Search results for: forensic entomology

Authors: Mohamed Fadzlee Sulaiman, Mohd Zabri Adil Talib, Aswami Fadillah Mohd Ariffin

Abstract:

Each individual organization has their own mechanism to build up cyber defense capability in protecting their information infrastructures from data breaches and cyber espionage. But, we can not deny the possibility of failing to detect and stop cyber attacks especially for those targeting credential information and intellectual property (IP). In this paper, we would like to share the modern approach of effective digital forensic methodology in order to identify the artifacts in tracing the trails of evidence while mitigating the infection from the target machine/s. This proposed approach will suit the digital forensic investigation to be conducted while resuming the business critical operation after mitigating the infection and minimizing the risk from the identified attack to transpire. Therefore, traditional digital forensics methodology has to be improvised to be proactive which not only focusing to discover the root caused and the threat actor but to develop the relevant mitigation plan in order to prevent from the same attack.

Keywords: digital forensic, detection, eradication, targeted attack, malware

Procedia PDF Downloads 238

Authors: Muhammad Ashfaq

Abstract:

Main theme: This prime focus of this study is on the role of digital technology in crime prevention, with special focus on Cellular Forensic Unit, Capital City Police Peshawar-Khyber Pakhtunkhwa-Pakistan. Objective(s) of the study: The prime objective of this study is to provide statistics, strategies and pattern of analysis used for crime prevention in Cellular Forensic Unit of Capital City Police Peshawar, Khyber Pakhtunkhwa-Pakistan. Research Method and Procedure: Qualitative method of research has been used in the study for obtaining secondary data from research wing and Information Technology (IT) section of Peshawar police. Content analysis was the method used for the conduction of the study. This study is delimited to Capital City Police and Cellular Forensic Unit Peshawar-KP, Pakistan. information technologies. Major finding(s): It is evident that the old traditional approach will never provide solutions for better management in controlling crimes. The best way to control crimes and promotion of proactive policing is to adopt new technologies. The study reveals that technology have transformed police more effective and vigilant as compared to traditional policing. The heinous crimes like abduction, missing of an individual, snatching, burglaries and blind murder cases are now traceable with the help of technology. Recommendation(s): From the analysis of the data, it is reflected that Information Technology (IT) expert should be recruited along with research analyst to timely assist and facilitate operational as well as investigation units of police.A mobile locator should be Provided to Cellular Forensic Unit to timely apprehend the criminals .Latest digital analysis software should be provided to equip the Cellular Forensic Unit.

Keywords: crime prevention, digital technology, pakistan, police

Procedia PDF Downloads 33

Authors: Sedat Aktas, Egemen Ulusoy, Remzi Yildirim

Abstract:

This article explains how to get a ram image from a computer with a Linux operating system and what steps should be followed while getting it. What we mean by taking a ram image is the process of dumping the physical memory instantly and writing it to a file. This process can be likened to taking a picture of everything in the computer’s memory at that moment. This process is very important for tools that analyze ram images. Volatility can be given as an example because before these tools can analyze ram, images must be taken. These tools are used extensively in the forensic world. Forensic, on the other hand, is a set of processes for digitally examining the information on any computer or server on behalf of official authorities. In this article, the protected mode architecture in the Linux operating system is examined, and the way to save the image sample of the kernel driver and system memory to disk is followed. Tables and access methods to be used in the operating system are examined based on the basic architecture of the operating system, and the most appropriate methods and application methods are transferred to the article. Since there is no article directly related to this study on Linux in the literature, it is aimed to contribute to the literature with this study on obtaining ram images. LIME can be mentioned as a similar tool, but there is no explanation about the memory dumping method of this tool. Considering the frequency of use of these tools, the contribution of the study in the field of forensic medicine has been the main motivation of the study due to the intense studies on ram image in the field of forensics.

Keywords: linux, paging, addressing, ram-image, memory dumping, kernel modules, forensic

Procedia PDF Downloads 69

Authors: Prateek Rastogi

Abstract:

Medical teaching in present era concentrates not only on teaching but on effective teaching. For effective teaching a combination of effective carefully designed curriculum, an educated educator, competent learner and fool proof evaluation system is required. Keeping these parameters in mind and study was undertaken at Kasturba Medical College, Mangalore among medical students. In this study, evaluation of Forensic Medicine syllabus along with its teaching and evaluation methodology was done using 20 different parameters. This questionnaire based study was done over a period of two years i.e. 2013 and 2014. Batch of students who just passed the forensic medicine subject was included for study. Carefully designed questionnaire contained questions related to course content, teaching methodology and evaluation system along with provisions to mention merits and demerits of subject. The feedbacks in first round were analyzed and suggestions were implemented before conducting the second round of study. Overall evaluation of course was done as well as it was compared with other subjects of second MBBS. It was noted that Scores improved in 2nd survey thus stressing the importance of course evaluation and student feedback in teaching improvement.

