Open Access. Powered by Scholars. Published by Universities.®
- Keyword
-
- Digital forensics (31)
- Computer forensics (17)
- Digital Forensics (15)
- Digital evidence (13)
- Forensics (12)
-
- Computer Forensics (9)
- Privacy (7)
- Data recovery (6)
- Information security (6)
- Cyber crime (5)
- Cyber forensics (5)
- Data disposal (5)
- Disk analysis (5)
- Visualization (5)
- Cyber security (4)
- Cybercrime (4)
- Digital Examiner (4)
- Evidence (4)
- Investigation (4)
- Mobile device forensics (4)
- Private Investigator (4)
- State Statutes (4)
- VoIP (4)
- Approximate matching (3)
- Clustering (3)
- Computer crime (3)
- Computer security (3)
- Data (3)
- ESI (3)
- Electronic evidence (3)
Articles 1 - 30 of 293
Full-Text Articles in Law
Towards Increasing Trust In Expert Evidence Derived From Malware Forensic Tools, Ian M. Kennedy, Blaine Price, Arosha Bandara
Towards Increasing Trust In Expert Evidence Derived From Malware Forensic Tools, Ian M. Kennedy, Blaine Price, Arosha Bandara
Journal of Digital Forensics, Security and Law
Following a series of high profile miscarriages of justice in the UK linked to questionable expert evidence, the post of the Forensic Science Regulator was created in 2008. The main objective of this role is to improve the standard of practitioner competences and forensic procedures. One of the key strategies deployed to achieve this is the push to incorporate a greater level of scientific conduct in the various fields of forensic practice. Currently there is no statutory requirement for practitioners to become accredited to continue working with the Criminal Justice System of England and Wales. However, the Forensic Science Regulator …
A Bit Like Cash: Understanding Cash-For-Bitcoin Transactions Through Individual Vendors, Stephanie J. Robberson, Mark R. Mccoy
A Bit Like Cash: Understanding Cash-For-Bitcoin Transactions Through Individual Vendors, Stephanie J. Robberson, Mark R. Mccoy
Journal of Digital Forensics, Security and Law
As technology improves and economies become more globalized, the concept of currency has evolved. Bitcoin, a cryptographic digital currency, has been embraced as a secure and convenient type of money. Due to its security and privacy for the user, Bitcoin is a good tool for conducting criminal trades. The Financial Crimes Enforcement Network (FinCEN) has regulations in place to make identification information of Bitcoin purchasers accessible to law enforcement, but enforcing these rules with cash-for-Bitcoin traders is difficult. This study surveyed cash-for-Bitcoin vendors in Oklahoma, Texas, Arkansas, Missouri, Kansas, Colorado, and New Mexico to determine personal demographic information, knowledge of …
Digital Forensic Readiness In Organizations: Issues And Challenges, Nickson Menza Karie, Simon Maina Karume Dr.
Digital Forensic Readiness In Organizations: Issues And Challenges, Nickson Menza Karie, Simon Maina Karume Dr.
Journal of Digital Forensics, Security and Law
With the evolution in digital technologies, organizations have been forced to change the way they plan, develop, and enact their information technology strategies. This is because modern digital technologies do not only present new opportunities to business organizations but also a different set of issues and challenges that need to be resolved. With the rising threats of cybercrimes, for example, which have been accelerated by the emergence of new digital technologies, many organizations as well as law enforcement agencies globally are now erecting proactive measures as a way to increase their ability to respond to security incidents as well as …
Legislative Requirements For Cyber Peacekeeping, Nikolay Akatyev, Joshua I. James
Legislative Requirements For Cyber Peacekeeping, Nikolay Akatyev, Joshua I. James
Journal of Digital Forensics, Security and Law
Cyber Peacekeeping strives for the prevention, mitigation and cessation of cyber and physical conflicts. The creation of a Cyber Peacekeeping organization, however, has major legal and political implications. In this work we review current international legislation applicable for functions of Cyber Peacekeeping. Specifically, we analyze prominent works which contribute to definitions, law and ethics regulating cyber conflicts from the perspective of the creation of a CPK organization. Legislative and terminological foundations are analyzed and adopted from current practice. Further, this work analyzes guiding principles of global organizations such as ITU IMPACT, INTERPOL and regional organizations such as NATO and the …
A Forensic Email Analysis Tool Using Dynamic Visualization, Johannes Stadlinger, Andreas Dewald
A Forensic Email Analysis Tool Using Dynamic Visualization, Johannes Stadlinger, Andreas Dewald
Journal of Digital Forensics, Security and Law
Communication between people counts to the most important information of today’s business. As a result, in case of forensic investigations in big companies, analysis of communication data in general and especially email, as the still most widely used business communication platform with an immense and still growing volume, is a typical task in digital forensics. One of the challenges is to identify the relevant communication partners and structures in the suspects surrounding as quickly as possible in order to react appropriately and identify further targets of evaluation. Due to the amount of emails in typical inboxes, reading through all the …
