Open Access. Powered by Scholars. Published by Universities.®
- Keyword
-
- Digital forensics (31)
- Computer forensics (17)
- Digital Forensics (15)
- Digital evidence (13)
- Forensics (12)
-
- Computer Forensics (9)
- Privacy (7)
- Data recovery (6)
- Information security (6)
- Cyber crime (5)
- Cyber security (5)
- Data disposal (5)
- Disk analysis (5)
- Visualization (5)
- Cyber forensics (4)
- Cybercrime (4)
- Digital Examiner (4)
- Evidence (4)
- Investigation (4)
- Mobile device forensics (4)
- Private Investigator (4)
- State Statutes (4)
- VoIP (4)
- Approximate matching (3)
- Clustering (3)
- Computer crime (3)
- Computer security (3)
- Data (3)
- ESI (3)
- Electronic evidence (3)
- Publication Year
- Publication
- Publication Type
Articles 1 - 30 of 396
Full-Text Articles in Computer Engineering
An Ml Based Digital Forensics Software For Triage Analysis Through Face Recognition, Gaurav Gogia, Parag H. Rughani
An Ml Based Digital Forensics Software For Triage Analysis Through Face Recognition, Gaurav Gogia, Parag H. Rughani
Journal of Digital Forensics, Security and Law
Since the past few years, the complexity and heterogeneity of digital crimes has increased exponentially, which has made the digital evidence & digital forensics paramount for both criminal investigation and civil litigation cases. Some of the routine digital forensic analysis tasks are cumbersome and can increase the number of pending cases especially when there is a shortage of domain experts. While the work is not very complex, the sheer scale can be taxing. With the current scenarios and future predictions, crimes are only going to become more complex and the precedent of collecting and examining digital evidence is only going …
The Exigency And How To Improve And Implement International Humanitarian Legislations More Advantageously In Times Of Both Cyber-Warfare And Cyberspace, Shawn J. Lalman
The Exigency And How To Improve And Implement International Humanitarian Legislations More Advantageously In Times Of Both Cyber-Warfare And Cyberspace, Shawn J. Lalman
Doctoral Dissertations and Master's Theses
This study provides a synopsis of the following topics: the prospective limiters levied on cyber-warfare by present–day international legislation; significant complexities and contentions brought up in the rendering & utilization of International Humanitarian Legislation against cyber-warfare; feasible repercussions of cyber-warfare on humanitarian causes. It is also to be contended and outlined in this research study that non–state actors can be held accountable for breaches of international humanitarian legislation committed using cyber–ordnance if sufficient resources and skill are made available. It details the factors that prosecutors and investigators must take into account when organizing investigations into major breaches of humanitarian legislation …
An Evaluation Framework For Digital Image Forensics Tools, Zainab Khalid, Sana Qadir
An Evaluation Framework For Digital Image Forensics Tools, Zainab Khalid, Sana Qadir
Journal of Digital Forensics, Security and Law
The boom of digital cameras, photography, and social media has drastically changed how humans live their day-to-day, but this normalization is accompanied by malicious agents finding new ways to forge and tamper with images for unlawful monetary (or other) gains. Disinformation in the photographic media realm is an urgent threat. The availability of a myriad of image editing tools renders it almost impossible to differentiate between photo-realistic and original images. The tools available for image forensics require a standard framework against which they can be evaluated. Such a standard framework can aid in evaluating the suitability of an image forensics …
Don't Bite The Bait: Phishing Attack For Internet Banking (E-Banking), Ilker Kara
Don't Bite The Bait: Phishing Attack For Internet Banking (E-Banking), Ilker Kara
Journal of Digital Forensics, Security and Law
Phishing attacks are based on obtaining desired information from users quickly and easily with the help of misdirecting, panicking, curiosity, or excitement. Most of the phishing web sites are designed on internet banking(e-banking) and the attackers can acquire financial information of misled users with the tactics and discourses they develop. Despite the increase of prevention techniques against phishing attacks day by day, an effective solution could not be found for this issue due to the human factor. Because of this reason, real phishing attack studies are essential to study and analyze the attackers’ attack techniques and strategies. This study focused …
A New Framework For Securing, Extracting And Analyzing Big Forensic Data, Hitesh Sachdev, Hayden Wimmer, Lei Chen, Carl Rebman
