Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 1753

Search results for: digital forensics

1753 Establishing Digital Forensics Capability and Capacity among Malaysia's Law Enforcement Agencies: Issues, Challenges and Recommendations

Authors: Sarah Taylor, Nor Zarina Zainal Abidin, Mohd Zabri Adil Talib

Abstract:

Although cybercrime is on the rise, yet many Law Enforcement Agencies in Malaysia faces difficulty in establishing own digital forensics capability and capacity. The main reasons are undoubtedly because of the high cost and difficulty in convincing their management. A survey has been conducted among Malaysia’s Law Enforcement Agencies owning a digital forensics laboratory to understand their history of building digital forensics capacity and capability, the challenges and the impact of having own laboratory to their case investigation. The result of the study shall be used by other Law Enforcement Agencies in justifying to their management to establish own digital forensics capability and capacity.

Keywords: digital forensics, digital forensics capacity and capability, laboratory, law enforcement agency

Procedia PDF Downloads 97
1752 Digital Image Forensics: Discovering the History of Digital Images

Authors: Gurinder Singh, Kulbir Singh

Abstract:

Digital multimedia contents such as image, video, and audio can be tampered easily due to the availability of powerful editing softwares. Multimedia forensics is devoted to analyze these contents by using various digital forensic techniques in order to validate their authenticity. Digital image forensics is dedicated to investigate the reliability of digital images by analyzing the integrity of data and by reconstructing the historical information of an image related to its acquisition phase. In this paper, a survey is carried out on the forgery detection by considering the most recent and promising digital image forensic techniques.

Keywords: Computer Forensics, Multimedia Forensics, Image Ballistics, Camera Source Identification, Forgery Detection

Procedia PDF Downloads 64
1751 Towards a Proof Acceptance by Overcoming Challenges in Collecting Digital Evidence

Authors: Lilian Noronha Nassif

Abstract:

Cybercrime investigation demands an appropriated evidence collection mechanism. If the investigator does not acquire digital proofs in a forensic sound, some important information can be lost, and judges can discard case evidence because the acquisition was inadequate. The correct digital forensic seizing involves preparation of professionals from fields of law, police, and computer science. This paper presents important challenges faced during evidence collection in different perspectives of places. The crime scene can be virtual or real, and technical obstacles and privacy concerns must be considered. All pointed challenges here highlight the precautions to be taken in the digital evidence collection and the suggested procedures contribute to the best practices in the digital forensics field.

Keywords: digital evidence, digital forensics process and procedures, mobile forensics, cloud forensics

Procedia PDF Downloads 255
1750 Organizational Decision to Adopt Digital Forensics: An Empirical Investigation in the Case of Malaysian Law Enforcement Agencies

Authors: Siti N. I. Mat Kamal, Othman Ibrahim, Mehrbakhsh Nilashi, Jafalizan M. Jali

Abstract:

The use of digital forensics (DF) is nowadays essential for law enforcement agencies to identify analysis and interpret the digital information derived from digital sources. In Malaysia, the engagement of Malaysian Law Enforcement Agencies (MLEA) with this new technology is not evenly distributed. To investigate the factors influencing the adoption of DF in Malaysia law enforcement agencies’ operational environment, this study proposed the initial theoretical framework based on the integration of technology organization environment (TOE), institutional theory, and human organization technology (HOT) fit model. A questionnaire survey was conducted on selected law enforcement agencies in Malaysia to verify the validity of the initial integrated framework. Relative advantage, compatibility, coercive pressure, normative pressure, vendor support and perceived technical competence of technical staff were found as the influential factors on digital forensics adoption. In addition to the only moderator of this study (agency size), any significant moderating effect on the perceived technical competence and the decision to adopt digital forensics by Malaysian law enforcement agencies was found insignificant. Thus, these results indicated that the developed integrated framework provides an effective prediction of the digital forensics adoption by Malaysian law enforcement agencies.

Keywords: digital forensics, digital forensics adoption, digital information, law enforcement agency

Procedia PDF Downloads 39
1749 Gender Identification Using Digital Forensics

Authors: Vinod C. Nayak

Abstract:

In day-to-day forensic practice, identification is always a difficult task. Availability of anti-mortem and postmortem records plays a major rule in facilitating this tough task. However, the advent of digital forensic is a boon for forensic experts. This study has made use of digital forensics to establish identity by radiological dimensions of maxillary sinus using workstation software. The findings suggest a significant association between maxillary sinus dimensions and human gender. The author will be discussing the methods and results of the study in this e-poster.

