Lens ID,Title,Date Published,Publication Year,Publication Type,Source Title,ISSNs,Publisher,Source Country,Author/s,Abstract,Volume,Issue Number,Start Page,End Page,Fields of Study,Keywords,MeSH Terms,Chemicals,Funding,Source URLs,External URL,PMID,DOI,Microsoft Academic ID,PMCID,Citing Patents Count,References,Citing Works Count,Is Open Access,Open Access License,Open Access Colour
000-084-741-857-185,Digital Forensics: Review of Issues in Scientific Validation of Digital Evidence,2018-04-01,2018,journal article,Journal of Information Processing Systems,1976913x,,,Humaira Arshad; Aman Jantan; Oludare Isaac Abiodun,"Digital forensics is a vital part of almost every criminal investigation given the amount of information available and the opportunities offered by electronic data to investigate and evidence a crime. However, in criminal justice proceedings, these electronic pieces of evidence are often considered with the utmost suspicion and uncertainty, although, on occasions are justifiable. Presently, the use of scientifically unproven forensic techniques are highly criticized in legal proceedings. Nevertheless, the exceedingly distinct and dynamic characteristics of electronic data, in addition to the current legislation and privacy laws remain as challenging aspects for systematically attesting evidence in a court of law. This article presents a comprehensive study to examine the issues that are considered essential to discuss and resolve, for the proper acceptance of evidence based on scientific grounds. Moreover, the article explains the state of forensics in emerging sub-fields of digital technology such as, cloud computing, social media, and the Internet of Things (IoT), and reviewing the challenges which may complicate the process of systematic validation of electronic evidence. The study further explores various solutions previously proposed, by researchers and academics, regarding their appropriateness based on their experimental evaluation. Additionally, this article suggests open research areas, highlighting many of the issues and problems associated with the empirical evaluation of these solutions for immediate attention by researchers and practitioners. Notably, academics must react to these challenges with appropriate emphasis on methodical verification. Therefore, for this purpose, the issues in the experiential validation of practices currently available are reviewed in this study. The review also discusses the struggle involved in demonstrating the reliability and validity of these approaches with contemporary evaluation methods. Furthermore, the development of best practices, reliable tools and the formulation of formal testing methods for digital forensic techniques are highlighted which could be extremely useful and of immense value to improve the trustworthiness of electronic evidence in legal proceedings.",14,2,346,376,Criminal investigation; Evidence-based practice; Privacy laws of the United States; Best practice; Open research; Digital evidence; Electronic data; Computer science; Engineering ethics; Digital forensics,,,,,https://www.koreascience.or.kr:443/article/JAKO201814442074731.pdf https://dblp.uni-trier.de/db/journals/jips/jips14.html#ArshadJA18 http://kiss.kstudy.com/thesis/thesis-view.asp?key=3592879 http://jips-k.org/q.jips?pn=547 https://doi.org/10.3745/JIPS.03.0095 https://www.koreascience.or.kr/article/JAKO201814442074731.page,https://dblp.uni-trier.de/db/journals/jips/jips14.html#ArshadJA18,,,2806350220,,0,,24,false,,
000-092-244-624-751,LIVE FORENSIK UNTUK ANALISA ANTI FORENSIK PADA WEB BROWSER STUDI KASUS BROWZAR,2019-02-15,2019,journal article,Indonesian Journal of Business Intelligence (IJUBI),26213923; 26213915,Alma Ata University Press,,Tri Rochmadi,"<jats:p>Cybercrime continues to increase and innovate along with the rapid development of internet and more easily accessible everywhere. Most business organizations have used the internet for its operations so that the use of browsers is a necessity to support work. So that the browser also adjusts to improve security on the user's side so that information accessed by users cannot be known by other users. Browzar is a browser that answers these challenges, where Browzar can run without having to be installed on the computer and automatically deletes information generated by the use of the browser itself. However, these advantages become a challenge for investigators because these advantages can be exploited by cybercriminals to eliminate, minimize existing digital evidence. This study intends to analyze and find digital evidence in criminal cases using Browzar with Live Forensic. Digital evidence is obtained using dumpit for data acquisition and forensic volatility memory and winhex to analyze data and information on RAM. Results of the study were able to obtain information that could be used for digital evidence on Browzar web browser, namely URL history, account used log in, namely username and password, timestamp, that is, the user access time to a web page.</jats:p>",1,1,32,,,,,,,https://ejournal.almaata.ac.id/index.php/IJUBI/article/viewFile/878/1126 https://core.ac.uk/download/268505205.pdf,http://dx.doi.org/10.21927/ijubi.v1i1.878,,10.21927/ijubi.v1i1.878,2990383679,,0,,1,true,cc-by-sa,gold
000-145-590-327-940,IFIP Int. Conf. Digital Forensics - Remote Upload of Evidence over Mobile Ad Hoc Networks,,2006,book chapter,IFIP Advances in Information and Communication Technology,18684238; 1868422x,Springer New York,Germany,Indrajit Ray,"In this work, we report on one aspect of an autonomous robot-based digital evidence acquisition system that we are developing. When forensic investigators operate within a hostile environment they may use remotely operated unmanned devices to gather digital evidence. These systems periodically upload the evidence to a remote central server using a mobile ad hoc network. In such cases, large pieces of information need to be fragmented and transmitted in an appropriate manner. To support proper forensic analysis, certain properties must ensured for each fragment of evidence — confidentiality during communication, authenticity and integrity of the data, and, most importantly, strong evidence of membership for fragments. This paper describes a framework to provide these properties for the robot-based evidence acquisition system under development.",222,,41,54,Mobile computing; Vehicular ad hoc network; Optimized Link State Routing Protocol; Digital evidence; Computer network; Adaptive quality of service multi-hop routing; Computer security; Computer science; Upload; Mobile ad hoc network; Wireless ad hoc network,,,,,https://rd.springer.com/chapter/10.1007/0-387-36891-4_4 https://dblp.uni-trier.de/db/conf/ifip11-9/df2006.html#Ray06 https://link.springer.com/content/pdf/10.1007/0-387-36891-4_4.pdf http://ui.adsabs.harvard.edu/abs/2006adf..book...41R/abstract https://link.springer.com/chapter/10.1007%2F0-387-36891-4_4,http://dx.doi.org/10.1007/0-387-36891-4_4,,10.1007/0-387-36891-4_4,1601526803,,0,019-150-878-613-969; 028-254-490-603-417; 030-870-743-906-848; 031-292-465-241-579; 036-175-649-910-721; 043-178-005-397-544; 051-885-039-137-049; 067-806-059-149-306; 068-423-735-378-816; 078-504-330-275-007; 084-710-456-064-525; 102-680-080-552-155; 166-931-549-493-224,0,true,,bronze
000-225-165-729-99X,Guidelines on Mobile Device Forensics,,2014,report,,,National Institute of Standards and Technology,,Richard P. Ayers; Wayne Jansen,"Mobile device forensics is the science of recovering digital evidence from a mobile device under forensically sound conditions using accepted methods. Mobile device forensics is an evolving specialty in the field of digital forensics. This guide attempts to bridge the gap by providing an indepth look into mobile devices and explaining technologies involved and their relationship to forensic procedures. This document covers mobile devices with features beyond simple voice communication and text messaging capabilities. This guide also discusses procedures for the validation, preservation, acquisition, examination, analysis, and reporting of digital information.",,,,,Mobile computing; Bridge (nautical); Mobile device; Digital evidence; Computer security; Computer science; Multimedia; Mobile Web; Mobile technology; Mobile device forensics; Digital forensics,,,,,https://www.nist.gov/publications/guidelines-mobile-device-forensics https://doi.org/10.6028/NIST.SP.800-101r1 http://dx.doi.org/10.6028/nist.sp.800-101r1 https://dx.doi.org/10.6028/nist.sp.800-101r1 https://csrc.nist.gov/publications/detail/sp/800-101/rev-1/final https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-101r1.pdf,http://dx.doi.org/10.6028/nist.sp.800-101r1,,10.6028/nist.sp.800-101r1,2716664989,,1,015-191-033-215-139; 024-385-303-080-230; 025-421-213-608-128; 044-719-321-480-425; 048-778-071-128-829; 063-377-383-491-594; 075-268-039-596-63X; 101-128-114-600-974; 105-940-731-754-568; 120-697-354-224-33X; 132-188-982-645-389; 159-516-414-584-397; 159-967-408-705-781; 169-670-674-810-694; 186-502-029-675-526; 199-172-967-270-034,82,false,,
000-360-120-513-679,Digital Forensics as a Service: A game changer,,2014,journal article,Digital Investigation,17422876,Elsevier BV,Netherlands,R.B. van Baar; H.M.A. van Beek; E.J. van Eijk,Abstract How is it that digital investigators are always busy and still never have enough time to actually dig deep into digital evidence? In this paper we will explore the current implementation of the digital forensic process and analyze factors that impact the efficiency of this process. Next we explain how in the Netherlands a Digital Forensics as a Service implementation reduced case backlogs and freed up digital investigators to help detectives better understand the digital material.,11,,S54,S62,Digital forensic process; Digital evidence; Digital material; Service implementation; Service (systems architecture); Computer security; Computer science; Process (engineering); Computer forensics; Digital forensics,,,,,https://www.sciencedirect.com/science/article/pii/S1742287614000127 https://core.ac.uk/display/82501077 http://www.sciencedirect.com/science/article/pii/S1742287614000127 https://dx.doi.org/10.1016/j.diin.2014.03.007 http://dx.doi.org/10.1016/j.diin.2014.03.007,http://dx.doi.org/10.1016/j.diin.2014.03.007,,10.1016/j.diin.2014.03.007,1967185460,,0,019-831-293-743-518; 024-735-069-822-749; 026-774-296-742-022; 033-877-222-136-260; 051-645-938-939-51X; 056-715-378-869-201; 079-070-981-899-105; 097-567-011-227-46X; 134-927-490-231-285; 199-172-967-270-034; 199-745-676-923-766,70,true,cc-by-nc-nd,hybrid
000-451-228-681-432,Digital Forensics: Legality of the Process in Cameroon,2015-08-05,2015,,,,,,Joan B. Ali,"In many  legal  systems today,  it  is  important  for  evidence  that  is obtained  for  use  in  any  judicial  proceedings,  especially criminal and civil prosecutions, to be obtained lawfully. In other words, evidence should be obtained and examined in such a way as to make it relied upon in court. Part III of the 2010 LAW N° 2010/012 OF 21 DECEMBER 2010, law relating to cyber security and cyber criminality in Cameroon creates a procedural law provision to punish criminal offence of cyber criminality, which has a significance on the acquisition, examination, and analysis of digital evidence; knowing that traditional digital forensic processes, most be legally authorized, so that they do not potentially contravene this law.  Cameroon is faced with constraints and limitations in the way digital evidence is interpreted and handled in the courts. These constraints are related to skills, time, laws, technology and cost. The huge limitation is the lack of experts with appropriate skills to carry out digital forensic processes. The legal implications and ramifications for both digital forensics experts, law enforcement, and the cases that they are engaged in are identified, and provide appropriate legal solutions to ensure that these digital forensic practitioners do not contravene the existing laws.",17,1,35,44,Political science; Law; Procedural law; Law enforcement; Digital evidence; Part iii; Computer security; Principle of legality; Process (engineering); Computer forensics; Digital forensics,,,,,http://ijcjournal.org/index.php/InternationalJournalOfComputer/article/download/428/359 http://ijcjournal.org/index.php/InternationalJournalOfComputer/article/view/428/0,http://ijcjournal.org/index.php/InternationalJournalOfComputer/article/view/428/0,,,1691139959,,0,072-712-275-844-913; 106-885-306-836-498; 130-217-725-914-477; 154-778-607-714-379; 199-745-676-923-766,0,false,,
000-834-604-587-705,SCSS (1) - A Digital Forensics Primer,2009-12-28,2009,book,Innovations and Advances in Computer Sciences and Engineering,,Springer Netherlands,,Gavin Wylie Manes,"Digital forensics experts are increasingly called upon for business, legal, and criminal investigations that include evidence extracted from digital devices. The use of digital evidence in the justice system has become a cornerstone for both civil and criminal cases in this country. The proper collection and analysis of digital information is critical to the usefulness of that evidence, and it is crucial to possess knowledge of both basic and advanced forensics analyses to consider during the investigative process.",,,369,372,Internet privacy; Criminal investigation; Justice (ethics); Cornerstone; Digital evidence; Computer science; Process (engineering); Civil procedure; Computer forensics; Digital forensics,,,,,https://rd.springer.com/chapter/10.1007/978-90-481-3658-2_64 https://link.springer.com/chapter/10.1007/978-90-481-3658-2_64 https://link.springer.com/content/pdf/10.1007%2F978-90-481-3658-2_64.pdf https://dblp.uni-trier.de/db/conf/cisse/scss2008-1.html#Manes08,http://dx.doi.org/10.1007/978-90-481-3658-2_64,,10.1007/978-90-481-3658-2_64,1567868449,,0,,1,false,,
001-160-306-268-480,Forensic analysis and evidence collection for web browser activity,,2016,conference proceedings article,2016 International Conference on Automatic Control and Dynamic Optimization Techniques (ICACDOT),,IEEE,,Apurva Nalawade; Smita Bharne; Vanita Mane,"Digital Forensics is a branch of forensic science. Today the internet users continue to grow day by day, therefore crimes related to the internet also increases. The process of digital forensic is using digital devices to extract the information and identify whether the device has been hacked before or being viewed. The prime objective of Digital Forensic is to gather the “evidence” of crime scene. Digital forensic is a continuation of computer forensic, it includes digital electronic technology likes mobile phone, printers. Web browser forensics is a major part within computer forensics, because an greater number of criminal and civil cases may be based on evidence collected from user internet activities. Both criminals as well as investigators use internet. Web browser is used by criminals to collect or inquire information for a new crime technique, to conceal his/her crime. Every moment criminal leaves the traces on computer while using web browser. This proof is found in the browser history, temporary files, index.dat, cookies, download files, unallocated space and the cache etc. In this paper, we studied major tools used for web browser analysis. Also, we compare them and find out its benefits and limitations.",,,518,522,Internet privacy; The Internet; Cache; World Wide Web; Crime scene; Mobile phone; Download; Computer science; Network forensics; Computer forensics; Digital forensics,,,,,http://ieeexplore.ieee.org/document/7877639/ https://ieeexplore.ieee.org/document/7877639/,http://dx.doi.org/10.1109/icacdot.2016.7877639,,10.1109/icacdot.2016.7877639,2603041533,,0,002-027-080-876-62X; 002-449-146-256-491; 019-851-756-578-933; 049-724-213-633-947; 061-529-672-595-522; 066-199-364-383-133; 140-202-585-278-528,11,false,,
001-603-662-465-288,SCSS (1) - Light Vehicle Event Data Recorder Forensics,,2008,book,Advances in Computer and Information Sciences and Engineering,,Springer Netherlands,,Jeremy S. Daily; Nathan Singleton; Beth Downing; Gavin W. Manes,"While traffic crash reconstruction focuses primarily on interpreting physical evidence, the proper generation and preservation of digital data from Event Data Recorders (EDRs) can provide invaluable evidence to crash reconstruction analysts. However, data collected from the EDR can be difficult to use and authenticate, as exemplified through the analysis of a General Motors 2001 Sensing and Diagnostic Module (SDM). Fortunately, advances in the digital forensics field and memory technology can be applied to EDR analysis in order to provide more complete and usable results. This paper presents a developmental model for EDR forensics, centered on the use of existing digital forensic techniques to preserve digital information stored in automobile event data recorders.",,,172,177,Crash; Digital data; Event data recorder; USable; Traffic crash; General motors; Field (computer science); Computer security; Computer science; Real-time computing; Digital forensics,,,,,https://rd.springer.com/chapter/10.1007/978-1-4020-8741-7_31 https://link.springer.com/chapter/10.1007/978-1-4020-8741-7_31 https://dblp.uni-trier.de/db/conf/cisse/scss2007-1.html#DailySDM07,http://dx.doi.org/10.1007/978-1-4020-8741-7_31,,10.1007/978-1-4020-8741-7_31,1515582711,,1,056-666-446-678-469; 068-110-213-474-15X; 074-838-048-441-475; 121-230-063-948-992,4,false,,
001-780-531-155-770,Windows Memory Forensic Data Visualization,2014-06-12,2014,,,,,,James B Baum,"Abstract : Modern criminal investigators face an increasing number of computer-related crimes that require the application of digital forensic science. The major challenge facing digital forensics practitioners is the complicated task of acquiring an understanding of the digital data residing in electronic devices. Currently, this task requires significant experience and background to correctly aggregate the data their tools provide from the digital artifacts. Most of the tools available present their results in text files or tree lists. It is up to the practitioner to mentally capture a global understanding of the state of the device at the time of seizure and find the items of evidentiary interest. This research focuses on the application of Information Visualization techniques to improve the analysis of digital forensic evidence from Microsoft Windows memory captures. The visualization tool developed in this work presents both global and local views of the evidence based on user interactions with the graphics. The resulting visualizations provide the necessary details for verifying digital artifacts and assists in locating additional items of relevance. This proof-of-concept model can be modified to support various digital forensic target platforms including Mac OS X, Linux, and Android.",,,,,Human–computer interaction; Digital artifact; World Wide Web; Data visualization; Digital data; Visualization; Computer science; Microsoft Windows; OS X; Computer forensics; Digital forensics,,,,,https://scholar.afit.edu/cgi/viewcontent.cgi?article=1515&context=etd https://apps.dtic.mil/dtic/tr/fulltext/u2/a602889.pdf https://scholar.afit.edu/etd/515/,https://apps.dtic.mil/dtic/tr/fulltext/u2/a602889.pdf,,,270389940,,0,,1,false,,
001-829-135-644-040,Advances in Digital Forensics IV - Advances in Digital Forensics IV,,2008,book,IFIP — The International Federation for Information Processing,15715736; 18612288,Springer US,Germany,Indrajit Ray; Sujeet Shenoi,"ADVANCES IN DIGITAL FORENSICS IV Edited by:IndrajitRayand Sujeet Shenoi Digital forensics deals with the acquisition, preservation, examination, analysis and presentation of electronic evidence. Networked computing, wireless communications and portable electronic devices have expanded the role of digital forensics beyond traditional computer crime investigations. Practically every crime now involves some aspect of digital evidence; digital forensics provides the techniques and tools to articulate this evidence. Digital forensics also has myriad intelligence applications. Furthermore, it has a vital role in information assurance -- investigations of security breaches yield valuable information that can be used to design more secure systems. Advances in Digital Forensics IV describes original research results and innovative applications in the emerging discipline of digital forensics. In addition, it highlights some of the major technical and legal issues related to digital evidence and electronic crime investigations. The areas of coverage include: - Themes and Issues - Evidence Recovery - Evidence Integrity - Evidence Management - Forensic Techniques - Network Forensics - Portable Electronic Device Forensics - Event Data Recorder Forensics - Novel Investigation Techniques - Forensic Tools This book is thefourth volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.9 on Digital Forensics, an international community of scientists, engineers and practitioners dedicated to advancing the state of the art of research and practice in digital forensics. The book contains a selection of twenty-eight edited papers from theFourth Annual IFIP WG 11.9 Conference on Digital Forensics, held at Kyoto University,Kyoto, Japanin the spring of 2008. Advances in Digital Forensics IV is an important resource for researchers, faculty members and graduate students, as well as for practitioners and individuals engaged in research and development efforts for the law enforcement and intelligence communities. Indrajit Rayis an Associate Professor of Computer Science at Colorado State University, Fort Collins, Colorado, USA. Sujeet Shenoi is the F.P. Walter Professor of Computer Science and a principal with the Center for Information Security at the University of Tulsa, Tulsa, Oklahoma, USA.",,,,,Engineering; Principal (computer security); Data science; Associate professor; Information assurance; Digital evidence; Computer security; Network forensics; Information security; Computer forensics; Digital forensics,,,,,https://link.springer.com/10.1007/978-0-387-84927-0,http://dx.doi.org/10.1007/978-0-387-84927-0,,10.1007/978-0-387-84927-0,2753335992,,0,,33,false,,
001-868-759-629-801,Comparative analysis on integrated digital forensic tools for digital forensic investigation,2020-04-01,2020,journal article,IOP Conference Series: Materials Science and Engineering,17578981; 1757899x,IOP Publishing,,Jae-Ung Lee; Wooyoung Soh,"As a variety of digital devices have recently become widely commercialized, digital forensics, a process where electronic information stored in digital devices is accurately identified, collected, preserved and analysed and the information is submitted to the court as evidence, is gaining enormous popularity. This paper analyses characteristics, applications, limitations of digital forensic tools and compare the tool with others in terms of ease of use, thereby helping investigators to adopt integrated digital forensic tools in their investigation.",834,1,012034,,Variety (cybernetics); Usability; Data science; Popularity; Electronic information; Digital forensic investigation; Computer science; Process (engineering); Digital forensics,,,,,https://iopscience.iop.org/article/10.1088/1757-899X/834/1/012034/pdf https://ui.adsabs.harvard.edu/abs/2020MS&E..834a2034L/abstract https://iopscience.iop.org/article/10.1088/1757-899X/834/1/012034,http://dx.doi.org/10.1088/1757-899x/834/1/012034,,10.1088/1757-899x/834/1/012034,3037684965,,0,025-038-687-609-155; 090-537-509-217-101; 115-204-360-176-558; 117-754-132-477-323; 124-566-352-741-128; 175-840-536-452-987,3,true,,gold
001-912-157-994-970,Intelligent Methods in Digital Forensics: State of the Art,2019-03-10,2019,book chapter,Lecture Notes in Networks and Systems,23673370; 23673389,Springer International Publishing,,Aleksandr Krivchenkov; Boriss Misnevs; Dmitry Pavlyuk,"This paper contains a review of modern intelligent methods’ applications for digital forensics. One of the main problems of digital forensics, which was investigated by authors, is related to the fact that a huge volume of data needs to be analysed for evidence of crime. The primary aim of this work is to improve this challenging forensic process through application of intelligent methods for analysis of digital evidences. The desired outcome of this work is to encourage advancing these methods in a forensic science discipline.",,,274,284,Work (electrical); Data science; Data needs; Intrusion detection system; Computer science; Process (engineering); State (computer science); Network forensics; Digital forensics,,,,,https://link.springer.com/chapter/10.1007/978-3-030-12450-2_26 https://rd.springer.com/chapter/10.1007/978-3-030-12450-2_26 https://link.springer.com/content/pdf/10.1007%2F978-3-030-12450-2_26.pdf,http://dx.doi.org/10.1007/978-3-030-12450-2_26,,10.1007/978-3-030-12450-2_26,2921873462,,0,003-309-775-687-325; 006-414-906-210-505; 006-934-598-460-981; 014-152-118-139-202; 020-235-679-001-570; 024-768-074-341-588; 025-665-915-896-09X; 029-793-051-206-363; 029-975-627-538-836; 032-202-166-951-620; 032-274-283-962-305; 039-356-190-065-588; 040-787-036-527-625; 045-402-624-268-617; 050-856-290-546-476; 073-194-524-558-213; 078-220-004-841-355; 083-578-059-674-117; 088-473-011-179-732; 092-605-156-244-28X; 098-748-261-333-651; 103-817-744-446-939; 108-799-603-782-432; 114-250-724-511-603; 115-479-842-029-123; 116-005-314-582-189; 131-883-271-504-211; 132-049-329-482-919; 155-063-496-030-974; 162-560-697-610-108,5,false,,
002-382-656-635-252,Digital Crime Evidence,,2020,book chapter,"Advances in Digital Crime, Forensics, and Cyber Terrorism",23270381; 23270373,IGI Global,,R. Parkavi; K Divya; V Sherry Ruth,"<jats:p>With the advent of computers, there came computer-related crimes; hence, there comes the need for cybercrime judicial proceedings. And for any trial, evidence plays an instrumental role in bringing the victim to justice. So, there is a need for digital evidence. Digital crime evidence forms a core for the field of computer forensics. Breaking down the term digital crime evidence to be understood in simple words, it is the collection of data and information that plays a crucial role in digital crime investigation and that is usually stored and transmitted in electronic formats. Digital evidence is defined as any data stored or transmitted using a computer that supports or refute a theory of how an offense occurred or that address critical elements of the offense such as intent or alibi. This data is commonly a combination of text, audio, images, and videos. This evidence is generally invisible, fragile, time-sensitive, and integrity will be lost if they are mishandled. </jats:p>",,,116,143,Computer science,,,,,https://www.igi-global.com/chapter/digital-crime-evidence/247290,http://dx.doi.org/10.4018/978-1-7998-1558-7.ch008,,10.4018/978-1-7998-1558-7.ch008,3001177485,,0,006-401-390-029-429; 019-698-064-288-240; 025-340-945-032-414; 048-299-122-258-861; 055-602-900-718-397; 067-844-385-207-96X; 080-619-211-902-700; 105-054-122-831-381; 110-842-440-678-798; 116-666-590-414-032; 170-178-683-706-89X; 172-835-612-828-603; 185-038-131-679-547,0,false,,
002-476-291-359-044,Digital image forensics: An affine transform robust copy-paste tampering detection,,2016,conference proceedings article,2016 10th International Conference on Intelligent Systems and Control (ISCO),,IEEE,,Anil Dada Warbhe; Rajiv V. Dharaskar; Vilas M. Thakare,"It became very easy today to capture and create digital photographs. It's no more a costlier affair, as most of the handheld electronic gadgets such as mobile phones are equipped with digital cameras. Today, there are ample PC and mobile apps available which are developed to manipulate captured photographs. One can easily take a picture, manipulate it with the installed app and make it viral through the internet. Hence, these digital photographs should not be interpreted as they speak. Digital images are the good proof of events and places. Hence, these digital photographs can be presented as evidence before a court of law. It becomes very important in such cases then, to prove the digital photographs in question to be original. Digital image forensics plays a vital role in such circumstances. Digital image forensics is a branch of digital forensics which deals with examining the digital photographs for their integrity and authenticity. In this paper, we present a digital image forensic method which can detect one of such image tampering. As images can be tampered in a number of ways, in this paper, we address a common case called as copy-paste tampering. Our proposed method is robust to affine transform; especially to rotation and scaling.",,,1,5,Digital image processing; Algorithm design; The Internet; Artificial intelligence; Mobile device; Computer vision; Computer science; Digital image; Digital forensics; Affine transformation; Robustness (computer science),,,,,https://ieeexplore.ieee.org/document/7727045/,http://dx.doi.org/10.1109/isco.2016.7727045,,10.1109/isco.2016.7727045,2548875060,,0,007-593-872-409-964; 014-946-983-191-042; 019-155-701-704-702; 019-461-243-164-715; 024-225-405-455-512; 034-121-155-020-714; 037-103-332-118-06X; 037-464-485-150-339; 040-499-338-725-508; 045-496-560-764-477; 049-947-315-991-428; 061-936-889-207-496; 063-891-549-168-52X; 065-037-301-489-012; 075-228-376-439-786; 076-704-896-134-67X; 078-719-866-421-103; 080-794-266-877-942; 090-691-753-970-360; 092-092-246-517-236; 097-461-557-468-286; 125-389-275-170-465; 132-355-978-858-838; 161-589-884-103-104; 173-881-114-277-726,5,false,,
002-525-099-038-388,THE ROLE AND STATUS OF DIGITAL FORENSIC EXPERIENCES IN ANALYZING DIGITAL EVIDENCE ON THE EVIDENCE OF CYBERCRIME CRIMINAL ACTION IN NORTH SUMATERA POLDA,2021-02-10,2021,,,,,,Zulkifli Zulkifli; Marlina Marlina; Adil Akhyar,"With regard to proving cybercrime, digital forensic or digital forensic laboratories are urgently needed, which aims to investigate and establish facts relating to criminal incidents and other legal issues. As for the problems in this study, namely: What is the legal arrangement of evidence in proving cyber crime? What is the authority of digital forensic experts in uncovering digital evidence on cyber crime? What are the obstacles found by digital forensic experts in the process of proving cyber crime?This type of research is empirical juridical research, while the nature of the research is descriptive analysis. This research uses several approaches, namely the law and conceptual approach. Research data sources consist of primary and secondary data. The data analysis used in this study is qualitative data analysis. Based on the results of the research, the evidence in proving cyber crime is obtained from electronic evidence in the form of electronic information and/or electronic documents relating to criminal acts. The collection of electronic evidence is carried out by the implementation of digital forensics by the North Sumatra Regional Police digital forensic expert. Electronic evidence, so that it can be used as electronic evidence and become legal evidence in evidence in court by meeting formal and material requirements as legal evidence. The authority of digital forensic experts relates to their position and function to explain and explain electronic evidence that is used as digital evidence in the process of proving cybercrime criminal cases as regulated in Article 184 paragraph (1) of the Criminal Procedure Code jo Article 5 paragraph (2) of the ITE Law. The obstacles of digital forensic experts in uncovering cybercrime cases include the nature of electronic evidence which is very vulnerable, because it is easily changed, deleted, or hidden by the culprit. Human resources who understand digital forensic are still weak, inadequate facilities and infrastructures and very limited budget.",3,1,156,175,Human resources; Internet privacy; Political science; Qualitative research; Paragraph; Cybercrime; Digital evidence; Criminal procedure; Function (engineering); Digital forensics,,,,,http://ejournal.steitholabulilmi.ac.id/index.php/metadata/article/view/51,http://ejournal.steitholabulilmi.ac.id/index.php/metadata/article/view/51,,,3167550083,,0,,0,false,,
002-545-683-320-858,IFIP Int. Conf. Digital Forensics - Detecting Hidden Data in Ext2/Ext3 File Systems,,,book chapter,Advances in Digital Forensics,,Kluwer Academic Publishers,,Scott Piper; Mark Davis; Gavin W. Manes; Sujeet Shenoi,"The use of digital forensic tools by law enforcement agencies has made it difficult for malicious individuals to hide potentially incriminating evidence. To combat this situation, the hacker community has developed anti-forensic tools that remove or hide electronic evidence for the specific purpose of undermining forensic investigations. This paper examines the latest techniques for hiding data in the popular Ext2 and Ext3 file systems. It also describes techniques for detecting hidden data in the reserved portions of these file systems.",,,245,256,Law enforcement; Hidden data; Information hiding; Computer security; Computer science; Network forensics; Design rule for Camera File system; Self-certifying File System; Digital forensics; Hacker,,,,,https://link.springer.com/chapter/10.1007/0-387-31163-7_20 https://link.springer.com/content/pdf/10.1007/0-387-31163-7_20.pdf https://dblp.uni-trier.de/db/conf/ifip11-9/df2005.html#PiperDMS05 https://rd.springer.com/chapter/10.1007/0-387-31163-7_20,http://dx.doi.org/10.1007/0-387-31163-7_20,,10.1007/0-387-31163-7_20,1502781218,,0,010-406-375-514-722; 085-214-277-668-01X; 104-899-693-163-469; 140-821-103-436-654,20,true,,bronze
002-730-269-239-581,Digital Multifunctional Devices: Forensic Value and Corporate Exposure,,2010,journal article,EDPACS,07366981; 19361009,Informa UK Limited,United Kingdom,Al Marcella,"Abstract. Traditional forensics professionals use, among other tools, fingerprinting blood splatter and ballistic analysis, DNA typing, and forensic pathology to make their case. Infosec professionals have to develop new tools for collecting, preserving, examining and evaluating electronic evidence in an effort to establish intent, culpability, motive, means, methods and loss, resulting from cyber-based crimes. Considering the increasing complexity of technology, and, as a result, the devices that may contain latent and incriminating digital evidence, due to a migration from aged analog devices to state-of-the-art digital multifunctional devices (MFDs), this article discusses these MFDs and their importance/role in cyber forensic investigations and the exposure, that they may represent to un-and under-prepared organizations.",41,1,1,11,Forensic science; Value (mathematics); Culpability; Digital evidence; Computer security; Computer science; Information security,,,,,https://www.taylorfrancis.com/books/9780429105500/chapters/10.1201/9780849383298-17 https://content.taylorfrancis.com/books/download?dac=C2014-0-33549-0&isbn=9780429105500&doi=10.1201/9780849383298-17&format=pdf http://www.tandfonline.com/doi/full/10.1080/07366980903458871 http://dl.acm.org/citation.cfm?id=1805153.1805154,http://dx.doi.org/10.1080/07366980903458871,,10.1080/07366980903458871,2039667994,,0,,0,false,,
002-887-236-141-671,Recovering Evidentiary E-mail for Non-Repudiation Forensics,2019-10-26,2019,journal article,International Journal of Innovative Technology and Exploring Engineering,22783075,Blue Eyes Intelligence Engineering and Sciences Engineering and Sciences Publication - BEIESP,,,"<jats:p>Computer Forensic, the upcoming branch of forensic science where acquiring, preserving, retrieving and presenting content processed electronically and stored digitally, is used for legal evidence in computer related crimes or any other unethical practice involving manipulation of digital content. Such digital content can take many forms which are manifested by different file formats and digital artifacts”. This paper concentrates on acquisition of deleted e-mail from mailbox of web servers satisfying two tier, three tier and n-tier technology. A detailed survey of several possibilities are included for non-repudiation forensic. A case study of a particular file type using suitable forensic tool is cited as a proof of concept towards this claimed inference to provide digital evidence in case of non-repudiation by sender and/or by receiver. This is simply conducted by using Encase a proprietary Digital forensic tools. The whole process is captured in step by step fashion to have a better understanding of the mechanism used. Recovery of files/emails have certain kinds of legal hurdles, the paper have addressed them as well. This paper contributes to the extend the recovered email can used as a ready digital evidence in any court of law.</jats:p>",8,11S2,551,557,Digital evidence; Computer science; Communication source; Computer forensics; Digital forensics; Digital content; Computer security; Process (computing); World Wide Web,,,,,,http://dx.doi.org/10.35940/ijitee.k1085.09811s219,,10.35940/ijitee.k1085.09811s219,,,0,,0,true,,gold
002-953-265-272-980,Investigating Cyberbullying on WhatsApp Using Digital Forensics Research Workshop,2020-08-20,2020,journal article,Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi),25800760,Ikatan Ahli Informatika Indonesia (IAII),," Riadi; null Sunardi; Panggah Widiandana","Cyberbullying in group conversations in one of the instant messaging applications is one of the conflicts that occur due to social media, specifically WhatsApp. This study conducted digital forensics to find evidence of cyberbullying by obtaining work in the Digital Forensic Research Workshop (DFRWS). The evidence was investigated using the MOBILedit Forensic Express tool as an application for evidence submission and the Cosine Similarity method to approve the purchase of cyberbullying cases. This research has been able to conduct procurement to reveal digital evidence on the agreement in the Group's features using text using MOBILedit. Identification using the Cosine method. Similarities have supported actions that lead to cyberbullying with different levels Improved Sqrt-Cosine (ISC) value, the largest 0.05 and the lowest 0.02 based on conversations against requests.",4,4,730,735,Internet privacy; Procurement; Cosine similarity; Digital evidence; Instant messaging; Computer science; Social media; Identification (information); Digital forensics,,,,,http://jurnal.iaii.or.id/index.php/RESTI/article/view/2161 https://www.jurnal.iaii.or.id/index.php/RESTI/article/download/2161/285,http://dx.doi.org/10.29207/resti.v4i4.2161,,10.29207/resti.v4i4.2161,3057937400,,0,,0,true,cc-by,gold
003-196-450-608-280,A Methodology for Investigating Software Failures Using Digital Forensics and Near-Miss Analysis,2017-09-09,2017,book chapter,Software Failure Investigation,,Springer International Publishing,,Jan H. P. Eloff; Madeleine Bihina Bella,"Inaccurate identification of the root cause of a software failure leads to the implementation of inappropriate countermeasures. This does not only hamper the prevention of their recurrence but also thwarts the correction of faulty software and obstructs the improvement of its quality and reliability. This chapter presents digital forensics as a suitable alternative for the investigation of software failures as it has the potential to provide sound evidence of the root cause of the software failure by making a scientific analysis of the available digital evidence. The distinctive characteristics of a forensic investigation that can contribute to the investigation of software failures are its use of scientific methods and techniques and its adherence to legal principles. A digital forensic investigation must follow a structured process to ensure forensic soundness of the evidence. The standard process model for a digital forensic investigation consisting of steps, such as acquisition, analysis and reporting, is adapted for the purposes of developing a sound process model for software failure investigations. This adapted digital forensic process model for software failure investigations consists of different phases such as evidence collection and root-cause analysis. Furthermore, the adapted digital forensic process model for software failure investigations leverages the concept of a near-miss management system to focus not only on the improvement of software failure investigations but also on the prevention of the reoccurrence of similar software failures.",,,39,56,Software engineering; Root cause analysis; Digital forensic process; Software; Digital evidence; Computer security; Computer science; Process (engineering); Identification (information); Digital forensics; Root cause,,,,,https://link.springer.com/chapter/10.1007/978-3-319-61334-5_4 https://rd.springer.com/chapter/10.1007/978-3-319-61334-5_4,http://dx.doi.org/10.1007/978-3-319-61334-5_4,,10.1007/978-3-319-61334-5_4,2752591052,,0,001-009-008-665-240; 017-815-064-018-299; 029-043-587-641-360; 031-684-675-143-830; 035-381-853-639-810; 039-713-365-187-767; 044-289-784-057-597; 055-101-428-781-265; 067-507-190-793-076; 074-503-617-334-537; 079-406-212-807-655; 087-665-408-966-240; 090-714-244-223-446; 097-777-514-602-343; 106-885-306-836-498; 113-801-918-269-079; 128-020-488-307-778; 134-927-490-231-285; 159-477-048-665-066; 171-407-642-621-665; 186-137-909-218-726,1,false,,
003-232-363-219-004,Interpol review of digital evidence 2016 - 2019.,2020-03-19,2020,journal article,Forensic science international. Synergy,2589871x,Elsevier BV,Netherlands,Paul Reedy,Abstract This review paper covers the forensic-relevant literature in digital evidence from 2016 to 2019 as a part of the 19th Interpol International Forensic Science Managers Symposium. The review papers are also available at the Interpol website at: https://www.interpol.int/content/download/14458/file/Interpol Review Papers 2019.pdf,2,,489,520,Library science; Download; Digital evidence; Computer science; Network forensics; Digital forensics,Digital evidence; Digital forensics; Network forensics,,,,http://www.sciencedirect.com/science/article/pii/S2589871X20300152 https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7770434 https://www.sciencedirect.com/science/article/pii/S2589871X20300152,http://dx.doi.org/10.1016/j.fsisyn.2020.01.015,33385144,10.1016/j.fsisyn.2020.01.015,3011326668,PMC7770434,0,001-330-619-276-915; 003-385-688-915-283; 004-200-813-216-207; 006-138-917-123-177; 006-352-188-170-383; 008-033-307-675-865; 008-807-857-586-716; 009-512-003-529-193; 010-084-169-561-57X; 010-963-610-208-920; 015-153-772-071-055; 015-550-190-274-871; 015-654-094-120-991; 016-357-729-609-877; 016-545-450-234-850; 018-552-581-098-658; 019-500-518-223-980; 022-564-463-934-451; 023-744-332-350-071; 024-304-270-764-670; 026-073-425-144-247; 026-934-168-279-23X; 027-725-711-087-703; 030-178-593-043-926; 030-355-169-268-637; 030-751-060-000-287; 031-973-009-227-195; 032-664-290-593-804; 033-394-274-571-989; 035-031-257-128-045; 036-112-898-081-145; 036-962-718-355-681; 039-158-280-114-980; 041-249-902-359-989; 043-069-596-469-868; 045-701-895-839-020; 046-857-308-211-173; 047-386-524-667-691; 047-925-302-360-870; 049-337-278-368-275; 050-694-164-774-292; 052-152-063-024-042; 054-471-285-379-894; 055-824-759-528-044; 057-720-182-045-334; 061-269-967-405-492; 063-246-991-940-023; 063-572-994-319-332; 064-185-555-697-856; 064-549-392-650-90X; 065-026-135-610-134; 066-235-037-082-291; 067-307-335-041-486; 075-950-021-558-098; 080-282-279-211-788; 081-140-064-081-587; 087-326-101-466-886; 088-229-295-768-496; 088-553-642-323-93X; 088-688-832-386-331; 089-115-596-397-298; 089-695-854-791-989; 097-496-807-682-876; 097-939-114-561-254; 099-712-023-378-848; 100-947-231-339-501; 106-229-562-693-558; 112-955-497-358-051; 115-380-228-622-98X; 123-393-129-372-391; 124-202-713-284-341; 127-291-182-090-033; 131-476-361-473-174; 131-874-028-513-738; 137-320-816-794-079; 141-906-892-787-690; 142-790-196-752-819; 143-347-787-372-092; 144-184-475-249-995; 148-617-284-942-187; 155-758-692-373-705; 162-814-268-960-713; 163-853-761-819-084; 167-366-167-352-677; 181-684-050-889-439; 182-670-398-460-931; 187-108-280-798-543; 189-205-808-191-262; 194-351-971-349-302; 199-010-941-903-268,18,true,"CC BY, CC BY-NC-ND",gold
003-307-307-119-790,Data Handling of Digital Forensics Cloud Computing,,2013,journal article,Advanced Materials Research,16628985,"Trans Tech Publications, Ltd.",,Gang Zeng,"With development of network and digital devices, traditional digital forensics tools show their drawbacks, and investigators need new forensics tools to deal with enormous digital evidences. Therefore, this paper introduces digital forensics and cloud computing, then lists the advantages of private forensics cloud computing, proposes a model of Data Handling of Digital Forensics Cloud Computing.",756-759,,1739,1743,Group method of data handling; Forensic science; Digital forensics cloud computing; Computer security; Computer science; Network forensics; Cloud computing; Digital forensics,,,,,https://www.scientific.net/AMR.756-759.1739,http://dx.doi.org/10.4028/www.scientific.net/amr.756-759.1739,,10.4028/www.scientific.net/amr.756-759.1739,2111038567,,0,027-238-398-454-889; 085-343-554-667-033; 134-927-490-231-285; 139-049-368-614-27X; 184-786-350-232-582; 184-984-036-746-363,0,false,,
003-465-055-357-015,Digital Evidence: The Moral Challenge.,,2002,journal article,International Journal of Digital Evidence,,,,Tom Talleur,"www.ijde.org 1 Digital Evidence: The Moral Challenge Tom Talleur, Managing Director, KPMG LLP’s Forensic Practice My colleagues, co-founders, and I, are fortunate to have this opportunity to characterize a framework for discourse on the topic of digital evidence in this initial edition of the International Journal of Digital Evidence (IJDE). In this respect, we have an opportunity to identify, prioritize, and focus upon some of the most important aspects of this issue, free of irrelevant influences.",1,,,,Sociology; Digital evidence; Focus (computing); Engineering ethics,,,,,https://www.utica.edu/academic/institutes/ecii/publications/articles/9C4E398D-0CAD-4E8D-CD2D38F31AF079F9.pdf https://dblp.uni-trier.de/db/journals/ijde/ijde1.html#Talleur02,https://dblp.uni-trier.de/db/journals/ijde/ijde1.html#Talleur02,,,173280879,,0,,4,false,,
003-480-534-241-322,Forensic Analysis of Virtual Hard Drives,,2017,journal article,"Journal of Digital Forensics, Security and Law",15587223,Embry-Riddle Aeronautical University/Hunt Library,,Patrick Tobin; Nhien-An Le-Khac; M. Tahar Kechadi,"The issue of the volatility of virtual machines is perhaps the most pressing concern in any digital investigation involving a virtual machine. Current digital forensics tools do not fully address the complexities of data recovery that are posed by virtual hard drives. It is necessary, for this reason, to explore ways to capture evidence, other than those using current digital forensic methods. Data recovery should be done in the most efficient and secure manner, as quickly, and in an as non-intrusive way as can be achieved. All data in a virtual machine is disposed of when that virtual machine is destroyed, it may not therefore be possible to extract and preserve evidence such as incriminating images prior to destruction. Recovering that evidence, or finding some way of associating that evidence with the virtual machine before destruction of that virtual machine, is therefore crucial.In this paper we present a method for extracting evidence from a virtual hard disk drive in a quick, secure and verifiable manner, with a minimum impact on the drive thus preserving its integrity for further analysis.Science Foundation Irelan",12,1,10,,World Wide Web; Virtual machine; Computer science; Network forensics; Data recovery; Digital forensics,,,,,https://commons.erau.edu/jdfsl/vol12/iss1/10/ https://researchrepository.ucd.ie/handle/10197/9653 https://researchrepository.ucd.ie/bitstream/10197/9653/1/insight_publication.pdf https://commons.erau.edu/cgi/viewcontent.cgi?article=1438&context=jdfsl https://doi.org/10.15394/jdfsl.2017.1438 https://dblp.uni-trier.de/db/journals/jdfsl/jdfsl12.html#TobinLK17,http://dx.doi.org/10.15394/jdfsl.2017.1438,,10.15394/jdfsl.2017.1438,2691998207,,0,004-022-528-441-49X; 019-831-293-743-518; 020-681-475-438-842; 021-007-954-226-013; 023-792-573-982-391; 034-592-850-420-219; 035-919-852-167-526; 036-070-754-056-335; 046-904-497-970-564; 091-865-413-941-073; 092-233-656-399-603; 123-446-242-694-815; 144-124-797-675-052; 194-016-717-022-461; 199-745-676-923-766,2,true,cc-by-nc,gold
003-563-396-724-10X,Fintech forensics: Criminal investigation and digital evidence in financial technologies,,2020,journal article,Forensic Science International: Digital Investigation,26662817,Elsevier BV,,Bruce J. Nikkel,,33,,200908,,Finance; Criminal investigation; Digital transformation; Business; Payment; Financial transaction; Extortion; Money laundering; Digital evidence; Digital forensics,,,,,https://dblp.uni-trier.de/db/journals/di/di33.html#Nikkel20 https://www.sciencedirect.com/science/article/abs/pii/S2666281720300287 https://doi.org/10.1016/j.fsidi.2020.200908,http://dx.doi.org/10.1016/j.fsidi.2020.200908,,10.1016/j.fsidi.2020.200908,3012107526,,0,,14,false,,
003-964-082-130-066,"Emerging Forensic Tools for Locating and Analyzing Digital Evidence - The Challenges of Locating Evidence Because of Large, Dispersed Data Sets",,,book chapter,Emerging Forensic Tools for Locating and Analyzing Digital Evidence,,IGI Global,,Richard Boddington,,,,3207,3898,Data mining; Computer science,,,,,,http://dx.doi.org/10.4018/978-1-4666-9591-7.les5,,10.4018/978-1-4666-9591-7.les5,2500152088,,0,,0,false,,