A New Framework For Securing, Extracting And Analyzing Big Forensic Data, Hitesh Sachdev, Hayden Wimmer, Lei Chen, Carl Rebman
Journal of Digital Forensics, Security and Law
Finding new methods to investigate criminal activities, behaviors, and responsibilities has always been a challenge for forensic research. Advances in big data, technology, and increased capabilities of smartphones has contributed to the demand for modern techniques of examination. Smartphones are ubiquitous, transformative, and have become a goldmine for forensics research. Given the right tools and research methods investigating agencies can help crack almost any illegal activity using smartphones. This paper focuses on conducting forensic analysis in exposing a terrorist or criminal network and introduces a new Big Forensic Data Framework model where different technologies of Hadoop and EnCase software are …
Understanding Deleted File Decay On Removable Media Using Differential Analysis, James H. Jones Jr, Anurag Srivastava, Josh Mosier, Connor Anderson, Seth Buenafe
Understanding Deleted File Decay On Removable Media Using Differential Analysis, James H. Jones Jr, Anurag Srivastava, Josh Mosier, Connor Anderson, Seth Buenafe
Annual ADFSL Conference on Digital Forensics, Security and Law
Digital content created by picture recording devices is often stored internally on the source device, on either embedded or removable media. Such storage media is typically limited in capacity and meant primarily for interim storage of the most recent image files, and these devices are frequently configured to delete older files as necessary to make room for new files. When investigations involve such devices and media, it is sometimes these older deleted files that would be of interest. It is an established fact that deleted file content may persist in part or in its entirety after deletion, and identifying the …
Harnessing Predictive Models For Assisting Network Forensic Investigations Of Dns Tunnels, Irvin Homem, Panagiotis Papapetrou
Harnessing Predictive Models For Assisting Network Forensic Investigations Of Dns Tunnels, Irvin Homem, Panagiotis Papapetrou
Annual ADFSL Conference on Digital Forensics, Security and Law
In recent times, DNS tunneling techniques have been used for malicious purposes, however network security mechanisms struggle to detect them. Network forensic analysis has been proven effective, but is slow and effort intensive as Network Forensics Analysis Tools struggle to deal with undocumented or new network tunneling techniques. In this paper, we present a machine learning approach, based on feature subsets of network traffic evidence, to aid forensic analysis through automating the inference of protocols carried within DNS tunneling techniques. We explore four network protocols, namely, HTTP, HTTPS, FTP, and POP3. Three features are extracted from the DNS tunneled traffic: …
A Forensic Email Analysis Tool Using Dynamic Visualization, Johannes Stadlinger, Andreas Dewald
A Forensic Email Analysis Tool Using Dynamic Visualization, Johannes Stadlinger, Andreas Dewald
Journal of Digital Forensics, Security and Law
Communication between people counts to the most important information of today’s business. As a result, in case of forensic investigations in big companies, analysis of communication data in general and especially email, as the still most widely used business communication platform with an immense and still growing volume, is a typical task in digital forensics. One of the challenges is to identify the relevant communication partners and structures in the suspects surrounding as quickly as possible in order to react appropriately and identify further targets of evaluation. Due to the amount of emails in typical inboxes, reading through all the …
Find Me If You Can: Mobile Gps Mapping Applications Forensic Analysis & Snavp The Open Source, Modular, Extensible Parser, Jason Moore, Ibrahim Baggili, Frank Breitinger
Find Me If You Can: Mobile Gps Mapping Applications Forensic Analysis & Snavp The Open Source, Modular, Extensible Parser, Jason Moore, Ibrahim Baggili, Frank Breitinger
Journal of Digital Forensics, Security and Law
The use of smartphones as navigation devices has become more prevalent. The ubiquity of hand-held navigation devices such as Garmins or Toms Toms has been falling whereas the ownership of smartphones and their adoption as GPS devices is growing. This work provides a comprehensive study of the most popular smartphone mapping applications, namely Google Maps, Apple Maps, Waze, MapQuest, Bing, and Scout, on both Android and iOS. It details what data was found, where it was found, and how it was acquired for each application. Based on the findings, the work allowed for the construction of a tool capable of …
Compression Of Virtual-Machine Memory In Dynamic Malware Analysis, James E. Fowler Ph.D.
