Digital forensics

About: Digital forensics is a research topic. Over the lifetime, 4270 publications have been published within this topic receiving 49676 citations. The topic is also known as: digital forensic science & Digital forensics.

A Generic Digital Forensic Investigation Framework for Internet of Things (IoT)

Abstract: Although numerous researches have been carried on Internet of Things (IoT), little focus has been employed on how Digital Forensics (DF) techniques can be used to conduct Digital Forensic Investigations (DFIs) in IoT-based infrastructures. Up to this point, IoT has not fully adapted to DF techniques owing to the fact that the current DF tools and procedures are not able to meet the heterogeneity and distributed nature of the IoT infrastructures. As a result, gathering, examining and analysing potential evidence from IoT environments that may be used as admissible evidence in a court of law poses a challenge to DF investigators and Law Enforcement Agencies (LEA). Therefore, the problem addressed is that, at the time of writing this paper, there currently exist no accepted DF frameworks that can help to conduct DFIs in an IoT-based environment. Based on this premise, the authors have proposed a generic Digital Forensic Investigation Framework for IoT (DFIF-IoT) that is able to support future IoT investigative capabilities with a degree of certainty. The proposed framework includes the following advantage: It complies with the ISO/IEC 27043: 2015 which is an international standard for information technology, security techniques, incident investigation principles, and process. It is, therefore, the authors' opinion that if the proposed framework is successfully incorporated in future DF tool development, it will facilitate effective digital forensic crime investigation for IoT infrastructures.

Fog Computing: Issues and Challenges in Security and Forensics

Abstract: Although Fog Computing is defined as the extension of the Cloud Computing paradigm, its distinctive characteristics in the location sensitivity, wireless connectivity, and geographical accessibility create new security and forensics issues and challenges which have not been well studied in Cloud security and Cloud forensics In this paper, through an extensive review of the motivation and advantages of the Fog Computing and its unique features as well as the comparison on various scenarios between the Fog Computing and Cloud Computing, the new issues and challenges in Fog security and Fog forensics are presented and discussed The result of this study will encourage and promote more extensive research in this fascinating field, Fog security and Fog forensics

Mapping Process of Digital Forensic Investigation Framework

Abstract: Summary Digital forensics is essential for the successful prosecution of digital criminals which involve diverse digital devices such as computer system devices, network devices, mobile devices and storage devices. The digital forensic investigation must be retrieved to obtain the evidence that will be accepted in the court of law. Therefore, for digital forensic investigation to be performed successfully, there are a number of important steps that have to be taken into consideration. The aim of this paper is to produce the mapping process between the processes/activities and output for each phase in Digital Forensic Investigation Framework (DFIF). Existing digital forensic frameworks will be reviewed and then the mapping is constructed. The result from the mapping process will provide a new framework to optimize the whole investigation process.

Digital forensic text string searching: Improving information retrieval effectiveness by thematically clustering search results

Abstract: Current digital forensic text string search tools use match and/or indexing algorithms to search digital evidence at the physical level to locate specific text strings. They are designed to achieve 100% query recall (i.e. find all instances of the text strings). Given the nature of the data set, this leads to an extremely high incidence of hits that are not relevant to investigative objectives. Although Internet search engines suffer similarly, they employ ranking algorithms to present the search results in a more effective and efficient manner from the user's perspective. Current digital forensic text string search tools fail to group and/or order search hits in a manner that appreciably improves the investigator's ability to get to the relevant hits first (or at least more quickly). This research proposes and empirically tests the feasibility and utility of post-retrieval clustering of digital forensic text string search results - specifically by using Kohonen Self-Organizing Maps, a self-organizing neural network approach. This paper is presented as a work-in-progress. A working tool has been developed and experimentation has begun. Findings regarding the feasibility and utility of the proposed approach will be presented at DFRWS 2007, as well as suggestions for follow-on research.