Law Commons^™

Multiple Content Adaptive Intelligent Watermarking Schemes For The Protection Of Blocks Of A Document Image, Chetan Kr Mr., S Nirmala Dr.

Journal of Digital Forensics, Security and Law

Most of the documents contain different types of information such as white space, static information and dynamic information or mix of static and dynamic information. In this paper, multiple watermarking schemes are proposed for protection of the information content. The proposed approach comprises of three phases. In Phase-1, the edges of the source document image are extracted and the edge image is decomposed into blocks of uniform size. In Phase-2, GLCM features like energy, homogeneity, contrast and correlation are extracted from each block and the blocks are classified as no-information, static, dynamic and mix of static and dynamic information content …

Varying Instructional Approaches To Physical Extraction Of Mobile Device Memory, Joan Runs Through, Gary D. Cantrell

Journal of Digital Forensics, Security and Law

Digital forensics is a multidisciplinary field encompassing both computer science and criminal justice. This action research compared demonstrated skill levels of university students enrolled in a semester course in small device forensics with 54 hours of instruction in mobile forensics with an emphasis on physical techniques such as JTAG and Chip-Off extraction against the skill levels of industry professionals who have completed an accelerated 40 hour advanced mobile forensics training covering much of the same material to include JTAG and Chip-Off extraction. Participant backgrounds were also examined to determine if those participants with a background in computer science had an …

Digital Forensic Readiness In Organizations: Issues And Challenges, Nickson Menza Karie, Simon Maina Karume Dr.

Journal of Digital Forensics, Security and Law

With the evolution in digital technologies, organizations have been forced to change the way they plan, develop, and enact their information technology strategies. This is because modern digital technologies do not only present new opportunities to business organizations but also a different set of issues and challenges that need to be resolved. With the rising threats of cybercrimes, for example, which have been accelerated by the emergence of new digital technologies, many organizations as well as law enforcement agencies globally are now erecting proactive measures as a way to increase their ability to respond to security incidents as well as …

Broadband Router Security: History, Challenges And Future Implications, Patryk Szewczyk, Rose Macdonald

Journal of Digital Forensics, Security and Law

Consumer grade broadband routers are integral to accessing the Internet and are primarily responsible for the reliable routing of data between networks. Despite the importance of broadband routers, security has never been at the forefront of their evolution. Consumers are often in possession of broadband routers that are rich in consumer-orientated features yet riddled with vulnerabilities that make the routers susceptible to exploitation. This amalgamation of theoretical research examines consumer grade broadband routers from the perspective of how they evolved, what makes them vulnerable, how they are targeted and the challenges concerning the application of security. The research further explores …

Evidence Verification Complications With Solid-State Drives, Ryne Teague, Michael Black

Journal of Digital Forensics, Security and Law

Solid-state drives operate on a combination of technologies that create a barrier between the physical data being written and the digital forensics investigator. This barrier prevents the application of evidence verification methods developed for magnetic disk drives because the barrier prevents the investigator from directly controlling and therefore verifying that the underlying physical data has not been manipulated. The purpose of this research is to identify a period of inactivity where the underlying physical data is not being manipulated by wear leveling or garbage collection routines such that evidence can be reliably verified with existing hashing algorithms. An experiment is …

Cover Front

Journal of Digital Forensics, Security and Law

No abstract provided.

Front Matter

Journal of Digital Forensics, Security and Law

No abstract provided.

Back Matter

Journal of Digital Forensics, Security and Law

No abstract provided.

Cover Back

Journal of Digital Forensics, Security and Law

No abstract provided.

Private Life Safety Provision In Digital Age, Olga Anatolyevna Kuznetsova, Natalia Bondarenko

Journal of Digital Forensics, Security and Law

Digital technology nowadays covers all the spheres of life of an individual and society’s activities. With this, it is not a secret that it can be used both for the benefit and to the detriment of the person. In digital age, private life is becoming most vulnerable to arbitrary interference. This article considers various violations of the rights to privacy, communication safety and inviolability of privacy security brought in by the digital revolution. The article concludes that the most important task in the sphere of private life safety is to find a balance of interests of the state, the society …

Legislative Requirements For Cyber Peacekeeping, Nikolay Akatyev, Joshua I. James

Journal of Digital Forensics, Security and Law

Cyber Peacekeeping strives for the prevention, mitigation and cessation of cyber and physical conflicts. The creation of a Cyber Peacekeeping organization, however, has major legal and political implications. In this work we review current international legislation applicable for functions of Cyber Peacekeeping. Specifically, we analyze prominent works which contribute to definitions, law and ethics regulating cyber conflicts from the perspective of the creation of a CPK organization. Legislative and terminological foundations are analyzed and adopted from current practice. Further, this work analyzes guiding principles of global organizations such as ITU IMPACT, INTERPOL and regional organizations such as NATO and the …

