Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 4077

Search results for: forensic investigation

4077 Digital Forensic Investigation: A Methodology for Crime Specific Framework

Authors: Lavanya Sanapala, Lakshmeeswari Gondi

Abstract:

The Digital Forensic Investigation Process Models guide law enforcement agencies to understand the digital crime investigation process and ensure that they follow forensically sound procedures for extracting evidence. The digital evidence of present crimes spread across multiple sources. Identifying evident artifacts from all the spread sources is a mandate to proceed further in the investigation and is a tedious task for an Incident responder or a new practitioner. The current digital forensic process models are confined to the device or its operating environment. This paper presents the current state of art Digital Forensic Investigation Process (DFIP) models in search of whether the model is suitable for crime-specific investigation and provides crime-related knowledge or not. We propose an algorithm model methodology and knowledge base for crime-specific digital forensic investigation. The knowledge base provides the crime-related information like the nature of the crime, source of the attack, persistence of crime-related evidence, and their locations in the corresponding devices. The methodology is suitable for conducting crime-specific digital forensic investigations from all the sources involved in the crime timely and effectively.

Keywords: algorithm model, crime specific framework, digital forensic investigation, knowledge base

Procedia PDF Downloads 2
4076 Directing the Forensic Investigation of a Catastrophic Structure Collapse: The Jacksonville Parking Garage Collapse

Authors: William C. Bracken

Abstract:

This paper discusses the forensic investigation of a fatality-involved catastrophic structure collapse and the special challenges faced when tasked with directing such an effort. While this paper discusses the investigation’s findings and the outcome of the event; this paper’s primary focus is on the challenges faced directing a forensic investigation that requires coordinating with governmental oversight while also having to accommodate multiple parties’ investigative teams. In particular the challenges discussed within this paper included maintaining on-site safety and operations while accommodating outside investigator’s interests. In addition this paper discusses unique challenges that one may face such as what to do about unethical conduct of interested party’s investigative teams, “off the record” sharing of information, and clandestinely transmitted evidence.

Keywords: catastrophic structure collapse, collapse investigation, Jacksonville parking garage collapse, forensic investigation

Procedia PDF Downloads 253
4075 Anomaly Detection of Log Analysis using Data Visualization Techniques for Digital Forensics Audit and Investigation

Authors: Mohamed Fadzlee Sulaiman, Zainurrasyid Abdullah, Mohd Zabri Adil Talib, Aswami Fadillah Mohd Ariffin

Abstract:

In common digital forensics cases, investigation may rely on the analysis conducted on specific and relevant exhibits involved. Usually the investigation officer may define and advise digital forensic analyst about the goals and objectives to be achieved in reconstructing the trail of evidence while maintaining the specific scope of investigation. With the technology growth, people are starting to realize the importance of cyber security to their organization and this new perspective creates awareness that digital forensics auditing must come in place in order to measure possible threat or attack to their cyber-infrastructure. Instead of performing investigation on incident basis, auditing may broaden the scope of investigation to the level of anomaly detection in daily operation of organization’s cyber space. While handling a huge amount of data such as log files, performing digital forensics audit for large organization proven to be onerous task for the analyst either to analyze the huge files or to translate the findings in a way where the stakeholder can clearly understand. Data visualization can be emphasized in conducting digital forensic audit and investigation to resolve both needs. This study will identify the important factors that should be considered to perform data visualization techniques in order to detect anomaly that meet the digital forensic audit and investigation objectives.

Keywords: digital forensic, data visualization, anomaly detection , log analysis, forensic audit, visualization techniques

Procedia PDF Downloads 202
4074 A Method to Enhance the Accuracy of Digital Forensic in the Absence of Sufficient Evidence in Saudi Arabia

Authors: Fahad Alanazi, Andrew Jones

Abstract:

Digital forensics seeks to achieve the successful investigation of digital crimes through obtaining acceptable evidence from digital devices that can be presented in a court of law. Thus, the digital forensics investigation is normally performed through a number of phases in order to achieve the required level of accuracy in the investigation processes. Since 1984 there have been a number of models and frameworks developed to support the digital investigation processes. In this paper, we review a number of the investigation processes that have been produced throughout the years and introduce a proposed digital forensic model which is based on the scope of the Saudi Arabia investigation process. The proposed model has been integrated with existing models for the investigation processes and produced a new phase to deal with a situation where there is initially insufficient evidence.

Keywords: digital forensics, process, metadata, Traceback, Sauid Arabia

Procedia PDF Downloads 267
4073 Filtering and Reconstruction System for Grey-Level Forensic Images

Authors: Ahd Aljarf, Saad Amin

Abstract:

Images are important source of information used as evidence during any investigation process. Their clarity and accuracy is essential and of the utmost importance for any investigation. Images are vulnerable to losing blocks and having noise added to them either after alteration or when the image was taken initially, therefore, having a high performance image processing system and it is implementation is very important in a forensic point of view. This paper focuses on improving the quality of the forensic images. For different reasons packets that store data can be affected, harmed or even lost because of noise. For example, sending the image through a wireless channel can cause loss of bits. These types of errors might give difficulties generally for the visual display quality of the forensic images. Two of the images problems: noise and losing blocks are covered. However, information which gets transmitted through any way of communication may suffer alteration from its original state or even lose important data due to the channel noise. Therefore, a developed system is introduced to improve the quality and clarity of the forensic images.

