Digital evidence

About: Digital evidence is a research topic. Over the lifetime, 1621 publications have been published within this topic receiving 18476 citations.

On the Creation of Reliable Digital Evidence

Abstract: Traditional approaches to digital forensics deal with the reconstruction of events within digital devices that were often not built for the creation of evidence. This paper focuses on incorporating requirements for forensic readiness – designing in features and characteristics that support the use of the data produced by digital devices as evidence. The legal requirements that such evidence must meet are explored in developing technical requirements for the design of digital devices. The resulting approach can be used to develop digital devices and establish processes for creating digital evidence. Incorporating the legal view early in device design and implementation can help ensure the probative value of the evidence produced the devices.

The Partial Digital Evidence Disclosure in Respect to the Instant Messaging Embedded in Viber Application Regarding an Android Smart Phone

Abstract: As Android Operating System (OS) for smart phones become pervasive, more and more end users are taking advantage of the contemporary Instant Messaging (IM) tools with high availability and agile mobility. Unfortunately, the cyber criminals or hacktivists are abusing this state-of-the-art mobile communication gadget to fulfill illegal conspiracies. The content with regard to the IM is a critical success factor in cracking some complicated cyber crime cases in a timely manner. The paper significantly contributes to the research arena of Digital Forensics (DF) practitioners and researchers respecting partial digital evidence disclosure in a generic Viber session in Android mobile OS due to the commonness of IM under contemporary ubiquitous on-demand computing infrastructures. Being accumulated with sophisticated researches both in Android smart phones and the Viber Application Program (AP), this paper is capable of utilizing some specific search string in regard to the image of the Random Access Memory (RAM) in order to disclose the digital breadcrumb in terms of the received IM and the cellular phone number in previous Viber sessions as probative evidenced in a court of law.

Method and apparatus for controlling digital evidence

Abstract: A method and apparatus for controlling digital evidence comprising creating a case record comprising information about an investigative case, electronically storing at least one piece of digital evidence into memory, and associating the stored at least one piece of evidence with the case record.

The impact of the antivirus on the digital evidence

Abstract: Digital forensics DF has a significant role in accusing cyber criminals and proving them guilty. A criminal, if possible, may manage to delete the crime evidences in order to deny her responsibility about the crime. As the antivirus AV becomes an essential security component, this paper studies the effect of the AV on the digital evidence. The AV intercepts many system operations to check if the involved data contain malicious contents. This paper studies the effect of the AV on data from forensics perspectives. We design representing experiments and check if the AV affects the RAM artefacts of the involved tasks. We test three common AVs and show that the AV has an obvious effect on the RAM artefacts. To the best of our knowledge, we are the first to study the impact of the AV on the digital evidence.

Forensic investigation and analysis on digital evidence discovery through physical acquisition on smartphone

Abstract: Cybercriminals are changing their strategies as users are less concerns on the smartphone and social networks security risks such as spams, that will threaten them as they are more dependent on the smartphone [1]. Thus, there's a need to perform the smartphone forensics analysis to retrieve and analysed the potentially great amounts and extremely valuable information on these devices. This paper investigates a wealth of personal and sensitive data by types of digital information as evidence and conducted forensic analysis on a popular smartphone Samsung Galaxy Note III. The standard approach applied to extract information from smartphone through physical acquisition and analysis using Cellebrite UFED. The results are presented to demonstrate the smartphone as a goldmine for investigators and as sources of digital evidence. Furthermore this research also presents the forensic tool and techniques for acquiring and examining digital evidence on this device. The evidence discovered include files, contacts, events of smartphone and social network data storage and location. The smartphone examined produced abundant user information and in total 98,127 artefacts were recovered. Performing the extraction and analysis of digital evidence over smartphone activities show the possibility of identifying potential suspects that could assist the forensic investigators in crime investigations.