Compression Of Virtual-Machine Memory In Dynamic Malware Analysis, James E. Fowler Ph.D.
Journal of Digital Forensics, Security and Law
Lossless compression of memory dumps from virtual machines that run malware samples is considered with the goal of significantly reducing archival costs in dynamic-malware-analysis applications. Given that, in such dynamic-analysis scenarios, malware samples are typically run in virtual machines just long enough to activate any self-decryption or other detection- avoidance maneuvers, the virtual-machine memory typically changes little from that of the baseline state, with the difference being attributable in large degree to the loading of additional executables and libraries. Consequently, delta coding is proposed to compress the current virtual-machine memory dump by coding its differences with respect to a predicted …
Table Of Contents
Journal of Digital Forensics, Security and Law
No abstract provided.
Special Issue Of Best Papers From The 11th International Conference On Systematic Approaches To Digital Forensic Engineering (Sadfe 2016)
Journal of Digital Forensics, Security and Law
The SADFE series feature the different editions of the International Conference on Systematic Approaches to Digital Forensics Engineering. Now in its eleventh edition, SADFE has established itself as the premier conference for researchers and practitioners working in Systematic Approaches to Digital Forensics Engineering.
SADFE 2016, the eleventh international conference on Systematic Approaches to Digital Forensic Engineering was held in Kyoto, Japan, September 20 - 22, 2016.
Digital forensics engineering and the curation of digital collections in cultural institutions face pressing and overlapping challenges related to provenance, chain of custody, authenticity, integrity, and identity. The generation, analysis and sustainability of digital …
Bloom Filters Optimized Wu-Manber For Intrusion Detection, Monther Aldwairi, Koloud Al-Khamaiseh, Fatima Alharbi, Babar Shah
Bloom Filters Optimized Wu-Manber For Intrusion Detection, Monther Aldwairi, Koloud Al-Khamaiseh, Fatima Alharbi, Babar Shah
Journal of Digital Forensics, Security and Law
With increasing number and severity of attacks, monitoring ingress and egress network traffic is becoming essential everyday task. Intrusion detection systems are the main tools for capturing and searching network traffic for potential harm. Signature-based intrusion detection systems are the most widely used, and they simply use a pattern matching algorithms to locate attack signatures in intercepted network traffic. Pattern matching algorithms are very expensive in terms of running time and memory usage, leaving intrusion detection systems unable to detect attacks in real-time. We propose a Bloom filters optimized Wu-Manber pattern matching algorithm to speed up intrusion detection. The Bloom …
The Impact Of Md5 File Hash Collisions On Digital Forensic Imaging, Gary C. Kessler
The Impact Of Md5 File Hash Collisions On Digital Forensic Imaging, Gary C. Kessler
Journal of Digital Forensics, Security and Law
The Message Digest 5 (MD5) hash is commonly used as for integrity verification in the forensic imaging process. The ability to force MD5 hash collisions has been a reality for more than a decade, although there is a general consensus that hash collisions are of minimal impact to the practice of computer forensics. This paper describes an experiment to determine the results of imaging two disks that are identical except for one file, the two versions of which have different content but otherwise occupy the same byte positions on the disk, are the same size, and have the same hash …
Leveraging The Windows Amcache.Hve File In Forensic Investigations, Bhupendra Singh, Upasna Singh
Leveraging The Windows Amcache.Hve File In Forensic Investigations, Bhupendra Singh, Upasna Singh
Journal of Digital Forensics, Security and Law