Keywords: image filtering, image reconstruction, image processing, forensic images

Procedia PDF Downloads 276
4072 A Software Tool for Computer Forensic Investigation Using Client-Side Web History Visualization

Authors: Francisca Onaolapo Oladipo, Peter Afam Ugwu

Abstract:

Records of user activities which are valuable for forensic investigation purposes are provided by web browsers -these records in most cases are not in visual formats that are easily understood, thereby requiring some extra processes. This paper describes the implementation of a software tool for client-side web history visualization providing suitable forensic evidence for investigative purposes. Visual C#, Perl and gnuplot were deployed on Windows Operating System (OS) environment to implement the system and the resulting tool parses and transforms a web browser history into a visual format that enables an investigator to quickly and efficiently explore, understand, and interpret the user online activities in the context of a specific investigation. The system was tested using two forensic cases: the client-side web history files generated by Mozilla Firefox browser was extracted using MozillaHistoryView utility, then parsed and visualized using bar and stacked column charts. From the visual representation, results of user web activities across various productive and non-productive websites were obtained.

Keywords: history, forensics, visualization, web activities

Procedia PDF Downloads 222
4071 Analysis of Expert Possibilities While Identifying Human Teeth

Authors: Saule Mussabekova

Abstract:

Forensic investigation of human teeth plays an important role in detection of crime, particularly in cases of personal identification of dead bodies changed by putrefactive processes or skeletonized bodies as well as when finding bodies of unknown persons. 152 teeth have been investigated; 85 of them belonged to men and 67 belonged to women taken from alive people of different age. Teeth have been investigated after extraction. Two types of teeth have been investigated: teeth without integrity violation of dental crown and teeth with different degrees of its violation. Additionally, 517 teeth have been investigated that were collected from dead bodies, 252 of which belonged to women and 265 belonged to men, whatever the cause of death with death limitation from 1 month to 20 years. Isohemagglutinating serums and Coliclons of different series have been used for the research of tooth-group specificity by serological methods according to the AB0 system. Standard protocols of different techniques have been used for DNA purification from teeth (by reagent Chelex 100 produced by Bio-Rad using reagent kit 'DNA IQTM System' produced by Promega company (USA) and using columns 'QIAamp DNA Investigator Kit' produced by Qiagen company). Results of comparative forensic investigation of human teeth using serological and molecular genetic methods have shown that use of serological methods for forensic identification is sensible only in cases of preselection prior to the next molecular genetic investigation as well as in cases of impossibility of corresponding genetic investigation for different objective reasons. A number of advantages of methods of molecular genetics in the dental investigation have been marked, particularly in putrefactive changes, in personal identification. Key moments of modern condition of personal identification have been reflected according to dental state. Prospective directions of advance preparation of material have been emphasized for identification of teeth in forensic practice.

Keywords: dental state, forensic identification, molecular genetic analysis, teeth

Procedia PDF Downloads 68
4070 The Conception of Implementation of Vision for European Forensic Science 2020 in Lithuania

Authors: Eglė Bilevičiūtė, Vidmantas Egidijus Kurapka, Snieguolė Matulienė, Sigutė Stankevičiūtė

Abstract:

The Council of European Union (EU Council) has stressed on several occasions the need for a concerted, comprehensive and effective solution to delinquency problems in EU communities. In the context of establishing a European Forensic Science Area and the development of forensic science infrastructure in Europe, EU Council believes that forensic science can significantly contribute to the efficiency of law enforcement, crime prevention and combating crimes. Lithuanian scientists have consolidated to implement a project named “Conception of the vision for European Forensic Science 2020 implementation in Lithuania” (the project is funded for the period of 1 March 2014 - 31 December 2016) with the objective to create a conception of implementation of the vision for European Forensic Science 2020 in Lithuania by 1) evaluating the current status of Lithuania’s forensic system and opportunities for its improvement; 2) analysing achievements and knowledge in investigation of crimes listed in conclusions of EU Council on the vision for European Forensic Science 2020 including creation of a European Forensic Science Area and the development of forensic science infrastructure in Europe: trafficking in human beings, organised crime and terrorism; 3) analysing conceptions of criminalistics, which differ in different EU member states due to the variety of forensic schools, and finding means for their harmonization. Apart from the conception of implementation of the vision for European Forensic Science 2020 in Lithuania, the project is expected to suggest provisions that will be relevant to other EU countries as well. Consequently, the presented conception of implementation of vision for European Forensic Science 2020 in Lithuania could initiate a project for a common vision of European Forensic Science and contribute to the development of the EU as an area of freedom, security and justice. The article presents main ideas of the project of the conception of the vision for European Forensic Science 2020 of EU Council and analyses its legal background, as well as prospects of and challenges for its implementation in Lithuania and the EU.

