Journal of Digital Forensic Practice 

About: Journal of Digital Forensic Practice is an academic journal. The journal publishes majorly in the area(s): Computer forensics & Digital forensics. It has an ISSN identifier of 1556-7281. Over the lifetime, 68 publications have been published receiving 951 citations.

The Dresden Image Database for Benchmarking Digital Image Forensics

Abstract: This article introduces and documents a novel image database specifically built for the purpose of development and benchmarking of camera-based digital forensic techniques. More than 14,000 images of various indoor and outdoor scenes have been acquired under controlled and thus widely comparable conditions from altogether 73 digital cameras. The cameras were drawn from only 25 different models to ensure that device-specific and model-specific characteristics can be disentangled and studied separately, as validated with results in this article. In addition, auxiliary images for the estimation of device-specific sensor noise pattern were collected for each camera. Another subset of images to study model-specific JPEG compression algorithms has been compiled for each model. The Dresden Image Database is freely available for scientific purposes. The database is intended to become a useful resource for researchers and forensic investigators. Using a standard database as a benchmark makes results more ...

Badvertisements: Stealthy Click-Fraud with Unwitting Accessories

Abstract: We describe a new type of threat to the Internet infrastructure, in the shape of a highly efficient but very well camouflaged click-fraud attack on the advertising infrastructure. The attack, which we refer to as a “badvertisement,” is described and experimentally verified on several prominent advertisement schemes. This stealthy attack can be thought of as a threatening mutation of spam and phishing attacks, with which it has many commonalities, except for the fact that it is not the targeted individual who is the victim in the attack, but the unwitting advertiser.

The Crimeware Landscape: Malware, Phishing, Identity Theft and Beyond

Abstract: “Crimeware” is software that performs illegal actions, unanticipated by a victim running the software, that are intended to yield financial or other benefits to the attacker. Crimeware is a ubiquitous fact of life in modern online interactions. It is distributed via a wide variety of mechanisms, and attacks are proliferating rapidly. For example, in the month of May 2006, at least 215 unique keyloggers—just one type of crimeware—were observed in the wild. Once installed, crimeware benefits the attacker in many ways, including theft of stored confidential data, denial-of-service extortion, spamming, click fraud, and aggregation of compromised information for further criminal activity. The installation and operation of crimeware and the varieties of countermeasures deployed suggest similarities of information flow and potential chokepoints.

Warkitting: The Drive-by Subversion of Wireless Home Routers

Abstract: In this article we introduce the notion of warkitting as the drive-by subversion of wireless home routers through unauthorized access by mobile WiFi clients. We describe how such attacks can be performed, evaluate the vulnerability of currently deployed wireless routers based on experimental data, and examine the impact of these attacks on Internet fraud. Our analysis shows that it is possible in practice to carry out warkitting attacks with low-cost equipment widely available today and that the volume of credential theft possible through warkitting exceeds current estimates of credential theft due to phishing. We discuss how to detect a warkitting attack in progress and show how to analyze warkitted routers for evidence linking it to the attackers.

Digital Evidence: Challenging the Presumption of Reliability

Abstract: There is a general tendency among courts to presume that forensic software reliably yields accurate digital evidence. As a judicial construct, this presumption is unjustified in that it is not tailored to separate accurate results from inaccurate ones. The authors illustrate this unfortunate truth by the presentation of two currently uncorrected weaknesses in popular computer forensic tools, methods, and assumptions. Some percentage of these forensic software errors (and ones like them) will necessarily have negative effects on parties, whether in terms of faulty criminal convictions or improper civil judgments. The authors argue that the collective value of these negative effects among parties is far larger than the costs of research and development required to prevent such negative effects. Under a purely rational economic approach to the law, this dynamic constitutes an inefficiency to be corrected through the proper application of rules. The authors advance two approaches to cure current defe...