Search results for: forensic signature
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 501

Search results for: forensic signature

411 The Forensic Swing of Things: The Current Legal and Technical Challenges of IoT Forensics

Authors: Pantaleon Lutta, Mohamed Sedky, Mohamed Hassan

Abstract:

The inability of organizations to put in place management control measures for Internet of Things (IoT) complexities persists to be a risk concern. Policy makers have been left to scamper in finding measures to combat these security and privacy concerns. IoT forensics is a cumbersome process as there is no standardization of the IoT products, no or limited historical data are stored on the devices. This paper highlights why IoT forensics is a unique adventure and brought out the legal challenges encountered in the investigation process. A quadrant model is presented to study the conflicting aspects in IoT forensics. The model analyses the effectiveness of forensic investigation process versus the admissibility of the evidence integrity; taking into account the user privacy and the providers’ compliance with the laws and regulations. Our analysis concludes that a semi-automated forensic process using machine learning, could eliminate the human factor from the profiling and surveillance processes, and hence resolves the issues of data protection (privacy and confidentiality).

Keywords: cloud forensics, data protection Laws, GDPR, IoT forensics, machine Learning

Procedia PDF Downloads 149
410 Application of Biosensors in Forensic Analysis

Authors: Shirin jalili, Hadi Shirzad, Samaneh Nabavi, Somayeh Khanjani

Abstract:

Biosensors in forensic analysis are ideal biological tools that can be used for rapid and sensitive initial screening and testing to detect of suspicious components like biological and chemical agent in crime scenes. The wide use of different biomolecules such as proteins, nucleic acids, microorganisms, antibodies and enzymes makes it possible. These biosensors have great advantages such as rapidity, little sample manipulation and high sensitivity, also Because of their stability, specificity and low cost they have become a very important tool to Forensic analysis and detection of crime. In crime scenes different substances such as rape samples, Semen, saliva fingerprints and blood samples, act as a detecting elements for biosensors. On the other hand, successful fluid recovery via biosensor has the propensity to yield a highly valuable source of genetic material, which is important in finding the suspect. Although current biological fluid testing techniques are impaired for identification of body fluids. But these methods have disadvantages. For example if they are to be used simultaneously, Often give false positive result. These limitations can negatively result the output of a case through missed or misinterpreted evidence. The use of biosensor enable criminal researchers the highly sensitive and non-destructive detection of biological fluid through interaction with several fluid-endogenous and other biological and chemical contamination at the crime scene. For this reason, using of the biosensors for detecting the biological fluid found at the crime scenes which play an important role in identifying the suspect and solving the criminal.

Keywords: biosensors, forensic analysis, biological fluid, crime detection

Procedia PDF Downloads 1115
409 The Role of Digital Technology in Crime Prevention: A Case Study of Cellular Forensics Unit, Capital City Police Peshawar

Authors: Muhammad Ashfaq

Abstract:

Main theme: This prime focus of this study is on the role of digital technology in crime prevention, with special focus on Cellular Forensic Unit, Capital City Police Peshawar-Khyber Pakhtunkhwa-Pakistan. Objective(s) of the study: The prime objective of this study is to provide statistics, strategies, and pattern of analysis used for crime prevention in Cellular Forensic Unit of Capital City Police Peshawar, Khyber Pakhtunkhwa-Pakistan. Research Method and Procedure: Qualitative method of research has been used in the study for obtaining secondary data from research wing and Information Technology (IT) section of Peshawar police. Content analysis was the method used for the conduction of the study. This study is delimited to Capital City Police and Cellular Forensic Unit Peshawar-KP, Pakistan. information technologies. Major finding(s): It is evident that the old traditional approach will never provide solutions for better management in controlling crimes. The best way to control crimes and promotion of proactive policing is to adopt new technologies. The study reveals that technology have transformed police more effective and vigilant as compared to traditional policing. The heinous crimes like abduction, missing of an individual, snatching, burglaries, and blind murder cases are now traceable with the help of technology. Recommendation(s): From the analysis of the data, it is reflected that Information Technology (IT) expert should be recruited along with research analyst to timely assist and facilitate operational as well as investigation units of police. A mobile locator should be Provided to Cellular Forensic Unit to timely apprehend the criminals. Latest digital analysis software should be provided to equip the Cellular Forensic Unit.

Keywords: criminology-pakistan, crime prevention-KP, digital forensics, digital technology-pakistan

Procedia PDF Downloads 96
408 12 Real Forensic Caseworks Solved by the DNA STR-Typing of Skeletal Remains Exposed to Extremely Environment Conditions without the Conventional Bone Pulverization Step

Authors: Chiara Della Rocca, Gavino Piras, Andrea Berti, Alessandro Mameli

Abstract:

DNA identification of human skeletal remains plays a valuable role in the forensic field, especially in missing persons and mass disaster investigations. Hard tissues, such as bones and teeth, represent a very common kind of samples analyzed in forensic laboratories because they are often the only biological materials remaining. However, the major limitation of using these compact samples relies on the extremely time–consuming and labor–intensive treatment of grinding them into powder before proceeding with the conventional DNA purification and extraction step. In this context, a DNA extraction assay called the TBone Ex kit (DNA Chip Research Inc.) was developed to digest bone chips without powdering. Here, we simultaneously analyzed bone and tooth samples that arrived at our police laboratory and belonged to 15 different forensic casework that occurred in Sardinia (Italy). A total of 27 samples were recovered from different scenarios and were exposed to extreme environmental factors, including sunlight, seawater, soil, fauna, vegetation, and high temperature and humidity. The TBone Ex kit was used prior to the EZ2 DNA extraction kit on the EZ2 Connect Fx instrument (Qiagen), and high-quality autosomal and Y-chromosome STRs profiles were obtained for the 80% of the caseworks in an extremely short time frame. This study provides additional support for the use of the TBone Ex kit for digesting bone fragments/whole teeth as an effective alternative to pulverization protocols. We empirically demonstrated the effectiveness of the kit in processing multiple bone samples simultaneously, largely simplifying the DNA extraction procedure and the good yield of recovered DNA for downstream genetic typing in highly compromised forensic real specimens. In conclusion, this study turns out to be extremely useful for forensic laboratories, to which the various actors of the criminal justice system – such as potential jury members, judges, defense attorneys, and prosecutors – required immediate feedback.

