scholarly journals Post-Genesis Digital Forensics Investigation

2017 ◽  
Author(s):  
Andysah Putera Utama Siahaan ◽  
Robbi Rahim
Keyword(s):  
Digital Forensics ◽  
Computer Forensics ◽  
Digital Evidence ◽  
Cyber Crime ◽  
Legal Process ◽  
Operational Procedure ◽  
Digital Footprint ◽  
Digital Forensic

Digital Forensics is a technique used to search for evidence of events that have occurred. This quest aims to reveal the hidden truth. The existence of digital forensic activities due to the occurrence of crimes both in the field of computers or other. Legal treatment in digital forensic field makes this area of science a compulsory device to dismantle crimes involving the computer world. In general, the cyber crime leaves a digital footprint, so it is necessary for a computer forensics expert to secure digital evidence. Computer forensics necessarily requires a standard operational procedure in taking digital evidence so as not to be contaminated or modified when the data is analyzed. The application of digital forensic is beneficial to the legal process going well and correctly.

Digital Forensics

2011 ◽  
pp. 311-325
Author(s):  
David A. Dampier ◽  
A. Chris Bogen
Keyword(s):  
Law Enforcement ◽  
Digital Media ◽  
Digital Forensics ◽  
Criminal Activity ◽  
Computer Forensics ◽  
Data Recovery ◽  
Digital Evidence ◽  
Digital Forensic ◽  
Network Device

This chapter introduces the field of digital forensics. It is intended as an overview to permit the reader to understand the concepts and to be able to procure the appropriate assistance should the need for digital forensics expertise arise. Digital forensics is the application of scientific techniques of discovery and exploitation to the problem of finding, verifying, preserving, and exploiting digital evidence for use in a court of law. It involves the use of hardware and software for finding evidence of criminal activity on digital media, either in a computer or in a network device, and attributing that evidence to a suspect for the purposes of conviction. Digital forensics can also be used for non-law enforcement purposes. Data recovery is a form of computer forensics used outside of the legal arena. The authors hope that the reader will understand some of the intricacies of digital forensics and be able to intelligently respond to incidents requiring a digital forensic response.

scholarly journals A Survey on Digital Forensic Investigation Practitioners Approach and Challenges

2021 ◽  
Vol 9 (VI) ◽  
pp. 2733-2736
Author(s):  
Prof. Sachin Babulal Jadhav
Keyword(s):  
Data Collection ◽  
Digital Forensics ◽  
Electronic Devices ◽  
Digital Evidence ◽  
Cyber Crime ◽  
Forensic Investigation ◽  
Digital Forensic ◽  
Digital Crime ◽  
Entire World ◽  
Investigation Process

Digital crimes are taking place over the entire world. For any digital crime which commit at any part of world, computer or any electronic devices are used. The devices which are used to commit the crime are useful evidences which must be identified and protected for further use. The crimes involving electronic devices are called as cyber-crime. To investigate such crimes, a scientific procedures needs to be followed. The data collection, analysis, preservation and presentation of digital evidence is must in order investigate the cybercrime. This paper highlights the practices that are used worldwide in the investigation process of cyber-crime. Keywords: Digital Forensics, Analysis, Investigation, models of investigation.

scholarly journals The Search and Seizure of Digital Evidence by Forensic Investigators in South Africa

2019 ◽  
Vol 22 ◽  
pp. 1-42 ◽  
Author(s):  
Jacobus Gerhardus Nortje ◽  
Daniel Christoffel Myburgh
Keyword(s):  
Information Technology ◽  
Police Officers ◽  
Digital Forensics ◽  
Legal Framework ◽  
Legal Aspects ◽  
Search And Seizure ◽  
Digital Evidence ◽  
Digital Forensic ◽  
Chain Of Custody ◽  
Principles And Standards

The discipline of digital forensics requires a combination of skills, qualifications and knowledge in the area of forensic investigation, legal aspects and information technology. The uniqueness of digital evidence makes the adoption of traditional legal approaches problematic. Information technology terminology is currently used interchangeably without any regard to being unambiguous and consistent in relation to legal texts. Many of the information technology terms or concepts have not yet achieved legal recognition. The recognition and standardisation of terminology within a legal context are of the utmost importance to ensure that miscommunication does not occur. To provide clarity or guidance on some of the terms and concepts applicable to digital forensics and for the search and seizure of digital evidence, some of the concepts and terms are reviewed and discussed, using the Criminal Procedure Act 51 of 1977 as a point of departure. Digital evidence is often collected incorrectly and analysed ineffectively or simply overlooked due to the complexities that digital evidence poses to forensic investigators. As with any forensic science, specific regulations, guidelines, principles or procedures should be followed to meet the objectives of investigations and to ensure the accuracy and acceptance of findings. These regulations, guidelines, principles or procedures are discussed within the context of digital forensics: what processes should be followed and how these processes ensure the acceptability of digital evidence. These processes include international principles and standards such as those of the Association of Chiefs of Police Officers and the International Organisation of Standardisation. A summary is also provided of the most influential or best-recognised international (IOS) standards on digital forensics. It is concluded that the originality, reliability, integrity and admissibility of digital evidence should be maintained as follows: Data should not be changed or altered. Original evidence should not be directly examined. Forensically sound duplicates should be created. Digital forensic analyses should be performed by competent persons. Digital forensic analyses should adhere to relevant local legal requirements. Audit trails should exist consisting of all required documents and actions. The chain of custody should be protected. Processes and procedures should be proper, while recognised and accepted by the industry. If the ACPO (1997) principles and ISO/IEC 27043 and 27037 Standards are followed as a forensic framework, then digital forensic investigators should follow these standards as a legal framework.  