003-996-737-587-62X,Network Forensic Investigation of Internal Misuse/Crime in Saudi Arabia: A Hacking Case,2008-04-23,2008,,,,,,Abdulrazaq Al-Murjan; Konstantinos Xynos,"There are ad-hoc guidelines and a limited policy on computer incident response that does not include computer forensic preparation procedures (e.g. logging incidents). In addition, these guidelines do not consider the requirement of Islamic law for admissible evidence at an organisational level in Saudi Arabia. Network forensic investigation might breach the Saudi law if they follow ad-hoc or international digital forensic standards such as Association of Chief Police Officers (ACPO) guidelines. This might put the organisation in a costly situation when a malicious employee sues an Islamic court. This is because the law of Saudi Arabia is complying with Islamic (Al Sharia) law. Network forensic investigators should comprehend Islamic legal requirements for admissible evidence such as privacy of a suspect, integrity and availability of evidence. These legal requirements should be translated into information technology to conduct the processes of digital forensic. These processes include searching for, collecting, preserving and presenting electronic evidence in an Islamic court. Although insider abuse/crime have not been usually reported to the law enforcement in Saudi Arabia, a hacking case is provided and examined in order to highlight shortcomings for producing eevidence at an organisational level in Saudi Arabia. Furthermore, this case shows that there is a conflict between the technical (ad-hoc) process of collecting e-evidence which has been followed at an organisational level by network forensic investigators and the main principle of forensic procedure in Saudi Arabia. It also illustrates that there is no technical investigative standard for digital evidence. Moreover, this research addresses these issues by proposing a technical investigative standard for digital evidence. As a result of this standard, network forensic investigation is able to produce eevidence with respect to the principles of forensic procedure in Saudi Arabia.",,,15,32,Engineering; Admissible evidence; Sharia; Law; Suspect; Law enforcement; Digital evidence; Public relations; Computer forensics; Digital forensics; Hacker,,,,,https://commons.erau.edu/cgi/viewcontent.cgi?article=1065&context=adfsl https://commons.erau.edu/adfsl/2008/additional-articles/1/,https://commons.erau.edu/adfsl/2008/additional-articles/1/,,,1601917781,,0,002-383-410-319-043; 006-659-242-552-662; 020-091-042-727-550; 038-395-829-222-050; 039-070-585-841-365; 041-291-462-265-899; 050-220-032-222-117; 057-302-299-150-11X; 108-496-557-376-872; 117-626-618-645-095; 121-460-734-819-619; 144-924-692-716-271; 162-643-144-846-229; 199-172-967-270-034,1,false,,
004-092-538-687-18X,Centralizing network digital evidences,,2011,book chapter,Software Engineering and Computer Systems,18650929; 18650937,Springer Berlin Heidelberg,Germany,Mohammed Abbas; Elfadil Sabeil; Azizah Abdul Manaf,"The forensic community has long acknowledged only investigating operating system (computer) for the sake of discovering digital crimes secrets. However, these techniques are not reliable anymore in case when to be used to achieve investigation aims since the data of the operating system can be tampered with by an attacker himself. Hence, focusing on alternative fields; that is network forensic comes into picture. In this paper, a methodology to collect and centralize network digital evidences in order to come up with the reliable investigation is introduced. In a case study, the laboratory is designed and set up to examine the proposed solution toward network digital evidences and centralize them as well. Finally, the operating system forensic weaknesses are obviously proven, and then a successful solution to these shortcomings through collecting and centralizing network digital evidences to be used for the investigation is presented.",,,310,320,Set (abstract data type); Order (exchange); Botnet; Computer security; Computer science; Malware; Digital forensics,,,,,http://eprints.utm.my/id/eprint/28894/ https://link.springer.com/chapter/10.1007/978-3-642-22191-0_28 https://rd.springer.com/chapter/10.1007/978-3-642-22191-0_28 https://link.springer.com/content/pdf/10.1007%2F978-3-642-22191-0_28.pdf https://core.ac.uk/display/11801841 https://core.ac.uk/download/11801841.pdf,http://dx.doi.org/10.1007/978-3-642-22191-0_28,,10.1007/978-3-642-22191-0_28,2008212393,,0,081-976-350-441-096; 135-645-777-142-774,0,true,,
004-095-036-114-529,Digital forensic standards and digital evidence in Polish criminal proceedings. An updated definition of digital evidence in forensic science,,2021,journal article,International Journal of Electronic Security and Digital Forensics,1751911x; 17519128,Inderscience Publishers,United Kingdom,Piotr Lewulis,,13,4,403,403,Digital forensics; Digital evidence; Forensic science; Computer science; Computer forensics; Data science; Criminal investigation; Cybercrime; Computer security; Criminology,,,,,,http://dx.doi.org/10.1504/ijesdf.2021.116024,,10.1504/ijesdf.2021.116024,,,0,,0,false,,
004-170-229-579-805,"Enabling the Remote Acquisition of Digital Forensic Evidence through
  Secure Data Transmission and Verification",2017-12-07,2017,,,,,,Mark Scanlon,"Providing the ability to any law enforcement officer to remotely transfer an image from any suspect computer directly to a forensic laboratory for analysis, can only help to greatly reduce the time wasted by forensic investigators in conducting on-site collection of computer equipment. RAFT (Remote Acquisition Forensic Tool) is a system designed to facilitate forensic investigators by remotely gathering digital evidence. This is achieved through the implementation of a secure, verifiable client/server imaging architecture. The RAFT system is designed to be relatively easy to use, requiring minimal technical knowledge on behalf of the user. One of the key focuses of RAFT is to ensure that the evidence it gathers remotely is court admissible. This is achieved by ensuring that the image taken using RAFT is verified to be identical to the original evidence on a suspect computer.",,,,,Computer science; Suspect; Digital forensics; Computer forensics; Computer security; Digital evidence; Officer; Key (lock); Law enforcement; Data transmission,,,,,,http://dx.doi.org/10.48550/arxiv.1712.02529,,10.48550/arxiv.1712.02529,,,0,,0,true,,green
004-469-331-209-129,An Implementation of Blockchain Technology in Forensic Evidence Management,2021-03-17,2021,conference proceedings article,2021 International Conference on Computational Intelligence and Knowledge Economy (ICCIKE),,IEEE,,Revathy Sathyaprakasan; Pratheeksha Govindan; Samina Alvi; Lipsa Sadath; Sharon Philip; Nrashant Singh,"Evidence management is crucial in the field of forensic science. Evidences obtained from a crime scene are important in solving the case and delivering justice to the parties involved. Hence, protecting these evidences from any form of alteration is of utmost important. Chain of Custody is the process which maintains the integrity of evidence. Inability to maintain the chain of custody will make the evidence inadmissible in court, eventually leading to the case dismissal. Digitalization of forensic evidence management system is a need of time as it is an environment friendly model. Blockchains are digitally distributed ledgers of transactions signed cryptographically in chronological order that are sorted into blocks and is completely open to anyone in the blockchain network. Hyperledger Fabric is a consortium blockchain framework created by the Linux foundation and is mainly used for enterprise use. Based on the concept of Hyperledger Fabric, present study aimed to create a framework and further propose an algorithm to implement Blockchain Technology to digitalize forensic evidence management system and maintain Chain of Custody.",,,208,212,Chain of custody; Crime scene; Cryptography; Management system; Justice (ethics); Blockchain; Foundation (evidence); Computer security; Computer science; Process (engineering),,,,,https://ieeexplore.ieee.org/document/9410791,http://dx.doi.org/10.1109/iccike51210.2021.9410791,,10.1109/iccike51210.2021.9410791,3158482413,,0,018-237-671-712-180; 043-273-953-358-604; 047-399-890-553-38X; 053-303-395-482-412; 068-801-609-180-214; 081-138-471-843-208; 081-273-333-452-817; 094-960-186-261-063,1,false,,
004-534-419-190-184,Zajišťování a analýza digitálních důkazů,2013-02-22,2013,dissertation,,,,,Ladislav Vyskočil,"This thesis deals with securing and analyzing digital evidence. At the beginning of this work can be find the issue of digital evidence and the basic principles of working with such evidence. The theoretical section describes securing digital evidence at the crime scene and the legal aspects of these operations, then there are depicted forensic imaging of secured digital evidence and authentication. The last in this section are mentioned the subsequent forensic analysis of digital data. The theoretical part explains terms like digital evidence and its authentication, digital image and traces the reasons for its creation, forensic and technical activities, work of experts and implementation of the principle of forensic analysis of digital data. In the practical part there are shown the most frequent ways and procedures for securing digital evidence and the most common procedures and methods for carrying out forensic analysis of digital data. In conclusion, this study describes the potential hazards and risks when working with digital evidence and appropriate countermeasures designed to mitigate or eliminate these risks.",,,,,Engineering; Authentication (law); MD5; Crime scene; Work (electrical); Digital data; Digital evidence; Computer security; Digital image; Computer forensics,,,,,https://digilib.k.utb.cz/handle/10563/24882,https://digilib.k.utb.cz/handle/10563/24882,,,2744381940,,0,,0,false,,
004-666-134-156-50X,Baseic Steganalysis for the Digital Media Forensics Examiner,,2006,book chapter,Digital Crime and Forensic Science in Cyberspace,,IGI Global,,Sos S. Agaian; Benjamin M. Rodriguez,"<jats:p>This chapter focuses on the development of digital forensic steganalysis tools/methods through analysis and evaluation of the most popular “sample pair” steganalysis techniques—the key concept in cyber crime—for the digital media forensics examiner, specializing in the analysis, identification, and interpretation of concealed digital evidence. Success and proper implementation of a digital forensic steganalysis system is dependent of several necessary steps. The basic steps are to describe and implement a new generation of steganalysis systems applicable for various embedding methods in order to allow efficient, accurate, low-cost, and fast digital forensic analysis; and to make these methods applicable for automatic detection of steganographic information within noisy network environments while striving to provide a satisfactory performance in comparison with present technology. All efforts will allow the final goal to be reached which is the development of a digital forensic steganalysis system to aid law enforcement agencies involved in the field of cyber crime investigation. The presented techniques will be based on the statistics of sample pairs (the basic unit), rather than individual samples, which are very sensitive to least significant bit embedding. Particularly, in this chapter we discuss the process and necessary considerations inherent in the development of steganalysis methods applied for problems of reliable detection, estimation length, and localization of hidden data within various forms/models of digital images.</jats:p>",,,175,216,Steganalysis; Digital media; Digital camera; Computer science; Multimedia; Digital forensics,,,,,https://www.igi-global.com/chapter/baseic-steganalysis-digital-media-forensics/8355,http://dx.doi.org/10.4018/978-1-59140-872-7.ch009,,10.4018/978-1-59140-872-7.ch009,2504848757,,0,,1,false,,
004-723-592-537-121,IFIP Int. Conf. Digital Forensics - Super-Resolution Video Analysis for Forensic Investigations,,,book chapter,Advances in Digital Forensics III,,Springer New York,,Ashish Gehani; John H. Reif,"Super-resolution algorithms typically improve the resolution of a video frame by mapping and performing signal processing operations on data from frames immediately preceding and immediately following the frame of interest. However, these algorithms ignore forensic considerations. In particular, the high-resolution video evidence they produce could be challenged on the grounds that it incorporates data or artifacts that were not present in the original recording.",,,281,299,Signal processing; Computer graphics (images); Frame (networking); Superresolution; Artificial intelligence; Computer vision; Computer science; Resolution (electron density),,,,,https://link.springer.com/chapter/10.1007%2F978-0-387-73742-3_20 https://rd.springer.com/chapter/10.1007/978-0-387-73742-3_20 https://link.springer.com/content/pdf/10.1007%2F978-0-387-73742-3_20.pdf http://www.csl.sri.com/users/gehani/papers/ICDF-2007.Grow.pdf https://dblp.uni-trier.de/db/conf/ifip11-9/df2007.html#GehaniR07,http://dx.doi.org/10.1007/978-0-387-73742-3_20,,10.1007/978-0-387-73742-3_20,1507132784,,0,000-918-726-324-194; 001-698-824-214-049; 003-604-780-499-224; 010-268-036-184-682; 010-838-709-620-701; 053-077-854-827-73X; 053-477-542-654-094; 060-520-415-389-712; 065-760-406-486-558; 083-925-529-399-556; 088-910-215-734-243; 092-208-347-041-566; 094-017-126-730-086; 117-294-186-836-737; 123-135-781-141-808; 123-603-169-039-14X; 141-056-389-820-328,6,true,,bronze
004-778-686-619-011,"Forensically ready digital identity management systems, issues of digital identity life cycle and context of usage",,2017,journal article,International Journal of Electronic Security and Digital Forensics,1751911x; 17519128,Inderscience Publishers,United Kingdom,Mehrdad Tajbakhsh; Elaheh Homayounvala; Sajjad Shokouhyar,"Collecting necessary digital and network forensics to prove the identity of an individual who is responsible for a crime, or suspected of a malicious attack, or has used a device during an incident, with minimum doubt to the court or other legitimate organisations based on the digital forensic investigation model is one of the most important legal and security issues of digital identity management systems DIMSs. Without a good understanding and identification of the most important parameters of DIMS based on the digital forensic investigation model, it is not possible to do digital forensic investigation and provide required evidence. Therefore, the main goal of this paper is to identify and prioritise DIMS parameters by considering a user's digital identity lifecycle, the contexts of usage challenges, and constraints that should be considered in a digital forensic readiness model.",9,1,62,83,Identity (object-oriented programming); Digital identity; Context (language use); Computer security; Computer science; Network forensics; Identity management; Computer forensics; Identification (information); Digital forensics,,,,,https://research.gold.ac.uk/id/eprint/27057/ https://www.inderscienceonline.com/doi/abs/10.1504/IJESDF.2017.081781 https://dl.acm.org/doi/10.1504/IJESDF.2017.081781 https://core.ac.uk/download/228123558.pdf,http://dx.doi.org/10.1504/ijesdf.2017.081781,,10.1504/ijesdf.2017.081781,2572537845,,0,003-097-641-696-240; 008-297-927-077-443; 021-376-433-883-484; 021-850-998-857-676; 024-665-355-874-020; 026-774-296-742-022; 036-150-437-127-822; 037-789-654-228-885; 060-877-320-347-466; 078-422-506-893-847; 078-937-165-241-316; 109-715-338-545-334; 119-377-297-976-683; 121-657-732-376-374; 129-932-503-927-253; 132-355-634-397-986; 133-157-737-906-420; 140-821-103-436-654; 144-688-901-316-003; 144-924-692-716-271; 158-400-418-434-934; 162-161-362-621-763; 176-817-855-610-146; 194-965-580-194-055,1,true,,green
004-811-572-572-632,Cyber Forensics: Representing and Managing Tangible Chain of Custody Using the Linked Data Principles,2013-05-27,2013,,,,,,Tamer Fares Gayed; Hakim Lounis; Moncef Bari; Rafek Nicolas,"Tangible Chain of Custody ( CoC) in cyber forensics ( CF ) is a document accompanying digital evidences. It records all information related to the evidences at each phase of the forensics investigation process in order to improve and prosecute them in a court of law. Because a digital evidence can be easily altered and loses its value, the CoC plays a vital role in the digital investigation by demonstrating the road map of Who exactly, When, Where, Why, What and How came into contact with the digital evidence. With the advent of the digital age, the tangible CoC document needs to undergo a radical transformation from paper to electronic data ( e-CoC ). This e-CoC will be readable, and consumed by computers. The semantic web is a fertile land to represent and manage the tangible CoC because it uses web principles known as Linked Data Principles (LDP), which provide useful information in Resource Description Framework (RDF) upon Unified Resource Identifier (URI) resolution. These principles are used to publish data publicly on the web and provide a standard framework that allows such data to be shared, and consumed in a machine readable format. This paper provides a framework explaining how these principles are applied to represent the chain of custodies and used only by actors in each forensics process, in order to be consumed at the end by the jury in a court of law. This paper also illustrates this idea by giving an example of the authentication phase imported from the Kruse forensics process.",,,87,96,Chain of custody; Engineering; World Wide Web; Authentication (law); Machine-readable data; Semantic Web; Digital evidence; Electronic data; Linked data; Digital forensics,,,,,https://www.thinkmind.org/index.php?view=article&articleid=cognitive_2013_4_40_40123 https://www.thinkmind.org/download.php?articleid=cognitive_2013_4_40_40123,https://www.thinkmind.org/index.php?view=article&articleid=cognitive_2013_4_40_40123,,,2286826414,,0,004-502-436-166-438; 010-523-765-034-735; 013-618-362-603-877; 019-831-293-743-518; 025-929-743-572-676; 033-241-817-699-448; 038-668-970-194-854; 039-807-307-685-44X; 046-611-915-478-048; 049-481-165-627-556; 052-052-141-922-342; 055-574-774-155-611; 059-112-511-613-974; 062-032-128-092-406; 067-950-012-629-210; 070-930-241-111-87X; 074-006-661-609-019; 089-568-273-380-514; 113-969-842-289-274; 126-931-686-553-894; 128-174-097-913-721; 128-976-006-412-740; 136-001-980-699-220; 147-017-529-889-412; 160-343-779-953-231; 179-251-285-691-405; 181-091-839-882-521; 187-247-163-887-643; 190-065-821-748-92X; 197-358-066-658-712,4,false,,
004-872-169-627-620,A New Approach of Digital Forensic Model for Digital Forensic Investigation,,2011,journal article,International Journal of Advanced Computer Science and Applications,2158107x; 21565570,The Science and Information Organization,,Inikpi O Ademu; Chris Imafidon; David Preston,"The research introduces a structured and consistent approach for digital forensic investigation. Digital forensic science provides tools, techniques and scientifically proven methods that can be used to acquire and analyze digital evidence. The digital forensic investigation must be retrieved to obtain the evidence that will be accepted in the court. This research focuses on a structured and consistent approach to digital forensic investigation. This research aims at identifying activities that facilitate and improves digital forensic investigation process. Existing digital forensic framework will be reviewed and then the analysis will be compiled. The result from the evaluation will produce a new model to improve the whole investigation process.",2,12,,,World Wide Web; Data science; Digital evidence; Digital forensic investigation; Computer science; Process (engineering); Digital forensics,,,,,https://thesai.org/Publications/ViewPaper?Volume=2&Issue=12&Code=IJACSA&SerialNo=26 https://thesai.org/Downloads/Volume2No12/Paper%2026-A%20New%20Approach%20of%20Digital%20Forensic%20Model%20for%20Digital%20Forensic%20Investigation.pdf,http://dx.doi.org/10.14569/ijacsa.2011.021226,,10.14569/ijacsa.2011.021226,2261973985,,0,032-697-093-668-898; 035-223-520-491-228; 065-452-675-566-99X; 120-697-354-224-33X; 170-299-458-679-224; 178-883-713-153-793; 190-065-821-748-92X,60,true,cc-by,hybrid
005-123-553-786-165,Tracks Inspector: Putting Digital Investigations in the Hands of Investigators,,2014,,,,,,J. Henseler; J. Hofste; null A.Post,"With the pervasiveness of computers and mobile devices, digital forensics becomes more important in law enforcement. Investigators increasingly depend on the scarce support of digital specialists which impedes efficiency of criminal investigations. This paper describes the architecture of Tracks Inspector, a commercially available product for computer assisted discovery of digital evidence. Tracks Inspector was designed to put digital investigation in the hands of non-technical investigators. The design criteria aim to look for ""low hanging fruit"" in the evidence without the help of digital forensic experts. As a result we expect that backlogs will be reduced and investigators can better explain to the experts what they are looking for. Experts can then focus on the challenging work. The architecture of Tracks Inspector is scalable, robust, secure and supports cases with hundreds of evidence units giving access to hundreds of users through a simple web-based user interface.",,,1,7,Criminal investigation; Architecture; Engineering; World Wide Web; Mobile device; Law enforcement; Digital evidence; Focus (computing); Digital forensics; User interface,,,,,https://sdiwc.net/digital-library/tracks-inspector-putting-digital-investigations-in-the-hands-of-investigators.html,https://sdiwc.net/digital-library/tracks-inspector-putting-digital-investigations-in-the-hands-of-investigators.html,,,2137138566,,0,018-618-238-562-758; 024-735-069-822-749; 057-650-133-674-395; 070-673-111-451-994; 150-236-970-368-499; 158-675-713-708-734,2,false,,
005-155-472-420-600,When finding nothing may be evidence of something: Anti-forensics and digital tool marks.,2019-06-03,2019,journal article,Science & justice : journal of the Forensic Science Society,18764452; 13550306,Forensic Science Society,United Kingdom,Graeme Horsman; David Errickson,"There are an abundance of measures available to the standard digital device users which provide the opportunity to act in an anti-forensic manner and conceal any potential digital evidence denoting a criminal act. Whilst there is a lack of empirical evidence which evaluates the scale of this threat to digital forensic investigations leaving the true extent of engagement with such tools unknown, arguably the field should take proactive steps to examine and record the capabilities of these measures. Whilst forensic science has long accepted the concept of toolmark analysis as part of criminal investigations, 'digital tool marks' (DTMs) are a notion rarely acknowledged and considered in digital investigations. DTMs are the traces left behind by a tool or process on a suspect system which can help to determine what malicious behaviour has occurred on a device. This article discusses and champions the need for DTM research in digital forensics highlighting the benefits of doing so.",59,5,565,572,Internet privacy; Criminal investigation; Empirical evidence; Suspect; Digital evidence; Field (computer science); Computer science; Process (engineering); Scale (social sciences); Digital forensics,Anti forensics; Crime; Digital forensics; Digital tool marks; Investigation,Computer Security; Crime; Data Anonymization; Data Compression; Disruptive Technology; Forensic Sciences/methods; Humans; Information Technology/trends; Intention,,,https://research.tees.ac.uk/en/publications/when-finding-nothing-may-be-evidence-of-something-anti-forensics- https://www.sciencedirect.com/science/article/pii/S1355030619300085 https://dspace.lib.cranfield.ac.uk/bitstream/1826/14256/4/anti-forensic_and_digital_tool_marks-2019.pdf https://pubmed.ncbi.nlm.nih.gov/31472802/ https://europepmc.org/article/MED/31472802 https://www.ncbi.nlm.nih.gov/pubmed/31472802 https://dspace.lib.cranfield.ac.uk/handle/1826/14256,http://dx.doi.org/10.1016/j.scijus.2019.06.004,31472802,10.1016/j.scijus.2019.06.004,2948024755,,0,005-102-962-333-180; 005-262-962-988-497; 005-542-560-321-688; 018-954-504-137-336; 019-851-756-578-933; 021-722-204-712-947; 023-483-803-048-547; 024-441-245-472-976; 025-319-861-345-580; 026-334-191-382-818; 027-822-961-420-892; 030-997-577-987-23X; 039-690-460-224-010; 042-705-658-682-014; 045-935-396-341-342; 048-254-765-810-067; 069-553-351-193-961; 093-551-054-279-495; 096-986-617-825-552; 144-786-887-819-307; 163-853-761-819-084,4,true,cc-by-nc-nd,green
005-207-242-011-010,IFIP Int. Conf. Digital Forensics - A Digital Media Similarity Measure for Triage of Digital Forensic Evidence,2020-08-06,2020,book chapter,Advances in Digital Forensics XVI,18684238; 1868422x,Springer International Publishing,Germany,Myeong Lim; James H. Jones,"As the volume of potential digital evidence increases, digital forensic practitioners are challenged to determine the best allocation of their limited resources. While automation will continue to partially mitigate this problem, the preliminary question about which media should be examined by human or machine remains largely unsolved. This chapter describes and validates a methodology for assessing digital media similarity to assist with digital media triage decisions. The application of the methodology is predicated on the idea that unexamined media is likely to be relevant or interesting to a practitioner if the media is similar to other media that were previously determined to be relevant or interesting. The methodology builds on prior work using sector hashing and the Jaccard index of similarity. These two methods are combined in a novel manner and the accuracy of the resulting methodology is demonstrated using a collection of hard drive images with known ground truth. The work goes beyond interesting file and file fragment matching. Specifically, it assesses the overall similarity of digital media to identify systems that might share applications and thus be related, even if common files of interest are encrypted, deleted or otherwise unavailable. In addition to triage decisions, digital media similarity may be used to infer links and associations between disparate entities.",,,111,135,Encryption; Matching (statistics); Digital media; Jaccard index; Information retrieval; Similarity measure; Similarity (psychology); Digital evidence; Computer science; Digital forensics,,,,,http://mars.gmu.edu/handle/1920/11926 https://dblp.uni-trier.de/db/conf/ifip11-9/df2020.html#LimJ20 https://link.springer.com/chapter/10.1007/978-3-030-56223-6_7 https://rd.springer.com/chapter/10.1007/978-3-030-56223-6_7,http://dx.doi.org/10.1007/978-3-030-56223-6_7,,10.1007/978-3-030-56223-6_7,3083761648,,0,004-652-388-189-304; 009-832-452-035-773; 010-388-991-543-520; 010-916-802-281-637; 010-985-077-415-59X; 012-089-942-653-099; 013-374-077-204-422; 016-055-481-876-280; 018-304-870-600-752; 018-618-238-562-758; 020-102-151-624-738; 030-121-862-351-330; 032-926-850-731-177; 061-317-181-338-930; 074-012-101-472-334; 109-598-947-309-943; 116-317-110-770-148; 128-940-875-499-986; 134-369-102-934-63X; 136-292-770-449-357; 145-912-531-299-444; 155-226-042-989-551; 155-715-758-361-927,1,false,,
005-356-443-290-174,What Security Professionals Need to Know About Digital Evidence,2010-06-08,2010,journal article,Information Security Journal: A Global Perspective,19393555; 19393547,Informa UK Limited,United Kingdom,Gavin W. Manes; Elizabeth Downing,"This paper presents the fundamentals of digital evidence for security practitioners. The modern security landscape is expanding to include a digital forensics and investigative skill set for many professionals, particularly those in the corporate realm. This paper introduces security personnel to the Federal Rules of Civil Procedure, case law related to preservation and production of digital evidence, international issues with electronic data, how to handle privilege or sensitive information, and the issues surrounding licensing and certification of computer investigators and digital forensics professionals.",19,3,124,131,Internet privacy; Information sensitivity; Business; Need to know; Federal Rules of Civil Procedure; Digital evidence; Electronic data; Certification; Computer forensics; Digital forensics,,,,,https://www.tandfonline.com/doi/full/10.1080/19393550903200466,http://dx.doi.org/10.1080/19393550903200466,,10.1080/19393550903200466,2057309189,,0,010-297-628-610-924; 010-649-881-473-026; 043-411-173-280-351; 108-557-778-816-866,3,false,,
005-392-088-749-603,IFIP Int. Conf. Digital Forensics - Digital Forensics: Meeting the Challenges of Scientific Evidence,,,book chapter,Advances in Digital Forensics,,Kluwer Academic Publishers,,Matthew Meyers; Marcus K. Rogers,"This paper explores three admissibility considerations for scientific evidence currently engaged in U.S. courts: reliability, peer review and acceptance within the relevant community. Any tool used in a computer forensic investigation may be compared against these considerations, and if found wanting, evidence derived using the tool may be restricted. The ability to demonstrate the reliability and validity of computer forensic tools based on scientific theory is an important requirement for digital evidence to be admissible. A trusted third party certification model is discussed as an approach for addressing this issue.",,,43,50,Scientific theory; Internet privacy; Scientific evidence; Trusted third party; Data science; Digital evidence; Computer science; Certification; Reliability (statistics); Computer forensics; Digital forensics,,,,,https://link.springer.com/chapter/10.1007%2F0-387-31163-7_4 https://link.springer.com/content/pdf/10.1007%2F0-387-31163-7_4.pdf https://dblp.uni-trier.de/db/conf/ifip11-9/df2005.html#MeyersR05 https://rd.springer.com/chapter/10.1007/0-387-31163-7_4,http://dx.doi.org/10.1007/0-387-31163-7_4,,10.1007/0-387-31163-7_4,63426664,,0,016-004-336-259-323; 059-577-872-928-63X; 064-461-905-099-548; 131-143-868-771-693,13,true,,bronze
005-445-629-762-090,Federal Agencies Can Get Your iPhone Data without Apple’s Help,2020-05-01,2020,journal article,Digital Forensics (4n6) Journal,25821172,Digital Forensics (4N6),,Yuri Gubanov,"<jats:p>Engineers at Belkasoft, leading digital forensic tools developer, recently implemented advanced and far-reaching data acquisition capabilities in the latest Belkasoft Evidence Center release. The new functions in this product allow for forensic extraction of data from the vast majority of iOS devices based on the new checkm8 exploit.; Forensic investigators traditionally find it difficult to extract data from Apple iOS devices-consisting of iPhones, iPads, and iPods-because such devices do not provide access to their file systems. The new checkm8 exploit is set to be a game changer!</jats:p>",,,48,49,,,,,,http://dx.doi.org/10.46293/4n6/2020.02.02.08,http://dx.doi.org/10.46293/4n6/2020.02.02.08,,10.46293/4n6/2020.02.02.08,3021059188,,0,,0,false,,
005-533-992-170-241,Analisis Data Digital Evidence pada Layanan Voice Over Internet Protocol (VoIP),2016-11-29,2016,journal article,Jurnal Edukasi dan Penelitian Informatika (JEPIN),25489364; 24600741,Tanjungpura University,,Muhamad Arsad Adam; Nur Widiyasono; Husni Mubarok,"Teknologi  VoIP  (Voice  Over  Internet  Protocol) merupakan  teknologi  yang  mampu  melewatkan  panggilan  suara, video  dan  data  dalam  jaringan  IP.  Voice  over  Internet  Protocol (VoIP)  dalam  teknologi  komunikasi  cukup  signifikan  sehingga tidak  terlepas  dari  kejahatan  cybercrime,  Teknologi  VoIP  dapat disalahgunakan  untuk  melakukan  tindakan  kejahatan  jarak  jauh sehingga  diperlukan  langkah-langkah  investigasi  jika  terjadi masalah.  Menemukan  artefact  pada  Infrastruktur  VoIP merupakan tantangan tersendiri. WireSharks salah satu tool yang digunakan  dalam  investigasi  ini.  Metode  yang  digunakan  adalah DFIF  yang  terdiri  tahapan  adalah  Collection,  Examination, Analysis, dan Report and Documentation. Investigasi pada layanan VoIP  dapat  berhasil  dilakukan  dengan  menemukan  data  digital evidence  di  layer  5.  Tujuan  Penelitian  ini  yaitu  Mengetahui Karakteristik Data Digital berupa suara pada layanan Voice Over IP  dan  Menganalisis  Data  Digital  berupa  suara  pada  layanan Voice Over IP. Hasil dari penelitian ini barang bukti digital yang berupa  percakapan  yang  dapat  dipertanggungjawabkan  dalam pengadilan..Kata kunci— Data, Evidence, Forensik,Network, VoIP",2,2,,,,,,,,https://core.ac.uk/display/88097420 https://doaj.org/article/08508940e99f4ec3a8577e503320f771 https://core.ac.uk/download/pdf/294888994.pdf,http://dx.doi.org/10.26418/jp.v2i2.17578,,10.26418/jp.v2i2.17578,2558917419,,0,,0,true,cc-by-nc-sa,gold
005-557-048-011-631,"Advances in Digital Forensics V: Fifth IFIP WG 11.9 International Conference on Digital Forensics, Orlando, Florida, USA, January 26-28, 2009, Revised ... in Information and Communication Technology)",2009-10-07,2009,book,,,,,Gilbert L. Peterson; Sujeet Shenoi,"Digital forensics deals with the acquisition, preservation, examination, analysis and presentation of electronic evidence. Networked computing, wireless communications and portable electronic devices have expanded the role of digital forensics beyond traditional computer crime investigations. Practically every crime now involves some aspect of digital evidence; digital forensics provides the techniques and tools to articulate this evidence. Digital forensics also has myriad intelligence applications. Furthermore, it has a vital role in information assurance - investigations of security breaches yield valuable information that can be used to design more secure systems. Advances in Digital Forensics V describes original research results and innovative applications in the discipline of digital forensics. In addition, it highlights some of the major technical and legal issues related to digital evidence and electronic crime investigations. The areas of coverage include: themes and issues, forensic techniques, integrity and privacy, network forensics, forensic computing, investigative techniques, legal issues and evidence management. This book is the fifth volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.9 on Digital Forensics, an international community of scientists, engineers and practitioners dedicated to advancing the state of the art of research and practice in digital forensics. The book contains a selection of twenty-three edited papers from the Fifth Annual IFIP WG 11.9 International Conference on Digital Forensics, held at the National Center for Forensic Science, Orlando, Florida, USA in the spring of 2009. Advances in Digital Forensics V is an important resource for researchers, faculty members and graduate students, as well as for practitioners and individuals engaged in research and development efforts for the law enforcement and intelligence communities.",,,,,Engineering; Library science; Data science; International community; Law enforcement; Information assurance; Digital evidence; Network forensics; Computer forensics; Information and Communications Technology; Digital forensics,,,,,http://dl.acm.org/citation.cfm?id=1816673&coll=DL&dl=GUIDE,http://dl.acm.org/citation.cfm?id=1816673&coll=DL&dl=GUIDE,,,2303255291,,0,,0,false,,
005-803-413-499-585,Digital Evidence Is Everywhere,,2012,book chapter,Digital Forensics for Legal Professionals,,Elsevier,,Larry E. Daniel; Lars E. Daniel,,,,3,9,Engineering; World Wide Web; Digital media; Digital camera; Digital footprint; Digital evidence; Electronic data; Multimedia,,,,,https://www.sciencedirect.com/science/article/pii/B9781597496438000018 http://www.sciencedirect.com/science/article/pii/B9781597496438000018,http://dx.doi.org/10.1016/b978-1-59749-643-8.00001-8,,10.1016/b978-1-59749-643-8.00001-8,2493966173,,0,,2,false,,
005-848-183-287-884,IFIP Int. Conf. Digital Forensics - Automobile Event Data Recorder Forensics,,,book chapter,IFIP — The International Federation for Information Processing,15715736; 18612288,Springer US,Germany,Nathan Singleton; Jeremy S. Daily; Gavin W. Manes,Automobile event data recorders (EDRs) provide vital information for reconstructing traffic crashes. This paper examines the primary issues related to evidence recovery from EDRs and its use in crash reconstruction. Recommendations related to the use of EDR data in court proceedings are also presented.,,,261,272,Crash; Event data recorder; Event data; Computer security; Computer science,,,,,https://doi.org/10.1007/978-0-387-84927-0_21 https://link.springer.com/content/pdf/10.1007/978-0-387-84927-0_21.pdf https://rd.springer.com/chapter/10.1007/978-0-387-84927-0_21 https://dblp.uni-trier.de/db/conf/ifip11-9/df2008.html#SingletonDM08 https://link.springer.com/10.1007%2F978-0-387-84927-0_21 https://link.springer.com/chapter/10.1007/978-0-387-84927-0_21,http://dx.doi.org/10.1007/978-0-387-84927-0_21,,10.1007/978-0-387-84927-0_21,1558504599,,0,006-241-230-357-36X; 068-110-213-474-15X; 074-838-048-441-475; 121-230-063-948-992; 179-429-748-365-952,4,true,,bronze
005-910-782-319-969,Design and Implementation of KFMS for Digital Forensics,,2008,conference proceedings article,2008 International Conference on Information Science and Security (ICISS 2008),,IEEE,,Jae Hoon Sun; Hyun Seok Yoon; Jae Hyung Yoo,"As the digitization of information is advanced, the case which keeps inside the digital information machinery and tools where the important evidence or beginning are included is increasing in computer related crime and also general crime. The digital organization standardized the process of digital forensic in the investigation office and the cyber crime investigation which applies the various equipments(S/W, H/W) is being activated. But the specialist discernment is necessary for equipment (S/W and H/W) application and the actual condition is that the evidence management and joint ownership are restricted. As it is able to approach in the case of the non specialist easily and a corroborative fact data application degree is raised through the connection of the investigation office (prosecution, police) & the financial institution (the bank, insurance and the securities) and the necessity of the near search using a mining & the digital forensic evidence management system is proposed, we would like to propose the prototype of digital evidence management system for the efficient cyber crime investigation through this research.",,,214,219,Management system; Digitization; Financial institution; Discernment; Digital evidence; Computer security; Computer science; Network forensics; Computer forensics; Digital forensics,,,,,http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000004438236,http://dx.doi.org/10.1109/iciss.2008.34,,10.1109/iciss.2008.34,2131110217,,0,007-790-059-029-953; 020-944-423-224-895; 065-452-675-566-99X; 075-128-417-091-483; 121-001-950-491-969,3,false,,
005-966-023-558-670,Pemanfaatan Raspberry Pi untuk Hacking dan Forensic,2017-08-10,2017,journal article,Jurnal Teknik Informatika dan Sistem Informasi,24432229; 24432210,Maranatha Christian University,,Ilham Taufiqurrohman; Nur Widiyasono; Husni Mubarok,"Cybercrime because of the people who are not responsible, with the aim of damaging, modifying, and eliminating one's data, one of them with hacking techniques to be able to infiltrate into the data storage makes it easy to commit a crime. Treatment can be performed on cybercrime using forensic science as a problem solver. Cybercrime has digital evidence as traces of a criminal case, with digital evidence forensic science analysis to find out what activities performed on a criminal case. This study analyzed digital evidence on the network by utilizing Raspberry pi as a medium for hacking the network and to obtain digital evidence on the network . The method used to perform analysis of digital evidence is NIST (National Institute of Standards and Technology). Keywords – Cybercrime, Digital evidence, Forensic Science, Hacking, NIST (National Institute of Standards and Technology), Raspberry Pi",3,2,141192,,NIST; Engineering; World Wide Web; Commit; Cybercrime; Digital evidence; Raspberry pi; Criminal case; Problem solver; Computer security; Hacker,,,,,https://www.neliti.com/publications/141192/pemanfaatan-raspberry-pi-untuk-hacking-dan-forensic https://media.neliti.com/media/publications/141192-ID-pemanfaatan-raspberry-pi-untuk-hacking-d.pdf,http://dx.doi.org/10.28932/jutisi.v3i2.604,,10.28932/jutisi.v3i2.604,2755735319,,0,,0,true,,
006-008-915-210-060,Digital evidence : representation and assurance,,2007,dissertation,,,,,Bradley Schatz,"The field of digital forensics is concerned with finding and presenting evidence sourced from digital devices, such as computers and mobile phones. The complexity of such digital evidence is constantly increasing, as is the volume of data which might contain evidence. Current approaches to interpreting and assuring digital evidence rely implicitly on the use of tools and representations made by experts in addressing the concerns of juries and courts. Current forensics tools are best characterised as not easily verifiable, lacking in ease of interoperability, and burdensome on human process.; ; The tool-centric focus of current digital forensics practise impedes access to and transparency of the information represented within digital evidence as much as it assists, by nature of the tight binding between a particular tool and the information that it conveys. We hypothesise that a general and formal representational approach will benefit digital forensics by enabling higher degrees of machine interpretation, facilitating improvements in tool interoperability and validation. Additionally, such an approach will increase human readability.; ; This dissertation summarises research which examines at a fundamental level the nature of digital evidence and digital investigation, in order that improved techniques which address investigation efficiency and assurance of evidence might be identified. The work follows three themes related to this: representation, analysis techniques, and information assurance.; ; The first set of results describes the application of a general purpose representational formalism towards representing diverse information implicit in event based evidence, as well as domain knowledge, and investigator hypotheses. This representational approach is used as the foundation of a novel analysis technique which uses a knowledge based approach to correlate related events into higher level events, which correspond to situations of forensic interest. ; ; The second set of results explores how digital forensic acquisition tools scale and interoperate, while assuring evidence quality. An improved architecture is proposed for storing digital evidence, analysis results and investigation documentation in a manner that supports arbitrary composition into a larger corpus of evidence.; ; The final set of results focus on assuring the reliability of evidence. In particular, these results focus on assuring that timestamps, which are pervasive in digital evidence, can be reliably interpreted to a real world time. Empirical results are presented which demonstrate how simple assumptions cannot be made about computer clock behaviour. A novel analysis technique for inferring the temporal behaviour of a computer clock is proposed and evaluated.",,,,,World Wide Web; Knowledge representation and reasoning; Domain knowledge; Data science; Information assurance; Foundation (evidence); Digital evidence; Computer science; Computer forensics; Documentation; Digital forensics,,,,,https://eprints.qut.edu.au/16507/,https://eprints.qut.edu.au/16507/,,,91024555,,0,021-039-059-085-230; 088-676-229-893-621; 151-378-930-836-964,22,false,,
006-138-917-123-177,IoT-Forensics Meets Privacy: Towards Cooperative Digital Investigations,2018-02-07,2018,journal article,"Sensors (Basel, Switzerland)",14248220; 14243210,Multidisciplinary Digital Publishing Institute (MDPI),Switzerland,Ana Nieto; Ruben Rios; Javier Lopez,"IoT-Forensics is a novel paradigm for the acquisition of electronic evidence whose operation is conditioned by the peculiarities of the Internet of Things (IoT) context. As a branch of computer forensics, this discipline respects the most basic forensic principles of preservation, traceability, documentation, and authorization. The digital witness approach also promotes such principles in the context of the IoT while allowing personal devices to cooperate in digital investigations by voluntarily providing electronic evidence to the authorities. However, this solution is highly dependent on the willingness of citizens to collaborate and they may be reluctant to do so if the sensitive information within their personal devices is not sufficiently protected when shared with the investigators. In this paper, we provide the digital witness approach with a methodology that enables citizens to share their data with some privacy guarantees. We apply the PRoFIT methodology, originally defined for IoT-Forensics environments, to the digital witness approach in order to unleash its full potential. Finally, we show the feasibility of a PRoFIT-compliant digital witness with two use cases.",18,2,492,,Authorization; Information sensitivity; Forensic science; Traceability; Computer security; Computer science; Computer forensics; Documentation; Internet of Things,IoT-forensics; digital witness; privacy,,,IoTest; IoTest; IoTest,https://dblp.uni-trier.de/db/journals/sensors/sensors18.html#NietoRL18 https://pubmed.ncbi.nlm.nih.gov/29414864/ https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5856102 https://core.ac.uk/display/151107539 https://www.nics.uma.es/sites/default/files/papers/nrlSensors2018.pdf https://doi.org/10.3390/s18020492 https://www.mdpi.com/1424-8220/18/2/492/pdf https://www.mdpi.com/1424-8220/18/2/492 https://www.nics.uma.es/biblio/citekey/nrlsensors2018 http://europepmc.org/articles/PMC5856102,http://dx.doi.org/10.3390/s18020492,29414864,10.3390/s18020492,2786407015,PMC5856102,0,025-259-885-861-617; 025-317-658-668-203; 025-487-313-702-455; 029-164-830-214-360; 047-664-342-126-242; 055-811-656-615-740; 061-106-215-301-993; 061-548-981-940-274; 062-325-585-829-185; 068-795-016-904-418; 082-348-465-885-585; 085-059-657-110-862; 093-117-308-515-186; 093-740-393-045-194; 110-969-819-844-63X; 119-527-031-984-388; 129-448-862-235-57X; 135-676-602-165-036; 172-817-568-641-446; 187-762-907-549-695,53,true,cc-by,gold
006-275-746-969-733,IFIP Int. Conf. Digital Forensics - Cognitive Approaches for Digital Forensic Readiness Planning,,2013,book chapter,Advances in Digital Forensics IX,18684238; 1868422x,Springer Berlin Heidelberg,Germany,Antonio Pooe; Les Labuschagne,"This paper focuses on the use of cognitive approaches for digital forensic readiness planning. Research has revealed that a well-thought-out and legally contextualized digital forensic readiness strategy can provide organizations with an increased ability to respond to security incidents while maintaining the integrity of the evidence gathered and keeping investigative costs low. This paper contributes to the body of knowledge in digital forensics related to the design and implementation of digital forensic readiness plans aimed at maximizing the use of digital evidence in organizations. The study uses interviews as part of a mixed-methods approach. In particular, it employs a mix of informal conversational and standardized open-ended interview styles conducted with industry experts over a variety of communication media.",,,53,66,Variety (cybernetics); Cognition; Body of knowledge; Digital evidence; Computer security; Computer science; Knowledge management; Digital forensics,,,,,https://link.springer.com/content/pdf/10.1007/978-3-642-41148-9_4.pdf https://rd.springer.com/chapter/10.1007/978-3-642-41148-9_4 https://hal.inria.fr/hal-01460620/document https://dblp.uni-trier.de/db/conf/ifip11-9/df2013.html#PooeL13 https://link.springer.com/chapter/10.1007/978-3-642-41148-9_4,http://dx.doi.org/10.1007/978-3-642-41148-9_4,,10.1007/978-3-642-41148-9_4,67126864,,0,007-394-596-774-68X; 008-614-895-812-373; 016-255-634-578-521; 027-610-501-516-151; 094-213-099-107-472; 100-385-481-402-639; 154-191-465-535-558; 166-178-398-716-39X; 175-658-759-454-460,4,true,cc-by,green
006-608-623-688-096,ICDF2C - Semantic Modelling of Digital Forensic Evidence,,2011,book chapter,"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering",18678211; 1867822x,Springer Berlin Heidelberg,Germany,Damir Kahvedžić; Tahar Kechadi,"The reporting of digital investigation results are traditionally carried out in prose and in a large investigation may require successive communication of findings between different parties. Popular forensic suites aid in the reporting process by storing provenance and positional data but do not automatically encode why the evidence is considered important. In this paper we introduce an evidence management methodology to encode the semantic information of evidence. A structured vocabulary of terms, ontology, is used to model the results in a logical and predefined manner. The descriptions are application independent and automatically organised. The encoded descriptions aim to help the investigation in the task of report writing and evidence communication and can be used in addition to existing evidence management techniques.",53,,149,156,Controlled vocabulary; World Wide Web; Ontology (information science); Logical conjunction; Information retrieval; Task (project management); Semantic information; Computer science; Process (engineering); ENCODE; Digital forensics,,,,,https://rd.springer.com/chapter/10.1007/978-3-642-19513-6_13 https://ui.adsabs.harvard.edu/abs/2011dfcc.conf..149K/abstract https://link.springer.com/10.1007/978-3-642-19513-6_13 https://link.springer.com/chapter/10.1007%2F978-3-642-19513-6_13,http://dx.doi.org/10.1007/978-3-642-19513-6_13,,10.1007/978-3-642-19513-6_13,21000005,,0,005-116-312-278-527; 018-618-238-562-758; 033-241-817-699-448; 033-758-831-831-195; 035-381-853-639-810; 062-201-917-684-396; 081-437-161-307-223; 120-695-214-222-114; 181-072-396-769-365,14,false,,