Keywords: DNA, skeletal remains, bones, tbone ex kit, extreme conditions

Procedia PDF Downloads 44
407 Arithmetic Operations Based on Double Base Number Systems

Authors: K. Sanjayani, C. Saraswathy, S. Sreenivasan, S. Sudhahar, D. Suganya, K. S. Neelukumari, N. Vijayarangan

Abstract:

Double Base Number System (DBNS) is an imminent system of representing a number using two bases namely 2 and 3, which has its application in Elliptic Curve Cryptography (ECC) and Digital Signature Algorithm (DSA).The previous binary method representation included only base 2. DBNS uses an approximation algorithm namely, Greedy Algorithm. By using this algorithm, the number of digits required to represent a larger number is less when compared to the standard binary method that uses base 2 algorithms. Hence, the computational speed is increased and time being reduced. The standard binary method uses binary digits 0 and 1 to represent a number whereas the DBNS method uses binary digit 1 alone to represent any number (canonical form). The greedy algorithm uses two ways to represent the number, one is by using only the positive summands and the other is by using both positive and negative summands. In this paper, arithmetic operations are used for elliptic curve cryptography. Elliptic curve discrete logarithm problem is the foundation for most of the day to day elliptic curve cryptography. This appears to be a momentous hard slog compared to digital logarithm problem. In elliptic curve digital signature algorithm, the key generation requires 160 bit of data by usage of standard binary representation. Whereas, the number of bits required generating the key can be reduced with the help of double base number representation. In this paper, a new technique is proposed to generate key during encryption and extraction of key in decryption.

Keywords: cryptography, double base number system, elliptic curve cryptography, elliptic curve digital signature algorithm

Procedia PDF Downloads 394
406 Cerebral Toxoplasmosis: A Histopathological Diagnosis

Authors: Prateek Rastogi, Jenash Acharya

Abstract:

Histopathology examination has been a boon to forensic experts all around the world since its implication in autopsy cases. Whenever a case of sudden death is encountered, forensic experts clandestinely focus on cardiovascular, respiratory, gastrointestinal or cranio-cerebral causes. After ruling out poisoning or trauma, they are left with the only option available, histopathology examination. Besides preserving thoracic and abdominal organs, brain tissues are very less frequently subjected for the analysis. Based on provisional diagnosis documented on hospital treatment record files, one hemisphere of grossly unremarkable cerebrum was confirmatively diagnosed by histopathology examination to be a case of cerebral toxoplasmosis.

Keywords: cerebral toxoplasmosis, sudden death, health information, histopathology

Procedia PDF Downloads 259
405 Application of XRF and Other Principal Component Analysis for Counterfeited Gold Coin Characterization in Forensic Science

Authors: Somayeh Khanjani, Hamideh Abolghasemi, Hadi Shirzad, Samaneh Nabavi

Abstract:

At world market can be currently encountered a wide range of gemological objects that are incorrectly declared, treated, or it concerns completely different materials that try to copy precious objects more or less successfully. Counterfeiting of precious commodities is a problem faced by governments in most countries. Police have seized many counterfeit coins that looked like the real coins and because the feeling to the touch and the weight were very similar to those of real coins. Most people were fooled and believed that the counterfeit coins were real ones. These counterfeit coins may have been made by big criminal organizations. To elucidate the manufacturing process, not only the quantitative analysis of the coins but also the comparison of their morphological characteristics was necessary. Several modern techniques have been applied to prevent counterfeiting of coins. The objective of this study was to demonstrate the potential of X-ray Fluorescence (XRF) technique and the other analytical techniques for example SEM/EDX/WDX, FT-IR/ATR and Raman Spectroscopy. Using four elements (Cu, Ag, Au and Zn) and obtaining XRF for several samples, they could be discriminated. XRF technique and SEM/EDX/WDX are used for study of chemical composition. XRF analyzers provide a fast, accurate, nondestructive method to test the purity and chemistry of all precious metals. XRF is a very promising technique for rapid and non destructive counterfeit coins identification in forensic science.

Keywords: counterfeit coins, X-ray fluorescence, forensic, FT-IR

Procedia PDF Downloads 492
404 Digital Image Forensics: Discovering the History of Digital Images

Authors: Gurinder Singh, Kulbir Singh

Abstract:

Digital multimedia contents such as image, video, and audio can be tampered easily due to the availability of powerful editing softwares. Multimedia forensics is devoted to analyze these contents by using various digital forensic techniques in order to validate their authenticity. Digital image forensics is dedicated to investigate the reliability of digital images by analyzing the integrity of data and by reconstructing the historical information of an image related to its acquisition phase. In this paper, a survey is carried out on the forgery detection by considering the most recent and promising digital image forensic techniques.