Keywords: EUROVIFOR, standardization, vision for European Forensic Science 2020, Lithuania

Procedia PDF Downloads 323
4069 Assessment of DNA Degradation Using Comet Assay: A Versatile Technique for Forensic Application

Authors: Ritesh K. Shukla

Abstract:

Degradation of biological samples in terms of macromolecules (DNA, RNA, and protein) are the major challenges in the forensic investigation which misleads the result interpretation. Currently, there are no precise methods available to circumvent this problem. Therefore, at the preliminary level, some methods are urgently needed to solve this issue. In this order, Comet assay is one of the most versatile, rapid and sensitive molecular biology technique to assess the DNA degradation. This technique helps to assess DNA degradation even at very low amount of sample. Moreover, the expedient part of this method does not require any additional process of DNA extraction and isolation during DNA degradation assessment. Samples directly embedded on agarose pre-coated microscopic slide and electrophoresis perform on the same slide after lysis step. After electrophoresis microscopic slide stained by DNA binding dye and observed under fluorescent microscope equipped with Komet software. With the help of this technique extent of DNA degradation can be assessed which can help to screen the sample before DNA fingerprinting, whether it is appropriate for DNA analysis or not. This technique not only helps to assess degradation of DNA but many other challenges in forensic investigation such as time since deposition estimation of biological fluids, repair of genetic material from degraded biological sample and early time since death estimation could also be resolved. With the help of this study, an attempt was made to explore the application of well-known molecular biology technique that is Comet assay in the field of forensic science. This assay will open avenue in the field of forensic research and development.

Keywords: comet assay, DNA degradation, forensic, molecular biology

Procedia PDF Downloads 87
4068 Modified InVEST for Whatsapp Messages Forensic Triage and Search through Visualization

Authors: Agria Rhamdhan

Abstract:

WhatsApp as the most popular mobile messaging app has been used as evidence in many criminal cases. As the use of mobile messages generates large amounts of data, forensic investigation faces the challenge of large data problems. The hardest part of finding this important evidence is because current practice utilizes tools and technique that require manual analysis to check all messages. That way, analyze large sets of mobile messaging data will take a lot of time and effort. Our work offers methodologies based on forensic triage to reduce large data to manageable sets resulting easier to do detailed reviews, then show the results through interactive visualization to show important term, entities and relationship through intelligent ranking using Term Frequency-Inverse Document Frequency (TF-IDF) and Latent Dirichlet Allocation (LDA) Model. By implementing this methodology, investigators can improve investigation processing time and result's accuracy.

Keywords: forensics, triage, visualization, WhatsApp

Procedia PDF Downloads 80
4067 Forensic Imaging as an Effective Learning Tool for Teaching Forensic Pathology to Undergraduate Medical Students

Authors: Vasudeva Murthy Challakere Ramaswamy

Abstract:

Background: Conventionally forensic pathology is learnt through autopsy demonstrations which carry various limitations such as unavailability of cases in the mortuary, medico-legal implication and infection. Over the years forensic pathology and science has undergone significant evolution in this digital world. Forensic imaging is a technology which can be effectively utilized for overcoming the current limitations in the undergraduate learning of forensic curriculum. Materials and methods: demonstration of forensic imaging was done using a novel technology of autopsy which has been recently introduced across the globe. Three sessions were conducted in international medical university for a total of 196 medical students. The innovative educational tool was evacuated by using quantitative questionnaire with the scoring scales between 1 to 10. Results: The mean score for acceptance of new tool was 82% and about 74% of the students recommended incorporation of the forensic imaging in the regular curriculum. 82% of students were keen on collaborative research and taking further training courses in forensic imaging. Conclusion: forensic imaging can be an effective tool and also a suitable alternative for teaching undergraduate students. This feedback also supports the fact that students favour the use of contemporary technologies in learning medicine.

Keywords: forensic imaging, forensic pathology, medical students, learning tool

Procedia PDF Downloads 405
4066 Forensic Science in Dr. Jekyll and Mr. Hyde: Trails of Utterson's Quest

Authors: Kyu-Jeoung Lee, Jae-Uk Choo

Abstract:

This paper focuses on investigating The Strange Case of Dr Jekyll and Mr Hyde from Utterson’s point of view, referring to: Gabriel John Utterson, a central character in the book. Utterson is no different from a forensic investigator, as he tries to collect evidence on the mysterious Mr. Hyde’s relationship to Dr. Jekyll. From Utterson's perspective, Jekyll is the 'victim' of a potential scandal and blackmail, and Hyde is the 'suspect' of a possible 'crime'. Utterson intends to figure out Hyde's identity, connect his motive with his actions, and gather witness accounts. During Utterson’s quest, the outside materials available to him along with the social backgrounds of Hyde and Jekyll will be analyzed. The archives left from Jekyll’s chamber will also play a part providing evidence. Utterson will investigate, based on what he already knows about Jekyll his whole life, and how Jekyll had acted in his eyes until he was gone, and finding out possible explanations for Jekyll's actions. The relationship between Jekyll and Hyde becomes the major question, as the social background offers clues pointing in the direction of illegitimacy and prostitution. There is still a possibility that Jekyll and Hyde were, in fact, completely different people. Utterson received a full statement and confession from Jekyll himself at the end of the story, which gives the reader the possible truth on what happened. Stevenson’s Dr. Jekyll and Mr. Hyde led readers, as it did Utterson, to find the connection between Hyde and Jekyll using methods of history, culture, and science. Utterson's quest to uncover Hyde shows an example of applying the various fields to in his act to see if Hyde's inheritance was legal. All of this taken together could technically be considered forensic investigation.

