Search results for: digital forensic solution
8514 An Enhanced Digital Forensic Model for Internet of Things Forensic
Authors: Tina Wu, Andrew Martin
Abstract:
The expansion of the Internet of Things (IoT) brings a new level of threat. Attacks on IoT are already being used by criminals to form botnets, launch Distributed Denial of Service (DDoS) and distribute malware. This opens a whole new digital forensic arena to develop forensic methodologies in order to have the capability to investigate IoT related crimes. However, existing proposed IoT forensic models are still premature requiring further improvement and validation, many lack details on the acquisition and analysis phase. This paper proposes an enhanced theoretical IoT digital forensic model focused on identifying and acquiring the main sources of evidence in a methodical way. In addition, this paper presents a theoretical acquisition framework of the different stages required in order to be capable of acquiring evidence from IoT devices.Keywords: acquisition, Internet of Things, model, zoning
Procedia PDF Downloads 2708513 Gender Identification Using Digital Forensics
Authors: Vinod C. Nayak
Abstract:
In day-to-day forensic practice, identification is always a difficult task. Availability of anti-mortem and postmortem records plays a major rule in facilitating this tough task. However, the advent of digital forensic is a boon for forensic experts. This study has made use of digital forensics to establish identity by radiological dimensions of maxillary sinus using workstation software. The findings suggest a significant association between maxillary sinus dimensions and human gender. The author will be discussing the methods and results of the study in this e-poster.Keywords: digital forensics, identification, maxillary sinus, radiology
Procedia PDF Downloads 4188512 Digital Image Forensics: Discovering the History of Digital Images
Authors: Gurinder Singh, Kulbir Singh
Abstract:
Digital multimedia contents such as image, video, and audio can be tampered easily due to the availability of powerful editing softwares. Multimedia forensics is devoted to analyze these contents by using various digital forensic techniques in order to validate their authenticity. Digital image forensics is dedicated to investigate the reliability of digital images by analyzing the integrity of data and by reconstructing the historical information of an image related to its acquisition phase. In this paper, a survey is carried out on the forgery detection by considering the most recent and promising digital image forensic techniques.Keywords: Computer Forensics, Multimedia Forensics, Image Ballistics, Camera Source Identification, Forgery Detection
Procedia PDF Downloads 2458511 Digital Forensics Showdown: Encase and FTK Head-to-Head
Authors: Rida Nasir, Waseem Iqbal
Abstract:
Due to the constant revolution in technology and the increase in anti-forensic techniques used by attackers to remove their traces, professionals often struggle to choose the best tool to be used in digital forensic investigations. This paper compares two of the most well-known and widely used licensed commercial tools, i.e., Encase & FTK. The comparison was drawn on various parameters and features to provide an authentic evaluation of licensed versions of these well-known commercial tools against various real-world scenarios. In order to discover the popularity of these tools within the digital forensic community, a survey was conducted publicly to determine the preferred choice. The dataset used is the Computer Forensics Reference Dataset (CFReDS). A total of 70 features were selected from various categories. Upon comparison, both FTK and EnCase produce remarkable results. However, each tool has some limitations, and none of the tools is declared best. The comparison drawn is completely unbiased, based on factual data.Keywords: digital forensics, commercial tools, investigation, forensic evaluation
Procedia PDF Downloads 188510 Towards a Proof Acceptance by Overcoming Challenges in Collecting Digital Evidence
Authors: Lilian Noronha Nassif
Abstract:
Cybercrime investigation demands an appropriated evidence collection mechanism. If the investigator does not acquire digital proofs in a forensic sound, some important information can be lost, and judges can discard case evidence because the acquisition was inadequate. The correct digital forensic seizing involves preparation of professionals from fields of law, police, and computer science. This paper presents important challenges faced during evidence collection in different perspectives of places. The crime scene can be virtual or real, and technical obstacles and privacy concerns must be considered. All pointed challenges here highlight the precautions to be taken in the digital evidence collection and the suggested procedures contribute to the best practices in the digital forensics field.Keywords: digital evidence, digital forensics process and procedures, mobile forensics, cloud forensics
Procedia PDF Downloads 4048509 Forensic Analysis of Thumbnail Images in Windows 10
Authors: George Kurian, Hongmei Chi
Abstract:
Digital evidence plays a critical role in most legal investigations. In many cases, thumbnail databases show important information in that investigation. The probability of having digital evidence retrieved from a computer or smart device has increased, even though the previous user removed data and deleted apps on those devices. Due to the increase in digital forensics, the ability to store residual information from various thumbnail applications has improved. This paper will focus on investigating thumbnail information from Windows 10. Thumbnail images of interest in forensic investigations may be intact even when the original pictures have been deleted. It is our research goal to recover useful information from thumbnails. In this research project, we use various forensics tools to collect left thumbnail information from deleted videos or pictures. We examine and describe the various thumbnail sources in Windows and propose a methodology for thumbnail collection and analysis from laptops or desktops. A machine learning algorithm is adopted to help speed up content from thumbnail pictures.Keywords: digital forensic, forensic tools, soundness, thumbnail, machine learning, OCR
Procedia PDF Downloads 1328508 A Method to Enhance the Accuracy of Digital Forensic in the Absence of Sufficient Evidence in Saudi Arabia
Authors: Fahad Alanazi, Andrew Jones
Abstract:
Digital forensics seeks to achieve the successful investigation of digital crimes through obtaining acceptable evidence from digital devices that can be presented in a court of law. Thus, the digital forensics investigation is normally performed through a number of phases in order to achieve the required level of accuracy in the investigation processes. Since 1984 there have been a number of models and frameworks developed to support the digital investigation processes. In this paper, we review a number of the investigation processes that have been produced throughout the years and introduce a proposed digital forensic model which is based on the scope of the Saudi Arabia investigation process. The proposed model has been integrated with existing models for the investigation processes and produced a new phase to deal with a situation where there is initially insufficient evidence.Keywords: digital forensics, process, metadata, Traceback, Sauid Arabia
Procedia PDF Downloads 3588507 Anomaly Detection of Log Analysis using Data Visualization Techniques for Digital Forensics Audit and Investigation
Authors: Mohamed Fadzlee Sulaiman, Zainurrasyid Abdullah, Mohd Zabri Adil Talib, Aswami Fadillah Mohd Ariffin
Abstract:
In common digital forensics cases, investigation may rely on the analysis conducted on specific and relevant exhibits involved. Usually the investigation officer may define and advise digital forensic analyst about the goals and objectives to be achieved in reconstructing the trail of evidence while maintaining the specific scope of investigation. With the technology growth, people are starting to realize the importance of cyber security to their organization and this new perspective creates awareness that digital forensics auditing must come in place in order to measure possible threat or attack to their cyber-infrastructure. Instead of performing investigation on incident basis, auditing may broaden the scope of investigation to the level of anomaly detection in daily operation of organization’s cyber space. While handling a huge amount of data such as log files, performing digital forensics audit for large organization proven to be onerous task for the analyst either to analyze the huge files or to translate the findings in a way where the stakeholder can clearly understand. Data visualization can be emphasized in conducting digital forensic audit and investigation to resolve both needs. This study will identify the important factors that should be considered to perform data visualization techniques in order to detect anomaly that meet the digital forensic audit and investigation objectives.Keywords: digital forensic, data visualization, anomaly detection , log analysis, forensic audit, visualization techniques
Procedia PDF Downloads 2868506 Forensic Imaging as an Effective Learning Tool for Teaching Forensic Pathology to Undergraduate Medical Students
Authors: Vasudeva Murthy Challakere Ramaswamy
Abstract:
Background: Conventionally forensic pathology is learnt through autopsy demonstrations which carry various limitations such as unavailability of cases in the mortuary, medico-legal implication and infection. Over the years forensic pathology and science has undergone significant evolution in this digital world. Forensic imaging is a technology which can be effectively utilized for overcoming the current limitations in the undergraduate learning of forensic curriculum. Materials and methods: demonstration of forensic imaging was done using a novel technology of autopsy which has been recently introduced across the globe. Three sessions were conducted in international medical university for a total of 196 medical students. The innovative educational tool was evacuated by using quantitative questionnaire with the scoring scales between 1 to 10. Results: The mean score for acceptance of new tool was 82% and about 74% of the students recommended incorporation of the forensic imaging in the regular curriculum. 82% of students were keen on collaborative research and taking further training courses in forensic imaging. Conclusion: forensic imaging can be an effective tool and also a suitable alternative for teaching undergraduate students. This feedback also supports the fact that students favour the use of contemporary technologies in learning medicine.Keywords: forensic imaging, forensic pathology, medical students, learning tool
Procedia PDF Downloads 4788505 Forensic Challenges in Source Device Identification for Digital Videos
Authors: Mustapha Aminu Bagiwa, Ainuddin Wahid Abdul Wahab, Mohd Yamani Idna Idris, Suleman Khan
Abstract:
Video source device identification has become a problem of concern in numerous domains especially in multimedia security and digital investigation. This is because videos are now used as evidence in legal proceedings. Source device identification aim at identifying the source of digital devices using the content they produced. However, due to affordable processing tools and the influx in digital content generating devices, source device identification is still a major problem within the digital forensic community. In this paper, we discuss source device identification for digital videos by identifying techniques that were proposed in the literature for model or specific device identification. This is aimed at identifying salient open challenges for future research.Keywords: video forgery, source camcorder, device identification, forgery detection
Procedia PDF Downloads 6298504 The Proactive Approach of Digital Forensics Methodology against Targeted Attack Malware
Authors: Mohamed Fadzlee Sulaiman, Mohd Zabri Adil Talib, Aswami Fadillah Mohd Ariffin
Abstract:
Each individual organization has their own mechanism to build up cyber defense capability in protecting their information infrastructures from data breaches and cyber espionage. But, we can not deny the possibility of failing to detect and stop cyber attacks especially for those targeting credential information and intellectual property (IP). In this paper, we would like to share the modern approach of effective digital forensic methodology in order to identify the artifacts in tracing the trails of evidence while mitigating the infection from the target machine/s. This proposed approach will suit the digital forensic investigation to be conducted while resuming the business critical operation after mitigating the infection and minimizing the risk from the identified attack to transpire. Therefore, traditional digital forensics methodology has to be improvised to be proactive which not only focusing to discover the root caused and the threat actor but to develop the relevant mitigation plan in order to prevent from the same attack.Keywords: digital forensic, detection, eradication, targeted attack, malware
Procedia PDF Downloads 2748503 Use of Digital Forensics for Sex Determination by Nasal Index
Authors: Ashwini Kumar, Vinod Nayak, Shankar M. Bakkannavar
Abstract:
The identification of humans is important in forensic investigations not only in living but also in dead, especially in cases of mass disorders. The procedure followed in dead known as post-mortem identification is a challenging task for the forensic pathologist. However, it is mandatory in terms of the law to fulfill the social norms. Many times, due to mutilation of body parts, the normal methods of identification using skeletal remains cannot be used in the process of identification. In such cases, the intact components of the skeletal remains or bony parts play an important role in identification. In these situations, digital forensics can come to our rescue. The authors hereby made a study for determination of sex based on nasal index by using (Big Bore 16 Slice) Multidetector Computed Tomography 2D Scans. The results are represented as a poster.Keywords: sex determination, multidetector computed tomography, nasal index, digital forensic
Procedia PDF Downloads 3968502 An Analysis of Digital Forensic Laboratory Development among Malaysia’s Law Enforcement Agencies
Authors: Sarah K. Taylor, Miratun M. Saharuddin, Zabri A. Talib
Abstract:
Cybercrime is on the rise, and yet many Law Enforcement Agencies (LEAs) in Malaysia have no Digital Forensics Laboratory (DFL) to assist them in the attrition and analysis of digital evidence. From the estimated number of 30 LEAs in Malaysia, sadly, only eight of them owned a DFL. All of the DFLs are concentrated in the capital of Malaysia and none at the state level. LEAs are still depending on the national DFL (CyberSecurity Malaysia) even for simple and straightforward cases. A survey was conducted among LEAs in Malaysia owning a DFL to understand their history of establishing the DFL, the challenges that they faced and the significance of the DFL to their case investigation. The results showed that the while some LEAs faced no challenge in establishing a DFL, some of them took seven to 10 years to do so. The reason was due to the difficulty in convincing their management because of the high costs involved. The results also revealed that with the establishment of a DFL, LEAs were better able to get faster forensic result and to meet agency’s timeline expectation. It is also found that LEAs were also able to get more meaningful forensic results on cases that require niche expertise, compared to sending off cases to the national DFL. Other than that, cases are getting more complex, and hence, a continuous stream of budget for equipment and training is inevitable. The result derived from the study is hoped to be used by other LEAs in justifying to their management the benefits of establishing an in-house DFL.Keywords: digital evidence, digital forensics, digital forensics laboratory, law enforcement agency
Procedia PDF Downloads 1748501 Using Multi-Level Analysis to Identify Future Trends in Small Device Digital Communication Examinations
Authors: Mark A. Spooner
Abstract:
The growth of technological advances in the digital communications industry has dictated the way forensic examination laboratories receive, analyze, and report on digital evidence. This study looks at the trends in a medium sized digital forensics lab that examines small communications devices (i.e., cellular telephones, tablets, thumb drives, etc.) over the past five years. As law enforcement and homeland security organizations budgets shrink, many agencies are being asked to perform more examinations with less resources available. Using multi-level statistical analysis using five years of examination data, this research shows the increasing technological demand trend. The research then extrapolates the current data into the model created and finds a continued exponential growth curve of said demands is well within the parameters defined earlier on in the research.Keywords: digital forensics, forensic examination, small device, trends