Keywords: Computer Forensics, Multimedia Forensics, Image Ballistics, Camera Source Identification, Forgery Detection

Procedia PDF Downloads 245
403 Searching for Forensic Evidence in a Compromised Virtual Web Server against SQL Injection Attacks and PHP Web Shell

Authors: Gigih Supriyatno

Abstract:

SQL injection is one of the most common types of attacks and has a very critical impact on web servers. In the worst case, an attacker can perform post-exploitation after a successful SQL injection attack. In the case of forensics web servers, web server analysis is closely related to log file analysis. But sometimes large file sizes and different log types make it difficult for investigators to look for traces of attackers on the server. The purpose of this paper is to help investigator take appropriate steps to investigate when the web server gets attacked. We use attack scenarios using SQL injection attacks including PHP backdoor injection as post-exploitation. We perform post-mortem analysis of web server logs based on Hypertext Transfer Protocol (HTTP) POST and HTTP GET method approaches that are characteristic of SQL injection attacks. In addition, we also propose structured analysis method between the web server application log file, database application, and other additional logs that exist on the webserver. This method makes the investigator more structured to analyze the log file so as to produce evidence of attack with acceptable time. There is also the possibility that other attack techniques can be detected with this method. On the other side, it can help web administrators to prepare their systems for the forensic readiness.

Keywords: web forensic, SQL injection, investigation, web shell

Procedia PDF Downloads 147
402 Impact of Chimerism on Y-STR DNA Determination: Sex Mismatch Analysis

Authors: Anupuma Raina, Ajay P. Balayan, Prateek Pandya, Pankaj Shrivastava, Uma Kanga, Tulika Seth

Abstract:

DNA fingerprinting analysis aids in personal identification for forensic purposes and has always been a driving motivation for law enforcement agencies in almost all countries since its inception. The introduction of DNA markers (Y-STR) has allowed for greater precision and higher discriminatory power in forensic testing. A criminal/ person committing crime after bone marrow transplantation is a rare situation but not an impossible one. Keeping such a situation in mind, a study was carried out to find out the best biological sample to be used for personal identification, especially in forensic situation. We choose a female patient (recipient) and a male donor. The pre transplant sample (blood) and post transplant samples (blood, buccal swab, hair roots) were collected from the recipient (patient). The same were compared with the blood sample of the donor using DNA FP technique. Post transplant samples were collected at different interval of time (15, 30, 60, and 90 days). The study was carried out using Y-STR kit at 23 loci. The results determined discusses the phenomenon of chimerism and its impact on Y-STR. Hair sample was found the most suitable sample which had no donor DNA profiling up to 90 days.

Keywords: bone marrow transplantation, chimerism, DNA profiling, Y-STR

Procedia PDF Downloads 144
401 Design and Implementation of Security Middleware for Data Warehouse Signature, Framework

Authors: Mayada Al Meghari

Abstract:

Recently, grid middlewares have provided large integrated use of network resources as the shared data and the CPU to become a virtual supercomputer. In this work, we present the design and implementation of the middleware for Data Warehouse Signature, DWS Framework. The aim of using the middleware in our DWS framework is to achieve the high performance by the parallel computing. This middleware is developed on Alchemi.Net framework to increase the security among the network nodes through the authentication and group-key distribution model. This model achieves the key security and prevents any intermediate attacks in the middleware. This paper presents the flow process structures of the middleware design. In addition, the paper ensures the implementation of security for DWS middleware enhancement with the authentication and group-key distribution model. Finally, from the analysis of other middleware approaches, the developed middleware of DWS framework is the optimal solution of a complete covering of security issues.

Keywords: middleware, parallel computing, data warehouse, security, group-key, high performance

Procedia PDF Downloads 118
400 Massively Parallel Sequencing Improved Resolution for Paternity Testing

Authors: Xueying Zhao, Ke Ma, Hui Li, Yu Cao, Fan Yang, Qingwen Xu, Wenbin Liu

Abstract:

Massively parallel sequencing (MPS) technologies allow high-throughput sequencing analyses with a relatively affordable price and have gradually been applied to forensic casework. MPS technology identifies short tandem repeat (STR) loci based on sequence so that repeat motif variation within STRs can be detected, which may help one to infer the origin of the mutation in some cases. Here, we report on one case with one three-step mismatch (D18S51) in family trios based on both capillary electrophoresis (CE) and MPS typing. The alleles of the alleged father (AF) are [AGAA]₁₇AGAG[AGAA]₃ and [AGAA]₁₅. The mother’s alleles are [AGAA]₁₉ and [AGAA]₉AGGA[AGAA]₃. The questioned child’s (QC) alleles are [AGAA]₁₉ and [AGAA]₁₂. Given that the sequence variants in repeat regions of AF and mother are not observed in QC’s alleles, the QC’s allele [AGAA]₁₂ was likely inherited from the AF’s allele [AGAA]₁₅ by loss of three repeat [AGAA]. Besides, two new alleles of D18S51 in this study, [AGAA]₁₇AGAG[AGAA]₃ and [AGAA]₉AGGA[AGAA]₃, have not been reported before. All the results in this study were verified using Sanger-type sequencing. In summary, the MPS typing method can offer valuable information for forensic genetics research and play a promising role in paternity testing.

