Digital Forensics, Security and Law

Top PDF Digital Forensics, Security and Law:

Big Data Computing Application in Digital Forensics Investigation and Cyber Security

Big Data Computing Application in Digital Forensics Investigation and Cyber Security

ISSN: 2321-8363 Impact Factor: 5.515 conventional process like Identification, Acquisition, Preservation, Examination and Presentation of findings to the chief investigator, court of law and other stakeholders by forensic expert investigators where decisions are made on the outcome of an investigation [4][6]. Forensic tools such as Forensics Tool Kit (FTK) and ENCASE [8] are used to carry out this process. The data offered by computer forensic tools can often be misleading due to the dimensionality, complexity and amount of the data presented. Also the scope of investigation and examination of evidence are limited to the examiners and investigators. Hence it can raise challenges with the procreation nature of big data spreading heterogeneously.
Show more

8 Read more

On the Development of a Digital Forensics Curriculum

On the Development of a Digital Forensics Curriculum

The Professional Project course should be a research project which requires the application of the knowledge, techniques, methodology, and skills learned from other digital forensics courses. Topics could be either from academia or from industry. The survey result indicates that multimedia forensic analysis has been conducted by digital forensics practitioners, which requires the use of a suite of tools including VideoFOCUS, dTective, ClearID DAC, dVeleloper and Magnifi Spotlight. Several research issues on multimedia forensics exists which need to be undertaken to improve the efficiency and accuracy of the results. Another important topic is the deployment of a honeypot which has been recently used for cyber security protection and network forensic investigation (Spitzner, 2003), due to its cost effectiveness and usefulness for security and forensic education and research. Other important topics include malware forensics analysis, social computing forensics (for example, forensics investigation on Facebook, MySpace, Twitter, Blogosphere, etc.), accounting and financial fraud detection and investigation. Furthermore, evidence should be presented in a in a clear, concise, professional way so that audiences in a courtroom, such as a jury, judge, and attorneys, can easily understand it. The Courtroom Experience course is an application of the knowledge, skills, and methodology learned from all the courses in the education program, including forensic law, criminal justice, communication, digital forensics investigation, and other computer courses. In a mock courtroom, judges and attorneys from industry and law enforcement can participate, and the cases may be a simulation of real world scenarios. In a mock trial course, the students can apply what they have learned and gain real world experiences.
Show more

21 Read more

Digital Forensics: Legality of the Process in Cameroon

Digital Forensics: Legality of the Process in Cameroon

The Admissibility of Digital Evidence Obtained by applying the procedures of Part III of the 2010 LAW N° 2010/012 OF 21 DECEMBER 2010, law relating to cyber security and cyber criminality Evidence is either admissible or inadmissible [9]. Admissible evidence is evidence that meets all regulatory and statutory requirements, and has been correctly obtained and handled. The quickest methods to ensure that evidence will not be admissible in court would be to collect it in an illegal manner [9], or to obtain it without the correct authorisation [1]. The law in Cameroon has placed a duty on the courts to rule evidence as inadmissible if it was obtained in violation of any aspects of the law and if its admission would result in an unfair trial or be detrimental to the administration of justice. In general in Cameroon, evidence that has been obtained unlawfully, that is in contravention of the law, then it would probably be ruled inadmissible in a criminal prosecution, and may potentially be ruled inadmissible in civil proceedings as well [15]. The key issue is whether or not allowing evidence that had been obtained unlawfully would render the trial unfair or be
Show more

10 Read more

A Ph.D. Curriculum for Digital Forensics

A Ph.D. Curriculum for Digital Forensics

The approach we have taken is to build faculty from the practical community that exists. CSI is starting to operate in the Bay Area near San Francisco, and as a location where much of the software and hardware of the information age was developed, this area is particularly rich in expertise and experienced in dealing with computer-related crime. While we draw faculty in specialized areas from all over the country, we don't have the resources or demand required to hire the full time faculty necessary to completely cover all of the expertise involved in our curriculum. As a result, we use active and recently retired professionals from the various communities involved, engage the local community leaders in relevant fields, and spend time and effort getting involved with groups like the local Electronic Crimes Task Force, local law enforcement agencies and their forensic laboratories, high technology businesses, and engage those who have worked in the national security arena. Each of these communities have both substantial expertise and substantial need for additional expertise, and by acting as a conduit for the exchange of knowledge and formalization of that knowledge, we can help them while engaging those who have the proper background, experience, knowledge, and desire to become members of the faculty.
Show more

