Search results for: web forensic

Authors: Gurinder Singh, Kulbir Singh

Abstract:

Digital multimedia contents such as image, video, and audio can be tampered easily due to the availability of powerful editing softwares. Multimedia forensics is devoted to analyze these contents by using various digital forensic techniques in order to validate their authenticity. Digital image forensics is dedicated to investigate the reliability of digital images by analyzing the integrity of data and by reconstructing the historical information of an image related to its acquisition phase. In this paper, a survey is carried out on the forgery detection by considering the most recent and promising digital image forensic techniques.

Keywords: Computer Forensics, Multimedia Forensics, Image Ballistics, Camera Source Identification, Forgery Detection

Procedia PDF Downloads 212

Authors: Gigih Supriyatno

Abstract:

SQL injection is one of the most common types of attacks and has a very critical impact on web servers. In the worst case, an attacker can perform post-exploitation after a successful SQL injection attack. In the case of forensics web servers, web server analysis is closely related to log file analysis. But sometimes large file sizes and different log types make it difficult for investigators to look for traces of attackers on the server. The purpose of this paper is to help investigator take appropriate steps to investigate when the web server gets attacked. We use attack scenarios using SQL injection attacks including PHP backdoor injection as post-exploitation. We perform post-mortem analysis of web server logs based on Hypertext Transfer Protocol (HTTP) POST and HTTP GET method approaches that are characteristic of SQL injection attacks. In addition, we also propose structured analysis method between the web server application log file, database application, and other additional logs that exist on the webserver. This method makes the investigator more structured to analyze the log file so as to produce evidence of attack with acceptable time. There is also the possibility that other attack techniques can be detected with this method. On the other side, it can help web administrators to prepare their systems for the forensic readiness.

Keywords: web forensic, SQL injection, investigation, web shell

Procedia PDF Downloads 115

Authors: Anupuma Raina, Ajay P. Balayan, Prateek Pandya, Pankaj Shrivastava, Uma Kanga, Tulika Seth

Abstract:

DNA fingerprinting analysis aids in personal identification for forensic purposes and has always been a driving motivation for law enforcement agencies in almost all countries since its inception. The introduction of DNA markers (Y-STR) has allowed for greater precision and higher discriminatory power in forensic testing. A criminal/ person committing crime after bone marrow transplantation is a rare situation but not an impossible one. Keeping such a situation in mind, a study was carried out to find out the best biological sample to be used for personal identification, especially in forensic situation. We choose a female patient (recipient) and a male donor. The pre transplant sample (blood) and post transplant samples (blood, buccal swab, hair roots) were collected from the recipient (patient). The same were compared with the blood sample of the donor using DNA FP technique. Post transplant samples were collected at different interval of time (15, 30, 60, and 90 days). The study was carried out using Y-STR kit at 23 loci. The results determined discusses the phenomenon of chimerism and its impact on Y-STR. Hair sample was found the most suitable sample which had no donor DNA profiling up to 90 days.

Keywords: bone marrow transplantation, chimerism, DNA profiling, Y-STR

Procedia PDF Downloads 115

Authors: Xueying Zhao, Ke Ma, Hui Li, Yu Cao, Fan Yang, Qingwen Xu, Wenbin Liu

Abstract:

Massively parallel sequencing (MPS) technologies allow high-throughput sequencing analyses with a relatively affordable price and have gradually been applied to forensic casework. MPS technology identifies short tandem repeat (STR) loci based on sequence so that repeat motif variation within STRs can be detected, which may help one to infer the origin of the mutation in some cases. Here, we report on one case with one three-step mismatch (D18S51) in family trios based on both capillary electrophoresis (CE) and MPS typing. The alleles of the alleged father (AF) are [AGAA]₁₇AGAG[AGAA]₃ and [AGAA]₁₅. The mother’s alleles are [AGAA]₁₉ and [AGAA]₉AGGA[AGAA]₃. The questioned child’s (QC) alleles are [AGAA]₁₉ and [AGAA]₁₂. Given that the sequence variants in repeat regions of AF and mother are not observed in QC’s alleles, the QC’s allele [AGAA]₁₂ was likely inherited from the AF’s allele [AGAA]₁₅ by loss of three repeat [AGAA]. Besides, two new alleles of D18S51 in this study, [AGAA]₁₇AGAG[AGAA]₃ and [AGAA]₉AGGA[AGAA]₃, have not been reported before. All the results in this study were verified using Sanger-type sequencing. In summary, the MPS typing method can offer valuable information for forensic genetics research and play a promising role in paternity testing.