Keywords: family trios analysis, forensic casework, ion torrent personal genome machine (PGM), massively parallel sequencing (MPS)

Procedia PDF Downloads 301
399 An Analysis of Digital Forensic Laboratory Development among Malaysia’s Law Enforcement Agencies

Authors: Sarah K. Taylor, Miratun M. Saharuddin, Zabri A. Talib

Abstract:

Cybercrime is on the rise, and yet many Law Enforcement Agencies (LEAs) in Malaysia have no Digital Forensics Laboratory (DFL) to assist them in the attrition and analysis of digital evidence. From the estimated number of 30 LEAs in Malaysia, sadly, only eight of them owned a DFL. All of the DFLs are concentrated in the capital of Malaysia and none at the state level. LEAs are still depending on the national DFL (CyberSecurity Malaysia) even for simple and straightforward cases. A survey was conducted among LEAs in Malaysia owning a DFL to understand their history of establishing the DFL, the challenges that they faced and the significance of the DFL to their case investigation. The results showed that the while some LEAs faced no challenge in establishing a DFL, some of them took seven to 10 years to do so. The reason was due to the difficulty in convincing their management because of the high costs involved. The results also revealed that with the establishment of a DFL, LEAs were better able to get faster forensic result and to meet agency’s timeline expectation. It is also found that LEAs were also able to get more meaningful forensic results on cases that require niche expertise, compared to sending off cases to the national DFL. Other than that, cases are getting more complex, and hence, a continuous stream of budget for equipment and training is inevitable. The result derived from the study is hoped to be used by other LEAs in justifying to their management the benefits of establishing an in-house DFL.

Keywords: digital evidence, digital forensics, digital forensics laboratory, law enforcement agency

Procedia PDF Downloads 174
398 Reintegrating Forensic Mental Health Service Users into Communities in the Western Cape, South Africa

Authors: Zolani Metu

Abstract:

The death of more than 140 psychiatric patients who were unethically deinstitutionalized from the Life Esidimeni hospital Johannesburg, in 2016, shined a light on South Africa’s failing public mental healthcare system. Compounded by insufficient research evidence on African deinstitutionalization, this necessitates inquiries into deinstitutionalized mental healthcare, reintegration and community-based mental healthcare within the South African context. This study employed a quantitative research approach which utilized a cross-sectional research design, to investigate experiences with the reintegration of institutionalized forensic mental health service users into communities in the Western Cape, South Africa. A convenience sample of 100 mental health care workers from different occupational and organizational backgrounds in the Western Cape was purposively selected using the Western Cape Health Directorate as a sampling frame. A self-administered questionnaire (SAQ) was used as the data collection instrument. The results of the study indicate that criminogenic factors such as substance use, history of violent behaviour, criminal history and disruptive social behaviour complicate the reintegration of forensic mental health service users into communities. The current extent of reintegration of forensic mental health service users was found to be 'poor' (46%; n= 46); and financial difficulties, criminogenic factors and limited Community-Based Care (CBC) facilities were identified as key barriers to the reintegration process. 56% of all job applications for forensic mental health service users were unsuccessful, and 53% of all applications for their admission into CBC facilities were declined. Although social support (informal) was found to be essential for successful reintegration, institutional support (formal) through assertive community treatment (35%; n= 35) and CBC facilities (21%) and the disability grant (DG=50%) was found to be more important for family coping and reintegration. Moreover, 72% of respondents had positive perceptions about the process of reintegration; no statistically significant relationship was found between years of experience and perceptions about reintegration (P-value = 0.062); and perceptions were not found to be a barrier to reintegration. No statistically significant relationship was found between years of working experience and understanding the legislative framework of deinstitutionalization (P-Value =.0.061). However, using a Chi-square test, a significant relationship (P-value = 0.021) was found between sex and understanding the legal framework involved in the process of reintegration. The study recommends a post-2020 deinstitutionalization agenda that factors-in criminogenic realities associated with forensic mental health service users, and affirms the strengthening of PHC and community based care systems as precedents of successful deinstitutionalization and reintegration of mental health service users.

Keywords: forensic mental health, deinstitutionalization, reintegration, mental health service users

Procedia PDF Downloads 165
397 Exploring the Differences between Self-Harming and Suicidal Behaviour in Women with Complex Mental Health Needs

Authors: Sophie Oakes-Rogers, Di Bailey, Karen Slade

Abstract:

Female offenders are a uniquely vulnerable group, who are at high risk of suicide. Whilst the prevention of self-harm and suicide remains a key global priority, we need to better understand the relationship between these challenging behaviours that constitute a pressing problem, particularly in environments designed to prioritise safety and security. Method choice is unlikely to be random, and is instead influenced by a range of cultural, social, psychological and environmental factors, which change over time and between countries. A key aspect of self-harm and suicide in women receiving forensic care is the lack of free access to methods. At a time where self-harm and suicide rates continue to rise internationally, understanding the role of these influencing factors and the impact of current suicide prevention strategies on the use of near-lethal methods is crucial. This poster presentation will present findings from 25 interviews and 3 focus groups, which enlisted a Participatory Action Research approach to explore the differences between self-harming and suicidal behavior. A key element of this research was using the lived experiences of women receiving forensic care from one forensic pathway in the UK, and the staffs who care for them, to discuss the role of near-lethal self-harm (NLSH). The findings and suggestions from the lived accounts of the women and staff will inform a draft assessment tool, which better assesses the risk of suicide based on the lethality of methods. This tool will be the first of its kind, which specifically captures the needs of women receiving forensic services. Preliminary findings indicate women engage in NLSH for two key reasons and is determined by their history of self-harm. Women who have a history of superficial non-life threatening self-harm appear to engage in NLSH in response to a significant life event such as family bereavement or sentencing. For these women, suicide appears to be a realistic option to overcome their distress. This, however, differs from women who appear to have a lifetime history of NLSH, who engage in such behavior in a bid to overcome the grief and shame associated with historical abuse. NLSH in these women reflects a lifetime of suicidality and indicates they pose the greatest risk of completed suicide. Findings also indicate differences in method selection between forensic provisions. Restriction of means appears to play a role in method selection, and findings suggest it causes method substitution. Implications will be discussed relating to the screening of female forensic patients and improvements to the current suicide prevention strategies.