8 Read more

Need of Digital Forensics in Cloud Computing Enviornment

Need of Digital Forensics in Cloud Computing Enviornment

Cloud computing technologies have significant potential to revolutionize the way organizations provision their information technology (IT) infrastructure. Migration to cloud computing involves replacing much of the traditional IT hardware found in an organization’s data centre (including servers, racks, network switches and air conditioning units) with virtualized, remote, on-demand software services, configured for the particular needs of the organization. These services can be hosted and managed by the user organization (on a reduced hardware base), or by a third-party provider. Consequently, the software and data comprising the organization’s application may be physically stored across many different locations, potentially with a wide geographic distribution. However, the use of cloud computing presents significant challenges to the users of clouds (both individuals and organizations), as well as regulatory and law enforcement authorities. When security breaches, attacks or policy violations occur, it may be necessary to conduct a digital forensic investigation [6].
Show more

7 Read more

Games Consoles Security and Forensics Challenges

Games Consoles Security and Forensics Challenges

Even though Microsoft has stopped the production of the original Xbox games consoles, the cumulative sales of 24 million game units scattered all around the world [3] and the lack of knowledge on Xbox forensics make this a serious issue in the perspective of law and order. There have been incidents where evidential information was found on game consoles [5, 6]. “Little has been published, however, on the proper forensic procedures to determine whether an Xbox has been modified and, if so, how to create a forensic duplicate and conduct a proper digital forensics investigation” [1]. This was the motivating factor to choose Xbox Forensics as the subject of this research.
Show more

10 Read more

Post-Genesis Digital Forensics Investigation

Post-Genesis Digital Forensics Investigation

factual information for judicial review. Another term for computer forensics is the collection and analysis of data from various computer resources including computer systems, computer networks, communication lines, and appropriate storage media for trial. The existence of computer science of forensics is much needed nowadays especially in the future because the number of computer- based crimes can not be proven in real terms, so sometimes it is not recognized as evidence in court for such cases [3]. So no wonder at institutions like the police has a special department for this computer forensics. Various digital behaviors and digitalization that has penetrated in every human activity become a behavior that must be observed properly. Computer forensics or digital forensics are widely deployed in a variety of purposes, not just criminal cases involving the law. In general, the need for computer forensics can be classified as follows:
Show more

5 Read more

Digital Forensics, A Need for Credentials and Standards

Digital Forensics, A Need for Credentials and Standards

As noted by Lang et al. (2014), the develop- ment of a digital forensics curriculum should provide a self-contained and comprehensive tool for teaching the discipline in universities given the failure of many institutions to offer such courses for missing certain aspects of the entry barrier. In their proposed curricula, Lang et al. (2014) offered an introductory and an advanced course and hands-on labora- tory programs. They, however, failed to focus or mention at any point, the essence of creden- tialing and its role in developing the digital forensics investigator. This seems to be con- sistent with most curricula and reports on the status of digital forensics investigation and related disciplines throughout. For instance, a report by West Virginia University Foren- sic Science Initiative (2007) submitted to the Department of Justice (DoJ) on training and education of digital forensics investigators highlights the antecedent qualifications and a detailed career path but omits otherwise essential information on credentialing. The report is comprehensive on other aspects of training and career path, highlighting the qualifications, skills, and knowledge needed, the Associate, Baccalaureate, and advanced levels of learning in the discipline, but makes a major omission on certifications and cre- dentials needed in the profession. This sums the whole credentialing challenge in available studies- that most of it loom in the shadow of a clear training and education framework for digital forensic investigators.
Show more

16 Read more

DATA MINING APPROACH IN DIGITAL FORENSICS

DATA MINING APPROACH IN DIGITAL FORENSICS

Digital forensics is a sophisticated and cutting edge area of breakthrough research. Canvass of digital forensic investigation and application is growing at a rapid rate with mammoth digitization of an information economy. Law enforcement and military organizations have heavy reliance on digital forensic today. As information age is revolutionizing at a speed inconceivable and information being stored in digital form, the need for accurate intellectual interception, timely retrieval, and nearly zero fault processing of digital data is crux of the issue. This research paper will focus on role of data mining techniques for digital forensics. It also identifies how Data mining techniques can be applicable in the field of digital forensics that will enable forensic investigator to reach the first step in effective prosecution, namely charge-sheeting of digital crime cases.
Show more

6 Read more

Public Security & Digital Forensics in the United States: The Continued Need for Expanded Digital Systems for Security

Public Security & Digital Forensics in the United States: The Continued Need for Expanded Digital Systems for Security

These include: access to digital services; training and equipment needs ( economic issues); lack of standardization; legal issues related to the validity and reliabil[r]