Keywords: digital forensics, identification, maxillary sinus, radiology

Procedia PDF Downloads 270
1748 Digital Forensics Compute Cluster: A High Speed Distributed Computing Capability for Digital Forensics

Authors: Daniel Gonzales, Zev Winkelman, Trung Tran, Ricardo Sanchez, Dulani Woods, John Hollywood

Abstract:

We have developed a distributed computing capability, Digital Forensics Compute Cluster (DFORC2) to speed up the ingestion and processing of digital evidence that is resident on computer hard drives. DFORC2 parallelizes evidence ingestion and file processing steps. It can be run on a standalone computer cluster or in the Amazon Web Services (AWS) cloud. When running in a virtualized computing environment, its cluster resources can be dynamically scaled up or down using Kubernetes. DFORC2 is an open source project that uses Autopsy, Apache Spark and Kafka, and other open source software packages. It extends the proven open source digital forensics capabilities of Autopsy to compute clusters and cloud architectures, so digital forensics tasks can be accomplished efficiently by a scalable array of cluster compute nodes. In this paper, we describe DFORC2 and compare it with a standalone version of Autopsy when both are used to process evidence from hard drives of different sizes.

Keywords: digital forensics, cloud computing, cyber security, spark, Kubernetes, Kafka

Procedia PDF Downloads 295
1747 A Method to Enhance the Accuracy of Digital Forensic in the Absence of Sufficient Evidence in Saudi Arabia

Authors: Fahad Alanazi, Andrew Jones

Abstract:

Digital forensics seeks to achieve the successful investigation of digital crimes through obtaining acceptable evidence from digital devices that can be presented in a court of law. Thus, the digital forensics investigation is normally performed through a number of phases in order to achieve the required level of accuracy in the investigation processes. Since 1984 there have been a number of models and frameworks developed to support the digital investigation processes. In this paper, we review a number of the investigation processes that have been produced throughout the years and introduce a proposed digital forensic model which is based on the scope of the Saudi Arabia investigation process. The proposed model has been integrated with existing models for the investigation processes and produced a new phase to deal with a situation where there is initially insufficient evidence.

Keywords: digital forensics, process, metadata, Traceback, Sauid Arabia

Procedia PDF Downloads 249
1746 Hash Based Block Matching for Digital Evidence Image Files from Forensic Software Tools

Authors: M. Kaya, M. Eris

Abstract:

Internet use, intelligent communication tools, and social media have all become an integral part of our daily life as a result of rapid developments in information technology. However, this widespread use increases crimes committed in the digital environment. Therefore, digital forensics, dealing with various crimes committed in digital environment, has become an important research topic. It is in the research scope of digital forensics to investigate digital evidences such as computer, cell phone, hard disk, DVD, etc. and to report whether it contains any crime related elements. There are many software and hardware tools developed for use in the digital evidence acquisition process. Today, the most widely used digital evidence investigation tools are based on the principle of finding all the data taken place in digital evidence that is matched with specified criteria and presenting it to the investigator (e.g. text files, files starting with letter A, etc.). Then, digital forensics experts carry out data analysis to figure out whether these data are related to a potential crime. Examination of a 1 TB hard disk may take hours or even days, depending on the expertise and experience of the examiner. In addition, it depends on examiner’s experience, and may change overall result involving in different cases overlooked. In this study, a hash-based matching and digital evidence evaluation method is proposed, and it is aimed to automatically classify the evidence containing criminal elements, thereby shortening the time of the digital evidence examination process and preventing human errors.