Keywords: forensic mental health, method substitution, restriction of means, suicide

Procedia PDF Downloads 177
396 Forensic Analysis of Signal Messenger on Android

Authors: Ward Bakker, Shadi Alhakimi

Abstract:

The amount of people moving towards more privacy focused instant messaging applications has grown significantly. Signal is one of these instant messaging applications, which makes Signal interesting for digital investigators. In this research, we evaluate the artifacts that are generated by the Signal messenger for Android. This evaluation was done by using the features that Signal provides to create artifacts, whereafter, we made an image of the internal storage and the process memory. This image was analysed manually. The manual analysis revealed the content that Signal stores in different locations during its operation. From our research, we were able to identify the artifacts and interpret how they were used. We also examined the source code of Signal. Using our obtain knowledge from the source code, we developed a tool that decrypts some of the artifacts using the key stored in the Android Keystore. In general, we found that most artifacts are encrypted and encoded, even after decrypting some of the artifacts. During data visualization, some artifacts were found, such as that Signal does not use relationships between the data. In this research, two interesting groups of artifacts were identified, those related to the database and those stored in the process memory dump. In the database, we found plaintext private- and group chats, and in the memory dump, we were able to retrieve the plaintext access code to the application. Nevertheless, we conclude that Signal contains a wealth of artifacts that could be very valuable to a digital forensic investigation.

Keywords: forensic, signal, Android, digital

Procedia PDF Downloads 81
395 Unified Theory of Acceptance and Use of Technology in Evaluating Voters' Intention Towards the Adoption of Electronic Forensic Election Audit System

Authors: Sijuade A. A., Oguntoye J. P., Awodoye O. O., Adedapo O. A., Wahab W. B., Okediran O. O., Omidiora E. O., Olabiyisi S. O.

Abstract:

Electronic voting systems have been introduced to improve the efficiency, accuracy, and transparency of the election process in many countries around the world, including Nigeria. However, concerns have been raised about the security and integrity of these systems. One way to address these concerns is through the implementation of electronic forensic election audit systems. This study aims to evaluate voters' intention to the adoption of electronic forensic election audit systems using the Unified Theory of Acceptance and Use of Technology (UTAUT) model. In the study, the UTAUT model which is a widely used model in the field of information systems to explain the factors that influence individuals' intention to use a technology by integrating performance expectancy, effort expectancy, social influence, facilitating conditions, cost factor and privacy factor to voters’ behavioural intention was proposed. A total of 294 sample data were collected from a selected population of electorates who had at one time or the other participated in at least an electioneering process in Nigeria. The data was then analyzed statistically using Partial Least Square Structural Equation Modeling (PLS-SEM). The results obtained show that all variables have a significant effect on the electorates’ behavioral intention to adopt the development and implementation of an electronic forensic election audit system in Nigeria.

Keywords: election Audi, voters, UTAUT, performance expectancy, effort expectancy, social influence, facilitating condition social influence, facilitating conditions, cost factor, privacy factor, behavioural intention

Procedia PDF Downloads 72
394 Towards a Proof Acceptance by Overcoming Challenges in Collecting Digital Evidence

Authors: Lilian Noronha Nassif

Abstract:

Cybercrime investigation demands an appropriated evidence collection mechanism. If the investigator does not acquire digital proofs in a forensic sound, some important information can be lost, and judges can discard case evidence because the acquisition was inadequate. The correct digital forensic seizing involves preparation of professionals from fields of law, police, and computer science. This paper presents important challenges faced during evidence collection in different perspectives of places. The crime scene can be virtual or real, and technical obstacles and privacy concerns must be considered. All pointed challenges here highlight the precautions to be taken in the digital evidence collection and the suggested procedures contribute to the best practices in the digital forensics field.

Keywords: digital evidence, digital forensics process and procedures, mobile forensics, cloud forensics

Procedia PDF Downloads 404
393 Unraveling the Puzzle of Out-of-Sequence Thrusting in the Higher Himalaya: Focus on Jhakri-Chaura-Sarahan Thrust, Himachal Pradesh, India

Authors: Rajkumar Ghosh

Abstract:

The study examines the structural analysis of Chaura Thrust in Himachal Pradesh, India, focusing on the activation timing of Main Central Thrust (MCT) and South Tibetan Detachment System (STDS), mylonitised zones, and the characterization of box fold and its signature in the regional geology of Himachal Himalaya. The research aims to document the Higher Himalayan Out-of-Sequence Thrust (OOST) in Himachal Pradesh, which activated the MCTL and in between a zone south of MCTU. The study also documents the GBM-associated temperature range and the activation of Higher Himalayan Out-of-Sequence Thrust (OOST) in Himachal Pradesh. The findings contribute to understanding the structural analysis of Chaura Thrust and its signature in the regional geology of Himachal Himalaya. The study highlights the significance of microscopic studies in documenting mylonitized zones and identifying various types of crenulated schistosity. The study concludes that Chaura Thrust is not a blind thrust and details the field evidence for the OOST. The study characterizes the box fold and its signature in the regional geology of Himachal Himalaya. The study also documents the activation timing and ages of MCT, STDS, MBT, and MFT and identifies various types of crenulated schistosity under the microscope. The study also highlights the significance of microscopic studies in the structural analysis of Chaura Thrust. Finally, the study documents the activation of Higher Himalayan Out-of-Sequence Thrust (OOST) in Himachal Pradesh and the expectations for strain variation near the OOST.