Keywords: teaching methodology, system of evaluation, course content, bioinformatics, biomedicine

Procedia PDF Downloads 315

Authors: M. Taleb, G. Tail, F. Z. Kara, B. Djedouani T. Moussa

Abstract:

Necrophagous insects usually colonize cadavers within a short time after death. However, they are influenced by weather conditions, and their distribution and activity vary according to different time scales, which can affect the post-mortem interval (PMI) estimation. As no data have been published in Algeria on necrophagous insects visiting corpses, two field surveys were conducted in July 2012 and March 2013 at the National Institute for Criminalistics and Criminology (INCC) using rabbit carcasses (Oryctolagus cuniculus L.). The trials were designed to identify the necrophagous Diptera fauna of Algiers, Algeria and examine their variations according to environmental variables. Four hundred and eighteen Diptera adults belonging to five families were captured during this study. The species which were identified on human corpses in different regions of Algeria were also observed on the rabbit carcasses. Although seasonal variations of the species were observed, their abundance did not significantly vary between the two seasons. In addition to seasonal effects, the ambient temperature, the wind speed, and precipitation affect the number of trapped flies. These conclusions highlight the necessity of considering the environmental factors at a scene to estimate the post-mortem interval accurately. It is hoped that these findings provide basic information regarding the necrophagous Diptera fauna of Algeria.

Keywords: forensic entomology, necrophagous diptera, post-mortem interval, abiotic factors, Algeria

Procedia PDF Downloads 353

Authors: Pantaleon Lutta, Mohamed Sedky, Mohamed Hassan

Abstract:

The inability of organizations to put in place management control measures for Internet of Things (IoT) complexities persists to be a risk concern. Policy makers have been left to scamper in finding measures to combat these security and privacy concerns. IoT forensics is a cumbersome process as there is no standardization of the IoT products, no or limited historical data are stored on the devices. This paper highlights why IoT forensics is a unique adventure and brought out the legal challenges encountered in the investigation process. A quadrant model is presented to study the conflicting aspects in IoT forensics. The model analyses the effectiveness of forensic investigation process versus the admissibility of the evidence integrity; taking into account the user privacy and the providers’ compliance with the laws and regulations. Our analysis concludes that a semi-automated forensic process using machine learning, could eliminate the human factor from the profiling and surveillance processes, and hence resolves the issues of data protection (privacy and confidentiality).

Keywords: cloud forensics, data protection Laws, GDPR, IoT forensics, machine Learning

Procedia PDF Downloads 112

Authors: Shirin jalili, Hadi Shirzad, Samaneh Nabavi, Somayeh Khanjani

Abstract:

Biosensors in forensic analysis are ideal biological tools that can be used for rapid and sensitive initial screening and testing to detect of suspicious components like biological and chemical agent in crime scenes. The wide use of different biomolecules such as proteins, nucleic acids, microorganisms, antibodies and enzymes makes it possible. These biosensors have great advantages such as rapidity, little sample manipulation and high sensitivity, also Because of their stability, specificity and low cost they have become a very important tool to Forensic analysis and detection of crime. In crime scenes different substances such as rape samples, Semen, saliva fingerprints and blood samples, act as a detecting elements for biosensors. On the other hand, successful fluid recovery via biosensor has the propensity to yield a highly valuable source of genetic material, which is important in finding the suspect. Although current biological fluid testing techniques are impaired for identification of body fluids. But these methods have disadvantages. For example if they are to be used simultaneously, Often give false positive result. These limitations can negatively result the output of a case through missed or misinterpreted evidence. The use of biosensor enable criminal researchers the highly sensitive and non-destructive detection of biological fluid through interaction with several fluid-endogenous and other biological and chemical contamination at the crime scene. For this reason, using of the biosensors for detecting the biological fluid found at the crime scenes which play an important role in identifying the suspect and solving the criminal.

Keywords: biosensors, forensic analysis, biological fluid, crime detection

Procedia PDF Downloads 1060

Authors: Muhammad Ashfaq

Abstract:

Main theme: This prime focus of this study is on the role of digital technology in crime prevention, with special focus on Cellular Forensic Unit, Capital City Police Peshawar-Khyber Pakhtunkhwa-Pakistan. Objective(s) of the study: The prime objective of this study is to provide statistics, strategies, and pattern of analysis used for crime prevention in Cellular Forensic Unit of Capital City Police Peshawar, Khyber Pakhtunkhwa-Pakistan. Research Method and Procedure: Qualitative method of research has been used in the study for obtaining secondary data from research wing and Information Technology (IT) section of Peshawar police. Content analysis was the method used for the conduction of the study. This study is delimited to Capital City Police and Cellular Forensic Unit Peshawar-KP, Pakistan. information technologies. Major finding(s): It is evident that the old traditional approach will never provide solutions for better management in controlling crimes. The best way to control crimes and promotion of proactive policing is to adopt new technologies. The study reveals that technology have transformed police more effective and vigilant as compared to traditional policing. The heinous crimes like abduction, missing of an individual, snatching, burglaries, and blind murder cases are now traceable with the help of technology. Recommendation(s): From the analysis of the data, it is reflected that Information Technology (IT) expert should be recruited along with research analyst to timely assist and facilitate operational as well as investigation units of police. A mobile locator should be Provided to Cellular Forensic Unit to timely apprehend the criminals. Latest digital analysis software should be provided to equip the Cellular Forensic Unit.

