Open Access. Powered by Scholars. Published by Universities.®

Computer Engineering Commons

Open Access. Powered by Scholars. Published by Universities.®

Computer Sciences

2011

Journal of Digital Forensics, Security and Law

Articles 1 - 28 of 28

Full-Text Articles in Computer Engineering

Extraction Of Electronic Evidence From Voip: Forensic Analysis Of A Virtual Hard Disk Vs Ram, David Irwin, Jill Slay, Arek Dadej, Malcolm Shore Jan 2011

Extraction Of Electronic Evidence From Voip: Forensic Analysis Of A Virtual Hard Disk Vs Ram, David Irwin, Jill Slay, Arek Dadej, Malcolm Shore

Journal of Digital Forensics, Security and Law

The popularity of Voice over the Internet Protocol (VoIP) is increasing as the cost savings and ease of use is realised by a wide range of home and corporate users. However, the technology is also attractive to criminals. This is because VoIP is a global telephony service, in which it is difficult to verify the user’s identification. The security of placing such calls may also be appealing to criminals, as many implementations use strong encryption to secure both the voice payload as well as to control messages making monitoring such VoIP calls difficult since conventional methods such as wire-tapping is …

Go to article

Book Review: Ios Forensic Analysis: For Iphone, Ipad And Ipod Touch, Christopher Schulte Jan 2011

Book Review: Ios Forensic Analysis: For Iphone, Ipad And Ipod Touch, Christopher Schulte

Journal of Digital Forensics, Security and Law

As Digital Forensics practitioners, we know that our discipline is constantly evolving. Keeping abreast means we need to continually refine and broaden our knowledge pools through experience, education, research, peer exchange, and more. Mobile device forensics can be especially dynamic and challenging. With multiple standards in place at the hardware, operating system, and user interface levels, it can be daunting to preserve, analyze, search and report on these tiny yet ubiquitous hand-held computers. Apple Computer’s line of mobile products (iOS devices - iPhone, iPad, iPod Touch) is no exception to this rule.

Go to article

Sampling: Making Electronic Discovery More Cost Effective, Milton Luoma, Vicki Luoma Jan 2011

Sampling: Making Electronic Discovery More Cost Effective, Milton Luoma, Vicki Luoma

Journal of Digital Forensics, Security and Law

With the huge volumes of electronic data subject to discovery in virtually every instance of litigation, time and costs of conducting discovery have become exceedingly important when litigants plan their discovery strategies. Rather than incurring the costs of having lawyers review every document produced in response to a discovery request in search of relevant evidence, a cost effective strategy for document review planning is to use statistical sampling of the database of documents to determine the likelihood of finding relevant evidence by reviewing additional documents. This paper reviews and discusses how sampling can be used to make document review more …

Go to article

Column: Every Last Byte, Simson Garfinkel Jan 2011

Column: Every Last Byte, Simson Garfinkel

Journal of Digital Forensics, Security and Law

Inheritance powder is the name that was given to poisons, especially arsenic, that were commonly used in the 17th and early 18th centuries to hasten the death of the elderly. For most of the 17th century, arsenic was deadly but undetectable, making it nearly impossible to prove that someone had been poisoned. The first arsenic test produced a gas—hardly something that a scientist could show to a judge. Faced with a growing epidemic of poisonings, doctors and chemists spent decades searching for something better

Go to article

A Case Study In Forensic Analysis Of Control, Fred Cohen Jan 2011

A Case Study In Forensic Analysis Of Control, Fred Cohen

Journal of Digital Forensics, Security and Law

This paper describes a case study in which a method for forensic analysis of control was applied to resolve probative technical issues in a legal action. It describes one instance in which the analysis was successfully applied without challenge, addresses the details of most of the different facets of the analysis method, and demonstrates how such analysis provides a systematic approach to using technical methods to address legal issues as a case study.