Keywords: family trios analysis, forensic casework, ion torrent personal genome machine (PGM), massively parallel sequencing (MPS)

Procedia PDF Downloads 274

Authors: Sarah K. Taylor, Miratun M. Saharuddin, Zabri A. Talib

Abstract:

Cybercrime is on the rise, and yet many Law Enforcement Agencies (LEAs) in Malaysia have no Digital Forensics Laboratory (DFL) to assist them in the attrition and analysis of digital evidence. From the estimated number of 30 LEAs in Malaysia, sadly, only eight of them owned a DFL. All of the DFLs are concentrated in the capital of Malaysia and none at the state level. LEAs are still depending on the national DFL (CyberSecurity Malaysia) even for simple and straightforward cases. A survey was conducted among LEAs in Malaysia owning a DFL to understand their history of establishing the DFL, the challenges that they faced and the significance of the DFL to their case investigation. The results showed that the while some LEAs faced no challenge in establishing a DFL, some of them took seven to 10 years to do so. The reason was due to the difficulty in convincing their management because of the high costs involved. The results also revealed that with the establishment of a DFL, LEAs were better able to get faster forensic result and to meet agency’s timeline expectation. It is also found that LEAs were also able to get more meaningful forensic results on cases that require niche expertise, compared to sending off cases to the national DFL. Other than that, cases are getting more complex, and hence, a continuous stream of budget for equipment and training is inevitable. The result derived from the study is hoped to be used by other LEAs in justifying to their management the benefits of establishing an in-house DFL.

Keywords: digital evidence, digital forensics, digital forensics laboratory, law enforcement agency

Procedia PDF Downloads 139

Authors: Zolani Metu

Abstract:

The death of more than 140 psychiatric patients who were unethically deinstitutionalized from the Life Esidimeni hospital Johannesburg, in 2016, shined a light on South Africa’s failing public mental healthcare system. Compounded by insufficient research evidence on African deinstitutionalization, this necessitates inquiries into deinstitutionalized mental healthcare, reintegration and community-based mental healthcare within the South African context. This study employed a quantitative research approach which utilized a cross-sectional research design, to investigate experiences with the reintegration of institutionalized forensic mental health service users into communities in the Western Cape, South Africa. A convenience sample of 100 mental health care workers from different occupational and organizational backgrounds in the Western Cape was purposively selected using the Western Cape Health Directorate as a sampling frame. A self-administered questionnaire (SAQ) was used as the data collection instrument. The results of the study indicate that criminogenic factors such as substance use, history of violent behaviour, criminal history and disruptive social behaviour complicate the reintegration of forensic mental health service users into communities. The current extent of reintegration of forensic mental health service users was found to be 'poor' (46%; n= 46); and financial difficulties, criminogenic factors and limited Community-Based Care (CBC) facilities were identified as key barriers to the reintegration process. 56% of all job applications for forensic mental health service users were unsuccessful, and 53% of all applications for their admission into CBC facilities were declined. Although social support (informal) was found to be essential for successful reintegration, institutional support (formal) through assertive community treatment (35%; n= 35) and CBC facilities (21%) and the disability grant (DG=50%) was found to be more important for family coping and reintegration. Moreover, 72% of respondents had positive perceptions about the process of reintegration; no statistically significant relationship was found between years of experience and perceptions about reintegration (P-value = 0.062); and perceptions were not found to be a barrier to reintegration. No statistically significant relationship was found between years of working experience and understanding the legislative framework of deinstitutionalization (P-Value =.0.061). However, using a Chi-square test, a significant relationship (P-value = 0.021) was found between sex and understanding the legal framework involved in the process of reintegration. The study recommends a post-2020 deinstitutionalization agenda that factors-in criminogenic realities associated with forensic mental health service users, and affirms the strengthening of PHC and community based care systems as precedents of successful deinstitutionalization and reintegration of mental health service users.

Keywords: forensic mental health, deinstitutionalization, reintegration, mental health service users

Procedia PDF Downloads 133

Authors: Sophie Oakes-Rogers, Di Bailey, Karen Slade

Abstract:

Female offenders are a uniquely vulnerable group, who are at high risk of suicide. Whilst the prevention of self-harm and suicide remains a key global priority, we need to better understand the relationship between these challenging behaviours that constitute a pressing problem, particularly in environments designed to prioritise safety and security. Method choice is unlikely to be random, and is instead influenced by a range of cultural, social, psychological and environmental factors, which change over time and between countries. A key aspect of self-harm and suicide in women receiving forensic care is the lack of free access to methods. At a time where self-harm and suicide rates continue to rise internationally, understanding the role of these influencing factors and the impact of current suicide prevention strategies on the use of near-lethal methods is crucial. This poster presentation will present findings from 25 interviews and 3 focus groups, which enlisted a Participatory Action Research approach to explore the differences between self-harming and suicidal behavior. A key element of this research was using the lived experiences of women receiving forensic care from one forensic pathway in the UK, and the staffs who care for them, to discuss the role of near-lethal self-harm (NLSH). The findings and suggestions from the lived accounts of the women and staff will inform a draft assessment tool, which better assesses the risk of suicide based on the lethality of methods. This tool will be the first of its kind, which specifically captures the needs of women receiving forensic services. Preliminary findings indicate women engage in NLSH for two key reasons and is determined by their history of self-harm. Women who have a history of superficial non-life threatening self-harm appear to engage in NLSH in response to a significant life event such as family bereavement or sentencing. For these women, suicide appears to be a realistic option to overcome their distress. This, however, differs from women who appear to have a lifetime history of NLSH, who engage in such behavior in a bid to overcome the grief and shame associated with historical abuse. NLSH in these women reflects a lifetime of suicidality and indicates they pose the greatest risk of completed suicide. Findings also indicate differences in method selection between forensic provisions. Restriction of means appears to play a role in method selection, and findings suggest it causes method substitution. Implications will be discussed relating to the screening of female forensic patients and improvements to the current suicide prevention strategies.