Find Me If You Can: Mobile Gps Mapping Applications Forensic Analysis & Snavp The Open Source, Modular, Extensible Parser, Jason Moore, Ibrahim Baggili, Frank Breitinger
Find Me If You Can: Mobile Gps Mapping Applications Forensic Analysis & Snavp The Open Source, Modular, Extensible Parser, Jason Moore, Ibrahim Baggili, Frank Breitinger
Journal of Digital Forensics, Security and Law
The use of smartphones as navigation devices has become more prevalent. The ubiquity of hand-held navigation devices such as Garmins or Toms Toms has been falling whereas the ownership of smartphones and their adoption as GPS devices is growing. This work provides a comprehensive study of the most popular smartphone mapping applications, namely Google Maps, Apple Maps, Waze, MapQuest, Bing, and Scout, on both Android and iOS. It details what data was found, where it was found, and how it was acquired for each application. Based on the findings, the work allowed for the construction of a tool capable of …
Compression Of Virtual-Machine Memory In Dynamic Malware Analysis, James E. Fowler Ph.D.
Compression Of Virtual-Machine Memory In Dynamic Malware Analysis, James E. Fowler Ph.D.
Journal of Digital Forensics, Security and Law
Lossless compression of memory dumps from virtual machines that run malware samples is considered with the goal of significantly reducing archival costs in dynamic-malware-analysis applications. Given that, in such dynamic-analysis scenarios, malware samples are typically run in virtual machines just long enough to activate any self-decryption or other detection- avoidance maneuvers, the virtual-machine memory typically changes little from that of the baseline state, with the difference being attributable in large degree to the loading of additional executables and libraries. Consequently, delta coding is proposed to compress the current virtual-machine memory dump by coding its differences with respect to a predicted …
Table Of Contents
Journal of Digital Forensics, Security and Law
No abstract provided.
Special Issue Of Best Papers From The 11th International Conference On Systematic Approaches To Digital Forensic Engineering (Sadfe 2016)
Journal of Digital Forensics, Security and Law
The SADFE series feature the different editions of the International Conference on Systematic Approaches to Digital Forensics Engineering. Now in its eleventh edition, SADFE has established itself as the premier conference for researchers and practitioners working in Systematic Approaches to Digital Forensics Engineering.
SADFE 2016, the eleventh international conference on Systematic Approaches to Digital Forensic Engineering was held in Kyoto, Japan, September 20 - 22, 2016.
Digital forensics engineering and the curation of digital collections in cultural institutions face pressing and overlapping challenges related to provenance, chain of custody, authenticity, integrity, and identity. The generation, analysis and sustainability of digital …
Bloom Filters Optimized Wu-Manber For Intrusion Detection, Monther Aldwairi, Koloud Al-Khamaiseh, Fatima Alharbi, Babar Shah
Bloom Filters Optimized Wu-Manber For Intrusion Detection, Monther Aldwairi, Koloud Al-Khamaiseh, Fatima Alharbi, Babar Shah
Journal of Digital Forensics, Security and Law
With increasing number and severity of attacks, monitoring ingress and egress network traffic is becoming essential everyday task. Intrusion detection systems are the main tools for capturing and searching network traffic for potential harm. Signature-based intrusion detection systems are the most widely used, and they simply use a pattern matching algorithms to locate attack signatures in intercepted network traffic. Pattern matching algorithms are very expensive in terms of running time and memory usage, leaving intrusion detection systems unable to detect attacks in real-time. We propose a Bloom filters optimized Wu-Manber pattern matching algorithm to speed up intrusion detection. The Bloom …
The Impact Of Md5 File Hash Collisions On Digital Forensic Imaging, Gary C. Kessler
The Impact Of Md5 File Hash Collisions On Digital Forensic Imaging, Gary C. Kessler
Journal of Digital Forensics, Security and Law
The Message Digest 5 (MD5) hash is commonly used as for integrity verification in the forensic imaging process. The ability to force MD5 hash collisions has been a reality for more than a decade, although there is a general consensus that hash collisions are of minimal impact to the practice of computer forensics. This paper describes an experiment to determine the results of imaging two disks that are identical except for one file, the two versions of which have different content but otherwise occupy the same byte positions on the disk, are the same size, and have the same hash …
Leveraging The Windows Amcache.Hve File In Forensic Investigations, Bhupendra Singh, Upasna Singh