Keywords: criminology-pakistan, crime prevention-KP, digital forensics, digital technology-pakistan

Procedia PDF Downloads 55

Authors: Prateek Rastogi, Jenash Acharya

Abstract:

Histopathology examination has been a boon to forensic experts all around the world since its implication in autopsy cases. Whenever a case of sudden death is encountered, forensic experts clandestinely focus on cardiovascular, respiratory, gastrointestinal or cranio-cerebral causes. After ruling out poisoning or trauma, they are left with the only option available, histopathology examination. Besides preserving thoracic and abdominal organs, brain tissues are very less frequently subjected for the analysis. Based on provisional diagnosis documented on hospital treatment record files, one hemisphere of grossly unremarkable cerebrum was confirmatively diagnosed by histopathology examination to be a case of cerebral toxoplasmosis.

Keywords: cerebral toxoplasmosis, sudden death, health information, histopathology

Procedia PDF Downloads 218

Authors: Somayeh Khanjani, Hamideh Abolghasemi, Hadi Shirzad, Samaneh Nabavi

Abstract:

At world market can be currently encountered a wide range of gemological objects that are incorrectly declared, treated, or it concerns completely different materials that try to copy precious objects more or less successfully. Counterfeiting of precious commodities is a problem faced by governments in most countries. Police have seized many counterfeit coins that looked like the real coins and because the feeling to the touch and the weight were very similar to those of real coins. Most people were fooled and believed that the counterfeit coins were real ones. These counterfeit coins may have been made by big criminal organizations. To elucidate the manufacturing process, not only the quantitative analysis of the coins but also the comparison of their morphological characteristics was necessary. Several modern techniques have been applied to prevent counterfeiting of coins. The objective of this study was to demonstrate the potential of X-ray Fluorescence (XRF) technique and the other analytical techniques for example SEM/EDX/WDX, FT-IR/ATR and Raman Spectroscopy. Using four elements (Cu, Ag, Au and Zn) and obtaining XRF for several samples, they could be discriminated. XRF technique and SEM/EDX/WDX are used for study of chemical composition. XRF analyzers provide a fast, accurate, nondestructive method to test the purity and chemistry of all precious metals. XRF is a very promising technique for rapid and non destructive counterfeit coins identification in forensic science.

Keywords: counterfeit coins, X-ray fluorescence, forensic, FT-IR

Procedia PDF Downloads 456

Authors: Gurinder Singh, Kulbir Singh

Abstract:

Digital multimedia contents such as image, video, and audio can be tampered easily due to the availability of powerful editing softwares. Multimedia forensics is devoted to analyze these contents by using various digital forensic techniques in order to validate their authenticity. Digital image forensics is dedicated to investigate the reliability of digital images by analyzing the integrity of data and by reconstructing the historical information of an image related to its acquisition phase. In this paper, a survey is carried out on the forgery detection by considering the most recent and promising digital image forensic techniques.

Keywords: Computer Forensics, Multimedia Forensics, Image Ballistics, Camera Source Identification, Forgery Detection

Procedia PDF Downloads 210

Authors: Gigih Supriyatno

Abstract:

SQL injection is one of the most common types of attacks and has a very critical impact on web servers. In the worst case, an attacker can perform post-exploitation after a successful SQL injection attack. In the case of forensics web servers, web server analysis is closely related to log file analysis. But sometimes large file sizes and different log types make it difficult for investigators to look for traces of attackers on the server. The purpose of this paper is to help investigator take appropriate steps to investigate when the web server gets attacked. We use attack scenarios using SQL injection attacks including PHP backdoor injection as post-exploitation. We perform post-mortem analysis of web server logs based on Hypertext Transfer Protocol (HTTP) POST and HTTP GET method approaches that are characteristic of SQL injection attacks. In addition, we also propose structured analysis method between the web server application log file, database application, and other additional logs that exist on the webserver. This method makes the investigator more structured to analyze the log file so as to produce evidence of attack with acceptable time. There is also the possibility that other attack techniques can be detected with this method. On the other side, it can help web administrators to prepare their systems for the forensic readiness.