Procedia PDF Downloads 1998500 Importance of New Policies of Process Management for Internet of Things Based on Forensic Investigation
Authors: Venkata Venugopal Rao Gudlur
Abstract:
The Proposed Policies referred to as “SOP”, on the Internet of Things (IoT) based Forensic Investigation into Process Management is the latest revolution to save time and quick solution for investigators. The forensic investigation process has been developed over many years from time to time it has been given the required information with no policies in investigation processes. This research reveals that the current IoT based forensic investigation into Process Management based is more connected to devices which is the latest revolution and policies. All future development in real-time information on gathering monitoring is evolved with smart sensor-based technologies connected directly to IoT. This paper present conceptual framework on process management. The smart devices are leading the way in terms of automated forensic models and frameworks established by different scholars. These models and frameworks were mostly focused on offering a roadmap for performing forensic operations with no policies in place. These initiatives would bring a tremendous benefit to process management and IoT forensic investigators proposing policies. The forensic investigation process may enhance more security and reduced data losses and vulnerabilities.Keywords: Internet of Things, Process Management, Forensic Investigation, M2M Framework
Procedia PDF Downloads 1008499 A Unified Approach for Digital Forensics Analysis
Authors: Ali Alshumrani, Nathan Clarke, Bogdan Ghite, Stavros Shiaeles
Abstract:
Digital forensics has become an essential tool in the investigation of cyber and computer-assisted crime. Arguably, given the prevalence of technology and the subsequent digital footprints that exist, it could have a significant role across almost all crimes. However, the variety of technology platforms (such as computers, mobiles, Closed-Circuit Television (CCTV), Internet of Things (IoT), databases, drones, cloud computing services), heterogeneity and volume of data, forensic tool capability, and the investigative cost make investigations both technically challenging and prohibitively expensive. Forensic tools also tend to be siloed into specific technologies, e.g., File System Forensic Analysis Tools (FS-FAT) and Network Forensic Analysis Tools (N-FAT), and a good deal of data sources has little to no specialist forensic tools. Increasingly it also becomes essential to compare and correlate evidence across data sources and to do so in an efficient and effective manner enabling an investigator to answer high-level questions of the data in a timely manner without having to trawl through data and perform the correlation manually. This paper proposes a Unified Forensic Analysis Tool (U-FAT), which aims to establish a common language for electronic information and permit multi-source forensic analysis. Core to this approach is the identification and development of forensic analyses that automate complex data correlations, enabling investigators to investigate cases more efficiently. The paper presents a systematic analysis of major crime categories and identifies what forensic analyses could be used. For example, in a child abduction, an investigation team might have evidence from a range of sources including computing devices (mobile phone, PC), CCTV (potentially a large number), ISP records, and mobile network cell tower data, in addition to third party databases such as the National Sex Offender registry and tax records, with the desire to auto-correlate and across sources and visualize in a cognitively effective manner. U-FAT provides a holistic, flexible, and extensible approach to providing digital forensics in technology, application, and data-agnostic manner, providing powerful and automated forensic analysis.Keywords: digital forensics, evidence correlation, heterogeneous data, forensics tool
Procedia PDF Downloads 1948498 The Conception of Implementation of Vision for European Forensic Science 2020 in Lithuania
Authors: Eglė Bilevičiūtė, Vidmantas Egidijus Kurapka, Snieguolė Matulienė, Sigutė Stankevičiūtė
Abstract:
The Council of European Union (EU Council) has stressed on several occasions the need for a concerted, comprehensive and effective solution to delinquency problems in EU communities. In the context of establishing a European Forensic Science Area and the development of forensic science infrastructure in Europe, EU Council believes that forensic science can significantly contribute to the efficiency of law enforcement, crime prevention and combating crimes. Lithuanian scientists have consolidated to implement a project named “Conception of the vision for European Forensic Science 2020 implementation in Lithuania” (the project is funded for the period of 1 March 2014 - 31 December 2016) with the objective to create a conception of implementation of the vision for European Forensic Science 2020 in Lithuania by 1) evaluating the current status of Lithuania’s forensic system and opportunities for its improvement; 2) analysing achievements and knowledge in investigation of crimes listed in conclusions of EU Council on the vision for European Forensic Science 2020 including creation of a European Forensic