Keywords: block matching, digital evidence, hash list, evaluation of digital evidence

Procedia PDF Downloads 151
1745 Anomaly Detection of Log Analysis using Data Visualization Techniques for Digital Forensics Audit and Investigation

Authors: Mohamed Fadzlee Sulaiman, Zainurrasyid Abdullah, Mohd Zabri Adil Talib, Aswami Fadillah Mohd Ariffin

Abstract:

In common digital forensics cases, investigation may rely on the analysis conducted on specific and relevant exhibits involved. Usually the investigation officer may define and advise digital forensic analyst about the goals and objectives to be achieved in reconstructing the trail of evidence while maintaining the specific scope of investigation. With the technology growth, people are starting to realize the importance of cyber security to their organization and this new perspective creates awareness that digital forensics auditing must come in place in order to measure possible threat or attack to their cyber-infrastructure. Instead of performing investigation on incident basis, auditing may broaden the scope of investigation to the level of anomaly detection in daily operation of organization’s cyber space. While handling a huge amount of data such as log files, performing digital forensics audit for large organization proven to be onerous task for the analyst either to analyze the huge files or to translate the findings in a way where the stakeholder can clearly understand. Data visualization can be emphasized in conducting digital forensic audit and investigation to resolve both needs. This study will identify the important factors that should be considered to perform data visualization techniques in order to detect anomaly that meet the digital forensic audit and investigation objectives.

Keywords: digital forensic, data visualization, anomaly detection , log analysis, forensic audit, visualization techniques

Procedia PDF Downloads 172
1744 An Analysis of Digital Forensic Laboratory Development among Malaysia’s Law Enforcement Agencies

Authors: Sarah K. Taylor, Miratun M. Saharuddin, Zabri A. Talib

Abstract:

Cybercrime is on the rise, and yet many Law Enforcement Agencies (LEAs) in Malaysia have no Digital Forensics Laboratory (DFL) to assist them in the attrition and analysis of digital evidence. From the estimated number of 30 LEAs in Malaysia, sadly, only eight of them owned a DFL. All of the DFLs are concentrated in the capital of Malaysia and none at the state level. LEAs are still depending on the national DFL (CyberSecurity Malaysia) even for simple and straightforward cases. A survey was conducted among LEAs in Malaysia owning a DFL to understand their history of establishing the DFL, the challenges that they faced and the significance of the DFL to their case investigation. The results showed that the while some LEAs faced no challenge in establishing a DFL, some of them took seven to 10 years to do so. The reason was due to the difficulty in convincing their management because of the high costs involved. The results also revealed that with the establishment of a DFL, LEAs were better able to get faster forensic result and to meet agency’s timeline expectation. It is also found that LEAs were also able to get more meaningful forensic results on cases that require niche expertise, compared to sending off cases to the national DFL. Other than that, cases are getting more complex, and hence, a continuous stream of budget for equipment and training is inevitable. The result derived from the study is hoped to be used by other LEAs in justifying to their management the benefits of establishing an in-house DFL.

Keywords: digital evidence, digital forensics, digital forensics laboratory, law enforcement agency

Procedia PDF Downloads 65
1743 Using Multi-Level Analysis to Identify Future Trends in Small Device Digital Communication Examinations

Authors: Mark A. Spooner

Abstract:

The growth of technological advances in the digital communications industry has dictated the way forensic examination laboratories receive, analyze, and report on digital evidence. This study looks at the trends in a medium sized digital forensics lab that examines small communications devices (i.e., cellular telephones, tablets, thumb drives, etc.) over the past five years. As law enforcement and homeland security organizations budgets shrink, many agencies are being asked to perform more examinations with less resources available. Using multi-level statistical analysis using five years of examination data, this research shows the increasing technological demand trend. The research then extrapolates the current data into the model created and finds a continued exponential growth curve of said demands is well within the parameters defined earlier on in the research.

Keywords: digital forensics, forensic examination, small device, trends

Procedia PDF Downloads 96
1742 Analysis of Various Copy Move Image Forgery Techniques for Better Detection Accuracy

Authors: Grishma D. Solanki, Karshan Kandoriya

Abstract:

In modern era of information age, digitalization has revolutionized like never before. Powerful computers, advanced photo editing software packages and high resolution capturing devices have made manipulation of digital images incredibly easy. As per as image forensics concerns, one of the most actively researched area are detection of copy move forgeries. Higher computational complexity is one of the major component of existing techniques to detect such tampering. Moreover, copy move forgery is usually performed in three steps. First, copying of a region in an image then pasting the same one in the same respective image and finally doing some post-processing like rotation, scaling, shift, noise, etc. Consequently, pseudo Zernike moment is used as a features extraction method for matching image blocks and as a primary factor on which performance of detection algorithms depends.

