A Framework for Digital Forensics and Investigations

Digital forensics investigations are an important task for collecting evidence based on the artifacts left in computer systems for computer related crimes. The requirements of such investigations are often a neglected aspect in most of the existing models of digital investigations. Therefore, a formal and systematic approach is needed to provide a framework for modeling and reasoning about the requirements of digital investigations. In addition, anti-forensics situations make the forensic investigation process challenging by contaminating any stage of the investigation process, its requirements, or by destroying the evidence. Therefore, successful forensic investigations require understanding the possible anti-forensic issues during the investigation. In this paper, the authors present a new method for guiding digital forensics investigations considering the anti-forensics based on goal-driven requirements engineering methodologies, in particular KAOS. Methodologies like KAOS facilitate modeling and reasoning about goals, requirements and obstacles, as well as their operationalization and responsibility assignments. The authors believe that this new method will lead in the future to better management and organization of the various steps of forensics investigations in cyberspace as well as provide more robust grounds for reasoning about forensic evidence.

Download Full-text

A Combined Approach for a Privacy-Aware Digital Forensic Investigation in Enterprises

Journal of Cyber Security and Mobility ◽

10.13052/jcsm2245-1439.1012 ◽

2021 ◽

Author(s):

Ludwig Englbrecht ◽

Günther Pernul

Keyword(s):

Private Information ◽

Digital Forensics ◽

Privacy Preserving ◽

Identification Algorithm ◽

Sensitive Information ◽

Forensic Investigation ◽

Digital Forensic ◽

Subject Areas ◽

Investigation Process ◽

Examination Process

Stricter policies, laws and regulations for companies on the handling of private information arise challenges in the handling of data for Digital Forensics investigations. This paper describes an approach that can meet necessary requirements to conduct a privacy-aware Digital Forensics investigation in an enterprise. The core of our approach is an entropy-based identification algorithm to detect specific patterns within files that can indicate non-private information. Therefore we combine various approaches with the goal to detect and exclude files containing sensitive information systematically. This privacy-preserving method can be integrated into a Digital Forensics examination process to prepare an image which is free from private as well as critical information for the investigation. We implemented and evaluated our approach with a prototype. The approach demonstrates that investigations in enterprises can be supported and improved by adapting existing algorithms and processes from related subject areas to implement privacy-preserving measures into an investigation process.

Download Full-text

A Survey on Digital Forensic Investigation Practitioners Approach and Challenges

International Journal for Research in Applied Science and Engineering Technology ◽

10.22214/ijraset.2021.35544 ◽

2021 ◽

Vol 9 (VI) ◽

pp. 2733-2736

Author(s):

Prof. Sachin Babulal Jadhav

Keyword(s):

Data Collection ◽

Digital Forensics ◽

Electronic Devices ◽

Digital Evidence ◽

Cyber Crime ◽

Forensic Investigation ◽

Digital Forensic ◽

Digital Crime ◽

Entire World ◽

Investigation Process

Digital crimes are taking place over the entire world. For any digital crime which commit at any part of world, computer or any electronic devices are used. The devices which are used to commit the crime are useful evidences which must be identified and protected for further use. The crimes involving electronic devices are called as cyber-crime. To investigate such crimes, a scientific procedures needs to be followed. The data collection, analysis, preservation and presentation of digital evidence is must in order investigate the cybercrime. This paper highlights the practices that are used worldwide in the investigation process of cyber-crime. Keywords: Digital Forensics, Analysis, Investigation, models of investigation.

Download Full-text

Analysis on digital forensics challenges and anti-forensics techniques in cloud computing

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i2.7.12230 ◽

2018 ◽

Vol 7 (2.7) ◽

pp. 1072 ◽

Cited By ~ 3

Author(s):

Divya Vadlamudi ◽

Dr K. Thirupathi Rao ◽

Pellakuri Vidyullatha ◽

B AjasekharReddy

Keyword(s):