Science Area and the development of forensic science infrastructure in Europe: trafficking in human beings, organised crime and terrorism; 3) analysing conceptions of criminalistics, which differ in different EU member states due to the variety of forensic schools, and finding means for their harmonization. Apart from the conception of implementation of the vision for European Forensic Science 2020 in Lithuania, the project is expected to suggest provisions that will be relevant to other EU countries as well. Consequently, the presented conception of implementation of vision for European Forensic Science 2020 in Lithuania could initiate a project for a common vision of European Forensic Science and contribute to the development of the EU as an area of freedom, security and justice. The article presents main ideas of the project of the conception of the vision for European Forensic Science 2020 of EU Council and analyses its legal background, as well as prospects of and challenges for its implementation in Lithuania and the EU.Keywords: EUROVIFOR, standardization, vision for European Forensic Science 2020, Lithuania
Procedia PDF Downloads 4058497 A Progressive Techno-Legal Framework for Digital Evidence Management
Authors: Ayobami P. Olatunji, Saadat Ibiyeye, Abdulaziz Ibiyeye, Tahir M. Khan
Abstract:
Digital evidence has become a cornerstone in criminal investigations due to the vast amount of information available in digital form. Despite its prevalence, this evidence is often met with skepticism in court proceedings because of its inherently volatile nature. Traditional forensic processes, defined predominantly by technology experts, emphasize technical details in evidence collection while often neglecting legal procedures. This gap can pose significant challenges for legal practitioners in understanding and applying digital forensics. As digital evidence increasingly influences future cases, a cohesive framework integrating both technical and legal perspectives is essential. We propose a comprehensive techno-legal framework designed to bridge this gap. Our framework integrates key aspects of collection, preservation, examination, and documentation with legal components such as case building, certificate of compliance, cross-examination, and authorization. This balanced approach aims not to replace existing evidence presentation principles but to enhance the seamless integration of digital evidence into legal proceedings, addressing the common issues that lead to its dismissal.Keywords: evidence presentation, warrant, digital-forensic, certificate of compliance, legal procedures, computer crime, violation, investigation cybercrime
Procedia PDF Downloads 308496 The Role of Digital Technology in Crime Prevention: a Case Study of Cellular Forensics Unit, Capital City Police Peshawar-Pakistan
Authors: Muhammad Ashfaq
Abstract:
Main theme: This prime focus of this study is on the role of digital technology in crime prevention, with special focus on Cellular Forensic Unit, Capital City Police Peshawar-Khyber Pakhtunkhwa-Pakistan. Objective(s) of the study: The prime objective of this study is to provide statistics, strategies and pattern of analysis used for crime prevention in Cellular Forensic Unit of Capital City Police Peshawar, Khyber Pakhtunkhwa-Pakistan. Research Method and Procedure: Qualitative method of research has been used in the study for obtaining secondary data from research wing and Information Technology (IT) section of Peshawar police. Content analysis was the method used for the conduction of the study. This study is delimited to Capital City Police and Cellular Forensic Unit Peshawar-KP, Pakistan. information technologies.Major finding(s): It is evident that the old traditional approach will never provide solutions for better management in controlling crimes. The best way to control crimes and promotion of proactive policing is to adopt new technologies. The study reveals that technology have transformed police more effective and vigilant as compared to traditional policing. The heinous crimes like abduction, missing of an individual, snatching, burglaries and blind murder cases are now traceable with the help of technology.Recommendation(s): From the analysis of the data, it is reflected that Information Technology (IT) expert should be recruited along with research analyst to timely assist and facilitate operational as well as investigation units of police .A mobile locator should be Provided to Cellular Forensic Unit to timely apprehend the criminals .Latest digital analysis software should be provided to equip the Cellular Forensic Unit.Keywords: crime-prevention, cellular-forensic unit-pakistan, crime prevention-digital-pakistan, crminology-pakistan
Procedia PDF Downloads 828495 The Role of Digital Technology in Crime Prevention: A Case Study of Cellular Forensics Unit, Capital City Police Peshawar
Authors: Muhammad Ashfaq
Abstract:
Main theme: This prime focus of this study is on the role of digital technology in crime prevention, with special focus on Cellular Forensic Unit, Capital City Police Peshawar-Khyber Pakhtunkhwa-Pakistan. Objective(s) of the study: The prime objective of this study is to provide statistics, strategies, and pattern of analysis used for crime prevention in Cellular Forensic Unit of Capital City Police Peshawar, Khyber Pakhtunkhwa-Pakistan. Research Method and Procedure: Qualitative method of research has been used in the study for obtaining secondary data from research wing and Information Technology (IT) section of Peshawar police. Content analysis was the method used for the conduction of the study. This study is delimited to Capital City Police and Cellular Forensic Unit Peshawar-KP, Pakistan. information technologies. Major finding(s): It is evident that the old traditional approach will never provide solutions for better management in controlling crimes. The best way to control crimes and promotion of proactive policing is to adopt new technologies. The study reveals that technology have transformed police more effective and vigilant as compared to traditional policing. The heinous crimes like abduction, missing of an individual, snatching, burglaries, and blind murder cases are now traceable with the help of technology. Recommendation(s): From the analysis of the data, it is reflected that Information Technology (IT) expert should be recruited along with research analyst to timely assist and facilitate operational as well as investigation units of police. A mobile locator should be Provided to Cellular Forensic Unit to timely apprehend the criminals. Latest digital analysis software should be provided to equip the Cellular Forensic Unit.Keywords: criminology-pakistan, crime prevention-KP, digital forensics, digital technology-pakistan
Procedia PDF Downloads 978494 Digital Forensics Analysis Focusing on the Onion Router Browser Artifacts in Windows 10
Authors: Zainurrasyid Abdullah, Mohamed Fadzlee Sulaiman, Muhammad Fadzlan Zainal, M. Zabri Adil Talib, Aswami Fadillah M. Ariffin
Abstract:
The Onion Router (Tor) browser is a well-known tool and widely used by people who seeking for web anonymity when browsing the internet. Criminals are taking this advantage to be anonymous over the internet. Accessing the dark web could be the significant reason for the criminal in order for them to perform illegal activities while maintaining their anonymity. For a digital forensic analyst, it is crucial to extract the trail of evidence in proving that the criminal’s computer has used Tor browser to conduct such illegal activities. By applying the digital forensic methodology, several techniques could be performed including application analysis, memory analysis, and registry analysis. Since Windows 10 is the latest operating system released by Microsoft Corporation, this study will use Windows 10 as the operating system platform that running Tor browser. From the analysis, significant artifacts left by Tor browser were discovered such as the execution date, application installation date and browsing history that can be used as an evidence. Although Tor browser was designed to achieved anonymity, there is still some trail of evidence can be found in Windows 10 platform that can be useful for investigation.Keywords: artifacts analysis, digital forensics, forensic analysis, memory analysis, registry analysis, tor browser, Windows 10
Procedia PDF Downloads 1698493 The Role Of Digital Technology In Crime Prevention
Authors: Muhammad Ashfaq
Abstract:
Main theme: This prime focus of this study is on the role of digital technology in crime prevention, with special focus on Cellular Forensic Unit, Capital City Police Peshawar-Khyber Pakhtunkhwa-Pakistan. Objective(s) of the study: The prime objective of this study is to provide statistics, strategies and pattern of analysis used for crime prevention in Cellular Forensic Unit of Capital City Police Peshawar, Khyber Pakhtunkhwa-Pakistan. Research Method and Procedure: Qualitative method of research has been used in the study for obtaining secondary data from research wing and Information Technology (IT) section of Peshawar police. Content analysis was the method used for the conduction of the study. This study is delimited to Capital City Police and Cellular Forensic Unit Peshawar-KP, Pakistan. information technologies. Major finding(s): It is evident that the old traditional approach will never provide solutions for better management in controlling crimes. The best way to control crimes and promotion of proactive policing is to adopt new technologies. The study reveals that technology have transformed police more effective and vigilant as compared to traditional policing. The heinous crimes like abduction, missing of an individual, snatching, burglaries and blind murder cases are now traceable with the help of technology. Recommendation(s): From the analysis of the data, it is reflected that Information Technology (IT) expert should be recruited along with research analyst to timely assist and facilitate operational as well as investigation units of police.A mobile locator should be Provided to Cellular Forensic Unit to timely apprehend the criminals .Latest digital analysis software should be provided to equip the Cellular Forensic Unit.Keywords: crime prevention, digital technology, pakistan, police
Procedia PDF Downloads 658492 The Use of Ontology Framework for Automation Digital Forensics Investigation
Authors: Ahmad Luthfi
Abstract:
One of the main goals of a computer forensic analyst is to determine the cause and effect of the acquisition of a digital evidence in order to obtain relevant information on the case is being handled. In order to get fast and accurate results, this paper will discuss the approach known as ontology framework. This model uses a structured hierarchy of layers that create connectivity between the variant and searching investigation of activity that a computer forensic analysis activities can be carried out automatically. There are two main layers are used, namely analysis tools and operating system. By using the concept of ontology, the second layer is automatically designed to help investigator to perform the acquisition of digital evidence. The methodology of automation approach of this research is by utilizing forward chaining where the system will perform a search against investigative steps and atomically structured in accordance with the rules of the ontology.Keywords: ontology, framework, automation, forensics