Keywords: web forensic, SQL injection, investigation, web shell

Procedia PDF Downloads 112

Authors: Anupuma Raina, Ajay P. Balayan, Prateek Pandya, Pankaj Shrivastava, Uma Kanga, Tulika Seth

Abstract:

DNA fingerprinting analysis aids in personal identification for forensic purposes and has always been a driving motivation for law enforcement agencies in almost all countries since its inception. The introduction of DNA markers (Y-STR) has allowed for greater precision and higher discriminatory power in forensic testing. A criminal/ person committing crime after bone marrow transplantation is a rare situation but not an impossible one. Keeping such a situation in mind, a study was carried out to find out the best biological sample to be used for personal identification, especially in forensic situation. We choose a female patient (recipient) and a male donor. The pre transplant sample (blood) and post transplant samples (blood, buccal swab, hair roots) were collected from the recipient (patient). The same were compared with the blood sample of the donor using DNA FP technique. Post transplant samples were collected at different interval of time (15, 30, 60, and 90 days). The study was carried out using Y-STR kit at 23 loci. The results determined discusses the phenomenon of chimerism and its impact on Y-STR. Hair sample was found the most suitable sample which had no donor DNA profiling up to 90 days.

Keywords: bone marrow transplantation, chimerism, DNA profiling, Y-STR

Procedia PDF Downloads 113

Authors: Xueying Zhao, Ke Ma, Hui Li, Yu Cao, Fan Yang, Qingwen Xu, Wenbin Liu

Abstract:

Massively parallel sequencing (MPS) technologies allow high-throughput sequencing analyses with a relatively affordable price and have gradually been applied to forensic casework. MPS technology identifies short tandem repeat (STR) loci based on sequence so that repeat motif variation within STRs can be detected, which may help one to infer the origin of the mutation in some cases. Here, we report on one case with one three-step mismatch (D18S51) in family trios based on both capillary electrophoresis (CE) and MPS typing. The alleles of the alleged father (AF) are [AGAA]₁₇AGAG[AGAA]₃ and [AGAA]₁₅. The mother’s alleles are [AGAA]₁₉ and [AGAA]₉AGGA[AGAA]₃. The questioned child’s (QC) alleles are [AGAA]₁₉ and [AGAA]₁₂. Given that the sequence variants in repeat regions of AF and mother are not observed in QC’s alleles, the QC’s allele [AGAA]₁₂ was likely inherited from the AF’s allele [AGAA]₁₅ by loss of three repeat [AGAA]. Besides, two new alleles of D18S51 in this study, [AGAA]₁₇AGAG[AGAA]₃ and [AGAA]₉AGGA[AGAA]₃, have not been reported before. All the results in this study were verified using Sanger-type sequencing. In summary, the MPS typing method can offer valuable information for forensic genetics research and play a promising role in paternity testing.

Keywords: family trios analysis, forensic casework, ion torrent personal genome machine (PGM), massively parallel sequencing (MPS)

Procedia PDF Downloads 272

Authors: Sarah K. Taylor, Miratun M. Saharuddin, Zabri A. Talib

Abstract:

Cybercrime is on the rise, and yet many Law Enforcement Agencies (LEAs) in Malaysia have no Digital Forensics Laboratory (DFL) to assist them in the attrition and analysis of digital evidence. From the estimated number of 30 LEAs in Malaysia, sadly, only eight of them owned a DFL. All of the DFLs are concentrated in the capital of Malaysia and none at the state level. LEAs are still depending on the national DFL (CyberSecurity Malaysia) even for simple and straightforward cases. A survey was conducted among LEAs in Malaysia owning a DFL to understand their history of establishing the DFL, the challenges that they faced and the significance of the DFL to their case investigation. The results showed that the while some LEAs faced no challenge in establishing a DFL, some of them took seven to 10 years to do so. The reason was due to the difficulty in convincing their management because of the high costs involved. The results also revealed that with the establishment of a DFL, LEAs were better able to get faster forensic result and to meet agency’s timeline expectation. It is also found that LEAs were also able to get more meaningful forensic results on cases that require niche expertise, compared to sending off cases to the national DFL. Other than that, cases are getting more complex, and hence, a continuous stream of budget for equipment and training is inevitable. The result derived from the study is hoped to be used by other LEAs in justifying to their management the benefits of establishing an in-house DFL.

Keywords: digital evidence, digital forensics, digital forensics laboratory, law enforcement agency

Procedia PDF Downloads 136

Authors: Zolani Metu

Abstract:

The death of more than 140 psychiatric patients who were unethically deinstitutionalized from the Life Esidimeni hospital Johannesburg, in 2016, shined a light on South Africa’s failing public mental healthcare system. Compounded by insufficient research evidence on African deinstitutionalization, this necessitates inquiries into deinstitutionalized mental healthcare, reintegration and community-based mental healthcare within the South African context. This study employed a quantitative research approach which utilized a cross-sectional research design, to investigate experiences with the reintegration of institutionalized forensic mental health service users into communities in the Western Cape, South Africa. A convenience sample of 100 mental health care workers from different occupational and organizational backgrounds in the Western Cape was purposively selected using the Western Cape Health Directorate as a sampling frame. A self-administered questionnaire (SAQ) was used as the data collection instrument. The results of the study indicate that criminogenic factors such as substance use, history of violent behaviour, criminal history and disruptive social behaviour complicate the reintegration of forensic mental health service users into communities. The current extent of reintegration of forensic mental health service users was found to be 'poor' (46%; n= 46); and financial difficulties, criminogenic factors and limited Community-Based Care (CBC) facilities were identified as key barriers to the reintegration process. 56% of all job applications for forensic mental health service users were unsuccessful, and 53% of all applications for their admission into CBC facilities were declined. Although social support (informal) was found to be essential for successful reintegration, institutional support (formal) through assertive community treatment (35%; n= 35) and CBC facilities (21%) and the disability grant (DG=50%) was found to be more important for family coping and reintegration. Moreover, 72% of respondents had positive perceptions about the process of reintegration; no statistically significant relationship was found between years of experience and perceptions about reintegration (P-value = 0.062); and perceptions were not found to be a barrier to reintegration. No statistically significant relationship was found between years of working experience and understanding the legislative framework of deinstitutionalization (P-Value =.0.061). However, using a Chi-square test, a significant relationship (P-value = 0.021) was found between sex and understanding the legal framework involved in the process of reintegration. The study recommends a post-2020 deinstitutionalization agenda that factors-in criminogenic realities associated with forensic mental health service users, and affirms the strengthening of PHC and community based care systems as precedents of successful deinstitutionalization and reintegration of mental health service users.

Keywords: forensic mental health, deinstitutionalization, reintegration, mental health service users

Procedia PDF Downloads 130

Authors: Sophie Oakes-Rogers, Di Bailey, Karen Slade

Abstract:

Female offenders are a uniquely vulnerable group, who are at high risk of suicide. Whilst the prevention of self-harm and suicide remains a key global priority, we need to better understand the relationship between these challenging behaviours that constitute a pressing problem, particularly in environments designed to prioritise safety and security. Method choice is unlikely to be random, and is instead influenced by a range of cultural, social, psychological and environmental factors, which change over time and between countries. A key aspect of self-harm and suicide in women receiving forensic care is the lack of free access to methods. At a time where self-harm and suicide rates continue to rise internationally, understanding the role of these influencing factors and the impact of current suicide prevention strategies on the use of near-lethal methods is crucial. This poster presentation will present findings from 25 interviews and 3 focus groups, which enlisted a Participatory Action Research approach to explore the differences between self-harming and suicidal behavior. A key element of this research was using the lived experiences of women receiving forensic care from one forensic pathway in the UK, and the staffs who care for them, to discuss the role of near-lethal self-harm (NLSH). The findings and suggestions from the lived accounts of the women and staff will inform a draft assessment tool, which better assesses the risk of suicide based on the lethality of methods. This tool will be the first of its kind, which specifically captures the needs of women receiving forensic services. Preliminary findings indicate women engage in NLSH for two key reasons and is determined by their history of self-harm. Women who have a history of superficial non-life threatening self-harm appear to engage in NLSH in response to a significant life event such as family bereavement or sentencing. For these women, suicide appears to be a realistic option to overcome their distress. This, however, differs from women who appear to have a lifetime history of NLSH, who engage in such behavior in a bid to overcome the grief and shame associated with historical abuse. NLSH in these women reflects a lifetime of suicidality and indicates they pose the greatest risk of completed suicide. Findings also indicate differences in method selection between forensic provisions. Restriction of means appears to play a role in method selection, and findings suggest it causes method substitution. Implications will be discussed relating to the screening of female forensic patients and improvements to the current suicide prevention strategies.

Keywords: forensic mental health, method substitution, restriction of means, suicide

Procedia PDF Downloads 144

Authors: Ward Bakker, Shadi Alhakimi

Abstract:

The amount of people moving towards more privacy focused instant messaging applications has grown significantly. Signal is one of these instant messaging applications, which makes Signal interesting for digital investigators. In this research, we evaluate the artifacts that are generated by the Signal messenger for Android. This evaluation was done by using the features that Signal provides to create artifacts, whereafter, we made an image of the internal storage and the process memory. This image was analysed manually. The manual analysis revealed the content that Signal stores in different locations during its operation. From our research, we were able to identify the artifacts and interpret how they were used. We also examined the source code of Signal. Using our obtain knowledge from the source code, we developed a tool that decrypts some of the artifacts using the key stored in the Android Keystore. In general, we found that most artifacts are encrypted and encoded, even after decrypting some of the artifacts. During data visualization, some artifacts were found, such as that Signal does not use relationships between the data. In this research, two interesting groups of artifacts were identified, those related to the database and those stored in the process memory dump. In the database, we found plaintext private- and group chats, and in the memory dump, we were able to retrieve the plaintext access code to the application. Nevertheless, we conclude that Signal contains a wealth of artifacts that could be very valuable to a digital forensic investigation.