The Amcache.hve is a registry hive file that is created by Microsoft® Windows® to store the information related to execution of programs. This paper highlights the evidential potential of Amcache.hve file and its application in the area of user activity analysis. The study uncovers numerous artifacts retained in Amcache.hve file when a user performs certain actions such as running host-based applications, installation of new applications, or running portable applications from external devices. The results of experiments demonstrate that Amcache.hve file stores intriguing artifacts related to applications such as timestamps of creation and last modification of any application; name, description, publisher …
The 2016 Analysis Of Information Remaining On Computer Hard Disks Offered For Sale On The Second Hand Market In The Uae, Thomas Martin, Andy Jones, Mohammed Alzaabi
The 2016 Analysis Of Information Remaining On Computer Hard Disks Offered For Sale On The Second Hand Market In The Uae, Thomas Martin, Andy Jones, Mohammed Alzaabi
Journal of Digital Forensics, Security and Law
This research describes our survey of data remaining on computer hard disks sold on the second hand market in the United Arab Emirates (UAE). This is a repetition of the first survey conducted in 2012 (Jones, Martin, & Alzaabi, 2012). Similar studies have been carried over the last ten years in the United Kingdom, Australia, USA, Germany and France: (Jones, Mee, Meyler, & Gooch, 2005), (Jones, Valli, Sutherland, & Thomas, 2006), (Jones, Valli, Dardick, & Sutherland, 2008), (Jones, Valli, Dardick, & Sutherland, 2009). This research was undertaken to gain insight into the volumes of data found on second-hand disks purchased …
A New Distributed Chinese Wall Security Policy Model, Saad Fehis, Omar Nouali, Mohand-Tahar Kechadi
A New Distributed Chinese Wall Security Policy Model, Saad Fehis, Omar Nouali, Mohand-Tahar Kechadi
Journal of Digital Forensics, Security and Law
The application of the Chinese wall security policy model (CWSPM) to control the information flows between two or more competing and/or conflicting companies in cloud computing (Multi-tenancy) or in the social network, is a very interesting solution. The main goal of the Chinese Wall Security Policy is to build a wall between the datasets of competing companies, and among the system subjects. This is done by the applying to the subjects mandatory rules, in order to control the information flow caused between them. This problem is one of the hottest topics in the area of cloud computing (as a distributed …
The Impact Of Sha-1 File Hash Collisions On Digital Forensic Imaging: A Follow-Up Experiment, Gary C. Kessler
The Impact Of Sha-1 File Hash Collisions On Digital Forensic Imaging: A Follow-Up Experiment, Gary C. Kessler
Journal of Digital Forensics, Security and Law
A previous paper described an experiment showing that Message Digest 5 (MD5) hash collisions of files have no impact on integrity verification in the forensic imaging process. This paper describes a similar experiment applied when two files have a Secure Hash Algorithm (SHA-1) collision.
A Survey Of Social Network Forensics, Umit Karabiyik, Muhammed Abdullah Canbaz, Ahmet Aksoy, Tayfun Tuna, Esra Akbas, Bilal Gonen, Ramazan S. Aygun
A Survey Of Social Network Forensics, Umit Karabiyik, Muhammed Abdullah Canbaz, Ahmet Aksoy, Tayfun Tuna, Esra Akbas, Bilal Gonen, Ramazan S. Aygun
Journal of Digital Forensics, Security and Law
Social networks in any form, specifically online social networks (OSNs), are becoming a part of our everyday life in this new millennium especially with the advanced and simple communication technologies through easily accessible devices such as smartphones and tablets. The data generated through the use of these technologies need to be analyzed for forensic purposes when criminal and terrorist activities are involved. In order to deal with the forensic implications of social networks, current research on both digital forensics and social networks need to be incorporated and understood. This will help digital forensics investigators to predict, detect and even prevent …
Table Of Contents
Journal of Digital Forensics, Security and Law
No abstract provided.
