Digital evidence

About: Digital evidence is a research topic. Over the lifetime, 1621 publications have been published within this topic receiving 18476 citations.

Improving Uncertainty in Chain of Custody for Image Forensics Investigation Applications

Abstract: Cybercrime investigations rely heavily on digital evidence to establish links between suspects and the criminal conduct they are allegedly involved in. As a result, digital evidence must be protected since it is complex, volatile, and susceptible to alteration. In the digital evidence method, the chain of custody (CoC) is essential. As a result of the CoC, it is possible to establish that the evidence was never tampered with. Due to the inherent uncertainty of digital evidence, the trustworthiness of the CoC cannot be judged at this time. It is the duty of forensic examiners to challenge this inclination and publicly admit the inherent ambiguity in whatever evidence they use to make their decisions. This article suggests a new paradigm for maintaining the integrity of digital evidence in order to overcome these challenges. To handle the uncertainty generated by error-prone technologies while dealing with CoC documents, the new paradigm used a fuzzy hash inside the blockchain data structure. Traditional hashing methods are only able to tell whether two inputs are precisely the same or not because they are sensitive to even the smallest input changes. Using fuzzy hash functions, we can figure out how dissimilar two images are by comparing their similarities. As an example of how this paradigm may be applied to computer systems and make digital investigations more successful, we utilize image forensics as the focus of an in-depth look at how it works.

On the use of Serious Games Technology to Facilitate Large-Scale Training in Cybercrime Response

Abstract: As technology becomes pervasive in everyday life, there are very few crimes that don’t have some ‘cyber’ element to them. The vast majority of crime now has some digital footprint; whether it’s from a CCTV camera, mobile phone or IoT device, there exists a vast range of technological devices with the ability to store digital evidence that could be of use during a criminal investigation. There is a clear requirement to ensure that digital forensic investigators have received up-to-date training on appropriate methods for the seizure, acquisition and analysis of digital devices. However, given the increasing number of crimes now involving a range of technological devices it is increasingly important for those police officers who respond to incidents of crime to have received appropriate training.The aim of our research is to transform the delivery of first responder training in tackling cybercrime.A project trialling the use of computer games technology to train officers in cybercrime response is described. A game simulating typical cybercrime scenes has been developed and its use in training first responders has been evaluated within Police Scotland. Overall, this approach to the large-scale provision of training (potentially to a whole force) is shown to offer potential.

Survey of Digital Forensics Technologies and Tools for Android based Intelligent Devices

Abstract: During the rapid development of mobile wireless technologies and applications, the Android operating system, due to its open-source characteristics, has become the most popular development platform in the smartphone market. Meanwhile, as Android-based intelligent mobiles devices experience a rapid increase in numbers, high-tech crimes involving such devices have become more versatile, affecting an ever increasing amount of data, thus making digital evidence an indispensable part of the evidence that needs to be seriously dealt with during crime investigations. Consequently, understanding the internal structure of Android and the various data operations in the file systems becomes necessary in Android-based digital forensics. In this paper, we survey the state-of-the-art of technologies in Android-based digital forensics and some popular tools in the aspects of data recovery and acquisition, file system analysis and data analysis. We also discuss some technical challenges and point out future research directions in Android-based digital forensics.

Investigating the Use of Online Open Source Information as Evidence in European Courts

Abstract: Online open source investigation is an inevitable trend. Researchers have also regarded investigating crimes with open source information as the new forensics. To be better prepared for the new forensics, it is essential to conduct research on the use of web-based evidence in courts. To investigate the use of online open source evidence in trial proceedings, we analyze the use of publicly available information on the Internet in European courts based on another publicly available information on the Internet: court records. We determine 29 European countries as the analysis scope, identify 31 legal databases as data sources, define the query keywords as top ten websites, collect 31514 court records and analyze four legal metadata from each record: name of court, date of decision, type of decision, and field of law. The analysis results show that (1) administrative courts utilize online open source information more than other court types; (2) the use of online open source information in trial proceedings has increased considerably over the past few years; (3) nearly two thirds of court records containing online open source information are judgment or decision; (4) over a quarter of court records with online open source information apply criminal laws; and (5) German court records include more online open source information than other 17 countries. The future work includes a thorough analysis of court records to examine whether the open source information is collected or analyzed from the Internet.

Digital cyber forensic email analysis and detection based on intelligent techniquesinvestigation

Abstract: The Internet has become open, public and widely used as a source of data transmission and exchanging messages between criminals, terrorists and those who have illegal motivations. Moreover, it can be used for exchanging important data between various military and financial institutions, or even ordinary citizens. One of the important means of exchanging information widely used on the Internet medium is the e-mail. Email messages are digital evidence that has been become one of the important means to adopt by courts in many countries and societies as evidence relied upon in condemnation, that prompts the researchers to work continuously to develop email analysis tool using the latest technologies to find digital evidence from email messages to assist the forensic expertise into to analyze email groups .This work presents a distinct technique for analyzing and classifying emails based on data processing and extraction, trimming, and refinement, clustering, then using the SWARM algorithm to improve the performance and then adapting support vector machine algorithm to classify these emails to obtain practical and accurate results. This framework, also proposes a hybrid English lexical Dictionary (SentiWordNet 3.0) for email forensic analysis, it contains all the sentiwords such as positive and negative and can deal with the Machine Learning algorithm. The proposed system is capable of learning in an environment with large and variable data. To test the proposed system will be select available data which is Enron Data set. A high accuracy rate is 92% was obtained in best case. The experiment is conducted the Enron email dataset corpus (May 7, 2015 Version of the dataset).