scholarly journals IPFSChain: Interplanetary File System and Hyperledger Fabric Collaboration for Chain of Custody and Digital Evidence Management

2021 ◽  
Vol 183 (41) ◽  
pp. 24-31
Author(s):  
Jefrul Hanafi ◽  
Yudi Prayudi ◽  
Ahmad Luthfi
Author(s):  
Matthew N.O. Sadiku ◽  
Adebowale E. Shadare ◽  
Sarhan M. Musa

Digital chain of custody is the record of preservation of digital evidence from collection to presentation in the court of law. This is an essential part of digital investigation process.  Its key objective is to ensure that the digital evidence presented to the court remains as originally collected, without tampering. The chain of custody is important for admissible evidence in court. Without a chain of custody, the opposing attorney can challenge or dismiss the evidence presented. The aim of this paper is to provide a brief introduction to the concept of digital chain custody.


2019 ◽  
Vol 9 (15) ◽  
pp. 3097 ◽  
Author(s):  
Diego Renza ◽  
Jaime Andres Arango ◽  
Dora Maria Ballesteros

This paper addresses a problem in the field of audio forensics. With the aim of providing a solution that helps Chain of Custody (CoC) processes, we propose an integrity verification system that includes capture (mobile based), hash code calculation and cloud storage. When the audio is recorded, a hash code is generated in situ by the capture module (an application), and it is sent immediately to the cloud. Later, the integrity of the audio recording given as evidence can be verified according to the information stored in the cloud. To validate the properties of the proposed scheme, we conducted several tests to evaluate if two different inputs could generate the same hash code (collision resistance), and to evaluate how much the hash code changes when small changes occur in the input (sensitivity analysis). According to the results, all selected audio signals provide different hash codes, and these values are very sensitive to small changes over the recorded audio. On the other hand, in terms of computational cost, less than 2 s per minute of recording are required to calculate the hash code. With the above results, our system is useful to verify the integrity of audio recordings that may be relied on as digital evidence.


2014 ◽  
Vol 107 (9) ◽  
pp. 30-36 ◽  
Author(s):  
Yudi Prayudi ◽  
Ahmad Ashari ◽  
Tri K Priyambodo

2015 ◽  
Vol 3 (1) ◽  
Author(s):  
Cesar Villamizar ◽  
Ailin Orjuela ◽  
Marco Adarme

El análisis forense consiste en determinar las causas del compromiso de seguridad de un sistema. En la actualidad se conocen normas y principios generales como la Organización Internacional en Evidencia Digital (IOCE). El objetivo del estudio fue caracterizar la legislación colombiana en cuanto a la normatividad específica y necesaria para  el diseño de la técnica informática en cuanto a la extracción de la evidencia digital para anclar la cadena de custodia. Se utilizó una investigación descriptiva de tipo documental y aplicada, mediante el análisis de diferentes fuentes sobre sistemas de información, integridad, confidencialidad y disponibilidad de datos bajo custodia judicial. La normatividad actual permite fundamentar el uso de técnicas informáticas para la extracción de la evidencia digital y asegurar la cadena de custodia, basado en la protección constitucional del derecho a la intimidad, por lo que se deben respetar la libertad y promover las demás garantías. También la normatividad se apoya en la Ley  527 de Agosto 18 de 1999 que trata de los instrumentos magnéticos e informáticos, así como la ley 527 de 1999 sobre el comercio electrónico para Colombia, la Ley 1273 de 2009 para la protección de la información y la Ley 1273 del 2009 que tipifica los delitos informáticos.AbstractForensic analysis is to determine the causes of compromise security of a system. At present general rules and principles as the International Organization for Digital Evidence (IOCE) they are known. The aim of the study was to characterize Colombian law as to the specific and necessary for the design of computer technical regulations regarding the extraction of digital evidence to anchor the chain of custody. A descriptive documentary research and applied type was used, by analyzing different sources on information systems, integrity, confidentiality and availability of data in judicial custody. Current regulations allow substantiate the use of computer techniques to extract digital evidence and ensure the chain of custody, based on the constitutional protection of the right to privacy, so they must respect freedom and promote other warranties. Regulations also relies on Law 527 of August 18, 1999 which is magnetic and software tools, as well as the law 527 of 1999 on electronic commerce for Colombia, Law 1273 of 2009 for the protection of information and Law 1273 of 2009 which criminalizes cybercrime.