Keywords: copy-move image forgery, digital forensics, image forensics, image forgery

Procedia PDF Downloads 154
1741 The Proactive Approach of Digital Forensics Methodology against Targeted Attack Malware

Authors: Mohamed Fadzlee Sulaiman, Mohd Zabri Adil Talib, Aswami Fadillah Mohd Ariffin

Abstract:

Each individual organization has their own mechanism to build up cyber defense capability in protecting their information infrastructures from data breaches and cyber espionage. But, we can not deny the possibility of failing to detect and stop cyber attacks especially for those targeting credential information and intellectual property (IP). In this paper, we would like to share the modern approach of effective digital forensic methodology in order to identify the artifacts in tracing the trails of evidence while mitigating the infection from the target machine/s. This proposed approach will suit the digital forensic investigation to be conducted while resuming the business critical operation after mitigating the infection and minimizing the risk from the identified attack to transpire. Therefore, traditional digital forensics methodology has to be improvised to be proactive which not only focusing to discover the root caused and the threat actor but to develop the relevant mitigation plan in order to prevent from the same attack.

Keywords: digital forensic, detection, eradication, targeted attack, malware

Procedia PDF Downloads 163
1740 Use of Digital Forensics for Sex Determination by Nasal Index

Authors: Ashwini Kumar, Vinod Nayak, Shankar M. Bakkannavar

Abstract:

The identification of humans is important in forensic investigations not only in living but also in dead, especially in cases of mass disorders. The procedure followed in dead known as post-mortem identification is a challenging task for the forensic pathologist. However, it is mandatory in terms of the law to fulfill the social norms. Many times, due to mutilation of body parts, the normal methods of identification using skeletal remains cannot be used in the process of identification. In such cases, the intact components of the skeletal remains or bony parts play an important role in identification. In these situations, digital forensics can come to our rescue. The authors hereby made a study for determination of sex based on nasal index by using (Big Bore 16 Slice) Multidetector Computed Tomography 2D Scans. The results are represented as a poster.

Keywords: sex determination, multidetector computed tomography, nasal index, digital forensic

Procedia PDF Downloads 279
1739 The Use of Ontology Framework for Automation Digital Forensics Investigation

Authors: Ahmad Luthfi

Abstract:

One of the main goals of a computer forensic analyst is to determine the cause and effect of the acquisition of a digital evidence in order to obtain relevant information on the case is being handled. In order to get fast and accurate results, this paper will discuss the approach known as ontology framework. This model uses a structured hierarchy of layers that create connectivity between the variant and searching investigation of activity that a computer forensic analysis activities can be carried out automatically. There are two main layers are used, namely analysis tools and operating system. By using the concept of ontology, the second layer is automatically designed to help investigator to perform the acquisition of digital evidence. The methodology of automation approach of this research is by utilizing forward chaining where the system will perform a search against investigative steps and atomically structured in accordance with the rules of the ontology.

Keywords: ontology, framework, automation, forensics

Procedia PDF Downloads 203
1738 The Use of Artificial Intelligence in Digital Forensics and Incident Response (DFIR) in a Constrained Environment

Authors: Dipo Dunsin

Abstract:

Digital investigators often have a hard time spotting evidence in digital information. It has become hard to determine which source of proof relates to a specific investigation. A growing concern is that the various processes, technology, and specific procedures used in the digital investigation are not keeping up with criminal developments. Therefore, the criminals are taking advantage of these weaknesses to commit further crimes. In digital forensics investigations, Artificial Intelligence is invaluable in identifying crime. It has been observed that an algorithm based on artificial intelligence (AI) is highly effective in detecting risks, preventing criminal activity, and forecasting illegal activity. Providing objective data and conducting an assessment is the goal of digital forensics and digital investigation, which will assist in developing a plausible theory that can be presented as evidence in court. Researchers and other authorities have used the available data as evidence in court to convict a person. This research paper aims at developing a multi-agent framework for digital investigations using specific intelligent software agents (ISA). During each task, the agents communicate to address particular tasks jointly and keep the same objectives in mind. The rules and knowledge contained within each agent are dependent on the investigation type. A criminal investigation is classified quickly and efficiently using the case-based reasoning (CBR) technique. The MADIK is implemented using the Java Agent Development Framework and implemented using Eclipse, Postgres repository and a rule engine for agent reasoning. Testing of the proposed framework was carried out using the Lone Wolf image files and datasets. Experiments were conducted using various sets of ISA and VMs. There was a significant reduction in the time taken for the Hash Set Agent to execute. As a result of loading the agents, 5 percent of the time was lost, as the File Path Agent prescribed deleting 1,510, while the Timeline Agent found multiple executable files. In comparison, the integrity check carried out on the Lone Wolf image file using a digital forensic tool kit took approximately 48 minutes (2,880ms), whereas the MADIK framework accomplished this in 16 minutes (960ms). The framework is integrated with Python, allowing for further integration of other digital forensic tools, such as AccessData Forensic Toolkit (FTK), Wireshark, Volatility, and Scapy.