Leveraging The Windows Amcache.Hve File In Forensic Investigations, Bhupendra Singh, Upasna Singh
Journal of Digital Forensics, Security and Law
The Amcache.hve is a registry hive file that is created by Microsoft® Windows® to store the information related to execution of programs. This paper highlights the evidential potential of Amcache.hve file and its application in the area of user activity analysis. The study uncovers numerous artifacts retained in Amcache.hve file when a user performs certain actions such as running host-based applications, installation of new applications, or running portable applications from external devices. The results of experiments demonstrate that Amcache.hve file stores intriguing artifacts related to applications such as timestamps of creation and last modification of any application; name, description, publisher …
The 2016 Analysis Of Information Remaining On Computer Hard Disks Offered For Sale On The Second Hand Market In The Uae, Thomas Martin, Andy Jones, Mohammed Alzaabi
The 2016 Analysis Of Information Remaining On Computer Hard Disks Offered For Sale On The Second Hand Market In The Uae, Thomas Martin, Andy Jones, Mohammed Alzaabi
Journal of Digital Forensics, Security and Law
This research describes our survey of data remaining on computer hard disks sold on the second hand market in the United Arab Emirates (UAE). This is a repetition of the first survey conducted in 2012 (Jones, Martin, & Alzaabi, 2012). Similar studies have been carried over the last ten years in the United Kingdom, Australia, USA, Germany and France: (Jones, Mee, Meyler, & Gooch, 2005), (Jones, Valli, Sutherland, & Thomas, 2006), (Jones, Valli, Dardick, & Sutherland, 2008), (Jones, Valli, Dardick, & Sutherland, 2009). This research was undertaken to gain insight into the volumes of data found on second-hand disks purchased …
A New Distributed Chinese Wall Security Policy Model, Saad Fehis, Omar Nouali, Mohand-Tahar Kechadi
A New Distributed Chinese Wall Security Policy Model, Saad Fehis, Omar Nouali, Mohand-Tahar Kechadi
Journal of Digital Forensics, Security and Law
The application of the Chinese wall security policy model (CWSPM) to control the information flows between two or more competing and/or conflicting companies in cloud computing (Multi-tenancy) or in the social network, is a very interesting solution. The main goal of the Chinese Wall Security Policy is to build a wall between the datasets of competing companies, and among the system subjects. This is done by the applying to the subjects mandatory rules, in order to control the information flow caused between them. This problem is one of the hottest topics in the area of cloud computing (as a distributed …
The Impact Of Sha-1 File Hash Collisions On Digital Forensic Imaging: A Follow-Up Experiment, Gary C. Kessler
The Impact Of Sha-1 File Hash Collisions On Digital Forensic Imaging: A Follow-Up Experiment, Gary C. Kessler
Journal of Digital Forensics, Security and Law
A previous paper described an experiment showing that Message Digest 5 (MD5) hash collisions of files have no impact on integrity verification in the forensic imaging process. This paper describes a similar experiment applied when two files have a Secure Hash Algorithm (SHA-1) collision.
A Survey Of Social Network Forensics, Umit Karabiyik, Muhammed Abdullah Canbaz, Ahmet Aksoy, Tayfun Tuna, Esra Akbas, Bilal Gonen, Ramazan S. Aygun
A Survey Of Social Network Forensics, Umit Karabiyik, Muhammed Abdullah Canbaz, Ahmet Aksoy, Tayfun Tuna, Esra Akbas, Bilal Gonen, Ramazan S. Aygun
Journal of Digital Forensics, Security and Law
Social networks in any form, specifically online social networks (OSNs), are becoming a part of our everyday life in this new millennium especially with the advanced and simple communication technologies through easily accessible devices such as smartphones and tablets. The data generated through the use of these technologies need to be analyzed for forensic purposes when criminal and terrorist activities are involved. In order to deal with the forensic implications of social networks, current research on both digital forensics and social networks need to be incorporated and understood. This will help digital forensics investigators to predict, detect and even prevent …
Table Of Contents
Journal of Digital Forensics, Security and Law
No abstract provided.
A Legal Examination Of Revenge Pornography And Cyber-Harassment, Thomas Lonardo, Tricia Martland, Doug White
A Legal Examination Of Revenge Pornography And Cyber-Harassment, Thomas Lonardo, Tricia Martland, Doug White
Journal of Digital Forensics, Security and Law
This paper examines the current state of the statutes in the United States as they relate to cyber-harassment in the context of "revenge porn". Revenge porn refers to websites which cater to those wishing to exploit, harass, or otherwise antagonize their ex partners using pornographic images and videos which were obtained during their relationships. The paper provide examples and illustrations as well as a summary of current statute in the United States. The paper additionally explores some of the various legal remedies available to victims of revenge pornography.
