Open Access. Powered by Scholars. Published by Universities.®
- Keyword
-
- Digital forensics (2)
- Banking (1)
- Binary files (1)
- Cache (1)
- Chip-off (1)
-
- Cloud Storage (1)
- Compliance (1)
- Cryptography (1)
- Cyber-attack (1)
- Data Erasing Tools (1)
- Data carving (1)
- Data extraction (1)
- Data recovery (1)
- Data wiping (1)
- Digital Forensics (1)
- Digital evidence (1)
- Digital investigation (1)
- Digital triage (1)
- Dropbox (1)
- Expert evidence (1)
- Federal Reserve (1)
- Fedwire (1)
- Fifth Amendment (1)
- Google Drive (1)
- Investigation (1)
- Law (1)
- Malware forensics (1)
- Mobile forensics (1)
- Mobile triage (1)
- PCI DSS (1)
Articles 1 - 9 of 9
Full-Text Articles in Law
A Forensic First Look At A Pos Device: Searching For Pci Dss Data Storage Violations, Stephen Larson, James Jones, Jim Swauger
A Forensic First Look At A Pos Device: Searching For Pci Dss Data Storage Violations, Stephen Larson, James Jones, Jim Swauger
Journal of Digital Forensics, Security and Law
According to the Verizon 2018 Data Breach Investigations Report, 321 POS terminals (user devices) were involved in about 14% of the 2,216 data breaches in 2017 (Verizon, 2018). These data breaches involved standalone POS terminals as well as associated controller systems. This paper examines a standalone Point-of-Sale (POS) system which is ubiquitous in smaller retail stores and restaurants. An attempt to extract unencrypted data and identify possible violations of the Payment Card Industry Data Security Standard (PCI DSS) requirement to protect stored cardholder data were be made. Persistent storage (flash memory chips) were removed from the devices and their contents …
Towards Increasing Trust In Expert Evidence Derived From Malware Forensic Tools, Ian M. Kennedy, Blaine Price, Arosha Bandara
Towards Increasing Trust In Expert Evidence Derived From Malware Forensic Tools, Ian M. Kennedy, Blaine Price, Arosha Bandara
Journal of Digital Forensics, Security and Law
Following a series of high profile miscarriages of justice in the UK linked to questionable expert evidence, the post of the Forensic Science Regulator was created in 2008. The main objective of this role is to improve the standard of practitioner competences and forensic procedures. One of the key strategies deployed to achieve this is the push to incorporate a greater level of scientific conduct in the various fields of forensic practice. Currently there is no statutory requirement for practitioners to become accredited to continue working with the Criminal Justice System of England and Wales. However, the Forensic Science Regulator …
Cryptography, Passwords, Privacy, And The Fifth Amendment, Gary C. Kessler, Ann M. Phillips
Cryptography, Passwords, Privacy, And The Fifth Amendment, Gary C. Kessler, Ann M. Phillips
Journal of Digital Forensics, Security and Law
Military-grade cryptography has been widely available at no cost for personal and commercial use since the early 1990s. Since the introduction of Pretty Good Privacy (PGP), more and more people encrypt files and devices, and we are now at the point where our smartphones are encrypted by default. While this ostensibly provides users with a high degree of privacy, compelling a user to provide a password has been interpreted by some courts as a violation of our Fifth Amendment protections, becoming an often insurmountable hurdle to law enforcement lawfully executing a search warrant. This paper will explore some of the …
A Two-Stage Model For Social Network Investigations In Digital Forensics, Anne David, Sarah Morris, Gareth Appleby-Thomas
A Two-Stage Model For Social Network Investigations In Digital Forensics, Anne David, Sarah Morris, Gareth Appleby-Thomas
Journal of Digital Forensics, Security and Law
This paper proposes a two-stage model for identifying and contextualizing features from artefacts created as a result of social networking activity. This technique can be useful in digital investigations and is based on understanding and the deconstruction of the processes that take place prior to, during and after user activity; this includes corroborating artefacts. Digital Investigations are becoming more complex due to factors such as, the volume of data to be examined; different data formats; a wide range of sources for digital evidence; the volatility of data and the limitations of some of the standard digital forensic tools. This paper …
What’S In The Cloud? - An Examination Of The Impact Of Cloud Storage Usage On The Browser Cache., Graeme Horsman
What’S In The Cloud? - An Examination Of The Impact Of Cloud Storage Usage On The Browser Cache., Graeme Horsman
Journal of Digital Forensics, Security and Law
Cloud storage is now a well established and popular service adopted by many individuals, often at limited or no cost. It provides users with the ability to store content on a cloud service provider’s infrastructure offering the benefit of redundancy, reliability, security, flexibility of access and the potential assumed liability of the provider for data loss within the contexts of a licensing agreement. Consequently, this form of remote storage provides a regulatory challenge as content which once resided upon a seized digital exhibit, available for scrutiny during a digital forensic investigatory, may no longer be present where attempting to acquire …
An Evaluation Of Data Erasing Tools, Andrew Jones, Isaac Afrifa
An Evaluation Of Data Erasing Tools, Andrew Jones, Isaac Afrifa
Journal of Digital Forensics, Security and Law
The permanent removal of data from media is a major area of concern mainly because of the misconception that once a file is deleted or storage media is formatted, it cannot be recovered. There has been the development of both commercial and freeware data erasing tools, which all claim complete file or disk erasure. This report analyzes the efficiency of a number of these tools in performing erasures on an electromechanical drive. It focuses on a selection of popular and modern erasing tools; taking into consideration their usability, claimed erasing standards and whether they perform complete data erasure with the …
Teaching Data Carving Using The Real World Problem Of Text Message Extraction From Unstructured Mobile Device Data Dumps, Gary D. Cantrell, Joan Runs Through
Teaching Data Carving Using The Real World Problem Of Text Message Extraction From Unstructured Mobile Device Data Dumps, Gary D. Cantrell, Joan Runs Through
Journal of Digital Forensics, Security and Law
Data carving is a technique used in data recovery to isolate and extract files based on file content without any file system guidance. It is an important part of data recovery and digital forensics, but it is also useful in teaching computer science students about file structure and binary encoding of information especially within a digital forensics program. This work demonstrates how the authors teach data carving using a real world problem they encounter in digital forensics evidence processing involving the extracting of text messages from unstructured small device binary extractions. The authors have used this problem for instruction in …
Cyber-Security Risks Of Fedwire, Mark J. Bilger
Cyber-Security Risks Of Fedwire, Mark J. Bilger
Journal of Digital Forensics, Security and Law
This paper will review the risks associated with the Federal Reserve's Fedwire network as a key resource necessary for the efficient function of the American financial system. It will examine the business model of the Fedwire system of real-time interbank transfers, the network characteristics of Fedwire, and the possibility of a successful attack on Fedwire and its potential impact on the U.S. financial system.