Designing Laboratories For Small Scale Digital Device Forensics, Richard P. Mislan, Tim Wedge
Designing Laboratories For Small Scale Digital Device Forensics, Richard P. Mislan, Tim Wedge
Annual ADFSL Conference on Digital Forensics, Security and Law
The ubiquity of small scale digital devices (SSDD), the public’s ever increasing societal dependence on SSDD, and the continual presence of SSDD at all types of crime scenes, including non-technical and violent crimes, demand a formalized curriculum for the education and training of future cyber forensic examiners. This paper presents the various SSDD forensics labs currently in use and under development for future use at the Purdue University Cyber Forensics Laboratory. The primary objective of each module is to provide specific real-world cases for the learning, comprehension, and understanding of hands-on investigative techniques and methodologies. The purpose of this paper …
Network Forensic Investigation Of Internal Misuse/Crime In Saudi Arabia: A Hacking Case, Abdulrazaq Al-Murjan, Konstantinos Xynos
Network Forensic Investigation Of Internal Misuse/Crime In Saudi Arabia: A Hacking Case, Abdulrazaq Al-Murjan, Konstantinos Xynos
Annual ADFSL Conference on Digital Forensics, Security and Law
There are ad-hoc guidelines and a limited policy on computer incident response that does not include computer forensic preparation procedures (e.g. logging incidents). In addition, these guidelines do not consider the requirement of Islamic law for admissible evidence at an organisational level in Saudi Arabia. Network forensic investigation might breach the Saudi law if they follow ad-hoc or international digital forensic standards such as Association of Chief Police Officers (ACPO) guidelines. This might put the organisation in a costly situation when a malicious employee sues an Islamic court. This is because the law of Saudi Arabia is complying with Islamic …
Paper Session Ii: Computer Forensics Field Triage Process Model, Marcus K. Rogers, James Goldman, Rick Mislan, Timothy Wedge, Steve Debrota
Paper Session Ii: Computer Forensics Field Triage Process Model, Marcus K. Rogers, James Goldman, Rick Mislan, Timothy Wedge, Steve Debrota
Annual ADFSL Conference on Digital Forensics, Security and Law
With the proliferation of digital based evidence, the need for the timely identification, analysis and interpretation of digital evidence is becoming more crucial. In many investigations critical information is required while at the scene or within a short period of time - measured in hours as opposed to days. The traditional cyber forensics approach of seizing a system(s)/media, transporting it to the lab, making a forensic image(s), and then searching the entire system for potential evidence, is no longer appropriate in some circumstances. In cases such as child abductions, pedophiles, missing or exploited persons, time is of the essence. In …
Development Of A National Repository Of Digital Forensic Intelligence, Mark Weiser, David P. Biros, Greg Mosier
Development Of A National Repository Of Digital Forensic Intelligence, Mark Weiser, David P. Biros, Greg Mosier
Annual ADFSL Conference on Digital Forensics, Security and Law
Many people do all of their banking online, we and our children communicate with peers through computer systems, and there are many jobs that require near continuous interaction with computer systems. Criminals, however, are also “connected”, and our online interaction provides them a conduit into our information like never before. Our credit card numbers and other fiscal information are at risk, our children's personal information is exposed to the world, and our professional reputations are on the line.
