Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 6

Forensics Related Abstracts

6 The Use of Ontology Framework for Automation Digital Forensics Investigation

Authors: Ahmad Luthfi

Abstract:

One of the main goals of a computer forensic analyst is to determine the cause and effect of the acquisition of a digital evidence in order to obtain relevant information on the case is being handled. In order to get fast and accurate results, this paper will discuss the approach known as ontology framework. This model uses a structured hierarchy of layers that create connectivity between the variant and searching investigation of activity that a computer forensic analysis activities can be carried out automatically. There are two main layers are used, namely analysis tools and operating system. By using the concept of ontology, the second layer is automatically designed to help investigator to perform the acquisition of digital evidence. The methodology of automation approach of this research is by utilizing forward chaining where the system will perform a search against investigative steps and atomically structured in accordance with the rules of the ontology.

Keywords: Automation, Ontology, Forensics, framework

Procedia PDF Downloads 179
5 A Software Tool for Computer Forensic Investigation Using Client-Side Web History Visualization

Authors: Francisca Onaolapo Oladipo, Peter Afam Ugwu

Abstract:

Records of user activities which are valuable for forensic investigation purposes are provided by web browsers -these records in most cases are not in visual formats that are easily understood, thereby requiring some extra processes. This paper describes the implementation of a software tool for client-side web history visualization providing suitable forensic evidence for investigative purposes. Visual C#, Perl and gnuplot were deployed on Windows Operating System (OS) environment to implement the system and the resulting tool parses and transforms a web browser history into a visual format that enables an investigator to quickly and efficiently explore, understand, and interpret the user online activities in the context of a specific investigation. The system was tested using two forensic cases: the client-side web history files generated by Mozilla Firefox browser was extracted using MozillaHistoryView utility, then parsed and visualized using bar and stacked column charts. From the visual representation, results of user web activities across various productive and non-productive websites were obtained.

Keywords: History, Visualization, Forensics, web activities

Procedia PDF Downloads 163
4 Solving Crimes through DNA Methylation Analysis

Authors: Ajay Kumar Rana

Abstract:

Predicting human behaviour, discerning monozygotic twins or left over remnant tissues/fluids of a single human source remains a big challenge in forensic science. Recent advances in the field of DNA methylations which are broadly chemical hallmarks in response to environmental factors can certainly help to identify and discriminate various single-source DNA samples collected from the crime scenes. In this review, cytosine methylation of DNA has been methodologically discussed with its broad applications in many challenging forensic issues like body fluid identification, race/ethnicity identification, monozygotic twins dilemma, addiction or behavioural prediction, age prediction, or even authenticity of the human DNA. With the advent of next-generation sequencing techniques, blooming of DNA methylation datasets and together with standard molecular protocols, the prospect of investigating and solving the above issues and extracting the exact nature of the truth for reconstructing the crime scene events would be undoubtedly helpful in defending and solving the critical crime cases.

Keywords: Forensics, Human identification, DNA Methylation, differentially methylated regions

Procedia PDF Downloads 197
3 Digital Forensic Exploration Framework for Email and Instant Messaging Applications

Authors: M. Mohemmed Sha, T. Manesh, A. Mohamed Mustaq Ahmed, Abdalla A. Alameen

Abstract:

Email and instant messaging applications are foremost and extensively used electronic communication methods in this era of information explosion. These applications are generally used for exchange of information using several frontend applications from various service providers by its users. Almost all such communications are now secured using SSL or TLS security over HTTP communication. At the same time, it is also noted that cyber criminals and terrorists have started exchanging information using these methods. Since communication is encrypted end-to-end, tracing significant forensic details and actual content of messages are found to be unattended and severe challenges by available forensic tools. These challenges seriously affect in procuring substantial evidences against such criminals from their working environments. This paper presents a vibrant forensic exploration and architectural framework which not only decrypts any communication or network session but also reconstructs actual message contents of email as well as instant messaging applications. The framework can be effectively used in proxy servers and individual computers and it aims to perform forensic reconstruction followed by analysis of webmail and ICQ messaging applications. This forensic framework exhibits a versatile nature as it is equipped with high speed packet capturing hardware, a well-designed packet manipulating algorithm. It regenerates message contents over regular as well as SSL encrypted SMTP, POP3 and IMAP protocols and catalyzes forensic presentation procedure for prosecution of cyber criminals by producing solid evidences of their actual communication as per court of law of specific countries.

Keywords: Forensics, network sessions, packet reconstruction, packet reordering

Procedia PDF Downloads 209
2 Methylation Profiling and Validation of Candidate Tissue-Specific Differentially Methylated Regions for Identification of Human Blood, Saliva, Semen and Vaginal Fluid and Its Application in Forensics

Authors: Meenu Joshi, Natalie Naidoo, Farzeen Kader

Abstract:

Identification of body fluids is an essential step in forensic investigation to aid in crime reconstruction. Tissue-specific differentially methylated regions (tDMRs) of the human genome can be targeted to be used as biomarkers to differentiate between body fluids. The present study was undertaken to establish the methylation status of potential tDMRs in blood, semen, saliva, and vaginal fluid by using methylation-specific PCR (MSP) and bisulfite sequencing (BS). The methylation statuses of 3 potential tDMRS in genes ZNF282, PTPRS, and HPCAL1 were analysed in 10 samples of each body fluid. With MSP analysis, the ZNF282, and PTPRS1 tDMR displayed semen-specific hypomethylation while HPCAL1 tDMR showed saliva-specific hypomethylation. With quantitative analysis by BS, the ZNF282 tDMR showed statistically significant difference in overall methylation between semen and all other body fluids as well as at individual CpG sites (p < 0.05). To evaluate the effect of environmental conditions on the stability of methylation profiles of the ZNF282 tDMR, five samples of each body fluid were subjected to five different forensic simulated conditions (dry at room temperature, wet in an exsiccator, outside on the ground, sprayed with alcohol, and sprayed with bleach) for 50 days. Vaginal fluid showed highest DNA recovery under all conditions while semen had least DNA quantity. Under outside on the ground condition, all body fluids except semen showed a decrease in methylation level; however, a significant decrease in methylation level was observed for saliva. A statistical significant difference was observed for saliva and semen (p < 0.05) for outside on the ground condition. No differences in methylation level were observed for the ZNF282 tDMR under all conditions for vaginal fluid samples. Thus, in the present study ZNF282 tDMR has been identified as a novel and stable semen-specific hypomethylation marker.

Keywords: Forensics, tDMRs, body fluids, bisulphite sequencing, MSP

Procedia PDF Downloads 33
1 Modified InVEST for Whatsapp Messages Forensic Triage and Search through Visualization

Authors: Agria Rhamdhan

Abstract:

WhatsApp as the most popular mobile messaging app has been used as evidence in many criminal cases. As the use of mobile messages generates large amounts of data, forensic investigation faces the challenge of large data problems. The hardest part of finding this important evidence is because current practice utilizes tools and technique that require manual analysis to check all messages. That way, analyze large sets of mobile messaging data will take a lot of time and effort. Our work offers methodologies based on forensic triage to reduce large data to manageable sets resulting easier to do detailed reviews, then show the results through interactive visualization to show important term, entities and relationship through intelligent ranking using Term Frequency-Inverse Document Frequency (TF-IDF) and Latent Dirichlet Allocation (LDA) Model. By implementing this methodology, investigators can improve investigation processing time and result's accuracy.

Keywords: Visualization, Forensics, triage, WhatsApp

Procedia PDF Downloads 21