Keywords: Dr. Jekyll and Mr. Hyde, forensic investigation, illegitimacy, prostitution, Robert Louis Stevenson

Procedia PDF Downloads 134
4065 The Forensic Swing of Things: The Current Legal and Technical Challenges of IoT Forensics

Authors: Pantaleon Lutta, Mohamed Sedky, Mohamed Hassan

Abstract:

The inability of organizations to put in place management control measures for Internet of Things (IoT) complexities persists to be a risk concern. Policy makers have been left to scamper in finding measures to combat these security and privacy concerns. IoT forensics is a cumbersome process as there is no standardization of the IoT products, no or limited historical data are stored on the devices. This paper highlights why IoT forensics is a unique adventure and brought out the legal challenges encountered in the investigation process. A quadrant model is presented to study the conflicting aspects in IoT forensics. The model analyses the effectiveness of forensic investigation process versus the admissibility of the evidence integrity; taking into account the user privacy and the providers’ compliance with the laws and regulations. Our analysis concludes that a semi-automated forensic process using machine learning, could eliminate the human factor from the profiling and surveillance processes, and hence resolves the issues of data protection (privacy and confidentiality).

Keywords: cloud forensics, data protection Laws, GDPR, IoT forensics, machine Learning

Procedia PDF Downloads 67
4064 DNA as an Instrument in Constructing Narratives and Justice in Criminal Investigations: A Socio-Epistemological Exploration

Authors: Aadita Chaudhury

Abstract:

Since at least the early 2000s, DNA profiling has achieved a preeminent status in forensic investigations into criminal acts. While the criminal justice system has a long history of using forensic evidence and testing them through establish technoscientific means, the primacy of DNA in establishing 'truth' or reconstructing a series of events is unparalleled in the history of forensic science. This paper seeks to elucidate the ways in which DNA profiling has become the most authoritative instrument of 'truth' in criminal investigations, and how it is used in the legal process to ascertain culpability, create the notion of infallible evidence, and advance the search for justice. It is argued that DNA profiling has created a paradigm shift in how the legal system and the general public understands crime and culpability, but not without limitations. There are indications that even trace amounts of DNA evidence can point to causal links in a criminal investigation, however, there still remains many rooms to create confusion and doubt from empirical evidence within the narrative of crimes. Many of the shortcomings of DNA-based forensic investigations are explored and evaluated with regards to claims of the authority of biological evidence and implications for the public understanding of the elusive concepts of truth and justice in the present era. Public misinformation about the forensic analysis processes could produce doubt or faith in the judgements rooted in them, depending on other variables presented at the trial. A positivist understanding of forensic science that is shared by the majority of the population does not take into consideration that DNA evidence is far from definitive, and can be used to support any theories of culpability, to create doubt and to deflect blame.

Keywords: DNA profiling, epistemology of forensic science, philosophy of forensic science, sociology of scientific knowledge

Procedia PDF Downloads 138
4063 A Unified Approach for Digital Forensics Analysis

Authors: Ali Alshumrani, Nathan Clarke, Bogdan Ghite, Stavros Shiaeles

Abstract:

Digital forensics has become an essential tool in the investigation of cyber and computer-assisted crime. Arguably, given the prevalence of technology and the subsequent digital footprints that exist, it could have a significant role across almost all crimes. However, the variety of technology platforms (such as computers, mobiles, Closed-Circuit Television (CCTV), Internet of Things (IoT), databases, drones, cloud computing services), heterogeneity and volume of data, forensic tool capability, and the investigative cost make investigations both technically challenging and prohibitively expensive. Forensic tools also tend to be siloed into specific technologies, e.g., File System Forensic Analysis Tools (FS-FAT) and Network Forensic Analysis Tools (N-FAT), and a good deal of data sources has little to no specialist forensic tools. Increasingly it also becomes essential to compare and correlate evidence across data sources and to do so in an efficient and effective manner enabling an investigator to answer high-level questions of the data in a timely manner without having to trawl through data and perform the correlation manually. This paper proposes a Unified Forensic Analysis Tool (U-FAT), which aims to establish a common language for electronic information and permit multi-source forensic analysis. Core to this approach is the identification and development of forensic analyses that automate complex data correlations, enabling investigators to investigate cases more efficiently. The paper presents a systematic analysis of major crime categories and identifies what forensic analyses could be used. For example, in a child abduction, an investigation team might have evidence from a range of sources including computing devices (mobile phone, PC), CCTV (potentially a large number), ISP records, and mobile network cell tower data, in addition to third party databases such as the National Sex Offender registry and tax records, with the desire to auto-correlate and across sources and visualize in a cognitively effective manner. U-FAT provides a holistic, flexible, and extensible approach to providing digital forensics in technology, application, and data-agnostic manner, providing powerful and automated forensic analysis.