Keywords: forensic mental health, method substitution, restriction of means, suicide

Procedia PDF Downloads 147

Authors: Ward Bakker, Shadi Alhakimi

Abstract:

The amount of people moving towards more privacy focused instant messaging applications has grown significantly. Signal is one of these instant messaging applications, which makes Signal interesting for digital investigators. In this research, we evaluate the artifacts that are generated by the Signal messenger for Android. This evaluation was done by using the features that Signal provides to create artifacts, whereafter, we made an image of the internal storage and the process memory. This image was analysed manually. The manual analysis revealed the content that Signal stores in different locations during its operation. From our research, we were able to identify the artifacts and interpret how they were used. We also examined the source code of Signal. Using our obtain knowledge from the source code, we developed a tool that decrypts some of the artifacts using the key stored in the Android Keystore. In general, we found that most artifacts are encrypted and encoded, even after decrypting some of the artifacts. During data visualization, some artifacts were found, such as that Signal does not use relationships between the data. In this research, two interesting groups of artifacts were identified, those related to the database and those stored in the process memory dump. In the database, we found plaintext private- and group chats, and in the memory dump, we were able to retrieve the plaintext access code to the application. Nevertheless, we conclude that Signal contains a wealth of artifacts that could be very valuable to a digital forensic investigation.

Keywords: forensic, signal, Android, digital

Procedia PDF Downloads 44

Authors: Sijuade A. A., Oguntoye J. P., Awodoye O. O., Adedapo O. A., Wahab W. B., Okediran O. O., Omidiora E. O., Olabiyisi S. O.

Abstract:

Electronic voting systems have been introduced to improve the efficiency, accuracy, and transparency of the election process in many countries around the world, including Nigeria. However, concerns have been raised about the security and integrity of these systems. One way to address these concerns is through the implementation of electronic forensic election audit systems. This study aims to evaluate voters' intention to the adoption of electronic forensic election audit systems using the Unified Theory of Acceptance and Use of Technology (UTAUT) model. In the study, the UTAUT model which is a widely used model in the field of information systems to explain the factors that influence individuals' intention to use a technology by integrating performance expectancy, effort expectancy, social influence, facilitating conditions, cost factor and privacy factor to voters’ behavioural intention was proposed. A total of 294 sample data were collected from a selected population of electorates who had at one time or the other participated in at least an electioneering process in Nigeria. The data was then analyzed statistically using Partial Least Square Structural Equation Modeling (PLS-SEM). The results obtained show that all variables have a significant effect on the electorates’ behavioral intention to adopt the development and implementation of an electronic forensic election audit system in Nigeria.

Keywords: election Audi, voters, UTAUT, performance expectancy, effort expectancy, social influence, facilitating condition social influence, facilitating conditions, cost factor, privacy factor, behavioural intention

Procedia PDF Downloads 40

Authors: Lilian Noronha Nassif

Abstract:

Cybercrime investigation demands an appropriated evidence collection mechanism. If the investigator does not acquire digital proofs in a forensic sound, some important information can be lost, and judges can discard case evidence because the acquisition was inadequate. The correct digital forensic seizing involves preparation of professionals from fields of law, police, and computer science. This paper presents important challenges faced during evidence collection in different perspectives of places. The crime scene can be virtual or real, and technical obstacles and privacy concerns must be considered. All pointed challenges here highlight the precautions to be taken in the digital evidence collection and the suggested procedures contribute to the best practices in the digital forensics field.

Keywords: digital evidence, digital forensics process and procedures, mobile forensics, cloud forensics

Procedia PDF Downloads 378

Authors: Zainurrasyid Abdullah, Mohamed Fadzlee Sulaiman, Muhammad Fadzlan Zainal, M. Zabri Adil Talib, Aswami Fadillah M. Ariffin

Abstract:

The Onion Router (Tor) browser is a well-known tool and widely used by people who seeking for web anonymity when browsing the internet. Criminals are taking this advantage to be anonymous over the internet. Accessing the dark web could be the significant reason for the criminal in order for them to perform illegal activities while maintaining their anonymity. For a digital forensic analyst, it is crucial to extract the trail of evidence in proving that the criminal’s computer has used Tor browser to conduct such illegal activities. By applying the digital forensic methodology, several techniques could be performed including application analysis, memory analysis, and registry analysis. Since Windows 10 is the latest operating system released by Microsoft Corporation, this study will use Windows 10 as the operating system platform that running Tor browser. From the analysis, significant artifacts left by Tor browser were discovered such as the execution date, application installation date and browsing history that can be used as an evidence. Although Tor browser was designed to achieved anonymity, there is still some trail of evidence can be found in Windows 10 platform that can be useful for investigation.

