Email Classification for Forensic Analysis by Information Gain Technique

One of the most interesting fields nowadays is forensics. This field is based on the works of scientists who study evidence to help the police solve crimes. In the domain of computer science, the crimes within computer forensics are usually network attacks, and most attacks are over the email (the case of this study). Email has become a daily means of communication which is mainly accessible via internet. People receive thousands of emails in their inboxes and mail servers (in which people can find emails in those lists). The aim of this study is to secure email users by building an automatic checking and detecting system on servers to filter the bad emails from the good ones. In this paper, the authors will do a study based on a new method of emails clustering to extract the bad and good ones. The authors use the gain information technique like an algorithm of clustering, whose principle is to calculate the importance of each attribute (in this study, the authors talk about the attributes that constitute the email) to draw the importance tree and at the end extract the clusters.

Computer Forensics Teaching For Undergraduate Students

Computer forensics is not only important for the security professionals in the forensics field, it also can help the information technology professionals working in the network administration, system management and other related fields. Our department has a computer forensics course offered for the undergraduate students to prepare them to be successful in their future career. In this paper, we introduce our forensics course design, especially, we explain our course hands-on activities, which include the labs and the projects for practicing the computer forensics related programming and the existing tools using.

Review Paper on Introduction to Cyber Forensics

Cyber Forensics is termed as scientific methods or applications in association with the judiciary or court of laws. The aim behind these methods is to unveil the digital evidence to be utilized in court for solving crime cases. This sort of technology wasn’t practiced before therefore most criminals tend to urge away with their criminal acts without valid proof to incriminate or prosecute them. During that time the oaths, confessions, testimonies from witnesses were the sole determining factors of evidence Crimes committed within electronic or digital domains, particularly within cyberspace, have become common. Criminals are using technology to commit their offenses and make new challenges for law enforcement agents, attorneys, judges, military, and security professionals. Digital forensics has become a vital instrument in identifying and solving computer-based and computerassisted crime. This paper provides a quick introduction to cyber forensics. During this paper we present a typical model for both Incident Response and Computer Forensics processes which mixes their advantages in an exceedingly flexible way: It allows for a management oriented approach in digital investigations while retaining the chance of a rigorous forensics investigation. Keywords: cyber forensics, digital forensic science, computer forensics, evidence, judicial system.

KONSEPTUALISASI PERAN TEKNOLOGI INFORMASI DALAM PRAKTIK AUDIT UNTUK MEMBANTU PENGUNGKAPAN FRAUD DI INDONESIA

So many cases of fraud have accured in Indonesia as well as the world today has entered the digital era. This study aims to determine with the development of information technology their role in audit practice in detecting fraud in Indonesia. The method used in this research is a systematic literature review using secondary data derived from literature and online media. The results of this study indicate that currently many techniques are used in detecting fraud by employing information technology such as general audit software, computer forensics, DFM (Digital Forensic Model) and whistleblowing systems that are now shifthing to digitization.

Audit Logs Management and Security - A Survey

Audit logs are key resources that show the current state of the systems and user activities and are used for cyber forensics and maintenance. These logs are the only source that can help in finding traces of some malicious activities or troubleshooting a system failure. Insight view for troublefree availability of computing resources and performance monitoring and meaningful forensic audit depends on the management and archival system of audit logs. These logs are prone to multidimensional threats and superusers or system administrators have unprecedented access to these logs and can alter these logs as and when required. Similarly, repudiation is another serious issue in computer forensics and non-repudiation can be provided by a secure recording of event logs. Periodic backups, encrypted data transfer, off-site storage and certificate based storage of these logs are commonly being used. In this survey, we searched for the requirements of securing audit logs and available approaches to secure these logs. Based on the available literature, a taxonomy of audit log management is developed. We have drawn a comparison between these approaches and also highlighted the current challenges to these logs security and their available options.

Penerapan CFTT untuk Pengujian Aplikasi Web-Based Android Analysis Tools (WAAT) dengan Federated testing

Perkembangan smartphone membuat aktivitas manusia lebih muda, dengan fitur-fitur yang diberikan, perkembangan tersebut tidak menutup kemungkinan dengan kecanggihan fitur smartphone dimanfaatkan sebagai media komunikasi untuk mendukung bentuk aksi kejahatan. Proses investigasi forensik dalam penanganan barang bukti elektronik pada smartphone menjadi sebuah tantangan bagi ahli forensik karena perkembangan smartphone yang terus berkembang. permasalahan yang dihadapi oleh ahli forensik adalah sulit menentukan tools forensik yang harus digunakan dalam penanganan barang bukti karena beberapa aplikasi yang dikembangan belum diuji dengan standar forensik. untuk itu dalam penelitian ini akan dilakukan pengujian aplikasi web based android analysis tools berdasarkan standar computer forensics tools testing menggunakan aplikasi federated testing. pengujian ini dilakukan untuk mengetahui kelayakan aplikasi web based dengan melakukan evaluasi data antara hasil pengujian web based dan hasil pengujian federated testing. dari hasil evaluasi tersebut didapatkan bahwa aplikasi web based masih lebih rendah dibandingkan dengan federated testing karena pada aplikasi web based hanya mampu menghasilkan empat variabel data yang sama dengan laporan federated testing, sedangkan data lainnya belum di support oleh aplikasi tersebut, sehingga dapat dapat disimpulkan bahwa aplikasi web based android analysis tools ini belum memenuhi syarat standarisasi cftt.

How to Approach Hard Drives as Cultural Heritage

Computers and mobile phones are piling up in archives, libraries, and museums. What kind of objects are they, what can they tell us, and how can we approach them? The aim of this chapter is to exemplify what an investigation of a hard drive implicates, the methods needed to conduct it, and what kind of results we can get out of it. To focus the investigation, hard drives are approached as records of everyday media use. The chapter introduces a computer forensic method used as a media ethnographic tool. Computer forensics and media ethnography are rooted in different methodological traditions, but both take an interest in people’s routines and the way they do and organize things. The chapter argues that a hard drive represents a window into the history of new media: into time specific software, formats, and media use.

The Need for a State System of Scientific and Technical Support for Criminal Procedure

The article consistently analyzes the features of forensic expert activities’ emergence and development. It also shows the substantive features of these activities, the reasons, and circumstances of the manifestation of interdepartmental contradictions in the approaches to their organization. The author concludes that it is necessary to form a nationwide (supra-departmental) system of scientific and technical support for criminal proceedings, including forensic expert activities and computer forensics.