Keywords: Chaura Thrust, Higher Himalaya, Jhakri Thrust, Main Central Thrust, Out-of-Sequence Thrust, Sarahan Thrust

Procedia PDF Downloads 87
392 Robust Method for Evaluation of Catchment Response to Rainfall Variations Using Vegetation Indices and Surface Temperature

Authors: Revalin Herdianto

Abstract:

Recent climate changes increase uncertainties in vegetation conditions such as health and biomass globally and locally. The detection is, however, difficult due to the spatial and temporal scale of vegetation coverage. Due to unique vegetation response to its environmental conditions such as water availability, the interplay between vegetation dynamics and hydrologic conditions leave a signature in their feedback relationship. Vegetation indices (VI) depict vegetation biomass and photosynthetic capacity that indicate vegetation dynamics as a response to variables including hydrologic conditions and microclimate factors such as rainfall characteristics and land surface temperature (LST). It is hypothesized that the signature may be depicted by VI in its relationship with other variables. To study this signature, several catchments in Asia, Australia, and Indonesia were analysed to assess the variations in hydrologic characteristics with vegetation types. Methods used in this study includes geographic identification and pixel marking for studied catchments, analysing time series of VI and LST of the marked pixels, smoothing technique using Savitzky-Golay filter, which is effective for large area and extensive data. Time series of VI, LST, and rainfall from satellite and ground stations coupled with digital elevation models were analysed and presented. This study found that the hydrologic response of vegetation to rainfall variations may be shown in one hydrologic year, in which a drought event can be detected a year later as a suppressed growth. However, an annual rainfall of above average do not promote growth above average as shown by VI. This technique is found to be a robust and tractable approach for assessing catchment dynamics in changing climates.

Keywords: vegetation indices, land surface temperature, vegetation dynamics, catchment

Procedia PDF Downloads 286
391 Digital Forensics Analysis Focusing on the Onion Router Browser Artifacts in Windows 10

Authors: Zainurrasyid Abdullah, Mohamed Fadzlee Sulaiman, Muhammad Fadzlan Zainal, M. Zabri Adil Talib, Aswami Fadillah M. Ariffin

Abstract:

The Onion Router (Tor) browser is a well-known tool and widely used by people who seeking for web anonymity when browsing the internet. Criminals are taking this advantage to be anonymous over the internet. Accessing the dark web could be the significant reason for the criminal in order for them to perform illegal activities while maintaining their anonymity. For a digital forensic analyst, it is crucial to extract the trail of evidence in proving that the criminal’s computer has used Tor browser to conduct such illegal activities. By applying the digital forensic methodology, several techniques could be performed including application analysis, memory analysis, and registry analysis. Since Windows 10 is the latest operating system released by Microsoft Corporation, this study will use Windows 10 as the operating system platform that running Tor browser. From the analysis, significant artifacts left by Tor browser were discovered such as the execution date, application installation date and browsing history that can be used as an evidence. Although Tor browser was designed to achieved anonymity, there is still some trail of evidence can be found in Windows 10 platform that can be useful for investigation.

Keywords: artifacts analysis, digital forensics, forensic analysis, memory analysis, registry analysis, tor browser, Windows 10

Procedia PDF Downloads 168
390 Statistical Discrimination of Blue Ballpoint Pen Inks by Diamond Attenuated Total Reflectance (ATR) FTIR

Authors: Mohamed Izzharif Abdul Halim, Niamh Nic Daeid

Abstract:

Determining the source of pen inks used on a variety of documents is impartial for forensic document examiners. The examination of inks is often performed to differentiate between inks in order to evaluate the authenticity of a document. A ballpoint pen ink consists of synthetic dyes in (acidic and/or basic), pigments (organic and/or inorganic) and a range of additives. Inks of similar color may consist of different composition and are frequently the subjects of forensic examinations. This study emphasizes on blue ballpoint pen inks available in the market because it is reported that approximately 80% of questioned documents analysis involving ballpoint pen ink. Analytical techniques such as thin layer chromatography, high-performance liquid chromatography, UV-vis spectroscopy, luminescence spectroscopy and infrared spectroscopy have been used in the analysis of ink samples. In this study, application of Diamond Attenuated Total Reflectance (ATR) FTIR is straightforward but preferable in forensic science as it offers no sample preparation and minimal analysis time. The data obtained from these techniques were further analyzed using multivariate chemometric methods which enable extraction of more information based on the similarities and differences among samples in a dataset. It was indicated that some pens from the same manufactures can be similar in composition, however, discrete types can be significantly different.

Keywords: ATR FTIR, ballpoint, multivariate chemometric, PCA

Procedia PDF Downloads 455
389 Challenges for Implementing Standards Compliant with Iso/Iec 17025, for Narcotics and DNA Laboratory’s

Authors: Blerim Olluri

Abstract:

A forensic science laboratory in Kosovo has never been organized at the level of most modern forensic science laboratories. This was made possible after the war of 1999 with the help and support from the United States. The United States Government/ICITAP provided 9.5 million dollars to support this project, this support have greatly benefitted law enforcement in Kosovo. With the establishment of Operative Procedures of Work and the law for Kosovo Agency of Forensic, the accreditation with ISO/IEC 17025 of the KAF labs it becomes mandatory. Since 2012 Laboratory’s DNA/Serology and Narcotics has begun reviewing and harmonizing their procedures according to ISO/IEC 17025. The focus of this work was to create quality manuals, procedures, work instructions, quality documentation and quality records. Furthermore, during this time is done the validation of work methods from scientific qualified personnel of KAF, without any help from other foreign agencies or accreditation body.In October 2014 we had the first evaluation based on ISO 17025 standards. According to the initial report of this assessment we have non conformity in test and Calibration methods method’s, and accommodation and environmental conditions. We identified several issues that are of extreme importance to KAF. One the most important issue is to create a professional group with experts of KAF, which will work in all the obligations, requested from ISO/IEC 17025. As conclusions that we earn in this path of accreditation, are that laboratory’s need to take corrective action, and all nonconformance’s must be addressed and corrective action taken before accreditation can be granted.