Keywords: artifacts analysis, digital forensics, forensic analysis, memory analysis, registry analysis, tor browser, Windows 10

Procedia PDF Downloads 142

Authors: Mohamed Izzharif Abdul Halim, Niamh Nic Daeid

Abstract:

Determining the source of pen inks used on a variety of documents is impartial for forensic document examiners. The examination of inks is often performed to differentiate between inks in order to evaluate the authenticity of a document. A ballpoint pen ink consists of synthetic dyes in (acidic and/or basic), pigments (organic and/or inorganic) and a range of additives. Inks of similar color may consist of different composition and are frequently the subjects of forensic examinations. This study emphasizes on blue ballpoint pen inks available in the market because it is reported that approximately 80% of questioned documents analysis involving ballpoint pen ink. Analytical techniques such as thin layer chromatography, high-performance liquid chromatography, UV-vis spectroscopy, luminescence spectroscopy and infrared spectroscopy have been used in the analysis of ink samples. In this study, application of Diamond Attenuated Total Reflectance (ATR) FTIR is straightforward but preferable in forensic science as it offers no sample preparation and minimal analysis time. The data obtained from these techniques were further analyzed using multivariate chemometric methods which enable extraction of more information based on the similarities and differences among samples in a dataset. It was indicated that some pens from the same manufactures can be similar in composition, however, discrete types can be significantly different.

Keywords: ATR FTIR, ballpoint, multivariate chemometric, PCA

Procedia PDF Downloads 429

Authors: Blerim Olluri

Abstract:

A forensic science laboratory in Kosovo has never been organized at the level of most modern forensic science laboratories. This was made possible after the war of 1999 with the help and support from the United States. The United States Government/ICITAP provided 9.5 million dollars to support this project, this support have greatly benefitted law enforcement in Kosovo. With the establishment of Operative Procedures of Work and the law for Kosovo Agency of Forensic, the accreditation with ISO/IEC 17025 of the KAF labs it becomes mandatory. Since 2012 Laboratory’s DNA/Serology and Narcotics has begun reviewing and harmonizing their procedures according to ISO/IEC 17025. The focus of this work was to create quality manuals, procedures, work instructions, quality documentation and quality records. Furthermore, during this time is done the validation of work methods from scientific qualified personnel of KAF, without any help from other foreign agencies or accreditation body.In October 2014 we had the first evaluation based on ISO 17025 standards. According to the initial report of this assessment we have non conformity in test and Calibration methods method’s, and accommodation and environmental conditions. We identified several issues that are of extreme importance to KAF. One the most important issue is to create a professional group with experts of KAF, which will work in all the obligations, requested from ISO/IEC 17025. As conclusions that we earn in this path of accreditation, are that laboratory’s need to take corrective action, and all nonconformance’s must be addressed and corrective action taken before accreditation can be granted.

Keywords: accreditation, assessment, narcotics, DNA

Procedia PDF Downloads 342

Authors: G. V. Sai Soumya, Kalpesh Solanki, Sumit K. Choudhary

Abstract:

Necropsy is another term used for an autopsy, which is known as death examination in the case of animals. It is a complete standardized procedure involving dissection, observation, interpretation, and documentation. Government Bodies like National Tiger Conservation Authority (NTCA) have given standard operating procedures for commencing the necropsies. Necropsies are rarely performed as compared to autopsies performed on human bodies. There are no databases which maintain the count of autopsies in wildlife, but the research in this area has shown a very small number of necropsies. Long back, wildlife forensics came into existence but is coming into light nowadays as there is an increase in wildlife crime cases, including the smuggling of trophies, pooching, and many more. Physical examination in cases of animals is not sufficient to yield fruitful information, and thus postmortem examination plays an important role. Postmortem examination helps in the determination of time since death, cause of death, manner of death, factors affecting the case under investigation, and thus decreases the amount of time required in solving cases. Increasing the rate of necropsies will help forensic veterinary pathologists to build standardized provision and confidence within them, which will ultimately yield a higher success rate in solving wildlife crime cases.

Keywords: necropsy, wildlife crime, postmortem examination, forensic application

Procedia PDF Downloads 103

Authors: O. Abiodun Adeyinka, B. Adeyemo Adesesan

Abstract:

The forensic use of handwriting depends on the analysis, comparison, and evaluation decisions made by forensic document examiners. When using biometric technology in forensic applications, it is necessary to compute Likelihood Ratio (LR) for quantifying strength of evidence under two competing hypotheses, namely the prosecution and the defense hypotheses wherein a set of assumptions and methods for a given data set will be made. It is therefore important to know how repeatable and reproducible our estimated LR is. This paper evaluated the accuracy and reproducibility of examiners' decisions. Confidence interval for the estimated LR were presented so as not get an incorrect estimate that will be used to deliver wrong judgment in the court of Law. The estimate of LR is fundamentally a Bayesian concept and we used two LR estimators, namely Logistic Regression (LoR) and Kernel Density Estimator (KDE) for this paper. The repeatability evaluation was carried out by retesting the initial experiment after an interval of six months to observe whether examiners would repeat their decisions for the estimated LR. The experimental results, which are based on handwriting dataset, show that LR has different confidence intervals which therefore implies that LR cannot be estimated with the same certainty everywhere. Though the LoR performed better than the KDE when tested using the same dataset, the two LR estimators investigated showed a consistent region in which LR value can be estimated confidently. These two findings advance our understanding of LR when used in computing the strength of evidence in handwriting using forensics.