006-636-576-030-31X,An Integrated Dataflow Based Model for Digital Investigation,,2009,,,,,,Che-Pin Cheng; Ruey-Shiang Shaw; Te-Chao Liang; Ta-Yu Fu,"This study developed a highly adaptive digital forensic model, applicable to various situations, which clearly describes the digital forensic process and their purposes as well as ensuring the exactness and effectiveness of digital forensic results. It examined the viewpoint of the digital evidence process flow throughout an entire forensic process, and it hoped to provide a complete explanation of the digital forensic procedure and the details of execution. In addition, it proposed three new forensic concepts: primary, supported and comprehensive forensic procedures. The structural hierarchy constructed in the model can be expanded, then divided into its simplest forms, allowing independent task assignments. It further proposed several innovative digital forensic concepts, such as a new feedback mechanism. Finally, this model could provide a detailed list of the resources necessary for an entire forensic activity, applicable to management planning. This model provided a practical description approach and established a comprehensive and uniform digital expression form. The aim is to accumulate and to share experience and knowledge, hoping to create more mature and practical digital forensic science and to provide a reference for the practitioners of digital forensics.",,,,,Software engineering; Digital forensic process; Task (project management); Digital evidence; Hierarchy; Computer security; Computer science; Process (engineering); Data flow diagram; Digital forensics; Dataflow,,,,,https://aisel.aisnet.org/iceb2009/67/,https://aisel.aisnet.org/iceb2009/67/,,,2185548667,,0,001-009-008-665-240; 017-840-378-634-021; 019-831-293-743-518; 020-944-423-224-895; 021-850-998-857-676; 032-697-093-668-898; 034-916-306-834-918; 035-223-520-491-228; 038-668-970-194-854; 065-452-675-566-99X; 085-315-744-117-237; 111-741-773-111-021; 120-697-354-224-33X; 152-264-314-464-125; 178-883-713-153-793; 180-352-675-042-601; 184-948-841-629-735; 190-065-821-748-92X; 199-745-676-923-766,0,false,,
006-839-535-410-076,IFIP Int. Conf. Digital Forensics - On the Creation of Reliable Digital Evidence,,2012,book chapter,IFIP Advances in Information and Communication Technology,18684238; 18612288; 1868422x; 15715736,Springer Berlin Heidelberg,Germany,Nicolai Kuntze; Carsten Rudolph; Aaron Alva; Barbara Endicott-Popovsky; John Christiansen; Thomas Kemmerich,Traditional approaches to digital forensics deal with the reconstruction of events within digital devices that were often not built for the creation of evidence. This paper focuses on incorporating requirements for forensic readiness – designing in features and characteristics that support the use of the data produced by digital devices as evidence. The legal requirements that such evidence must meet are explored in developing technical requirements for the design of digital devices. The resulting approach can be used to develop digital devices and establish processes for creating digital evidence. Incorporating the legal view early in device design and implementation can help ensure the probative value of the evidence produced the devices.,,,3,17,Data science; Digital evidence; Computer security; Computer science; Digital forensics,,,,,https://link.springer.com/10.1007/978-3-642-33962-2_1 https://link.springer.com/chapter/10.1007%2F978-3-642-33962-2_1 https://rd.springer.com/chapter/10.1007%2F978-3-642-33962-2_1 https://dblp.uni-trier.de/db/conf/ifip11-9/df2012.html#KuntzeRAECK12 http://sit.sit.fraunhofer.de/smv/publications/download/IFIPFor2012.pdf https://core.ac.uk/display/56827685 https://research.monash.edu/en/publications/on-the-creation-of-reliable-digital-evidence https://link.springer.com/content/pdf/10.1007%2F978-3-642-33962-2_1.pdf https://hal.inria.fr/hal-01523718/document https://hal.archives-ouvertes.fr/hal-01523718v1 https://hal.inria.fr/hal-01523718,http://dx.doi.org/10.1007/978-3-642-33962-2_1,,10.1007/978-3-642-33962-2_1,39220356,,0,001-009-450-291-528; 001-829-135-644-040; 019-784-116-444-155; 022-530-184-398-582; 027-358-924-583-91X; 031-701-884-539-104; 041-291-462-265-899; 048-141-687-795-752; 068-573-819-186-700; 073-582-404-994-103; 106-885-306-836-498; 128-650-005-202-67X; 142-450-872-700-061,11,true,cc-by,green
007-130-011-487-396,COMPUTATIONAL INTELLIGENCE IN IDENTIFYING COUNTERFEIT DOCUMENTS,2017-04-01,2017,journal article,Journal of emerging technologies and innovative research,23495162,,,Amudha L; T. M. Nithya; J. Ramya,"Digital Forensics is a branch of forensic science that encompases the recovery and investigation of details found in digital devices. Digital Evidence is information found among a variety of electronic devices like CD, pen drive, hard disk or even mobile phones that is useful in legal systems. The use of digital evidences in criminal and civil investigations is taking a major role in recent years. These evidences are equivalent to fingerprints, DNA pattern or iris pattern that is unique for any person. There is still some limitation, where the digital evidence may be misleading. Anyhow, at the end it is the court to decide whether the digital forensic evidence of that investigation is reliable or not. Also with the increasing prevalence of mobile phones, forensic evidences collected from mobile devices are becoming an invaluable source of evidence. This paper shows digital forensics in a different perspective, and analyses the existing methods of digital forensics. The results are checked with all the existing methods and appropriate matching for specific type of forensic evidence like PAN number, Voter ID, AAthar card, etc.with a forensic method.",4,4,217-219,217-219,Iris recognition; Variety (cybernetics); Computational intelligence; Matching (statistics); Mobile device; Data science; Counterfeit; Digital evidence; Computer science; Digital forensics,,,,,https://www.jetir.org/view?paper=JETIR1704054 https://www.jetir.org/papers/JETIR1704054.pdf,https://www.jetir.org/view?paper=JETIR1704054,,,3009357784,,0,,0,false,,
007-206-939-862-809,Anti-forensic implications of software bugs in digital forensic tools,,2012,dissertation,,,,,Alain Jared Homewood,"The digital forensic community relies on a small number of complex tools to analyse digital evidence. These digital forensic tools have greatly improved the accuracy and efficiency of investigations. However, the reliance on tools may be a weakness that can be exploited to prevent or disrupt investigations. Countermeasures to digital forensic techniques, known as anti-forensics, have typically been focussed on techniques to hide or prevent the creation of evidence. The concern of the author is that anti-forensic techniques may soon be focussed on exploiting software bugs in digital forensic tools. The tools used by the digital forensic community are complex with many different functions, which may contain software bugs. The risk of such software bugs is that digital forensic investigations could be compromised. This research evaluates the potential antiforensic risk and implications of software bugs in digital forensic tools. This research first presents a literature review of areas of digital forensics related to anti-forensic risk such as anti-forensic techniques, tool testing methodologies and legal issues. This research then develops a suitable methodology to identify software bugs in digital forensic tools with potential antiforensic risk. The methodology consists of six test cases designed to test various function areas of digital forensic tools for the presence of software bugs. Each test case has associated with it a number of reference sets to be used as input, which contain deliberately malformed data created through the process of file fuzzing. Acceptance spectrums ranging from “critically unacceptable” to “exceeds expectations” were developed to evaluate the anti-forensic risk caused by the identified software bugs. The research was successful in identifying a number of software bugs, the majority of which resulted in the digital forensic tools crashing. The software bugs identified were evaluated for anti-forensic risk and four test cases were determined to pose an unacceptable anti-forensic risk. Two test cases were determined to exceed expectations due to no software bugs being identified. The conclusion of the research is that software bugs in complex function areas of digital forensic tools pose an unacceptable anti-forensic risk. No critically unacceptable risks could be identified by this research. There is potential for further research into the anti-forensic implications of such software bugs.",,,,,Software bug; Fuzz testing; Engineering; Test case; Data science; Software; Digital evidence; Computer security; Process (engineering); Function (engineering); Digital forensics,,,,,https://aut.researchgateway.ac.nz/handle/10292/5364 https://openrepository.aut.ac.nz/handle/10292/5364,https://openrepository.aut.ac.nz/handle/10292/5364,,,1561699721,,0,000-226-390-590-140; 005-102-962-333-180; 007-040-107-555-649; 007-375-878-067-656; 008-507-664-901-527; 011-212-632-773-778; 018-618-238-562-758; 019-351-449-002-917; 019-831-293-743-518; 028-388-674-583-987; 035-672-281-328-899; 046-527-367-793-765; 051-035-217-903-949; 059-286-132-305-816; 067-938-325-014-282; 075-128-417-091-483; 078-598-867-814-365; 097-567-011-227-46X; 134-927-490-231-285; 135-717-892-795-412; 144-811-950-741-592; 148-326-446-189-539; 164-923-824-319-704; 188-930-307-766-457,2,false,,
007-218-942-952-045,Mobile forensics: Beyond traditional sources of digital evidence,2020-06-01,2020,,,,,,Heloise Meyer,,,,,,Digital evidence; Computer science; Multimedia; Android (operating system); Mobile device forensics; Digital forensics,,,,,https://researchspace.csir.co.za/dspace/handle/10204/11557,https://researchspace.csir.co.za/dspace/handle/10204/11557,,,3087698200,,0,,0,false,,
007-262-684-837-156,Visualization and Data Analysis - The forensic validity of visual analytics,2008-01-27,2008,conference proceedings article,SPIE Proceedings,0277786x,SPIE,,Robert F. Erbacher,"The wider use of visualization and visual analytics in wide ranging fields has led to the need for visual analytics capabilities to be legally admissible, especially when applied to digital forensics. This brings the need to consider legal implications when performing visual analytics, an issue not traditionally examined in visualization and visual analytics techniques and research. While digital data is generally admissible under the Federal Rules of Evidence [10][21], a comprehensive validation of the digital evidence is considered prudent. A comprehensive validation requires validation; of the digital data under rules for authentication, hearsay, best evidence rule, and privilege. Additional issues with digital data arise when exploring digital data related to admissibility and the validity of what information was examined, to what extent, and whether the analysis process was sufficiently covered by a search; warrant. For instance, a search warrant generally covers very narrow requirements as to what law enforcement is allowed to examine and acquire during an investigation. When searching a hard drive for child pornography, how admissible is evidence of an unrelated crime, i.e. drug dealing. This is further complicated by the concept of ""in plain view"". When performing an analysis of a hard drive what would be considered ""in plain view"" when analyzing a hard drive. The purpose of this paper is to discuss the issues of digital forensics and the related issues as they apply to visual analytics and identify how visual analytics techniques fit into the digital forensics analysis process, how visual analytics techniques can improve the legal admissibility of digital data, and identify what research is needed to further improve this process. The goal of this paper is to open up consideration of legal ramifications among the visualization; community; the author is not a lawyer and the discussions are not meant to be inclusive of all differences in laws between states and countries.",6809,,171,180,Software analytics; Data visualization; Data science; Law enforcement; Digital evidence; Visualization; Computer security; Computer science; Cultural analytics; Visual analytics; Analytics; Digital forensics,,,,,http://ui.adsabs.harvard.edu/abs/2008SPIE.6809E..0HE/abstract http://dblp.uni-trier.de/db/conf/vda/vda2008.html#Erbacher08 https://www.spiedigitallibrary.org/conference-proceedings-of-spie/6809/1/The-forensic-validity-of-visual-analytics/10.1117/12.786400.full https://dblp.uni-trier.de/db/conf/vda/vda2008.html#Erbacher08 https://proceedings.spiedigitallibrary.org/proceeding.aspx?articleid=811457,http://dx.doi.org/10.1117/12.786400,,10.1117/12.786400,1999315592,,0,,0,false,,
007-314-571-885-858,ICGS3 - Integrated Computer Forensics Investigation Process Model (ICFIPM) for Computer Crime Investigations,2015-09-04,2015,book chapter,Communications in Computer and Information Science,18650929; 18650937,Springer International Publishing,Germany,Reza Montasari; Pekka Peltola; David Evans,"Contrary to traditional crimes for which there exists deep-rooted standards, procedures and models upon which courts of law can rely, there are no formal standards, procedures nor models for digital forensics to which courts can refer. Although there are already a number of various digital investigation process models, these tend to be ad-hoc procedures. In order for the case to prevail in the court of law, the processes followed to acquire digital evidence and terminology utilised must be thorough and generally accepted in the digital forensic community. The proposed novel process model is aimed at addressing both the practical requirements of digital forensic practitioners and the needs of courts for a formal computer investigation process model which can be used to process the digital evidence in a forensically sound manner. Moreover, unlike the existing models which focus on one aspect of process, the proposed model describes the entire lifecycle of a digital forensic investigation.",,,83,95,Existential quantification; Order (exchange); Data science; Digital evidence; Computer security; Computer science; Process (engineering); Terminology; Computer forensics; Process modeling; Digital forensics,,,,,https://core.ac.uk/display/141207120 https://link.springer.com/chapter/10.1007/978-3-319-23276-8_8/fulltext.html https://link.springer.com/content/pdf/10.1007%2F978-3-319-23276-8_8.pdf https://doi.org/10.1007/978-3-319-23276-8_8 https://www.open-access.bcu.ac.uk/4551/ https://rd.springer.com/chapter/10.1007/978-3-319-23276-8_8 https://pure.hud.ac.uk/en/publications/integrated-computer-forensics-investigation-process-model-icfipm- https://cronfa.swan.ac.uk/Record/cronfa54950 https://link.springer.com/chapter/10.1007%2F978-3-319-23276-8_8,http://dx.doi.org/10.1007/978-3-319-23276-8_8,,10.1007/978-3-319-23276-8_8,2204328961,,0,004-652-388-189-304; 004-872-169-627-620; 005-515-442-506-880; 009-440-190-217-215; 014-283-999-201-941; 019-344-621-582-605; 019-831-293-743-518; 020-944-423-224-895; 021-486-901-460-202; 021-850-998-857-676; 022-502-903-446-942; 026-774-296-742-022; 030-359-893-882-572; 032-697-093-668-898; 038-287-375-579-320; 038-668-970-194-854; 042-230-817-975-353; 043-252-048-888-661; 043-858-213-986-473; 047-630-600-014-492; 047-859-979-695-194; 048-464-914-125-131; 052-052-141-922-342; 059-203-126-238-972; 067-726-260-424-525; 067-844-385-207-96X; 067-950-012-629-210; 078-275-236-083-731; 083-748-184-402-072; 128-012-538-128-170; 132-355-634-397-986; 160-160-097-559-323; 162-110-149-751-921; 171-803-389-787-120; 178-883-713-153-793; 190-065-821-748-92X; 190-872-133-741-434,14,false,,
007-321-225-339-593,IFIP Int. Conf. Digital Forensics - A Harmonized Process Model for Digital Forensic Investigation Readiness,,2013,book chapter,Advances in Digital Forensics IX,18684238; 1868422x,Springer Berlin Heidelberg,Germany,Aleksandar Valjarevic; Hein S. Venter,"Digital forensic readiness enables an organization to prepare itself to perform digital forensic investigations in an efficient and effective manner. The benefits include enhancing the admissibility of digital evidence, better utilization of resources and greater incident awareness. However, a harmonized process model for digital forensic readiness does not currently exist and, thus, there is a lack of effective and standardized implementations of digital forensic readiness within organizations. This paper presents a harmonized process model for digital forensic investigation readiness. The proposed model is holistic in nature and properly considers readiness and investigative activities along with the interface between the two types of activities.",,,67,82,Interface (computing); Software engineering; Implementation; Digital evidence; Digital forensic investigation; Computer security; Computer science; Process (engineering); Digital forensics,,,,,https://hal.inria.fr/hal-01460621 https://link.springer.com/content/pdf/10.1007%2F978-3-642-41148-9_5.pdf https://link.springer.com/10.1007/978-3-642-41148-9_5 https://hal.inria.fr/hal-01460621/document https://dblp.uni-trier.de/db/conf/ifip11-9/df2013.html#ValjarevicV13 https://rd.springer.com/chapter/10.1007/978-3-642-41148-9_5 https://link.springer.com/chapter/10.1007/978-3-642-41148-9_5,http://dx.doi.org/10.1007/978-3-642-41148-9_5,,10.1007/978-3-642-41148-9_5,59255397,,0,020-944-423-224-895; 021-486-901-460-202; 044-927-515-004-191; 058-205-117-706-853; 104-249-629-797-999; 184-948-841-629-735; 199-745-676-923-766,13,true,cc-by,green
007-418-655-737-904,Mining Frequent Sequences for Emails in Cyber Forensics Investigation,2014-01-16,2014,journal article,International Journal of Computer Applications,09758887,Foundation of Computer Science,,Priyanka V. Kayarkar; Prashant Ricchariaya; Anand Motwani,"The goal of Digital forensics process is to preserve any evidence in its most original form while performing a structured investigation by collecting, identifying and validating the digital information for the investigation of particular digital crime. Today we are living in the information age, all the information which is transferred over the internet is through the digital devices. With the advent of world-wide web, advanced forms of digital crimes came into picture. Criminal uses the Digital devices to commit Digital crime, so for the investigation forensic Experts have to adopt practical frameworks and methods to recover data for analysis which can comprise as evidence. Investigation of Digital forensics adopts three essential processes: Data Generation, Data Preparation and Data warehousing. Data Mining has unlimited potential in the field of Digital Forensics. Computer forensics is an emerging discipline investigating the computer crime. In this paper we are introducing the cyber Forensics using Sequence Mining algorithm, by comparing it with association rule mining algorithm parameters.",85,17,1,6,The Internet; Data warehouse; World Wide Web; Forensic science; Computer science; Test data generation; Computer forensics; Digital forensics; Information Age,,,,,https://research.ijcaonline.org/volume85/number17/pxc3893332.pdf https://www.ijcaonline.org/archives/volume85/number17/14930-3332,http://dx.doi.org/10.5120/14930-3332,,10.5120/14930-3332,2164121335,,0,003-448-142-212-67X; 003-868-023-351-977; 037-927-986-476-095; 065-520-849-771-46X; 102-602-192-826-532; 115-547-184-477-216,3,true,,bronze
007-445-774-649-222,Forensic Digital Evidence,2017-11-28,2017,book chapter,Forensic Evidence Management,,CRC Press,,Zeno Geradts,"In the last decades, the number of digital devices (Yeh and Xing, 2016) has grown exponentially. Digital devices range from mobile phones, computers, car electronics and the like including any instruments containing digital components of evidentiary value. Since these devices are commonly used by criminals, they can be helpful for solving crimes by utilizing the digital evidence that can be extracted from them. Nowadays, criminal investigations almost always have a digital component (Casey, 2011; Garfinkel et al., 2009; Baggili et al., 2013). The arena of digital evidence in forensic laboratories has grown rapidly and its use in court is routine. In this chapter, we explain the different aspects of digital evidence ranging from quality assurance to alternate types of digital evidence.",,,141,150,Criminal investigation; Electronics; Digital evidence; Computer science; Multimedia,,,,,https://www.taylorfrancis.com/chapters/edit/10.4324/9781315154916-12/forensic-digital-evidence-zeno-geradts https://www.narcis.nl/publication/RecordID/oai%3Adare.uva.nl%3Apublications%2F382a7c89-ad50-4ca2-b6de-b1ded04c9860,http://dx.doi.org/10.4324/9781315154916-12,,10.4324/9781315154916-12,2891305647,,0,132-947-542-107-178,0,false,,
007-458-480-072-061,Akuisisi Bukti Digital Viber Messenger Android Menggunakan Metode National Institute of Standards and Technology (NIST),2021-02-14,2021,journal article,Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi),25800760,Ikatan Ahli Informatika Indonesia (IAII),," Riadi; Rusydi Umar; Muhammad Irwan Syahib","Viber is one of the most popular social media in the Instant Messenger application category that can be used to send text messages, make voice calls, send picture messages and video messages to other users. As many as 260 million people around the world have used this application. Increasing the number of viber users certainly brings positive and negative impacts, one of the negative impacts of this application is the use of digital forensic crime. This research simulates and removes digital crime evidence from the viber application on Android smartphones using the National Institute of Standards Technology (NIST) method, which is a method that has work guidelines on forensic policy and process standards to ensure each investigator follows the workflow the same so that their work is documented and the results can be accounted for. This study uses three forensic tools, MOBILedit Forensic Express, Belkasoft and Autopsy. The results in this study show that MOBILedit Forensic Express gets digital evidence with a percentage of 100% in getting accounts, contacts, pictures and videos. While proof of digital chat is only 50%. Belkasoft gets digital evidence with a percentage of 100% in getting accounts, contacts, pictures and videos. While proof of digital chat is only 50%. For Autopsy does not give the expected results in the extraction process, in other words the Autopsy application gives zero results. It can be concluded that MOBILedit Forensic Express and Belkasoft have a good performance compared to Autopsy and thus this research has been completed and succeeded in accordance with the expected goals.",5,1,45,54,Internet privacy; NIST; Workflow; Digital evidence; Instant messenger; Computer science; Social media; Android (operating system); Digital forensics,,,,,http://jurnal.iaii.or.id/index.php/RESTI/article/view/2626 http://jurnal.iaii.or.id/index.php/RESTI/article/download/2626/366,http://dx.doi.org/10.29207/resti.v5i1.2626,,10.29207/resti.v5i1.2626,3131051498,,0,,1,true,cc-by,gold
007-585-329-032-130,"A holistic based digital forensic readiness framework for Zenith Bank, Nigeria",,2015,,,,,,Adamu Abdullahi Garba; Maheyzah Md Siraj,"The advancement of internet has made many business organizations conduct their operation automatically, in effect its open a possibly dangerous unforeseen information security incidents of both illegal and civil nature. Therefore, if any organization does’t arrange themselves for such instances, it’s likely that vital significant digital evidence will be damage. In other word an organization should has a digital forensic readiness framework (DFR). DFR is the capacity of anyassociation to exploit its prospective to use digital evidence whilst minimizing the cost of investigation. Subsequently, in order to prepare organizations for incident responds, the application of digital forensic readiness policies and procedures is important. Contemporary lack of forensic skills is one of the factors that make organizations reluctant to implement digital forensics. This project propose a holistic-based framework of DFR and investigate how it can be applied to Zenith Bank Plc. This paper surveys existing frameworks to identify the best-suited practical components for Zenith Bank’s operational unit.",,,,,The Internet; Engineering; Exploit; Order (exchange); Process management; Digital evidence; Computer security; Unit (housing); Information security; Zenith; Digital forensics,,,,,http://eprints.utm.my/id/eprint/61738/,http://eprints.utm.my/id/eprint/61738/,,,2624447018,,0,,0,false,,
007-648-632-822-878,Open Source Digital Forensics Tools The Legal Argument 1,,2003,,,,,,Brian Carrier,"This paper addresses digital forensic analysis tools and their use in a legal setting. To enter scientific evidence into a United States court, a tool must be reliable and relevant. The reliability of evidence is tested by applying “Daubert” guidelines. To date, there have been few legal challenges to digital evidence, but as the field matures this will likely change. This paper examines the Daubert guidelines and shows that open source tools may more clearly and comprehensively meet the guidelines than closed source tools.",,,,,Scientific evidence; Engineering; Data science; Digital evidence; Analysis tools; Legal argument; Open source; Field (computer science); Computer security; Digital forensics,,,,,http://www.forensictv.net/Downloads/digital_forensics/open_source_digital_forensic_tools_by_brian_carrier.pdf http://www.dei.isep.ipp.pt/~paf/asi1/atstake_opensource_forensics.pdf http://www.iapsonline.com/sites/default/files/Open%20Source%20Digital%20Forensics%20Tools%20The%20Legal%20Argument%20-%20By%20Brian%20Carrier.pdf https://www.dei.isep.ipp.pt/~paf/asi1/Computer%20Security/atstake_opensource_forensics.pdf http://www.cs.unibo.it/~montreso/master/materiale/varie/forensics.pdf,http://www.dei.isep.ipp.pt/~paf/asi1/atstake_opensource_forensics.pdf,,,2187875768,,0,016-004-336-259-323; 178-883-713-153-793,71,false,,
007-652-700-860-991,Emerging Forensic Tools for Locating and Analyzing Digital Evidence - Introduction and Biography,,,book chapter,Emerging Forensic Tools for Locating and Analyzing Digital Evidence,,IGI Global,,Richard Boddington,,,,1,317,Literature; Art; Biography,,,,,,http://dx.doi.org/10.4018/978-1-4666-9591-7.int,,10.4018/978-1-4666-9591-7.int,2493810410,,0,,0,false,,
007-809-195-469-723,Research on Capture of Live Digital Evidence,,2013,conference proceedings article,"Proceedings of the 2nd International Symposium on Computer, Communication, Control and Automation",19516851,Atlantis Press,,Ying Zhang; Feng Gao,"With the of development of internet, more and more criminals commit the crime via utilizing the information technology, which has aroused the forensic scientists’ interests simultaneously. And the concept of digital evidence has been brought to society consequently. Due to the feature of digital evidence such as easy-loss or unstable, how to implement capture of live system is critical to the forensic technicians and other related staff. This paper analyzes the correct procedures of on-site acquisition concretely, including planning, sceneprotection, collection, preservation, packaging, transportation, and storage. Keywords-electronic evidence; live; capture",,,,,The Internet; Information technology; Commit; Data science; Digital evidence; Computer science; Feature (computer vision),,,,,https://www.atlantis-press.com/proceedings/3ca-13/10183,http://dx.doi.org/10.2991/3ca-13.2013.67,,10.2991/3ca-13.2013.67,2023517107,,0,,0,true,cc-by-nc,gold
008-047-275-222-577,FORENSIC COMPUTING MODELS : TECHNICAL OVERVIEW,2012-05-20,2012,conference proceedings article,Computer Science & Information Technology (CS & IT),,Academy & Industry Research Collaboration Center (AIRCC),,Gulshan Shrivastava; Kavita Sharma; Akansha Dwivedi,"In this paper, we deal with introducing a technique of digital forensics for reconstruction of events or evidences after the commitment of a crime through any of the digital devices. It shows a clear transparency between Computer Forensics and Digital Forensics and gives a brief description about the classification of Digital Forensics. It has also been described that how the emergences of various digital forensic models help digital forensic practitioners and examiners in doing digital forensics. Further, discussed Merits and Demerits of the required models and review of every major model.",,,207,216,Engineering; Transparency (behavior); Forensic computing; Computer security; Computer forensics; Digital forensics,,,,,http://www.airccj.org/CSCP/vol2/csit2222.pdf https://www.researchgate.net/profile/Gulshan_Shrivastava/publication/242524844_FORENSIC_COMPUTING_MODELS_TECHNICAL_OVERVIEW/links/02e7e51cddd9c5c791000000.pdf?disableCoverPage=true,http://dx.doi.org/10.5121/csit.2012.2222,,10.5121/csit.2012.2222,2016264184,,0,004-872-169-627-620; 032-697-093-668-898,9,true,,green
008-064-732-553-166,Law and Judicial Application of Digital Forensic Evidence in Nigeria,2020-05-12,2020,journal article,"Journal of Law, Policy and Globalization",22243240,,,Felix Emeakpore Eboibi; Inetimi Mac-Barango,"The development of information & communication technology has left the Nigerian polity to the application of technology infrastructure to daily activities. In essence, disputes arising from these activities may ordinarily not be effectively settled without applying electronic evidence in proceedings before the courts. The skills and knowledge of electronic evidence require the ingenuity of forensic experts or examiners for the purpose of bridging the gap that may arise in the mind of the courts. Does the Nigerian Law accept forensic expert evidence? Is every evidence expert evidence? Are there set down conditions before the courts for forensic expert evidence to be accepted or applied to proceedings before the courts? What nature of cases requires forensic evidence? This paper  will  demonstrate how  information and communication technology has resulted in the application of digital devices by Nigerians and the nature of the impact it  has . Keywords: Digital Forensics Evidence, Forensics Examiners, Digital Forensics Experts, Law, Judicial application DOI: 10.7176/JLPG/96-08 Publication date: April 30 th 2020",96,,61,75,Political science; Law; Ingenuity; Polity; Information and Communications Technology; Digital forensics,,,,,https://iiste.org/Journals/index.php/JLPG/article/view/52494,https://iiste.org/Journals/index.php/JLPG/article/view/52494,,,3024693437,,0,,0,false,,
008-208-856-040-629,Digital Evidence Characteristics and Legal Issues for Digital Forensics,,2012,,,,,,Chul Ha， Kang; YunJeong Kang,,19,3,29,67,Internet privacy; Engineering; Digital evidence; Computer security; Computer forensics; Digital forensics,,,,,https://www.kci.go.kr/kciportal/ci/sereArticleSearch/ciSereArtiView.kci?sereArticleSearchBean.artiId=ART001725963,https://www.kci.go.kr/kciportal/ci/sereArticleSearch/ciSereArtiView.kci?sereArticleSearchBean.artiId=ART001725963,,,2602863001,,0,,0,false,,
008-241-637-078-111,Unsupervised discovery of relations for analysis of textual data in digital forensics,2010-08-23,2010,dissertation,,,,,Anita Louis,"This dissertation addresses the problem of analysing digital data in digital forensics. It will be shown that text mining methods can be adapted and applied to digital forensics to aid analysts to more quickly, efficiently and accurately analyse data to reveal truly useful information. Investigators who wish to utilise digital evidence must examine and organise the data to piece together events and facts of a crime. The difficulty with finding relevant information quickly using the current tools and methods is that these tools rely very heavily on background knowledge for query terms and do not fully utilise the content of the data. A novel framework in which to perform evidence discovery is proposed in order to reduce the quantity of data to be analysed, aid the analysts’ exploration of the data and enhance the intelligibility of the presentation of the data. The framework combines information extraction techniques with visual exploration techniques to provide a novel approach to performing evidence discovery, in the form of an evidence discovery system. By utilising unrestricted, unsupervised information extraction techniques, the investigator does not require input queries or keywords for searching, thus enabling the investigator to analyse portions of the data that may not have been identified by keyword searches. The evidence discovery system produces text graphs of the most important concepts and associations extracted from the full text to establish ties between the concepts and provide an overview and general representation of the text. Through an interactive visual interface the investigator can explore the data to identify suspects, events and the relations between suspects. Two models are proposed for performing the relation extraction process of the evidence discovery framework. The first model takes a statistical approach to discovering relations based on co-occurrences of complex concepts. The second model utilises a linguistic approach using named entity extraction and information extraction patterns. A preliminary study was performed to assess the usefulness of a text mining approach to digital forensics as against the traditional information retrieval approach. It was concluded that the novel approach to text analysis for evidence discovery presented in this dissertation is a viable and promising approach. The preliminary experiment showed that the results obtained from the evidence discovery system, using either of the relation extraction models, are sensible and useful. The approach advocated in this dissertation can therefore be successfully applied to the analysis of textual data for digital forensics.",,,,,Intelligibility (communication); Relationship extraction; Information extraction; Information retrieval; Data science; Digital data; Digital evidence; Visual interface; Computer science; Text mining; Digital forensics,,,,,https://repository.up.ac.za/handle/2263/27479 https://repository.up.ac.za/bitstream/handle/2263/27479/dissertation.pdf;sequence=1,https://repository.up.ac.za/handle/2263/27479,,,20679701,,0,000-245-488-006-903; 000-326-885-080-95X; 001-381-793-304-07X; 003-124-396-501-26X; 004-446-332-271-977; 005-698-012-833-552; 006-703-462-276-263; 009-767-155-120-316; 010-656-047-738-040; 010-737-091-773-542; 011-305-212-011-315; 011-742-123-630-101; 012-548-307-819-459; 013-857-525-806-504; 015-024-773-485-419; 016-743-692-744-359; 017-274-476-284-906; 018-548-243-972-451; 018-998-715-880-255; 021-521-487-683-451; 022-017-864-132-73X; 022-340-798-091-174; 023-808-075-548-502; 024-723-454-967-065; 026-465-014-914-879; 027-610-501-516-151; 028-428-498-229-148; 028-863-422-831-18X; 029-692-461-278-092; 030-089-078-880-151; 030-590-208-315-142; 031-007-292-352-653; 032-716-760-495-056; 036-034-611-102-295; 037-697-493-515-462; 037-927-986-476-095; 038-072-108-071-401; 038-247-151-174-627; 040-148-545-247-997; 040-456-132-376-488; 042-384-237-254-172; 043-520-068-738-837; 044-395-575-720-718; 046-104-304-295-262; 047-021-752-444-199; 047-502-671-556-516; 048-497-111-727-017; 048-794-115-509-317; 051-107-565-123-180; 053-013-633-806-350; 054-472-086-186-998; 054-628-369-684-389; 056-402-631-971-668; 056-968-866-576-702; 058-929-443-241-960; 059-469-240-670-37X; 059-754-886-488-30X; 062-139-359-148-77X; 062-441-104-889-477; 063-976-673-171-817; 063-997-224-387-893; 067-688-091-472-627; 068-197-180-775-566; 073-691-389-824-124; 076-093-649-168-135; 078-510-452-733-951; 078-566-659-497-979; 079-581-520-293-682; 081-026-723-667-444; 083-553-714-465-362; 086-256-633-023-464; 086-317-458-898-904; 087-046-829-129-237; 087-054-351-164-921; 087-560-027-980-275; 089-671-301-409-181; 090-306-607-454-698; 090-403-810-161-334; 091-323-753-871-247; 094-168-378-919-211; 094-765-849-320-156; 097-146-732-036-81X; 097-676-723-678-966; 098-843-994-451-562; 099-374-630-338-689; 100-392-322-518-277; 102-602-192-826-532; 103-765-256-384-159; 104-297-346-206-227; 106-535-240-709-524; 107-233-135-717-138; 108-837-240-730-565; 115-197-146-289-962; 115-547-184-477-216; 116-506-023-626-263; 116-768-664-820-613; 119-629-238-714-868; 120-072-322-429-12X; 121-978-193-281-794; 122-234-240-443-472; 127-759-831-979-862; 128-410-552-923-705; 129-597-056-224-138; 130-472-793-008-597; 134-531-628-661-026; 134-733-887-381-294; 138-251-776-801-894; 138-270-687-058-342; 140-366-074-031-022; 140-430-349-773-716; 142-829-921-102-209; 144-206-483-460-496; 154-738-600-565-263; 159-003-937-323-248; 160-155-548-625-478; 166-657-349-267-549; 167-354-016-650-855; 168-424-438-505-399; 169-008-385-036-94X; 175-808-945-574-045; 177-175-750-040-989; 177-591-933-478-599; 178-100-501-663-130; 180-005-180-254-956; 190-363-121-196-947; 191-377-416-370-467; 198-027-850-841-318; 199-172-967-270-034,1,false,,
008-248-336-372-327,SADFE - Digital Records Forensics: Ensuring Authenticity and Trustworthiness of Evidence Over Time,,2010,book,2010 Fifth IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering,,IEEE,,Adam Jansen,"Abstract—As digital evidence becomes increasingly common in the court systems, educated, trained professionals are required to manage the lifecycle of evidence from initial collection through final disposition. This paper describes a work-in-progress between the University of British Columbia and the Vancouver Police Department toward the creation of a new discipline, called Digital Records Forensics, focusing on the authenticity, trustworthiness and admissibility of evidence over time. The Digital Records Forensics Project is engaging in a wide range of research activities, including multi-national, cross-domain interviews, extensive interdisciplinary literature reviews, case studies and digital forensics workflow modeling.",,,84,88,Internet privacy; The Internet; Engineering; Trustworthiness; Admissible evidence; Digital preservation; Digital evidence; Digital records; Computer forensics; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/sadfe/sadfe2010.html#Jansen10 https://www.computer.org/csdl/proceedings/sadfe/2010/4052/00/4052a084.pdf http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000005491961 https://dl.acm.org/citation.cfm?id=1829575 https://ieeexplore.ieee.org/document/5491961/,http://dx.doi.org/10.1109/sadfe.2010.20,,10.1109/sadfe.2010.20,2039401290,,0,020-944-423-224-895; 038-668-970-194-854; 041-620-409-429-393; 104-687-739-050-263; 152-367-914-106-884,4,false,,
008-403-725-647-520,Technical Challenges and Directions for Digital Forensics,,2005,,,,,,George M. Mohay,"Digital forensics is concerned with the investigation of any suspected crime or misbehaviour that may be manifested by digital evidence. The digital evidence may be manifest in various forms. It may be manifest on digital electronic devices or computers that are simply passive repositories of evidence that documents the activity, or it may consist of information or meta-information resident on the devices or computers that have been used to actually facilitate the activity, or that have been targeted by the activity. In each of these three cases, we have recorded digital evidence of the activity. This paper examines some recent advances in digital forensics and some important emerging challenges. It considers the following topics: tools and their evolution; the implications of large volumes of data; the impact of embedded and special-purpose computer systems; corporate governance and its implications for 'forensic readiness'; and the role of forensics in securing the Internet.",,,,,The Internet; World Wide Web; Digital evidence; Corporate governance; Computer science; Computer forensics; Digital forensics,,,,,https://eprints.qut.edu.au/25308/,https://eprints.qut.edu.au/25308/,,,1481958427,,0,,0,false,,
008-598-808-594-324,The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics,2012-03-09,2012,book,,,,,John Sammons,"The Basics of Digital Forensics provides a foundation for people new to the digital forensics field. This book teaches you how to conduct examinations by discussing what digital forensics is, the methodologies used, key technical concepts and the tools needed to perform examinations. Details on digital forensics for computers, networks, cell phones, GPS, the cloud, and Internet are discussed. Also learn how to collect evidence, document the scene, and how deleted data is recovered.; ; ; ; Learn all about what Digital Forensics entails; Build a toolkit and prepare an investigative plan; Understand the common artifacts to look for during an exam; ; Table of Contents; ; ; Chapter 1. Introduction Chapter 2. Key Technical Concepts Chapter 3. Labs and Tools Chapter 4. Collecting Evidence Chapter 5. Windows System Artifacts Chapter 6. Anti-Forensics Chapter 7. Legal Chapter 8. Internet and Email Chapter 9. Network Forensics Chapter 10. Mobile Device Forensics Chapter 11. Looking Ahead: Challenges and Concerns",,,,,The Internet; Computer science; Multimedia; Network forensics; Computer forensics; Plan (drawing); Table of contents; Mobile device forensics; Cloud computing; Digital forensics,,,,,https://www.amazon.com/Basics-Digital-Forensics-Getting-Started/dp/0128016353 https://www.goodreads.com/work/editions/17610711-the-basics-of-digital-forensics-the-primer-for-getting-started-in-digit https://dl.acm.org/citation.cfm?id=2168355,https://www.amazon.com/Basics-Digital-Forensics-Getting-Started/dp/0128016353,,,2273160540,,0,,29,false,,
008-614-567-110-380,Integrity scheme on digital forensic,,2007,journal article,Application Research of Computers,,,,Guo Yuan-bo,"Designed an integrity scheme on digital forensic.Built digest by SHA algorithm,and fingerprint which was used to validate digital evidence was a combination of digest and system time.Fingerprint achieved data confidentiality,integrity and availability by secret share.The scheme ensured the integrity of digital evidence,and it was fault tolerant.",,,,,Scheme (programming language); Fingerprint (computing); Digital evidence; Computer security; Computer science; Fault tolerance; Confidentiality; Digital forensics,,,,,https://en.cnki.com.cn/Article_en/CJFDTotal-JSYJ200712048.htm,https://en.cnki.com.cn/Article_en/CJFDTotal-JSYJ200712048.htm,,,2387119877,,0,,0,false,,
008-751-783-762-210,Implementing Digital Forensic Readiness: From Reactive to Proactive Process,2016-02-29,2016,book,,,,,Jason Sachowski,"Implementing Digital Forensic Readiness: From Reactive to Proactive Process shows information security and digital forensic professionals how to increase operational efficiencies by implementing a pro-active approach to digital forensics throughout their organization. It demonstrates how digital forensics aligns strategically within an organization's business operations and information security's program. This book illustrates how the proper collection, preservation, and presentation of digital evidence is essential for reducing potential business impact as a result of digital crimes, disputes, and incidents. It also explains how every stage in the digital evidence lifecycle impacts the integrity of data, and how to properly manage digital evidence throughout the entire investigation. Using a digital forensic readiness approach and preparedness as a business goal, the administrative, technical, and physical elements included throughout this book will enhance the relevance and credibility of digital evidence. Learn how to document the available systems and logs as potential digital evidence sources, how gap analysis can be used where digital evidence is not sufficient, and the importance of monitoring data sources in a timely manner. This book offers standard operating procedures to document how an evidence-based presentation should be made, featuring legal resources for reviewing digital evidence.Explores the training needed to ensure competent performance of the handling, collecting, and preservation of digital evidenceDiscusses the importance of how long term data storage must take into consideration confidentiality, integrity, and availability of digital evidenceEmphasizes how incidents identified through proactive monitoring can be reviewed in terms of business riskIncludes learning aids such as chapter introductions, objectives, summaries, and definitions",,,,,Business operations; Process management; Credibility; Digital evidence; Computer science; Process (engineering); Information security; Confidentiality; Digital forensics; Relevance (information retrieval),,,,,https://www.taylorfrancis.com/books/mono/10.1201/9780429441363/implementing-digital-forensic-readiness-jason-sachowski https://openlibrary.org/books/OL28595117M/Implementing_Digital_Forensic_Readiness https://www.amazon.com/Implementing-Digital-Forensic-Readiness-Proactive-ebook/dp/B01CL0739W https://www.taylorfrancis.com/books/9780429441363 https://www.scholartext.com/book/88832757,https://www.taylorfrancis.com/books/mono/10.1201/9780429441363/implementing-digital-forensic-readiness-jason-sachowski,,,2909466323,,0,,11,false,,
008-782-115-725-766,The Search and Seizure of Digital Evidence by Forensic Investigators in South Africa,2019-04-25,2019,journal article,Potchefstroom Electronic Law Journal,17273781,Academy of Science of South Africa,,Jacobus Gerhardus Nortje; Daniel Christoffel Myburgh,"The discipline of digital forensics requires a combination of skills, qualifications and knowledge in the area of forensic investigation, legal aspects and information technology. The uniqueness of digital evidence makes the adoption of traditional legal approaches problematic.; Information technology terminology is currently used interchangeably without any regard to being unambiguous and consistent in relation to legal texts. Many of the information technology terms or concepts have not yet achieved legal recognition.; The recognition and standardisation of terminology within a legal context are of the utmost importance to ensure that miscommunication does not occur.; To provide clarity or guidance on some of the terms and concepts applicable to digital forensics and for the search and seizure of digital evidence, some of the concepts and terms are reviewed and discussed, using the Criminal Procedure Act 51 of 1977 as a point of departure.; Digital evidence is often collected incorrectly and analysed ineffectively or simply overlooked due to the complexities that digital evidence poses to forensic investigators. As with any forensic science, specific regulations, guidelines, principles or procedures should be followed to meet the objectives of investigations and to ensure the accuracy and acceptance of findings. These regulations, guidelines, principles or procedures are discussed within the context of digital forensics: what processes should be followed and how these processes ensure the acceptability of digital evidence. These processes include international principles and standards such as those of the Association of Chiefs of Police Officers and the International Organisation of Standardisation. A summary is also provided of the most influential or best-recognised international (IOS) standards on digital forensics.; It is concluded that the originality, reliability, integrity and admissibility of digital evidence should be maintained as follows:; ; Data should not be changed or altered.; Original evidence should not be directly examined.; Forensically sound duplicates should be created.; Digital forensic analyses should be performed by competent persons.; Digital forensic analyses should adhere to relevant local legal requirements.; Audit trails should exist consisting of all required documents and actions.; The chain of custody should be protected.; Processes and procedures should be proper, while recognised and accepted by the industry.; ; If the ACPO (1997) principles and ISO/IEC 27043 and 27037 Standards are followed as a forensic framework, then digital forensic investigators should follow these standards as a legal framework.",22,1,1,42,Chain of custody; Information technology; Law; Context (language use); Digital evidence; Computer science; Terminology; Engineering ethics; Search and seizure; Audit trail; Digital forensics,,,,,https://perjournal.co.za/article/download/4886/7609 http://www.scielo.org.za/scielo.php?script=sci_arttext&pid=S1727-37812019000100015 http://www.scielo.org.za/pdf/pelj/v22n1/15.pdf https://perjournal.co.za/article/view/4886 https://doaj.org/article/c71c56d0c79f497bba7b913364a54d72 https://repository.nwu.ac.za/handle/10394/32469 https://dspace.nwu.ac.za/handle/10394/32469 https://www.ajol.info/index.php/pelj/article/view/216461,http://dx.doi.org/10.17159/1727-3781/2019/v22i0a4886,,10.17159/1727-3781/2019/v22i0a4886,2947399083,,0,011-595-637-615-462; 016-255-634-578-521; 021-254-917-283-500; 035-898-815-030-977; 042-373-091-814-099; 047-456-447-003-568; 054-861-209-750-456; 061-099-981-771-326; 061-542-609-981-822; 064-239-251-612-842; 087-300-425-406-630; 090-322-349-422-254; 095-080-443-019-181; 100-767-382-538-470; 110-123-934-011-554; 121-538-836-907-553; 155-899-374-390-306; 160-934-987-081-858; 175-257-770-653-834,4,true,cc-by,gold