Keywords: accreditation, assessment, narcotics, DNA

Procedia PDF Downloads 363
388 Application of PSK Modulation in ADS-B 1090 Extended Squitter Authentication

Authors: A-Q. Nguyen. A. Amrhar, J. Zambrano, G. Brown, O.A. Yeste-Ojeda, R. Jr. Landry

Abstract:

Since the presence of Next Generation Air Transportation System (NextGen), Automatic Dependent Surveillance-Broadcast (ADS-B) has raised specific concerns related to the privacy and security, due to its vulnerable, low-level of security and limited payload. In this paper, the authors introduce and analyze the combination of Pulse Amplitude Modulation (PAM) and Phase Shift Keying (PSK) Modulation in conventional ADS-B, forming Secure ADS-B (SADS-B) avionics. In order to demonstrate the potential of this combination, Hardware-in-the-loop (HIL) simulation was used. The tests' results show that, on the one hand, SADS-B can offer five times the payload as its predecessor. This additional payload of SADS-B can be used in various applications, therefore enhancing the ability and efficiency of the current ADS-B. On the other hand, by using the extra phase modulated bits as a digital signature to authenticate ADS-B messages, SADS-B can increase the security of ADS-B, thus ensure a more secure aviation as well. More importantly, SADS-B is compatible with the current ADS-B In and Out. Hence, no significant modifications will be needed to implement this idea. As a result, SADS-B can be considered the most promising approach to enhance the capability and security of ADS-B.

Keywords: ADS-B authentication, ADS-B security, NextGen ADS-B, PSK signature, secure ADS-B

Procedia PDF Downloads 318
387 Forensic Necropsy-Importance in Wildlife Conservation

Authors: G. V. Sai Soumya, Kalpesh Solanki, Sumit K. Choudhary

Abstract:

Necropsy is another term used for an autopsy, which is known as death examination in the case of animals. It is a complete standardized procedure involving dissection, observation, interpretation, and documentation. Government Bodies like National Tiger Conservation Authority (NTCA) have given standard operating procedures for commencing the necropsies. Necropsies are rarely performed as compared to autopsies performed on human bodies. There are no databases which maintain the count of autopsies in wildlife, but the research in this area has shown a very small number of necropsies. Long back, wildlife forensics came into existence but is coming into light nowadays as there is an increase in wildlife crime cases, including the smuggling of trophies, pooching, and many more. Physical examination in cases of animals is not sufficient to yield fruitful information, and thus postmortem examination plays an important role. Postmortem examination helps in the determination of time since death, cause of death, manner of death, factors affecting the case under investigation, and thus decreases the amount of time required in solving cases. Increasing the rate of necropsies will help forensic veterinary pathologists to build standardized provision and confidence within them, which will ultimately yield a higher success rate in solving wildlife crime cases.

Keywords: necropsy, wildlife crime, postmortem examination, forensic application

Procedia PDF Downloads 137
386 An Experimental Study on the Temperature Reduction of Exhaust Gas at a Snorkeling of Submarine

Authors: Seok-Tae Yoon, Jae-Yeong Choi, Gyu-Mok Jeon, Yong-Jin Cho, Jong-Chun Park

Abstract:

Conventional submarines obtain propulsive force by using an electric propulsion system consisting of a diesel generator, battery, motor, and propeller. In the underwater, the submarine uses the electric power stored in the battery. After that, when a certain amount of electric power is consumed, the submarine floats near the sea water surface and recharges the electric power by using the diesel generator. The voyage carried out while charging the power is called a snorkel, and the high-temperature exhaust gas from the diesel generator forms a heat distribution on the sea water surface. The heat distribution is detected by weapon system equipped with thermo-detector and that is the main cause of reducing the survivability of the submarine. In this paper, an experimental study was carried out to establish optimal operating conditions of a submarine for reduction of infrared signature radiated from the sea water surface. For this, a hot gas generating system and a round acrylic water tank with adjustable water level were made. The control variables of the experiment were set as the mass flow rate, the temperature difference between the water and the hot gas in the water tank, and the water level difference between the air outlet and the water surface. The experimental instrumentation used a thermocouple of T-type to measure the released air temperature on the surface of the water, and a thermography system to measure the thermal energy distribution on the water surface. As a result of the experiment study, we analyzed the correlation between the final released temperature of the exhaust pipe exit in a submarine and the depth of the snorkel, and presented reasonable operating conditions for the infrared signature reduction of submarine.