scholarly journals Analisis Forensik Metadata Kamera CCTV Sebagai Alat Bukti Digital

2020 ◽  
Vol 11 (2) ◽  
pp. 257-267
Author(s):  
Desti Mualfah ◽  
Rizdqi Akbar Ramadhan
Keyword(s):  
Reference Data ◽  
Computer Forensics ◽  
Closed Circuit ◽  
Digital Evidence ◽  
Management Information ◽  
Digital Forensic ◽  
Video Recordings ◽  
Chain Of Custody ◽  
Digital Forensic Investigations ◽  
Cctv Camera

Kejahatan konvensial yang terekam kamera CCTV (Closed Circuit Televison) semakin banyak ditemukan di masyarakat, setiap pelaku kejahatan yang terbukti melakukan tindak pidana tertentu akan dihukum sesuai dengan peraturan perundang-undangan. Kamera CCTV memiliki peran penting dalam keamanan, banyak diantaranya hasil tangkapan rekaman kamera CCTV dijadikan sebagai alat bukti digital. Tantangannya adalah bagaimana teknik yang diperlukan untuk penanganan khusus investigasi digital forensik dalam mencari bukti ditgital rekaman kamera CCTV menggunakan metode live forensik, yaitu ketika barang bukti dalam keadan aktif berdasarkan pedoman SNI 27037:2014 sesuai acuan kerangka kerja Common Phases of Computer Forensics Investigation Models untuk di implementasikan ke dalam dokumen Chain of Custody. Hasil penelitian ini berupa hasil analisis video rekaman kamera CCTV tentang karakteristik bukti digital dan informasi metadata yang digunakan untuk memberikan penjelasan komprehensif secara terstruktur serta acuan pengelolaan informasi data yang didapat dari hasil investigasi digital forensik yang dapat dipertanggungjawabkan dalam persidangan.   Kata kunci: Bukti Digital, Live Forensik, Metadata, Kamera CCTV, Chain of Custody.   Abstract Conventional crimes that are recorded on CCTV (Closed Circuit Television) cameras are increasingly being found in society, every crime that commits certain crimes will be in accordance with statutory regulations. CCTV cameras have an important role in security, many of which are recorded by CCTV cameras used as digital evidence. The challenge is how the techniques required for special handling, digital forensics in searching for digital evidence of CCTV camera footage using the live forensic method, namely when the evidence is in an active state based on the latest SNI 27037: 2014 according to the framework reference Common Phases of Computer Forensics Investigation Models for in implement it into the Chain of Custody document. These results of this research are in the form of analysis of CCTV camera video recordings about the characteristics of digital evidence and metadata information used to provide a structured comprehensive explanation and reference data management information obtained from the results of digital forensic investigations that can be accounted for in court.  Keywords: Digital Evidence, Live Forensic, Metadata, CCTV Camera, Chain of Custady.

Digital Forensics and Data Mining

2020 ◽  
pp. 240-247
Author(s):  
Mohammad Suaib ◽  
Mohd. Akbar ◽  
Mohd. Shahid Husain
Keyword(s):  
Data Mining ◽  
Digital Forensics ◽  
Traditional Approach ◽  
Information Age ◽  
Digital Evidence ◽  
Law Enforcement Agencies ◽  
Cyber Forensics ◽  
Data Mining Techniques ◽  
Digital Forensic ◽  
Efficiency And Reliability

Digital forensic experts need to identify and collect the data stored in electronic devices. Further, this acquired data has to be analyzed to produce digital evidence. Data mining techniques have been successfully implemented in various applications across the domains. Data mining techniques help us to gain insight from a large volume of data. It helps us to predict the pattern, classify the data, and other various aspects of the data based on the users' perspective. Digital forensics is a sophisticated area of research. As the information age is revolutionizing at an inconceivable speed and the information stored in digital form is growing at a rapid rate, law enforcement agencies have a heavy reliance on digital forensic techniques that can provide timely acquisition of data, zero fault data processing, and accurate interpretation of data. This chapter gives an overview of the tasks involved in cyber forensics. It also discusses the traditional approach for digital forensics and how the integration of data mining techniques can enhance the efficiency and reliability of the existing systems used for cyber forensics.