009-057-604-995-868,Emerging Forensic Tools for Locating and Analyzing Digital Evidence - Current and Future Challenges Confronting the Use of Digital Evidence,,,book chapter,Emerging Forensic Tools for Locating and Analyzing Digital Evidence,,IGI Global,,Richard Boddington,,,,1671,2530,Current (fluid); Political science; Data science; Digital evidence,,,,,,http://dx.doi.org/10.4018/978-1-4666-9591-7.les3,,10.4018/978-1-4666-9591-7.les3,2487570316,,0,,0,false,,
009-131-548-198-284,TSA - A Time-Space Attribute-Based Evidence Fixing Method in Digital Forensics,,2016,book,2016 Third International Conference on Trustworthy Systems and their Applications (TSA),,IEEE,,Yang Yu; Chao Li; Guozi Sun,"Digital evidence might be tampered in the process of digital forensics, which would reduce the credibility of the evidence. Considering the lack of reliability in traditional digital forensics, the authors introduce the idea of a time-space attribute-based evidence fixing method (TAEFM). It fixes digital evidence by generation hash code with fingerprint identification data, trusted time-stamp and e-signature. This system can enhance the credibility of digital evidence and verify whether and which part of evidence was tampered. The location of tampered evidence can be extending to the further forensics.",,,127,131,Engineering; Fingerprint; Credibility; Digital evidence; Computer security; Network forensics; Computer forensics; Digital forensics; Process (computing); Hash function,,,,,http://doi.org/10.1109/TSA.2016.30 http://ieeexplore.ieee.org/document/7780237/ https://ieeexplore.ieee.org/document/7780237/ https://doi.org/10.1109/TSA.2016.30 https://dblp.uni-trier.de/db/conf/tsa/tsa2016.html#YangLS16,http://dx.doi.org/10.1109/tsa.2016.30,,10.1109/tsa.2016.30,2566234475,,1,001-145-556-228-777; 003-556-992-169-311; 004-462-855-142-541; 012-411-434-442-191; 014-063-245-105-860; 019-624-624-451-658; 029-481-340-337-906; 054-476-625-306-417; 058-100-794-186-145; 062-277-855-248-505; 068-552-714-875-144; 072-404-001-218-451; 082-992-010-860-610; 134-017-029-381-186,1,false,,
009-161-602-437-854,Assessing age-related morphology of the pubic symphysis from digital images versus direct observation.,,2005,journal article,Journal of forensic sciences,00221198,Wiley-Blackwell,United States,Myra L. Sitchon; Robert D. Hoppa,"The increasingly global role of a forensic anthropologist necessitates a proper means for archiving evidence for re-examination. Large quantities of evidence can be stored and be made readily accessible through digital imaging. This study focuses on age assessment from digital photographs for personal identity reconstructions. A comparison of 52 Suchey-Brooks scores assigned to digital images and actual bone revealed that age assessment from digital images can be completed with accuracy. Coefficients of concordance imply that there significant agreement between osteological assessment of aging criteria from digital images and direct observation-greater than random change alone (p < 0.05). However, assessments from images should be approached with caution since there are inherent limitations of the naked eye in identifying morphological changes in certain skeletal features, especially where older adults are concerned. Although there is no replacement for a hands-on physical assessment, a digital archive may facilitate the global needs of the forensic anthropologist.",50,4,791,795,Digital imaging; Optometry; Psychology; Concordance; Forensic anthropology; Anthropology; Pubic symphysis; Direct observation; Age related; Digital image; Image processing,,"Age Determination by Skeleton/methods; Female; Forensic Anthropology/methods; Humans; Image Processing, Computer-Assisted; Male; Pubic Symphysis/anatomy & histology",,,https://www.astm.org/doiLink.cgi?JFS2004182 https://dialnet.unirioja.es/servlet/articulo?codigo=1244787 https://www.ncbi.nlm.nih.gov/pubmed/16078479 https://www.astm.org/DIGITAL_LIBRARY/JOURNALS/FORENSIC/PAGES/JFS2004182.htm,https://www.ncbi.nlm.nih.gov/pubmed/16078479,16078479,,2070167432,,0,,11,false,,
009-233-070-910-38X,Forensic Computing (Dagstuhl Seminar 13482),,,,,,,,Felix C. Freiling; Gerrit Hornung; Radim Polcák,"Forensic computing} (sometimes also called digital forensics, computer forensics or IT forensics) is a branch of forensic science pertaining to digital evidence, i.e., any legal evidence that is processed by digital computer systems or stored on digital storage media. Forensic computing is a new discipline evolving within the intersection of several established research areas such as computer science, computer engineering and law.; ; Forensic computing is rapidly gaining importance since the amount of crime involving digital systems is steadily increasing. Furthermore, the area is still underdeveloped and poses many technical and legal challenges.; ; This Dagstuhl seminar brought together researchers and practitioners from computer science and law covering the diverse areas of forensic computing. The goal of the seminar was to further establish forensic computing as a scientific research discipline, to identify the strengths and weaknesses of the research field, and to discuss the foundations of its methodology. ; ; The seminar was jointly organized by Prof.Dr. Felix Freiling (Friedrich-Alexander-Universitat Erlangen-Nurnberg, Germany), Prof.Dr. Radim Polcak (Masaryk University, Czech Republic), Prof.Dr. Gerrit Hornung (Universitat Passau, Germany). It was attended by 22 participants and its structure was based on experiences from a similar seminar in 2011 (Dagstuhl Seminar 11401).",3,11,193,208,Structure (mathematical logic); Data science; Digital evidence; Digital storage; Research areas; Field (computer science); Computer forensics; Strengths and weaknesses; Digital forensics,,,,,https://dblp.uni-trier.de/db/journals/dagstuhl-reports/dagstuhl-reports3.html#FreilingHP13 http://dx.doi.org/10.4230/DagRep.3.11.193 https://drops.dagstuhl.de/opus/volltexte/2014/4442/pdf/dagrep_v003_i011_p193_s13482.pdf/ https://drops.dagstuhl.de/opus/volltexte/2014/4442/ https://doi.org/10.4230/DagRep.3.11.193,http://dx.doi.org/10.4230/dagrep.3.11.193,,10.4230/dagrep.3.11.193,2916829431,,0,,1,false,,
009-386-221-930-423,Digital forensics investigation methodology applicable for social network services,2014-07-19,2014,journal article,Multimedia Tools and Applications,13807501; 15737721,Springer Science and Business Media LLC,Netherlands,Yu-Jong Jang; Jin Kwak,"Social network services (SNSs) contain various information such as conversations between users, user location information, personal network, and user psychology. This information can be useful for incident investigation. However, in SNSs, unlike computing services that offer services by saving data on a device, a device that uses a SNS with real-time synchronization generally only saves information that is not effective evidence, such as SNS usage log records. However, if digital evidence can be collected through an appropriate digital forensic process, various information such as a social network user's friend list, conversations, and personal relationships can be collected as digital evidence. Therefore, this paper suggests a digital forensic process for digital devices using SNSs. To analyze digital evidence about SNSs, this proposed method is composed of effective processes, classifying digital devices, collecting digital evidence, and analysis.",74,14,5029,5040,Synchronization (computer science); World Wide Web; Mobile device; Digital forensic process; Personal network; Digital evidence; Computer science; Digital forensics; Social network,,,,,https://link.springer.com/article/10.1007/s11042-014-2061-8 https://link.springer.com/content/pdf/10.1007%2Fs11042-014-2061-8.pdf https://dblp.uni-trier.de/db/journals/mta/mta74.html#JangK15,http://dx.doi.org/10.1007/s11042-014-2061-8,,10.1007/s11042-014-2061-8,2038106871,,0,008-197-606-198-684; 021-775-864-388-993; 033-174-479-774-929; 038-252-668-782-162; 069-368-602-351-377; 094-502-004-274-093; 101-875-322-318-577; 103-104-153-644-669; 105-128-303-857-483; 113-525-536-343-466,23,false,,
009-423-951-602-421,MIPRO - Analysis of mobile phones in digital forensics,,2017,conference proceedings article,"2017 40th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO)",,IEEE,,Sengul Dogan; Erhan Akbal,"Nowadays, the need to tackle rapidly increased crimes is increasing day by day to help ensuring justice. Digital forensics can be defined as the process of collecting, examining, analyzing and reporting of digital evidence without any damage. Digital forensics requires a detailed examination of devices such as computers, mobile phones, sim cards, tablets that contain digital evidence regardless of whether the crime is large or small. Among these devices, mobile phones take an important place in digital forensics because of their widely usages by every individual. The importance of examining of the data called as evidence in mobile phones has increased with advances in technology, operation capacity, storage capacity and functionality. In a forensics case, mobile phones must be examined by authorized persons and the data obtained from the device must be brought to standards that can be used forensically. In this study, examination and analysis of mobile phones in terms of digital forensics is evaluated. At the same time, data that can be obtained from mobile phones through a sample application has been investigated.",,,1241,1244,Mobile computing; Digital evidence; Computer security; Mobile search; Subscriber identity module; Computer science; Network forensics; Mobile Web; Mobile device forensics; Digital forensics,,,,,https://ieeexplore.ieee.org/document/7973613/ http://ieeexplore.ieee.org/document/7973613 https://ieeexplore.ieee.org/abstract/document/7973613 https://dblp.uni-trier.de/db/conf/mipro/mipro2017.html#DoganA17,http://dx.doi.org/10.23919/mipro.2017.7973613,,10.23919/mipro.2017.7973613,2735724513,,0,007-790-059-029-953; 012-789-680-198-686; 019-831-293-743-518; 026-768-011-144-301; 030-359-893-882-572; 059-203-126-238-972; 086-114-455-397-610; 087-863-544-029-830; 089-695-854-791-989; 109-594-603-932-768; 134-927-490-231-285; 135-262-782-091-897; 137-455-205-949-586; 183-089-794-387-681,12,false,,
009-577-219-895-771,A Medical Records For Digital Forensics Post- Incident Identification Credential,2018-01-09,2018,,,,,,Nurul Hamdi,"Medical is a new field in the rapidly evolving world of computers lately with Banta-news showed that review of crimes in the field of computers and the increasing number of books that explore about digital forensics, so the add reference knowledge for young researchers. With the birth of Information Act Electronic Transaction number 11 of 2008, it is increasingly making these disciplines into the tools to dismantle crime involving computer world, because in general, computer crime is leaving digital traces, hence the need for a computer forensics expert who will secure evidence-called digital or digital evidence. Computer Forensics would require a standard operational procedure in taking digital evidence from being contaminated by the time the data was taken from the digital evidence that are easy to forensic computer expert to perform a system recovery after damage. Keywords: Medical Informatics, Digital Evidence, Forensic Disk",1,2,,,Health informatics; Medical record; Data science; Credential; Digital evidence; Field (computer science); Computer science; Computer forensics; Identification (information); Digital forensics,,,,,http://www.jurnal.uui.ac.id/index.php/jics/article/view/89,http://www.jurnal.uui.ac.id/index.php/jics/article/view/89,,,2909065290,,0,,0,false,,
009-780-085-303-411,ICGS3 - Cloud Forensics Challenges Faced by Forensic Investigators,2015-09-04,2015,book chapter,Communications in Computer and Information Science,18650929; 18650937,Springer International Publishing,Germany,Wakas Mahmood; Hamid Jahankhani; Aykut Ozkaya,"Cloud computing has generated significant interest in both academia and industry, but it is still an evolving paradigm. Cloud computing services are also, a popular target for malicious activities; resulting to the exponential increase of cyber attacks. Digital evidence is the evidence that is collected from the suspect’s workstations or electronic medium that could be used in order to assist computer forensics investigations. Cloud forensics involves digital evidence collection in the cloud environment. The current established forensic procedures and process models require major changes in order to be acceptable in cloud environment. This paper, aims to assess challenges forensic examiners face in tracking down and using digital information stored in the cloud and discuss the importance of education and training to handle, manage and investigate computer evidence.",,,74,82,Data science; Suspect; Digital evidence; Cloud computing services; Cloud forensics; Computer science; Computer forensics; Workstation; Process modeling; Cloud computing,,,,,https://link.springer.com/content/pdf/10.1007%2F978-3-319-23276-8_7.pdf https://link.springer.com/chapter/10.1007/978-3-319-23276-8_7/fulltext.html https://rd.springer.com/chapter/10.1007/978-3-319-23276-8_7 https://doi.org/10.1007/978-3-319-23276-8_7 https://link.springer.com/chapter/10.1007/978-3-319-23276-8_7,http://dx.doi.org/10.1007/978-3-319-23276-8_7,,10.1007/978-3-319-23276-8_7,2210582338,,0,041-879-975-858-398; 042-661-318-907-799; 091-619-263-117-914; 095-691-114-276-825; 096-416-027-558-541; 103-514-236-351-791; 110-010-690-717-911; 123-304-888-889-490; 146-928-063-964-361; 180-023-902-450-30X,2,false,,
009-862-177-957-585,Two-Step Injection Method for Collecting Digital Evidence in Digital Forensics,,2014,journal article,Journal of ICT Research and Applications,23375787; 23385499,The Institute for Research and Community Services (LPPM) ITB,Indonesia,Nana Rachmana Syambas; Naufal El Farisi,"In digital forensic investigations, the investigators take digital evidence from computers, laptops or other electronic goods. There are many complications when a  suspect or related person does not want to cooperate or has removed digital evidence. A  lot of research has been done with the goal of retrieving data from flash memory or  other digital storage media from which the content has been deleted. Unfortunately,  such methods cannot guarantee that all data will be recovered. Most data can only be  recovered partially and sometimes not perfectly, so that some or all files cannot be  opened. This paper proposes the development of a new method for the retrieval of  digital evidence called the Two-Step Injection method (TSI). It focuses on the  prevention of the loss of digital evidence through the deletion of data by suspects or  other parties. The advantage of this method is that the system works in secret and can be  combined with other digital evidence applications that already exist, so that the  accuracy and completeness of the resulting digital evidence can be improved. An  experiment to test the effectiveness of the method was set up. The developed TSI  system worked properly and had a 100% success rate.",8,2,141,156,Set (abstract data type); Suspect; Digital evidence; Digital storage; Two step; Computer security; Computer science; Digital forensics,,,,,https://doaj.org/article/c635faa0a742491a8ce8f42bde6aeb72 https://core.ac.uk/download/pdf/291851383.pdf,http://dx.doi.org/10.5614/itbj.ict.res.appl.2014.8.2.5,,10.5614/itbj.ict.res.appl.2014.8.2.5,1916494655,,0,017-335-677-993-203; 017-815-064-018-299; 018-182-926-340-45X; 028-180-038-189-484; 030-045-112-792-346; 033-970-395-033-397; 034-497-160-604-138; 054-408-281-868-875; 059-469-169-162-785; 069-164-282-798-000; 095-691-114-276-825; 155-074-178-700-550; 170-238-670-627-975; 175-791-313-672-423; 178-883-713-153-793; 180-706-989-021-884; 183-000-233-873-221,2,true,cc-by-nd,gold
009-885-874-541-907,"Data reduction and data mining framework for digital forensic evidence: Storage, intelligence, review and archive",2014-09-17,2014,journal article,Trends and issues in crime and criminal justice,08178542,,,Darren Quick; Kim-Kwang Raymond Choo,"With the volume of digital forensic evidence rapidly increasing, this paper proposes a data reduction and data mining framework that incorporates a process of reducing data volume by focusing on a subset of information. Foreword The volume of digital forensic evidence is rapidly increasing, leading to large backlogs. In this paper, a Digital Forensic Data Reduction and Data Mining Framework is proposed. Initial research with sample data from South Australia Police Electronic Crime Section and Digital Corpora Forensic Images using the proposed framework resulted in significant reduction in the storage requirements—the reduced subset is only 0.196 percent and 0.75 percent respectively of the original data volume. The framework outlined is not suggested to replace full analysis, but serves to provide a rapid triage, collection, intelligence analysis, review and storage methodology to support the various stages of digital forensic examinations. Agencies that can undertake rapid assessment of seized data can more effectively target specific criminal matters. The framework may also provide a greater potential intelligence gain from analysis of current and historical data in a timely manner, and the ability to undertake research of trends over time.",,480,1,,Volume (computing); Data mining; Data processing; Data reduction; Project commissioning; Computer science; Process (engineering); Sample (statistics); Intelligence analysis; Digital forensics,,,,,https://apo.org.au/sites/default/files/resource-files/2014-09/apo-nid41334.pdf https://www.questia.com/library/journal/1P3-3455023131/data-reduction-and-data-mining-framework-for-digital https://apo.org.au/node/41334,https://www.questia.com/library/journal/1P3-3455023131/data-reduction-and-data-mining-framework-for-digital,,,3124983056,,0,,44,false,,
009-940-339-227-472,ADOPTION OF CHAIN OF CUSTODY IMPROVES DIGITAL FORENSIC INVESTIGATION PROCESS,2018-07-27,2018,journal article,Iraqi Journal of Information & Communications Technology,2222758x,College of Information Engineering - Al-Nahrain University,,Talib M. Jawad Abbas,"Chain of custody plays an important role in determine integrity of digital evidence, because the chain of custody works on a proof that evidence has not been altered or changed through all phases, and must include documentation on how evidence is gathered, transported, analyzed and presented.; The aims of this work is first to find out how the chain of custody has been applied to a wide range of models of the digital forensic investigation process for more than ten years. Second, a review of the methods on digitally signing an evidence that achieves the successful implementation of chain of custody through answering a few questions ""who, when, where, why, what and how"", and thus providing digital evidence to be accepted by the court. Based on the defined aims an experimental environment is being setup to outline practically an acceptable method in chain of custody procedure. Therefore, we have adopted SHA512 for hashing and regarding encryption RSA and GnuGP is applied where according to the defined requirement a combination of this algorithms could be adopted as a practical method.",1,2,13,23,Chain of custody; Risk analysis (engineering); Encryption; SHA-2; Digital evidence; Computer science; Process (engineering); Documentation; Digital forensics; Hash function,,,,,https://www.iasj.net/iasj/article/166851,http://dx.doi.org/10.31987/ijict.1.2.14,,10.31987/ijict.1.2.14,2887641627,,0,,1,false,,
009-970-882-718-457,Cyber Forensics: From Data to Digital Evidence - A Cyber Forensic Process Summary,2015-10-02,2015,book chapter,Cyber Forensics,,"John Wiley & Sons, Inc.",,Albert J. Marcella; Frederic Guillossou,,,,283,295,Data science; Computer science; Process (engineering),,,,,,http://dx.doi.org/10.1002/9781119203452.ch13,,10.1002/9781119203452.ch13,2505585530,,0,,0,false,,
010-340-099-425-563,Memory Based Anti-Forensic Tools and Techniques,,,book chapter,Pervasive Information Security and Privacy Developments,,IGI Global,,Hamid Jahankhani; Elidon Beqiri,"<jats:p>Computer forensics is the discipline that deals with the acquisition, investigation, preservation and presentation of digital evidence in the court of law. Whereas anti-forensics is the terminology used to describe malicious activities deployed to delete, alter or hide digital evidence with the main objective of manipulating, destroying and preventing the creation of evidence .Various anti-forensic methodologies and tools can be used to interfere with digital evidence and computer forensic tools. However, memory-based anti-forensic techniques are of particular interest because of their effectiveness, advanced manipulation of digital evidence and attack on computer forensic tools. These techniques are mainly performed in volatile memory using advanced data alteration and hiding techniques. For these reasons memory-based anti-forensic techniques are considered to be unbeatable. This chapter aims to present some of the current anti-forensic approaches and in particular reports on memory-based anti-forensic tools and techniques.</jats:p>",,,184,199,Data science; Computer science,,,,,https://www.igi-global.com/chapter/memory-based-anti-forensic-tools/45811,http://dx.doi.org/10.4018/978-1-61692-000-5.ch013,,10.4018/978-1-61692-000-5.ch013,2498298511,,0,025-953-293-295-113; 073-958-553-865-236; 078-598-867-814-365; 128-301-609-429-087; 157-130-561-907-868; 180-023-902-450-30X,1,true,cc-by-nd,green
010-447-893-753-337,IIH-MSP - Proposal of Digital Forensic System Using Security Device and Hysteresis Signature,,2007,conference proceedings article,Third International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP 2007),,IEEE,,Yuuki Ashino; Ryoichi Sasaki,"With the development of the Internet society, digital forensics, i.e., the technology and procedures used to prepare digital evidence for litigating against Internet crime, has been used extensively. In particular, digital forensics used in the corporate world, primarily in relation to litigation involving computer-related evidence in civil matters such as breaches of contract or breaches of confidence, has recently gained a great deal of attention. Digital forensics requires the following two functions: (1) All records must be left unaltered if they are handled in a computer, and (2) the record must be tamper-resistant. In order to realize these functions in a standalone environment, we developed a system named ""dig-force"" (digital forensic system with chaining signature for evidence) that uses a USB device with a smart card function and a hysteresis signature based on digital signature technology. In this paper, we report the proposed system and the evaluation results of the function and performance of the system with this prototype program.",2,,3,7,Smart card; The Internet; Digital signature; Signature (logic); Digital evidence; Computer security; Computer science; USB; Network forensics; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/iih-msp/iih-msp2007.html#AshinoS07 https://ieeexplore.ieee.org/document/4457640/ http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000004457640,http://dx.doi.org/10.1109/iih-msp.2007.249,,10.1109/iih-msp.2007.249,2074106648,,0,,14,false,,
010-485-859-257-935,An Overview on Handling Anti Forensic Issues in Android Devices Using Forensic Automator Tool,2022-03-10,2022,conference proceedings article,"2022 IEEE International Conference on Signal Processing, Informatics, Communication and Energy Systems (SPICES)",,IEEE,,H. Hemanth Bharath Bhushan; S Metilda Florance,"The digital forensic methods and tools have become a very important part for the investigators. During the investigation on Cyber-crimes, collection of the digital evidences during the case is the vital part. Mobile forensics being an important domain in digital forensics which includes acquisition of the data and analysing it to recover the digital evidences in a forensic manner. But there are some of the anti-forensic issues faced during the investigation. The Computer Emergency Response Team (CERT) investigates an incident for creation of a detailed description on how the crime was executed and makes a report on the incident. This paper focuses on how the antiforensic issues can be handled in android mobiles and how the improvements took place in the field of mobile forensics and data acquisition. This paper also aims to introduce how the files are acquired during the investigation, what are the techniques and tools that were used to tamper with the evidence found and how the forensic investigators can identify the data tampered. The solution is proposed for one of the Forensic issue of files that are in encoded format where the encoding of the file is not known, using the SVM Machine Learning technique how it can be achieved.",,,,,Digital forensics; Computer science; Computer forensics; Digital evidence; Android (operating system); Network forensics; Forensic science; Computer security; Mobile device; Crime scene; Data science; World Wide Web,,,,,,http://dx.doi.org/10.1109/spices52834.2022.9774183,,10.1109/spices52834.2022.9774183,,,0,,0,false,,
010-490-168-139-514,Functional Requirements for Adding Digital Forensic Readiness as a Security Component in IoT Environments,2018-03-31,2018,journal article,"International Journal on Advanced Science, Engineering and Information Technology",24606952; 20885334,Insight Society,Indonesia,Victor R. Kebande; Nickson Karie Menza; Hein S. Venter,"For every contact made on a digital device, a trace is left behind; this means that every digital device contains some form of electronic evidence that may be associated to the behaviour of the users in a given environment. This evidence can be used to prove or disprove facts if a cyber-incident is detected. However, the world has seen a shift on how devices communicate and connect as a result of increased devices and connectivity, which has led to the creation of “smart environments” where the Internet of Things (IoT) plays a key role. Still, we can harness this proliferation of digital devices and smart environments to Digital Forensic (DF) technology which might help to solve the puzzle of how proactive strategies can help to minimise the time and cost needed to conduct a digital investigation. This article introduces the Functional Requirements (FRs) and processes needed when Digital Forensic Readiness (DFR) process is employed as a security component in the IoT-based environment. The paper serves as a continuation of the initially proposed architecture for adding DFR as a security component to IoT environment. The aspects and claims presented in this paper can be used as basic building blocks for implementing DFR technologies that guarantee security in the IoT-based environment. It is worth noting again that the processes that have been defined in this paper comply with the ISO/IEC 27043: 2015 International Standard.",8,2,342,349,Architecture; Smart environment; Key (cryptography); Computer security; Computer science; Process (engineering); Component (UML); Functional requirement; TRACE (psycholinguistics); Digital forensics,,,,,https://dx.doi.org/10.18517/ijaseit.8.2.2121 https://repository.up.ac.za/handle/2263/66569 http://dx.doi.org/10.18517/ijaseit.8.2.2121 http://ijaseit.insightsociety.org/index.php?option=com_content&view=article&id=9&Itemid=1&article_id=2121 https://core.ac.uk/download/pdf/296919940.pdf,http://dx.doi.org/10.18517/ijaseit.8.2.2121,,10.18517/ijaseit.8.2.2121,2796411083,,0,008-124-206-643-913; 018-552-581-098-658; 021-486-901-460-202; 025-178-552-649-015; 049-308-557-360-556; 087-665-408-966-240; 124-129-640-160-197; 133-737-424-803-878,9,true,cc-by-sa,hybrid
010-620-450-221-40X,Digital transformation risk management in forensic science laboratories.,2020-09-03,2020,journal article,Forensic science international,18726283; 03790738,Elsevier Ireland Ltd,Netherlands,Eoghan Casey; Thomas R. Souvignet,"Technological advances are changing how forensic laboratories operate in all forensic disciplines, not only digital. Computers support workflow management, enable evidence analysis (physical and digital), and new technology enables previously unavailable forensic capabilities. Used properly, the integration of digital systems supports greater efficiency and reproducibility, and drives digital transformation of forensic laboratories. However, without the necessary preparations, these digital transformations can undermine the core principles and processes of forensic laboratories. Pertinent examples of problems involving technology that have occurred in laboratories are provided, along with opportunities and risk mitigation strategies, based on the authors' experiences. Forensic preparedness concentrating on digital data reduces the cost and operational disruption of responding to various kinds of problems, including misplaced exhibits, allegations of employee misconduct, disclosure requirements, and information security breaches. This work presents recommendations to help forensic laboratories prepare for and manage these risks, to use technology effectively, and ultimately strengthen forensic science. The importance of involving digital forensic expertise in risk management of digital transformations in laboratories is emphasized. Forensic laboratories that do not adopt forensic digital preparedness will produce results based on digital data and processes that cannot be verified independently, leaving them vulnerable to challenge. The recommendations in this work could enhance international standards such as ISO/IEC 17025 used to assess and accredit laboratories.",316,,110486,,Engineering management; Digital transformation; Workflow; Preparedness; Digital data; ISO/IEC 17025; Risk management; Computer science; Information security; Digital forensics,Digital transformations; Forensic digital preparedness; Forensic laboratories; Forensic preparedness; Forensic science; ISO/IEC 17025; Risk management,"Automation, Laboratory; Data Management; Digital Technology; Efficiency, Organizational; Forensic Sciences; Human Rights; Humans; Laboratories; Quality Control; Reproducibility of Results; Risk Management",,,https://serval.unil.ch/en/notice/serval:BIB_6189637BB7F5 https://www.ncbi.nlm.nih.gov/pubmed/32919163 https://pubmed.ncbi.nlm.nih.gov/32919163/ https://www.sciencedirect.com/science/article/abs/pii/S0379073820303480 https://www.sciencedirect.com/science/article/pii/S0379073820303480,http://dx.doi.org/10.1016/j.forsciint.2020.110486,32919163,10.1016/j.forsciint.2020.110486,3083409529,,0,001-794-049-244-772; 005-232-046-693-557; 005-379-880-172-40X; 005-745-292-419-100; 006-915-702-173-584; 007-208-364-460-073; 018-211-304-758-288; 019-831-293-743-518; 032-374-559-220-723; 033-241-817-699-448; 035-031-257-128-045; 046-143-775-958-052; 048-025-676-818-922; 052-308-687-231-910; 055-074-014-409-729; 064-549-392-650-90X; 067-938-325-014-282; 086-388-908-356-52X; 087-342-951-350-054; 088-568-925-253-101; 091-343-394-509-251; 091-540-399-535-662; 101-549-415-202-81X; 112-856-054-215-074; 136-697-259-803-473,9,true,cc-by,hybrid
010-687-471-708-90X,Digital Forensic Investigation on File System And Database Tampering,,2012,journal article,IOSR Journal of Engineering,22788719; 22503021,IOSR Journals,,Shweta Tripathi,"Digital forensics is the identification, extraction, analysis and documentation of digital evidence from storage media. It is relatively new technology which is increasingly becoming important as the criminals aggressively expand the use of technology. Digital information is fragile and it can be easily modified or destroyed like File system and Database tampering. In the course of the investigation, the investigator should assure that digital evidences are not modified unauthorized and authenticate submission in the court of law. Our paper explains forensic investigation procedures using a WinHex tool(10). Main focus of our paper is digital forensic investigation of different locations of windows file system and oracle database are explained. Evidence collection from hidden locations of windows file system and oracle 10g database will help the investigators in trustful and thorough investigation.",02,02,2142,221,World Wide Web; File system; Digital evidence; Digital forensic investigation; Focus (computing); Computer science; Oracle; Documentation; Database; Identification (information); Digital forensics,,,,,http://www.iosrjen.org/Papers/vol2_issue2/G022214221.pdf,http://dx.doi.org/10.9790/3021-0202214221,,10.9790/3021-0202214221,2330940547,,0,019-698-064-288-240; 025-321-851-072-69X; 055-425-122-624-954; 085-214-277-668-01X; 139-567-850-350-938,1,true,,bronze
010-868-054-879-057,The Method of Verification for Legal Admissibility of Digital Evidence using the Digital Forensics Ontology,2009-04-30,2009,journal article,The KIPS Transactions:PartD,15982866,Korea Information Processing Society,,Hyuk Gyu Cho; Heum Park; Hyuk Chul Kwon,"ABSTRACT Although the various crime involved numerous digital evidence, the digital evidence is hard to be acknowledged as a evidence to proof the crime fact in court. We propose the method of verification for the legal admissibility of digital evidence using digital forensics ontology. In order to verify the legal admissibility of digital evidence, we will extend the digital ontology by standard digital forensics process from Digital Forensics Technical Manual defined by KNPA and set up the relation properties and the rule of property constraint to process class in the digital forensics ontology. It is possible for proposed ontology to utilize to plan the criminal investigation and to educate the digital forensics.Keywords:Digital Forensics Ontology, Digital Evidence, Verification For Legal Admissibility of Digital Evidence 1. 서 론 1) 정보화 사회가 정착되면서 컴퓨터와 인터넷의 사용이 일반인들의 생활에 많은 부분을 차지하고 있어 다양한 디지털 정보가 사용되고 있다. 한국의 경우 2007년도 상반기에 인터넷 사용자가 전체 인구의 75%를 차지하고 있다[1]. 또한 2003년도 버클리 대학의 연구 보고서에 따르면 전 세계적으로 생성되는 정보의 약 92% 이상이 디지털 형태로 나타나고 있다[2]. 따라서 인터넷 상에서 발생하는 사이버 범죄뿐만 아니라 실생활에서 발생하는 일반 범죄에서도 디지털 자",16,2,265,272,World Wide Web; Ontology (information science); Digital evidence; Computer science; Computer forensics; Digital forensics,,,,,http://ktccs.kips.or.kr/digital-library/15149 https://www.koreascience.or.kr/article/JAKO200913937272898.page https://www.koreascience.or.kr:443/article/JAKO200913937272898.pdf,http://dx.doi.org/10.3745/kipstd.2009.16-d.2.265,,10.3745/kipstd.2009.16-d.2.265,2018831071,,0,026-606-280-614-787; 047-937-309-229-62X; 075-442-352-377-450; 112-843-834-394-162; 180-352-675-042-601,1,true,,bronze
010-963-610-208-920,"Cognitive and human factors in digital forensics: Problems, challenges, and the way forward",,2019,journal article,Digital Investigation,17422876,Elsevier BV,Netherlands,Nina Sunde; Itiel E. Dror,"Abstract Digital forensics is an important and growing forensic domain. Research on miscarriages of justice and misleading evidence, as well as various inquires in the UK and the US, have highlighted human error as an issue within forensic science. This has led to increased attention to the sources of cognitive bias and potential countermeasures within many forensic disciplines. However, the area of digital forensics has yet to pay sufficient attention to this issue. The main goal of this article is to contribute to a more scientifically sound digital forensics domain by addressing the issues of cognitive bias as a source of error. In this paper we present an analysis of seven sources of cognitive and human error specifically within the digital forensics process, and discuss relevant countermeasures. We conclude that although some cognitive and bias issues are very similar across forensic domains, others are different and dependent on the specific characteristic of the domain in question, such as digital forensics. There is a need for new directions in research with regard to cognitive and human factors in digital forensics.",29,,101,108,Domain (software engineering); Human error; Cognition; Cognitive bias; Data science; Justice (ethics); Computer science; Process (engineering); Digital forensics,,,,Norwegian Police University College,https://phs.brage.unit.no/phs-xmlui/handle/11250/2675988 https://www.sciencedirect.com/science/article/pii/S1742287619300441 https://www.duo.uio.no/handle/10852/78868 https://www.sciencedirect.com/science/article/abs/pii/S1742287619300441,http://dx.doi.org/10.1016/j.diin.2019.03.011,,10.1016/j.diin.2019.03.011,2935248465,,0,000-557-324-827-169; 001-819-537-647-480; 002-609-382-886-882; 003-168-641-529-165; 005-248-003-161-215; 005-542-560-321-688; 005-553-153-856-945; 005-715-450-998-72X; 006-851-080-715-114; 007-067-502-103-925; 007-196-753-966-726; 010-218-618-278-587; 011-267-630-776-412; 011-637-658-394-710; 011-736-096-074-814; 014-640-572-371-821; 018-182-926-340-45X; 018-345-154-485-870; 019-568-476-801-56X; 019-831-293-743-518; 030-021-909-943-264; 030-178-593-043-926; 030-313-388-601-318; 031-575-367-650-782; 037-165-077-440-310; 038-753-471-790-674; 040-710-022-171-634; 040-907-268-218-905; 042-110-216-832-385; 043-083-546-914-143; 044-487-533-779-509; 045-243-165-627-08X; 047-701-826-257-337; 049-494-674-809-588; 053-512-818-099-29X; 056-338-951-922-757; 056-511-125-319-151; 058-773-447-408-598; 064-549-392-650-90X; 065-805-363-769-350; 067-540-728-461-044; 074-592-128-180-546; 083-287-763-665-02X; 084-865-558-626-927; 088-142-137-151-413; 088-491-668-540-317; 089-143-511-793-784; 093-309-498-241-337; 095-304-046-614-403; 096-599-019-134-284; 098-950-277-295-601; 102-599-064-891-853; 105-719-937-171-816; 106-885-306-836-498; 108-249-505-350-920; 115-602-945-595-68X; 120-568-182-864-304; 122-596-518-152-484; 125-378-692-136-213; 134-927-490-231-285; 148-223-435-969-407; 164-884-026-141-973; 167-366-167-352-677; 182-670-398-460-931; 190-065-821-748-92X,48,true,cc-by-nc-nd,hybrid
010-976-336-762-12X,Creation and testing of a semi-automated digital triage process model,,2012,,,,,,David A. Dampier; Gary Dewayne Cantrell,"Digital forensics examiners have a growing problem caused by their own success. The need for digital forensics is increasing and so are the devices that need examining. Not only are the number of devices growing, but so is the amount of information those devices can hold. One result of this problem is a growing backlog that could soon overwhelm digital forensics labs across the country. ; One way to combat this growing problem is to use digital triage to find the most pertinent information first. Unfortunately, although several digital forensics models have been created, very few digital triage models have been developed. This results in most organizations, if they perform digital triage at all, performing digital triage in an untested ad hoc fashion that varies from office to office. ; This dissertation will contribute to digital forensics science by creating and testing a digital triage model. This model will be semi-automated to allow for the use by untrained users; it will be as operating system independent as possible; and it will allow the user to customize it based on a specific crime class or classes. The use of this model will de- crease the amount of time it takes a digital triage examiner to make a successful assessment concerning evidence.",,,,,Engineering; Class (computer programming); Triage; Process (engineering); Multimedia; Digital forensics,,,,,https://dl.acm.org/citation.cfm?id=2518247,https://dl.acm.org/citation.cfm?id=2518247,,,2512086265,,0,,0,false,,
011-346-280-278-987,Applying distributed ledger technology to digital evidence integrity,,2019,journal article,SAIEE Africa Research Journal,19911696,Institute of Electrical and Electronics Engineers (IEEE),,William Thomas Weilbach; Yusuf Moosa Motara,"This paper examines the way in which blockchain technology can be used to improve the verification of integrity of evidence in digital forensics. Some background into digital forensic practices and blockchain technology are discussed to provide necessary context. A particular scalable method of verifying point-in-time existence of a piece of digital evidence, using the OpenTimestamps (OTS) service, is described, and tests are carried out to independently validate the claims made by the service. The results demonstrate that the OTS service is highly reliable with a zero false positive and false negative error rate for timestamp attestations, but that it is not suitable for timesensitive timestamping due to the variance of the accuracy of timestamps induced by block confirmation times in the Bitcoin blockchain.",110,2,77,93,Timestamp; Block (data storage); Timestamping; Blockchain; Context (language use); Digital evidence; Service (systems architecture); Computer security; Computer science; Digital forensics,,,,,https://ieeexplore.ieee.org/document/8732798 http://www.scielo.org.za/scielo.php?script=sci_arttext&pid=S1991-16962019000200005 http://www.scielo.org.za/pdf/arj/v110n2/05.pdf,http://dx.doi.org/10.23919/saiee.2019.8732798,,10.23919/saiee.2019.8732798,2949377769,,0,,3,true,"CC BY, CC BY-NC-ND",gold
011-500-992-597-292,CGIV - Animating and Interacting with Graphical Evidence : Bringing Courtrooms to Life with Virtual Reconstructions,,2007,conference proceedings article,"Computer Graphics, Imaging and Visualisation (CGIV 2007)",,IEEE,,Damian Schofield,"Three-dimensional (3D) reconstructions of evidence offer great potential in the field of forensic science. They can help in the presentation of complex spatial and temporal data to a non-technical audience. In addition to these 3D technologies, the digital age has brought a plethora of new evidence forms, evidence detection methods, and means of evidence presentation. This position paper describes the previous use of 3D reconstruction evidence in courtrooms. It then outlines the forensic process in terms of tasks and phases involved, and describes the state of the art in terms of digital technology usage. The paper then presents a taxonomy of these phases in terms of a technology continuum. It goes on to highlight areas where new applications of 3D digital technologies could be used to enhance particular phases of the forensic process. This paper does not deal with security issues relevant to the devices discussed.",,,321,328,Augmented reality; Mixed reality; Data science; Presentation; Field (computer science); Visualization; Computer science; Process (engineering); Multimedia; Computer animation; Position paper,,,,,https://ieeexplore.ieee.org/abstract/document/4293692 https://www2.computer.org/portal/web/csdl/doi/10.1109/CGIV.2007.18 https://www.researchgate.net/profile/Damian_Schofield/publication/4270552_Animating_and_Interacting_with_Graphical_Evidence__Bringing_Courtrooms_to_Life_with_Virtual_Reconstructions/links/00b7d528a274eed39a000000.pdf https://dblp.uni-trier.de/db/conf/IEEEcgiv/cgiv2007.html#Schofield07 https://dx.doi.org/10.1109/CGIV.2007.18 https://ieeexplore.ieee.org/document/4293692/ http://ieeexplore.ieee.org/document/4293692/ http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000004293692 https://www.computer.org/csdl/proceedings-article/cgiv/2007/29280321/12OmNrkBwIC http://dx.doi.org/10.1109/CGIV.2007.18,http://dx.doi.org/10.1109/cgiv.2007.18,,10.1109/cgiv.2007.18,2135086130,,0,006-147-481-193-848; 027-681-577-683-835; 031-203-363-695-193; 034-214-667-694-280; 034-916-306-834-918; 046-505-599-865-150; 053-195-844-495-070; 059-642-431-151-966; 085-379-403-609-164; 114-791-371-428-899; 166-111-907-375-073; 170-865-065-405-963; 180-352-675-042-601; 199-745-676-923-766,25,false,,
011-755-498-862-139,RPAS Forensic Validation Analysis Towards a Technical Investigation Process: A Case Study of Yuneec Typhoon H.,2019-07-24,2019,journal article,"Sensors (Basel, Switzerland)",14248220; 14243210,Multidisciplinary Digital Publishing Institute (MDPI),Switzerland,Fahad E. Salamh; Umit Karabiyik; Marcus K. Rogers,"The rapid pace of invention in technology and the evolution of network communication has produced a new lifestyle with variety of opportunities and challenges. Remotely Piloted Aerial Systems (RPAS) technology, which includes drones, is one example of a recently invented technology that requires the collection of a solid body of defensible and admissible evidence to help eliminate potential real-world threats posed by their use. With the advent of smartphones, there has been an increase in digital forensic investigation processes developed to assist specialized digital forensic investigators in presenting forensically sound evidence in the courts of law. Therefore, it is necessary to apply digital forensic techniques and procedures to different types of RPASs in order to create a line of defense against new challenges, such as aerial-related incidents, introduced by the use of these technologies. Drone operations by bad actors are rapidly increasing and these actors are constantly developing new approaches. These criminal operations include invasion of privacy, drug smuggling, and terrorist activities. Additionally, drone crashes and incidents raise significant concerns. In this paper, we propose a technical forensic process consisting of ten technical phases for the analysis of RPAS forensic artifacts, which can reduce the complexity of the identification and investigation of drones. Using the proposed technical process, we analyze drone images using the Computer Forensics Reference Datasets (CFReDS) and present results for the Typhoon H aerial vehicle manufactured by Yuneec, Inc. Furthermore, this paper explores the availability and value of digital evidence that would allow a more practical digital investigation to be able to build an evidence-based experience. Therefore, we particularly focus on developing a technical drone investigation process that can be applied to various types of drones.",19,15,3246,,Variety (cybernetics); Forensic science; Admissible evidence; Data science; Digital evidence; Digital forensic investigation; Computer science; Process (engineering); Computer forensics; Drone; Identification (information); Digital forensics,Yuneec Typhoon H; digital forensics; drone forensics; forensic process,,,,https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6695682 http://ui.adsabs.harvard.edu/abs/2019Senso..19.3246S/abstract https://doi.org/10.3390/s19153246 https://dblp.uni-trier.de/db/journals/sensors/sensors19.html#SalamhKR19 https://pubmed.ncbi.nlm.nih.gov/31344784/ https://www.mdpi.com/1424-8220/19/15/3246/htm https://www.mdpi.com/1424-8220/19/15/3246/pdf http://dblp.uni-trier.de/db/journals/sensors/sensors19.html#SalamhKR19,http://dx.doi.org/10.3390/s19153246,31344784,10.3390/s19153246,2963103350,PMC6695682,0,008-667-688-301-190; 010-084-169-561-57X; 017-394-293-618-324; 029-563-465-806-154; 029-610-148-239-706; 037-781-439-537-419; 079-391-976-487-576; 089-691-112-427-434; 091-809-074-246-087; 146-395-859-713-673,11,true,cc-by,gold
011-965-831-977-868,Digital Evidence in Criminal Cases Before the U.S. Courts of Appeal: Trends and Issues for Consideration,,2019,journal article,"The Journal of Digital Forensics, Security and Law",15587223,Embry-Riddle Aeronautical University/Hunt Library,,Martin Novak,,14,4,3,,Political science; Law; Criminal law; Appeal; Digital evidence; Computer forensics,,,,,https://commons.erau.edu/cgi/viewcontent.cgi?article=1609&context=jdfsl https://commons.erau.edu/jdfsl/vol14/iss4/3/,http://dx.doi.org/10.15394/jdfsl.2019.1609,,10.15394/jdfsl.2019.1609,3015548590,,0,050-221-974-390-733; 066-461-821-375-050; 091-355-503-423-798,1,true,cc-by-nc,gold
012-408-224-860-371,Audio Forensics on Smartphone with Digital Forensics Research Workshop (DFRWS) Method,2021-03-20,2021,journal article,CommIT (Communication and Information Technology) Journal,24607010; 19792484,Universitas Bina Nusantara,,Sunardi Sunardi;  Riadi; Rusydi Umar; Muhammad Fauzan Gustafi,"Audio is one of the digital items that can reveal a happened case. However, audio evidence can also be manipulated and changed to hide information. Forensics audio is a technique to identify the sound’s owner from the audio using pitch, formant, and spectrogram parameters. The conducted research examines the similarity of the original sound with the manipulated voice to determine the owner of the sound. It analyzes the level of similarity or identical sound using spectrogram analysis with the Digital Forensics Research Workshop (DFRWS) Method. The research objects are original and manipulated files. Both files are in mp3 format, which is encoded to WAV format. Then, the live forensics method is used by picking up the data on a smartphone. Several applications are also used. The results show that the research successfully gets digital evidence on a smartphone with the Oxygen Forensic application. It extracts digital evidence in the form of two audio files and two video files. Then, by the hashing process, the four obtained files are proven to be authentic. Around 90% of the data are identical to the original voice recording. Only 10% of the data are not identical.",15,1,41,47,Similarity (geometry); Formant; Information retrieval; Audio forensics; Digital evidence; Computer science; Spectrogram; Digital forensics; Process (computing); Hash function,,,,,https://journal.binus.ac.id/index.php/commit/article/view/6739 https://journal.binus.ac.id/index.php/commit/article/download/6739/4061,http://dx.doi.org/10.21512/commit.v15i1.6739,,10.21512/commit.v15i1.6739,3155633725,,0,003-859-311-319-037; 004-872-169-627-620; 012-448-728-338-495; 014-392-524-539-984; 016-895-117-049-07X; 018-131-159-478-609; 032-965-475-729-463; 044-748-607-433-299; 048-141-687-795-752; 066-723-990-557-549; 070-740-822-724-693; 080-380-859-922-809; 086-275-312-205-017; 086-306-719-131-186; 090-025-387-755-139; 110-093-106-787-619; 124-980-593-548-795; 156-266-881-506-824,0,true,cc-by-sa,gold
