Digital evidence

About: Digital evidence is a research topic. Over the lifetime, 1621 publications have been published within this topic receiving 18476 citations.

Problem based learning in digital forensics

Abstract: The purpose of this paper is to compare and contrast the efforts of two universities to address the issue of providing computer forensics students with the opportunity to get involved in the practical aspects of forensic search and seizure procedures. The paper discusses the approaches undertaken by the University of Sunderland and the University of South Wales (Glamorgan) to give the students the opportunity to process a case from the crime scene through to the court room. In order to do this both institutions adopted a problem-based learning (PBL) approach – to reflect real-world solutions and encourage students to work in groups to seek further knowledge and understanding of the various processes and procedures – in particular the steps around search and seizure of digital evidence from a crime scene. The PBL activities at Sunderland and Glamorgan were designed in order to help the students understand the processes of digital crime scene analysis and search and seizure procedures and to give th...

A Framework for Integrating Multimodal Biometrics with Digital Forensics

Abstract: Multimodal biometrics represents various categories of morphological and intrinsic aspects with two or more computerized biological characteristics such as facial structure, retina, keystrokes dynamics, voice print, retinal scans, and patterns for iris, facial recognition, vein structure, scent, hand geometry, and signature recognition. The objectives of Digital Forensics (DF), on the other hand, is to inspect digital media in a forensically sound manner with the essence of identifying, discovering, recovering, analysing the artifacts and presenting facts and suggestions about the discovered information to any court of law or civil proceedings. Because the accuracy of biometric indicators may rarely be investigated during a digital forensic investigation processes, integrating digital forensics with multimodal biometrics can enable effective digital forensic investigations on multiple captured physiological and behavioural characteristics. This paper, therefore, presents a self-adaptive approach for integrating digital forensics with multimodal biometrics. This is motivated by the fact that, as of the time of writing this paper, there is lack of effective and standardised methods for performing digital investigation across multimodal biometric indicators. In addition, there are also no proper digital forensic biometric management strategies in place. For this reason, to enable effective digital investigations on multiple captured physiological and behavioural characteristics, this paper aims at proposing a framework that is meant to facilitate the integration of DF and multimodal biometrics. The framework is also meant to enhance the analysis of potential digital evidence during investigations. Integrating multimodal biometrics and digital forensics using the proposed framework gives a promising approach to add value especially in enforcing security measures in different systems as well as a restricting factor to unauthorized access key discoveries. The integration of digital forensics with multimodal biometrics is the main focus of this paper.

Applying distributed ledger technology to digital evidence integrity

Abstract: This paper examines the way in which blockchain technology can be used to improve the verification of integrity of evidence in digital forensics. Some background into digital forensic practices and blockchain technology are discussed to provide necessary context. A particular scalable method of verifying point-in-time existence of a piece of digital evidence, using the OpenTimestamps (OTS) service, is described, and tests are carried out to independently validate the claims made by the service. The results demonstrate that the OTS service is highly reliable with a zero false positive and false negative error rate for timestamp attestations, but that it is not suitable for timesensitive timestamping due to the variance of the accuracy of timestamps induced by block confirmation times in the Bitcoin blockchain.

Risk-Oriented Design Approach For Forensic-Ready Software Systems

Abstract: Digital forensic investigation is a complex and time-consuming activity in response to a cybersecurity incident or cybercrime to answer questions related to it. These typically are what happened, when, where, how, and who is responsible. However, answering them is often very laborious and sometimes outright impossible due to a lack of useable data. The forensic-ready software systems are designed to produce valuable on-point data for use in the investigation with potentially high evidence value. Still, the particular ways to develop these systems are currently not explored. This paper proposes consideration of forensic readiness within security risk management to refine specific requirements on forensic-ready software systems. The idea is to re-evaluate the taken security risk decisions with the aim to provide trustable data when the security measures fail. Additionally, it also considers possible disputes, which the digital evidence can solve. Our proposed approach, risk-oriented forensic-ready design, composes of two parts: (1) process guiding the identification of the requirements in the form of potential evidence sources, and (2) supporting BPMN notation capturing the potential evidence sources and their relationship. Together they are aimed to provide a high-level overview of the forensic-ready requirements within the system. Finally, the approach is demonstrated on an automated valet parking scenario, followed by a discussion regarding its impact and usefulness within the forensic readiness effort.

Communication Privacy Management and Digital Evidence in an Intimate Partner Violence Case

Abstract: This article uses a case study of an intimate partner violence criminal case to examine the relationship among communication privacy management, evidence acquisition and retrieval, and the use of digital evidence in criminal court. We followed the case of Krista and Alex (pseudonyms) for a period of four months from August 2017 to November 2017. Data were collected from observations in two locations: the digital forensics laboratory of the public defender who handled the case and the courtroom in which the trial took place. Findings indicate that the couple engaged in preemptive and after-the-fact privacy management strategies, which complicated the process of acquiring digital evidence and had implications for how the evidence was used at trial. The case study joins communication privacy management and legal research to show why digital evidence falls short as a “model witness” and may expose female complainants to greater privacy turbulence than male defendants.