Cyber Forensics Evolution and Its Goals

2020 ◽  
pp. 16-30
Author(s):  
Mohammad Zunnun Khan ◽  
Anshul Mishra ◽  
Mahmoodul Hasan Khan
Keyword(s):  
Life Cycle ◽  
Personal Computer ◽  
Police Officers ◽  
Digital Forensics ◽  
Computer Forensics ◽  
Digital Evidence ◽  
Cyber Forensics ◽  
Forensic Research ◽  
Research Workshop

This chapter includes the evolution of cyber forensics from the 1980s to the current era. It was the era when computer forensics came into existence after a personal computer became a viable option for consumers. The formation of digital forensics is also discussed here. This chapter also includes the formation of cyber forensic investigation agencies. Cyber forensic life cycle and related phases are discussed in detail. Role of international organizations on computer evidence is discussed with the emphasize on Digital Forensic Research Workshop (DFRWS), Scientific Working Group on Digital Evidence (SWDGE), chief police officers' involvement. Authenticity-, accuracy-, and completeness-related pieces of evidence are also discussed. The most important thing that is discussed here is the cyber forensics data.

Analisis Kelayakan Integrated Digital Forensics Investigation Framework Untuk Investigasi Smartphone

2016 ◽  
Vol 7 (4) ◽  
Author(s):  
Ruuhwan Ruuhwan ◽  
Imam Riadi ◽  
Yudi Prayudi
Keyword(s):  
Digital Forensics ◽  
Electronic Media ◽  
Digital Data ◽  
Digital Evidence ◽  
Forensic Investigation ◽  
Digital Forensic ◽  
Forensic Examination ◽  
Different Types ◽  
Valid Evidence

Abstract. The handling of digital evidence each and every digital data that can proof a determination that a crime has been committed; it may also give the links between a crime and its victims or crime and the culprit. How to verify a valid evidence is to investigate using the approach known as the Digital Forensic Examination Procedures. Integrated Digital Forensic Investigation Framework (IDFIF) is the latest developed method, so that it is interesting to further scrutinize IDFIF, particularly in the process of investigation of a smartphone. The current smartphone devices have similar functions with computers. Although its functions are almost the same as the computer, but there are some differences in the process of digital forensics handling between computer devices and smartphones. The digital evidence handling process stages need to overcome the circumstances that may be encountered by an investigator involving digital evidence particularly on electronic media and smartphone devices in the field. IDFIF needs to develop in such a way so it has the flexibility in handling different types of digital evidence.Keywords: digital evidence, IDFIF, investigation, smartphoneAbstraks. Penanganan bukti digital mencakup setiap dan semua data digital yang dapat menjadi bukti penetapan bahwa kejahatan telah dilakukan atau dapat memberikan link antara kejahatan dan korbannya atau kejahatan dan pelakunya. Cara pembuktian untuk mendapatkan bukti valid adalah dengan melakukaninvestigasi dengan pendekatan Prosedur Pemeriksaan Digital Forensic. Integrated Digital Forensics Investigation Framework (IDFIF) merupakan metode terbaru sehingga IDFIF ini menarik untuk diteliti lebih lanjut terutama dalam proses investigasi smartphone. Saat ini perangkat smartphone memiliki fungsi yang sama dengan komputer. Meskipun demikian, ada beberapa perbedaan dalam proses penanganan digital forensics diantara perangkat komputer dan smartphone. Tahapan proses penanganan barang bukti digital seharusnya dibuat untuk mengatasi keadaan umum yang mungkin dihadapi oleh investigator yangmelibatkan barang bukti digital terutama pada perangkat smartphone dan media elektronik terkait di lapangan. IDFIF perlu dikembangkan sehingga memiliki fleksibilitas dalam menangani berbagai jenis barang bukti digital.Kata Kunci: bukti digital, IDFIF, investigasi, smartphone

scholarly journals Cyber Crime Investigation: Landscape, Challenges, and Future Research Directions

2021 ◽  
Vol 1 (4) ◽  
pp. 580-596
Author(s):  
Cecelia Horan ◽  
Hossein Saiedian
Keyword(s):  
Open Source ◽  
Language Processing ◽  
Digital Forensics ◽  
New Technology ◽  
Future Research ◽  
Cyber Crime ◽  
Research Directions ◽  
Digital Forensic ◽  
Open Source Intelligence ◽  
Future Research Directions