Keywords: confidence interval, handwriting, kernel density estimator, KDE, logistic regression LoR, repeatability, reproducibility

Procedia PDF Downloads 92

Authors: M. O. Ezegbogu, H. B. Osadolor

Abstract:

Lipsticks constitute a significant source of transfer evidence, and can, therefore, provide corroborative or inclusionary evidence in criminal investigation. This study aimed to determine the uniqueness and persistence of different lipstick smears using Thin Layer Chromatography (TLC), and Gas Chromatography with a Flame Ionisation Detector (GC-FID). In this study, we analysed lipstick smears retrieved from tea cups exposed to the environment for up to four weeks. The n-alkane content of each sample was determined using GC-FID, while TLC was used to determine the number of bands, and retention factor of each band per smear. This study shows that TLC gives more consistent results over a 4-week period than GC-FID. It also proposes a maximum exposure time of two weeks for the analysis of lipsticks left in the open using GC-FID. Finally, we conclude that neither TLC nor GC-FID can distinguish lipstick evidence recovered from hypothetical crime scenes.

Keywords: forensic science, chromatography, identification, lipstick

Procedia PDF Downloads 156

Authors: Katie E. Jennings

Abstract:

The interactions between family dynamics and environmental factors with mental health vulnerability in individuals are well known and are a theme for on-going research and debate. The impact upon mental health issues and forensic issues on family dynamics, experience, and emotional wellbeing cannot be over-Emphasised. For forensic patients with diagnosed mental disorders, these relationships and environments may have also been functionally linked to the development and maintenance of those disorders; with significant adverse childhood experiences being a common feature of many Patient’s histories. Mental health hospitals remove the patient from their home environments and provide treatment outside of these relationships and often outside of the home area. There is, therefore, a major focus on Services ensuring that patients are able to build and maintain relationships with family and friends, requiring services to involve families in Patients' care and treatment wherever possible. There are standards set by Government and clinical bodies that require absolute demonstration of the inclusion of family and friends in all aspects of the care and treatment of forensic patients. For some patients and family members, this push to take on a “role” in care can be unhelpful, extremely stressful, and has constant implications for the potential delicate reparation of relationships. Based on work undertaken for over 20 years in forensic mental health settings, this paper explores the positive psychology approach to a dimensional model to family inclusion in mental health care that learns from family court work and allows for the maintenance of relationships to be at both proximal and Distil levels; to prevent the replication of abuse, decrease the need for falsehoods and assist the recovery of all. The model is based on allowing families to choose to not be involved or be involved in different ways if this is seen to be more helpful. It also allows patients to choose the level of potential involvement that they would find helpful, and for this to be reviewed at a timeframe agreed by all parties, rather than when the next survey is due or the patient has a significant care meeting. This paper is significant as there is a lack of research to support services to use a positive psychology approach to work in this area, the assumption that being asked to be involved must be positive for all seems naïve at best for this patient group. Work relating to the psychology of family can significantly contribute to the development of knowledge in this area. The development of a dimensional model will support choice within families and assist in the development of more honest and open relationships.

Keywords: family dynamics, forensic, mental disorder, positive psychology

Procedia PDF Downloads 120

Authors: Bagus Hanindhito, Fariz Azmi Pratama, Ulfah Nadiya

Abstract:

Nowadays, digital system including, but not limited to, computer and internet have penetrated the education system widely. Critical information such as students’ academic records is stored in a server off- or on-campus. Although several countermeasures have been taken to protect the vital resources from outsider attack, the defense from insiders threat is not getting serious attention. At the end of 2017, a security incident that involved academic information system in one of the most respected universities in Indonesia affected not only the reputation of the institution and its academia but also academic integrity in Indonesia. In this paper, we will explain our efforts in investigating this security incident where we have implemented a novel rapid evidence remote acquisition method in high-availability server and storage system thus our data collection efforts do not disrupt the academic information system and can be conducted remotely minutes after incident report has been received. The acquired evidence is analyzed during digital forensic by constructing the model of the system in an isolated environment which allows multiple investigators to work together. In the end, the suspect is identified as a student (insider), and the investigation result is used by prosecutors to charge the suspect as an academic crime.

Keywords: academic information system, academic crime, digital forensic, high-availability server and storage, rapid evidence remote acquisition, security incident

Procedia PDF Downloads 124

Authors: W. C. Bracken

Abstract:

Given that concrete masonry walls are expected to experience shrinkage combined with thermal expansion and contraction, and in some cases even carbonation, throughout their service life, cracking is to be expected. However, after concrete masonry walls have been placed into service, originally anticipated and accounted for cracking is often misdiagnosed as a structural defect. Such misdiagnoses often result in or are used to support litigation. This paper begins by discussing the causes and types of anticipated cracking within concrete masonry walls followed by a discussion on the processes and analyses that exists for properly evaluating them and their significance. From here, the paper then presents a case of misdiagnosed concrete masonry cracking and the flawed logic employed to support litigation.