Go to article

Judges’ Awareness, Understanding, And Application Of Digital Evidence, Gary C. Kessler Jan 2011

Judges’ Awareness, Understanding, And Application Of Digital Evidence, Gary C. Kessler

Journal of Digital Forensics, Security and Law

As digital evidence grows in both volume and importance in criminal and civil courts, judges need to fairly and justly evaluate the merits of the offered evidence. To do so, judges need a general understanding of the underlying technologies and applications from which digital evidence is derived. Due to the relative newness of the computer forensics field, there have been few studies on the use of digital forensic evidence and none about judges’ relationship with digital evidence. This paper describes a recent study, using grounded theory methods, into judges’ awareness, knowledge, and perceptions of digital evidence. This study is the …

Go to article

Technology Corner: Analysing E-Mail Headers For Forensic Investigation, M. T. Banday Jan 2011

Technology Corner: Analysing E-Mail Headers For Forensic Investigation, M. T. Banday

Journal of Digital Forensics, Security and Law

Electronic Mail (E-Mail), which is one of the most widely used applications of Internet, has become a global communication infrastructure service. However, security loopholes in it enable cybercriminals to misuse it by forging its headers or by sending it anonymously for illegitimate purposes, leading to e-mail forgeries. E-mail messages include transit handling envelope and trace information in the form of structured fields which are not stripped after messages are delivered, leaving a detailed record of e-mail transactions. A detailed header analysis can be used to map the networks traversed by messages, including information on the messaging software and patching policies …

Go to article

Kindle Forensics: Acquisition & Analysis, Peter Hannay Jan 2011

Kindle Forensics: Acquisition & Analysis, Peter Hannay

Journal of Digital Forensics, Security and Law

The Amazon Kindle eBook reader supports a wide range of capabilities beyond reading books. This functionality includes an inbuilt cellular data connection known as Whispernet. The Kindle provides web browsing, an application framework, eBook delivery and other services over this connection. The historic data left by user interaction with this device may be of forensic interest. Analysis of the Amazon Kindle device has resulted in a method to reliably extract and interpret data from these devices in a forensically complete manner.

Go to article

Column: The Consortium Of Digital Forensics Specialists (Cdfs), Christopher Kelly Jan 2011

Column: The Consortium Of Digital Forensics Specialists (Cdfs), Christopher Kelly

Journal of Digital Forensics, Security and Law

Digital forensic practitioners are faced with an extraordinary opportunity. In fact, we may never again be faced with such an opportunity, and this opportunity will challenge us in ways we may never again be challenged. At this point in the history of the Digital Forensics profession, digital forensic specialists have the unique opportunity to help this profession emerge from its infancy. But for this profession to mature -- and to flourish -- individuals and organizations integral to the practice must assemble and shape its future. This is our opportunity. In fact, this is our mandate.

Go to article

Developing A Forensic Continuous Audit Model, Grover S. Kearns, Katherine J. Barker, Stephen P. Danese Jan 2011

Developing A Forensic Continuous Audit Model, Grover S. Kearns, Katherine J. Barker, Stephen P. Danese

Journal of Digital Forensics, Security and Law

Despite increased attention to internal controls and risk assessment, traditional audit approaches do not seem to be highly effective in uncovering the majority of frauds. Less than 20 percent of all occupational frauds are uncovered by auditors. Forensic accounting has recognized the need for automated approaches to fraud analysis yet research has not examined the benefits of forensic continuous auditing as a method to detect and deter corporate fraud. The purpose of this paper is to show how such an approach is possible. A model is presented that supports the acceptance of forensic continuous auditing by auditors and management as …

Go to article

Column: The Physics Of Digital Information, Fred Cohen Jan 2011

Column: The Physics Of Digital Information, Fred Cohen

Journal of Digital Forensics, Security and Law

No abstract provided.

Go to article

Analysis Of Data Remaining On Second Hand Adsl Routers, Patryk Szewczyk Jan 2011

Analysis Of Data Remaining On Second Hand Adsl Routers, Patryk Szewczyk

Journal of Digital Forensics, Security and Law

In theory, an ADSL router can provide an additional layer of security to a wired and wireless network through; access control, wireless encryption, firewall rule sets, and network event logging. An ADSL router may also contain the users’ usage habits and broadband account credentials. However, end-users may be unaware of the intricacies of the security measures available and the potentially confidential information stored on their device. As a result a second hand ADSL router may contain a wealth of user-specific information if not wiped and disposed of in a secure manner. This paper shows the data that was acquired from …

Go to article

Exploring The Iphone Backup Made By Itunes, Mario Piccinelli, Paolo Gubian Jan 2011

Exploring The Iphone Backup Made By Itunes, Mario Piccinelli, Paolo Gubian

Journal of Digital Forensics, Security and Law

Apple’s™ iPhone™ is one of the widest selling mobile on the market, thanks to its simple and user-friendly interface and ever growing pool of available high quality applications for both personal and business use. The increasing use of the iPhone leads forensics practitioners towards the need for tools to access and analyze the information stored in the device. This research aims at describing the process to forensically analyze a logical backup of an iPhone made by the Apple iTunes™ utility, understanding the backup’s structure, and creating a simple tool to automate the process of decoding and analyzing the data. In …