012-676-496-211-536,Crowdsourcing forensics: Creating a curated catalog of digital forensic artifacts.,2022-07-11,2022,journal article,Journal of forensic sciences,15564029; 00221198,Wiley-Blackwell,United States,Eoghan Casey; Lam Nguyen; Jeffrey Mates; Scott Lalliss,"The increasing volume, variety, velocity, distribution, structural intricacy, and complexity of use of digital evidence can make it difficult for practitioners to find and understand the most forensically useful information (Casey E. Digital evidence and computer crime: Forensic science, computers, and the Internet. Academic Press; 2011. p. 31; Pollitt M. The hermeneutics of the hard drive: Using narratology, natural language processing, and knowledge management to improve the effectiveness of the digital forensic process [PhD dissertation]. University of Central Florida; 2011). Digital forensic practitioners currently search for information and solutions in an ad hoc manner, leading to results that are unstructured, unverified, and sometimes incomplete. As a result, certain digital evidence is being missed or misinterpreted. To mitigate risks of knowledge gaps, there is a pressing need for a systematic mechanism that practitioners can use to codify and combine their collective knowledge. This work presents the design and development of a solution that catalogs crowdsourced knowledge of digital forensic artifacts in a well-structured, easily searchable form to support efficient and automated extraction of pertinent information, improving availability and reliability of interpretation of artifacts (general acceptance). Technical implementation and artifact curation are discussed with illustrative examples and recommendations for future work.",67,5,1846,1857,Digital forensics; Computer science; Crowdsourcing; Digital evidence; Data science; Artifact (error); Variety (cybernetics); The Internet; Process (computing); Computer forensics; World Wide Web,crowdsourcing forensics; digital forensic artifact; digital transformation; forensic technology innovation; general acceptance; tool testing automation,Artifacts; Crowdsourcing; Forensic Medicine; Forensic Sciences/methods; Reproducibility of Results,,American Academy of Forensic Sciences,,http://dx.doi.org/10.1111/1556-4029.15053,35816182,10.1111/1556-4029.15053,,PMC9543441,0,012-676-496-211-536; 019-508-480-187-000; 028-399-721-856-065; 049-182-076-079-260,1,true,,
012-734-545-265-032,"Wiley Encyclopedia of Forensic Science - Photography: Marks, Impressions, and Documents",2009-04-17,2009,book chapter,Wiley Encyclopedia of Forensic Science,,"John Wiley & Sons, Ltd",,Glenn Porter,"Photographic and optical enhancement of physical evidence is an important criminalistics function. It provides nondestructive methods of improving the visualization of evidence to allow further forensic examination. The key concepts and techniques involving optical, photographic, and digital imaging techniques are examined in this section. Critical foundation aspects found in quality forensic photography such as maintaining the dimensional integrity of evidence and the representation of scale are described to ensure forensic photography principles. Attributes required for optical enhancement including the relationship between the spectral distribution of the light source, the spectral properties of the specimen, and spectral sensitivity of the recording media are unpacked and provide a theoretical basis. Optic enhancement techniques such as absorption, reflection, transmission, and photoluminescence modes are discussed with samples illustrating those optical effects. Digital imaging enhancement techniques to increase the contrast and the modification of color using Adobe Photoshop™ are explained.; ; ; Keywords:; ; forensic photography;; monochromatic lighting;; digital imaging;; digital cameras;; Polilight;; image integrity;; spectral sensitivity;; optical enhancement;; absorption mode;; reflection mode;; transmission mode;; photoluminescence mode;; Photoshop",,,1,22,Digital imaging; Photography; Reflection (computer graphics); Optics; Engineering; Artificial intelligence; Forensic photography; Computer vision; Visualization; Spectral sensitivity; Transmission (telecommunications); Spectral power distribution,,,,,https://onlinelibrary.wiley.com/doi/pdf/10.1002/9780470061589.fsa363 https://onlinelibrary.wiley.com/doi/10.1002/9780470061589.fsa363/abstract https://rune.une.edu.au/web/handle/1959.11/27869 https://researchonline.jcu.edu.au/34040/ https://researchdirect.westernsydney.edu.au/islandora/object/uws%3A25783/,http://dx.doi.org/10.1002/9780470061589.fsa363,,10.1002/9780470061589.fsa363,1538693325,,0,016-278-844-831-62X; 017-922-627-111-002; 032-998-952-196-614; 048-101-112-205-305; 052-982-955-269-232; 076-792-158-408-15X; 096-140-025-895-136; 103-857-226-889-269; 147-744-492-547-419; 189-302-060-184-031,3,false,,
012-779-911-526-394,Adapting Traceability in Digital Forensic Investigation Process,,2011,,,,,,Siti Rahayu Selamat; Robiah Yusof; Shahrin Sahib; Irda Roslan; Mohd Faizal Abdollah; Mohd Zaki Mas'ud,"Generally, the goals of digital forensic investigation process in a cyber crime are to identify the origin of the incident reported as well as maintaining the chain of custody so that the legal process can take its option. However, the traceability process has become a key or an important element of the digital investigation process, as it is capable to map the events of an incident from different sources in obtaining evidence of an incident to be used for other auxiliary investigation aspects. Hence, this paper introduces the adaptability of the traceability model to illustrate the relationship in the digital forensic investigation process by integrating the traceability features. The objective of this integration is to provide the capability of trace and map the evidence to the sources and shows the link between the evidence, the entities and the sources involved in the process. Additionally, the proposed model is expected to help the forensic investigator in obtaining accurate and complete evidence that can be further used in a court of law.",,,,,Chain of custody; Risk analysis (engineering); Engineering; Traceability; Adaptability; Element (criminal law); Key (cryptography); Legal process; Computer security; Process (engineering); TRACE (psycholinguistics),,,,,http://eprints.utem.edu.my/162/,http://eprints.utem.edu.my/162/,,,2506193791,,0,,3,false,,
012-906-104-142-908,ISSA - A Sample of digital forensic quality assurance in the South African criminal justice system,,2012,conference proceedings article,2012 Information Security for South Africa,,IEEE,,Jason Jordaan,"Criminal investigations and the resulting criminal prosecutions are dependent on quality evidence to ensure convictions. With the increasing number of digital devices in our society, a significant amount of evidence is digital, and the discipline of digital forensics, as a forensic science, should ensure the validity of this digital evidence in court. As a forensic science, quality assurance is crucial in the practice of digital forensics, to assure the court that the evidence can be trusted. The research explored the current state of digital forensic quality assurance in the criminal justice system in South Africa to determine what quality assurance practices were used, to identify any problems, as well as possible causes of any shortcomings. The research identified significant deficiencies with regard to quality assurance in digital forensics, and identified areas that potentially could impact negatively in the court environment if contested. In summary, the general state of quality assurance practice in digital forensics was poor. Reasons identified for this included a lack of training in digital forensic science fundamentals, lack of training in quality assurance in digital forensics, high case loads, and poor supervision.",,,1,7,Criminal justice; Quality assurance; Criminal investigation; Political science; Quality (business); Digital evidence; Computer security; Sample (statistics); Engineering ethics; Computer forensics; Digital forensics,,,,,https://doi.org/10.1109/ISSA.2012.6320431 https://dblp.uni-trier.de/db/conf/issa/issa2012.html#Jordaan12 https://ieeexplore.ieee.org/document/6320431/,http://dx.doi.org/10.1109/issa.2012.6320431,,10.1109/issa.2012.6320431,1965684139,,0,014-283-999-201-941; 047-859-979-695-194; 075-128-417-091-483; 099-286-928-728-399; 106-885-306-836-498; 154-778-607-714-379; 168-476-681-195-292,4,false,,
013-017-062-437-973,A Digital Evidence Certainty Descriptors (DECDs) for digital forensics,2019-11-17,2019,,,,,,Graeme Horsman,,,,,,Information retrieval; Digital evidence; Computer science; Certainty; Digital forensics,,,,,https://research.tees.ac.uk/en/publications/a-digital-evidence-certainty-descriptors-decds-for-digital-forens,https://research.tees.ac.uk/en/publications/a-digital-evidence-certainty-descriptors-decds-for-digital-forens,,,3004497665,,0,,1,false,,
013-069-437-917-696,Priority Scheduling of Digital Evidence in Forensic,2013-09-30,2013,journal article,Journal of the Korea Institute of Information and Communication Engineering,22344772,The Korean Institute of Information and Communication Sciences,,Jongchan Lee; Sang-Joon Park,"Digital evidence which is the new form of evidence to crime makes little difference in value and function with existing evidences. As time goes on, digital evidence will be the important part of the collection and the admissibility of evidence. Usually a digital forensic investigator has to spend a lot of time in order to find clues related to the investigation among the huge amount of data extracted from one or more potential containers of evidence such as computer systems, storage media and devices. Therefore, these evidences need to be ranked and prioritized based on the importance of potential relevant evidence to decrease the investigate time. In this paper we propose a methodology which prioritizes order in which evidences are to be examined in order to help in selecting the right evidence for investigation. The proposed scheme is based on Fuzzy Multi-Criteria Decision Making, in which uncertain parameters such as evidence investigation duration, value of evidence and relation between evidence, and relation between the case and time are used in the decision process using the aggregation function in fuzzy set theory.",17,9,2055,2062,Data mining; Forensic science; Relevance (law); Admissible evidence; Data science; Relation (database); Digital evidence; Computer science; Fuzzy set; Fuzzy logic; Duration (project management); Function (engineering); Digital forensics,,,,,http://www.koreascience.or.kr/article/ArticleFullRecord.jsp?cn=HOJBC0_2013_v17n9_2055,http://dx.doi.org/10.6109/jkiice.2013.17.9.2055,,10.6109/jkiice.2013.17.9.2055,2094563300,,0,,0,true,cc-by-nc,green
013-360-329-054-671,IFIP Int. Conf. Digital Forensics - Creating Integrated Evidence Graphs for Network Forensics,,2013,book chapter,Advances in Digital Forensics IX,18684238; 1868422x,Springer Berlin Heidelberg,Germany,Changwei Liu; Anoop Singhal; Duminda Wijesekera,"Probabilistic evidence graphs can be used to model network intrusion evidence and the underlying dependencies to support network forensic analysis. The graphs provide a means for linking the probabilities associated with different attack paths with the available evidence. However, current work focused on evidence graphs assumes that all the available evidence can be expressed using a single, small evidence graph. This paper presents an algorithm for merging evidence graphs with or without a corresponding attack graph. The application of the algorithm to a file server and database server attack scenario yields an integrated evidence graph that shows the global scope of the attack. The global graph provides a broader context and better understandability than multiple local evidence graphs.",410,,227,241,Graph; Intrusion; Database server; Attack graph; Model network; Computer security; Computer science; File server; Probabilistic logic; Network forensics; Theoretical computer science,,,,,https://www.nist.gov/publications/creating-integrated-evidence-graphs-network-forensics https://rd.springer.com/chapter/10.1007/978-3-642-41148-9_16 https://hal.inria.fr/hal-01460608/document https://dblp.uni-trier.de/db/conf/ifip11-9/df2013.html#LiuSW13 https://link.springer.com/chapter/10.1007/978-3-642-41148-9_16 https://link.springer.com/content/pdf/10.1007%2F978-3-642-41148-9_16.pdf https://hal.inria.fr/IFIP-AICT-410/hal-01460608 https://csrc.nist.gov/publications/detail/conference-paper/2013/10/18/creating-integrated-evidence-graphs-for-network-forensics https://doi.org/10.1007/978-3-642-41148-9_16,http://dx.doi.org/10.1007/978-3-642-41148-9_16,,10.1007/978-3-642-41148-9_16,5024876,,3,000-621-214-415-378; 011-515-104-261-873; 021-662-284-664-321; 027-353-990-286-080; 032-618-168-283-733; 036-358-240-363-461; 053-353-605-663-947; 100-659-281-038-399; 104-316-792-645-60X; 110-553-996-810-060; 148-338-977-232-362; 166-931-549-493-224,11,true,cc-by,green
013-370-475-929-519,Digital Forensic Investigation for Non-Volatile Memory Architecture by Hybrid Evaluation Based on ISO/IEC 27037:2012 and NIST SP800-86 Framework,2022-02-22,2022,journal article,IT Journal Research and Development,25284053; 25284061,UIR Press,,Rizdqi Akbar Ramadhan; Panji Rachmat Setiawan; Dedy Hariyadi,"<jats:p>In the implementation of Digital Forensics, one of the derivatives of practice is the handling of Digital Evidence. Handling Digital Evidence requires important steps and procedures. Digital evidence is a source of artifacts in handling a digital-based crime case, one of which comes from digital storage. In this research, the author will design a framework for Digital Forensic investigations by simulating digital evidence in the form of a non-volatile architecture. The reference commonly used by researchers in previous articles is the National Institute of Justice (NIST). The framework is a reference and steps in the practice of acquiring digital evidence. The purpose of designing this framework is as a legal procedure that is specifically implemented in the practice of acquiring non-volatile digital evidence. In the design, the author conducted a literature study on the NIST SP 800-86 and ISO 27037:2012 standards and then combined them in a hybrid terminology. The output of this research is to combine the two standards to become framework as reference for handling and investigating Digital Forensic science.</jats:p>",,,162,168,Digital forensics; NIST; Digital evidence; Terminology; Computer science; Architecture; Software engineering; Data science; Computer security; Art; Linguistics; Philosophy; Natural language processing; Visual arts,,,,,,http://dx.doi.org/10.25299/itjrd.2022.8968,,10.25299/itjrd.2022.8968,,,0,,1,true,cc-by-sa,gold
013-425-630-124-418,NTMS - Cyber Forensics Tools: A Review on Mechanism and Emerging Challenges,2021-04-19,2021,conference proceedings article,"2021 11th IFIP International Conference on New Technologies, Mobility and Security (NTMS)",,IEEE,,Vihara Fernando,"With the development of technology, ""Data"", also interpreted as ""Information"" has become a major role played in the field of Cyber Forensics. One of the most crucial incidents which needs data to be important is, when it is taken as evidence in cyber-crimes. These crimes can be occurring in the fields of digital media and network in many instances related to crime scenes. Crime and forensic both investigators need the help of digital forensics to investigate in order to identify, whether the victim has committed a crime or not. Therefore, it is a requirement for an investigator to use a suitable, accurate, affordable and a reliable cyber forensic tool for the forensics investigations conducted with respect to crimes. Many researchers have done experiments on different functionalities, a forensic tool should have and have come up with various tools specifically for each branch in cyber forensics. Furthermore, with time, these cyber forensic tools have been identified with drawbacks due to the invasion of crimes, especially related to the sophisticated technology expansion. Therefore, the acquiring process of forensics tools is in lack of advanced features to detect evidence. This paper describes on some timely Digital Forensics tools and discusses emerging challenges in advanced areas of Digital Forensics.",,,1,7,Crime scene; Digital media; Data science; Field (computer science); Computer science; Process (engineering); Digital forensics; Mechanism (biology),,,,,https://ieeexplore.ieee.org/document/9432641 https://dblp.uni-trier.de/db/conf/ntms/ntms2021.html#Fernando21,http://dx.doi.org/10.1109/ntms49979.2021.9432641,,10.1109/ntms49979.2021.9432641,3161846523,,0,001-470-661-245-05X; 004-587-156-905-123; 007-317-884-495-045; 011-295-714-067-101; 025-924-527-170-602; 026-231-157-050-172; 028-180-038-189-484; 029-649-401-831-956; 043-658-180-859-745; 053-415-287-546-534; 058-736-328-857-558; 071-403-776-353-957; 075-092-110-948-778; 083-975-401-930-892; 087-863-544-029-830; 091-169-131-965-06X; 094-468-232-325-36X; 119-905-907-927-325; 131-677-056-414-785; 134-989-289-218-699; 138-097-495-143-351; 145-743-906-992-348; 154-337-520-542-451; 178-467-155-611-813; 187-468-351-082-382,3,false,,
013-587-039-432-597,Extraction And Examination Of Evidences Using Chip-Off Forensic,2020-08-01,2020,journal article,Digital Forensics (4n6) Journal,25821172,Digital Forensics (4N6),,Djalma Fonseca,,,,,,Artificial intelligence; Chip; Pattern recognition; Computer science; Extraction (chemistry),,,,,http://dx.doi.org/10.46293/4n6/2020.02.03.04,http://dx.doi.org/10.46293/4n6/2020.02.03.04,,10.46293/4n6/2020.02.03.04,3097791031,,0,,0,false,,
013-991-866-178-240,Disconnects of Specialized Mobile Digital Forensics within the Generalized Field of Digital Forensic Science,2018-07-01,2018,journal article,International Journal of Interdisciplinary Telecommunications and Networking,19418663; 19418671,IGI Global,,Gregory H. Carlton; Gary C. Kessler,"The study and practice of forensic science comprises many distinct areas that range from behavioral to biological to physical and to digital matters, and in each area forensic science is utilized to obtain evidence that will be admissible within the legal framework. This article focuses on inconsistencies within the accepted methodology of digital forensics when comparing the current best practices of mobile digital devices and traditional computer devices. Here the authors raise the awareness of this disconnect in methodology, and they posit that some specific tasks within the traditional best practices of digital forensic science are artifacts of ritual rather than based on scientific requirements.",10,3,62,65,Best practice; Data science; Field (computer science); Computer science; Digital forensics,,,,,https://jglobal.jst.go.jp/detail?JGLOBAL_ID=201802228345200270 https://works.bepress.com/gary_kessler/86/ https://dblp.uni-trier.de/db/journals/ijitn/ijitn10.html#CarltonK18a https://ideas.repec.org/a/igg/jitn00/v10y2018i3p62-65.html https://www.igi-global.com/article/disconnects-of-specialized-mobile-digital-forensics-within-the-generalized-field-of-digital-forensic-science/204579,http://dx.doi.org/10.4018/ijitn.2018070106,,10.4018/ijitn.2018070106,2802304556,,0,053-834-219-883-201; 087-788-401-737-824; 123-275-701-676-787,0,false,,
014-010-267-474-158,Forensic analysis of digital attack tool artifacts,2013-06-10,2013,,,,,,Fletcher Bayley; Diane Gan,"This work was to investigate the forensics artifacts left by network attack tools within Linux and UNIX operating systems and to develop an application called HexaFind. The application enables a forensics investigator to collect the digital evidence left behind by the usage, installation or removal of specific attack tools. The main objective was to decrease the complexity of forensic investigations within these operating systems and to increase the detection rate of forensic artifacts relating to criminal or civil evidence of malicious conduct.",,,,,Unix; Digital evidence; Network attack; Left behind; Detection rate; Computer security; Computer science; Network forensics; Computer forensics,,,,,https://gala.gre.ac.uk/id/eprint/11708/,https://gala.gre.ac.uk/id/eprint/11708/,,,2625952729,,0,154-517-106-328-503,0,false,,
014-015-535-445-568,Qualitative and quantitative analysis of cloud based digital forensic tool,,2016,conference proceedings article,2016 10th International Conference on Intelligent Systems and Control (ISCO),,IEEE,,Monali P. Mohite; Jyoti Y. Deshmukh; Pallavi R. Gulve,"Digital evidence stored on digital devices play an important role in a wide range of types of crime, including murder, computer intrusion, espionage, extortion and child pornography in proof of a fact about what did or did not happen. However, digital information is fragile because it can be easily modified, copied, stored or destroyed. All digital evidence will be analyzed to determine the type of information stored in digital devices. The field of Digital Forensics is highly dependent on Tools with more features. In our work Cloud Based Digital Forensic Tool (CBDFT) is developed for acquisition, preservation, analysis and presentation of digital evidence. In this paper to measure the functionality of various forensic tools, we have compared the results generated by CBDFT with other available tools like FTK, Encase, Recover my files, Recuva, Blade, and Forensic Imager. These tools were examined in a fixed scenario to show the differences and capabilities of each tool.",,,1,5,Data science; Presentation; Child pornography; Measure (data warehouse); Digital evidence; Field (computer science); Computer security; Computer science; Computer forensics; Cloud computing; Digital forensics,,,,,https://ieeexplore.ieee.org/abstract/document/7727074 http://ieeexplore.ieee.org/abstract/document/7727074,http://dx.doi.org/10.1109/isco.2016.7727074,,10.1109/isco.2016.7727074,2548287415,,0,000-363-865-422-302; 002-489-767-057-889; 003-741-821-824-144; 012-459-130-312-50X; 029-156-184-537-391; 043-904-728-921-286; 044-834-247-088-997; 053-305-625-978-042; 056-555-872-149-664; 058-736-328-857-558; 105-379-195-922-28X; 106-540-610-193-788; 110-158-771-326-104; 114-992-807-046-842; 121-566-747-020-190; 158-058-753-766-767,2,false,,
014-022-011-253-069,IFIP Int. Conf. Digital Forensics - Forensic Profiling System,,,book chapter,Advances in Digital Forensics,,Kluwer Academic Publishers,,P. Kahai; Manivannan Srinivasan; Kameswara Namuduri; Ravi Pendse,"Hacking and network intrusion incidents are on the increase. However, a major drawback to identifying and apprehending malicious individuals is the lack of efficient attribution mechanisms. This paper proposes a forensic profiling system that accommodates real-time evidence collection as a network feature to address the difficulties involved in collecting evidence against attackers.",,,153,164,Forensic profiling; Intrusion; Drawback; Evidence collection; Intrusion detection system; Computer security; Computer science; Feature (computer vision); Audit trail; Hacker,,,,,https://rd.springer.com/chapter/10.1007/0-387-31163-7_13 https://link.springer.com/chapter/10.1007%2F0-387-31163-7_13 https://soar.wichita.edu/handle/10057/3885 https://link.springer.com/content/pdf/10.1007%2F0-387-31163-7_13.pdf https://dblp.uni-trier.de/db/conf/ifip11-9/df2005.html#KahaiSN05 https://link.springer.com/10.1007/0-387-31163-7_13,http://dx.doi.org/10.1007/0-387-31163-7_13,,10.1007/0-387-31163-7_13,1551688454,,0,003-310-279-493-407; 006-969-935-482-883; 036-178-095-625-235; 041-934-426-145-474; 044-353-273-186-518; 047-536-575-403-38X; 049-375-002-911-924; 051-153-980-232-015; 089-432-062-358-517; 093-078-582-713-821; 110-186-880-971-290; 123-411-927-650-137; 192-671-599-690-351; 197-411-728-360-668,4,true,,green
014-025-353-269-670,"Cybercrime, Cyber Aided Crime and Digital Evidence",2018-08-01,2018,book chapter,Fundamentals of Digital Forensics,,Springer International Publishing,,Joakim Kävrestad,"Computer forensic experts are commonly faced with the misconception that they work primarily on cybercrimes. The reality is quite opposite, namely, that digital forensics is of importance in pretty much every possible type of crime ranging from computer intrusions to theft. This chapter provides a discussion on what cybercrime is, from the author’s perspective. But more importantly, this chapter gives the reader a presentation on how and in what cases digital evidence can be of use during criminal investigations. The aim of the chapter is to make the reader understand that in the modern world, we leave digital traces almost all the time. We may not always be aware of this fact, but knowing and understanding how digital traces are left behind are of great importance for a computer forensic expert. For instance, even if a criminal is conducting a crime without so much as looking at her phone or computer, chances are that she is using a chat client to talk to some friend about what she did. This action can leave incriminating evidence that can be valuable in court.",,,9,12,Internet privacy; Criminal investigation; Perspective (graphical); Presentation; Action (philosophy); Phone; Cybercrime; Digital evidence; Computer science; Digital forensics,,,,,https://link.springer.com/chapter/10.1007%2F978-3-030-38954-3_6,http://dx.doi.org/10.1007/978-3-319-96319-8_2,,10.1007/978-3-319-96319-8_2,2887186574,,0,070-429-471-311-739; 184-128-952-810-429,0,false,,
014-168-575-959-392,Study on advanced analysis method based on timeline chart for Digital Forensic Investigation,2014-02-28,2014,journal article,The Journal of Korea Navigation Institute,12269026,The Korea Navigation Institute,,Keungi Lee; Seongjin Hwang; Changhoon Lee; Sangjin Lee,"Recently, importance of digital forensics has increased and using analysis methods of digital evidence in the analysis of evidence of various types. However, analysis time and effort is steadily increasing because personal disk capacity is too big and it has many number of files. Most digital evidence has time property, such as access time, creation time, and modification time. These time information of digital evidence is one of most important factors in the digital forensic area. But if digital examiner simply analyze based on binary source only, it is possible to have wrong result because time has various types. In this paper, we classify various type of time in the digital evidence and describe advanced analysis method based on timeline chart for digital forensic investigation.",18,1,50,55,Engineering; Chart; Access time; Information retrieval; Digital evidence; Timeline; Binary number; Multimedia; Computer forensics; Digital forensics; Property (programming),,,,,http://www.koreascience.or.kr/article/ArticleFullRecord.jsp?cn=HHHHBI_2014_v18n1_50,http://dx.doi.org/10.12673/jkoni.2014.18.1.50,,10.12673/jkoni.2014.18.1.50,2065930911,,0,096-415-102-126-454,0,true,,bronze
014-305-699-069-963,Keychain Extraction In Belkasoft Evidence Center (BEC),2020-08-01,2020,journal article,Digital Forensics (4n6) Journal,25821172,Digital Forensics (4N6),,Yuri Gubanov,,,,,,Physics; Atomic physics; Center (algebra and category theory); Extraction (chemistry),,,,,http://dx.doi.org/10.46293/4n6/2020.02.03.02,http://dx.doi.org/10.46293/4n6/2020.02.03.02,,10.46293/4n6/2020.02.03.02,3096397040,,0,,0,false,,
014-480-292-225-379,Research on Multi-Signature Technology of Digital Forensic Report,,2010,journal article,Computer Knowledge and Technology,,,,Jin Bo,"Increasing number of digital evidence brings great challenge to computer forensics;traditional preservation way of digital evidence can not meet satisfaction presently,online preservation way will be adopted instead.But the later needs digital forensic report,according to related law and code,a valid digital forensic report must has two judicial signatures and one organization signature.this paper focus on multi-signature on basis of SMIME and XML-Signature,and introduces ""digital signature system"",it offers signature service to digital forensic organization,and makes good effect.",,,,,Digital signature; Signature (logic); Digital evidence; XML Signature; Service (systems architecture); Computer security; Focus (computing); Computer science; Computer forensics; Digital forensics,,,,,http://en.cnki.com.cn/Article_en/CJFDTotal-DNZS201025026.htm,http://en.cnki.com.cn/Article_en/CJFDTotal-DNZS201025026.htm,,,2358030434,,0,,0,false,,
014-511-556-711-047,Gestión automatizada de actividades operativas en laboratorios de informática forense,2019-06-25,2019,,,,,,Hernán Horacio Herrera; Leopoldo Sebastián M. Gómez,"The paper shows the design of an extensible computer solution for computer forensic laboratories that will allow the automated management and monitoring of a set of tasks related to data processing to improve daily duties on digital evidence. The software works on an infrastructure composed of a local high-speed network and a group of workstations on which various forensiccomputer tools are executed. The forensic software tool is able to coordinate operational activities and the transfer of digital information on a set of network storage devices in which the sources of digital evidence and the results obtained from data processing are safeguarded. The framework has been designed for the automated management of operative activities and will enable the simultaneous and autonomous processing of multiple sources of digital evidence corresponding to different cases being processed in a computer forensic laboratory. Furthermore, it can also be managed through a web interface and will allow programming, controlling and reporting the progress of automated tasks that are executed on digital evidence. The results of those finalized jobsare stored in a database and after being validated they will be available and accessible through an online review system, so that judicial operators have without delays a fully set of forensic analysis reports and other potentially relevant findings that allow them an early evaluation of the digital evidence submitted to expertise. The solution proposed seeks to contribute to theautomated management of operative activities in the laboratory as a first step towards the so-called forensic computer systems of second generation.",18,2,71,84,Software engineering; Data processing; Set (abstract data type); Software; Digital evidence; Software tool; Network storage; Computer science; Workstation; User interface,,,,,https://44jaiio.sadio.org.ar/index.php/EJS/article/download/147/130 https://publicaciones.sadio.org.ar/index.php/EJS/article/download/147/130 https://www.sadio.org.ar/index.php/EJS/article/download/147/130 https://41jaiio.sadio.org.ar/index.php/EJS/article/download/147/130 https://publicaciones.sadio.org.ar/index.php/EJS/article/view/147,https://44jaiio.sadio.org.ar/index.php/EJS/article/download/147/130,,,2964097684,,0,,0,false,,
014-671-667-081-44X,"Live Analysis on-Scene to Collect ""Volatile Digital Evidence"" in Running Computers",,2008,journal article,Chinese Journal of Forensic Sciences,16712072,,,Wang Jun,"Due to lack of computer forensics professionals, the ""two-steps"" approach is commonly adopted to gather digital evidence in the running computer at the crime scene, that is, unplugging the running computer and booking it into evidence facilities first, then submitting it to trained digital evidence experts for examination. Although this method protects the aboriginality and integrity of digital evidence, it leads to the loss of ""volatile data"" stored in RAM and in other forms. The ""volatile data"" can often provide crucial clues and evidence for crime investigation, so it is necessary to make live analysis on-scene to acquire them. It is recommended that investigators be given professional trainings and get the live analysis skill.",,,,,Internet privacy; World Wide Web; Crime scene; Digital evidence; Crime investigation; Live analysis; Computer science; Computer forensics,,,,,https://en.cnki.com.cn/Article_en/CJFDTOTAL-SFJD200801011.htm,https://en.cnki.com.cn/Article_en/CJFDTOTAL-SFJD200801011.htm,,,2360578618,,0,,0,false,,
014-673-655-244-415,Examination of Digital Forensics Software Tools Performance: Open or Not?,2019-07-13,2019,book chapter,"Advanced Technologies, Systems, and Applications IV -Proceedings of the International Symposium on Innovative and Interdisciplinary Applications of Advanced Technologies (IAT 2019)",23673370; 23673389,Springer International Publishing,,Andrea Dizdarević; Sabina Baraković; Jasmina Barakovic Husic,"The performance evaluation in terms of digital forensics tools and software can be characterized as challenging research area due to constant development of technology in the digital world and rise of various manners in which it can be utilized for illegal purposes. There are many developed tools and software for digital forensics, some of them available for a license, and some of them free of charge. However, given that some practitioners from this field argue for commercial while others for open-source software, the reliability of the digital evidence which is collected, analyzed, and presented by both is constantly questioned. Motivated by the dilemma which tool or software for extracting digital evidence to use, we have conducted the review of the existing studies which directed us towards the examination of the performance of two different types of digital forensics tools: open-source (Linux Autopsy Sleuth Kit) and commercial (Magnet Axiom). The results of the research showed that the open-source digital forensics tool has better performance in comparison to the commercial one. In addition to this conclusion which can be useful for further investigations and research in both practical digital forensics and academic community, we also provide open issues to be addressed in the future.",,,442,451,Data science; Constant (computer programming); Software; Dilemma; License; Digital evidence; Field (computer science); Computer science; Reliability (statistics); Digital forensics,,,,,https://rd.springer.com/chapter/10.1007/978-3-030-24986-1_35 https://link.springer.com/chapter/10.1007%2F978-3-030-24986-1_35,http://dx.doi.org/10.1007/978-3-030-24986-1_35,,10.1007/978-3-030-24986-1_35,2960059758,,0,007-375-878-067-656; 011-858-450-368-387; 014-277-685-603-015; 016-212-216-771-564; 029-743-070-825-244; 033-877-222-136-260; 049-794-867-616-103; 086-033-601-429-189; 088-377-762-466-388; 134-927-490-231-285; 134-989-289-218-699,1,false,,
014-966-931-773-938,"IFIP Int. Conf. Digital Forensics - History, Historiography and the Hermeneutics of the Hard Drive",,2013,book chapter,Advances in Digital Forensics IX,18684238; 1868422x,Springer Berlin Heidelberg,Germany,Mark Pollitt,"This paper contrasts the traditional metaphors for digital forensics – computer science, geology and archeology – with the new metaphors of history and historiography. Narratology, the study of how narratives operate, is used to develop a construct for identifying narratives from within digital evidence. Knowledge management is suggested as a core digital forensic process. The paper describes how the investigative paradigm and traditional theories of forensic science can be integrated using two theoretical constructs, the hermeneutic and narrative theories of digital forensics. Also, natural language processing techniques are used to demonstrate how subjects can be identified from the Enron email corpus.",,,3,17,Epistemology; Construct (philosophy); Narrative; Digital forensic process; Digital evidence; Historiography; Computer science; Hermeneutics; Digital forensics; Narratology,,,,,https://link.springer.com/chapter/10.1007/978-3-642-41148-9_1 https://link.springer.com/content/pdf/10.1007/978-3-642-41148-9_1.pdf https://rd.springer.com/chapter/10.1007/978-3-642-41148-9_1 https://dblp.uni-trier.de/db/conf/ifip11-9/df2013.html#Pollitt13,http://dx.doi.org/10.1007/978-3-642-41148-9_1,,10.1007/978-3-642-41148-9_1,2238408366,,0,001-829-135-644-040; 013-292-804-110-379; 017-739-386-892-972; 019-831-293-743-518; 021-722-204-712-947; 056-147-935-794-618; 085-214-277-668-01X; 102-637-443-220-704; 104-004-608-176-127; 130-534-750-819-235; 140-821-103-436-654; 145-743-906-992-348; 148-698-839-036-557; 158-156-930-922-572; 169-681-995-848-515; 183-925-691-229-884; 186-993-770-394-232; 199-566-397-751-128,5,true,cc-by,green
015-293-871-689-496,SSCC - A Novel Approach for Monitoring SQL Anti-Forensic Attacks Using Pattern Matching for Digital Forensic Investigation,,2013,book chapter,Communications in Computer and Information Science,18650929; 18650937,Springer Berlin Heidelberg,Germany,Vaibhav T. Patil; Amrita A. Manjrekar,"Over the past few years the attacks on Software systems is increasing at an astonishing rate resulting in high revenue losses. Hence, Cyber/Digital forensics plays an important role by providing methods to acquire, asses, interpret, and use digital evidence to fetch conclusive details of cyber crime behavior. Recent trend in cyber crimes is the use of Anti-Forensic attacks to thwart the process of digital investigation by tampering the evidences.",,,162,167,Software system; Digital evidence; Cyber crime; Digital forensic investigation; Computer security; Computer science; Process (engineering); SQL; Pattern matching; Digital forensics,,,,,https://link.springer.com/10.1007/978-3-642-40576-1_16 https://dblp.uni-trier.de/db/conf/sscc/sscc2013.html#PatilM13 https://link.springer.com/chapter/10.1007/978-3-642-40576-1_16 https://rd.springer.com/chapter/10.1007/978-3-642-40576-1_16,http://dx.doi.org/10.1007/978-3-642-40576-1_16,,10.1007/978-3-642-40576-1_16,68904331,,0,004-977-837-911-514; 005-102-962-333-180; 007-832-595-971-443; 042-163-120-090-523; 045-935-396-341-342; 078-598-867-814-365; 081-032-497-600-401,2,false,,
015-425-670-149-17X,"Drive Testing, What It Is, and How It Is Used as Evidence",,2017,book chapter,Cell Phone Location Evidence for Legal Professionals,,Elsevier,,Larry Daniel,,,,69,78,Wireless network; Engineering; Footprint; Provisioning; Range (aeronautics); Tower; Phone; Wireless; Radio frequency; Telecommunications,,,,,https://www.sciencedirect.com/science/article/pii/B9780128093979000109,http://dx.doi.org/10.1016/b978-0-12-809397-9.00010-9,,10.1016/b978-0-12-809397-9.00010-9,2661983740,,0,,0,false,,
015-455-002-340-996,Intelligent Software Agent Applied To Digital Forensic and Its Usefulness,,2013,journal article,International Journal of Computer Science and Informatics,22315292,Institute for Project Management Pvt. Ltd,,Inikpi O Ademu; Chris Imafidon; David Preston,"<jats:p>Due to the large amount of information produced, accumulated, and distributed via electronic means, it is necessary for forensic experts during crime investigation to increase their abilities to search for important evidence in a timely manner because this is essential to the success of digital forensic examinations. The inadequacy of resources both in tools and human and also limitation in time have a negative impact in result obtained during digital forensic investigation. Previous researchers state that the chances of success in criminal prosecution by law enforcement agencies depend heavily on the availability of strong evidence. The coming out of intelligent software agents that function autonomously with little or no human intervention during crime investigation is significant to the success of digital forensic investigation. Better use of tools is necessary, beyond the capabilities of the currently used forensic tools. In this paper, we discuss the usefulness of intelligent software agent in digital forensic. The goal of the paper is to provide a better knowledge and understand the concepts of intelligent software agent in digital forensic. The findings presents in this paper came from thoroughly review of previous digital forensic literature.</jats:p>",,,277,280,Software engineering; Computer science; Software agent; Digital forensics,,,,,http://dx.doi.org/10.47893/ijcsi.2013.1105,http://dx.doi.org/10.47893/ijcsi.2013.1105,,10.47893/ijcsi.2013.1105,3114545121,,0,008-737-773-604-701; 157-954-859-648-506,3,true,,gold
015-480-556-423-384,What Is Digital Forensics,2017-09-28,2017,book chapter,Guide to Digital Forensics,21915768; 21915776,Springer International Publishing,,Joakim Kävrestad,"This chapter introduces the concept of digital forensics and provides a discussion of what computer forensics is, examining data in order to reconstruct what happened in a digital environment. Further, the chapter discusses the steps involved in a forensic examination in a digital environment, from collecting evidence to reporting on the findings of the examination. Common constraints and processes handled during a forensics examination are also introduced. Emphasis is put on making the reader understand the reason for a computer forensic examination and the fact that computer forensics follows the same rules and regulations as traditional forensic disciplines. The fact that a forensic examination is commonly initiated for a reason, answering some question, is also described. The aim of the chapter is to provide the reader with a brief and nontechnical overview of the subject digital forensics. As such, the chapter can be read and understood without any technical knowledge.",,,3,7,Data science; Subject (documents); Forensic examination; Computer science; Computer forensics; Digital forensics,,,,,https://link.springer.com/chapter/10.1007%2F978-3-030-38954-3_1 https://rd.springer.com/chapter/10.1007/978-3-319-67450-6_1,http://dx.doi.org/10.1007/978-3-319-67450-6_1,,10.1007/978-3-319-67450-6_1,2758873208,,0,038-668-970-194-854,2,false,,
015-592-284-127-528,Analisis Proses Investigasi Dekstop PC Yang Terhubung Layanan Private Cloud,2016-08-05,2016,journal article,Jurnal Teknik Informatika dan Sistem Informasi,24432229; 24432210,Maranatha Christian University,,Irfan Febrian Editia Kurdiat; Nur Widiyasono; Husni Mubarok,"Private Cloud Computing Services  is one of current technology advances that can meet the needs of companies and organizations, many cloud service providers to offer facilities at affordable costs. However, in addition to bringing the benefits, cloud services can be misused by insiders in the company to commit cyber crimes that hurt companies such as leakage of confidential data, take advantage of the company itself, data manipulation etc. Handling process in such cases it is necessary to use a digital forensic investigation to obtain information from the digital evidence. This research used EEDI (End to End Digital Investigation) in the process of investigation on the desktop side by getting the files and folders associated with crimes. The results of an investigation carried out in the form of information proving that the offender is committing a crime, The information then presented in the form of a forensic report which will be used during the trial. Keywords — Acquisition, Digital evidence, Digital forensic, investigation",2,2,134419,,Internet privacy; Engineering; Commit; Digital evidence; Cloud service provider; Computer security; Data manipulation language; Confidentiality; End-to-end principle; Cloud computing; Digital forensics,,,,,https://www.neliti.com/id/publications/134419/analisis-proses-investigasi-dekstop-pc-yang-terhubung-layanan-private-cloud https://media.neliti.com/media/publications/134419-ID-analisis-proses-investigasi-dekstop-pc-y.pdf,http://dx.doi.org/10.28932/jutisi.v2i2.463,,10.28932/jutisi.v2i2.463,2525472683,,0,022-435-366-997-054; 067-950-012-629-210; 077-532-025-251-756; 091-619-263-117-914; 111-090-978-711-139; 125-649-089-118-557; 133-397-275-695-990; 146-398-584-810-872; 184-948-841-629-735; 184-984-036-746-363,0,true,,
015-687-713-380-145,ACPO principles for digital evidence: Time for an update?,,2020,journal article,Forensic Science International: Reports,26659107,Elsevier BV,,Graeme Horsman,"Abstract Despite remaining largely unchanged for over 10 years, the Association of Chief Police Officers’s [ 1 ] Good Practice Guides for Digital Evidence and their four governing principles for evidence handling are amongst some of the most cited pieces of digital forensic best practice advice. However, given the pace of change in both technology and the field of digital forensics, this work debates whether it may be time to evaluate whether these principles remain wholly valid given the current forensic analysis landscape and their lack of updating or periodic evaluation. A discussion of the existing four ACPO principles is provided followed by an offering of eight new revised principles as a means of acknowledging the current challenges faced by practitioners in this field. It is hoped that this piece will spark a debate surrounding the principles we so frequently acknowledge as a mark of quality assurance in our investigations, and be a catalyst for evaluative considerations in this area.",2,,100076,,Work (electrical); Political science; Best practice; Pace; Thesaurus; SPARK (programming language); Digital evidence; Field (computer science); Engineering ethics; Digital forensics,,,,,https://jglobal.jst.go.jp/en/detail?JGLOBAL_ID=202102259523808363 https://research.tees.ac.uk/en/publications/acpo-principles-for-digital-evidence-time-for-an-update https://www.sciencedirect.com/science/article/pii/S2665910720300220,http://dx.doi.org/10.1016/j.fsir.2020.100076,,10.1016/j.fsir.2020.100076,3007919010,,0,014-835-460-139-85X; 017-792-811-186-108; 050-618-920-212-97X; 082-589-789-111-858; 083-312-117-071-763; 106-885-306-836-498,2,true,"CC BY, CC BY-NC-ND",gold
015-781-228-553-576,EIDWT - Combining Digital Forensic Practices and Database Analysis as an Anti-Money Laundering Strategy for Financial Institutions,,2012,conference proceedings article,2012 Third International Conference on Emerging Intelligent Data and Web Technologies,,IEEE,,Denys A. Flores; Olga Angelopoulou; Richard Self,"Digital forensics is the science that identify, preserve, collect, validate, analyse, interpret, and report digital evidence that may be relevant in court to solve criminal investigations. Conversely, money launderingis a form of crime that is compromising the internal policies in financial institutions, which is investigated by analysing large amount of transactional financial data. However, the majority of financial institutions have adopted ineffective detection procedures and extensive reporting tasks to detect money laundering without incorporating digital forensic practices to handle evidence. Thus, in this article, we propose an anti-money laundering model by combining digital forensics practices along with database tools and database analysis methodologies. As consequence, admissible Suspicious Activity Reports (SARs) can be generated, based on evidence obtained from forensically analysing database financial logs in compliance with Know-Your-Customer policies for money laundering detection.",,,218,224,Finance; Criminal investigation; Stored procedure; Transaction log; Business intelligence; Money laundering; Digital evidence; Computer security; Computer science; Transactional leadership; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/eidwt/eidwt2012.html#FloresAS12 http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000006354745 https://ieeexplore.ieee.org/document/6354745/,http://dx.doi.org/10.1109/eidwt.2012.22,,10.1109/eidwt.2012.22,2064139900,,1,001-255-768-346-633; 008-248-336-372-327; 035-565-993-122-262; 038-635-790-055-91X; 050-308-742-156-878; 053-225-079-920-619; 060-811-689-677-148; 063-229-337-814-634; 090-225-519-152-855; 097-957-515-883-413; 098-073-896-258-592; 103-833-448-720-18X; 116-344-252-215-864; 125-519-560-533-563; 166-178-398-716-39X; 168-476-681-195-292; 172-278-398-102-967,15,false,,
016-123-869-009-118,An Ontological Approach to Study and Manage Digital Chain of Custody of Digital Evidence,2011-06-27,2011,journal article,Journal of information and organizational sciences,18463312,,,Jasmin Ćosić; Zoran Ćosić; Miroslav Bača,"Chain of custody of digital evidence in digital forensic field are today essential part of digital investigation process. In order the evidence to be accepted by the court as valid, chain of custody for digital evidence must be kept, or it must be known who exactly, when, where, why and how came into contact with evidence in each stage of the digital investigations process. This paper deals with digital evidence and chain of custody of digital evidence. Authors definetaxonomy and use an ontological approach to manage chain of custody of digital evidence. The aim of this paper was to develop ontology to provide a new approach to study and better understand chain of custody of digital evidence . Additionally, developed ontology can be used as a method to further develop a set of standard and procedures for secure management with digital evidence.",35,1,1,13,Chain of custody; Set (psychology); Data science; Ontology; Order (business); Digital evidence; Field (computer science); Computer security; Computer science; Process (engineering); Digital forensics,,,,,https://doaj.org/article/e188b09a2d93432386d471c0304e7c40 http://jios.foi.hr/index.php/jios/article/view/188 https://hrcak.srce.hr/69671 https://www.bib.irb.hr/526972 https://hrcak.srce.hr/file/103886 https://jios.foi.hr/index.php/jios/article/download/188/113 http://hrcak.srce.hr/file/103886,https://doaj.org/article/e188b09a2d93432386d471c0304e7c40,,,267787713,,0,019-618-656-851-241; 137-617-097-405-934,26,true,cc-by-nc-nd,gold