15 Read more

A survey on privacy issues in digital forensics

A survey on privacy issues in digital forensics

However, there are negative sides of it as well. The issues here are on the non-technical part of dealing with privacy. We found that the most obvious impact of the proposed frameworks, such as cross referencing encrypted queries with data, onion routing and strong audit are among the frameworks that directly limit avenues that can be taken by forensics investigators to approach their investigations. We need to consider the assumption that all crime investigations are time sensitive and such constraints placed by these frameworks may prolong the already time consuming investigation progress, as investigators now have to plan their investigation methods to be more technical and direct in order to extract the right evidence. Besides that, the possibility of extracting wrong or irrelevant evidence still exists regardless of how these frameworks are in place. The fact that tracing private information without really knowing the content and only based on keywords does not necessarily reflect the nature of data collected, meaning the data might not be useful to the investigation, and risks the possibility of exposing private information as well.
Show more

14 Read more

Data Exploration Interface for Digital Forensics

Data Exploration Interface for Digital Forensics

The fast capacity growth of cheap storage devices presents an ever-growing problem of scale for digital forensic investigations. One aspect of scale problem in the forensic process is the need for new approaches to visually presenting and analyzing large amounts of data. Current generation of tools universally employ three basic GUI components—trees, tables, and viewers—to present all relevant information. This approach is not scalable as increasing the size of the input data leads to a proportional increase in the amount of data presented to the analyst.
Show more

38 Read more

PERFORMANCE AND STUDENT PERCEPTION EVALUATION OF CLOUD-BASED VIRTUALISED SECURITY AND DIGITAL FORENSICS LABS

PERFORMANCE AND STUDENT PERCEPTION EVALUATION OF CLOUD-BASED VIRTUALISED SECURITY AND DIGITAL FORENSICS LABS

Case Study 2 has shown that both Static and Live Forensics can be run successfully with a virtualised environment, including the mounting of disk images, and in analysing running machines. This provides students with, again, real-life environments on a range of operating systems (such as Windows and Linux). There were problems identified, and generally Linux instances ran much better than Windows ones, which highlights that Windows instances must be carefully manage when there are many students running them at the same time. A strong recommendation is that large classes sizes should possibly be told to stagger their boot of Windows instances, so that the system does not get overwhelmed with the initial boot up.
Show more

11 Read more

Multimedia Forensics & Security pdf

Multimedia Forensics & Security pdf

So, other forms of protection focus more on the media information. Content-sharing sites like YouTube, MySpace, or Flickr allow users to upload pieces of media and share them with the commu- nity. In order to prevent copyrighted material to be shared, some sites use robust hashing, which LVVRPHWLPHVDOVRFDOOHGSDVVLYH¿QJHUSULQWLQJ (Allamanche et al., 2001; Haitsma, Kalker, & Oostveen, 2001; Venkatesan, Koon, Jakubowski, & Moulin, 2000). This technology recognises previously registered content by extracting certain characteristics based on the media information. The recognition is robust in the sense that slight changes to the media material will result in the same extracted characteristics. Robust hashing itself is a passive technology that is used to ac- tively prevent uploads to particular sites. Such an approach also prevents propagation of content that was distributed without any protection like cur- rently done with audio CDs. The success of this approach highly depends on the security of the robust hashing algorithms. Such systems inher- ently allow so-called oracle or known-plain-text attacks (Cayre, Fontaine, & Furon, 2005). A pirate can modify a piece of content in order to trick the robust hashing algorithm and try to upload it on such a network. If refused, the medium is again PRGL¿HGDQGXSORDGHGXQWLOLWLVDFFHSWHG6RPH- times this is also called threshold attack. Systems with a public detector are exposed to these kinds of attacks (Swaminathan, Mao, & Wu, 2006). Robust hashing does not work on open networks, where the content is not uploaded to a third party WREHDQDO\VHG7KLVLVWKHZD\PRVW¿OHVKDULQJ networks and other distribution channels work.
Show more

417 Read more

Digital Forensics and Cyber Crime Datamining

Digital Forensics and Cyber Crime Datamining

Digital forensics is the science of identifying, extracting, analyzing and presenting the digital evidence that has been stored in the digital devices. Various digital tools and techniques are being used to achieve this. Our paper explains fo- rensic analysis steps in the storage media, hidden data analysis in the file system, network forensic methods and cyber crime data mining. This paper proposes a new tool which is the combination of digital forensic investigation and crime data mining. The proposed system is designed for finding motive, pattern of cyber attacks and counts of attacks types happened during a period. Hence the proposed tool enables the system administrators to minimize the system vulner- ability.
Show more

6 Read more

Design and Implementation of Digital Forensics Labs:

Design and Implementation of Digital Forensics Labs:

Helix Imager; Password recovery; Cookie viewer; Internet history viewer; Register viewer; File recovery; Protected storage viewer; Scan for.. Our Approach to teaching DF[r]