Keywords: experiment study, flow rate, infrared signature, snorkeling, thermography

Procedia PDF Downloads 350
385 The Reproducibility and Repeatability of Modified Likelihood Ratio for Forensics Handwriting Examination

Authors: O. Abiodun Adeyinka, B. Adeyemo Adesesan

Abstract:

The forensic use of handwriting depends on the analysis, comparison, and evaluation decisions made by forensic document examiners. When using biometric technology in forensic applications, it is necessary to compute Likelihood Ratio (LR) for quantifying strength of evidence under two competing hypotheses, namely the prosecution and the defense hypotheses wherein a set of assumptions and methods for a given data set will be made. It is therefore important to know how repeatable and reproducible our estimated LR is. This paper evaluated the accuracy and reproducibility of examiners' decisions. Confidence interval for the estimated LR were presented so as not get an incorrect estimate that will be used to deliver wrong judgment in the court of Law. The estimate of LR is fundamentally a Bayesian concept and we used two LR estimators, namely Logistic Regression (LoR) and Kernel Density Estimator (KDE) for this paper. The repeatability evaluation was carried out by retesting the initial experiment after an interval of six months to observe whether examiners would repeat their decisions for the estimated LR. The experimental results, which are based on handwriting dataset, show that LR has different confidence intervals which therefore implies that LR cannot be estimated with the same certainty everywhere. Though the LoR performed better than the KDE when tested using the same dataset, the two LR estimators investigated showed a consistent region in which LR value can be estimated confidently. These two findings advance our understanding of LR when used in computing the strength of evidence in handwriting using forensics.

Keywords: confidence interval, handwriting, kernel density estimator, KDE, logistic regression LoR, repeatability, reproducibility

Procedia PDF Downloads 122
384 Influence of the Refractory Period on Neural Networks Based on the Recognition of Neural Signatures

Authors: José Luis Carrillo-Medina, Roberto Latorre

Abstract:

Experimental evidence has revealed that different living neural systems can sign their output signals with some specific neural signature. Although experimental and modeling results suggest that neural signatures can have an important role in the activity of neural networks in order to identify the source of the information or to contextualize a message, the functional meaning of these neural fingerprints is still unclear. The existence of cellular mechanisms to identify the origin of individual neural signals can be a powerful information processing strategy for the nervous system. We have recently built different models to study the ability of a neural network to process information based on the emission and recognition of specific neural fingerprints. In this paper we further analyze the features that can influence on the information processing ability of this kind of networks. In particular, we focus on the role that the duration of a refractory period in each neuron after emitting a signed message can play in the network collective dynamics.

Keywords: neural signature, neural fingerprint, processing based on signal identification, self-organizing neural network

Procedia PDF Downloads 491
383 Comparative Forensic Analysis of Lipsticks Using Thin Layer Chromatography and Gas Chromatography

Authors: M. O. Ezegbogu, H. B. Osadolor

Abstract:

Lipsticks constitute a significant source of transfer evidence, and can, therefore, provide corroborative or inclusionary evidence in criminal investigation. This study aimed to determine the uniqueness and persistence of different lipstick smears using Thin Layer Chromatography (TLC), and Gas Chromatography with a Flame Ionisation Detector (GC-FID). In this study, we analysed lipstick smears retrieved from tea cups exposed to the environment for up to four weeks. The n-alkane content of each sample was determined using GC-FID, while TLC was used to determine the number of bands, and retention factor of each band per smear. This study shows that TLC gives more consistent results over a 4-week period than GC-FID. It also proposes a maximum exposure time of two weeks for the analysis of lipsticks left in the open using GC-FID. Finally, we conclude that neither TLC nor GC-FID can distinguish lipstick evidence recovered from hypothetical crime scenes.

Keywords: forensic science, chromatography, identification, lipstick

Procedia PDF Downloads 185
382 A Dimensional Approach to Family Involvement in Forensic Mental Health Settings - Prevention of the Systemic Replication of Abuse, Need for Accepted Falsehoods and Family Guilt and Shame

Authors: Katie E. Jennings

Abstract:

The interactions between family dynamics and environmental factors with mental health vulnerability in individuals are well known and are a theme for on-going research and debate. The impact upon mental health issues and forensic issues on family dynamics, experience, and emotional wellbeing cannot be over-Emphasised. For forensic patients with diagnosed mental disorders, these relationships and environments may have also been functionally linked to the development and maintenance of those disorders; with significant adverse childhood experiences being a common feature of many Patient’s histories. Mental health hospitals remove the patient from their home environments and provide treatment outside of these relationships and often outside of the home area. There is, therefore, a major focus on Services ensuring that patients are able to build and maintain relationships with family and friends, requiring services to involve families in Patients' care and treatment wherever possible. There are standards set by Government and clinical bodies that require absolute demonstration of the inclusion of family and friends in all aspects of the care and treatment of forensic patients. For some patients and family members, this push to take on a “role” in care can be unhelpful, extremely stressful, and has constant implications for the potential delicate reparation of relationships. Based on work undertaken for over 20 years in forensic mental health settings, this paper explores the positive psychology approach to a dimensional model to family inclusion in mental health care that learns from family court work and allows for the maintenance of relationships to be at both proximal and Distil levels; to prevent the replication of abuse, decrease the need for falsehoods and assist the recovery of all. The model is based on allowing families to choose to not be involved or be involved in different ways if this is seen to be more helpful. It also allows patients to choose the level of potential involvement that they would find helpful, and for this to be reviewed at a timeframe agreed by all parties, rather than when the next survey is due or the patient has a significant care meeting. This paper is significant as there is a lack of research to support services to use a positive psychology approach to work in this area, the assumption that being asked to be involved must be positive for all seems naïve at best for this patient group. Work relating to the psychology of family can significantly contribute to the development of knowledge in this area. The development of a dimensional model will support choice within families and assist in the development of more honest and open relationships.

Keywords: family dynamics, forensic, mental disorder, positive psychology

Procedia PDF Downloads 148