016-149-657-109-788,A Study on Extraction of Mobile Forensic Data and Integrity Proof,,2007,journal article,Journal of the Korea Society of Computer and Information,1598849x,,,Ki-Hwan Kim; Dea-Woo Park,"Lately, it is a trend that diffusion of Mobile Information Appliance that do various function by development of IT technology. There is function that do more convenient and efficient exchange information and business using mobile phone that is Mobile Information Appliance, but disfunction that is utilized by pointed end engineering data leakage, individual's privacy infringement, threat, etc. relationship means to use mobile phone is appeared and problems were appeared much. However, legal research of statute unpreparedness and so on need research and effort to prove delete, copy, integrity of digital evidence that transfer secures special quality of easy digital evidence to objective evidence in investigation vantage point is lacking about crime who use this portable phone. It is known that this Digital Forensic field is Mobile Forensic. In this paper. We are verify about acquisition way of digital evidence that can happen in this treatise through mobile phone that is Mobile Forensic's representative standing and present way to prove integrity of digital evidence using Hash Function.",12,6,177,185,Internet privacy; Engineering; Mobile phone; Phone; Digital evidence; Objective Evidence; Computer security; Legal research; Information appliance; Digital forensics; Hash function,,,,,http://www.koreascience.or.kr/article/ArticleFullRecord.jsp?cn=CPTSCQ_2007_v12n6_177,http://www.koreascience.or.kr/article/ArticleFullRecord.jsp?cn=CPTSCQ_2007_v12n6_177,,,772455731,,0,,2,false,,
016-180-173-990-746,Blockchain-based digital evidence inventory,,2019,journal article,Journal of Advances in Information Technology,17982340,Engineering and Technology Publishing,,David Billard,"This paper proposes the use of a blockchainbased structure in order to store evidences in a digital forensics investigation. The traditional chain of evidence is augmented with properties of immutability and traceability, thanks to a cryptographic process. The blockchain is constructed by forensics experts by adding evidences through the process. Since the blockchain is immutable, it can be shared among the different parties involved in a prosecution in order to review the chain of evidence and build their case. Furthermore, the blockchain structure can be applied to other forensics fields, like drugs, firearms, NDA. This blockchain is called a Digital Evidence Inventory (DEI) and is part of a wider framework encompassing a Forensics Confidence Rating (FCR) structure, in order to give experts the ability to rate the level of confidence for each evidence and a Global Digital Timeline (GDT) to order evidence through time. The whole framework is called ‘Aldiana’",10,2,41,47,Blockchain; Digital evidence; Computer security; Computer science; Digital forensics,,,,,https://hesso.tind.io/record/3610 https://hesso.tind.io/record/3610/files/Author%20postprint.pdf http://www.jait.us/uploadfile/2019/0529/20190529042106499.pdf,http://dx.doi.org/10.12720/jait.10.2.41-47,,10.12720/jait.10.2.41-47,3019070143,,0,001-170-920-458-777; 018-182-926-340-45X; 024-662-554-815-361; 026-535-638-457-216; 035-031-257-128-045; 035-448-415-847-226; 065-671-045-136-370; 134-927-490-231-285,6,true,cc-by,gold
016-212-216-771-564,IFIP Int. Conf. Digital Forensics - On a Scientific Theory of Digital Forensics,2016-09-20,2016,book chapter,IFIP Advances in Information and Communication Technology,18684238; 1868422x,Springer International Publishing,Germany,Martin S. Olivier,"A suitable theory to serve as scientific grounds for a digital forensic science is still elusive. Such a theory needs to satisfy the demands imposed by science and justify the facts derived as evidence using the theory. A number of grounding theories have been proposed. This chapter revisits three prominent theories, those of Gladyshev, Carrier and Cohen, and: (i) determines the requirements they suggest for a digital forensics theory; (ii) analyzes their primary differences; and (iii) assesses them using the norms that exist for science. This enables us to sketch the outlines of a new theory that better reflects the scientific requirements and the intended application of forensic science in a digital context.",,,3,24,Scientific theory; Internet privacy; Data science; Sketch; Context (language use); Digital evidence; Computer science; Computer forensics; Digital forensics,,,,,https://hal.inria.fr/hal-01758695 https://hal.inria.fr/hal-01758695/document https://link.springer.com/chapter/10.1007/978-3-319-46279-0_1 http://dx.doi.org/10.1007/978-3-319-46279-0_1 https://dx.doi.org/10.1007/978-3-319-46279-0_1 https://rd.springer.com/chapter/10.1007%2F978-3-319-46279-0_1 https://link.springer.com/content/pdf/10.1007%2F978-3-319-46279-0_1.pdf,http://dx.doi.org/10.1007/978-3-319-46279-0_1,,10.1007/978-3-319-46279-0_1,2519777594,,0,001-255-768-346-633; 018-416-630-149-284; 038-533-189-153-255; 039-027-862-935-463; 052-150-782-856-655; 054-869-075-171-518; 056-081-936-492-567; 056-147-935-794-618; 101-436-770-235-826; 124-536-382-369-948; 132-627-421-875-290; 141-018-791-775-943; 143-153-762-852-123; 148-886-939-512-678; 169-681-995-848-515; 177-614-116-933-087; 181-213-753-371-985; 199-032-377-883-709,3,true,cc-by,green
016-255-634-578-521,Digital Crime and Forensic Science in Cyberspace - Digital Crime And Forensic Science in Cyberspace (N/A),,2006,book,,,IGI Global,,Panagiotis Kanellis; Evangelos Kiountouzis; Nicholas Kolokotronis; Drakoulis Martakos,"Digital forensics is the science of collecting evidence often used in a court of law to prosecute those who engage in digital activities that are deemed unlawful. ""Digital Crime and Forensic Science in Cyberspace"" is unique in putting together a number of contributions from leading experts in digital forensics and associated fields, making information on this new and complex subject available in one source of reference that addresses its multifaceted nature. The chapters in this book depict the nature of the crime and the motives of the criminals before proceeding to analyze the type of attacks one must understand in order to be prepared. ""Digital Crime and Forensic Science in Cyberspace"" also covers incident preparedness and the tools that are available to the digital investigator, as well as issues that pertain to the education and skills that this new professional must be able to display.",,,,,Internet privacy; Engineering; Order (business); Preparedness; Subject (documents); Cyberspace; Computer security; Computer forensics; Digital forensics,,,,,http://ci.nii.ac.jp/ncid/BA84036649,http://dx.doi.org/10.4018/978-1-59140-872-7,,10.4018/978-1-59140-872-7,1552556952,,0,,38,false,,
016-262-486-127-280,THE ROLE OF DIGITAL FORENSIC IN REVEALING CRIMINAL ACTS OF ONLINE PROSTITUTION AT KEPOLISIAN DAERAH JAWA TIMUR,2020-07-31,2020,,,,,,Valdha Regytha Gana Atthoriq,"This thesis talks about the role of digital forensic in revealing criminal acts of online prostitution. Digital forensic itself is not specifically regulated in the Indonesian Criminal Code Act, but digital forensic is very important in its role in the process of analyzing an item of evidence obtained from a criminal offence. The subject matter that the author discusses is, how the digital forensic role in exposing the criminal acts of online prostitution and whether the barriers in the application of digital forensic in exposing the criminal acts of online prostitution. The research methods that the author uses are juridical empirical. The author also conducted an analysis on the role of digital forensic in exposing the criminal acts of online prostitution associated with the Information and Electronic Transaction Law which is then presented by the author's thought. The results of this study can be seen through several digital forensic roles at the level of investigation, prosecution and also the courts, in addition, there are also some obstacles that faced by the experts of Digital Forensic Examiner and the efforts that can be done in overcoming those obstacles.;  ; Keyword : Digital Forensic, Online Prostitution, Information and Electronic Transaction Law",1,1,,,Political science; Criminal code; Subject matter; Criminal offence; Electronic transaction; Criminology; Digital forensics,,,,,http://ligahukum.upnjatim.ac.id/index.php/ligahukum/article/view/21 http://ligahukum.upnjatim.ac.id/index.php/ligahukum/article/download/21/10,http://ligahukum.upnjatim.ac.id/index.php/ligahukum/article/view/21,,,3169210218,,0,,0,false,,
016-316-214-363-950,Design Architecture of Digital Evidence Case Management (DECMa): A Proposed Model for Virtual Environment Digital Forensics Examination,2017-05-01,2017,journal article,Advanced Science Letters,19366612; 19367317,American Scientific Publishers,United States,Ahmad Luthfi; Yudi Prayudi,,23,5,4192,4196,Virtual machine; Digital evidence; Design architecture; Case management; Computer science; Multimedia; Digital forensics,,,,,https://www.ingentaconnect.com/content/asp/asl/2017/00000023/00000005/art00083,http://dx.doi.org/10.1166/asl.2017.8261,,10.1166/asl.2017.8261,2792323406,,0,,2,false,,
016-357-729-609-877,RegForensicTool: Evidence Collection and Analysis of Windows Registry,,2016,journal article,International Journal of Cyber-Security and Digital Forensics,23050012,The Society of Digital Information and Wireless Communications (SDIWC),,Dinesh N. Patil; Bandu B. Meshram,,5,2,94,105,World Wide Web; Information system; Windows Registry; Evidence collection; Computer science; Wireless,,,,,http://sdiwc.net/digital-library/regforensictool-evidence-collection-and-analysis-of-windows-registry,http://dx.doi.org/10.17781/p002064,,10.17781/p002064,2411525332,,0,,5,false,,
016-441-011-219-628,A Digital Evidence Fusion Method in Network Forensics Systems with Dempster-Shafer Theory,,2014,journal article,China Communications,16735447,,,Tian Zhihon,"Network intrusion forensics is an important extension to present security infrastructure,and is becoming the focus of forensics research field.However,comparison with sophisticated multi-stage attacks and volume of sensor data,current practices in network forensic analysis are to manually examine,an error prone,labor-intensive and time consuming process.To solve these problems,in this paper we propose a digital evidence fusion method for network forensics with Dempster-Shafer theory that can detect efficiently computer crime in networked environments,and fuse digital evidence from different sources such as hosts and sub-networks automatically.In the end,we evaluate the method on well-known KDD Cup1999 dataset.The results prove our method is very effective for real-time network forensics,and can provide comprehensible messages for a forensic investigators.",,,,,Volume (computing); Data mining; Fuse (electrical); Intrusion; Dempster–Shafer theory; Digital evidence; Field (computer science); Focus (computing); Computer science; Network forensics,,,,,http://en.cnki.com.cn/Article_en/CJFDTOTAL-ZGTO201405010.htm,http://en.cnki.com.cn/Article_en/CJFDTOTAL-ZGTO201405010.htm,,,3147794605,,0,,0,false,,
016-731-160-722-396,Emerging Forensic Tools for Locating and Analyzing Digital Evidence - Competency Requirements and Gold Standards,,,book chapter,Emerging Forensic Tools for Locating and Analyzing Digital Evidence,,IGI Global,,Richard Boddington,,,,6463,7155,Engineering management; Engineering,,,,,,http://dx.doi.org/10.4018/978-1-4666-9591-7.les10,,10.4018/978-1-4666-9591-7.les10,2494588810,,0,,0,false,,
016-839-511-453-189,Application of proactive digital forensics in Cloud Computing environment,,2012,conference proceedings article,2012 20th Telecommunications Forum (TELFOR),,IEEE,,Grubor Gojko; Njegus Angelina,"The emergence of Cloud Computing has a significant impact on digital forensics, law and audit. Cloud service providers have not yet established a clearly defined process for digital forensics that would be admissible in court. Cloud forensics represents a new challenge for both service providers and users. Due to the decentralized nature of data processing in the Cloud, traditional approaches to evidence collection and recovery are no longer practical. In this paper we describe the problems of digital forensic investigations in the virtual environment, and discuss possible solutions to the implementation of proactive forensic investigation into the Cloud environment.",,,1413,1416,Service provider; Cloud testing; Defined process; Cloud computing security; Virtual machine; Computer security; Computer science; Network forensics; Cloud computing; Digital forensics,,,,,https://ieeexplore.ieee.org/document/6419483/ http://ieeexplore.ieee.org/document/6419483/,http://dx.doi.org/10.1109/telfor.2012.6419483,,10.1109/telfor.2012.6419483,2012147233,,0,002-288-358-355-198; 075-976-616-114-109; 088-107-511-907-126; 118-211-304-101-118; 120-312-368-290-960; 125-608-548-358-496; 158-468-997-833-921,1,false,,
016-915-586-462-874,The impact of culture and religion on digital forensics : the study of the role of digital evidence in the legal process in Saudi Arabia,,2015,dissertation,,,,,Najah Abdulaziz Alfaize,,,,,,Sharia; Law; Digital evidence; Legal process (jurisprudence); Medicine; Digital forensics,,,,,https://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.702055 https://dora.dmu.ac.uk/bitstream/2086/13124/1/e-thesis%20submission%20Najah%20Alfaize.pdf https://dora.dmu.ac.uk/xmlui/handle/2086/13124?show=full,https://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.702055,,,2579905486,,0,003-996-737-587-62X; 009-122-756-887-979; 010-112-971-518-806; 017-335-677-993-203; 020-944-423-224-895; 029-030-422-600-912; 029-638-263-419-336; 032-697-093-668-898; 036-983-773-232-054; 038-704-079-905-560; 040-399-625-797-40X; 040-823-216-153-224; 041-702-787-367-045; 062-788-502-964-113; 072-197-759-891-130; 074-466-638-386-23X; 075-128-417-091-483; 076-470-845-108-034; 141-182-449-198-823; 146-970-724-314-649; 150-798-203-223-314; 167-325-725-436-699; 175-602-270-496-697; 179-596-165-911-075; 182-146-817-902-925; 188-762-236-378-448; 192-955-966-543-738,1,false,,
017-060-167-812-521,Introduction of concurrent processes into the digital forensic investigation process,2015-07-06,2015,journal article,Australian Journal of Forensic Sciences,00450618; 1834562x,Informa UK Limited,United Kingdom,Aleksandar Valjarevic; Hein S. Venter,"Performing a digital forensic investigation requires a formalised process to be followed. It also requires that certain principles are applied, such as preserving of digital evidence and documenting actions. The need for a harmonised and standardised digital forensic investigation process has been recognised in the digital forensics community and much scientific work has been undertaken to produce digital forensic investigation process models, albeit with many disparities within the different models. The problem is that these existing models do not include any processes dealing explicitly with concurrent digital forensic principles. This leaves room for human error and omissions, as there is a lack of clear guidelines on the implementation of digital forensic principles. This paper proposes the introduction of concurrent processes into the digital forensic investigation process model. The authors define concurrent processes as the actions that should be conducted in parallel with other processes within th...",48,3,339,357,Engineering; Human error; Data science; Digital forensic process; Digital evidence; Digital forensic investigation; Computer security; Process (engineering); Process modeling; Digital forensics,,,,,https://repository.up.ac.za/bitstream/2263/50300/1/Valjarevic_Introduction_2016.pdf https://www.tandfonline.com/doi/full/10.1080/00450618.2015.1052754 https://repository.up.ac.za/handle/2263/50300,http://dx.doi.org/10.1080/00450618.2015.1052754,,10.1080/00450618.2015.1052754,1952678153,,0,012-723-051-030-715; 020-944-423-224-895; 027-062-355-180-009; 038-668-970-194-854; 041-059-041-666-09X; 044-318-946-010-004; 058-205-117-706-853; 059-259-197-397-244; 060-808-935-547-406; 073-176-805-913-104; 078-730-781-174-18X; 184-948-841-629-735; 185-786-886-555-378; 190-065-821-748-92X; 199-745-676-923-766,10,true,,green
017-251-266-099-903,The impact of the antivirus on the digital evidence,,2013,journal article,International Journal of Electronic Security and Digital Forensics,1751911x; 17519128,Inderscience Publishers,United Kingdom,Mohammed I. Al-Saleh,"Digital forensics DF has a significant role in accusing cyber criminals and proving them guilty. A criminal, if possible, may manage to delete the crime evidences in order to deny her responsibility about the crime. As the antivirus AV becomes an essential security component, this paper studies the effect of the AV on the digital evidence. The AV intercepts many system operations to check if the involved data contain malicious contents. This paper studies the effect of the AV on data from forensics perspectives. We design representing experiments and check if the AV affects the RAM artefacts of the involved tasks. We test three common AVs and show that the AV has an obvious effect on the RAM artefacts. To the best of our knowledge, we are the first to study the impact of the AV on the digital evidence.",5,3,229,240,Internet privacy; Digital evidence; Cyber crime; Computer security; Computer science; Digital forensics,,,,,https://www.inderscienceonline.com/doi/full/10.1504/IJESDF.2013.058656 https://doi.org/10.1504/IJESDF.2013.058656 https://dblp.uni-trier.de/db/journals/ijesdf/ijesdf5.html#Al-Saleh13 https://www.inderscience.com/link.php?id=58656,http://dx.doi.org/10.1504/ijesdf.2013.058656,,10.1504/ijesdf.2013.058656,2128977693,,0,001-304-351-638-313; 008-598-808-594-324; 009-832-452-035-773; 016-926-540-950-809; 017-358-994-049-12X; 018-826-306-040-166; 019-661-085-144-255; 022-322-035-475-971; 023-663-130-153-876; 024-381-049-056-789; 030-674-871-669-121; 034-095-325-733-017; 041-030-338-346-880; 041-173-411-911-697; 042-880-741-738-793; 058-448-820-778-759; 065-459-442-784-779; 071-345-315-077-336; 072-737-998-572-107; 072-920-096-795-665; 078-909-967-021-392; 080-351-281-760-491; 085-631-663-177-427; 100-223-696-099-567; 101-653-903-588-029; 113-193-064-453-131; 122-837-139-540-238; 122-938-236-841-027; 129-187-778-811-172; 133-810-695-980-014; 159-459-723-637-730; 183-749-241-311-469,12,false,,
017-298-248-569-973,The New Tech Effect: Analyzing Juror Credibility In Cases Involving Digital Evidence,,2011,,,,,,Gary A. Davis; Karen Paullet; Blase Kraeer; A.J. Grant,"In recent studies, the “Tech-Effect” theory has replaced the “CSI-Effect” theory as a means to explain the potential impact of technology on jurors. In past studies, proponents of the CSI-Effect (Crime Scene Investigation Effect) proposed that jurors tend to acquit suspects when forensic evidence is not as prevalent as it is in television crime dramas. The newer “Tech-Effect” (Technology Effect) proponents argue that crime dramas do not influence jurors; rather, jurors have heightened expectations for technical and scientific evidence simply because technology is so widespread in society. This study surveyed 131 students in a medium-sized, private university to determine if a Tech-Effect truly exists, and if so, could it influence juror credibility. The survey attempted to answer two questions: 1) Will students in IS/IT degree programs demonstrate greater knowledge of forensic technology in cases involving digital evidence?, and 2) Will students in IS/IT programs demonstrate lower acquittal rates in cases involving digital evidence? The study found that students in IS/IT programs do demonstrate greater knowledge of forensic technology. However, the study failed to reveal a relationship between higher levels of digital forensic knowledge and higher rates of acquittal.",5,4,44,,Scientific evidence; Crime scene; Political science; Acquittal; Credibility; Digital evidence; Potential impact; Information security; Social psychology; Digital forensics,,,,,http://proc.conisar.org/2011/pdf/1831.pdf http://jisar.org/2012-5/N4/JISARv5n4p44.pdf,http://proc.conisar.org/2011/pdf/1831.pdf,,,2146110130,,0,003-708-725-149-228; 033-699-703-944-315; 056-271-594-206-58X; 076-026-904-915-231; 085-797-670-173-360; 087-307-809-242-788; 095-339-055-794-688; 101-055-750-233-541; 141-114-411-397-670; 145-383-693-468-844; 160-309-419-720-144; 181-529-722-680-268; 197-813-445-143-26X,1,false,,
017-362-828-068-992,The importance of standardization in biometric data for digital forensics,,2017,conference proceedings article,2017 International Conference on Computer Science and Engineering (UBMK),,IEEE,,Semih Ulupinar; Sengul Dogan; Erhan Akbal; Turker Tuncer,"Digital forensics is a multi-disciplinary science area that sets standards for the collection, storage, compilation and analysis of electronic data. To evaluate data in judicial information, the evidence must have certain standards. The evidence includes many types of data such as audio, video and text that exist in electronic devices. Especially biometric data that contain specific information about the person have a large share in assessing cases in the field of digital forensics. In this paper, standardization process of biometric data is presented. At the same time, the standardization of biometric data has been examined in terms of digital forensics.",,,781,785,Iris recognition; World Wide Web; Data type; Fingerprint recognition; Standardization; Data science; Specific-information; Electronic data; Field (computer science); Computer science; Digital forensics,,,,,https://ieeexplore.ieee.org/document/8093529/,http://dx.doi.org/10.1109/ubmk.2017.8093529,,10.1109/ubmk.2017.8093529,2766246481,,0,005-346-826-473-876; 006-083-124-094-809; 006-415-075-561-703; 012-480-730-640-634; 013-983-715-131-103; 016-697-858-461-312; 027-210-906-179-146; 049-660-094-541-280; 053-874-293-287-367; 070-838-636-621-469; 102-562-156-143-976; 103-065-595-341-72X; 124-038-348-278-602; 127-506-614-501-779; 146-200-121-051-834; 159-343-458-647-078; 170-690-993-536-198; 188-148-043-074-608; 197-017-531-268-889,1,false,,
017-383-422-065-276,Analisis Forensik Aplikasi Michat Menggunakan Metode Digital Forensics Research Workshop,2022-04-25,2022,journal article,JURNAL MEDIA INFORMATIKA BUDIDARMA,25488368; 26145278,STMIK Budi Darma,,Galih Fanani; Imam Riadi; Anton Yudhana,"<jats:p>The development of information technology has had various positive and negative effects. The positive impact that information technology can have is to make it easier for people to communicate with others in the world, and the negative impact is that society is out of control when using its applications. It is an attitude that causes various crimes in the world caused by cyberspace (cybercrime) One of the most widely used instant messaging applications is Michat. The MiChat app causes cybercrime, pornography, online gambling, fraud, cyberbullying and drug trafficking. Evidence research is conducted using one of the frameworks of the digital forensic research workshop. In this framework, forensic identification, preservation, collection, investigation, analysis, and presentation phases are designed to find evidence of digital crime. The forensic tools used to collect evidence are mobility forensic express pro, a DB browser for SQLite, and oxygen forensic detective. Results are presented in the form of reports and evidence, and text chat files, contacts, images, audio, video, and web caches are generated. Forensic tools have a 100% success rate in finding evidence. Comparing the functions of the three forensic tools, the mobility forensic express pro has a processing rate of 66.7%, DB browser for SQLite has 33.3%, and oxygen forensic detective has 83.3%. Digital evidence can be used as corroborating evidence in a trial</jats:p>",6,2,1263,,,,,,,,http://dx.doi.org/10.30865/mib.v6i2.3946,,10.30865/mib.v6i2.3946,,,0,,0,false,,
017-466-009-936-844,A New Approach for Image Authentication Framework for Media Forensics Purpose,2021-10-03,2021,,arXiv: Cryptography and Security,,,,Ahmad M. Nagm; Khaled Y. Youssef; Mohammad I. Youssef,"With the increasing widely spread digital media become using in most fields such as medical care, Oceanography, Exploration processing, security purpose, military fields and astronomy, evidence in criminals and more vital fields and then digital Images become have different appreciation values according to what is important of carried information by digital images. Due to the easy manipulation property of digital images (by proper computer software) makes us doubtful when are juries using digital images as forensic evidence in courts, especially, if the digital images are main evidence to demonstrate the relationship between suspects and the criminals. Obviously, here demonstrate importance of data Originality Protection methods to detect unauthorized process like modification or duplication and then enhancement protection of evidence to guarantee rights of incriminatory. In this paper, we shall introduce a novel digital forensic security framework for digital image authentication and originality identification techniques and related methodologies, algorithms and protocols that are applied on camera captured images. The approach depends on implanting secret code into RGB images that should indicate any unauthorized modification on the image under investigation. The secret code generation depends mainly on two main parameter types, namely the image characteristics and capturing device identifier. In this paper, the architecture framework will be analyzed, explained and discussed together with the associated protocols, algorithms and methodologies. Also, the secret code deduction and insertion techniques will be analyzed and discussed, in addition to the image benchmarking and quality testing techniques.",,,,,Authentication (law); Identifier; Digital media; Information retrieval; Computer science; Digital image; Architecture framework; Identification (information); Digital forensics; Property (programming),,,,,https://arxiv.org/abs/2110.01065v1 http://arxiv.org/pdf/2110.01065.pdf,https://arxiv.org/abs/2110.01065v1,,,3204693238,,0,008-003-643-730-272; 008-385-486-067-281; 017-427-799-033-815; 026-356-314-044-331; 029-809-147-559-685; 044-810-778-404-26X; 048-721-406-257-845; 050-436-166-197-052; 063-010-122-851-861; 077-665-001-034-932; 107-770-312-616-279; 114-669-904-528-464; 122-862-872-461-000; 137-245-823-850-502; 146-882-290-311-351,0,true,,
017-815-064-018-299,Handbook of Digital Forensics and Investigation,2009-10-07,2009,book,,,,,Eoghan Casey,"The Handbook of Digital Forensics and Investigation builds on the success of the Handbook of Computer Crime Investigation, bringing together renowned experts in all areas of digital forensics and investigation to provide the consummate resource for practitioners in the field.This unique collection details how to conduct digital investigations in both criminal and civil contexts, and how to locate and utilize digital evidence on computers, networks, and embedded systems. Specifically, the Investigative Methodology section of the Handbook provides expert guidance in the three main areas of practice: Forensic Analysis, Electronic Discovery and Intrusion Investigation. The Technology section is extended and updated to reflect the state of the art in each area of specialization. The main areas of focus in the Technology section are forensic analysis of Windows, Unix, Macintosh, and embedded systems (including cellular telephones and other mobile devices), and investigations involving networks (including enterprise environments and mobile telecommunications technology).The Handbook of Digital Forensics and Investigation is an essential technical reference and on-the-job guide that IT professionals, forensic practitioners, law enforcement, and attorneys will rely on when confronted with computer related crime and digital evidence of any kind. *Provides methodologies proven in practice for conducting digital investigations of all kinds*Demonstrates how to locate and interpret a wide variety of digital evidence, and how it can be useful in investigations *Presents tools in the context of the investigative process, including EnCase, FTK, ProDiscover, foremost, XACT, Network Miner, Splunk, flow-tools, and many other specialized utilities and analysis platforms*Case examples in every chapter give readers a practical understanding of the technical, logistical, and legal challenges that arise in real investigations",,,,,Engineering; Variety (cybernetics); Mobile device; Data science; Electronic discovery; Context (language use); Digital evidence; Computer security; Process (engineering); Computer forensics; Digital forensics,,,,,https://www.amazon.com/Handbook-Digital-Forensics-Investigation-Eoghan/dp/0123742676 https://dl.acm.org/citation.cfm?id=1822831 https://www.goodreads.com/work/editions/10020002-handbook-of-digital-forensics-and-investigation http://ci.nii.ac.jp/ncid/BB09627875 https://openlibrary.telkomuniversity.ac.id/home/catalog/id/171389/slug/handbook-of-digital-forensics-and-investigation.html,https://www.amazon.com/Handbook-Digital-Forensics-Investigation-Eoghan/dp/0123742676,,,1499669957,,0,,144,false,,
018-123-945-182-16X,IFIP Int. Conf. Digital Forensics - Implementing the Harmonized Model for Digital Evidence Admissibility Assessment,2019-08-07,2019,book chapter,Advances in Digital Forensics XV,18684238; 1868422x,Springer International Publishing,Germany,Albert Antwi-Boasiako; Hein S. Venter,"Standardization of digital forensics has become an important focus area for researchers and criminal justice practitioners. Over the past decade, several efforts have been made to encapsulate digital forensic processes and activities in harmonized frameworks for incident investigations. A harmonized model for digital evidence admissibility assessment has been proposed for integrating the technical and legal determinants of digital evidence admissibility, thereby providing a techno-legal foundation for assessing digital evidence admissibility in judicial proceedings.",,,19,36,Criminal justice; Standardization; Foundation (evidence); Digital evidence; Focus area; Computer science; Engineering ethics; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/ifip11-9/df2019.html#Antwi-BoasiakoV19 https://hal.inria.fr/IFIP-AICT-569/hal-02534607 https://link.springer.com/chapter/10.1007%2F978-3-030-28752-8_2 https://rd.springer.com/chapter/10.1007/978-3-030-28752-8_2,http://dx.doi.org/10.1007/978-3-030-28752-8_2,,10.1007/978-3-030-28752-8_2,2966597639,,0,019-831-293-743-518; 030-453-321-278-389; 036-171-932-932-653; 036-660-292-677-451; 038-668-970-194-854; 048-993-244-146-024; 060-510-623-690-965; 078-730-781-174-18X; 084-452-444-628-355; 090-971-496-143-765; 093-294-917-313-78X; 105-054-122-831-381; 122-068-533-026-997; 162-064-908-561-877; 192-768-674-324-492; 193-154-027-591-826,3,true,cc-by,green
018-182-926-340-45X,"Error, Uncertainty, and Loss in Digital Evidence",,2002,journal article,International Journal of Digital Evidence,,,,Eoghan Casey,"Despite the potentially grave ramifications of relying on faulty information in the investigative or probabitive stages, the uncertainty in digital evidence is not being evaluated at present, thus making it difficult to assess the reliability of evidence stored on and transmitted using computer networks. As scientists, forensic examiners have a responsibility to reverse this trend and address formally the uncertainty in any evidence they rely on to reach conclusions. This paper discusses inherent uncertainties in network related evidence that can be compounded by data corruption, loss, tampering, or errors in interpretation and analysis. Methods of estimating and categorizing uncertainty in digital data are introduced and examples are presented.",1,,,,Data mining; Data science; Digital data; Digital evidence; Data Corruption; Computer science; Reliability (statistics); Interpretation (philosophy),,,,,https://dblp.uni-trier.de/db/journals/ijde/ijde1.html#Casey02 https://www.utica.edu/academic/institutes/ecii/publications/articles/A0472DF7-ADC9-7FDE-C80B5E5B306A85C4.pdf,https://dblp.uni-trier.de/db/journals/ijde/ijde1.html#Casey02,,,2129298892,,0,084-910-509-998-37X; 138-097-495-143-351; 154-076-872-296-968,104,false,,
018-332-230-662-937,Development of digital evidence collection methods in case of Digital Forensic using two step inject methods,,2014,conference proceedings article,2014 8th International Conference on Telecommunication Systems Services and Applications (TSSA),,IEEE,,Nana Rachmana Syambas; Naufal El Farisi,"Digital Forensics is a branch of forensic science related to legal evidence found in computers and digital storage media. In the process of the investigation, the investigators took digital evidence from computers, laptops, HP, and other electronic goods. But there are times when a suspect or a witness or related person does not want to cooperate with investigators and removing the digital evidence. Therefore a lot of research whose goal is to generate data from the flash memory, a hard disk or other digital storage media data content has been deleted. Unfortunately, such methods can not guarantee the data that has been deleted can be resurrected all, most can only partially and sometimes even then not perfect so the file can not be opened.This paper discusses the development of new methods for retrieval of digital evidence inject the two-step method (TSI), which have focused on the prevention of the loss of digital evidence by suspects or other party.The advantages of this method is the system working in secret and can be combined with other digital evidence excavation applications that already exist so that the accuracy and completeness of the resulting digital evidence can be better. Collaboration with admin-LAN client application also enables future data collection can be performed remotely.",,,1,6,The Internet; Data collection; Digital media; Digital evidence; Computer security; Computer science; Network forensics; Digital library; Computer forensics; Digital forensics,,,,,https://ieeexplore.ieee.org/document/7065951/ http://ieeexplore.ieee.org/document/7065951/,http://dx.doi.org/10.1109/tssa.2014.7065951,,10.1109/tssa.2014.7065951,2028534973,,0,017-335-677-993-203; 017-815-064-018-299; 018-182-926-340-45X; 059-577-872-928-63X; 096-116-672-496-799; 178-883-713-153-793,2,false,,
018-348-310-953-351,Idiographic Digital Profiling: Behavioral Analysis Based on Digital Footprints,,2014,journal article,"Journal of Digital Forensics, Security and Law",15587223,Embry-Riddle Aeronautical University/Hunt Library,,Chad M. S. Steel,"Idiographic digital profiling (IDP) is the application of behavioral analysis to the field of digital forensics. Previous work in this field takes a nomothetic approach to behavioral analysis by attempting to understand the aggregate behaviors of cybercriminals.  This work is the first to take an idiographic approach by examining a particular subject's digital footprints for immediate use in an ongoing investigation.   IDP provides a framework for investigators to analyze digital behavioral evidence for the purposes of case planning, subject identification, lead generation, obtaining and executing warrants, and prosecuting offenders.",9,1,7,18,Profiling (information science); Forensic psychology; Nomothetic and idiographic; Data science; Behavioral analysis; Computer science; Simulation; Digital forensics,,,,,https://oaji.net/articles/2014/1095-1408891536.pdf https://doi.org/10.15394/jdfsl.2014.1160 https://dblp.uni-trier.de/db/journals/jdfsl/jdfsl9.html#Steel14 https://commons.erau.edu/jdfsl/vol9/iss1/1/ https://commons.erau.edu/cgi/viewcontent.cgi?article=1160&context=jdfsl,http://dx.doi.org/10.15394/jdfsl.2014.1160,,10.15394/jdfsl.2014.1160,1519042819,,0,008-027-230-088-011; 012-662-686-064-04X; 020-334-730-569-270; 028-362-889-224-708; 028-425-868-004-197; 029-093-652-551-501; 036-050-861-198-04X; 038-831-629-110-167; 052-338-831-445-137; 059-322-705-319-269; 078-351-640-478-163; 084-501-580-899-14X; 084-963-517-357-440; 112-738-360-403-279; 127-782-233-013-414; 143-768-147-997-92X; 151-657-890-862-181; 172-740-647-965-518; 182-114-118-388-852; 182-708-332-022-948,5,true,cc-by-nc,gold
018-367-507-509-717,ARES - A Discussion of Visualization Techniques for the Analysis of Digital Evidence,,2011,conference proceedings article,"2011 Sixth International Conference on Availability, Reliability and Security",,IEEE,,Gerald Schrenk; Rainer Poisel,"Digital crimes are increasing, so is the need for improvements in digital forensics. With the growth of storage capacity these digital forensic investigations are getting more difficult. Visualization allows for displaying big amounts of data at once, so a foresic investigator is able to maintain an overlook about the whole case. Through zooming it is possible to analyze interesting parts of evidence without losing the general view. This paper gives an overview of data classification, data sources and a classification of available techniques. Different state of the art tools for visualization of frequency, timelines, e-mails and logging data are discussed. Further details on how these tools support the digital forensics progress through visualization are given. Finally a comparison between conventional approaches and visualization techniques is presented. The benefit for the reader is to get a quick overview of the state-of-the-art of visualization techniques for processing digital evidence.",,,758,763,World Wide Web; Creative visualization; Data visualization; Information visualization; Data science; Digital evidence; Electronic mail; Visualization; Computer science; Computer forensics; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/IEEEares/ares2011.html#SchrenkP11 http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000006046033 https://www.computer.org/csdl/proceedings-article/ares/2011/4485a758/12OmNCzb9xX https://ieeexplore.ieee.org/document/6046033/ https://doi.ieeecomputersociety.org/10.1109/ARES.2011.119,http://dx.doi.org/10.1109/ares.2011.119,,10.1109/ares.2011.119,2148445031,,0,006-144-504-826-078; 028-913-530-516-075; 031-056-607-420-157; 043-841-118-809-03X; 050-000-944-827-798; 064-076-128-718-04X; 064-170-716-528-26X; 068-383-476-721-435; 083-192-705-272-816; 088-400-884-660-771; 094-010-349-937-445; 103-309-933-900-466; 159-478-282-378-49X; 167-049-018-527-294; 182-550-927-246-425; 189-184-149-844-556,10,false,,
018-688-665-352-310,Video-Based Evidence Analysis and Extraction in Digital Forensic Investigation,,2019,journal article,IEEE Access,21693536,Institute of Electrical and Electronics Engineers (IEEE),United States,Jianyu Xiao; Shancang Li; Qingliang Xu,"As a result of the popularity of smart mobile devices and the low cost of surveillance systems, visual data are increasingly being used in digital forensic investigation. Digital videos have been widely used as key evidence sources in evidence identification, analysis, presentation, and report. The main goal of this paper is to develop advanced forensic video analysis techniques to assist the forensic investigation. We first propose a forensic video analysis framework that employs an efficient video/image enhancing algorithm for the low quality of footage analysis. An adaptive video enhancement algorithm based on contrast limited adaptive histogram equalization (CLAHE) is introduced to improve the closed-circuit television (CCTV) footage quality for the use of digital forensic investigation. To assist the video-based forensic analysis, a deep-learning-based object detection and tracking algorithm are proposed that can detect and identify potential suspects and tools from footages.",7,,55432,55442,Artificial intelligence; Mobile device; Object detection; Forensic video analysis; Digital forensic investigation; Adaptive histogram equalization; Facial recognition system; Computer vision; Computer science; Histogram; Identification (information); Digital forensics,,,,"Planned Science and Technology Projects of Hunan Province, China; Planned Science and Technology Projects of Hunan Province, China; Planned Science and Technology Project of Changsha, China; Central South University",https://dblp.uni-trier.de/db/journals/access/access7.html#XiaoLX19a https://ieeexplore.ieee.org/document/8700194 https://uwe-repository.worktribe.com/output/3733121/video-based-evidence-analysis-and-extraction-in-digital-forensic-investigation https://core.ac.uk/download/323907298.pdf,http://dx.doi.org/10.1109/access.2019.2913648,,10.1109/access.2019.2913648,2942466912,,0,002-362-753-162-196; 003-546-075-971-973; 004-454-686-543-933; 008-557-954-363-275; 014-827-157-078-88X; 014-859-901-321-603; 015-468-366-273-424; 024-329-390-901-634; 024-891-705-629-451; 027-516-434-033-14X; 032-949-001-808-530; 033-050-227-346-544; 033-149-401-127-989; 039-677-547-033-392; 042-318-537-868-808; 043-717-844-464-939; 048-099-870-585-386; 050-027-508-811-343; 052-307-383-963-210; 065-442-229-334-524; 065-559-783-996-17X; 066-291-489-087-284; 074-998-399-714-87X; 077-653-761-053-337; 079-483-436-132-684; 081-843-765-870-125; 083-340-435-542-637; 090-794-300-074-346; 091-048-622-639-68X; 098-810-752-237-749; 102-169-873-723-040; 130-084-251-293-800; 132-417-646-634-88X; 135-177-042-837-845; 154-964-035-656-423; 162-592-454-502-125,20,true,"CC BY, CC BY-NC-ND",gold
018-773-609-741-377,Live Forensics Analysis of Line App on Proprietary Operating System,2019-10-30,2019,journal article,"Kinetik: Game Technology, Information System, Computer Network, Computing, Electronics, and Control",25032267; 25032259,Universitas Muhammadiyah Malang,," Riadi; Sunardi Sunardi; Muhamad Ermansyah Rauli","The development of computer technology is increasing rapidly. This has positive and negative effects. One of the negative effects that occurred was the use of Line applications to conduct online shop fraud. Line is one of the instant messenger applications that can be used on computers, especially on Windows 8.1 operating system computers. Applications that run on the computer leave traces of data on Random Access Memory (RAM). Data left in RAM can be obtained using digital forensic techniques, namely live forensics which is used when the computer is running and connected to the internet. This study aims to find digital evidence regarding cases of online shop fraud using the National Institute of Standards and Technology (NIST) method. Digital evidence can be obtained using forensic tools, namely RamCapturer, FTK Imager and Winhex. RamCapturer is used to acquire data in RAM, FTK Imager is used for imaging and Winhex is used to analyze data that has been taken. The results obtained in this study were conversational recordings consisting of conversation time, conversation content and conversation status which could be digital evidence in uncovering the online shop fraud crime that occurred.",4,4,305,314,The Internet; NIST; Operating system; Conversation; Digital evidence; Live forensics; Computer technology; Computer science; Line (text file); Digital forensics,,,,,https://kinetik.umm.ac.id/index.php/kinetik/article/view/850 https://core.ac.uk/download/pdf/295172135.pdf,http://dx.doi.org/10.22219/kinetik.v4i4.850,,10.22219/kinetik.v4i4.850,2982383923,,0,006-700-167-776-341; 008-656-244-710-010; 032-168-640-185-294; 055-473-899-043-485; 087-287-435-836-200; 114-239-357-516-674; 121-266-887-418-366; 150-042-119-479-43X; 185-798-265-234-254,2,true,,gold
018-885-485-300-751,Evidence Confidentiality and Digital Forensic Experts,2022-07-26,2022,journal article,Advances in Multidisciplinary and scientific Research Journal Publication,24888699,Creative Research Publishers,,John Kwaku Oppong,"<jats:p>Digital forensics has increasingly galloped into the space of criminal justice and law enforcements as a unique tool for evidence and its dissemination. Technological advancement in database and information has also made digital forensics an important tool in law enforcement and judicial proceedings. On the other side of the coin, evidence confidentiality is an indefinite concept and one that is very dynamic and intricate. Therefore, the services of forensic experts in the digital forensic field are often required due to the significance of digital evidence to many investigations. This paper provides a brief information about evidence confidentiality and digital forensic experts.  Keywords: Digital Forensics, Evidence, Confidentiality, Forensic Experts, Justice, Law.  BOOK Chapter ǀ Research Nexus in IT, Law, Cyber Security &amp; Forensics. Open Access. Distributed Free  Citation: John Kwaku Oppong (2022): Evidence Confidentiality and Digital Forensic Experts Book Chapter Series on Research Nexus in IT, Law, Cyber Security &amp; Forensics. Pp 161-166 www.isteams.net/ITlawbookchapter2022. dx.doi.org/10.22624/AIMS/CRP-BK3-P26</jats:p>",1,1,161,166,Digital forensics; Digital evidence; Computer forensics; Confidentiality; Law enforcement; Nexus (standard); Computer security; Internet privacy; Authentication (law); Forensic science; Computer science; Criminology,,,,,,http://dx.doi.org/10.22624/aims/crp-bk3-p26,,10.22624/aims/crp-bk3-p26,,,0,,0,true,,bronze
018-996-827-041-158,Part 2:- Quality assurance mechanisms for digital forensic investigations: knowledge sharing and the Capsule of Digital Evidence (CODE),,2020,journal article,Forensic Science International: Reports,26659107,Elsevier BV,,Graeme Horsman,"Abstract Despite potential numerous benefits, the field-wide sharing of knowledge in digital forensics is arguably still yet to be attained. Achieving this has attracted much practitioner and academic debate, yet solutions to two fundamental hurdles have yet to arguably be addressed; ‘how do we share knowledge’, and ‘what do we share’. Currently there a few viable protocols in place which tackle either of these issues forming a barrier to field-wide sharing. The focus of this work is to address the latter issue and guide practitioners on what content must be shared for any data to be of value to fellow professionals. This paper proposes the Capsule of Digital Evidence (CODE), a framework designed to set out the required elements for the sharing of reliable digital forensic knowledge. The CODE structure and its requisite contents are examined along with its applicability for supporting field-wide knowledge sharing in digital forensics.",2,,100035,,Set (psychology); Code (semiotics); Structure (mathematical logic); Data science; Value (ethics); Knowledge sharing; Digital evidence; Focus (computing); Computer science; Digital forensics,,,,,https://www.sciencedirect.com/science/article/pii/S2665910719300350 https://research.tees.ac.uk/ws/files/8652528/Part_2_Quality_assurance_mechanisms_for_digital_forensic_investigations_knowledge_sharing_and_the_Capsule_of_Digital_Evidence_CODE_.pdf http://www.sciencedirect.com/science/article/pii/S2665910719300350 https://research.tees.ac.uk/en/publications/part-2-quality-assurance-mechanisms-for-digital-forensic-investig https://core.ac.uk/download/pdf/232941018.pdf,http://dx.doi.org/10.1016/j.fsir.2019.100035,,10.1016/j.fsir.2019.100035,2980699189,,0,000-360-120-513-679; 004-652-388-189-304; 005-116-312-278-527; 006-933-430-647-14X; 007-790-059-029-953; 032-451-540-235-796; 036-112-898-081-145; 049-182-076-079-260; 058-052-081-943-595; 065-452-675-566-99X; 065-671-045-136-370; 065-873-523-989-876; 072-649-380-391-806; 077-287-216-746-675; 081-437-161-307-223; 111-061-578-674-84X; 111-488-239-742-003; 118-838-969-146-870; 159-513-941-346-557; 179-703-555-795-891,2,true,"CC BY, CC BY-NC-ND",gold
019-160-089-730-758,Research on Scientific Analysis and Processing of Digital Evidence During the Criminal Investigation of Industrial Espionage- Focused on Digital Forensic Investigation Technique-,,2010,,,,,,Jin Hong Jeong,,4,2,173,182,Criminal investigation; Engineering; Admissible evidence; Digital evidence; Digital forensic investigation; Scientific analysis; Engineering ethics; Digital forensics; Industrial espionage,,,,,https://www.kci.go.kr/kciportal/ci/sereArticleSearch/ciSereArtiView.kci?sereArticleSearchBean.artiId=ART001514018,https://www.kci.go.kr/kciportal/ci/sereArticleSearch/ciSereArtiView.kci?sereArticleSearchBean.artiId=ART001514018,,,2811042455,,0,,0,false,,
019-219-286-728-271,A semantic methodology for (un)structured digital evidences analysis,2018-11-01,2018,,,,,,Giovanni Cozzolino,"Nowadays, more than ever, digital forensics activities are involved in any criminal, civil or military investigation and represent a fundamental tool to support cyber-security.; Investigators use a variety of techniques and proprietary software forensic applications to examine the copy of digital devices, searching hidden, deleted, encrypted, or damaged files or folders. Any evidence found is carefully analysed and documented in a ""finding report"" in preparation for legal proceedings that involve discovery, depositions, or actual litigation.; The aim is to discover and analyse patterns of fraudulent activities.; In this work, a new methodology is proposed to support investigators during the analysis process, correlating evidences found through different forensic tools.; The methodology was implemented through a system able to add semantic assertion to data generated by forensics tools during extraction processes. These assertions enable more effective access to relevant information and enhanced retrieval and reasoning capabilities.",,,,,Variety (cybernetics); Encryption; Data science; Relevant information; Proprietary software; Assertion; Computer science; Process (engineering); Digital forensics,,,,,http://www.fedoa.unina.it/12687/,http://www.fedoa.unina.it/12687/,,,3049671768,,0,,0,false,,