Keywords: concrete masonry, masonry wall cracking, structural defect, structural damage, construction defect, forensic investigation

Procedia PDF Downloads 205

Authors: A. M. Taleb, A. G. Tail, A. F. Kara, B. B. Djedouani, C. T. Moussa

Abstract:

Forensic entomology is the use of insects to aid legal investigations. The main purpose of forensic entomology is to establish the postmortem interval (PMI). In order to estimate the PMI, a forensic entomologist compares the case data with certain reference information relevant to the particular location and time of year. This reference information, including the local distribution of species, are not available in Algeria. Therefore, experiments need to be conducted to provide references for entomological evidence. The objective of this study was to identify the necrophagous flies species which arrive first to carrion using liver baits in Ghardaia, South Algeria. The study was carried out during the spring season in the palmeral of Beni Isguen, Ghardaia which is well known by its hot arid climate. The experiment site (32°28’0’’ N, 3°42’0’’ E), is situated at an altitude of about 526 metres above mean sea level. On April the 4th, 2014, a number of three replicates of liver baited traps were placed in the shade and other three baits were exposed to the sun. Flying insects and larvae were captured and identified. After few minutes, flies invaded the traps which were exposed to the sun. In contrast, no flies were observed in the other traps. A total number of fourty five (45) adult specimens belonging to three taxa were identified: Calliphora vicina (Robineau-Desvoidy, 1830) (Diptera, Calliphoridae) (51.11 %), Lucilia sericata (Meigen, 1826) (Diptera, Calliphoridae) (33.33 %) and Sarcophaga africa (Wiedemann, 1824) (Diptera: Sarcophagidae) (15.55 %). Six hundred and three (603) maggots belonging to two taxa were identified: Calliphora vicina (76.28 %) and Lucilia sericata (23.71 %). The data obtained from this study provides baseline information regarding the carrion fauna of this area. It will also form a basis for similar studies in different geographical and climatological regions of Algeria.

Keywords: forensic entomology, liver baits, necrophagous fly, Ghardaia, South Algeria

Procedia PDF Downloads 333

Authors: Mustapha Aminu Bagiwa, Ainuddin Wahid Abdul Wahab, Mohd Yamani Idna Idris, Suleman Khan

Abstract:

Video source device identification has become a problem of concern in numerous domains especially in multimedia security and digital investigation. This is because videos are now used as evidence in legal proceedings. Source device identification aim at identifying the source of digital devices using the content they produced. However, due to affordable processing tools and the influx in digital content generating devices, source device identification is still a major problem within the digital forensic community. In this paper, we discuss source device identification for digital videos by identifying techniques that were proposed in the literature for model or specific device identification. This is aimed at identifying salient open challenges for future research.

Keywords: video forgery, source camcorder, device identification, forgery detection

Procedia PDF Downloads 595

Authors: Shirin jalili, Hadi Shirzad, Mahasti Modarresi, Samaneh Nabavi, Somayeh Khanjani

Abstract:

Identifying the source tissue of biological material found at crime scenes can be very informative in a number of cases. Despite their usefulness, current visual, catalytic, enzymatic, and immunologic tests for presumptive and confirmatory tissue identification are applicable only to a subset of samples, might suffer limitations such as low specificity, lack of sensitivity, and are substantially impacted by environmental insults. In addition their results are operator-dependent. Recently the possibility of discriminating body fluids using mRNA expression differences in tissues has been described but lack of long term stability of that Molecule and the need to normalize samples for each individual are limiting factors. The use of DNA should solve these issues because of its long term stability and specificity to each body fluid. Cells in the human body have a unique epigenome, which includes differences in DNA methylation in the promoter of genes. DNA methylation, which occurs at the 5′-position of the cytosine in CpG dinucleotides, has great potential for forensic identification of body fluids, because tissue-specific patterns of DNA methylation have been demonstrated, and DNA is less prone to degradation than proteins or RNA. Previous studies have reported several body fluid-specific DNA methylation markers.The presence or absence of a methyl group on the 5’ carbon of the cytosine pyridine ring in CpG dinucleotide regions called ‘CpG islands’ dictates whether the gene is expressed or silenced in the particular body fluid. Were described methylation patterns at tissue specific differentially methylated regions (tDMRs) to be stable and specific, making them excellent markers for tissue identification. The results demonstrate that methylation-based tissue identification is more than a proof-of-concept. The methodology holds promise as another viable forensic DNA analysis tool for characterization of biological materials.

Keywords: DNA methylation, forensic science, epigenome, tDMRs

Procedia PDF Downloads 398

Authors: Riza Yilmaz, Samet Kiyak, Sezin Nur Yilmaz, Yasemin Yilmaz

Abstract:

Child delinquency has been increasing in our country as well as in many countries of the world. Child intelligence, abilities, family's social environment and life conditions are the factors which affect the child delinquency. The reports of 73 cases ages of 12-15 which were sent to the University of Bulent Ecevit, School of Medicine, Forensic Medicine Department between January 2011-September 2015, in order to evaluate medically, children pushed to crime by the judicial authorities are examined in terms of age, gender, educational background, place of residence, reasons for being sent, whether it’s a repeating crime or not, type of intelligence test, results revealed by forensic medicine and department of mental and neurological disorders. When children pushed to crime examined in terms of their crimes, the most common type of crime was identified as theft (n = 24). The crimes with 19 physical attacks and 12 sexual abuse were seen. Following that other 12 crimes were determined as damage to property, hemp crop, insult, incitement to crime, forgery of private documents, illegal excavation, threatening, involuntary manslaughter. The alleged crimes in 6 cases were more than one. The children pushed to crime are one of the major social problems of many countries. In this sense, it is not only the responsibility of government agencies to protect children pushed to crime, also, the civil society organizations should take place in this struggle.