As technology has become pivotal a part of life, it has also become a part of criminal life. Criminals use new technology developments to commit crimes, and investigators must adapt to these changes. Many people have, and will become, victims of cybercrime, making it even more important for investigators to understand current methods used in cyber investigations. The two general categories of cyber investigations are digital forensics and open-source intelligence. Cyber investigations are affecting more than just the investigators. They must determine what tools they need to use based on the information that the tools provide and how effectively the tools and methods work. Tools are any application or device used by investigators, while methods are the process or technique of using a tool. This survey compares the most common methods available to investigators to determine what kind of evidence the methods provide, and which of them are the most effective. To accomplish this, the survey establishes criteria for comparison and conducts an analysis of the tools in both mobile digital forensic and open-source intelligence investigations. We found that there is no single tool or method that can gather all the evidence that investigators require. Many of the tools must be combined to be most effective. However, there are some tools that are more useful than others. Out of all the methods used in mobile digital forensics, logical extraction and hex dumps are the most effective and least likely to cause damage to the data. Among those tools used in open-source intelligence, natural language processing has more applications and uses than any of the other options.

scholarly journals Development of conceptual framework for cyber fraud investigation

2021 ◽  
Vol 7 (2) ◽  
pp. 125
Author(s):  
Anisa Nur Hidayati ◽  
Imam Riadi ◽  
Erika Ramadhani ◽  
Sarah Ulfah Al Amany
Keyword(s):  
Conceptual Framework ◽  
Digital Forensics ◽  
Digital Evidence ◽  
Extensive Reading ◽  
Development Method ◽  
Digital Forensic ◽  
Internet Users ◽  
Data Source ◽  
Framework Development ◽  
New Framework

The increase in the number of internet users in Indonesia as much as 175.4 million as recorded in the Datareportal.com report and 4.83 billion globally, impact the increase in the number of cyber fraud cases. Data states that 96% of fraud cases are not resolved due to fraud methods carried out online and make it difficult for legal officers to obtain evidence. Previous fraud investigation research mainly focused on fraud detection, so this research focuses on submitting a framework for investigating cyber fraud cases. The cyber fraud case requires a new framework for investigation because in this fraud case, there is digital evidence that is very prone to be damaged, lost, or modified, which makes this case unsolved. This research aims to develop a framework that is expected to help auditors to uncover cases of cyber fraud so that resolved cyber fraud cases can increase. The method used in making this framework uses Jabareen's conceptual framework development method, which consists of 6 stages, namely, Mapping the selected data source, extensive reading and categorizing of the chosen data, Identifying and naming objects, Deconstructing and categorizing the concept, Integrating concept, Synthesis, resynthesis. And make it all sense. The framework for cyber fraud investigation uses 22 digital forensic frameworks and eight frameworks for fraud audit investigations. The results of developing a framework using the Jabareen method resulted in 8 stages, integrating various concepts selected from digital forensics and fraud audits. Evaluation of framework development was carried out by giving limited questionnaires to practitioners and academics, which produced 89% for the feasibility value and needs of the framework and 67% there is no need for changes to the framework being developed.

scholarly journals Detection of Metasploit Attacks Using RAM Forensic on Proprietary Operating Systems

2020 ◽  
pp. 155-160
Author(s):  
Danar Cahyo Prakoso ◽  
Imam Riadi ◽  
Yudi Prayudi
Keyword(s):  
Operating System ◽  
Information Technology ◽  
Operating Systems ◽  
Digital Forensics ◽  
Digital Evidence ◽  
Analysis Tool ◽  
Digital Forensic ◽  
Digital Era ◽  
Rule Out ◽  
Live Forensics

Information technology has become an essential thing in the digital era as it is today. With the support of computer networks, information technology is used as a medium for exchanging data and information. Much information is confidential. Therefore, security is also essential. Metasploit is one of the frameworks commonly used by penetration testers to audit or test the security of a computer system legally, but it does not rule out the possibility that Metasploit can also be used for crime. For this reason, it is necessary to carry out a digital forensic process to uncover these crimes. In this study, a simulation of attacks on Windows 10 will be carried out with Metasploit. Then the digital forensics process uses live forensics techniques on computer RAM, where the computer RAM contains information about the processes running on the computer. The live forensic technique is important because information on RAM will be lost if the computer is off. This research will use FTK Imager, Dumpit, and Magnet RAM Capture as the RAM acquisition tool and Volatility as the analysis tool. The results of the research have successfully shown that the live forensics technique in RAM is able to obtain digital evidence in the form of an attacker's IP, evidence of exploits/Trojans, processes running on RAM, operating system profiles used and the location of the exploits/Trojan when executed by the victim.

Sign in / Sign up

Export Citation Format

Share Document