Topic
Digital forensics
About: Digital forensics is a research topic. Over the lifetime, 4270 publications have been published within this topic receiving 49676 citations. The topic is also known as: digital forensic science & Digital forensics.
Papers published on a yearly basis
Papers
More filters
••
TL;DR: A Harmonized Mobile Forensic Investigation Process Model (HMFIPM) is proposed for theMF field to unify and structure whole redundant investigation processes of the MF field to uncovering the MF transitions as well as identifying open and future challenges.
Abstract: Mobile Forensics (MF) field uses prescribed scientific approaches with a focus on recovering Potential Digital Evidence (PDE) from mobile devices leveraging forensic techniques. Consequently, increased proliferation, mobile-based services, and the need for new requirements have led to the development of the MF field, which has in the recent past become an area of importance. In this article, the authors take a step to conduct a review on Mobile Forensics Investigation Process Models (MFIPMs) as a step towards uncovering the MF transitions as well as identifying open and future challenges. Based on the study conducted in this article, a review of the literature revealed that there are a few MFIPMs that are designed for solving certain mobile scenarios, with a variety of concepts, investigation processes, activities, and tasks. A total of 100 MFIPMs were reviewed, to present an inclusive and up-to-date background of MFIPMs. Also, this study proposes a Harmonized Mobile Forensic Investigation Process Model (HMFIPM) for the MF field to unify and structure whole redundant investigation processes of the MF field. The paper also goes the extra mile to discuss the state of the art of mobile forensic tools, open and future challenges from a generic standpoint. The results of this study find direct relevance to forensic practitioners and researchers who could leverage the comprehensiveness of the developed processes for investigation.
31 citations
••
10 May 2019
TL;DR: A review of the IoT concept, digital forensics and the state-of-the-art on IoT forensics is presented and an exploration of the possible solutions proposed in recent research and IoT forensic challenges identified in the current research literature are examined.
Abstract: The IoT is capable of communicating and connecting billions of things at the same time. The concept offers numerous benefits for consumers that alters how users interact with the technology. With this said, however, such monumental growth within IoT development also gives rise to a number of legal and technical challenges in the field of IoT forensics. Indeed, there exist many issues that must be overcome if effective IoT investigations are to be carried out. This paper presents a review of the IoT concept, digital forensics and the state-of-the-art on IoT forensics. Furthermore, an exploration of the possible solutions proposed in recent research and IoT forensics challenges that are identified in the current research literature are examined. Picks apart the challenges facing IoT forensics which have been established in recent literature. Overall, this paper draws attention to the obvious problems – open problems which require further efforts to be addressed properly.
31 citations
••
05 Jun 2015TL;DR: This chapter conducted a number of experiments to locate data remnants of users' activities when utilizing the Ubuntu One cloud service, extracting a variety of potentially evidential items ranging from Ubuntu One databases and log files on persistent storage to remnants of user activities in device memory and network traffic.
Abstract: STorage as a Service (STaaS) cloud services have been adopted by both individuals and businesses as a dominant technology worldwide. Similar to other technologies, this widely accepted service can be misused by criminals. Investigating cloud platforms is becoming a standard component of contemporary digital investigation cases. Hence, digital forensic investigators need to have a working knowledge of the potential evidence that might be stored on cloud services. In this chapter, we conducted a number of experiments to locate data remnants of users' activities when utilizing the Ubuntu One cloud service. We undertook experiments based on common activities performed by users on cloud platforms including downloading, uploading, viewing, and deleting files. We then examined the resulting digital artifacts on a range of client devices, namely, Windows 8.1, Apple Mac OS X, and Apple iOS. Our examination extracted a variety of potentially evidential items ranging from Ubuntu One databases and log files on persistent storage to remnants of user activities in device memory and network traffic.
31 citations
••
TL;DR: Comparison and contrast the current guidelines involved in the forensic examinations of mobile devices and hard disk drives are compared and identified areas of mobile device examinations where current guidelines are different and could be lacking strength and solidity.
31 citations
••
TL;DR: Forensics is the use of science and technology to investigate and establish facts in criminal or civil courts of law to determine how the attack was carried out and what the attacker did.
Abstract: The dictionary defines forensics as “the use of science and technology to investigate and establish facts in criminal or civil courts of law.” I am more interested, however, in the usage common in the computer world: using evidence remaining after an attack on a computer to determine how the attack was carried out and what the attacker did. The standard approach to forensics is to see what can be retrieved after an attack has been made, but this leaves a lot to be desired. The first and most obvious problem is that successful attackers often go to great lengths to ensure that they cover their trails. The second is that unsuccessful attacks often go unnoticed, and even when they are noticed, little information is available to assist with diagnosis.
31 citations