Keywords: digital forensics, evidence correlation, heterogeneous data, forensics tool

Procedia PDF Downloads 69
4062 Forensic Analysis of Thumbnail Images in Windows 10

Authors: George Kurian, Hongmei Chi

Abstract:

Digital evidence plays a critical role in most legal investigations. In many cases, thumbnail databases show important information in that investigation. The probability of having digital evidence retrieved from a computer or smart device has increased, even though the previous user removed data and deleted apps on those devices. Due to the increase in digital forensics, the ability to store residual information from various thumbnail applications has improved. This paper will focus on investigating thumbnail information from Windows 10. Thumbnail images of interest in forensic investigations may be intact even when the original pictures have been deleted. It is our research goal to recover useful information from thumbnails. In this research project, we use various forensics tools to collect left thumbnail information from deleted videos or pictures. We examine and describe the various thumbnail sources in Windows and propose a methodology for thumbnail collection and analysis from laptops or desktops. A machine learning algorithm is adopted to help speed up content from thumbnail pictures.

Keywords: digital forensic, forensic tools, soundness, thumbnail, machine learning, OCR

Procedia PDF Downloads 2
4061 The Use of Ontology Framework for Automation Digital Forensics Investigation

Authors: Ahmad Luthfi

Abstract:

One of the main goals of a computer forensic analyst is to determine the cause and effect of the acquisition of a digital evidence in order to obtain relevant information on the case is being handled. In order to get fast and accurate results, this paper will discuss the approach known as ontology framework. This model uses a structured hierarchy of layers that create connectivity between the variant and searching investigation of activity that a computer forensic analysis activities can be carried out automatically. There are two main layers are used, namely analysis tools and operating system. By using the concept of ontology, the second layer is automatically designed to help investigator to perform the acquisition of digital evidence. The methodology of automation approach of this research is by utilizing forward chaining where the system will perform a search against investigative steps and atomically structured in accordance with the rules of the ontology.

Keywords: ontology, framework, automation, forensics

Procedia PDF Downloads 238
4060 Forensic Comparison of Facial Images for Human Identification

Authors: D. P. Gangwar

Abstract:

Identification of human through facial images has got great importance in forensic science. The video recordings, CCTV footage, passports, driver licenses and other related documents are invariably sent to the laboratory for comparison of the questioned photographs as well as video recordings with suspected photographs/recordings to prove the identity of a person. More than 300 questioned and 300 control photographs received in actual crime cases, received from various investigation agencies, have been compared by me so far using various familiar analysis and comparison techniques such as Holistic comparison, Morphological analysis, Photo-anthropometry and superimposition. On the basis of findings obtained during the examination huge photo exhibits, a realistic and comprehensive technique has been proposed which could be very useful for forensic.

Keywords: CCTV Images, facial features, photo-anthropometry, superimposition

Procedia PDF Downloads 457
4059 An Enhanced Digital Forensic Model for Internet of Things Forensic

Authors: Tina Wu, Andrew Martin

Abstract:

The expansion of the Internet of Things (IoT) brings a new level of threat. Attacks on IoT are already being used by criminals to form botnets, launch Distributed Denial of Service (DDoS) and distribute malware. This opens a whole new digital forensic arena to develop forensic methodologies in order to have the capability to investigate IoT related crimes. However, existing proposed IoT forensic models are still premature requiring further improvement and validation, many lack details on the acquisition and analysis phase. This paper proposes an enhanced theoretical IoT digital forensic model focused on identifying and acquiring the main sources of evidence in a methodical way. In addition, this paper presents a theoretical acquisition framework of the different stages required in order to be capable of acquiring evidence from IoT devices.

Keywords: acquisition, Internet of Things, model, zoning

Procedia PDF Downloads 177
4058 Corruption and Economic Performance in Nigeria: The Role of Forensic Accounting

Authors: Jamila Garba Audu, Peter Adamu

Abstract:

This study investigates the role of forensic accounting in the fight against corruption in Nigeria for better utilization of public funds and economic growth and development of the Country. We adopted a trend analysis to show the performance of the Nigerian economy as well as the quality of institutions which government economic and political activities in the country. It is an established fact that Nigeria has performed badly since the 1960s to date in terms of institutional quality and economic development despite large amount of money obtained from the export of crude oil. It was revealed also that the fight against corruption has not been very successful in recent times because experts in the field of forensic accounting have not been utilized. With the successes recorded in dealing with fraud and embezzlement using forensic accounting, it has become imperative for the EFCC to use forensic accountants in the fight against corruption in the country. Also, there is the need to introduce very seriously, the teaching of forensic accounting in Nigerian Universities to train experts.