Cloud Computing ◽

Mobile Devices ◽

Digital Forensics ◽

Cloud Environment ◽

Forensic Investigation ◽

Modern Life ◽

Investigation Process

In the modern life, there is a rapid increase in the usage of the technology. One reason of increasing the technology is usage of cloud. The mobile devices or any other technological devices mainly depend on cloud. The cloud can be accessible from anywhere. Cloud forensic process had introduced to help the investigators to find the evidence when the criminal attacks the cloud and to maintain the integrity and security for the data stored in the cloud. The increasing in the criminal attacks in cloud, made the investigators to find the latest methods for the forensic investigation process. Similarly in the same way the criminals also discover new ways to hide the source of evidences. This causes damage to the investigation process and is called anti-forensics. To hide the sources anti-forensic techniques are used and research must be done against the anti-forensics techniques in cloud environment. In this paper we focused mainly on detailed study on various challenges in cloud forensic and anti-forensic techniques.

Download Full-text

Forensic Evidence in Proving Crimes: Exploring the Legal Frameworks of Sharīʿah Bukti Forensik Bagi Membuktikan Jenayah: Menerokai Rangka Kerja Guaman Sharīʿah

Journal of Islam in Asia <span style="font-size: 0.6em">(E-ISSN: 2289-8077)</span> ◽

10.31436/jia.v13i1.530 ◽

2016 ◽

Vol 13 (1) ◽

pp. 220-247

Author(s):

Sayyid Mohammad Yunus Gilani ◽

K. M. Zakir Hossain Shalim

Keyword(s):

Legal System ◽

Islamic Law ◽

Common Law ◽

Legal Framework ◽

New Method ◽

Criminal Investigation ◽

Forensic Evidence ◽

Administration Of Justice ◽

Legal Frameworks

AbstractForensic evidence is an evolving science in the field of criminal investigation and prosecutions. It has been widely used in the administration of justice in the courts and the Western legal system, particularly in common law. To accommodate this new method of evidence in Islamic law, this article firstly, conceptualizes forensic evidence in Islamic law. Secondly, explores legal frameworks for its adoption in Islamic law. Keywords: Forensic Evidence, legal framework, Criminal Investigation, Sharīʿah.AbstrakBukti forensik adalah sains yang sentiasa berkembang dalam bidang siasatan jenayah dan pendakwaan. Ia telah digunakan secara meluas dalam pentadbiran keadilan di mahkamah dan sistem undang-undang Barat, terutamanya dalam undang-undang common (common law). Untuk menampung kaedah pembuktian baru ini dalam undang-undang Islam, artikel ini, pertamanya, konseptualisasikan bukti forensik dalam undang-undang Islam. Kedua, ia menerokai rangka kerja undang-undang untuk penerimaannya dalam undang-undang Islam.Kata Kunci: Bukti Forensik, Rangka Kerja Guaman, Siasatan Jenayah, Sharīʿah.

Download Full-text

A New Method for Railway Fastener Detection Using the Symmetrical Image and Its EA-HOG Feature

International Journal of Pattern Recognition and Artificial Intelligence ◽

10.1142/s021800142055006x ◽

2019 ◽

Vol 34 (02) ◽

pp. 2055006

Author(s):

Jiajia Liu ◽

Jianying Yuan ◽

Yongfang Jia

Keyword(s):

Computer Vision ◽

Sparse Representation ◽

Efficient Method ◽

Important Task ◽

New Method ◽

Automatic Inspection ◽

Test Image ◽

Recognition Result ◽

The Status ◽

Railway Operation

Railway fastener recognition and detection is an important task for railway operation safety. However, the current automatic inspection methods based on computer vision can effectively detect the intact or completely missing fasteners, but they have weaker ability to recognize the partially worn ones. In our method, we exploit the EA-HOG feature fastener image, generate two symmetrical images of original test image and turn the detection of the original test image into the detection of two symmetrical images, then integrate the two recognition results of symmetrical image to reach exact recognition of original test image. The potential advantages of the proposed method are as follows: First, we propose a simple yet efficient method to extract the fastener edge, as well as the EA-HOG feature of the fastener image. Second, the symmetry images indeed reflect some possible appearance of the fastener image which are not shown in the original images, these changes are helpful for us to judge the status of the symmetry samples based on the improved sparse representation algorithm and then obtain an exact judgment of the original test image by combining the two corresponding judgments of its symmetry images. The experiment results show that the proposed approach achieves a rather high recognition result and meets the demand of railway fastener detection.