Keywords: forensic, signal, Android, digital

Procedia PDF Downloads 38

Authors: Sijuade A. A., Oguntoye J. P., Awodoye O. O., Adedapo O. A., Wahab W. B., Okediran O. O., Omidiora E. O., Olabiyisi S. O.

Abstract:

Electronic voting systems have been introduced to improve the efficiency, accuracy, and transparency of the election process in many countries around the world, including Nigeria. However, concerns have been raised about the security and integrity of these systems. One way to address these concerns is through the implementation of electronic forensic election audit systems. This study aims to evaluate voters' intention to the adoption of electronic forensic election audit systems using the Unified Theory of Acceptance and Use of Technology (UTAUT) model. In the study, the UTAUT model which is a widely used model in the field of information systems to explain the factors that influence individuals' intention to use a technology by integrating performance expectancy, effort expectancy, social influence, facilitating conditions, cost factor and privacy factor to voters’ behavioural intention was proposed. A total of 294 sample data were collected from a selected population of electorates who had at one time or the other participated in at least an electioneering process in Nigeria. The data was then analyzed statistically using Partial Least Square Structural Equation Modeling (PLS-SEM). The results obtained show that all variables have a significant effect on the electorates’ behavioral intention to adopt the development and implementation of an electronic forensic election audit system in Nigeria.

Keywords: election Audi, voters, UTAUT, performance expectancy, effort expectancy, social influence, facilitating condition social influence, facilitating conditions, cost factor, privacy factor, behavioural intention

Procedia PDF Downloads 35

Authors: Lilian Noronha Nassif

Abstract:

Cybercrime investigation demands an appropriated evidence collection mechanism. If the investigator does not acquire digital proofs in a forensic sound, some important information can be lost, and judges can discard case evidence because the acquisition was inadequate. The correct digital forensic seizing involves preparation of professionals from fields of law, police, and computer science. This paper presents important challenges faced during evidence collection in different perspectives of places. The crime scene can be virtual or real, and technical obstacles and privacy concerns must be considered. All pointed challenges here highlight the precautions to be taken in the digital evidence collection and the suggested procedures contribute to the best practices in the digital forensics field.

Keywords: digital evidence, digital forensics process and procedures, mobile forensics, cloud forensics

Procedia PDF Downloads 376

Authors: Zainurrasyid Abdullah, Mohamed Fadzlee Sulaiman, Muhammad Fadzlan Zainal, M. Zabri Adil Talib, Aswami Fadillah M. Ariffin

Abstract:

The Onion Router (Tor) browser is a well-known tool and widely used by people who seeking for web anonymity when browsing the internet. Criminals are taking this advantage to be anonymous over the internet. Accessing the dark web could be the significant reason for the criminal in order for them to perform illegal activities while maintaining their anonymity. For a digital forensic analyst, it is crucial to extract the trail of evidence in proving that the criminal’s computer has used Tor browser to conduct such illegal activities. By applying the digital forensic methodology, several techniques could be performed including application analysis, memory analysis, and registry analysis. Since Windows 10 is the latest operating system released by Microsoft Corporation, this study will use Windows 10 as the operating system platform that running Tor browser. From the analysis, significant artifacts left by Tor browser were discovered such as the execution date, application installation date and browsing history that can be used as an evidence. Although Tor browser was designed to achieved anonymity, there is still some trail of evidence can be found in Windows 10 platform that can be useful for investigation.

Keywords: artifacts analysis, digital forensics, forensic analysis, memory analysis, registry analysis, tor browser, Windows 10

Procedia PDF Downloads 139

Authors: Mohamed Izzharif Abdul Halim, Niamh Nic Daeid

Abstract:

Determining the source of pen inks used on a variety of documents is impartial for forensic document examiners. The examination of inks is often performed to differentiate between inks in order to evaluate the authenticity of a document. A ballpoint pen ink consists of synthetic dyes in (acidic and/or basic), pigments (organic and/or inorganic) and a range of additives. Inks of similar color may consist of different composition and are frequently the subjects of forensic examinations. This study emphasizes on blue ballpoint pen inks available in the market because it is reported that approximately 80% of questioned documents analysis involving ballpoint pen ink. Analytical techniques such as thin layer chromatography, high-performance liquid chromatography, UV-vis spectroscopy, luminescence spectroscopy and infrared spectroscopy have been used in the analysis of ink samples. In this study, application of Diamond Attenuated Total Reflectance (ATR) FTIR is straightforward but preferable in forensic science as it offers no sample preparation and minimal analysis time. The data obtained from these techniques were further analyzed using multivariate chemometric methods which enable extraction of more information based on the similarities and differences among samples in a dataset. It was indicated that some pens from the same manufactures can be similar in composition, however, discrete types can be significantly different.