Go to article

Book Review: Online Privacy: Issues In The Digital Age, Darlene M. Tester Jan 2011

Book Review: Online Privacy: Issues In The Digital Age, Darlene M. Tester

Journal of Digital Forensics, Security and Law

This book is one of a series of books Currie has written about online areas of concern. This is the sixth book in the series. The purpose of the book is to act as a primer for people in the IT field who may need a point of reference for Internet issues such as gaming, security and privacy. The book takes a high level look at the complexities of privacy online from social networking to hackers and provides insight into what the most pressing issues of privacy are online today.

Go to article

Working Inside The Box: An Example Of Google Desktop Search In A Forensic Examination, Timothy J. Latulippe Jan 2011

Working Inside The Box: An Example Of Google Desktop Search In A Forensic Examination, Timothy J. Latulippe

Journal of Digital Forensics, Security and Law

Information and the technological advancements for which mankind develops with regards to its storage has increased tremendously over the past few decades. As the total amount of data stored rapidly increases in conjunction with the amount of widely available computer-driven devices being used, solutions are being developed to better harness this data. These types of advancements are continually assisting investigators and computer forensic examiners. One such application which houses copious amounts of fruitful data is the Google Desktop Search program. Coupled with tested and verified techniques, examiners can exploit the power of this application to cater to their investigative needs. …

Go to article

Column: File Cabinet Forensics, Simson Garfinkel Jan 2011

Column: File Cabinet Forensics, Simson Garfinkel

Journal of Digital Forensics, Security and Law

Researchers can spend their time reverse engineering, performing reverse analysis, or making substantive contributions to digital forensics science. Although work in all of these areas is important, it is the scientific breakthroughs that are the most critical for addressing the challenges that we face. Reverse Engineering is the traditional bread-and-butter of digital forensics research. Companies like Microsoft and Apple deliver computational artifacts (operating systems, applications and phones) to the commercial market. These artifacts are bought and used by billions. Some have evil intent, and (if society is lucky), the computers end up in the hands of law enforcement. Unfortunately the …

Go to article

Legal Issues Regarding Digital Forensic Examiners Third Party Consent To Search, Thomas Lonardo, Doug White, Tricia P. Martland, Alan Rea Jan 2011

Legal Issues Regarding Digital Forensic Examiners Third Party Consent To Search, Thomas Lonardo, Doug White, Tricia P. Martland, Alan Rea

Journal of Digital Forensics, Security and Law

This paper focuses on Federal law as it relates to consent to search relating to Fourth Amendment privacy in the practice of Digital Forensics. In particular, Digital Examiners should be aware of how decisions in Federal Court may impact their ability to acquire evidence in both civil and criminal settings. Digital Forensics, being a relatively new field, is particularly subject to change as cases and appeals are decided. This paper provides an overview of relevant case law relating to issues in Digital Forensics. More importantly, our research provides Digital Forensic Examiners (DFE), as defined by Lonardo, White, and Rea (2008, …

Go to article

Technology Corner: Virtual Crime Scene Reconstruction: The Basics Of 3d Modeling, Nick V. Flor Jan 2011

Technology Corner: Virtual Crime Scene Reconstruction: The Basics Of 3d Modeling, Nick V. Flor

Journal of Digital Forensics, Security and Law

Digital crime scenes take place in the context of physical crime scenes. Virtual crime scene reconstruction is an activity where investigators create a 3- dimensional (3-D) model of an actual crime scene for the purpose of determining the events that lead to the crime. While virtual crime scene reconstruction is currently used for analyzing physical scenes, it can also help investigators visualize and explore ways digital media could have been used to perpetrate a crime. In this technology corner we explore one of the technologies underlying virtual crime scene reconstruction: 3-D modeling.

Go to article

Book Review: Iphone And Ios Forensics: Investigation, Analysis And Mobile Security For Apple Iphone, Ipad And Ios Devices, Christopher Schulte Jan 2011

Book Review: Iphone And Ios Forensics: Investigation, Analysis And Mobile Security For Apple Iphone, Ipad And Ios Devices, Christopher Schulte

Journal of Digital Forensics, Security and Law

These are exciting times for Digital Forensics practitioners. While our examinations of mobile devices (including cell phones and tablet computers) continue to bring new and sometimes hair-pulling challenges into our labs and on-site engagements, research and understanding of these tiny computers is increasing at what seems an exponential rate. This is especially true in the iOS (Apple Computer’s mobile operating system that powers the iPhone, iPad, iPod Touch and Apple TV) space. The diligent work of talented computer scientists in this field allows examiners everywhere to reap the benefits of easier, faster and more effective examinations that yield more accurate …

Go to article

Table Of Contents Jan 2011

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.

