Digital forensics

About: Digital forensics is a research topic. Over the lifetime, 4270 publications have been published within this topic receiving 49676 citations. The topic is also known as: digital forensic science & Digital forensics.

Comparative Analysis of Volatile Memory Forensics: Live Response vs. Memory Imaging

Abstract: Traditionally, incident responders and digital forensic examiners have predominantly relied on live response for volatile data acquisition While this approach is popular, memory capacity has rapidly changed, making memory a valuable resource for digital investigation, by revealing not only running tasks, but also terminated and cached processes This research presents the impact and the limitations of the conventional volatile forensic method, live response, in comparison to the alternative method, memory image analysis The experiment's results demonstrate and we discuss the forensic effects of executing a live response toolkit, which alters the volatile data environment significantly in some cases and can overwrite potential evidence Memory image analysis is also leveraged as an alternative approach that helps mitigate the risk of losing volatile evidence such as terminated and cashed processes, which are ignored during live response This comparative analysis calls attention the capabilities of both methods in retrieving and recovering volatile data

State of the art in passive digital image forgery detection: copy-move image forgery

Abstract: Authenticating digital images is increasingly becoming important because digital images carry important information and due to their use in different areas such as courts of law as essential pieces of evidence. Nowadays, authenticating digital images is difficult because manipulating them has become easy as a result of powerful image processing software and human knowledge. The importance and relevance of digital image forensics has attracted various researchers to establish different techniques for detection in image forensics. The core category of image forensics is passive image forgery detection. One of the most important passive forgeries that affect the originality of the image is copy-move digital image forgery, which involves copying one part of the image onto another area of the same image. Various methods have been proposed to detect copy-move forgery that uses different types of transformations. The goal of this paper is to determine which copy-move forgery detection methods are best for different image attributes such as JPEG compression, scaling, rotation. The advantages and drawbacks of each method are also highlighted. Thus, the current state-of-the-art image forgery detection techniques are discussed along with their advantages and drawbacks.

InnoDB Database Forensics: Reconstructing Data Manipulation Queries from Redo Logs

Abstract: InnoDB is a powerful open-source storage engine for MySQL that gained much popularity during the recent years. This paper proposes methods for forensic analysis of InnoDB databases by analyzing the redo logs, primarily used for crash recovery within the storage engine. This new method can be very useful in forensic investigations where the attacker got admin privileges, or was the admin himself. While such a powerful attacker could cover tracks by manipulating the log files intended for fraud detection, data cannot be changed easily in the redo logs. Based on a prototype implementation, we show methods for recovering Insert, Delete and Update statements issued against a database.

Emerging Digital Forensics Applications for Crime Detection, Prevention, and Security

Abstract: Chang-Tsun Li received the B.E. degree in electrical engineering from Chung-Cheng Institute of Technology (CCIT), National Defense University, Taiwan, in 1987, the MSc degree in computer science from U. S. Naval Postgraduate School, USA, in 1992, and the Ph.D. degree in computer science from the University of Warwick, UK, in 1998. He was an associate professor of the Department of Electrical Engineering at CCIT during 1998-2002 and a visiting professor of the Department of Computer Science at U.S. Naval Postgraduate School in the second half of 2001. He is currently Professor of the Department of Computer Science at the University of Warwick, UK, a Fellow of British Computer Society, the Editor-in-Chief of the International Journal of Digital Crime and Forensics, an editor of the International Journal of Imaging (IJI) and an associate editor of the International Journal of Applied Systemic Studies (IJASS) and the International Journal of Computer Sciences and Engineering Systems (IJCSE). He has involved in the organisation of a number of international conferences and workshops and also served as member of the international program committees for several international conferences. He is also the coordinator of the international joint project entitled Digital Image and Video Forensics funded through the Marie Curie Industry-Academia Partnerships and Pathways (IAPP) under the EU’s Seventh Framework Programme from June 2010 to May 2014. His research interests include digital forensics, multimedia security, bioinformatics, computer vision, image processing, pattern recognition, evolutionary computation, machine learning and content-based image retrieval. Chang-Tsun Li (University of Warwick, UK)