Special Issue On Cyberharassment Investigation: Advances And Trends, Joanne Bryce, Virginia N. L. Franqueira, Andrew Marrington
Special Issue On Cyberharassment Investigation: Advances And Trends, Joanne Bryce, Virginia N. L. Franqueira, Andrew Marrington
Journal of Digital Forensics, Security and Law
Empirical and anecdotal evidence indicates that cyberharassment is more prevalent as the use of social media becomes increasingly widespread, making geography and physical proximity irrelevant. Cyberharassment can take different forms (e.g., cyberbullying, cyberstalking, cybertrolling), and be motivated by the objectives of inflicting distress, exercising control, impersonation, and defamation. Little is currently known about the modus operandi of offenders and their psychological characteristics. Investigation of these behaviours is particularly challenging because it involves digital evidence distributed across the devices of both alleged offenders and victims, as well as online service providers, sometimes over an extended period of time. This special issue …
Differentiating Cyberbullies And Internet Trolls By Personality Characteristics And Self-Esteem, Lauren A. Zezulka, Kathryn C. Seigfried-Spellar
Differentiating Cyberbullies And Internet Trolls By Personality Characteristics And Self-Esteem, Lauren A. Zezulka, Kathryn C. Seigfried-Spellar
Journal of Digital Forensics, Security and Law
Cyberbullying and internet trolling are both forms of online aggression or cyberharassment; however, research has yet to assess the prevalence of these behaviors in relationship to one another. In addition, the current study was the first to investigate whether individual differences and self-esteem discerned between self-reported cyberbullies and/or internet trolls (i.e., Never engaged in either, Cyberbully-only, Troll-only, Both Cyberbully and Troll). Of 308 respondents solicited from Mechanical Turk, 70 engaged in cyberbullying behaviors, 20 engaged in only trolling behaviors, 129 self-reported both behaviors, and 89 self-reported neither behavior. Results yielded low self-esteem, low conscientiousness, and low internal moral values for …
The Impact Of Low Self-Control On Online Harassment: Interaction With Opportunity., Hyunin Baek, Michael M. Losavio, George E. Higgins
The Impact Of Low Self-Control On Online Harassment: Interaction With Opportunity., Hyunin Baek, Michael M. Losavio, George E. Higgins
Journal of Digital Forensics, Security and Law
Developing Internet technology has increased the rates of youth online harassment. This study examines online harassment from adolescents with low self-control and the moderating effect of opportunity. The data used in this study were collected by the Korea Institute of Criminology in 2009. The total sample size was 1,091. The results indicated that low self-control, opportunity, and gender have a significant influence on online harassment. However, these results differed according to gender; for males, low self-control significantly impacted online harassment; for females, however, only low self-control significantly impacted online harassment. Furthermore, the interaction between low self-control and opportunity did not …
Toward Online Linguistic Surveillance Of Threatening Messages, Brian H. Spitzberg, Jean Mark Gawron
Toward Online Linguistic Surveillance Of Threatening Messages, Brian H. Spitzberg, Jean Mark Gawron
Journal of Digital Forensics, Security and Law
Threats are communicative acts, but it is not always obvious what they communicate or when they communicate imminent credible and serious risk. This paper proposes a research- and theory-based set of over 20 potential linguistic risk indicators that may discriminate credible from non-credible threats within online threat message corpora. Two prongs are proposed: (1) Using expert and layperson ratings to validate subjective scales in relation to annotated known risk messages, and (2) Using the resulting annotated corpora for automated machine learning with computational linguistic analyses to classify non-threats, false threats, and credible threats. Rating scales are proposed, existing threat corpora …
Table Of Contents
Journal of Digital Forensics, Security and Law
No abstract provided.