Go to article

Table Of Contents Jan 2011

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.

Go to article

Table Of Contents Jan 2011

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.

Go to article

Column: Putting The Science In Digital Forensics, Fred Cohen Jan 2011

Column: Putting The Science In Digital Forensics, Fred Cohen

Journal of Digital Forensics, Security and Law

In a recent study, digital forensics was found to lack a consensus around even the most basis notions and terminology of the field. To quote: “These two preliminary studies individually suggest that (1) scientific consensus in the area of digital forensic evidence examination is lacking in the broad sense, but that different groups within that overall community may have limited consensus around areas in which they have special expertise, and (2) that the current peerreviewed publication process is not acting to bring about the sorts of elements typically found in the advancement of a science toward such a consensus. ... …

Go to article

Technology Corner: Internet Packet Sniffers, Nick V. Flor, Kenneth Guillory Jan 2011

Technology Corner: Internet Packet Sniffers, Nick V. Flor, Kenneth Guillory

Journal of Digital Forensics, Security and Law

The best way to understand an internet packet sniffer, hereafter “packet sniffer”, is by analogy with a wiretap. A wiretap is a piece of hardware that allows a person to eavesdrop on phone conversations over a telephone network. Similarly, a packet sniffer is a piece of software that allows a person to eavesdrop on computer communications over the internet. A packet sniffer can be used as a diagnostic tool by network administrators or as a spying tool by hackers who can use it to steal passwords and other private information from computer users. Whether you are a network administrator or …

Go to article

A Survey Of Contemporary Enterprise Storage Technologies From A Digital Forensics Perspective, Gregory H. Carlton, Joseph Matsumoto Jan 2011

A Survey Of Contemporary Enterprise Storage Technologies From A Digital Forensics Perspective, Gregory H. Carlton, Joseph Matsumoto

Journal of Digital Forensics, Security and Law

As the proliferation of digital computational systems continue to expand, increasingly complex technologies emerge, including those regarding large, enterprise-wide, information storage and retrieval systems. Within this study, we examine four contemporary enterprise storage technologies. Our examination of these technologies is presented with an overview of the technological features of each offering and then followed with a discussion of the impact of these technologies on digital forensics methods, particularly regarding forensic data acquisition. We offer a general opinion concerning a recommended data acquisition method when faced with the task of obtaining a forensic image of data contained within these technologies, we …

Go to article

Technology Corner: Brute Force Password Generation -- Basic Iterative And Recursive Algorithms, Nick V. Flor, Haile Shannon Jan 2011

Technology Corner: Brute Force Password Generation -- Basic Iterative And Recursive Algorithms, Nick V. Flor, Haile Shannon

Journal of Digital Forensics, Security and Law

Most information systems are secured at minimum by some form of password protection. For various reasons a password may be unavailable, requiring some form of password recovery procedure. One such procedure is software-based automated password recovery, where a program attempts to log into a system by repeatedly trying different password combinations. At the core of such software is a password generator. This article describes the basic iterative and recursive algorithms for generating all possible passwords of a given length, which is commonly referred to as brute-force password generation. The paper ends with a discussion of alternative password recovery procedures one …

Go to article

Investigating Modern Communication Technologies: The Effect Of Internet-Based Communication Technologies On The Investigation Process, Matthew Simon, Jill Slay Jan 2011

Investigating Modern Communication Technologies: The Effect Of Internet-Based Communication Technologies On The Investigation Process, Matthew Simon, Jill Slay

Journal of Digital Forensics, Security and Law

Communication technologies are commonplace in modern society. For many years there were only a handful of communication technologies provided by large companies, namely the Public Switched Telephone Network (PSTN) and mobile telephony; these can be referred to as traditional communication technologies. Over the lifetime of traditional communication technologies has been little technological evolution and as such, law enforcement developed sound methods for investigating targets using them. With the advent of communication technologies that use the Internet – Internet-based or contemporary communication technologies – law enforcement are faced with many challenges. This paper discusses these challenges and their potential impact. It …

Go to article

Table Of Contents Jan 2011

Table Of Contents

Journal of Digital Forensics, Security and Law

No abstract provided.

Go to article