Keywords: corruption, economic performance, forensic accounting, Nigeria

Procedia PDF Downloads 267
4057 The Application of Insects in Forensic Investigations

Authors: Shirin Jalili, Hadi Shirzad, Samaneh Nabavi, Somayeh Khanjani

Abstract:

Forensic entomology is the science of study and analysis of insects evidences to aid in criminal investigation. Being aware of the distribution, biology, ecology and behavior of insects, which are founded at crime scene can provide information about when, where and how the crime has been committed. It has many application in criminal investigations. Its main use is estimation of the minimum time after death in suspicious death. The close association between insects and corpses and the use of insects in criminal investigations is the subject of forensic entomology. Because insects attack to the decomposing corpse and spawning on it from the initial stages. Forensic scientists can estimate the postmortem index by studying the insects population and the developing larval stages.In addition, toxicological and molecular studies of these insects can reveal the cause of death or even the identity of a victim. It also be used to detect drugs and poisons, and determination of incident location. Gathering robust entomological evidences is made possible for experts by recent Techniques. They can provide vital information about death, corpse movement or burial, submersion interval, time of decapitation, identification of specific sites of trauma, post-mortem artefacts on the body, use of drugs, linking a suspect to the scene of a crime, sexual molestations and the identification of suspects.

Keywords: Forensic entomology, post mortem interval, insects, larvae

Procedia PDF Downloads 422
4056 Forensic Nursing in the Emergency Department: The Overlooked Roles

Authors: E. Tugba Topcu

Abstract:

The emergency services are usually the first places to encounter forensic cases. Hence, it is important to consider forensics from the perspective of the emergency services staff and the physiological and psychological consequences that may arise as a result of behaviour by itself or another person. Accurate and detailed documentation of the situation in which the patient first arrives at the emergency service and preservation of the forensic findings is pivotal for the subsequent forensic investigation. The first step in determining whether or not a forensic case exists is to perform a medical examination of the patient. For each individual suspected to be part of a forensic case, police officers should be informed at the same time as the medical examination is being conducted. Violent events are increasing every year and with an increase in the number of forensic cases, emergency service workers have increasing responsibility and consequently play a key role in protecting, collecting and arranging the forensic evidence. In addition, because the emergency service workers involved in forensic events typically have information about the accused and/or victim, as well as evidence related to the events and the cause of injuries, police officers often require their testimony. However, both nurses and other health care personnel do not typically have adequate expertise in forensic medicine. Emergency nurses should take an active role for determining that whether any patient admitted to the emergency services is a clinical forensic patient the emergency service with injury and requiring possible punishment and knowing of their roles and responsibilities in this area provides legal protection as well as the protection of the judicial affair. Particularly, in emergency services, where rapid patient turnover and high workload exists, patient registration and case reporting may not exist. In such instances, the witnesses, typically the nurses, are often consulted for information. Knowledge of forensic medical matters plays a vital role in achieving justice. According to the Criminal Procedure Law, Article 75, Paragraph 3, ‘an internal body examination or the taking of blood or other biological samples from the body can be performed only by a doctor or other health professional member’. In favour of this item, the clinic nurse and doctor are mainly responsible for evaluating forensic cases in emergency departments, performing the examination, collecting evidence, and storing and reporting data. The courts place considerable importance on determining whether a suspect is the victim or accused and, thus, in terms of illuminating events, it is crucial that any evidence is gathered carefully and appropriately. All the evidence related to the forensic case including the forensic report should be handed over to the police officers. In instances where forensic evidence cannot be collected and the only way to obtain the evidence is the hospital environment, health care personnel in emergency services need to have knowledge about the diagnosis of forensic evidence, the collection of evidence, hiding evidence and provision of the evidence delivery chain.

Keywords: emergency department, emergency nursing, forensic cases, forensic nursing

Procedia PDF Downloads 180
4055 Financial Statement Fraud: The Need for a Paradigm Shift to Forensic Accounting

Authors: Ifedapo Francis Awolowo

Abstract:

The unrelenting series of embarrassing audit failures should stimulate a paradigm shift in accounting. And in this age of information revolution, there is need for a constant improvement on the products or services one offers to the market in order to be relevant. This study explores the perceptions of external auditors, forensic accountants and accounting academics on whether a paradigm shift to forensic accounting can reduce financial statement frauds. Through Neo-empiricism/inductive analytical approach, findings reveal that a paradigm shift to forensic accounting might be the right step in the right direction in order to increase the chances of fraud prevention and detection in the financial statement. This research has implication on accounting education on the need to incorporate forensic accounting into present day accounting curriculum. Accounting professional bodies, accounting standard setters and accounting firms all have roles to play in incorporating forensic accounting education into accounting curriculum. Particularly, there is need to alter the ISA 240 to make the prevention and detection of frauds the responsibilities of bot those charged with the management and governance of companies and statutory auditors.