Download Full-text

Chronic Daily Headache: An Evidence-Based and Systematic Approach to a Challenging Problem

Neurology ◽

10.1212/wnl.0b013e31820d5f32 ◽

2011 ◽

Vol 76 (Issue 7, Supplement 2) ◽

pp. S37-S43 ◽

Cited By ~ 19

Author(s):

R. B. Halker ◽

E. V. Hastriter ◽

D. W. Dodick

Keyword(s):

Chronic Daily Headache ◽

Systematic Approach ◽

Evidence Based ◽

Challenging Problem ◽

Daily Headache

Download Full-text

PENERAPAN FRAMEWORK HARMONISED DIGITAL FORENSIC INVESTIGATION PROCESS (HDFIP) UNTUK MENDAPATKAN ARTIFAK BUKTI DIGITAL PADA SMARTPHONE TIZEN

Cyber Security dan Forensik Digital ◽

10.14421/csecurity.2018.1.2.1352 ◽

2019 ◽

Vol 1 (2) ◽

pp. 67-74

Author(s):

Widodo Widodo ◽

Bambang Sugiantoro

Keyword(s):

Forensic Investigation ◽

Digital Forensic ◽

Investigation Process ◽

Live Forensics

Menurut Tizen Team (2016) smartphone dengan sistem operasi tizen termasuk smartphone yang baru dan memiliki jenis aplikasi Web, Hybrid, Native/asli dengan extensi file berupa file.tpk yang berbeda dengan jenis smartphone lainnya. Dari beberapa review penelitian sebelumnya, dapat diketahui bahwa belum ada penelitian tentang proses penanganan smartphone tizen beserta platform whatsapp yang berada didalamnya. Sebagian besar hasil penelitian hanya meliputi tentang bagaimana ekplorasi bukti digital pada smarphone android dan membahas tizen dari segi keamanan. Berdasarkan review dari penelitian tersebut, terdapat beberapa masalah diantaranya belum adanya metode dan penerapan framework yang cocok untuk proses penanganan smartphone tizen dan platform whatsapp yang berada didalamnya tersebut. Untuk itu, metode live forensics dan model HDFIP dapat dijadikan acuan framework yang cocok untuk mengidentifikasi karakteristik tizen dan platform whatsapp. Dimana metode live forensics akan digunakan untuk melakukan tahapan analisa secara terperinci dan teliti terhadap peangkat barang bukti digital dan dilakukan dalam sebuah perangkat elektronik dalam keadaan power on. Sehingga penelitian ini menghasilkan perbedaan mendasar artifak android dan tizen, mendapatkan karakteristik bukti digital pada Smartphone Tizen, yaitu berbentuk logical dan berupa file dengan ektensi .CSV dan file.db, dimana hasil penelitian ini terfokus pada sistem aplikasi WhatsApp dan SMS.

Download Full-text

BLOFF

Revolutionary Applications of Blockchain-Enabled Privacy and Access Control - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-7589-5.ch003 ◽

2021 ◽

pp. 59-73

Author(s):

Promise Agbedanu ◽

Anca Delia Jurcut

Keyword(s):

Internet Of Things ◽

Energy Security ◽

Digital Forensics ◽

Service Providers ◽

Smart Homes ◽

The Internet ◽

Forensic Investigation ◽

Heterogeneous Nature ◽

The Internet Of Things ◽

Game Changer

In this era of explosive growth in technology, the internet of things (IoT) has become the game changer when we consider technologies like smart homes and cities, smart energy, security and surveillance, and healthcare. The numerous benefits provided by IoT have become attractive technologies for users and cybercriminals. Cybercriminals of today have the tools and the technology to deploy millions of sophisticated attacks. These attacks need to be investigated; this is where digital forensics comes into play. However, it is not easy to conduct a forensic investigation in IoT systems because of the heterogeneous nature of the IoT environment. Additionally, forensic investigators mostly rely on evidence from service providers, a situation that can lead to evidence contamination. To solve this problem, the authors proposed a blockchain-based IoT forensic model that prevents the admissibility of tampered logs into evidence.

Download Full-text