scispace - formally typeset
Search or ask a question
Topic

Digital evidence

About: Digital evidence is a research topic. Over the lifetime, 1621 publications have been published within this topic receiving 18476 citations.


Papers
More filters
Book ChapterDOI
28 Sep 2020
TL;DR: In this paper, a generic digital evidence framework, called CISMO, is presented to support LEAs in detecting and preventing different type of cyber-crime activities on Online Social Networks (OSNs).
Abstract: Nowadays, Online Social Networks (OSNs) has created a breeding ground for criminals to engage in cyber–crime activities, and the legal enforcement agencies (LEAs) are facing significant challenges since there is no consistent and generalized framework built specifically to analyse users’ misbehaviour and their social activity on these platforms. Data exchanged over these platforms represent an important source of information, even their characteristics such as unstructured nature, high volumes, velocity, and data inter–connectivity, become an obstacle for LEAs to analyse these data using traditional methods in order to provide it to the legal domain. Although numerous researches have been carried out on digital forensics, little focus has been employed on developing appropriate tools to exhaustively meet all the requirements of crime investigation targeting data integration, information sharing, collection and preservation of digital evidences. To bridge this gap, in our preliminary work we presented a generic digital evidence framework, called CISMO as a semantic tool that is able to support LEAs in detecting and preventing different type of crimes happening on OSNs. This paper gives details of the knowledge extraction layer of the framework. Specially, we mainly focus on analyses criminal social graph structures proving the effectiveness of CISMO in a case study with real criminal dataset. Experimental results reveal that applying appropriate Social Network Analyses (SNA), CISMO framework should be able to query and discover the criminal networks, empowering the criminal investigator to see the connections between people.

4 citations

Book ChapterDOI
04 Jan 2010
TL;DR: The AFF4 evidence container format as discussed by the authors provides a general solution to the problem of storing digital evidence, both in terms of copied bitstream images and general information that describes the images and context surrounding a case.
Abstract: It is well acknowledged that there is a pressing need for a general solution to the problem of storing digital evidence, both in terms of copied bitstream images and general information that describes the images and context surrounding a case In a prior paper, we introduced the AFF4 evidence container format, focusing on the description of an efficient, layered bitstream storage architecture, a general approach to representing arbitrary information, and a compositional approach to managing and sharing evidence This paper describes refinements to the representation schemes embodied in AFF4 that address the accurate representation of discontiguous data and the description of the provenance of data and information

4 citations

Book ChapterDOI
13 Feb 2005
TL;DR: In this paper, the basic issues related to the use of digital evidence in courts are investigated, in particular the basic legal test of authenticity of evidence with respect to an e-mail tool that can be used to manipulate evidence.
Abstract: This paper investigates basic issues related to the use of digital evidence in courts. In particular, it analyzes the basic legal test of authenticity of evidence with respect to an e-mail tool that can be used to manipulate evidence. The paper also examines the experiences and perceptions of U.S. state judicial officers regarding digital evidence, and reviews case law on how such evidence might be tested in the courts. Finally, it considers ethical and social issues raised by digital evidence and the mitigation of problems related to digital evidence.

4 citations

Proceedings ArticleDOI
Takayuki Sasaki1
30 Nov 2011
TL;DR: A system architecture based on the detection framework and cases in which it is used are described, and the effectiveness and the limitations of the proposed framework are discussed.
Abstract: Insider threats, such as information leakages, are big problems in many organizations. They are difficult to detect and control, because insiders such as employees have legitimate rights to access the organization's resources in order to carry out their responsibilities. For this reason, existing security systems such as firewalls, intrusion detection systems, and access control mechanisms are ineffective countermeasures. Therefore, a framework is being developed for detecting suspicious insiders by triggering monitoring and analysis of suspicious actions done to hide digital evidence. This framework first creates an event (called a "trigger") that will impel malicious members to behave suspiciously, for example, deleting digital data that may be evidence of their malicious behavior. In addition, the framework also monitors and analyzes actions by comparing operational logs before/after the trigger. This work is still in progress. Here, a system architecture based on the detection framework and cases in which it is used are described. Also, the effectiveness and the limitations of the proposed framework are discussed.

4 citations


Network Information
Related Topics (5)
Information privacy
25.4K papers, 579.6K citations
78% related
Cloud computing security
27.1K papers, 511.8K citations
77% related
Authentication
74.7K papers, 867.1K citations
77% related
Intrusion detection system
28.4K papers, 509.5K citations
76% related
Public-key cryptography
27.2K papers, 547.7K citations
75% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
20241
202387
2022206
202187
2020116
2019111