Keywords: delinquent behaviour, forensic medicine, crime, punishment

Procedia PDF Downloads 409

Authors: Radah Yousuf, Ashraf Shebl

Abstract:

Suicide is a tragic event with strong emotional repercussions for its survivors and for families of its victims. There were thousands of cases all over the world. There are many risk factors include mental disorders such as depression, and substance abuse, including alcoholism and use of benzodiazepines. Other suicides are impulsive acts due to stress such as from financial difficulties, troubles with relationships, or from bullying. The aim of work in this study is making a survey from archives of the suicidal cases, which had a medicolegal examination, in forensic medicine center in Al Madinah Almunawarah-KSA, for ten years in the period between 1428-1438h. In each case, some data are collected such as age, sex, time and place of an act, method of suicide, the presence of the witness, medical history. This study demonstrates that suicide is more common in male than female, and the 4th decade was the most period of age. The most common method of suicide was hanging followed by falling from the height. These results indicated that cultural and religious beliefs that discourage suicide and support self-preservation instinct, and suicide education programs provide information to students in high school, builds awareness, one of the most important issues in solving that problem. From the forensic view, circumstantial evidence of every forensic case must take and record, full history about the social, medical and psychological problems, attend the scene of death is a very important, complete medicolegal investigation for every case, and full autopsy with very skilled techniques and facilities can help in diagnosing what type of crimes.

Keywords: suicide, age, sex, hanging

Procedia PDF Downloads 109

Authors: Dayane de Almeida

Abstract:

This work aims at presenting a study that demonstrates the usability of categories of analysis from Discourse Semiotics – also known as Greimassian Semiotics in authorship cases in forensic contexts. It is necessary to know if the categories examined in semiotic analysis (the ‘grammar’ of the content plane) can distinguish authors. Thus, a study with 4 sets of texts from a corpus of ‘not on demand’ written samples (those texts differ in formality degree, purpose, addressees, themes, etc.) was performed. Each author contributed with 20 texts, separated into 2 groups of 10 (Author1A, Author1B, and so on). The hypothesis was that texts from a single author were semiotically more similar to each other than texts from different authors. The assumptions and issues that led to this idea are as follows: -The features analyzed in authorship studies mostly relate to the expression plane: they are manifested on the ‘surface’ of texts. If language is both expression and content, content would also have to be considered for more accurate results. Style is present in both planes. -Semiotics postulates the content plane is structured in a ‘grammar’ that underlies expression, and that presents different levels of abstraction. This ‘grammar’ would be a style marker. -Sociolinguistics demonstrates intra-speaker variation: an individual employs different linguistic uses in different situations. Then, how to determine if someone is the author of several texts, distinct in nature (as it is the case in most forensic sets), when it is known intra-speaker variation is dependent on so many factors?-The idea is that the more abstract the level in the content plane, the lower the intra-speaker variation, because there will be a greater chance for the author to choose the same thing. If two authors recurrently chose the same options, differently from one another, it means each one’s option has discriminatory power. -Size is another issue for various attribution methods. Since most texts in real forensic settings are short, methods relying only on the expression plane tend to fail. The analysis of the content plane as proposed by greimassian semiotics would be less size-dependable. -The semiotic analysis was performed using the software Corpus Tool, generating tags to allow the counting of data. Then, similarities and differences were quantitatively measured, through the application of the Jaccard coefficient (a statistical measure that compares the similarities and differences between samples). The results showed the hypothesis was confirmed and, hence, the grammatical categories of the content plane may successfully be used in questioned authorship scenarios.

Keywords: authorship attribution, content plane, forensic linguistics, greimassian semiotics, intraspeaker variation, style

Procedia PDF Downloads 211

Authors: Saule Mussabekova

Abstract:

Recent advances in genetics have allowed increasing acutely the capacities of the formation of reliable evidence in conducting forensic examinations. Thus, traces of biological origin are important sources of information about a crime. Currently, around the world, sexual offenses have increased, and among them are those in which the criminals use various detergents to remove traces of their crime. A feature of modern synthetic detergents is the presence of biological additives - enzymes. Enzymes purposefully destroy stains of biological origin. To study the nature and extent of the impact of modern washing powders on saliva stains on the physical evidence, specially prepared test specimens of different types of tissues to which saliva was applied have been examined. Materials and Methods: Washing machines of famous manufacturers of household appliances have been used with different production characteristics and advertised brands of washing powder for test washing. Over 3,500 experimental samples were tested. After washing, the traces of saliva were identified using modern research methods of forensic medicine. Results: The influence was tested and the dependence of the use of different washing programs, types of washing machines and washing powders in the process of establishing saliva trace and identify of the stains on the physical evidence while washing was revealed. The results of experimental and practical expert studies have shown that in most cases it is not possible to draw the conclusions in the identification of saliva traces on physical evidence after washing. This is a consequence of the effect of biological additives and other additional factors on traces of saliva during washing. Conclusions: On the basis of the results of the study, the feasibility of saliva traces of the stains on physical evidence after washing is established. The use of modern molecular genetic methods makes it possible to partially solve the problems arising in the study of unlaundered evidence. Additional study of physical evidence after washing facilitates detection and investigation of sexual offenses against women and children.