Keywords: ATR FTIR, ballpoint, multivariate chemometric, PCA

Procedia PDF Downloads 422

Authors: Blerim Olluri

Abstract:

A forensic science laboratory in Kosovo has never been organized at the level of most modern forensic science laboratories. This was made possible after the war of 1999 with the help and support from the United States. The United States Government/ICITAP provided 9.5 million dollars to support this project, this support have greatly benefitted law enforcement in Kosovo. With the establishment of Operative Procedures of Work and the law for Kosovo Agency of Forensic, the accreditation with ISO/IEC 17025 of the KAF labs it becomes mandatory. Since 2012 Laboratory’s DNA/Serology and Narcotics has begun reviewing and harmonizing their procedures according to ISO/IEC 17025. The focus of this work was to create quality manuals, procedures, work instructions, quality documentation and quality records. Furthermore, during this time is done the validation of work methods from scientific qualified personnel of KAF, without any help from other foreign agencies or accreditation body.In October 2014 we had the first evaluation based on ISO 17025 standards. According to the initial report of this assessment we have non conformity in test and Calibration methods method’s, and accommodation and environmental conditions. We identified several issues that are of extreme importance to KAF. One the most important issue is to create a professional group with experts of KAF, which will work in all the obligations, requested from ISO/IEC 17025. As conclusions that we earn in this path of accreditation, are that laboratory’s need to take corrective action, and all nonconformance’s must be addressed and corrective action taken before accreditation can be granted.

Keywords: accreditation, assessment, narcotics, DNA

Procedia PDF Downloads 337

Authors: G. V. Sai Soumya, Kalpesh Solanki, Sumit K. Choudhary

Abstract:

Necropsy is another term used for an autopsy, which is known as death examination in the case of animals. It is a complete standardized procedure involving dissection, observation, interpretation, and documentation. Government Bodies like National Tiger Conservation Authority (NTCA) have given standard operating procedures for commencing the necropsies. Necropsies are rarely performed as compared to autopsies performed on human bodies. There are no databases which maintain the count of autopsies in wildlife, but the research in this area has shown a very small number of necropsies. Long back, wildlife forensics came into existence but is coming into light nowadays as there is an increase in wildlife crime cases, including the smuggling of trophies, pooching, and many more. Physical examination in cases of animals is not sufficient to yield fruitful information, and thus postmortem examination plays an important role. Postmortem examination helps in the determination of time since death, cause of death, manner of death, factors affecting the case under investigation, and thus decreases the amount of time required in solving cases. Increasing the rate of necropsies will help forensic veterinary pathologists to build standardized provision and confidence within them, which will ultimately yield a higher success rate in solving wildlife crime cases.

Keywords: necropsy, wildlife crime, postmortem examination, forensic application

Procedia PDF Downloads 98

Authors: O. Abiodun Adeyinka, B. Adeyemo Adesesan

Abstract:

The forensic use of handwriting depends on the analysis, comparison, and evaluation decisions made by forensic document examiners. When using biometric technology in forensic applications, it is necessary to compute Likelihood Ratio (LR) for quantifying strength of evidence under two competing hypotheses, namely the prosecution and the defense hypotheses wherein a set of assumptions and methods for a given data set will be made. It is therefore important to know how repeatable and reproducible our estimated LR is. This paper evaluated the accuracy and reproducibility of examiners' decisions. Confidence interval for the estimated LR were presented so as not get an incorrect estimate that will be used to deliver wrong judgment in the court of Law. The estimate of LR is fundamentally a Bayesian concept and we used two LR estimators, namely Logistic Regression (LoR) and Kernel Density Estimator (KDE) for this paper. The repeatability evaluation was carried out by retesting the initial experiment after an interval of six months to observe whether examiners would repeat their decisions for the estimated LR. The experimental results, which are based on handwriting dataset, show that LR has different confidence intervals which therefore implies that LR cannot be estimated with the same certainty everywhere. Though the LoR performed better than the KDE when tested using the same dataset, the two LR estimators investigated showed a consistent region in which LR value can be estimated confidently. These two findings advance our understanding of LR when used in computing the strength of evidence in handwriting using forensics.

Keywords: confidence interval, handwriting, kernel density estimator, KDE, logistic regression LoR, repeatability, reproducibility

Procedia PDF Downloads 89

Authors: M. O. Ezegbogu, H. B. Osadolor

Abstract:

Lipsticks constitute a significant source of transfer evidence, and can, therefore, provide corroborative or inclusionary evidence in criminal investigation. This study aimed to determine the uniqueness and persistence of different lipstick smears using Thin Layer Chromatography (TLC), and Gas Chromatography with a Flame Ionisation Detector (GC-FID). In this study, we analysed lipstick smears retrieved from tea cups exposed to the environment for up to four weeks. The n-alkane content of each sample was determined using GC-FID, while TLC was used to determine the number of bands, and retention factor of each band per smear. This study shows that TLC gives more consistent results over a 4-week period than GC-FID. It also proposes a maximum exposure time of two weeks for the analysis of lipsticks left in the open using GC-FID. Finally, we conclude that neither TLC nor GC-FID can distinguish lipstick evidence recovered from hypothetical crime scenes.