22 Read more

Email threading for e-Discovery in Digital forensics

Email threading for e-Discovery in Digital forensics

The main aim of IT forensics is to investigate an incident related to digital technology. It tries to reconstruct the course of events and attempts to identify the individuals involved in an incident. The process may include analysing an email content where email threading plays an important role. Keeping in mind all communications done in an organisation is documented using email also emails are used by authorities to process approvals (this also includes financial departments) email as a document is frequently investigated. One more common incident that is often reported is data theft or passing of data. An employee or former employe e may be involved in the act where data has been sent outside the organisation using email and he/she was unauthorised to do so. Considering the huge volume of emails an individual sends or receives it is quite difficult to analyse each of them manually, email threading can here can help to organise the content and present the data in an organised format, this will not only easy the task but also save a lot of time making the process very efficient. Industries are now driven by digital technologies and email is the most impotent mode of communication within an organisation or while communicating with clients, this as a cluster creates a ground for email threading to play an impotent role in IT forensics.
Show more

5 Read more

Analysis of VoIP Forensics with Digital Evidence Procedure

Analysis of VoIP Forensics with Digital Evidence Procedure

Securing VoIP is not an easy task, as it needs efforts in several stages. One of the essential issues in VoIP security is protecting the signaling messages being exchanged between VoIP infrastructures. Signaling does not transfer voice packets, but is designed for establishing, controlling, modifying and terminating communications. The protection of signaling includes integrity and confidentiality of signaling messages as well as availability and confidentiality of signaling services [1] . Another core issue in VoIP security is protecting multimedia communications between endpoints, which is a separate topic from signaling security. It consist confidentiality, integrity and availability of multimedia communications. In this thesis, the scope of our research ONLY focuses on the security issues of SIP, a signaling protocol. Security issues deal with the problems encountered during the authentication phase rather than at the communication phase. It focuses on the pre-requisites of the communication so that the attacks can be avoided. Traditionally, in the normal telephone network, it was much harder to spoof Caller ID as at every end, a unique phone number is assigned by the phone company. Today, with the move to SIP trunks and VoIP technology, spoofing caller ID is fairly trivial. It has been said that the nature of VoIP calls make it difficult to trace the identity or location of the callers. The most outstanding phenomena is Dialing telephone numbers directly by the arbitrary number modification software, for fraudulent activities which is termed as CALLER ID SPOOFING. Existing protocol will not provide the mechanism for spoofing detection and prevention. The main challenge in VoIP is to accurately
Show more

5 Read more

A SYNOPSIS ON DIGITAL FORENSICS AND ITS INVESTIGATIVE STRATEGIES

A SYNOPSIS ON DIGITAL FORENSICS AND ITS INVESTIGATIVE STRATEGIES

When an evidence is obtained, it is first bagged and then tagged accordingly. This process is said to be known as „bagging and tagging‟. Usually, once the evidence is obtained, the evidence custodian takes care of all the bagging, tagging and transportation handlings. It is the responsibility of the evidence custodian to make sure that the evidence is safely transported to the evidence locker where it is securely preserved. Majority of the police departments appoint evidence custodians to maintain the evidences. The digital forensic investigator is responsible for reporting his/her findings and analysis. In every stage of investigation, documentation plays a very crucial role and it is important to document each and every step-in detail with extreme accuracy. The report should be written in such a way that even a non-technical individual will be able to understand the contents.
Show more

7 Read more

Contrast enhancement based forensics in digital images against security 
		attack using RSA algorithm

Contrast enhancement based forensics in digital images against security attack using RSA algorithm

The adaptive histogram is a computer image processing technique used to improve contrast in images. It improves by transforming each pixel with a transformation function derived from a neighborhood region. Pixels near the image boundary have to be treated specially, because their neighborhood would not lie completely within the image. The peak and gap bins are calculated from the adaptive histogram. The base layer and detail layer reduces the peak/gap bins of the digital image. Then saliency mapping is done with the base and detail layer of the image. Features like image analysis, texture analysis and texture of the digital image is calculated. Using support vector machine technique the image is classified weather its original image or forgery image. Neural network constructs a hyperplane or set of hyperplanes in a high or infinite-dimensional space, which can be used for classification. Since it’s of two dataset are large database we opt for neural network than SVM technique. Dataset 1 contains the original characteristic information of the image and dataset 2 will analysis the entire process of the testing image and the two dataset are compared. Based on the analysis of histogram peak-gap artifacts, the peak-gap pattern can be considered as statistical fingerprint for estimating the mapping function which is determined by the gamma parameter.
Show more

6 Read more

Show all 10000 documents...