Procedia PDF Downloads 3428491 Rapid Evidence Remote Acquisition in High-Availability Server and Storage System for Digital Forensic to Unravel Academic Crime
Authors: Bagus Hanindhito, Fariz Azmi Pratama, Ulfah Nadiya
Abstract:
Nowadays, digital system including, but not limited to, computer and internet have penetrated the education system widely. Critical information such as students’ academic records is stored in a server off- or on-campus. Although several countermeasures have been taken to protect the vital resources from outsider attack, the defense from insiders threat is not getting serious attention. At the end of 2017, a security incident that involved academic information system in one of the most respected universities in Indonesia affected not only the reputation of the institution and its academia but also academic integrity in Indonesia. In this paper, we will explain our efforts in investigating this security incident where we have implemented a novel rapid evidence remote acquisition method in high-availability server and storage system thus our data collection efforts do not disrupt the academic information system and can be conducted remotely minutes after incident report has been received. The acquired evidence is analyzed during digital forensic by constructing the model of the system in an isolated environment which allows multiple investigators to work together. In the end, the suspect is identified as a student (insider), and the investigation result is used by prosecutors to charge the suspect as an academic crime.Keywords: academic information system, academic crime, digital forensic, high-availability server and storage, rapid evidence remote acquisition, security incident
Procedia PDF Downloads 1508490 A Practical Approach and Implementation of Digital Library Towards Best Practice in Malaysian Academic Library
Authors: Zainab Ajab Mohideen, Kiran Kaur, A. Basheer Ahamadhu, Noor Azlinda Wan Jan, Sukmawati Muhammad
Abstract:
The corpus in the digital library is to provide an overview and evidence from library automation that can be used to justify the needs of the digital library. This paper disperses the approach and implementation of the digital library as part of best practices by the Automation Division at Hamzah Sendut Library of the University Science Malaysia (USM). The implemented digital library model emphasizes on the entire library collections, technical perspective, and automation solution. This model served as a foundation for digital library services as part of information delivery in the USM digital library. The approach to digital library includes discussion on key factors, design, architecture, and pragmatic model that has been collected, captured, and identified during the implementation stages. At present, the USM digital library has achieved the status of an Institutional Repository (IR).Keywords: academic digital library, digital information system, digital library best practice, digital library model
Procedia PDF Downloads 5528489 Forensic Analysis of Signal Messenger on Android
Authors: Ward Bakker, Shadi Alhakimi
Abstract:
The amount of people moving towards more privacy focused instant messaging applications has grown significantly. Signal is one of these instant messaging applications, which makes Signal interesting for digital investigators. In this research, we evaluate the artifacts that are generated by the Signal messenger for Android. This evaluation was done by using the features that Signal provides to create artifacts, whereafter, we made an image of the internal storage and the process memory. This image was analysed manually. The manual analysis revealed the content that Signal stores in different locations during its operation. From our research, we were able to identify the artifacts and interpret how they were used. We also examined the source code of Signal. Using our obtain knowledge from the source code, we developed a tool that decrypts some of the artifacts using the key stored in the Android Keystore. In general, we found that most artifacts are encrypted and encoded, even after decrypting some of the artifacts. During data visualization, some artifacts were found, such as that Signal does not use relationships between the data. In this research, two interesting groups of artifacts were identified, those related to the database and those stored in the process memory dump. In the database, we found plaintext private- and group chats, and in the memory dump, we were able to retrieve the plaintext access code to the application. Nevertheless, we conclude that Signal contains a wealth of artifacts that could be very valuable to a digital forensic investigation.Keywords: forensic, signal, Android, digital
Procedia PDF Downloads 828488 Digital Recording System Identification Based on Audio File
Authors: Michel Kulhandjian, Dimitris A. Pados
Abstract:
The objective of this work is to develop a theoretical framework for reliable digital recording system identification from digital audio files alone, for forensic purposes. A digital recording system consists of a microphone and a digital sound processing card. We view the cascade as a system of unknown transfer function. We expect same manufacturer and model microphone-sound card combinations to have very similar/near identical transfer functions, bar any unique manufacturing defect. Input voice (or other) signals are modeled as non-stationary processes. The technical problem under consideration becomes blind deconvolution with non-stationary inputs as it manifests itself in the specific application of digital audio recording equipment classification.Keywords: blind system identification, audio fingerprinting, blind deconvolution, blind dereverberation