Analysis Of Security In Big Data Related To Healthcare, Isabel De La Torre, Begoña García-Zapirain, Miguel López-Coronado

Journal of Digital Forensics, Security and Law

Big data facilitates the processing and management of huge amounts of data. In health, the main information source is the electronic health record with others being the Internet and social media. Health-related data refers to storage in big data based on and shared via electronic means. Why are criminal organisations interested in this data? These organisations can blackmail people with information related to their health condition or sell the information to marketing companies, etc. This article analyses healthcare-related big data security and proposes different solutions. There are different techniques available to help preserve privacy such as data modification techniques, cryptographic …

Public Security & Digital Forensics In The United States: The Continued Need For Expanded Digital Systems For Security, Deborah G. Keeling, Michael Losavio

Journal of Digital Forensics, Security and Law

Digital Forensics is one of the latest challenges for the use of forensics in the investigative process in the United States. Some of the challenges are created by conditions and circumstances present for law enforcement around the world. However, many are unique to the United States and created by the standards of evidence within our courts, nature of our law enforcement organizations, and structure of our judicial and prosecutorial systems. It is essential for the preservation of public security and individual safety that competent systems of digital forensics are developed for law enforcement at all levels. The failure to do …

The Use Of Information Technologies To Combat Counterfeit Alcohol Products And Ensure The Right To Life In Russia, Pavel Syosoevich Pastukhov, Svetlana Polyakova, Evelina Frolovich

Journal of Digital Forensics, Security and Law

The paper is aimed to analyze implementation of an integrated information system that provides forecasting, monitoring, prevention and elimination of possible threats, such as violation of information support of public authorities, businesses and municipal services and others as well as control of elimination of consequences of emergency situations and offenses with integration under its control action information and control duty subsystems, control, municipal services for their operational cooperation in the interests of of the municipality. In particular, it consideres how this unified system is applied in accounting of production volume and turnover of ethyl alcohol, alcoholic and alcohol-containing products (USAIS) …

Possession Of Child Exploitation Material In Computer Temporary Internet Cache, Sungmi Park, Yunsik Jake Jang, Joshua I. James

Journal of Digital Forensics, Security and Law

When considering the possession of child exploitation material U.S. and German courts have the same focus, but slightly different interpretations. This slight difference in interpretation could mean that in one country a defendant will be found guilty of possession while in the other country he or she could be found not guilty. In this work we examine the standards courts in Germany and the United States have used to combat child pornography, and analyze the approaches specifically related to viewing and possession of CEM. A uniform solution is suggested that criminalizes “knowing access with the intention to view” as a …

Back Matter

Journal of Digital Forensics, Security and Law

No abstract provided.

Front Matter

Journal of Digital Forensics, Security and Law

No abstract provided.

Editorial

Journal of Digital Forensics, Security and Law

No abstract provided.

Security And The Transnational Information Polity, Michael M. Losavio, Adel Said Elmaghraby

Journal of Digital Forensics, Security and Law

Global information and communications technologies create criminal opportunities in which criminal violation and physical proximity are decoupled. As in all our endeavors, the good become the prey of the bad. Murderous and venal exploitation of ICT has followed from the inception of the Internet, threatening all the good it brings and the trust we need so badly as a people. As the work continues to expand the implementation of Smart Cities and the Internet of Things, there will be more opportunities for exploitation of these technologies. We examine the social and liberty risks our data and technology-driven responses may entail.

Front Matter

Journal of Digital Forensics, Security and Law

No abstract provided.

Masthead

Journal of Digital Forensics, Security and Law

No abstract provided.

Back Matter

Journal of Digital Forensics, Security and Law

No abstract provided.

File Type Identification - Computational Intelligence For Digital Forensics, Konstantinos Karampidis, Giorgos Papadourakis

Journal of Digital Forensics, Security and Law

In modern world, the use of digital devices for leisure or professional reasons is growing quickly; nevertheless, criminals try to fool authorities and hide evidence in a computer by changing the file type. File type detection is a very demanding task for a digital forensic examiner. In this paper, a new methodology is proposed – in a digital forensics perspective- to identify altered file types with high accuracy by employing computational intelligence techniques. The proposed methodology is applied to the three most common image file types (jpg, png and gif) as well as to uncompressed tiff images. A three-stage process …

Applying A Contingency Framework To Digital Forensic Processes In Cloud Based Acquisitions, Diane Barrett

Journal of Digital Forensics, Security and Law

The change in business models to incorporate a wide variety of cloud computing environments has resulted in the escalation of computer crimes in the areas of security breaches and hacking. Methods to acquire evidence in a cloud computing environment are limited due to the complexity of the cloud environment. Since digital acquisition processes in cloud computing environments are still in the infancy stages, there have been no studies in the application of existing frameworks to this type environment based on traditional forensic processes.

