Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 5

Digital Forensic Related Abstracts

5 Use of Digital Forensics for Sex Determination by Nasal Index

Authors: Ashwini Kumar, Vinod Nayak, Shankar M. Bakkannavar

Abstract:

The identification of humans is important in forensic investigations not only in living but also in dead, especially in cases of mass disorders. The procedure followed in dead known as post-mortem identification is a challenging task for the forensic pathologist. However, it is mandatory in terms of the law to fulfill the social norms. Many times, due to mutilation of body parts, the normal methods of identification using skeletal remains cannot be used in the process of identification. In such cases, the intact components of the skeletal remains or bony parts play an important role in identification. In these situations, digital forensics can come to our rescue. The authors hereby made a study for determination of sex based on nasal index by using (Big Bore 16 Slice) Multidetector Computed Tomography 2D Scans. The results are represented as a poster.

Keywords: Digital Forensic, sex determination, multidetector computed tomography, nasal index

Procedia PDF Downloads 250
4 The Proactive Approach of Digital Forensics Methodology against Targeted Attack Malware

Authors: Mohamed Fadzlee Sulaiman, Mohd Zabri Adil Talib, Aswami Fadillah Mohd Ariffin

Abstract:

Each individual organization has their own mechanism to build up cyber defense capability in protecting their information infrastructures from data breaches and cyber espionage. But, we can not deny the possibility of failing to detect and stop cyber attacks especially for those targeting credential information and intellectual property (IP). In this paper, we would like to share the modern approach of effective digital forensic methodology in order to identify the artifacts in tracing the trails of evidence while mitigating the infection from the target machine/s. This proposed approach will suit the digital forensic investigation to be conducted while resuming the business critical operation after mitigating the infection and minimizing the risk from the identified attack to transpire. Therefore, traditional digital forensics methodology has to be improvised to be proactive which not only focusing to discover the root caused and the threat actor but to develop the relevant mitigation plan in order to prevent from the same attack.

Keywords: Malware, Detection, Digital Forensic, eradication, targeted attack

Procedia PDF Downloads 133
3 Anomaly Detection of Log Analysis using Data Visualization Techniques for Digital Forensics Audit and Investigation

Authors: Mohamed Fadzlee Sulaiman, Zainurrasyid Abdullah, Mohd Zabri Adil Talib, Aswami Fadillah Mohd Ariffin

Abstract:

In common digital forensics cases, investigation may rely on the analysis conducted on specific and relevant exhibits involved. Usually the investigation officer may define and advise digital forensic analyst about the goals and objectives to be achieved in reconstructing the trail of evidence while maintaining the specific scope of investigation. With the technology growth, people are starting to realize the importance of cyber security to their organization and this new perspective creates awareness that digital forensics auditing must come in place in order to measure possible threat or attack to their cyber-infrastructure. Instead of performing investigation on incident basis, auditing may broaden the scope of investigation to the level of anomaly detection in daily operation of organization’s cyber space. While handling a huge amount of data such as log files, performing digital forensics audit for large organization proven to be onerous task for the analyst either to analyze the huge files or to translate the findings in a way where the stakeholder can clearly understand. Data visualization can be emphasized in conducting digital forensic audit and investigation to resolve both needs. This study will identify the important factors that should be considered to perform data visualization techniques in order to detect anomaly that meet the digital forensic audit and investigation objectives.

Keywords: Data Visualization, Digital Forensic, Visualization Techniques, Anomaly Detection, log analysis, forensic audit

Procedia PDF Downloads 149
2 Anti-Forensic Countermeasure: An Examination and Analysis Extended Procedure for Information Hiding of Android SMS Encryption Applications

Authors: Ariq Bani Hardi

Abstract:

Empowerment of smartphone technology is growing very rapidly in various fields of science. One of the mobile operating systems that dominate the smartphone market today is Android by Google. Unfortunately, the expansion of mobile technology is misused by criminals to hide the information that they store or exchange with each other. It makes law enforcement more difficult to prove crimes committed in the judicial process (anti-forensic). One of technique that used to hide the information is encryption, such as the usages of SMS encryption applications. A Mobile Forensic Examiner or an investigator should prepare a countermeasure technique if he finds such things during the investigation process. This paper will discuss an extension procedure if the investigator found unreadable SMS in android evidence because of encryption. To define the extended procedure, we create and analyzing a dataset of android SMS encryption application. The dataset was grouped by application characteristics related to communication permissions, as well as the availability of source code and the documentation of encryption scheme. Permissions indicate the possibility of how applications exchange the data and keys. Availability of the source code and the encryption scheme documentation can show what the cryptographic algorithm specification is used, how long the key length, how the process of key generation, key exchanges, encryption/decryption is done, and other related information. The output of this paper is an extended or alternative procedure for examination and analysis process of android digital forensic. It can be used to help the investigators while they got a confused cause of SMS encryption during examining and analyzing. What steps should the investigator take, so they still have a chance to discover the encrypted SMS in android evidence?

Keywords: Digital Forensic, anti-forensic countermeasure, SMS encryption android, examination and analysis

Procedia PDF Downloads 28
1 Rapid Evidence Remote Acquisition in High-Availability Server and Storage System for Digital Forensic to Unravel Academic Crime

Authors: Bagus Hanindhito, Fariz Azmi Pratama, Ulfah Nadiya

Abstract:

Nowadays, digital system including, but not limited to, computer and internet have penetrated the education system widely. Critical information such as students’ academic records is stored in a server off- or on-campus. Although several countermeasures have been taken to protect the vital resources from outsider attack, the defense from insiders threat is not getting serious attention. At the end of 2017, a security incident that involved academic information system in one of the most respected universities in Indonesia affected not only the reputation of the institution and its academia but also academic integrity in Indonesia. In this paper, we will explain our efforts in investigating this security incident where we have implemented a novel rapid evidence remote acquisition method in high-availability server and storage system thus our data collection efforts do not disrupt the academic information system and can be conducted remotely minutes after incident report has been received. The acquired evidence is analyzed during digital forensic by constructing the model of the system in an isolated environment which allows multiple investigators to work together. In the end, the suspect is identified as a student (insider), and the investigation result is used by prosecutors to charge the suspect as an academic crime.

Keywords: Digital Forensic, academic information system, academic crime, high-availability server and storage, rapid evidence remote acquisition, security incident

Procedia PDF Downloads 18