019-456-366-483-584,IFIP Int. Conf. Digital Forensics - A Virtual Digital Forensics Laboratory,,,book chapter,IFIP — The International Federation for Information Processing,15715736; 18612288,Springer US,Germany,Philip Craiger; Paul Burke; Christopher Marberry; Mark Pollitt,"This paper discusses the concept of a virtual digital forensic laboratory, which incorporates networked examination and storage machines, secure communications, multi-factor authentication, role-based access control, and case management and digital asset management systems. Laboratory activities such as the examination, storage and presentation of digital evidence can be geographically distributed and accessed over a network by users with the appropriate credentials. The advantages of such a facility include reduced costs through shared resources and the availability of advanced expertise for specialized cases.",,,357,365,World Wide Web; Digital asset management; Virtual Laboratory; Digital evidence; Computer science; Network forensics; Virtualization; Access control; Storage area network; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/ifip11-9/df2008.html#CraigerBMP08 https://rd.springer.com/chapter/10.1007%2F978-0-387-84927-0_28 https://link.springer.com/chapter/10.1007%2F978-0-387-84927-0_28 https://link.springer.com/content/pdf/10.1007%2F978-0-387-84927-0_28.pdf https://link.springer.com/10.1007/978-0-387-84927-0_28,http://dx.doi.org/10.1007/978-0-387-84927-0_28,,10.1007/978-0-387-84927-0_28,1493502944,,2,011-938-893-012-160; 013-246-076-655-612; 019-896-812-961-734; 029-528-782-668-169; 045-462-429-185-271; 071-469-254-831-765; 082-174-086-731-351,5,true,,bronze
019-508-480-187-000,"Inter-regional digital forensic knowledge management: needs, challenges, and solutions",2020-11-06,2020,journal article,Journal of forensic sciences,15564029; 00221198,Wiley-Blackwell,United States,Eoghan Casey; Anna Zehnder,"Increasing demand for digital evidence in criminal investigations is driving decentralization of forensic capabilities closer to the crime scene. Law enforcement agencies are struggling to keep pace with technological developments, cybercrime growth, and scientific advances. In federated environments, digital forensic knowledge and practices vary widely across regions. To reduce delays, wasted resources, missed opportunities, mistakes, and misinterpretations, there is a pressing need to balance the democratization of digital forensic capabilities with knowledge management and sharing between decentralized regions. There are multiple forms of knowledge to be managed, including procedural, technical, investigative, scientific, behavioral, crime analysis, and forensic intelligence. In addition, there are multiple knowledge producers and consumers, including police investigators, digital forensic practitioners, criminal intelligence analysts, attorneys, and judges. Knowledge management becomes even more challenging when multiple interdependent regions are involved, speaking different languages. Taking all of these factors into consideration, this work presents an inter-regional knowledge management solution for improving the quality, consistency, reliability, efficiency, cost-effectiveness, and return on investment of digital forensic capabilities. The basis of this work is a community-driven initiative of Swiss regional police authorities. Interviews were conducted with 15 digital forensic units to determine their current knowledge management practices and needs. The results were then generalized into a prioritized set of requirements for inter-regional digital forensic knowledge management that may be applicable in other countries. These requirements were used to evaluate knowledge management platforms, and one was selected. Implementation, operations, and maintenance challenges of an inter-regional digital forensic knowledge management platform are discussed.",66,2,619,629,Criminal investigation; Business; Return on investment; Crime scene; Crime analysis; Cybercrime; Law enforcement; Digital evidence; Knowledge management; Digital forensics,IT investigation; collaboration; communication; digital forensics; digital investigation; efficiency; knowledge management and exchange; optimization,,,,https://pubmed.ncbi.nlm.nih.gov/33156519/ https://onlinelibrary.wiley.com/doi/10.1111/1556-4029.14613 https://www.ncbi.nlm.nih.gov/pubmed/33156519,http://dx.doi.org/10.1111/1556-4029.14613,33156519,10.1111/1556-4029.14613,3096266278,,0,007-898-145-584-667; 012-564-492-558-122; 030-177-879-793-402; 035-798-220-182-973; 051-975-164-698-08X; 085-482-775-276-618; 087-342-951-350-054; 102-277-601-213-467; 132-309-864-704-323; 135-988-931-214-479; 159-513-941-346-557; 171-620-328-325-465,1,false,,
019-645-930-990-548,ARES - Behavioural Evidence Analysis Applied to Digital Forensics: An Empirical Analysis of Child Pornography Cases Using P2P Networks,,2015,conference proceedings article,"2015 10th International Conference on Availability, Reliability and Security",,IEEE,,Noora Al Mutawa; Joanne Bryce; Virginia N. L. Franqueira; Andrew Marrington,"The utility of Behavioural Evidence Analysis (BEA) has gained attention in the field of Digital Forensics in recent years. It has been recognized that, along with technical examination of digital evidence, it is important to learn as much as possible about the individuals behind an offence, the victim (s) and the dynamics of a crime. This can assist the investigator in producing a more accurate and complete reconstruction of the crime, in interpreting associated digital evidence, and with the description of investigative findings. Despite these potential benefits, the literature shows limited use of BEA for the investigation of cases of the possession and dissemination of Sexually Exploitative Imagery of Children (SEIC). This paper represents a step towards filling this gap. It reports on the forensic analysis of 15 SEIC cases involving P2P file sharing networks, obtained from the Dubai Police. Results confirmed the predicted benefits and indicate that BEA can assist digital forensic practitioners and prosecutors.",,,293,302,Internet privacy; Possession (law); Child pornography; Digital evidence; Evidence analysis; Computer security; Computer science; File sharing; Computer forensics; Digital forensics,,,,,https://derby.openrepository.com/handle/10545/583877 http://ieeexplore.ieee.org/abstract/document/7299929 http://clok.uclan.ac.uk/14162/ https://ieeexplore.ieee.org/document/7299929/ https://dblp.uni-trier.de/db/conf/IEEEares/ares2015.html#MutawaBFM15 https://core.ac.uk/download/42138502.pdf,http://dx.doi.org/10.1109/ares.2015.49,,10.1109/ares.2015.49,1928427522,,0,001-963-136-295-484; 004-284-891-049-29X; 005-675-962-306-009; 006-659-242-552-662; 008-027-230-088-011; 010-395-270-838-500; 016-940-999-144-086; 020-001-293-751-481; 020-788-875-314-291; 027-012-701-345-983; 035-268-486-096-206; 036-754-354-530-672; 037-657-165-598-848; 042-672-663-858-442; 048-645-419-219-088; 052-371-443-346-203; 056-081-936-492-567; 073-624-718-302-07X; 076-557-941-722-431; 090-075-652-286-106; 097-128-888-871-599; 103-175-545-949-937; 137-130-051-410-653; 137-254-164-534-059; 144-114-575-359-020; 145-062-913-009-934; 146-095-461-864-397; 147-659-670-579-979; 153-006-051-558-30X; 160-976-357-855-420; 161-013-132-643-026; 172-740-647-965-518; 192-292-910-979-431; 192-922-867-713-841,18,true,,green
019-784-116-444-155,SADFE - Secure Digital Chains of Evidence,,2011,book,2011 Sixth IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering,,IEEE,,Nicolai Kuntze; Carsten Rudolph,"Computers, mobile phones, embedded devices and other components of IT systems can often be easily manipulated. Therefore, in forensic use of digital evidence it is necessary to carefully check that the probative force of the evidence is sufficient. For applications where critical processes can lead to disputes and resolving disputed relies on digital evidence one open question is how to build the system in a way that secure digital evidence is available. This paper introduces the notion of secure digital chains of evidence and proposes a high-level architecture for systems that can provide such chains of evidence. Finally, possible building blocks are explored for the realisation of a distributed and heterogeneous system with support for secure digital chains of evidence.",,,1,8,Synchronization (computer science); Information technology; Architecture; Engineering; Trusted Computing; Software; Realisation; Digital evidence; Computer security; Computer forensics,,,,,https://research.monash.edu/en/publications/secure-digital-chains-of-evidence https://ieeexplore.ieee.org/document/6159125/ http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000006159125,http://dx.doi.org/10.1109/sadfe.2011.16,,10.1109/sadfe.2011.16,2104888635,,3,000-537-535-465-34X; 019-261-865-420-57X; 023-977-727-715-941; 029-956-698-780-087; 038-668-970-194-854; 050-862-101-117-818; 053-509-122-069-802; 058-409-370-512-563; 064-526-781-090-852; 068-573-819-186-700; 073-582-404-994-103; 087-577-313-400-228; 095-634-146-634-286; 142-450-872-700-061; 199-220-626-463-421,15,false,,
020-025-288-724-151,Legal Issues Regarding Digital Forensic Examiners Third Party Consent to Search,,2011,journal article,"Journal of Digital Forensics, Security and Law",15587223,Embry-Riddle Aeronautical University/Hunt Library,,Thomas Lonardo; Tricia Martland; Doug White; Alan Rea,"This paper focuses on Federal law as it relates to consent to search relating to Fourth Amendment privacy in the practice of Digital Forensics. In particular, Digital Examiners should be aware of how decisions in Federal Court may impact their ability to acquire evidence in both civil and criminal settings. Digital Forensics, being a relatively new field, is particularly subject to change as cases and appeals are decided. This paper provides an overview of relevant case law relating to issues in Digital Forensics. More importantly, our research provides Digital Forensic Examiners (DFE), as defined by Lonardo, White, and Rea ( Lonardo, 2008 , 2009 ), with scenarios that illustrate the various nuances when dealing with the consent to search. From issues of common authority, conflicting consent, apparent authority, and voluntary consent, our research explores court findings and applies them to practical advice and policy formation for DFEs.",6,4,19,34,Common law; Political science; Law; Federal law; Subject (documents); Apparent authority; Third-Party Consent; Federal court; Computer security; Computer forensics; Digital forensics,,,,,https://core.ac.uk/display/91788517 https://dblp.uni-trier.de/db/journals/jdfsl/jdfsl6.html#LonardoMW011 https://commons.erau.edu/jdfsl/vol6/iss4/3/ https://commons.erau.edu/cgi/viewcontent.cgi?article=1105&context=jdfsl https://doaj.org/article/a6123c8a6365452b953e055fbc96066b,http://dx.doi.org/10.15394/jdfsl.2011.1105,,10.15394/jdfsl.2011.1105,2146341813,,0,007-891-580-230-693; 161-212-502-492-31X,1,true,cc-by-nc,gold
020-395-185-704-199,Emerging Forensic Tools for Locating and Analyzing Digital Evidence - Using the Best Forensic Tools and Processes,,,book chapter,Emerging Forensic Tools for Locating and Analyzing Digital Evidence,,IGI Global,,Richard Boddington,,,,5027,5738,Data science,,,,,http://services.igi-global.com/resolvedoi/resolve.aspx?doi=10.4018/978-1-4666-9591-7,http://dx.doi.org/10.4018/978-1-4666-9591-7.les8,,10.4018/978-1-4666-9591-7.les8,2493382208,,0,,0,false,,
020-619-443-230-580,ANALISIS FORENSICS DIGITAL PADA FACEBOOK MESSENGER WEB UNTUK PENANGANAN KASUS CYBERCRIME,2019-11-01,2019,dissertation,,,,,Ruhdi Koara Setie,"ABSTRACT ; In the case of cybercrime, an analysis of cybercrime is needed to look for digital evidence conducted with Live Forensic technique, which is an analysis technique where data analysis is carried out directly on Random Access Memory (RAM) which is volatile and generally data stored on Random Access Memory (RAM) is a temporary storage area and easily lost if the system dies. Research conducted by the author in this study using simulations and scenarios, in this study using the Acer Aspire E14 Laptop as digital evidence. In the case of drug transactions using Facebook Messenger Web on an Acer Aspire E14 Laptop owned by a dealer which is used as evidence in searching for digital evidence that will be used by the authorities in court. Data analysis and digital evidence search were performed using the National Institute of Justice (NIJ) method which has several steps, namely Identification, Collection, Examination, Anlysis and Reporting. In this study managed to find digital evidence using the FTK Imager forensic tools on the logs that have been acquired and get chat log data that has been deleted, log shipping images from the Dealer, account name, and time of sending chat on Facebook Messenger Web. ; Keywords: Cybercrime, Facebook Messenger Web, Computer Forensics, Live Forensic, FTK Imager, National Institute Of Justice (NIJ)",,,,,World Wide Web; Justice (ethics); Cybercrime; Laptop; Digital evidence; Temporary storage; Computer science; Computer forensics; Identification (information); Log shipping,,,,,http://repository.ittelkom-pwt.ac.id/5691/,http://repository.ittelkom-pwt.ac.id/5691/,,,3119393888,,0,,0,false,,
020-773-751-245-448,Digital Forensics: Maintaining Chain of Custody Using Blockchain,,2019,conference proceedings article,"2019 Third International conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC)",,IEEE,,Mrunali Chopade; Sana Khan; Uzma Shaikh; Renuka Pawar,"The fundamental aim of digital forensics is to discover, investigate and protect an evidence, increasing cybercrime enforces digital forensics team to have more accurate evidence handling. This makes digital evidence as an important factor to link individual with criminal activity. In this procedure of forensics investigation, maintaining integrity of the evidence plays an important role. A chain of custody refers to a process of recording and preserving details of digital evidence from collection to presenting in court of law. It becomes a necessary objective to ensure that the evidence provided to the court remains original and authentic without tampering. Aim is to transfer these digital evidences securely using encryption techniques.",2019,,744,747,Chain of custody; Encryption; Distributed ledger; Cybercrime; Digital evidence; Computer security; Computer science; Process (engineering); Base64; Digital forensics,,,,,https://jglobal.jst.go.jp/en/detail?JGLOBAL_ID=202002252175404163,http://dx.doi.org/10.1109/i-smac47947.2019.9032693,,10.1109/i-smac47947.2019.9032693,3011153801,,0,004-621-833-471-155; 007-884-224-473-925; 025-217-964-155-547; 026-510-318-976-518; 034-190-709-015-829; 073-744-183-366-742; 106-204-830-624-073; 106-416-380-290-09X; 154-393-793-915-985,6,false,,
021-103-890-120-294,The Forensics Aspects of Event Data Recorders,,2008,journal article,"Journal of Digital Forensics, Security and Law",15587223,Embry-Riddle Aeronautical University/Hunt Library,,Jeremy S. Daily; Nathan Singleton; Elizabeth Downing; Gavin W. Manes,"The proper generation and preservation of digital data from Event Data Recorders (EDRs) can provide invaluable evidence to automobile crash reconstruction investigations. However, data collected from the EDR can be difficult to use and authenticate, complicating the presentation of such information as evidence in legal proceedings. Indeed, current techniques for removing and preserving such data do not meet the court’s standards for electronic evidence. Experimentation with an EDR unit from a 2001 GMC Sierra pickup truck highlighted particular issues with repeatability of results. Fortunately, advances in the digital forensics field and memory technology can be applied to EDR analysis in order to provide more complete and usable data. The presented issues should assist in the identification and development of a model for forensically sound collection and investigation techniques for EDRs.",3,3,29,42,Crash; Data science; Presentation; Digital data; Event data recorder; USable; Field (computer science); Computer security; Computer science; Identification (information); Digital forensics,,,,,https://commons.erau.edu/cgi/viewcontent.cgi?article=1044&context=jdfsl https://dblp.uni-trier.de/db/journals/jdfsl/jdfsl3.html#DailySDM08 https://core.ac.uk/display/91770912 https://commons.erau.edu/jdfsl/vol3/iss3/2/ https://oaji.net/articles/2014/1095-1407716943.pdf,http://dx.doi.org/10.15394/jdfsl.2008.1044,,10.15394/jdfsl.2008.1044,1568674730,,0,004-494-926-925-188; 042-721-475-914-361; 047-149-105-128-643; 068-110-213-474-15X; 121-230-063-948-992; 194-495-096-117-505,0,true,cc-by-nc,gold
021-106-151-289-487,Machine Learning Approaches in Mobile Data Forensic: An Overview,2022-08-04,2022,book chapter,Proceedings of the Third International Conference on Information Management and Machine Intelligence,25247565; 25247573,Springer Nature Singapore,,Preeti Dudhe; S. R. Gupta,"AbstractThis article discusses machine learning’s function in digital forensics to better understand where machine learning stands in today’s cybersecurity arena when it comes to gathering digital evidence. Hear began with discussing the history and development of digital forensics. Following that, the work proposes a short literature study to demonstrate the areas of digital forensics where machine learning techniques have been applied to date. The purpose of this article is to raise awareness about the use of machine learning in digital forensics. I am attempting to examine several machine learning applications in various fields to see how they might use machine learning in other sectors based on their current uses. The concepts described here will pave the way for developing more sophisticated and effective digital forensics tools. KeywordsSecurityDigital forensic techniquesNeural networkMachine learning",,,93,102,Digital forensics; Computer science; Computer forensics; Network forensics; Artificial intelligence; Data science; Digital evidence; Machine learning; Computer security,,,,,,http://dx.doi.org/10.1007/978-981-19-2065-3_12,,10.1007/978-981-19-2065-3_12,,,0,006-770-160-671-831; 035-429-754-375-450; 060-426-733-378-233; 074-549-082-563-141; 084-444-906-474-806; 088-237-179-049-769; 092-869-390-380-561; 102-526-721-473-145; 196-310-784-287-814,0,false,,
021-170-286-847-139,SSCC - A Heuristic Model for Performing Digital Forensics in Cloud Computing Environment,,2014,book chapter,Communications in Computer and Information Science,18650929; 18650937,Springer Berlin Heidelberg,Germany,Digambar Povar; G. Geethakumari,"Cloud computing is a relatively new model in the computing world after several computing paradigms like personal, ubiquitous, grid, mobile, and utility computing. Cloud computing is synonymous with virtualization which is about creating virtual versions of the hardware platform, the Operating System or the storage devices. Virtualization poses challenges to implementation of security as well as cybercrime investigation in the cloud. Although several researchers have contributed in identifying digital forensic challenges and methods of performing digital forensic analysis in the cloud computing environment, we feel that the requirement of finding the most appropriate methods to evaluate the uncertainty in the digital evidence is a must. This paper emphasizes on the methods of finding and analyzing digital evidence in cloud computing environment with respect to the cloud user as well as the provider. We propose a heuristic model for performing digital forensics in the cloud environment.",,,341,352,World Wide Web; Heuristic; Grid; Data science; Cybercrime; Digital evidence; Computer science; Virtualization; Cloud computing; Digital forensics; Utility computing,,,,,https://dblp.uni-trier.de/db/conf/sscc/sscc2014.html#PovarG14 https://link.springer.com/content/pdf/10.1007%2F978-3-662-44966-0_33.pdf https://rd.springer.com/chapter/10.1007/978-3-662-44966-0_33 https://link.springer.com/chapter/10.1007/978-3-662-44966-0_33,http://dx.doi.org/10.1007/978-3-662-44966-0_33,,10.1007/978-3-662-44966-0_33,170715374,,0,001-929-583-989-825; 016-073-660-398-930; 024-894-908-869-686; 028-214-174-321-817; 041-510-113-765-454; 049-977-511-720-26X; 051-368-118-380-383; 052-152-063-024-042; 056-122-492-187-163; 068-459-443-764-162; 077-066-116-235-027; 085-214-277-668-01X; 095-691-114-276-825; 097-742-985-330-217; 131-516-331-360-906; 134-927-490-231-285; 144-124-797-675-052; 158-058-753-766-767; 163-975-104-382-017; 170-108-067-251-840,11,false,,
021-274-813-247-757,"IMF - Characteristic Evidence, Counter Evidence and Reconstruction Problems in Forensic Computing",,2015,book,2015 Ninth International Conference on IT Security Incident Management & IT Forensics,,IEEE,,Andreas Dewald,"Historically, forensic computing (as digital forensics) developed pragmatically, driven by specific technical needs. Indeed, in comparison with other forensic sciences the field still is rather immature and has many deficits, such as the unclear terminology used in court. In this paper, we introduce notions of (digital) evidence, characteristic evidence, and (characteristic) counter evidence, as well as the definitions of two fundamental forensic reconstruction problems. We show the relation of the observability of the different types of evidence to the solvability of those problems. By doing this, we wish to exemplify the usefulness of formalization in the establishment of a precise terminology. While this will not replace all terminological shortcomings, it (1) may provide the basis for a better understanding between experts, and (2) helps to understand the significance of different types of digital evidence to answer questions in an investigation.",,,77,82,Computational criminology; Data science; Relation (database); Digital evidence; Electronic mail; Field (computer science); Observability; Computer security; Computer science; Terminology; Digital forensics,,,,,http://ieeexplore.ieee.org/document/7195808/ https://ieeexplore.ieee.org/document/7195808/ https://dblp.uni-trier.de/db/conf/imf/imf2015.html#Dewald15,http://dx.doi.org/10.1109/imf.2015.15,,10.1109/imf.2015.15,1604327977,,0,006-686-410-037-402; 007-790-059-029-953; 019-831-293-743-518; 045-439-795-806-132; 051-111-267-076-189; 059-577-872-928-63X; 060-808-935-547-406; 077-676-218-804-217; 078-573-767-887-603; 111-471-986-310-852; 134-927-490-231-285; 157-954-859-648-506; 181-411-989-710-354,0,false,,
021-286-019-586-450,Another brick in the wall: An exploratory analysis of digital forensics programs in the United States,,2021,journal article,Forensic Science International: Digital Investigation,26662817,Elsevier BV,,Syria McCullough; Stella Abudu; Ebere Onwubuariri; Ibrahim Baggili,"Abstract We present a comprehensive review of digital forensics programs offered by universities across the United States (U.S.). While numerous studies on digital forensics standards and curriculum exist, few, if any, have examined digital forensics courses offered across the nation. Since digital forensics courses vary from university to university, online course catalogs for academic institutions were evaluated to curate a dataset. Universities were selected based on online searches, similar to those that would be made by prospective students. Ninety-seven (n = 97) degree programs in the U.S. were evaluated. Overall, results showed that advanced technical courses are missing from curricula. We conclude that most degree programs evaluated offer legal/cyber law & ethics, investigative processes, and lab & forensic operations courses. The courses offered the least were memory forensics, Internet of Things (IoT) forensics, and program & software forensics. The data shows that some universities with the Forensic Science Education Programs Accreditation Commission (FEPAC) accreditation are lacking instruction in timely digital forensics topics such as memory forensics (0%), hardware security (0%), program & software forensics (0%), and ethical hacking (0%). Investigative processes (100%), network forensics (100%), lab & forensic operations (100%), and a senior design/capstone project (100%) are offered at all FEPAC accredited universities in digital forensics and digital evidence. Undergraduate degree programs with the National Centers of Digital Forensics Academic Excellence (CDFAE) designation had over a 50% offering rate for 11 out of the 22 courses we evaluated. However, memory forensics (0%) and IoT forensics (12.5%) were largely underrepresented. Our work provides an overview of the current state of digital forensics programs and discusses the importance of these courses to educate the next digital forensics workforce.",37,,301187,,Certified Ethical Hacker; Memory forensics; Excellence; Digital evidence; Computer science; Curriculum; Network forensics; Medical education; Accreditation; Digital forensics,,,,,https://dfrws.org/presentation/another-brick-in-the-wall-an-exploratory-analysis-of-digital-forensics-programs-in-the-united-states/ https://digitalcommons.newhaven.edu/cgi/viewcontent.cgi?article=1101&context=electricalcomputerengineering-facpubs https://dfrws.org/wp-content/uploads/2021/09/2021-usa-paper-11-another_brick_in_the_wall_an_exploratory_analysis_of_digital_forensics_programs_in_the_united_states.pdf https://digitalcommons.newhaven.edu/electricalcomputerengineering-facpubs/100/ https://www.sciencedirect.com/science/article/pii/S2666281721000950,http://dx.doi.org/10.1016/j.fsidi.2021.301187,,10.1016/j.fsidi.2021.301187,3162582693,,0,013-568-618-083-770; 042-997-613-590-885; 065-459-442-784-779; 078-327-902-374-330; 095-738-791-161-430; 097-939-114-561-254; 112-145-333-308-520; 118-244-930-021-861; 134-927-490-231-285; 150-535-534-813-410; 175-879-272-175-020; 184-804-094-399-813; 198-476-125-680-623,1,true,cc-by-nc-nd,hybrid
021-486-901-460-202,A Ten Step Process for Forensic Readiness.,,2004,journal article,International Journal of Digital Evidence,,,,Robert Rowlingson,"A forensic investigation of digital evidence is commonly employed as a post-event response to a serious information security incident. In fact, there are many circumstances where an organisation may benefit from an ability to gather and preserve digital evidence before an incident occurs. Forensic readiness is defined as the ability of an organisation to maximise its potential to use digital evidence whilst minimising the costs of an investigation. The costs and benefits of such an approach are outlined. Preparation to use digital evidence may involve enhanced system and staff monitoring, technical, physical and procedural means to secure data to evidential standards of admissibility, processes and procedures to ensure that staff recognise the importance and legal sensitivities of evidence, and appropriate legal advice and interfacing with law enforcement. This paper proposes a ten step process for an organisation to implement forensic readiness.",2,,,,Risk analysis (engineering); Cost–benefit analysis; Forensic science; Interfacing; Law enforcement; Digital evidence; Legal advice; Computer science; Process (engineering); Information security,,,,,https://dblp.uni-trier.de/db/journals/ijde/ijde2.html#Rowlingson04 https://www.utica.edu/academic/institutes/ecii/publications/articles/A0B13342-B4E0-1F6A-156F501C49CF5F51.pdf,https://dblp.uni-trier.de/db/journals/ijde/ijde2.html#Rowlingson04,,,185406290,,0,038-704-079-905-560; 084-688-221-410-931; 122-880-373-616-302,205,false,,
021-514-690-436-864,Towards the Leveraging of Data Deduplication to Break the Disk Acquisition Speed Limit,2016-10-18,2016,,arXiv: Computers and Society,,,,Hannah Wolahan; Claudio Chico Lorenzo; Elias Bou-Harb; Mark Scanlon,"Digital forensic evidence acquisition speed is traditionally limited by two main factors: the read speed of the storage device being investigated, i.e., the read speed of the disk, memory, remote storage, mobile device, etc.), and the write speed of the system used for storing the acquired data. Digital forensic investigators can somewhat mitigate the latter issue through the use of high-speed storage options, such as networked RAID storage, in the controlled environment of the forensic laboratory. However, traditionally, little can be done to improve the acquisition speed past its physical read speed from the target device itself. The protracted time taken for data acquisition wastes digital forensic experts' time, contributes to digital forensic investigation backlogs worldwide, and delays pertinent information from potentially influencing the direction of an investigation. In a remote acquisition scenario, a third contributing factor can also become a detriment to the overall acquisition time - typically the Internet upload speed of the acquisition system. This paper explores an alternative to the traditional evidence acquisition model through the leveraging of a forensic data deduplication system. The advantages that a deduplicated approach can provide over the current digital forensic evidence acquisition process are outlined and some preliminary results of a prototype implementation are discussed.",,,,,The Internet; RAID; Data acquisition; Mobile device; Speed limit; Digital forensic investigation; Data deduplication; Computer science; Upload; Real-time computing; Digital forensics,,,,,https://arxiv.org/pdf/1610.05462 http://ui.adsabs.harvard.edu/abs/2016arXiv161005462W/abstract https://arxiv.org/pdf/1610.05462.pdf,http://ui.adsabs.harvard.edu/abs/2016arXiv161005462W/abstract,,,2951262534,,0,000-360-120-513-679; 012-089-942-653-099; 055-614-100-530-52X; 080-196-042-005-758; 094-295-279-676-447; 118-214-115-485-064,0,true,,
021-563-550-669-43X,Digital Forensic Tools: The Next Generation,,2006,book chapter,Digital Crime and Forensic Science in Cyberspace,,IGI Global,,Iii Richard; Vassil Roussev,"<jats:p>Digital forensics investigators have access to a wide variety of tools, both commercial and open source, which assist in the preservation and analysis of digital evidence. Unfortunately, most current digital forensics tools fall short in several ways. First, they are unable to cope with the ever-increasing storage capacity of target devices. As capacities grow into hundreds of gigabytes or terabytes, the traditional approach of utilizing a single workstation to perform a digital forensics investigation against a single evidence source, such as a hard drive, will become completely intractable. Further, huge targets will require more sophisticated analysis techniques, such as automated categorization of images. We believe that the next generation of digital forensics tools will employ high-performance computing, more sophisticated evidence discovery and analysis techniques, and better collaborative functions to allow digital forensics investigators to perform investigations much more efficiently than they do today. This chapter examines the next generation of digital forensics tools.</jats:p>",,,75,90,Forensic science; Data science; Computer science; Computer forensics; Digital forensics,,,,,https://www.igi-global.com/chapter/digital-forensic-tools/8350,http://dx.doi.org/10.4018/978-1-59140-872-7.ch004,,10.4018/978-1-59140-872-7.ch004,2501843156,,0,,18,false,,
021-850-998-857-676,FORZA - Digital forensics investigation framework that incorporate legal issues,,2006,journal article,Digital Investigation,17422876,Elsevier BV,Netherlands,Ricci S. C. Ieong,"What is Digital Forensics? Mark Pollitt highlighted in DFRWS 2004 [Politt MM. Six blind men from Indostan. Digital forensics research workshop (DFRWS); 2004] that digital forensics is not an elephant, it is a process and not just one process, but a group of tasks and processes in investigation. In fact, many digital forensics investigation processes and tasks were defined on technical implementation details Investigation procedures developed by traditional forensics scientist focused on the procedures in handling the evidence, while those developed by the technologist focused on the technical details in capturing evidence. As a result, many digital forensics practitioners simply followed technical procedures and forget about the actual purpose and core concept of digital forensics investigation. With all these technical details and complicated procedures, legal practitioners may have difficulties in applying or even understanding their processes and tasks in digital forensics investigations. In order to break the technical barrier between information technologists, legal practitioners and investigators, and their corresponding tasks together, a technical-independent framework would be required. In this paper, we first highlighted the fundamental principle of digital forensics investigations (Reconnaissance, Reliability and Relevancy). Based on this principle, we re-visit the investigation tasks and outlined eight different roles and their responsibilities in a digital forensics investigation. For each role, we defined the sets of six key questions. They are the What (the data attributes), Why (the motivation), How (the procedures), Who (the people), Where (the location) and When (the time) questions. In fact, among all the investigation processes, there are six main questions that each practitioner would always ask. By incorporating these sets of six questions into the Zachman's framework, a digital forensics investigation framework - FORZA is composed. We will further explain how this new framework can incorporate legal advisors and prosecutors into a bigger picture of digital forensics investigation framework. Usability of this framework will be illustrated in a web hacking example. Finally, the road map that interconnects the framework to automatically zero-knowledge data acquisition tools will be briefly described.",3,,29,36,Usability; Road map; Key (cryptography); Data science; Zachman Framework; Computer security; Computer science; Process (engineering); Computer forensics; Digital forensics; Hacker,,,,,https://www.sciencedirect.com/science/article/abs/pii/S1742287606000661 https://www.sciencedirect.com/science/article/pii/S1742287606000661 https://doi.org/10.1016/j.diin.2006.06.004 https://dblp.uni-trier.de/db/journals/di/di3.html#Ieong06 https://dl.acm.org/doi/abs/10.1016/j.diin.2006.06.004,http://dx.doi.org/10.1016/j.diin.2006.06.004,,10.1016/j.diin.2006.06.004,2031533739,,0,020-944-423-224-895; 034-916-306-834-918; 038-668-970-194-854; 040-823-216-153-224; 129-360-320-775-188; 190-065-821-748-92X; 199-172-967-270-034,136,true,cc-by-nc-nd,hybrid
021-918-091-665-594,Chapter 3 - Investigating digital crime,2008-06-01,2008,book chapter,,,,,Ian Kennedy,"This chapter, bearing the name of the book, explores the relationship between digital evidence and cyber crime. It introduces the reader to protocols that apply to the practice of digital forensic examinations and the associated accreditation opportunities. The challenges of presenting digital evidence to lay juries in court are also explored.",,,,,Political science; Digital evidence; Cyber crime; Engineering ethics; Accreditation; Digital forensics,,,,,http://oro-vip.open.ac.uk/73464/ http://oro.open.ac.uk/73464/,http://oro-vip.open.ac.uk/73464/,,,3111201390,,0,,0,false,,
022-136-586-082-526,Strategic Leadership in Digital Evidence - Digital forensics process,,2021,book chapter,Strategic Leadership in Digital Evidence,,Elsevier,,Paul Reedy,,,,27,37,Software engineering; Computer science; Process (engineering); Digital forensics,,,,,https://api.elsevier.com/content/article/PII:B978012819618200005X?httpAccept=text/xml,http://dx.doi.org/10.1016/b978-0-12-819618-2.00005-x,,10.1016/b978-0-12-819618-2.00005-x,3107541682,,0,005-997-056-658-776; 016-357-729-609-877; 032-664-290-593-804; 066-235-037-082-291; 082-932-441-134-595; 088-229-295-768-496; 120-656-428-748-152; 148-617-284-942-187,0,false,,
022-297-576-546-283,Enhancing procedure of using new means of technologies in criminal proceedings,,2020,journal article,IUS ET SCIENTIA,24448478,Editorial Universidad de Sevilla,,Delia Magherescu,"The new era of technology is currently of high interest for the judicial proceedings in criminal matters. Although digital technologies have been increased in the last decades, both legislator and judicial authorities being involved in developing more and more efficient means of forensic investigation in purpose to prevent and combat the criminal phenomena, the criminal organizations are also interested in breaking such legal digital framework and achieving their own scope - a financial one. On the one hand, they are permanently interested in committing serious crimes including those in digital environment, whose consequences are one of the most dangerous crimes for the entire contemporary society. On the other hand, the law enforcement agencies are working in close cooperation with experts in digital field in order to gather information on how to improve the situation itself and investigate the criminal activities by means of digital evidence. In this context, the digitalization is an efficient tool of providing information, data and other instruments the judicial bodies need in achieving their goals in criminal proceedings. The current paper focuses on the techniques and methods that judicial bodies use in the investigation activity of gathering digital evidence that may serve in making decision in criminal cases the judicial bodies are invested with. The paper is structured in five chapters, each of them providing referential elements on the proposed topic. Its structure is designed as follows: Introduction; Aims; Methodology of Research; Achievements and failures through using new technologies; Doctrinal and jurisprudence approach, and Conclusion section, which advances a de lege ferenda proposal",6,1,8,21,Contemporary society; Political science; Emerging technologies; Context (language use); Law enforcement; Scope (project management); Legislator; Digital evidence; Engineering ethics; Jurisprudence,,,,,https://revistascientificas.us.es/index.php/ies/article/view/13344 https://dialnet.unirioja.es/servlet/articulo?codigo=7575063 https://core.ac.uk/download/334817883.pdf,http://dx.doi.org/10.12795/iestscientia.2020.i01.02,,10.12795/iestscientia.2020.i01.02,3046140244,,0,,0,true,cc-by-nc-nd,gold
022-530-184-398-582,Advances in Digital Forensics III - Advances in Digital Forensics III,,2007,book,IFIP — The International Federation for Information Processing,15715736; 18612288,Springer New York,Germany,Philip Craiger; Sujeet Shenoi,"ADVANCES IN DIGITAL FORENSICS III Edited by: Philip Craiger and Sujeet Shenoi Digital forensics deals with the acquisition, preservation, examination, analysis and presentation of electronic evidence. Networked computing, wireless communications and portable electronic devices have expanded the role of digital forensics beyond traditional computer crime investigations. Practically every crime now involves some aspect of digital evidence; digital forensics provides the techniques and tools to articulate this evidence. Digital forensics also has myriad intelligence applications. Furthermore, it has a vital role in information assurance -- investigations of security breaches yield valuable information that can be used to design more secure systems. Advances in Digital Forensics III describes original research results and innovative applications in the emerging discipline of digital forensics. In addition, it highlights some of the major technical and legal issues related to digital evidence and electronic crime investigations. The areas of coverage include: - Legal Issues - Insider Threat Detection - Rootkit Detection - Authorship Attribution - Forensic Techniques - File System Forensics - Network Forensics - Portable Electronic Device Forensics - Evidence Analysis and Management - Formal Methods This book is the third volume in the annual series produced by the International Federation for Information Processing (IFIP) Working Group 11.9 on Digital Forensics, an international community of scientists, engineers and practitioners dedicated to advancing the state of the art of research and practice in digital forensics. The book contains a selection of twenty-four edited papers from the Third Annual IFIP WG 11.9 Conference on Digital Forensics, held at the National Center for Forensic Science, Orlando, Florida, USA in the spring of 2007. Advances in Digital Forensics III is an important resource for researchers, faculty members and graduate students, as well as for practitioners and individuals engaged in research and development efforts for the law enforcement and intelligence communities.",,,,,Rootkit; Engineering; World Wide Web; Insider threat; Law enforcement; Information assurance; Digital evidence; Network forensics; Computer forensics; Digital forensics,,,,,https://link.springer.com/10.1007/978-0-387-73742-3,http://dx.doi.org/10.1007/978-0-387-73742-3,,10.1007/978-0-387-73742-3,1675859300,,0,,26,true,,bronze
022-694-669-764-676,Digital forensics laboratory projects,2006-05-01,2006,journal article,Journal of Computing Sciences in Colleges,19374763,,,Guillermo A. Francia,"The pervasiveness of information technology and the ever-increasing dependence of society on the availability of computers and network systems present a new frontier for business enterprises and law enforcement agencies. Attacks on these systems become an everyday occurrence. As such, every organization should assume responsibility in establishing a reasonably secure system to protect its own interests as well as those of its customers. And as computer crime steadily grows, so does the need for computer security professionals trained in gathering, correlating and analyzing digital forensic evidence. This paper presents the various digital forensics laboratory projects that are designed to be implemented in a controlled Computer Security and Forensic Analysis (CSFA) laboratory. The principal objective of the projects is to provide future computer security professionals the necessary hands-on training in digital forensics investigation.",21,5,38,44,Information technology; Forensic science; Principal (computer security); Law enforcement; Computer security; Computer science; Computer forensics; Digital forensics,,,,,https://dl.acm.org/doi/abs/10.5555/1127351.1127360,https://dl.acm.org/doi/abs/10.5555/1127351.1127360,,,2155594091,,0,002-255-931-431-413; 007-790-059-029-953; 009-817-335-436-96X; 026-595-961-209-188; 031-720-709-292-654; 040-393-580-637-973; 092-058-232-746-872,3,false,,
022-774-208-665-384,Preservation and Collection of Digital Evidence,2015-10-09,2015,book chapter,Computer Forensics,,"John Wiley & Sons, Inc.",,,,,,25,37,Computer science,,,,,,http://dx.doi.org/10.1002/9781119202011.ch3,,10.1002/9781119202011.ch3,,,0,,0,false,,
022-943-354-051-959,"DFRWS 2016 Europe d Proceedings of the Third Annual DFRWS Europe Digital evidence, 'absence' of data and ambiguous patterns of reasoning *",,2016,,,,,,Alex Biedermann,"In this paper we discuss the use of digital data by the Swiss Federal Criminal Court in a recent case of attempted homicide. We use this case to examine drawbacks for the defense when the presentation of scientific evidence is partial, especially when the only perspective mentioned is that of the prosecution. We tackle this discussion at two distinct levels. First, we pursue an essentially non-technical presentation of the topic by drawing parallels between the court's summing up of the case and flawed patterns of reasoning commonly seen in other forensic disciplines, such as DNA and particle traces (e.g., gunshot residues). Then, we propose a formal analysis of the case, using elements of probability and graphical probability models, to justify our main claim that the partial presentation of digital evidence poses a risk to the administration of justice in that it keeps vital information from the defense. We will argue that such practice constitutes a violation of general principles of forensic interpretation as established by forensic science literature and current recommendations by forensic science interest groups (e.g., the European Network of Forensic Science Institutes). Finally, we posit that argument construction and analysis using formal methods can help replace digital evidence appropriately into context and thus support a sound evaluation of the evidence. © 2016 The Authors. Published by Elsevier Ltd on behalf of DFRWS. This is an open access articleundertheCCBY-NC-NDlicense(http://creativecommons.org/licenses/by-nc-nd/4.0/).",,,,,Scientific evidence; Political science; Law and economics; Parallels; Presentation; Administration of justice; Context (language use); Digital evidence; Argument; Formal methods,,,,,https://serval.unil.ch/resource/serval:BIB_71F2C58C8DB2.P001/REF,https://serval.unil.ch/resource/serval:BIB_71F2C58C8DB2.P001/REF,,,2775498369,,0,004-883-297-684-711; 005-715-450-998-72X; 013-261-137-570-74X; 014-961-689-075-177; 016-976-912-187-206; 022-896-866-582-746; 042-398-266-516-108; 062-121-021-285-333; 079-046-994-186-390; 079-152-497-703-763; 088-306-589-450-500; 101-323-230-956-293; 128-597-792-698-79X; 190-293-161-420-439; 197-058-703-260-084,0,false,,
023-688-811-341-662,DIGITAL FORENSIC TOOLS: A COMPARATIVE APPROACH,,2015,,,,,,Dhwaniket Ramesh Kamble; Nilakshi Jain,"Digital forensic is part of forensic discipline that absolutely covers crime that is related to computer technology. A key or an important factor of digital investigation process is that, it is capable to map the events of an incident from different sources in obtaining evidence of an incident to be used for other secondary investigation aspects. Due to the application of computer used to investigate computer-based crime, has led to development of a new field called Digital forensics. Digital Forensic provide foundation and new ideas for the betterment and understanding the concepts. This paper studies the comparative approach of the digital forensic tools, its origins, its current position and its future directions.",,,,,Engineering; Computational criminology; Key (cryptography); Data science; Foundation (evidence); Computer technology; Field (computer science); Computer security; Process (engineering); Computer forensics; Digital forensics,,,,,,,,,2291563306,,0,026-774-296-742-022; 072-236-852-178-806; 134-927-490-231-285; 142-388-561-082-054,3,false,,
023-709-114-205-69X,ISSA - Towards a framework for enhancing potential digital evidence presentation,,2013,conference proceedings article,2013 Information Security for South Africa,,IEEE,,Nickson M. Karie; Hein S. Venter,"In the case of digital forensic investigations, the potential digital evidence captured, the analysis, interpretation, and attribution must ultimately be presented in the form of expert reports, depositions, and testimony in any legal proceedings. If the presentation and interpretation of the potential digital evidence is conducted correctly, it is much easier and useful in apprehending the attacker and stands a much greater chance of being admissible in the event of a prosecution. Wrongly presented and interpreted potential digital evidence data might create loopholes for perpetrators to exploit, thus, making it hard to convict and prosecute them. Existing digital forensic investigation process models have provided guidelines for identifying and preserving potential digital evidence captured from a crime scene. However, the extent to which such potential digital evidence may be admissible in a court of law remains a challenge to investigators. This is backed up by the fact that there are currently no standardised guidelines for even presenting the most common representations of digital forensic evidence. Therefore, in the authors' opinion, methodologies and specifications need to be developed in the field of digital forensics with the ability to effectively enhance the potential digital evidence presentation and interpretation in any legal proceedings. In this paper, therefore, we present a step-by-step framework in an attempt to propose high-level guidelines for enhancing the potential digital evidence presentation in any legal proceedings. Such a framework will be helpful to digital forensic experts, for example, in structuring investigation findings as well as in identifying relevant patterns of events to be incorporated during the presentation of potential digital evidence. The framework will also assist law enforcement agencies, for example, to determine, with less effort, the validity, weight and admissibility of any potential digital evidence presented. However, it should be noted that the purpose of this paper is not to replace any of the extensive and known evidence presentation principles, but serves as a survey of the state of the art of the research area while proposing harmonised and high-level guidelines for enhancing the presentation of potential digital evidence in legal proceedings.",,,1,8,Exploit; Crime scene; Data science; Presentation; Law enforcement; Digital evidence; Computer security; Computer science; Event (computing); Computer forensics; Digital forensics,,,,,https://ieeexplore.ieee.org/document/6641039/,http://dx.doi.org/10.1109/issa.2013.6641039,,10.1109/issa.2013.6641039,2114573573,,0,002-851-520-934-789; 006-839-535-410-076; 013-900-189-253-744; 036-132-248-316-123; 056-556-829-655-806; 067-950-012-629-210; 078-730-781-174-18X; 084-910-509-998-37X; 095-548-153-315-573; 110-754-935-358-497; 133-508-126-407-763; 143-562-788-834-457; 185-038-131-679-547,11,false,,