The discipline of Digital Forensics in law enforcement agencies around the nation and world has grown to match the increased risk and …
Designing A Data Warehouse For Cyber Crimes, Il-Yeol Song, John D. Maguire, Ki Jung Lee, Namyoun Choi, Xiaohua Hu, Peter Chen
Designing A Data Warehouse For Cyber Crimes, Il-Yeol Song, John D. Maguire, Ki Jung Lee, Namyoun Choi, Xiaohua Hu, Peter Chen
Annual ADFSL Conference on Digital Forensics, Security and Law
One of the greatest challenges facing modern society is the rising tide of cyber crimes. These crimes, since they rarely fit the model of conventional crimes, are difficult to investigate, hard to analyze, and difficult to prosecute. Collecting data in a unified framework is a mandatory step that will assist the investigator in sorting through the mountains of data. In this paper, we explore designing a dimensional model for a data warehouse that can be used in analyzing cyber crime data. We also present some interesting queries and the types of cyber crime analyses that can be performed based on …
A Legal Examination Of Revenge Pornography And Cyber-Harassment, Thomas Lonardo, Tricia Martland, Doug White
A Legal Examination Of Revenge Pornography And Cyber-Harassment, Thomas Lonardo, Tricia Martland, Doug White
Journal of Digital Forensics, Security and Law
This paper examines the current state of the statutes in the United States as they relate to cyber-harassment in the context of "revenge porn". Revenge porn refers to websites which cater to those wishing to exploit, harass, or otherwise antagonize their ex partners using pornographic images and videos which were obtained during their relationships. The paper provide examples and illustrations as well as a summary of current statute in the United States. The paper additionally explores some of the various legal remedies available to victims of revenge pornography.
Special Issue On Cyberharassment Investigation: Advances And Trends, Joanne Bryce, Virginia N. L. Franqueira, Andrew Marrington
Special Issue On Cyberharassment Investigation: Advances And Trends, Joanne Bryce, Virginia N. L. Franqueira, Andrew Marrington
Journal of Digital Forensics, Security and Law
Empirical and anecdotal evidence indicates that cyberharassment is more prevalent as the use of social media becomes increasingly widespread, making geography and physical proximity irrelevant. Cyberharassment can take different forms (e.g., cyberbullying, cyberstalking, cybertrolling), and be motivated by the objectives of inflicting distress, exercising control, impersonation, and defamation. Little is currently known about the modus operandi of offenders and their psychological characteristics. Investigation of these behaviours is particularly challenging because it involves digital evidence distributed across the devices of both alleged offenders and victims, as well as online service providers, sometimes over an extended period of time. This special issue …
Differentiating Cyberbullies And Internet Trolls By Personality Characteristics And Self-Esteem, Lauren A. Zezulka, Kathryn C. Seigfried-Spellar
Differentiating Cyberbullies And Internet Trolls By Personality Characteristics And Self-Esteem, Lauren A. Zezulka, Kathryn C. Seigfried-Spellar
Journal of Digital Forensics, Security and Law
Cyberbullying and internet trolling are both forms of online aggression or cyberharassment; however, research has yet to assess the prevalence of these behaviors in relationship to one another. In addition, the current study was the first to investigate whether individual differences and self-esteem discerned between self-reported cyberbullies and/or internet trolls (i.e., Never engaged in either, Cyberbully-only, Troll-only, Both Cyberbully and Troll). Of 308 respondents solicited from Mechanical Turk, 70 engaged in cyberbullying behaviors, 20 engaged in only trolling behaviors, 129 self-reported both behaviors, and 89 self-reported neither behavior. Results yielded low self-esteem, low conscientiousness, and low internal moral values for …
The Impact Of Low Self-Control On Online Harassment: Interaction With Opportunity., Hyunin Baek, Michael M. Losavio, George E. Higgins
The Impact Of Low Self-Control On Online Harassment: Interaction With Opportunity., Hyunin Baek, Michael M. Losavio, George E. Higgins
Journal of Digital Forensics, Security and Law
Developing Internet technology has increased the rates of youth online harassment. This study examines online harassment from adolescents with low self-control and the moderating effect of opportunity. The data used in this study were collected by the Korea Institute of Criminology in 2009. The total sample size was 1,091. The results indicated that low self-control, opportunity, and gender have a significant influence on online harassment. However, these results differed according to gender; for males, low self-control significantly impacted online harassment; for females, however, only low self-control significantly impacted online harassment. Furthermore, the interaction between low self-control and opportunity did not …