media ◽

Digital Forensics ◽

Criminal Activity ◽

Computer Forensics ◽

Data Recovery ◽

Digital Evidence ◽

Digital Forensic ◽

Network Device

This chapter introduces the field of digital forensics. It is intended as an overview to permit the reader to understand the concepts and to be able to procure the appropriate assistance should the need for digital forensics expertise arise. Digital forensics is the application of scientific techniques of discovery and exploitation to the problem of finding, verifying, preserving, and exploiting digital evidence for use in a court of law. It involves the use of hardware and software for finding evidence of criminal activity on digital media, either in a computer or in a network device, and attributing that evidence to a suspect for the purposes of conviction. Digital forensics can also be used for non-law enforcement purposes. Data recovery is a form of computer forensics used outside of the legal arena. The authors hope that the reader will understand some of the intricacies of digital forensics and be able to intelligently respond to incidents requiring a digital forensic response.

Download Full-text

Analisis Kelayakan Integrated Digital Forensics Investigation Framework Untuk Investigasi Smartphone

Jurnal Buana Informatika ◽

10.24002/jbi.v7i4.767 ◽

2016 ◽

Vol 7 (4) ◽

Cited By ~ 1

Author(s):

Ruuhwan Ruuhwan ◽

Imam Riadi ◽

Yudi Prayudi

Keyword(s):

Digital Forensics ◽

Electronic Media ◽

Digital Data ◽

Digital Evidence ◽

Forensic Investigation ◽

Digital Forensic ◽

Forensic Examination ◽

Different Types ◽

Valid Evidence

Abstract. The handling of digital evidence each and every digital data that can proof a determination that a crime has been committed; it may also give the links between a crime and its victims or crime and the culprit. How to verify a valid evidence is to investigate using the approach known as the Digital Forensic Examination Procedures. Integrated Digital Forensic Investigation Framework (IDFIF) is the latest developed method, so that it is interesting to further scrutinize IDFIF, particularly in the process of investigation of a smartphone. The current smartphone devices have similar functions with computers. Although its functions are almost the same as the computer, but there are some differences in the process of digital forensics handling between computer devices and smartphones. The digital evidence handling process stages need to overcome the circumstances that may be encountered by an investigator involving digital evidence particularly on electronic media and smartphone devices in the field. IDFIF needs to develop in such a way so it has the flexibility in handling different types of digital evidence.Keywords: digital evidence, IDFIF, investigation, smartphoneAbstraks. Penanganan bukti digital mencakup setiap dan semua data digital yang dapat menjadi bukti penetapan bahwa kejahatan telah dilakukan atau dapat memberikan link antara kejahatan dan korbannya atau kejahatan dan pelakunya. Cara pembuktian untuk mendapatkan bukti valid adalah dengan melakukaninvestigasi dengan pendekatan Prosedur Pemeriksaan Digital Forensic. Integrated Digital Forensics Investigation Framework (IDFIF) merupakan metode terbaru sehingga IDFIF ini menarik untuk diteliti lebih lanjut terutama dalam proses investigasi smartphone. Saat ini perangkat smartphone memiliki fungsi yang sama dengan komputer. Meskipun demikian, ada beberapa perbedaan dalam proses penanganan digital forensics diantara perangkat komputer dan smartphone. Tahapan proses penanganan barang bukti digital seharusnya dibuat untuk mengatasi keadaan umum yang mungkin dihadapi oleh investigator yangmelibatkan barang bukti digital terutama pada perangkat smartphone dan media elektronik terkait di lapangan. IDFIF perlu dikembangkan sehingga memiliki fleksibilitas dalam menangani berbagai jenis barang bukti digital.Kata Kunci: bukti digital, IDFIF, investigasi, smartphone

Download Full-text

A Survey on Digital Forensic Investigation Practitioners Approach and Challenges

International Journal for Research in Applied Science and Engineering Technology ◽

10.22214/ijraset.2021.35544 ◽

2021 ◽

Vol 9 (VI) ◽

pp. 2733-2736

Author(s):

Prof. Sachin Babulal Jadhav

Keyword(s):

Data Collection ◽

Digital Forensics ◽

Electronic Devices ◽

Digital Evidence ◽

Cyber Crime ◽

Forensic Investigation ◽

Digital Forensic ◽

Digital Crime ◽

Entire World ◽

Investigation Process

Digital crimes are taking place over the entire world. For any digital crime which commit at any part of world, computer or any electronic devices are used. The devices which are used to commit the crime are useful evidences which must be identified and protected for further use. The crimes involving electronic devices are called as cyber-crime. To investigate such crimes, a scientific procedures needs to be followed. The data collection, analysis, preservation and presentation of digital evidence is must in order investigate the cybercrime. This paper highlights the practices that are used worldwide in the investigation process of cyber-crime. Keywords: Digital Forensics, Analysis, Investigation, models of investigation.