This paper describes a qualitative study conducted to develop a robust contingency framework for deciding when to …

Towards A More Representative Definition Of Cyber Security, Daniel Schatz, Rabih Bashroush, Julie Wall

Journal of Digital Forensics, Security and Law

In recent years, ‘Cyber Security’ has emerged as a widely-used term with increased adoption by practitioners and politicians alike. However, as with many fashionable jargon, there seems to be very little understanding of what the term really entails. Although this is may not be an issue when the term is used in an informal context, it can potentially cause considerable problems in context of organizational strategy, business objectives, or international agreements. In this work, we study the existing literature to identify the main definitions provided for the term ‘Cyber Security’ by authoritative sources. We then conduct various lexical and semantic …

Sql Injection: The Longest Running Sequel In Programming History, Matthew Horner, Thomas Hyslip

Journal of Digital Forensics, Security and Law

One of the risks to a company operating a public-facing website with a Structure Query Language (SQL) database is an attacker exploiting the SQL injection vulnerability. An attacker can cause an SQL database to perform actions that the developer did not intend like revealing, modifying, or deleting sensitive data. This can cause a loss of confidentiality, integrity, and availability of information in a company’s database, and it can lead to severe costs of up to $196,000 per successful injection attack (NTT Group, 2014). This paper discusses the history of the SQL injection vulnerability, focusing on:

• How an attacker can exploit …

Forensic Cell Site Analysis: A Validation & Error Mitigation Methodology, John B. Minor

Journal of Digital Forensics, Security and Law

The E911 Initiative in the mid-1990s established an opportunity to obtain location specific digital evidence of subscriber activity from cellular carriers. Call Detail Records (CDR) containing Cell Site Location Information (CSLI) evidence production was made available from cellular carriers in response to the CALEA, 911 and ECPA acts. In the late 1990s, cellular carriers began to produce evidence for investigative and litigation purposes. CDR/CSLI evidence has become an important evidentiary focus in the courtroom. This research project resulted in the creation of a method of validating cellular carrier records accuracy and mitigating errors in forensic cell site analyst conclusions. The …

Signatures Of Viber Security Traffic, M.A.K. Sudozai, N. Habib, S. Saleem, A.A. Khan

Journal of Digital Forensics, Security and Law

Viber is one of the widely used mobile chat application which has over 606 million users on its platform. Since the recent release of Viber 6.0 in March/April 2016 and its further updates, Viber provides end-to-end encryption based on Open Whisper Signal security architecture. With proprietary communication protocol scattered on distributed cluster of servers in different countries and secure cryptographic primitives, Viber offers a difficult paradigm of traffic analysis. In this paper, we present a novel methodology of identification of Viber traffic over the network and established a model which can classify its services of audio and audio/video calls, message …

Protecting Digital Evidence Integrity And Preserving Chain Of Custody, Makhdoom Syed Muhammad Baqir Shah, Shahzad Saleem, Roha Zulqarnain

Journal of Digital Forensics, Security and Law

Evidence is the key to solve any crime. Evidence integrity needs to be protected in order to make it admissible in the court of law. Digital evidence is more revealing, but it is fragile; it can easily be tampered with or modified. There are different techniques available to protect the integrity of digital evidence. Different automated digital evidence acquisition tools are available in the market. In this paper, we have analyzed two automated tools (EnCase and FTK Imager) that are used for disk imaging. These tools claim to protect the integrity of digital evidence. The techniques used by these tools …

A Power Grid Incident Identification Based On Physically Derived Cyber-Event Detection, Travis Atkison, Nathan Wallace

Journal of Digital Forensics, Security and Law

This article proposes a cyber-event detection framework to aid in incident Identification and digital forensics cases aimed at investigating cyber crime committed against the critical infrastructure power grid. However, unlike other similar investigative techniques, the proposed approach examines only the physical information to derive a cyber conclusion. The developed framework extracts information from the physical parameters stored in historical databases of SCADA systems. The framework uses a pseudo-trusted model derived from randomly selected power system observations found in the historical databases. Afterwards, a technique known as Bayesian Model Averaging is used to average the models and create a more trusted …