Keywords: financial statement fraud, forensic accounting, fraud prevention and detection, auditing, audit expectation gap, corporate governance

Procedia PDF Downloads 258
4054 Anti-Forensic Countermeasure: An Examination and Analysis Extended Procedure for Information Hiding of Android SMS Encryption Applications

Authors: Ariq Bani Hardi

Abstract:

Empowerment of smartphone technology is growing very rapidly in various fields of science. One of the mobile operating systems that dominate the smartphone market today is Android by Google. Unfortunately, the expansion of mobile technology is misused by criminals to hide the information that they store or exchange with each other. It makes law enforcement more difficult to prove crimes committed in the judicial process (anti-forensic). One of technique that used to hide the information is encryption, such as the usages of SMS encryption applications. A Mobile Forensic Examiner or an investigator should prepare a countermeasure technique if he finds such things during the investigation process. This paper will discuss an extension procedure if the investigator found unreadable SMS in android evidence because of encryption. To define the extended procedure, we create and analyzing a dataset of android SMS encryption application. The dataset was grouped by application characteristics related to communication permissions, as well as the availability of source code and the documentation of encryption scheme. Permissions indicate the possibility of how applications exchange the data and keys. Availability of the source code and the encryption scheme documentation can show what the cryptographic algorithm specification is used, how long the key length, how the process of key generation, key exchanges, encryption/decryption is done, and other related information. The output of this paper is an extended or alternative procedure for examination and analysis process of android digital forensic. It can be used to help the investigators while they got a confused cause of SMS encryption during examining and analyzing. What steps should the investigator take, so they still have a chance to discover the encrypted SMS in android evidence?

Keywords: anti-forensic countermeasure, SMS encryption android, examination and analysis, digital forensic

Procedia PDF Downloads 62
4053 The Use of Artificial Intelligence in Digital Forensics and Incident Response in a Constrained Environment

Authors: Dipo Dunsin, Mohamed C. Ghanem, Karim Ouazzane

Abstract:

Digital investigators often have a hard time spotting evidence in digital information. It has become hard to determine which source of proof relates to a specific investigation. A growing concern is that the various processes, technology, and specific procedures used in the digital investigation are not keeping up with criminal developments. Therefore, criminals are taking advantage of these weaknesses to commit further crimes. In digital forensics investigations, artificial intelligence is invaluable in identifying crime. It has been observed that an algorithm based on artificial intelligence (AI) is highly effective in detecting risks, preventing criminal activity, and forecasting illegal activity. Providing objective data and conducting an assessment is the goal of digital forensics and digital investigation, which will assist in developing a plausible theory that can be presented as evidence in court. Researchers and other authorities have used the available data as evidence in court to convict a person. This research paper aims at developing a multiagent framework for digital investigations using specific intelligent software agents (ISA). The agents communicate to address particular tasks jointly and keep the same objectives in mind during each task. The rules and knowledge contained within each agent are dependent on the investigation type. A criminal investigation is classified quickly and efficiently using the case-based reasoning (CBR) technique. The MADIK is implemented using the Java Agent Development Framework and implemented using Eclipse, Postgres repository, and a rule engine for agent reasoning. The proposed framework was tested using the Lone Wolf image files and datasets. Experiments were conducted using various sets of ISA and VMs. There was a significant reduction in the time taken for the Hash Set Agent to execute. As a result of loading the agents, 5 percent of the time was lost, as the File Path Agent prescribed deleting 1,510, while the Timeline Agent found multiple executable files. In comparison, the integrity check carried out on the Lone Wolf image file using a digital forensic tool kit took approximately 48 minutes (2,880 ms), whereas the MADIK framework accomplished this in 16 minutes (960 ms). The framework is integrated with Python, allowing for further integration of other digital forensic tools, such as AccessData Forensic Toolkit (FTK), Wireshark, Volatility, and Scapy.

Keywords: artificial intelligence, computer science, criminal investigation, digital forensics

Procedia PDF Downloads 133
4052 Adoption and Diffusion of Valuation Standards in the Forensic Accounting Community and in Courts: Facilitating and Inhibiting Factors

Authors: Matteo Manera, Mariateresa Torchia, Gregory Moscato

Abstract:

Forensic accounting is a hot subject of research in accounting. Valuation remains one of the major topics for practitioners. Valuation standards are a powerful instrument that can contribute to a fair process: their use aims at reducing subjectivity and arbitrary decisions in courts. In most jurisdictions, valuation standards are not the law: forensic accountants are not obliged to use valuation standards when they perform valuation works for judges. To date, as far as we know, no literature work has investigated adoption and diffusion of valuation standards in the forensic accounting space. In this paper, we analyze the spread of valuation standards through the lenses of isomorphism and -as corollaries- of Agency Theory and Signaling Theory. Because of lack of research in the particular area of valuation standards adoption, the present work relies on qualitative, exploratory research, based on semi-structured interviews conducted (up to saturation) with expert forensic accountants. Our work digs into motivations behind adoption and diffusion, as well into perceptions of forensic accountants around benefits of valuation standards and into barriers to their diffusion: the result is that, while the vast majority of forensic accountants praise the great work of the standards setters in introducing valuation standards, it might be that less than 50% of forensic accountants actually use valuation standards, in courts. Our preliminary findings, to be supported or refuted by future research, lead us to address a “trilogy” of recommendations to the stakeholders involved in the process of adoption and diffusion of valuation standards in courts.