Keywords: artificial intelligence, computer science, criminal investigation, digital forensics

Procedia PDF Downloads 40
1737 Cryptocurrency Forensics: Analysis on Bitcoin E-Wallet from Computer Source Evidence

Authors: Muhammad Nooraiman bin Noorashid, Mohd Sharizuan bin Mohd Omar, Mohd Zabri Adil bin Talib, Aswami Fadillah bin Mohd Ariffin

Abstract:

Nowadays cryptocurrency has become a global phenomenon known to most people. People using this alternative digital money to do a transaction in many ways (e.g. Used for online shopping, wealth management, and fundraising). However, this digital asset also widely used in criminal activities since its use decentralized control as opposed to centralized electronic money and central banking systems and this makes a user, who used this currency invisible. The high-value exchange of these digital currencies also has been a target to criminal activities. The cryptocurrency crimes have become a challenge for the law enforcement to analyze and to proof the evidence as criminal devices. In this paper, our focus is more on bitcoin cryptocurrency and the possible artifacts that can be obtained from the different type of digital wallet, which is software and browser-based application. The process memory and physical hard disk are examined with the aims of identifying and recovering potential digital evidence. The stage of data acquisition divided by three states which are the initial creation of the wallet, transaction that consists transfer and receiving a coin and the last state is after the wallet is being deleted. Findings from this study suggest that both data from software and browser type of wallet process memory is a valuable source of evidence, and many of the artifacts found in process memory are also available from the application and wallet files on the client computer storage.

Keywords: cryptocurrency, bitcoin, digital wallet, digital forensics

Procedia PDF Downloads 172
1736 Three Tier Indoor Localization System for Digital Forensics

Authors: Dennis L. Owuor, Okuthe P. Kogeda, Johnson I. Agbinya

Abstract:

Mobile localization has attracted a great deal of attention recently due to the introduction of wireless networks. Although several localization algorithms and systems have been implemented and discussed in the literature, very few researchers have exploited the gap that exists between indoor localization, tracking, external storage of location information and outdoor localization for the purpose of digital forensics during and after a disaster. The contribution of this paper lies in the implementation of a robust system that is capable of locating, tracking mobile device users and store location information for both indoor and partially outdoor the cloud. The system can be used during disaster to track and locate mobile phone users. The developed system is a mobile application built based on Android, Hypertext Preprocessor (PHP), Cascading Style Sheets (CSS), JavaScript and MATLAB for the Android mobile users. Using Waterfall model of software development, we have implemented a three level system that is able to track, locate and store mobile device information in secure database (cloud) on almost a real time basis. The outcome of the study showed that the developed system is efficient with regard to the tracking and locating mobile devices. The system is also flexible, i.e. can be used in any building with fewer adjustments. Finally, the system is accurate for both indoor and outdoor in terms of locating and tracking mobile devices.

Keywords: indoor localization, digital forensics, fingerprinting, tracking and cloud

Procedia PDF Downloads 227
1735 A Unified Approach for Digital Forensics Analysis

Authors: Ali Alshumrani, Nathan Clarke, Bogdan Ghite, Stavros Shiaeles

Abstract:

Digital forensics has become an essential tool in the investigation of cyber and computer-assisted crime. Arguably, given the prevalence of technology and the subsequent digital footprints that exist, it could have a significant role across almost all crimes. However, the variety of technology platforms (such as computers, mobiles, Closed-Circuit Television (CCTV), Internet of Things (IoT), databases, drones, cloud computing services), heterogeneity and volume of data, forensic tool capability, and the investigative cost make investigations both technically challenging and prohibitively expensive. Forensic tools also tend to be siloed into specific technologies, e.g., File System Forensic Analysis Tools (FS-FAT) and Network Forensic Analysis Tools (N-FAT), and a good deal of data sources has little to no specialist forensic tools. Increasingly it also becomes essential to compare and correlate evidence across data sources and to do so in an efficient and effective manner enabling an investigator to answer high-level questions of the data in a timely manner without having to trawl through data and perform the correlation manually. This paper proposes a Unified Forensic Analysis Tool (U-FAT), which aims to establish a common language for electronic information and permit multi-source forensic analysis. Core to this approach is the identification and development of forensic analyses that automate complex data correlations, enabling investigators to investigate cases more efficiently. The paper presents a systematic analysis of major crime categories and identifies what forensic analyses could be used. For example, in a child abduction, an investigation team might have evidence from a range of sources including computing devices (mobile phone, PC), CCTV (potentially a large number), ISP records, and mobile network cell tower data, in addition to third party databases such as the National Sex Offender registry and tax records, with the desire to auto-correlate and across sources and visualize in a cognitively effective manner. U-FAT provides a holistic, flexible, and extensible approach to providing digital forensics in technology, application, and data-agnostic manner, providing powerful and automated forensic analysis.

Keywords: digital forensics, evidence correlation, heterogeneous data, forensics tool

Procedia PDF Downloads 39
1734 A Novel Methodology for Browser Forensics to Retrieve Searched Keywords from Windows 10 Physical Memory Dump

Authors: Dija Sulekha

Abstract:

Nowadays, a good percentage of reported cybercrimes involve the usage of the Internet, directly or indirectly for committing the crime. Usually, Web Browsers leave traces of browsing activities on the host computer’s hard disk, which can be used by investigators to identify internet-based activities of the suspect. But criminals, who involve in some organized crimes, disable browser file generation feature to hide the evidence while doing illegal activities through the Internet. In such cases, even though browser files were not generated in the storage media of the system, traces of recent and ongoing activities were generated in the Physical Memory of the system. As a result, the analysis of Physical Memory Dump collected from the suspect's machine retrieves lots of forensically crucial information related to the browsing history of the Suspect. This information enables the cyber forensic investigators to concentrate on a few highly relevant selected artefacts while doing the Offline Forensics analysis of storage media. This paper addresses the reconstruction of web browsing activities by conducting live forensics to identify searched terms, downloaded files, visited sites, email headers, email ids, etc. from the physical memory dump collected from Windows 10 Systems. Well-known entry points are available for retrieving all the above artefacts except searched terms. The paper describes a novel methodology to retrieve the searched terms from Windows 10 Physical Memory. The searched terms retrieved in this way can be used for doing advanced file and keyword search in the storage media files reconstructed from the file system recovery in offline forensics.

Keywords: browser forensics, digital forensics, live Forensics, physical memory forensics

Procedia PDF Downloads 20
1733 Digital Forensics Analysis Focusing on the Onion Router Browser Artifacts in Windows 10

Authors: Zainurrasyid Abdullah, Mohamed Fadzlee Sulaiman, Muhammad Fadzlan Zainal, M. Zabri Adil Talib, Aswami Fadillah M. Ariffin

Abstract:

The Onion Router (Tor) browser is a well-known tool and widely used by people who seeking for web anonymity when browsing the internet. Criminals are taking this advantage to be anonymous over the internet. Accessing the dark web could be the significant reason for the criminal in order for them to perform illegal activities while maintaining their anonymity. For a digital forensic analyst, it is crucial to extract the trail of evidence in proving that the criminal’s computer has used Tor browser to conduct such illegal activities. By applying the digital forensic methodology, several techniques could be performed including application analysis, memory analysis, and registry analysis. Since Windows 10 is the latest operating system released by Microsoft Corporation, this study will use Windows 10 as the operating system platform that running Tor browser. From the analysis, significant artifacts left by Tor browser were discovered such as the execution date, application installation date and browsing history that can be used as an evidence. Although Tor browser was designed to achieved anonymity, there is still some trail of evidence can be found in Windows 10 platform that can be useful for investigation.