Procedia PDF Downloads 3038487 Anti-Forensic Countermeasure: An Examination and Analysis Extended Procedure for Information Hiding of Android SMS Encryption Applications
Authors: Ariq Bani Hardi
Abstract:
Empowerment of smartphone technology is growing very rapidly in various fields of science. One of the mobile operating systems that dominate the smartphone market today is Android by Google. Unfortunately, the expansion of mobile technology is misused by criminals to hide the information that they store or exchange with each other. It makes law enforcement more difficult to prove crimes committed in the judicial process (anti-forensic). One of technique that used to hide the information is encryption, such as the usages of SMS encryption applications. A Mobile Forensic Examiner or an investigator should prepare a countermeasure technique if he finds such things during the investigation process. This paper will discuss an extension procedure if the investigator found unreadable SMS in android evidence because of encryption. To define the extended procedure, we create and analyzing a dataset of android SMS encryption application. The dataset was grouped by application characteristics related to communication permissions, as well as the availability of source code and the documentation of encryption scheme. Permissions indicate the possibility of how applications exchange the data and keys. Availability of the source code and the encryption scheme documentation can show what the cryptographic algorithm specification is used, how long the key length, how the process of key generation, key exchanges, encryption/decryption is done, and other related information. The output of this paper is an extended or alternative procedure for examination and analysis process of android digital forensic. It can be used to help the investigators while they got a confused cause of SMS encryption during examining and analyzing. What steps should the investigator take, so they still have a chance to discover the encrypted SMS in android evidence?Keywords: anti-forensic countermeasure, SMS encryption android, examination and analysis, digital forensic
Procedia PDF Downloads 1268486 Corruption and Economic Performance in Nigeria: The Role of Forensic Accounting
Authors: Jamila Garba Audu, Peter Adamu
Abstract:
This study investigates the role of forensic accounting in the fight against corruption in Nigeria for better utilization of public funds and economic growth and development of the Country. We adopted a trend analysis to show the performance of the Nigerian economy as well as the quality of institutions which government economic and political activities in the country. It is an established fact that Nigeria has performed badly since the 1960s to date in terms of institutional quality and economic development despite large amount of money obtained from the export of crude oil. It was revealed also that the fight against corruption has not been very successful in recent times because experts in the field of forensic accounting have not been utilized. With the successes recorded in dealing with fraud and embezzlement using forensic accounting, it has become imperative for the EFCC to use forensic accountants in the fight against corruption in the country. Also, there is the need to introduce very seriously, the teaching of forensic accounting in Nigerian Universities to train experts.Keywords: corruption, economic performance, forensic accounting, Nigeria
Procedia PDF Downloads 3758485 Digital Forensic Exploration Framework for Email and Instant Messaging Applications
Authors: T. Manesh, Abdalla A. Alameen, M. Mohemmed Sha, A. Mohamed Mustaq Ahmed
Abstract:
Email and instant messaging applications are foremost and extensively used electronic communication methods in this era of information explosion. These applications are generally used for exchange of information using several frontend applications from various service providers by its users. Almost all such communications are now secured using SSL or TLS security over HTTP communication. At the same time, it is also noted that cyber criminals and terrorists have started exchanging information using these methods. Since communication is encrypted end-to-end, tracing significant forensic details and actual content of messages are found to be unattended and severe challenges by available forensic tools. These challenges seriously affect in procuring substantial evidences against such criminals from their working environments. This paper presents a vibrant forensic exploration and architectural framework which not only decrypts any communication or network session but also reconstructs actual message contents of email as well as instant messaging applications. The framework can be effectively used in proxy servers and individual computers and it aims to perform forensic reconstruction followed by analysis of webmail and ICQ messaging applications. This forensic framework exhibits a versatile nature as it is equipped with high speed packet capturing hardware, a well-designed packet manipulating algorithm. It regenerates message contents over regular as well as SSL encrypted SMTP, POP3 and IMAP protocols and catalyzes forensic presentation procedure for prosecution of cyber criminals by producing solid evidences of their actual communication as per court of law of specific countries.Keywords: forensics, network sessions, packet reconstruction, packet reordering
Procedia PDF Downloads 342