Author(s):  
Jacobus Gerhardus Nortje ◽  
Daniel Christoffel Myburgh

The discipline of digital forensics requires a combination of skills, qualifications and knowledge in the area of forensic investigation, legal aspects and information technology. The uniqueness of digital evidence makes the adoption of traditional legal approaches problematic. Information technology terminology is currently used interchangeably without any regard to being unambiguous and consistent in relation to legal texts. Many of the information technology terms or concepts have not yet achieved legal recognition. The recognition and standardisation of terminology within a legal context are of the utmost importance to ensure that miscommunication does not occur. To provide clarity or guidance on some of the terms and concepts applicable to digital forensics and for the search and seizure of digital evidence, some of the concepts and terms are reviewed and discussed, using the Criminal Procedure Act 51 of 1977 as a point of departure. Digital evidence is often collected incorrectly and analysed ineffectively or simply overlooked due to the complexities that digital evidence poses to forensic investigators. As with any forensic science, specific regulations, guidelines, principles or procedures should be followed to meet the objectives of investigations and to ensure the accuracy and acceptance of findings. These regulations, guidelines, principles or procedures are discussed within the context of digital forensics: what processes should be followed and how these processes ensure the acceptability of digital evidence. These processes include international principles and standards such as those of the Association of Chiefs of Police Officers and the International Organisation of Standardisation. A summary is also provided of the most influential or best-recognised international (IOS) standards on digital forensics. It is concluded that the originality, reliability, integrity and admissibility of digital evidence should be maintained as follows: Data should not be changed or altered. Original evidence should not be directly examined. Forensically sound duplicates should be created. Digital forensic analyses should be performed by competent persons. Digital forensic analyses should adhere to relevant local legal requirements. Audit trails should exist consisting of all required documents and actions. The chain of custody should be protected. Processes and procedures should be proper, while recognised and accepted by the industry. If the ACPO (1997) principles and ISO/IEC 27043 and 27037 Standards are followed as a forensic framework, then digital forensic investigators should follow these standards as a legal framework.  


2020 ◽  
Vol 11 (2) ◽  
pp. 257-267
Author(s):  
Desti Mualfah ◽  
Rizdqi Akbar Ramadhan

Kejahatan konvensial yang terekam kamera CCTV (Closed Circuit Televison) semakin banyak ditemukan di masyarakat, setiap pelaku kejahatan yang terbukti melakukan tindak pidana tertentu akan dihukum sesuai dengan peraturan perundang-undangan. Kamera CCTV memiliki peran penting dalam keamanan, banyak diantaranya hasil tangkapan rekaman kamera CCTV dijadikan sebagai alat bukti digital. Tantangannya adalah bagaimana teknik yang diperlukan untuk penanganan khusus investigasi digital forensik dalam mencari bukti ditgital rekaman kamera CCTV menggunakan metode live forensik, yaitu ketika barang bukti dalam keadan aktif berdasarkan pedoman SNI 27037:2014 sesuai acuan kerangka kerja Common Phases of Computer Forensics Investigation Models untuk di implementasikan ke dalam dokumen Chain of Custody. Hasil penelitian ini berupa hasil analisis video rekaman kamera CCTV tentang karakteristik bukti digital dan informasi metadata yang digunakan untuk memberikan penjelasan komprehensif secara terstruktur serta acuan pengelolaan informasi data yang didapat dari hasil investigasi digital forensik yang dapat dipertanggungjawabkan dalam persidangan.   Kata kunci: Bukti Digital, Live Forensik, Metadata, Kamera CCTV, Chain of Custody.   Abstract Conventional crimes that are recorded on CCTV (Closed Circuit Television) cameras are increasingly being found in society, every crime that commits certain crimes will be in accordance with statutory regulations. CCTV cameras have an important role in security, many of which are recorded by CCTV cameras used as digital evidence. The challenge is how the techniques required for special handling, digital forensics in searching for digital evidence of CCTV camera footage using the live forensic method, namely when the evidence is in an active state based on the latest SNI 27037: 2014 according to the framework reference Common Phases of Computer Forensics Investigation Models for in implement it into the Chain of Custody document. These results of this research are in the form of analysis of CCTV camera video recordings about the characteristics of digital evidence and metadata information used to provide a structured comprehensive explanation and reference data management information obtained from the results of digital forensic investigations that can be accounted for in court.  Keywords: Digital Evidence, Live Forensic, Metadata, CCTV Camera, Chain of Custady.


2020 ◽  
Vol 3 (3) ◽  
pp. 24-32
Author(s):  
Shireen M. Abed Zaid ◽  
Bayan M. Sabbar

Chain of custody (COC) is a concept and process designed to ensure the integrity of evidence including digital evidence (DE). Also, it defines a set of procedures to document files according to its chronological [1].  In this paper, the authors design a Chain of custody application software in order to document all digital evidence in order to ensure its integrity. Thus, a chain of custody application design to document the digital evidence from the time it collected to the time where the evidence actually presented at the court to ensure the digital evidence integrity and authenticity. It can help the investigator to follow clear documentation during the investigation process because of the conventional method considered a problematic issue when it used for digital evidence. In addition to physical evidence and digital evidence have different features and characteristics.The Chain of Custody application for digital evidence is designed using the SQL and XML [3] schema approach to save case information and compute DE hash value. then compare it with its value stores in the COC tab. This solution comes as one of the solutions to enrich the existing solution of the digital chain of custody.


This chapter evaluates the most relevant methodologies and best practices for conducting digital investigations, preserving digital forensic evidence and following chain of custody (CoC) of cybercrimes. Cybercriminals are assuming new strategies to launch their sophisticated cyberattacks within the ever-changing digital ecosystems. The authors recommend that digital investigations must continually shift to tackle cybercrimes and prosecute cybercriminals to increase international collaboration networks, to share prevention knowledge, and to analyze lessons learned. They also establish a cyber forensics model for miscellaneous ecosystems called cyber forensics model in digital ecosystems (CFMDE). This chapter also reviews the most important categories of tools to conduct digital investigations. Nevertheless, as the cybercrime sophistication keeps improving, it is also necessary to harden technologies, techniques, methodologies, and tools to acquire digital evidence in order to support and make cyber investigation cases stronger.


Sign in / Sign up

Export Citation Format

Share Document