Keywords: forensic science, chromatography, identification, lipstick

Procedia PDF Downloads 151

Authors: Katie E. Jennings

Abstract:

The interactions between family dynamics and environmental factors with mental health vulnerability in individuals are well known and are a theme for on-going research and debate. The impact upon mental health issues and forensic issues on family dynamics, experience, and emotional wellbeing cannot be over-Emphasised. For forensic patients with diagnosed mental disorders, these relationships and environments may have also been functionally linked to the development and maintenance of those disorders; with significant adverse childhood experiences being a common feature of many Patient’s histories. Mental health hospitals remove the patient from their home environments and provide treatment outside of these relationships and often outside of the home area. There is, therefore, a major focus on Services ensuring that patients are able to build and maintain relationships with family and friends, requiring services to involve families in Patients' care and treatment wherever possible. There are standards set by Government and clinical bodies that require absolute demonstration of the inclusion of family and friends in all aspects of the care and treatment of forensic patients. For some patients and family members, this push to take on a “role” in care can be unhelpful, extremely stressful, and has constant implications for the potential delicate reparation of relationships. Based on work undertaken for over 20 years in forensic mental health settings, this paper explores the positive psychology approach to a dimensional model to family inclusion in mental health care that learns from family court work and allows for the maintenance of relationships to be at both proximal and Distil levels; to prevent the replication of abuse, decrease the need for falsehoods and assist the recovery of all. The model is based on allowing families to choose to not be involved or be involved in different ways if this is seen to be more helpful. It also allows patients to choose the level of potential involvement that they would find helpful, and for this to be reviewed at a timeframe agreed by all parties, rather than when the next survey is due or the patient has a significant care meeting. This paper is significant as there is a lack of research to support services to use a positive psychology approach to work in this area, the assumption that being asked to be involved must be positive for all seems naïve at best for this patient group. Work relating to the psychology of family can significantly contribute to the development of knowledge in this area. The development of a dimensional model will support choice within families and assist in the development of more honest and open relationships.

Keywords: family dynamics, forensic, mental disorder, positive psychology

Procedia PDF Downloads 118

Authors: Bagus Hanindhito, Fariz Azmi Pratama, Ulfah Nadiya

Abstract:

Nowadays, digital system including, but not limited to, computer and internet have penetrated the education system widely. Critical information such as students’ academic records is stored in a server off- or on-campus. Although several countermeasures have been taken to protect the vital resources from outsider attack, the defense from insiders threat is not getting serious attention. At the end of 2017, a security incident that involved academic information system in one of the most respected universities in Indonesia affected not only the reputation of the institution and its academia but also academic integrity in Indonesia. In this paper, we will explain our efforts in investigating this security incident where we have implemented a novel rapid evidence remote acquisition method in high-availability server and storage system thus our data collection efforts do not disrupt the academic information system and can be conducted remotely minutes after incident report has been received. The acquired evidence is analyzed during digital forensic by constructing the model of the system in an isolated environment which allows multiple investigators to work together. In the end, the suspect is identified as a student (insider), and the investigation result is used by prosecutors to charge the suspect as an academic crime.

Keywords: academic information system, academic crime, digital forensic, high-availability server and storage, rapid evidence remote acquisition, security incident

Procedia PDF Downloads 120

Authors: W. C. Bracken

Abstract:

Given that concrete masonry walls are expected to experience shrinkage combined with thermal expansion and contraction, and in some cases even carbonation, throughout their service life, cracking is to be expected. However, after concrete masonry walls have been placed into service, originally anticipated and accounted for cracking is often misdiagnosed as a structural defect. Such misdiagnoses often result in or are used to support litigation. This paper begins by discussing the causes and types of anticipated cracking within concrete masonry walls followed by a discussion on the processes and analyses that exists for properly evaluating them and their significance. From here, the paper then presents a case of misdiagnosed concrete masonry cracking and the flawed logic employed to support litigation.

Keywords: concrete masonry, masonry wall cracking, structural defect, structural damage, construction defect, forensic investigation

Procedia PDF Downloads 203

Authors: Mustapha Aminu Bagiwa, Ainuddin Wahid Abdul Wahab, Mohd Yamani Idna Idris, Suleman Khan

Abstract:

Video source device identification has become a problem of concern in numerous domains especially in multimedia security and digital investigation. This is because videos are now used as evidence in legal proceedings. Source device identification aim at identifying the source of digital devices using the content they produced. However, due to affordable processing tools and the influx in digital content generating devices, source device identification is still a major problem within the digital forensic community. In this paper, we discuss source device identification for digital videos by identifying techniques that were proposed in the literature for model or specific device identification. This is aimed at identifying salient open challenges for future research.

Keywords: video forgery, source camcorder, device identification, forgery detection

Procedia PDF Downloads 591