Keywords: forensic accounting, valuation standards, adoption of standards, motivations, benefits, barriers, Isomorphism

Procedia PDF Downloads 74
4051 The Proactive Approach of Digital Forensics Methodology against Targeted Attack Malware

Authors: Mohamed Fadzlee Sulaiman, Mohd Zabri Adil Talib, Aswami Fadillah Mohd Ariffin

Abstract:

Each individual organization has their own mechanism to build up cyber defense capability in protecting their information infrastructures from data breaches and cyber espionage. But, we can not deny the possibility of failing to detect and stop cyber attacks especially for those targeting credential information and intellectual property (IP). In this paper, we would like to share the modern approach of effective digital forensic methodology in order to identify the artifacts in tracing the trails of evidence while mitigating the infection from the target machine/s. This proposed approach will suit the digital forensic investigation to be conducted while resuming the business critical operation after mitigating the infection and minimizing the risk from the identified attack to transpire. Therefore, traditional digital forensics methodology has to be improvised to be proactive which not only focusing to discover the root caused and the threat actor but to develop the relevant mitigation plan in order to prevent from the same attack.

Keywords: digital forensic, detection, eradication, targeted attack, malware

Procedia PDF Downloads 196
4050 Towards a Proof Acceptance by Overcoming Challenges in Collecting Digital Evidence

Authors: Lilian Noronha Nassif

Abstract:

Cybercrime investigation demands an appropriated evidence collection mechanism. If the investigator does not acquire digital proofs in a forensic sound, some important information can be lost, and judges can discard case evidence because the acquisition was inadequate. The correct digital forensic seizing involves preparation of professionals from fields of law, police, and computer science. This paper presents important challenges faced during evidence collection in different perspectives of places. The crime scene can be virtual or real, and technical obstacles and privacy concerns must be considered. All pointed challenges here highlight the precautions to be taken in the digital evidence collection and the suggested procedures contribute to the best practices in the digital forensics field.

Keywords: digital evidence, digital forensics process and procedures, mobile forensics, cloud forensics

Procedia PDF Downloads 296
4049 Proposition on Improving Environmental Forensic System in China

Authors: Huilei Wang, Yuanfeng Wang

Abstract:

In the early period of China, economy developed rapidly at the cost of environment. Recently, it is generally recognized that the heavily polluted environment not only puts a brake on economic development but also paces negative impact on people’ health as well as probably next decades of generations. Accordingly, the latest Environmental Protection Law revised in 2014 makes a clear-cut division of environmental responsibility and regulates stricter penalties of breaching law. As the new environmental law is enforced gradually, environmental forensic is increasingly required in the process of ascertaining facts in judicial proceedings of environmental cases. Based on the outcomes of documentary analysis for all environmental cases judged on the basis of new environmental law, it is concluded that there still exists problems in present system of environmental forensic. Thus, this paper is aimed to make proposition on improving Chinese environmental forensic system, which involves: (i) promoting capability of environmental forensic system (EFS) to handle professional questions; (ii) develop price mechanism; (iii) multi-departments cooperate to establish unifying and complete EFS system;(iv) enhance the probative value of results of EFS. Such protocol for amending present regulation on environmental forensic is of significant importance because a quality report of environmental forensic will contributes to providing strong probative evidence of culprits’ activity of releasing contaminant into environment, degree of damages for victims and above all, causality between the behavior of public nuisance and damages.

Keywords: China, environmental cases, environmental forensic system, proposition

Procedia PDF Downloads 291
4048 Comparative Forensic Analysis of Lipsticks Using Thin Layer Chromatography and Gas Chromatography

Authors: M. O. Ezegbogu, H. B. Osadolor

Abstract:

Lipsticks constitute a significant source of transfer evidence, and can, therefore, provide corroborative or inclusionary evidence in criminal investigation. This study aimed to determine the uniqueness and persistence of different lipstick smears using Thin Layer Chromatography (TLC), and Gas Chromatography with a Flame Ionisation Detector (GC-FID). In this study, we analysed lipstick smears retrieved from tea cups exposed to the environment for up to four weeks. The n-alkane content of each sample was determined using GC-FID, while TLC was used to determine the number of bands, and retention factor of each band per smear. This study shows that TLC gives more consistent results over a 4-week period than GC-FID. It also proposes a maximum exposure time of two weeks for the analysis of lipsticks left in the open using GC-FID. Finally, we conclude that neither TLC nor GC-FID can distinguish lipstick evidence recovered from hypothetical crime scenes.

Keywords: forensic science, chromatography, identification, lipstick

Procedia PDF Downloads 63