Download Full-text

Detection of Metasploit Attacks Using RAM Forensic on Proprietary Operating Systems

Kinetik Game Technology Information System Computer Network Computing Electronics and Control ◽

10.22219/kinetik.v5i2.1037 ◽

2020 ◽

pp. 155-160

Author(s):

Danar Cahyo Prakoso ◽

Imam Riadi ◽

Yudi Prayudi

Keyword(s):

Operating System ◽

Information Technology ◽

Operating Systems ◽

Digital Forensics ◽

Digital Evidence ◽

Analysis Tool ◽

Digital Forensic ◽

Digital Era ◽

Rule Out ◽

Live Forensics

Information technology has become an essential thing in the digital era as it is today. With the support of computer networks, information technology is used as a medium for exchanging data and information. Much information is confidential. Therefore, security is also essential. Metasploit is one of the frameworks commonly used by penetration testers to audit or test the security of a computer system legally, but it does not rule out the possibility that Metasploit can also be used for crime. For this reason, it is necessary to carry out a digital forensic process to uncover these crimes. In this study, a simulation of attacks on Windows 10 will be carried out with Metasploit. Then the digital forensics process uses live forensics techniques on computer RAM, where the computer RAM contains information about the processes running on the computer. The live forensic technique is important because information on RAM will be lost if the computer is off. This research will use FTK Imager, Dumpit, and Magnet RAM Capture as the RAM acquisition tool and Volatility as the analysis tool. The results of the research have successfully shown that the live forensics technique in RAM is able to obtain digital evidence in the form of an attacker's IP, evidence of exploits/Trojans, processes running on RAM, operating system profiles used and the location of the exploits/Trojan when executed by the victim.

Download Full-text

Review: Digital Forensics

International Journal of Advanced Research in Science, Communication and Technology ◽

10.48175/ijarsct-2168 ◽

2021 ◽

pp. 171-175

Author(s):

Anand Desai ◽

Siddhesh Masurkar

Keyword(s):

Forensic Science ◽

Digital Forensics ◽

The Internet ◽

Digital Devices ◽

Digital Forensic ◽

Internet Users ◽

Job Opportunities ◽

Set Up ◽

Investigation Process ◽

Internet Network

With the advancement and growing science of technology and the internet, the threats to data and digital devices have been increasing due to hackers and data invigilators. So the branch of DIGITAL FORENSIC has been set up for the investigation of the cybercrimes committed through the means of the internet, network, digital devices, etc. There are millions of internet users worldwide who are targeted by these hackers, and they lose their data to these data thieves unknowingly. This data can be misused by cybercriminals for various purposes. This branch of forensic science tracks and investigates these cyber criminals and finds the appropriate evidence against them. This paper surveys the work of this branch gives you a brief explanation about the various sub-branches, job opportunities available, and several tools used in this investigation process.

Download Full-text

Identifying Digital Forensic Frameworks Based on Processes Models

Iraqi Journal of Science ◽

10.24996/ijs.2021.si.1.35 ◽

2021 ◽

pp. 249-258

Author(s):

Talib M. Jawad Abbas ◽

Ahmed Salem Abdulmajeed

Keyword(s):

Forensic Science ◽

Digital Forensics ◽

Digital Evidence ◽

Digital Devices ◽

Digital Forensic ◽

Reliable Evidence ◽

Basic Concepts ◽

Investigation Process

Digital forensic is part of forensic science that implicitly covers crime related to computer and other digital devices. It‟s being for a while that academic studies are interested in digital forensics. The researchers aim to find out a discipline based on scientific structures that defines a model reflecting their observations. This paper suggests a model to improve the whole investigation process and obtaining an accurate and complete evidence and adopts securing the digital evidence by cryptography algorithms presenting a reliable evidence in a court of law. This paper presents the main and basic concepts of the frameworks and models used in digital forensics investigation.

Download Full-text

Digital investigations: relevance and confidence in disclosure

ERA Forum ◽

10.1007/s12027-021-00687-1 ◽

2021 ◽

Author(s):

Philip Anderson ◽

Dave Sampson ◽

Seanpaul Gilroy

Keyword(s):

Mobile Phone ◽

Digital Forensics ◽

Digital Evidence ◽

Digital Devices ◽

Digital Forensic ◽

Different Types ◽

New Challenges ◽

Stored Information

AbstractThe field of digital forensics has grown exponentially to include a variety of digital devices on which digitally stored information can be processed and used for different types of crimes. As a result, as this growth continues, new challenges for those conducting digital forensic examinations emerge. Digital forensics has become mainstream and grown in importance in situations where digital devices used in the commission of a crime need examining. This article reviews existing literature and highlights the challenges while exploring the lifecycle of a mobile phone examination and how the disclosure and admissibility of digital evidence develops.

Download Full-text