Keywords: artifacts analysis, digital forensics, forensic analysis, memory analysis, registry analysis, tor browser, Windows 10

Procedia PDF Downloads 54
1732 Anti-Forensics: A Script-Based Tool for Extracting Evidence Hidden by Cryptographic and Steganographic Techniques

Authors: Maider Daniels Uribarri

Abstract:

Anti-forensics has become an increasingly important issue in the modern world of digital evidence. It is a 50/50 split between the privacy-conscious and the criminally malicious, generally dependent on the severity of the methods deployed. This project aims to determine the correlation between unprocessed evidence artifacts and extreme methods of data hiding, in the form of Steganographic and Cryptographic techniques. It will generate an in-depth investigation into the state of current digital forensic toolkits, the legal ramifications of data seizure and factor the design and testing of experimental research methodology in the form of problem-solving. Using qualitative data appropriated from reliable sources, the project will establish an environment specifically for the testing and analysis of a new toolkit: A script-based toolkit for extracting evidence hidden by Cryptographic and Steganographic techniques. By establishing a connection between legal encumbrance, the inadequacy of features currently present on toolkits and the measure of evidence artifacts hampered due to the inability of current processing, the hope is to establish an indisputable need for the project toolkit in order to remediate some of the problems facing law enforcement officials and agencies today

Keywords: anti-forensics, cryptography, data hiding, steganography

Procedia PDF Downloads 47
1731 A Passive Digital Video Authentication Technique Using Wavelet Based Optical Flow Variation Thresholding

Authors: R. S. Remya, U. S. Sethulekshmi

Abstract:

Detecting the authenticity of a video is an important issue in digital forensics as Video is used as a silent evidence in court such as in child pornography, movie piracy cases, insurance claims, cases involving scientific fraud, traffic monitoring etc. The biggest threat to video data is the availability of modern open video editing tools which enable easy editing of videos without leaving any trace of tampering. In this paper, we propose an efficient passive method for inter-frame video tampering detection, its type and location by estimating the optical flow of wavelet features of adjacent frames and thresholding the variation in the estimated feature. The performance of the algorithm is compared with the z-score thresholding and achieved an efficiency above 95% on all the tested databases. The proposed method works well for videos with dynamic (forensics) as well as static (surveillance) background.

Keywords: discrete wavelet transform, optical flow, optical flow variation, video tampering

Procedia PDF Downloads 265
1730 The Forensic Swing of Things: The Current Legal and Technical Challenges of IoT Forensics

Authors: Pantaleon Lutta, Mohamed Sedky, Mohamed Hassan

Abstract:

The inability of organizations to put in place management control measures for Internet of Things (IoT) complexities persists to be a risk concern. Policy makers have been left to scamper in finding measures to combat these security and privacy concerns. IoT forensics is a cumbersome process as there is no standardization of the IoT products, no or limited historical data are stored on the devices. This paper highlights why IoT forensics is a unique adventure and brought out the legal challenges encountered in the investigation process. A quadrant model is presented to study the conflicting aspects in IoT forensics. The model analyses the effectiveness of forensic investigation process versus the admissibility of the evidence integrity; taking into account the user privacy and the providers’ compliance with the laws and regulations. Our analysis concludes that a semi-automated forensic process using machine learning, could eliminate the human factor from the profiling and surveillance processes, and hence resolves the issues of data protection (privacy and confidentiality).

Keywords: cloud forensics, data protection Laws, GDPR, IoT forensics, machine Learning

Procedia PDF Downloads 34
1729 Digital Preservation: A Need of Tomorrow

Authors: Gaurav Kumar

Abstract:

Digital libraries have been established all over the world to create, maintain and to preserve the digital materials. This paper exhibits the importance and objectives of digital preservation. The necessities of preservation are hardware and software technology to interpret the digital documents and discuss various aspects of digital preservation.

Keywords: preservation, digital preservation, conservation, archive, repository, document, information technology, hardware, software, organization, machine readable format

Procedia PDF Downloads 414
1728 Texture-Based Image Forensics from Video Frame

Authors: Li Zhou, Yanmei Fang

Abstract:

With current technology, images and videos can be obtained more easily than ever. It is so easy to manipulate these digital multimedia information when obtained, and that the content or source of the image and video could be easily tampered. In this paper, we propose to identify the image and video frame by the texture-based approach, e.g. Markov Transition Probability (MTP), which is in space domain, DCT domain and DWT domain, respectively. In the experiment, image and video frame database is constructed, and is used to train and test the classifier Support Vector Machine (SVM). Experiment results show that the texture-based approach has good performance. In order to verify the experiment result, and testify the universality and robustness of algorithm, we build a random testing dataset, the random testing result is in keeping with above experiment.