Evidential Reasoning For Forensic Readiness, Yi-Ching Liao, Hanno Langweg
Evidential Reasoning For Forensic Readiness, Yi-Ching Liao, Hanno Langweg
Journal of Digital Forensics, Security and Law
To learn from the past, we analyse 1,088 "computer as a target" judgements for evidential reasoning by extracting four case elements: decision, intent, fact, and evidence. Analysing the decision element is essential for studying the scale of sentence severity for cross-jurisdictional comparisons. Examining the intent element can facilitate future risk assessment. Analysing the fact element can enhance an organization's capability of analysing criminal activities for future offender profiling. Examining the evidence used against a defendant from previous judgements can facilitate the preparation of evidence for upcoming legal disclosure. Follow the concepts of argumentation diagrams, we develop an automatic judgement summarizing …
Low Budget Forensic Drive Imaging Using Arm Based Single Board Computers, Eric Olson, Narasimha Shashidhar
Low Budget Forensic Drive Imaging Using Arm Based Single Board Computers, Eric Olson, Narasimha Shashidhar
Journal of Digital Forensics, Security and Law
Traditional forensic analysis of hard disks and external media typically involves a powered down machine and “dead analysis” of these devices. Forensic acquisition of hard drives and external media has traditionally been by one of several means: standalone forensic duplicator; using a hardware write-blocker or dock attached to a laptop, computer, workstation, etc., forensic operating systems that live boot from a USB, CD/DVD or virtual machines with preinstalled operating systems. Standalone forensics acquisition and imaging devices generally cost thousands of dollars. In this paper, we propose the use of single board computers as forensic imaging devices. Single board computers can …
In-The-Wild Residual Data Research And Privacy, William B. Glisson, Tim Storer, Andrew Blyth, George Grispos, Matt Campbell
In-The-Wild Residual Data Research And Privacy, William B. Glisson, Tim Storer, Andrew Blyth, George Grispos, Matt Campbell
Journal of Digital Forensics, Security and Law
As the world becomes increasingly dependent on technology, researchers in both industry and academia endeavor to understand how technology is used, the impact it has on everyday life, the artifact life-cycle and overall integrations of digital information. In doing so, researchers are increasingly gathering 'real-world' or 'in-the-wild' residual data, obtained from a variety of sources, without the explicit consent of the original owners. This data gathering raises significant concerns regarding privacy, ethics and legislation, as well as practical considerations concerning investigator training, data storage, overall security and data disposal. This research surveys recent studies of residual data gathered in-the-wild and …
Exploring Deviant Hacker Networks (Dhm) On Social Media Platforms, Samer Al-Khateeb, Kevin J. Conlan, Nitin Agarwal, Ibrahim Baggili, Frank Breitinger
Exploring Deviant Hacker Networks (Dhm) On Social Media Platforms, Samer Al-Khateeb, Kevin J. Conlan, Nitin Agarwal, Ibrahim Baggili, Frank Breitinger
Journal of Digital Forensics, Security and Law
Online Social Networks (OSNs) have grown exponentially over the past decade. The initial use of social media for benign purposes (e.g., to socialize with friends, browse pictures and photographs, and communicate with family members overseas) has now transitioned to include malicious activities (e.g., cybercrime, cyberterrorism, and cyberwarfare). These nefarious uses of OSNs poses a significant threat to society, and thus requires research attention. In this exploratory work, we study activities of one deviant groups: hacker groups on social media, which we term Deviant Hacker Networks (DHN). We investigated the connection between different DHNs on Twitter: how they are connected, identified …
Digital Forensics In Law Enforcement: A Needs Based Analysis Of Indiana Agencies, Teri A. Cummins Flory
Digital Forensics In Law Enforcement: A Needs Based Analysis Of Indiana Agencies, Teri A. Cummins Flory
Journal of Digital Forensics, Security and Law
Cyber crime is a growing problem, with the impact to society increasing exponentially, but the ability of local law enforcement agencies to investigate and successfully prosecute criminals for these crimes is unclear. Many national needs assessments have previously been conducted, and all indicated that state and local law enforcement did not have the training, tools, or staff to effectively conduct digital investigations, but very few have been completed recently. This study provided a current and localized assessment of the ability of Indiana law enforcement agencies to effectively investigate crimes involving digital evidence, the availability of training for both law enforcement …
Bytewise Approximate Matching: The Good, The Bad, And The Unknown, Vikram S. Harichandran, Frank Breitinger, Ibrahim Baggili
Bytewise Approximate Matching: The Good, The Bad, And The Unknown, Vikram S. Harichandran, Frank Breitinger, Ibrahim Baggili
Journal of Digital Forensics, Security and Law
Hash functions are established and well-known in digital forensics, where they are commonly used for proving integrity and file identification (i.e., hash all files on a seized device and compare the fingerprints against a reference database). However, with respect to the latter operation, an active adversary can easily overcome this approach because traditional hashes are designed to be sensitive to altering an input; output will significantly change if a single bit is flipped. Therefore, researchers developed approximate matching, which is a rather new, less prominent area but was conceived as a more robust counterpart to traditional hashing. Since the conception …