Topic
Digital forensics
About: Digital forensics is a research topic. Over the lifetime, 4270 publications have been published within this topic receiving 49676 citations. The topic is also known as: digital forensic science & Digital forensics.
Papers published on a yearly basis
Papers
More filters
01 Jan 2018
TL;DR: This paper presents FindEvasion, a cloud-oriented system for detecting environment-sensitive malware, and introduces a novel algorithm, named Mulitiple Behavioral Sequences Similarity (MBSS), to compare a suspicious program’s behavioral profiles observed in multiple analysis environments, and determine whether the suspicious program is an environment- sensitive malware or not.
Abstract: In recent years, environment-sensitive malwares are growing rapidly and they pose significant threat to cloud platforms. They may maliciously occupy the computing resources and steal the tenants’ private data. The environment-sensitive malware can identify the operating environment and perform corresponding malicious behaviors in different environments. This greatly increased the difficulty of detection. At present, the research on automatic detection of environment-sensitive malwares is still rare, but it has attracted more and more attention. In this paper, we present FindEvasion, a cloud-oriented system for detecting environment-sensitive malware. Our FindEvasion system makes full use of the virtualization technology to transparently extract the suspicious programs from the tenants’ Virtual Machine (VM), and analyzes them on our multiple operating environments. We introduce a novel algorithm, named Mulitiple Behavioral Sequences Similarity (MBSS), to compare a suspicious program’s behavioral profiles observed in multiple analysis environments, and determine whether the suspicious program is an environment-sensitive malware or not. The experiment results show that our approach produces better detection results when compared with previous methods.
15 citations
TL;DR: The paper proposes the use of Digital Evidence Bags as a suitable format for the evidential storage of information obtained from them, thus further illustrating the flexibility of the format and demonstrating the diverse range of devices that have to be handled within the digital investigation and law enforcement community.
15 citations
TL;DR: This paper demonstrates new methods for investigating Microsoft PowerPoint files that include some useful information about their own writing process that can help forensic examiners discover the relationships among several electronic documents and the traces of past work in some special cases.
15 citations
TL;DR: This paper shows how to use BOINC framework to control a network of hashcat-equipped nodes and provide a working solution for performing different cracking attacks and provides experimental results of multiple cracking tasks to demonstrate the applicability of this approach.
15 citations
13 Jun 2010
TL;DR: A neural network based framework is designed to approximate the stylized computational rules of interpolation algorithms for learning statistical inter-pixel correlation of interpolated images.
Abstract: Interpolated images have data redundancy, and special correlation exists among neighboring pixels, which is a crucial clue in digital forensics. We design a neural network based framework to approximate the stylized computational rules of interpolation algorithms for learning statistical inter-pixel correlation of interpolated images. The interpolation process is cognized from the interpolation results. Experiments are carried out on camera built-in Color Filter Array interpolation and super resolution: Three classifiers are trained to classify image interpolation algorithms, identify source cameras and uncover digital forgeries. Like the Wiener attack in watermarking, the special correlation can be reduced or transferred it to another image by our learned network.
15 citations