Keywords: multimedia forensics, video frame, LBP, MTP, SVM

Procedia PDF Downloads 292
1727 The Roles of Aesthetics and Information Quality on Intention to Continued Used of Digital Library within the Context of UTAUT2

Authors: Shahruhaida Adayu Mohd Paili, Abd Latif Abdul Rahman, Asmadi Mohammed Ghazali

Abstract:

Digital library was developed by many organizations, especially universities. The digital library can be considered as a new information system. Digital library brings many benefits to the users. There are many researches that have investigated the importance of the digital library, the acceptance, and continuance use of digital library. The investigation towards the digital library is important and it is crucial to understand the reason why users accept and continued use of digital library. Users can search the information and available resources through the digital library website. It is important to know the user’s perception towards the aesthetics of the digital library. Besides that, because of digital library provided information to the users, the researcher also needed to investigate the quality of information in digital library. This study used Extending the Unified Theory of Acceptance and Use of Technology (UTAUT2) in order to know the user’s intention to continued use of digital library.

Keywords: digital library, aesthetics, information quality, intention to continued use of digital library, UTAUT2

Procedia PDF Downloads 200
1726 A Practical Approach and Implementation of Digital Library Towards Best Practice in Malaysian Academic Library

Authors: Zainab Ajab Mohideen, Kiran Kaur, A. Basheer Ahamadhu, Noor Azlinda Wan Jan, Sukmawati Muhammad

Abstract:

The corpus in the digital library is to provide an overview and evidence from library automation that can be used to justify the needs of the digital library. This paper disperses the approach and implementation of the digital library as part of best practices by the Automation Division at Hamzah Sendut Library of the University Science Malaysia (USM). The implemented digital library model emphasizes on the entire library collections, technical perspective, and automation solution. This model served as a foundation for digital library services as part of information delivery in the USM digital library. The approach to digital library includes discussion on key factors, design, architecture, and pragmatic model that has been collected, captured, and identified during the implementation stages. At present, the USM digital library has achieved the status of an Institutional Repository (IR).

Keywords: academic digital library, digital information system, digital library best practice, digital library model

Procedia PDF Downloads 412
1725 Smartphone Video Source Identification Based on Sensor Pattern Noise

Authors: Raquel Ramos López, Anissa El-Khattabi, Ana Lucila Sandoval Orozco, Luis Javier García Villalba

Abstract:

An increasing number of mobile devices with integrated cameras has meant that most digital video comes from these devices. These digital videos can be made anytime, anywhere and for different purposes. They can also be shared on the Internet in a short period of time and may sometimes contain recordings of illegal acts. The need to reliably trace the origin becomes evident when these videos are used for forensic purposes. This work proposes an algorithm to identify the brand and model of mobile device which generated the video. Its procedure is as follows: after obtaining the relevant video information, a classification algorithm based on sensor noise and Wavelet Transform performs the aforementioned identification process. We also present experimental results that support the validity of the techniques used and show promising results.

Keywords: digital video, forensics analysis, key frame, mobile device, PRNU, sensor noise, source identification

Procedia PDF Downloads 309
1724 Towards the Definition of Digital Leadership with Drawing the Big Picture and Identifying 20 Factors Relevant for the Understanding and Implementation of Digital Leadership

Authors: Denis Imhof, Stella Gatziu Grivas

Abstract:

Based on the identification of challenges and conditions of the digital age faced by organizations today and the existing contributions in the digital leadership literature, the authors propose a holistic definition of digital leadership which considers the four main areas: organizational-, employee-, self-, and strategic position leadership. Based on this definition, the main contribution of this paper is the identification of 20 digital leadership factors which are relevant for successful digital leadership and which do, on the one hand, side offers a deeper understanding of (the four main areas of) digital leadership, and on the other hand side offer guidance for the implementation and improvement of digital leadership capabilities for organizations facing the challenges and conditions of the digital age.

Keywords: digital leadership, organizational leadership, employee leadership, self-leadership, strategic position leadership, big picture, digital leadership areas, digital leadership factors, challenges, conditions, digital age, digital economy, digitalization, digital transformation

Procedia PDF Downloads 36