Keywords: saliva research, modern synthetic detergents, laundry detergents, forensic medicine

Procedia PDF Downloads 189

Authors: Fahad Alanazi, Andrew Jones

Abstract:

Digital forensics seeks to achieve the successful investigation of digital crimes through obtaining acceptable evidence from digital devices that can be presented in a court of law. Thus, the digital forensics investigation is normally performed through a number of phases in order to achieve the required level of accuracy in the investigation processes. Since 1984 there have been a number of models and frameworks developed to support the digital investigation processes. In this paper, we review a number of the investigation processes that have been produced throughout the years and introduce a proposed digital forensic model which is based on the scope of the Saudi Arabia investigation process. The proposed model has been integrated with existing models for the investigation processes and produced a new phase to deal with a situation where there is initially insufficient evidence.

Keywords: digital forensics, process, metadata, Traceback, Sauid Arabia

Procedia PDF Downloads 317

Authors: Michaela Storen, Michelle Harvey, Xavier Conlan

Abstract:

Gun violence internationally is increasing at an unprecedented level, becoming a favoured means for executing violence against another individual. Not only is this putting a strain on forensic scientists who attempt to determine the cause of death in circumstances where firearms have been involved in the death of an individual, but it also highlights the need for an alternative technique of identification of a gunshot wound when other established techniques have been exhausted. A corpse may be colonized by necrophagous insects following death, and this close association between the time of death and insect colonization makes entomological samples valuable evidence when remains become decomposed beyond toxicological utility. Entomotoxicology provides the potential for the identification of toxins in a decomposing corpse, with recent research uncovering the capabilities of entomotoxicology to detect gunshot residue (GSR) in a corpse. However, shortcomings of the limited literature available on this topic have not been addressed, with the bioaccumulation, detection limits, and sensitivity to gunshots not considered thus far, leaving questions as to the applicability of this new technique in the forensic context. Larvae were placed on meat contaminated with GSR at different concentrations and compared to a control meat sample to establish the uptake of GSR by the larvae, with bioaccumulation established by placing the larvae on fresh, uncontaminated meat for a period of time before analysis using ICP-MS. The findings of Pb, Ba, and Sb at each stage of the lifecycle and bioaccumulation in the larvae will be presented. In addition, throughout these previously mentioned experiments, larvae were washed once, twice and three times to evaluate the effectiveness of existing entomological practices in removing external toxins from specimens prior to entomotoxicologyical analysis. Analysis of these larval washes will be presented. By addressing these points, this research extends the utility of entomotoxicology in cause-of-death investigations and provides an additional source of evidence for forensic scientists in the circumstances involving a gunshot wound on a corpse, in addition to advising the effectiveness of current entomology collection protocols.

Keywords: bioaccumulation, chemistry, entomology, gunshot residue, toxicology

Procedia PDF Downloads 47

Authors: Ahmad Luthfi

Abstract:

One of the main goals of a computer forensic analyst is to determine the cause and effect of the acquisition of a digital evidence in order to obtain relevant information on the case is being handled. In order to get fast and accurate results, this paper will discuss the approach known as ontology framework. This model uses a structured hierarchy of layers that create connectivity between the variant and searching investigation of activity that a computer forensic analysis activities can be carried out automatically. There are two main layers are used, namely analysis tools and operating system. By using the concept of ontology, the second layer is automatically designed to help investigator to perform the acquisition of digital evidence. The methodology of automation approach of this research is by utilizing forward chaining where the system will perform a search against investigative steps and atomically structured in accordance with the rules of the ontology.

Keywords: ontology, framework, automation, forensics

Procedia PDF Downloads 294

Authors: Jaithish John

Abstract:

In this paper a brief overview is provided of the developments in interdisciplinary knowledge exchange with use of soil and geological (earth) materials in the search for evidence. The aim is to provide background information on the role and value of understanding ‘earth materials’ from the crime scene through to microscopic scale investigations to support law enforcement agencies in solving criminal and environmental concerns and investigations. This involves the sampling, analysis, interpretation and explanation presentation of all these evidences. In this context, field and laboratory methods are highlighted for the controlled / referenced sample, alibi sample and questioned sample. The aim of forensic analyses of earth materials is to associate these samples taken from a questioned source to determine if there are similar and outstanding characteristics features of earth materials crucial to support the investigation to the questioned earth materials and compare it to the controlled / referenced sample and alibi samples.

Keywords: soil, texture, grain, microscopy

Procedia PDF Downloads 51