023-848-663-068-771,Can computer forensic tools be trusted in digital investigations,2020-10-28,2020,journal article,Science & justice : journal of the Forensic Science Society,18764452; 13550306,Forensic Science Society,United Kingdom,Wasim Ahmad Bhat; Ali Alzahrani; Mohamad Ahtisham Wani,"Abstract This paper investigates whether computer forensic tools (CFTs) can extract complete and credible digital evidence from digital crime scenes in the presence of file system anti-forensic (AF) attacks. The study uses a well-established six stage forensic tool testing methodology based on black-box testing principles to carry out experiments that evaluate four leading CFTs for their potential to combat eleven different file system AF attacks. Results suggest that only a few AF attacks are identified by all the evaluated CFTs, while as most of the attacks considered by the study go unnoticed. These AF attacks exploit basic file system features, can be executed using simple tools, and even attack CFTs to accomplish their task. These results imply that evidences collected by CFTs in digital investigations are not complete and credible in the presence of AF attacks. The study suggests that practitioners and academicians should not absolutely rely on CFTs for evidence extraction from a digital crime scene, highlights the implications of doing so, and makes many recommendations in this regard. The study also points towards immediate and aggressive research efforts that are required in the area of computer forensics to address the pitfalls of CFTs.",61,2,198,203,White-box testing; Exploit; Crime scene; Task (project management); File system; Digital evidence; Computer security; Computer science; Computer forensics,Anti-forensics; Black-box testing; Computer forensic tools; File systems; Forensics,Computers; Crime; Forensic Medicine; Forensic Sciences/methods; Humans,,,https://www.sciencedirect.com/science/article/abs/pii/S1355030620303002 https://www.ncbi.nlm.nih.gov/pubmed/33736854 https://europepmc.org/article/MED/33736854,http://dx.doi.org/10.1016/j.scijus.2020.10.002,33736854,10.1016/j.scijus.2020.10.002,3097838915,,0,003-526-475-150-199; 005-155-472-420-600; 007-375-878-067-656; 013-475-001-854-958; 022-723-601-549-961; 030-918-415-827-067; 042-230-817-975-353; 045-567-157-439-936; 046-318-533-334-038; 047-386-524-667-691; 049-363-433-613-058; 050-694-164-774-292; 065-061-509-329-026; 069-498-762-346-193; 071-942-083-141-698; 072-152-153-447-327; 074-299-373-252-299; 075-950-021-558-098; 078-817-460-650-140; 082-216-018-661-366; 100-552-121-697-280; 103-103-595-689-579; 103-615-756-435-705; 107-065-661-568-240; 134-502-810-516-308; 144-124-797-675-052; 185-343-535-827-64X,13,false,,
023-975-433-275-646,Analysis of Cloud Forensics : Review and Impact on Digital Forensics Aspects,2021-04-25,2021,journal article,International Journal of Scientific Research in Science and Technology,2395602x; 23956011,Technoscience Academy,,Mamta Khanchandani; Nirali Dave,"<jats:p>Digital forensics is the science of finding evidence to digital crimes and attacks. Cloud Forensics is a part of Digital Forensics that watches over the crime that has taken place over the cloud and carries out an investigation on it. Cloud computing is an evolutionary technology based on a huge network, which spreads globally. Hence, Cloud Forensics is a part of Network Forensics, which in turn is a part of Digital Forensics. Cloud organizations along with the providers of cloud service and customers that uses cloud service, are still awaiting the establishment of an explicit forensic revolution. Without the much-needed forensic capability, they will not be able to safeguard the robustness of their system and suitability of their services that assist criminal and cybercrime investigations. In this paper, we review the forensic process, challenges in cloud forensics, and its impact on digital forensics.</jats:p>",,,639,646,Data science; Cloud forensics; Computer science; Digital forensics,,,,,http://ijsrst.com/IJSRST2182118,http://dx.doi.org/10.32628/ijsrst2182118,,10.32628/ijsrst2182118,3159856036,,0,000-494-082-619-950; 006-680-761-463-190; 008-584-787-077-16X; 013-360-268-975-919; 025-315-423-877-95X; 026-162-197-054-585; 040-483-012-703-353; 054-887-738-520-678; 056-058-669-641-20X; 059-697-278-686-056; 060-905-412-608-729; 078-853-715-765-416; 082-793-334-095-933; 090-980-715-883-62X; 091-694-208-796-635; 093-022-712-589-02X; 110-454-809-930-822; 114-044-297-159-678; 124-912-663-881-389; 173-952-459-161-812,0,true,,gold
023-978-779-072-348,A Framework for Integrating Multimodal Biometrics with Digital Forensics,,2015,journal article,International Journal of Cyber-Security and Digital Forensics,23050012,The Society of Digital Information and Wireless Communications (SDIWC),,Victor R. Kebande; Nickson M. Karie,"Multimodal biometrics represents various categories of morphological and intrinsic aspects with two or more computerized biological characteristics such as facial structure, retina, keystrokes dynamics, voice print, retinal scans, and patterns for iris, facial recognition, vein structure, scent, hand geometry, and signature recognition. The objectives of Digital Forensics (DF), on the other hand, is to inspect digital media in a forensically sound manner with the essence of identifying, discovering, recovering, analysing the artifacts and presenting facts and suggestions about the discovered information to any court of law or civil proceedings. Because the accuracy of biometric indicators may rarely be investigated during a digital forensic investigation processes, integrating digital forensics with multimodal biometrics can enable effective digital forensic investigations on multiple captured physiological and behavioural characteristics. This paper, therefore, presents a self-adaptive approach for integrating digital forensics with multimodal biometrics. This is motivated by the fact that, as of the time of writing this paper, there is lack of effective and standardised methods for performing digital investigation across multimodal biometric indicators. In addition, there are also no proper digital forensic biometric management strategies in place. For this reason, to enable effective digital investigations on multiple captured physiological and behavioural characteristics, this paper aims at proposing a framework that is meant to facilitate the integration of DF and multimodal biometrics. The framework is also meant to enhance the analysis of potential digital evidence during investigations. Integrating multimodal biometrics and digital forensics using the proposed framework gives a promising approach to add value especially in enforcing security measures in different systems as well as a restricting factor to unauthorized access key discoveries. The integration of digital forensics with multimodal biometrics is the main focus of this paper.",4,4,498,507,Human–computer interaction; Speaker recognition; Hand geometry; Digital media; Biometrics; Digital evidence; Facial recognition system; Computer science; Multimedia; Signature recognition; Digital forensics,,,,,http://sdiwc.net/digital-library/a-framework-for-integrating-multimodal-biometrics-with-digital-forensics.html,http://dx.doi.org/10.17781/p001929,,10.17781/p001929,2178502485,,0,002-474-980-628-861; 020-944-423-224-895; 021-850-998-857-676; 023-709-114-205-69X; 035-223-520-491-228; 053-250-149-357-214; 070-818-081-080-313; 071-344-833-099-290; 078-730-781-174-18X; 096-463-439-745-855; 102-587-056-422-16X; 111-090-978-711-139; 111-239-904-354-442; 125-687-685-580-171; 149-999-442-437-657; 167-592-705-831-583; 174-186-817-525-708; 190-207-252-892-446,5,false,,
024-356-983-772-499,The key to forensic success: examination planning is a key determinant of efficient and effective digital forensics,,2016,book chapter,Digital Forensics,,Elsevier,,Mark Pollitt,,,,27,43,Human resources; Engineering; Set (psychology); Mobile device; Key (cryptography); Data science; Software; Digital evidence; Computer security; Computer forensics; Digital forensics,,,,,https://www.sciencedirect.com/science/article/pii/B9780128045268000022 http://www.sciencedirect.com/science/article/pii/B9780128045268000022,http://dx.doi.org/10.1016/b978-0-12-804526-8.00002-2,,10.1016/b978-0-12-804526-8.00002-2,2283126197,,0,019-698-064-288-240; 091-355-503-423-798; 105-858-581-907-529; 130-750-724-951-650; 135-093-130-725-466; 145-743-906-992-348,0,false,,
024-586-789-399-284,"SADFE - Panel: Lawyers, Judges and Digital Forensics: Evaluating Situational Awareness and Evidentiary Skills with Electronic Evidence, from Cybercrime to Civil Lawsuits.",,2007,book,Second International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'07),,IEEE,,Michael Losavio,"This panel of attorneys, and others, will discuss situational awareness and skills of lawyers, judges and computing professionals relating to evidence law and rules of procedure for using electronic evidence and digital forensics. The panel may address the new Federal Rules of Civil Procedure for the discovery and handling of electronic evidence that are effective December 1, 2006, their impact in federal courts and their influence in state courts.",,,101,101,Situation awareness; Political science; State (polity); Cybercrime; Federal Rules of Civil Procedure; Public relations; Information security; Computer forensics; Digital forensics,,,,,https://www.computer.org/csdl/proceedings-article/sadfe/2007/28080101/12OmNvAiS94 http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000004155353 https://ieeexplore.ieee.org/document/4155353/,http://dx.doi.org/10.1109/sadfe.2007.14,,10.1109/sadfe.2007.14,2166674347,,0,,0,false,,
024-676-384-175-775,Forensic Readiness and eDiscovery,,2015,book chapter,"Advances in Digital Crime, Forensics, and Cyber Terrorism",23270381; 23270373,IGI Global,,Dauda Sule,"<jats:p>In a bid to discover, uncover, and stamp out digital crime while ensuring information security and assurance, there is a need to investigate the crime once it has taken place. This will help trace the criminals and also secure an organization against future attacks. Forensic readiness entails that an organization be at alert in terms of digital evidence collection and storage – that is, collecting and storing such evidence constantly in a forensically sound manner, not just when the need for such evidence arises. In the event litigation arises or is anticipated, digital evidence may need to be reviewed by the opposing parties prior to court proceedings to assess quality of the evidence; this is eDiscovery. This chapter explores eDiscovery and forensic readiness. Digital evidence for eDiscovery needs to be forensically sound and provided in a timely and efficient manner - forensic readiness helps to ensure this. This chapter seeks to establish how forensic readiness is relevant to the eDiscovery process. </jats:p>",,,178,192,Computer science,,,,,https://www.igi-global.com/chapter/forensic-readiness-and-ediscovery/115757,http://dx.doi.org/10.4018/978-1-4666-6324-4.ch012,,10.4018/978-1-4666-6324-4.ch012,2485851301,,0,007-249-950-331-734; 021-486-901-460-202; 145-945-225-083-101,0,false,,
024-680-893-076-937,Pengembangan Model Digital Forensic Readiness Index (DiFRI) untuk Mencegah Kejahatan Dunia Maya,2016-05-01,2016,journal article,JISKA (Jurnal Informatika Sunan Kalijaga),25280074; 25275836,Al-Jamiah Research Centre,,Tri Widodo,"Kejahatan dunia maya terus meningkat. Namun, peningkatan kejahatan dunia maya, tidak disertai banyaknya barang bukti. Hal ini mengindikasikan kurangnya pemahaman akan kejahatan dunia maya dan juga digital forensic . Kesiapan menangani kejahatan dunia maya ini disebut digital forensic Readiness . Berdasarkan studi literatur dan penelitian-penelitian sebelumnya, dapat dirumuskan bahwa faktor-faktor digital forensic Readiness ini antara lain, Strategy, Policy & Procedure, Technology & Security, Digital forensic Response , Control & Risk, and Legality . Dari berbagai faktor tersebut dapat dibuat indikator-indikator yang nantinya dapat digunakan untuk mencegah atau menindaklanjuti kejahatan dunia maya. Faktor-faktor dan indikator tersebut akan menghasilkan nilai yang disebut Digital forensic Readiness Index (DiFRI). Sehingga kesiapan institusi mencegah dan menangani kejahatan dunia maya dapat diukur dengan menggunakan DiFRI. Kata Kunci : Digital forensic , Digital forensic Readiness , Digital forensic Readiness Index (DiFRI) , Kejahatan dunia maya",1,1,41,46,,,,,,https://ejournal.uin-suka.ac.id/saintek/JISKA/article/download/1095/1010 http://ejournal.uin-suka.ac.id/saintek/JISKA/article/view/1095 https://core.ac.uk/download/267117360.pdf,http://dx.doi.org/10.14421/jiska.2016.11-06,,10.14421/jiska.2016.11-06,2575083917,,0,,1,true,cc-by-nc,gold
024-745-088-735-092,SADFE - Computer Forensics And Electronic Evidence - Failure of Competent Computer Forensic Analysis And Other Computer-Related Acts As Ineffective Assistance Of Counsel,,2011,book,2011 Sixth IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering,,IEEE,,Michael Losavio; Deborah Keeling,"American defendants have the right to the effective assistance of counsel in criminal prosecutions pursuant to the Sixth Amendment to the U.S. Constitution. We examine how the effective assistance of counsel addresses competence and expertise with computer and digital forensics and electronic evidence. There is a floor of competence in modern litigation requiring competence as to the use of computer forensic services, at least in cases where electronic evidence is used. This is an area that is only now developing and which will continue to evolve. Examination of reported United States cases show a significant increase in the referenced use of computer forensics from 2004 through 2010, indicating significant growth in the use of digital forensics. Digital forensics has also been referenced by the courts, thought to a lesser degree. There are also the first reported cases to appear that assert defense counsel was ineffective for not using such counsel, asserting that counsel was not competent in that failure. The numbers of such cases, though, are too small to indicate anything other than the appearance of this concern as a matter required of competent counsel. Nonetheless, it may indicate a growing use and expectation of competence in the use of computer and digital forensic expertise in the analysis of electronic evidence.",,,1,6,Competence (law); Law; Constitution; Malpractice; Ineffective assistance of counsel; Computer forensics; Medicine; Digital forensics,,,,,https://www.computer.org/csdl/proceedings-article/sadfe/2011/4642a0018/12OmNyvGyli https://ieeexplore.ieee.org/document/6159112 https://doi.org/10.1109/SADFE.2011.6 http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000006159112 http://ieeexplore.ieee.org/document/6159112/ https://dl.acm.org/citation.cfm?id=2121349,http://dx.doi.org/10.1109/sadfe.2011.6,,10.1109/sadfe.2011.6,2080951347,,0,029-497-643-680-222,2,false,,
025-007-022-899-993,Discovery of Digital Evidence in Civil Cases,,2012,book chapter,Digital Forensics for Legal Professionals,,Elsevier,,Larry E. Daniel; Lars E. Daniel,,,,113,121,Digital evidence; Computer science; Data science; Computer security; Digital forensics,,,,,,http://dx.doi.org/10.1016/b978-1-59749-643-8.00016-x,,10.1016/b978-1-59749-643-8.00016-x,,,0,,0,false,,
025-413-390-011-47X,How to find exculpatory and inculpatory evidence using a circular digital forensics process model,,2009,journal article,International Journal of Electronic Security and Digital Forensics,1751911x; 17519128,Inderscience Publishers,United Kingdom,Marjan Khatir; Seyed Mahmood Hejazi,"With raising the number of cyber crimes, the need of having a proper digital forensic process also increases. Although digital forensics is practiced in recent years, there is still a big gap between previously suggested digital forensics processes and what is really needed to be done in real cases. Some problems with current processes are lack of flexible transition between phases, not having a clear method or a complete scenario for addressing reliable evidence, and not paying enough attention to management aspects and team roles. This article provides a process model by paying special attention to the team roles and management aspects as well as both exculpatory and inculpatory evidence.",2,1,68,76,Teamwork; Digital forensic process; Exculpatory evidence; Digital evidence; Computer security; Computer science; Process (engineering); Team Role Inventories; Computer forensics; Digital forensics,,,,,https://ui.adsabs.harvard.edu/abs/2008ges..conf...10K/abstract https://link.springer.com/content/pdf/10.1007%2F978-3-540-69403-8_2.pdf https://rd.springer.com/chapter/10.1007%2F978-3-540-69403-8_2 https://www.inderscienceonline.com/doi/abs/10.1504/IJESDF.2009.023877 https://dblp.uni-trier.de/db/journals/ijesdf/ijesdf2.html#KhatirH09 http://www.diva-portal.org/smash/record.jsf?pid=diva2:436813 https://www.inderscience.com/link.php?id=23877 https://link.springer.com/chapter/10.1007/978-3-540-69403-8_2,http://dx.doi.org/10.1504/ijesdf.2009.023877,,10.1504/ijesdf.2009.023877,2041229035,,0,001-009-008-665-240; 032-697-093-668-898; 034-916-306-834-918; 035-223-520-491-228; 056-590-277-527-716; 111-741-773-111-021; 184-948-841-629-735; 199-745-676-923-766,1,false,,
025-421-213-608-128,Solid State Drives: The Beginning of the End for Current Practice in Digital Forensic Recovery?,,2010,journal article,"Journal of Digital Forensics, Security and Law",15587223,Embry-Riddle Aeronautical University/Hunt Library,,Graeme Baxter Bell; Richard Boddington,"Digital evidence is increasingly relied upon in computer forensic examinations and legal proceedings in the modern courtroom. The primary storage technology used for digital information has remained constant over the last two decades, in the form of the magnetic disc. Consequently, investigative, forensic, and judicial procedures are well-established for magnetic disc storage devices (Carrier, 2005). However, a paradigm shift has taken place in technology storage and complex, transistor-based devices for primary storage are now increasingly common. Most people are aware of the transition from portable magnetic floppy discs to portable USB transistor flash devices, yet the transition from magnetic hard drives to solid-state drives inside modern computers has so far attracted very little attention from the research community.; ; ; Here we show that it is imprudent and potentially reckless to rely on existing evidence collection processes and procedures, and we demonstrate that conventional assumptions about the behaviour of storage media are no longer valid. In particular, we demonstrate that modern storage devices can operate under their own volition in the absence of computer instructions. Such operations are highly destructive of traditionally recoverable data. This can contaminate evidence; can obfuscate and make validation of digital evidence reports difficult; can complicate the process of live and dead analysis recovery; and can complicate and frustrate the post recovery forensic analysis.; ; Our experimental findings demonstrate that solid-state drives (SSDs) have the capacity to destroy evidence catastrophically under their own volition, in the absence of specific instructions to do so from a computer.",5,3,1,,Garbage collection; Volition (linguistics); Solid-state drive; Digital evidence; Computer security; Computer science; Forensic disk controller; Paradigm shift; USB; Digital forensics,,,,,https://core.ac.uk/display/11234249 https://commons.erau.edu/cgi/viewcontent.cgi?article=1078&context=jdfsl http://graemebell.net/publications/upload/bellbodd2010-preprint.pdf https://commons.erau.edu/jdfsl/vol5/iss3/1/ http://www.123seminarsonly.com/Seminar-Reports/023/50099126-Solid-State-Drives.pdf http://graemebell.net/pubs/bellbodd2010-preprint.pdf http://www.evidencegrade.com/file/Solid%20State%20Drives%20-%20The%20Beginning%20of%20the%20End.pdf https://securit.se/wp-content/uploads/2011/09/JDFSL-V5N3-Bell.pdf https://researchrepository.murdoch.edu.au/id/eprint/3714/ https://core.ac.uk/download/11234249.pdf,http://dx.doi.org/10.15394/jdfsl.2010.1078,,10.15394/jdfsl.2010.1078,1578425966,,2,008-215-658-916-277; 031-309-466-858-480; 046-527-367-793-765; 057-137-063-277-37X; 062-788-502-964-113; 085-214-277-668-01X; 120-697-354-224-33X; 126-044-289-253-635; 129-360-320-775-188; 160-160-097-559-323; 167-592-705-831-583; 185-038-131-679-547; 199-745-676-923-766,53,true,cc-by-nc,gold
025-635-226-430-377,Guideline Model for Digital Forensic Investigation,2007-04-18,2007,,,,,,Salma Abdalla; Sherif Hazem; Sherif Hashem,"This paper proposes a detailed guideline model for digital forensics; the proposed model consists of five main phases, Preparation phase, Physical Forensics and Investigation Phase, Digital Forensics Phase, Reporting and Presentation Phase, and Closure Phase. Most of the existing models in this field do not cover all aspects of digital forensic investigations, as they focus mainly on the processing of digital evidence or on the legal points. Although they gave good information to base on it a guide, but they are not detailed enough to describe fully the investigative process in a way that can be used by investigators during investigation. In this model detailed steps for each phase is given, so it can be used as guidance for the forensic investigators, and it can assist the development of new investigative tools and techniques.",,,55,76,Engineering; Closure phase; Data science; Presentation; Guideline; Digital evidence; Field (computer science); Computer security; Process (engineering); Computer forensics; Digital forensics,,,,,https://commons.erau.edu/cgi/viewcontent.cgi?article=1029&context=adfsl https://commons.erau.edu/adfsl/2007/session-7/2/,https://commons.erau.edu/adfsl/2007/session-7/2/,,,1943508834,,0,007-648-632-822-878; 016-246-732-121-088; 020-944-423-224-895; 038-668-970-194-854; 049-216-276-407-671; 062-032-128-092-406; 190-065-821-748-92X; 199-745-676-923-766,1,false,,
025-800-151-131-642,Emerging Forensic Tools for Locating and Analyzing Digital Evidence - The Fallacy of Forensic Imaging of Large Datasets,,,book chapter,Emerging Forensic Tools for Locating and Analyzing Digital Evidence,,IGI Global,,Richard Boddington,,,,2530,3207,Data science; Fallacy; Forensic imaging; Computer science,,,,,,http://dx.doi.org/10.4018/978-1-4666-9591-7.les4,,10.4018/978-1-4666-9591-7.les4,2490779247,,0,,0,false,,
026-126-015-902-734,The potential problems of admissibility and relevancy of digital forensics evidence in Syariah Courts,2020-03-31,2020,journal article,International Journal of Psychosocial Rehabilitation,14757192,Hampstead Psychological Associates,United Kingdom,Mohamad Khairudin Kallil; Ahmad Che Yaacob; Nasrul Hisyam Nor Muhamad; Zulkiflee Haron,"Digital forensics evidence has been recognized in Syariah courts by virtue of several related sections under Syariah Court Evidence (Federal Territories) Act 1997 or others Syariah Courts Evidence Enactments. However, due of lack of challenges on digital evidence cases in Syariah courts, the potential problems or obstacles of digital forensics evidence are unknown among the judges, lawyers and parties involved. Among the potential problems of admissibility and relevancy of digital forensics evidence are collecting evidence illegally, modifying evidence after it is in possession, deleting and editing any digital evidence data from the tools. Meanwhile digital data also changes moment by moment and invisible to the human eye and digital technologies are always changing so that forensic process can seldom be fixed for very long. Therefore this article aims to examine the potential problems of digital forensics evidence in Syariah courts based on the qualitative approach of literature reviews on the relevant articles, books, statutes and cases. By having a standard operating procedure (SOP), qualified digital forensics experts and effective digital forensic tools and analysis, they can resolve the problems and subsequently results the authenticated digital forensics evidence.",24,5,1027,1032,Internet privacy; Possession (law); Statute; Digital data; Standard operating procedure; Digital evidence; Computer science; Process (engineering); Digital forensics,,,,,http://eprints.utm.my/id/eprint/91694/,http://dx.doi.org/10.37200/ijpr/v24i5/pr201776,,10.37200/ijpr/v24i5/pr201776,3016176875,,0,,0,false,,
026-411-888-259-98X,International aspects of migrating digital forensics in the cloud,2014-01-31,2014,journal article,Digital Evidence and Electronic Signature Law Review,20548508; 17564611,School of Advanced Study,Spain,John W. Bagby; Joseph J. Schwerha,"John W. Bagby and Joseph J. Schwerha examine the effect that ‘cloud’ computing has on digital forensics, and consider the burden on privacy, security and the development of forensic quality evidence, and suggest it is necessary to re-interpret procedural and evidence law to reduce the risk of injustice as cloud architectures evolve. Index words: digital forensics; cloud computing; international considerations; modification of metadata.",10,0,,,Cloud computing security; Injustice; Index (publishing); Quality (business); Computer security; Computer science; Cloud computing; Digital forensics; Metadata,,,,,https://sas-space.sas.ac.uk/5593/ https://journals.sas.ac.uk/deeslr/article/view/2026,http://dx.doi.org/10.14296/deeslr.v10i0.2026,,10.14296/deeslr.v10i0.2026,2062829935,,0,,0,true,cc-by-nc-nd,hybrid
026-502-915-614-734,Using mobile ad hoc networks to acquire digital evidence from remote autonomous agents,,2008,conference proceedings,,,,,Indrajit Ray; Nayot Poolsappasit,"In this work, we report on one aspect of an autonomous digital evidence acquisition system that we are developing. Many a times forensic investigators need to operate autonomous agents remotely to acquire digital evidence. These autonomous systems periodically upload the evidence to a remote central server using a mobile ad hoc network. In such cases, large pieces of information need to be fragmented and transmitted in an appropriate manner. To support proper forensic analysis three properties need to be ensured for each fragment of evidence - confidentiality during communication, authenticity and integrity of the data, and, most importantly, strong evidence of membership for fragments. Here, we describe the framework to provide these features that we have developed as part of a robot based system.",3,2,80,94,Autonomous agent; Mobile computing; Digital evidence; Computer network; Computer science; Autonomous system (Internet); Upload; Information needs; Mobile ad hoc network; Wireless ad hoc network,,,,,,,,,3022610816,,0,,0,false,,
026-510-318-976-518,Review of evidence analysis and reporting phases in digital forensics process,,2017,conference proceedings article,2017 International Conference on Computer Science and Engineering (UBMK),,IEEE,,Asaf Varol; Yesim Ulgen Sonmez,"This paper reviews digital forensic phases and problems in evidence analysis phase and smart methods in this area. Among these phases, studies on the evidence analysis phase are examined. In the analysis of electronic evidences, use of smart methods and their development will contribute to information technology law and improvement of digital forensic devices. Effective evidence analysis both provides easiness for digital forensic experts and helps jurists tor accurate decisions. In this paper, digital forensic process and smart methods used in evidence analysis are examined. This literature survey discussed which new methods can be added to this process.",,,923,928,Engineering; Data science; Digital forensic process; Literature survey; Evidence analysis; Computer security; Process (engineering); Computer forensics; Legal aspects of computing; Digital forensics; Information science,,,,,https://ieeexplore.ieee.org/document/8093563/,http://dx.doi.org/10.1109/ubmk.2017.8093563,,10.1109/ubmk.2017.8093563,2767129994,,0,014-767-056-602-687; 028-247-220-124-04X; 047-370-895-937-471; 053-344-396-276-136; 066-078-012-998-723; 089-125-626-038-560; 106-540-610-193-788; 163-877-074-795-849,6,false,,
026-535-638-457-216,Weighted Forensics Evidence Using Blockchain,2018-05-04,2018,conference proceedings article,Proceedings of the 2018 International Conference on Computing and Data Engineering,,ACM,,David Billard,"When digital evidence is presented in front of a court of law, it is seldom associated with a scientific evaluation of its relevance, or significance. When experts are challenged about the validity of the digital evidence, the general answer is ""yes, to a reasonable degree of scientific certainty"". Which means all and nothing at the same time, since no scientific metric is volunteered. In this paper we aim at providing courts of law with weighted digital evidence. Each digital evidence is assigned with a confidence rating that eventually helps juries and magistrates in their endeavor. This paper presents a novel methodology in order to: -Provide digital forensics experts with the ability to form a digital evidence chain, the Digital Evidence Inventory (DEI), in a way similar to an evidence ""block chain"", in order to capture evidence; -Give experts the ability to rate the level of confidence for each evidence in a Forensics Confidence Rating (FCR) structure; -Provide experts with a Global Digital Timeline (GDT) to order evidence through time. As a result, this methodology provides courts of law with sound digital evidences, having a confidence level expressed in metrics and ordered through a timeline. The objective of this work is to add a reliable pinch of scientific certainty when dealing with digital evidence.",,,57,61,Relevance (law); Metric (unit); Structure (mathematical logic); Data science; Order (business); Digital evidence; Computer science; Timeline; Certainty; Digital forensics,,,,,https://hesso.tind.io/record/2428 https://hesso.tind.io/record/2428/files/Billard_2018_weighted_forensics.pdf https://dl.acm.org/citation.cfm?id=3219792,http://dx.doi.org/10.1145/3219788.3219792,,10.1145/3219788.3219792,2810433542,,2,018-182-926-340-45X; 024-662-554-815-361; 090-363-713-682-863; 134-927-490-231-285,15,true,,green
026-595-091-625-611,Secure Storage Model for Digital Forensic Readiness,2022-01-01,2022,,IEEE Access,21693536,Institute of Electrical and Electronics Engineers,United States,Avinash Singh; Richard Adeyemi Ikuesan; Hein Venter,"Securing digital evidence is a key factor that contributes to evidence admissibility during digital forensic investigations, particularly in establishing the chain of custody of digital evidence. However, not enough is done to ensure that the environment and access to the evidence are secure. Attackers can go to extreme lengths to cover up their tracks, which is a serious concern to digital forensics – particularly digital forensic readiness. If an attacker gains access to the location where evidence is stored, they could easily alter the evidence (if not remove it altogether). Even though integrity checks can be performed to ensure that the evidence is sound, the collected evidence may contain sensitive information that an attacker can easily use for other forms of attack. To this end, this paper proposes a model for securely storing digital evidence captured pre- and post-incident to achieve reactive forensics. Various components were considered, such as integrity checks, environment sandboxing, strong encryption, two-factor authentication, as well as unique random file naming. A proof-of-concept tool was developed to realize this model and to prove its validity. A series of tests were conducted to check for system security, performance, and requirements validation, Overall, the results obtained showed that, with minimal effort, securing forensic artefacts is a relatively inexpensive and reliable feat. This paper aims to standardize evidence storage, practice high security standards, as well as remove the need to create new systems that achieve the same purpose.",,,1,1,Digital evidence; Computer science; Digital forensics; Computer security; Authentication (law); Computer forensics; Encryption; Key (lock); Network forensics,,,,,,,,,,,0,,0,true,"CC BY, CC BY-NC-ND",gold
026-766-854-469-439,Information Retrieval From Internet Applications For Digital Forensic,2012-08-31,2012,journal article,"International Journal of Security, Privacy and Trust Management",22775498,Academy and Industry Research Collaboration Center (AIRCC),,Ipsita Mohanty; R. Leela Velusamy,"Advanced internet technologies providing services like e-mail, social networking, online banking, online shopping etc., have made day-to-day activities simple and convenient. Increasing dependency on the internet, convenience, and decreasing cost of electronic devices have resulted in frequent use of online services. However, increased indulgence over the internet has also accelerated the pace of digital crimes. The increase in number and complexity of digital crimes has caught the attention of forensic investigators. The Digital Investigators are faced with the challenge of gathering accurate digital evidence from as many sources as possible. In this paper, an attempt was made to recover digital evidence from a system's RAM in the form of information about the most recent browsing session of the user. Four different applications were chosen and the experiment was conducted across two browsers. It was found that crucial information about the target user such as, user name, passwords, etc., was recoverable.",1,3,15,30,Internet privacy; Password; The Internet; World Wide Web; Forensic science; Session (web analytics); Digital evidence; Computer science; Digital forensics; Pace; Frequent use,,,,,https://arxiv.org/pdf/1209.3590 https://ui.adsabs.harvard.edu/abs/2012arXiv1209.3590M/abstract https://arxiv.org/abs/1209.3590 https://core.ac.uk/display/24765074 http://arxiv.org/abs/1209.3590,http://dx.doi.org/10.5121/ijsptm.2012.1302,,10.5121/ijsptm.2012.1302,2033633358; 3100770702,,0,016-926-540-950-809; 037-483-791-552-006; 038-668-970-194-854; 039-774-603-243-832; 068-383-476-721-435; 109-603-269-791-542; 120-462-880-448-150; 123-516-057-579-584; 134-181-885-341-288; 136-745-511-009-321; 171-637-120-942-780,3,true,,green
026-774-296-742-022,Integrated digital forensic process model,,2013,journal article,Computers & Security,01674048,Elsevier BV,United Kingdom,Michael Köhn; Mariki M. Eloff; Jan H. P. Eloff,"Digital forensics is an established research and application field. Various process models exist describing the steps and processes to follow during digital forensic investigations. During such investigations, it is not only the digital evidence itself that needs to prevail in a court of law; the process followed and terminology used should also be rigorous and generally accepted within the digital forensic community. Different investigators have been refining their own investigative methods, resulting in a variety of digital forensic process models. This paper proposes a standardized Digital Forensic Process Model to aid investigators in following a uniform approach in digital forensic investigations.",38,,103,115,Variety (cybernetics); Data science; Digital forensic process; Digital evidence; Computer security; Computer science; Process (engineering); Computer forensics; Process modeling; Digital forensics,,,,,https://repository.up.ac.za/handle/2263/41922 https://dl.acm.org/citation.cfm?id=2622894 http://dx.doi.org/10.1016/j.cose.2013.05.001 https://www.sciencedirect.com/science/article/pii/S0167404813000849 https://dblp.uni-trier.de/db/journals/compsec/compsec38.html#KohnEE13 https://repository.up.ac.za/bitstream/2263/25433/1/dissertation.pdf https://dl.acm.org/doi/10.1016/j.cose.2013.05.001,http://dx.doi.org/10.1016/j.cose.2013.05.001,,10.1016/j.cose.2013.05.001,2110760901,,0,002-495-833-326-831; 020-944-423-224-895; 021-486-901-460-202; 021-850-998-857-676; 026-893-174-649-526; 031-234-153-523-379; 032-697-093-668-898; 034-916-306-834-918; 035-464-818-494-517; 037-789-654-228-885; 041-100-433-941-603; 047-630-600-014-492; 050-513-243-638-138; 074-014-335-505-388; 085-214-277-668-01X; 087-665-408-966-240; 111-741-773-111-021; 133-508-126-407-763; 134-927-490-231-285; 138-097-495-143-351; 140-821-103-436-654; 157-954-859-648-506; 159-477-048-665-066; 170-299-458-679-224; 179-881-224-143-743; 184-948-841-629-735; 190-065-821-748-92X; 199-172-967-270-034; 199-745-676-923-766,110,true,,green
026-831-743-825-769,DEEP: Extending the Digital Forensics Process Model for Criminal Investigations,2020-08-10,2020,journal article,ATHENS JOURNAL OF SCIENCES,22418466,Athens Institute for Education and Research ATINER,,Jan Collie; Richard E. Overill,"The importance of high quality, reliable forensic analysis –an issue that is central to the delivery of justice– has become a topic for marked debate with scientists, specialists and government bodies calling for improved standards and procedures. At the same time, Law Enforcement agencies are under pressure to cut the cost of criminal investigations. The detrimental impact that this has had on all forensic disciplines has been noted internationally, with the UK’s House of Lords warning that if the trend continues, crimes could go unsolved and miscarriages of justice may increase. The pivotal role that digital forensics plays in investigating and solving modern crimes is widely acknowledged: in Britain, the police estimate it features in 90% of cases. In fact, today’s law enforcement officers play a key part in the recovery, handling and automated processing of digital devices yet they are often poorly trained to do so. They are also left to interpret outputs, with the results being presented in court. This, it is argued, is a dangerous anomaly and points to a significant gap in the current, four-stage digital forensics process model (DFPM). This paper presents an extension to that model, the Digital Evidence Enhanced Process (DEEP), with the aim of fine-tuning the mechanism and ensuring that all digital evidence is scrutinised by a qualified digital forensics analyst. The consequence of adopting DEEP in actual criminal investigations will be to ensure that all digital evidence is analysed and evaluated to the highest professional and technical competency standards, resulting in the enhanced reliability of digital evidence presented in court which will serve the cause of justice in terms of reduced instances of associated unsafe convictions and/or unjustified exculpations.",7,4,225,240,Criminal investigation; Government; Political science; Justice (ethics); Quality (business); Law enforcement; Digital evidence; Public relations; Process (engineering); Digital forensics,,,,,http://oro.open.ac.uk/72738/ https://core.ac.uk/download/337616554.pdf,http://dx.doi.org/10.30958/ajs.7-4-3,,10.30958/ajs.7-4-3,3047867809,,0,000-659-280-122-390; 009-512-003-529-193; 010-963-610-208-920; 058-052-081-943-595; 061-269-967-405-492; 074-014-335-505-388; 075-529-701-912-32X; 090-752-043-508-733; 102-243-142-344-71X; 126-591-597-706-715,0,true,cc-by-nc,green
026-836-874-575-053,Analisis Forensik Solid State Drive (SSD) Menggunakan Framework Rapid Response,2019-10-08,2019,journal article,Jurnal Teknologi Informasi dan Ilmu Komputer,25286579; 23557699,Fakultas Ilmu Komputer Universitas Brawijaya,,Mahfudl Nasrulloh; Sunardi Sunardi;  Riadi,"Teknologi komputer pada empat tahun terahir ini mengalami perkembangan yang pesat. Bersamaan dengan itu juga berdampak negatif salah satunya adalah berupa kejahatan komputer. Kejahatan komputer akan meninggalkan jejak aktivitas kejahatan, maka perlu dilakukan analisa dengan ilmu dan metode forensik untuk mendapatkan barang bukti. Bagaimana jika terjadi kejahatan komputer pada media penyimpanan komputer berjenis non-volatile memory dan dilakukan secara live forensik . Pada penelitian ini dilakukan proses forensik pada Solid State Drive (SSD) dengan framework Grr Rapid Response pada kasus kehilangan data (lost data) suatu organisasi. Langkah kerja forensik mengimplementasikan dari National Institute of Standards Technology (NIST). Framework Grr Rapid Response digunakan untuk memberikan tanggapan terhadap insiden forensik digital yang difokuskan pada lingkungan forensik jarak jauh, f ramework ini berbasis arsitektur client server . Hasil penelitian ini menunjukkan langkah kerja forensik NIST dapat diimplementasikan pada proses pengambilan bukti digital dengan metode akuisisi secara live forensik,  kemampuan tool forensik pada proses eksaminasi Grr Rapid Response pada Workstation ( Client Grr) dengan media simpan SSD , bukti digital dapat ditemukan dan dikembalikan. Bukti digital yang dapat dikembalikan berupa file dokumen, dan hasil validasi pada bukti digital tersebut memiliki nilai hash yang sama dari dua algoritma validasi bukti digital yang diimplementasikan, MD5 dan SHA-1. Sehingga hasil integritas dari dokumen tersebut menunjukkan bahwa bukti digital tersebut identik. Abstract Computer technology in the last four years has experienced rapid development. At the same time, it also has a negative impact, one of which is a computer crime. Computer crime will leave traces of criminal activity, so it is necessary to analyze with forensic science and methods to obtain evidence. What if there is a computer crime on a computer storage medium of a type of non-volatile memory and carried out live forensics In this study a forensic process on Solid State Drive (SSD) was carried out with the Grr Rapid Response framework for lost data in an organization. The forensic work step is implemented from the National Institute of Standards Technology (NIST). The Grr Rapid Response Framework is used to provide responses to incidents of digital forensics focused on remote forensic environments, this framework is based on a client server architecture. The results of this study indicate that NIST's forensic work steps can be implemented in the process of taking digital evidence with live forensic acquisition methods, the ability of forensic tools in the Grr Rapid Response examination process on Workstations (Client Grr) with SSD storage media, digital evidence can be found and returned. Digital evidence that can be returned is a document file, and the results of the validation of digital evidence have the same hash value from the two digital proof validation algorithms implemented, MD5 and SHA-1. So the results of the integrity of the document so that the digital evidence is identical.",6,5,509,518,,,,,,https://jtiik.ub.ac.id/index.php/jtiik/article/view/1516 https://www.mendeley.com/catalogue/025f2922-94c3-3caf-888e-7e4537f49d54/ https://jtiik.ub.ac.id/index.php/jtiik/article/download/1516/pdf https://core.ac.uk/download/pdf/290148872.pdf,http://dx.doi.org/10.25126/jtiik.2019651516,,10.25126/jtiik.2019651516,2979886871,,0,,1,true,cc-by-sa,gold
027-130-036-194-501,SIGITE - Project Design and Implementation for Digital Forensics Education,2019-09-26,2019,conference proceedings article,Proceedings of the 20th Annual SIG Conference on Information Technology Education,,ACM,,Xinli Wang; Yan Bai; Bryan Goda,"As with other disciplines in cybersecurity, hands-on activities are an important component in digital forensics education to help students gain better understanding of basic concepts and knowledge presented in class lectures. While these lab activities are helpful for students to learn how to use software and hardware forensic tools, it is hard to help students gain problem-solving and analytic skills and other experiences that are needed to conduct digital forensic investigation in real-world. In our digital forensic courses, we have been using course projects as a means to help students develop their skills for identifying, locating, preserving, recovering, examining, analyzing and presenting electronic evidence associated with a case of digital forensic investigation. Student's feedback is positive and the educational outcome is promising. In this paper, we present the idea to design and implement a course project to achieve specified educational objectives for a digital forensic course. Example projects finished by students are introduced to show the major activities to complete a project. Experience, lessons and feedback from students are discussed. Our results will provide a point of reference for those who teach a digital forensics course at a college or university, or are developing a digital forensic curriculum.",,,33,38,Engineering management; Analytical skill; Point (typography); Class (computer programming); Software; Project design; Computer science; Curriculum; Component (UML); Digital forensics,,,,,https://doi.org/10.1145/3349266.3351402 https://dl.acm.org/doi/pdf/10.1145/3349266.3351402 https://digitalcommons.tacoma.uw.edu/tech_pub/368/ https://dblp.uni-trier.de/db/conf/sigite/sigite2019.html#WangBG19,http://dx.doi.org/10.1145/3349266.3351402,,10.1145/3349266.3351402,3163846394,,0,000-732-818-777-187; 002-394-064-191-051; 004-190-067-200-599; 004-652-388-189-304; 004-916-146-042-728; 004-935-188-787-369; 005-219-869-122-652; 005-733-361-126-371; 009-284-801-057-774; 012-314-515-683-048; 012-806-731-619-471; 014-261-775-435-338; 014-425-849-204-654; 018-620-335-450-996; 018-771-901-434-754; 022-694-669-764-676; 028-791-111-740-475; 029-537-963-034-821; 036-336-534-671-999; 038-875-969-940-882; 039-860-034-656-047; 053-960-116-064-016; 077-639-397-478-775; 085-282-482-169-660; 090-971-496-143-765; 094-090-548-568-403; 096-838-446-149-582; 102-679-985-151-761; 105-075-525-082-461; 106-215-046-097-04X; 136-872-921-499-96X; 167-592-705-831-583; 168-476-681-195-292; 185-949-458-116-567,3,false,,
027-422-777-459-516,Digital forensics analysis for data theft,2015-12-27,2015,,,,,,P. S. Lokhande; Bandu B. Meshram,"Cyber Criminals are using various techniques to attack on computing systems. Not only the professionally Cyber Criminals but also white collar IT employees are also involved in the valuable data theft. Some of the motives behind the data theft are revenge on employer, higher pay offered by a competitor company, or selling valuable data, etc. This work gives step by step approach implemented to extract the digital evidence from the computing systems of employee by whom the data theft is made. The employee used the Windows operating systems and the data in MS word format and excel format was sent to the competitor company by email and the data was also copied from the computer to the pen drive of the employee and then it was deleted from the company's computer. The extensive literature survey is made on Digital Forensic Analysis Process, Digital Forensic Model and various tools and hardware required for forensic set up. We have simulated the investigation process to get the evidence from the suspected employee's computer.",,,,,Engineering; Work (electrical); Set (abstract data type); Data theft; Digital evidence; Literature survey; Computer security; Process (engineering); Word (computer architecture); Digital forensics,,,,,http://aiktcdspace.org:8080/jspui/bitstream/123456789/1491/1/Brazil%20journal%20V10N1-PP04-data-forensic.pdf,http://aiktcdspace.org:8080/jspui/bitstream/123456789/1491/1/Brazil%20journal%20V10N1-PP04-data-forensic.pdf,,,2274088838,,0,022-455-280-454-911; 081-520-369-527-02X,0,false,,
027-464-280-141-196,Digital Evidence Collection,2022-08-30,2022,book chapter,Manual of Crime Scene Investigation,,CRC Press,,Chintan Singh; Harshita Tara; Amarnath Mishra,"Computer forensics is a digital forensic division that basically deals with crimes that have been committed across various computing devices such as networks, computers, digital storage media etc. It mainly refers to a set of different methodological procedures and techniques to identify, gather, preserve, extract, interpret, document, and present the evidences from the computing equipment in such a manner that the discovered evidence/equipment is acceptable in the court of law. This chapter inspects the origin of science and scientific methods to shape the core premises for setting up measures to evaluate digital forensic as a science and hence justifying the use of digital forensic tools and their feasibility towards cybercrime. This chapter also describes the working framework of different sectors of digital forensics and their challenges while analyzing cybercrime cases. Described controlled frameworks have the potential to minimize the error and challenges in digital forensics and their various categories.",,,145,156,Cybercrime; Digital forensics; Computer forensics; Digital evidence; Computer science; Set (abstract data type); Data science; Computer security,,,,,,http://dx.doi.org/10.4324/9781003129554-9,,10.4324/9781003129554-9,,,0,,0,false,,
027-576-549-195-063,ADOPTABILITY MODEL FOR DIGITAL FORENSIC EVIDENCE IN KENYA,2018-10-01,2018,dissertation,,,,,Chepkwony Joyce Chepkemoi,,,,,,Engineering; Data science; Digital forensics,,,,,,,,,3119107698,,0,002-003-210-179-915; 005-515-442-506-880; 005-997-056-658-776; 006-021-083-517-495; 009-885-874-541-907; 009-938-574-961-754; 015-538-032-652-644; 017-616-094-974-749; 018-552-581-098-658; 019-831-293-743-518; 025-308-544-437-672; 027-167-245-337-491; 036-105-219-002-383; 037-483-791-552-006; 038-668-970-194-854; 039-627-889-157-293; 043-069-596-469-868; 044-274-107-809-614; 049-019-452-804-367; 052-783-938-076-074; 055-167-931-095-336; 060-330-965-949-799; 062-121-021-285-333; 075-768-712-488-657; 077-314-954-898-241; 083-862-228-169-655; 088-432-955-424-693; 094-058-992-093-766; 102-117-623-922-990; 103-473-343-952-893; 113-691-446-842-345; 116-288-436-546-314; 116-362-801-196-379; 119-385-247-230-234; 120-697-354-224-33X; 120-753-186-411-42X; 125-772-157-281-617; 134-927-490-231-285; 135-438-805-236-400; 136-672-322-674-141; 141-810-575-592-586; 142-873-137-930-615; 144-124-797-675-052; 159-350-316-601-037; 166-842-256-824-283; 173-779-991-377-816; 178-883-713-153-793; 181-381-331-737-839; 182-848-793-036-01X; 188-116-516-971-901; 191-014-103-069-742; 197-704-009-248-599; 199-745-676-923-766,0,false,,
027-658-395-615-692,OpenLV: Empowering investigators and first-responders in the digital forensics process,,2014,journal article,Digital Investigation,17422876,Elsevier BV,Netherlands,Timothy Vidas; Brian Kaplan; Matthew K. Geiger,"Abstract The continuing decline in the cost-per-megabyte of hard disk storage has inevitably led to a ballooning volume of data that needs to be reviewed in digital investigations. The result: case backlogs that commonly stretch for months at forensic labs, and per-case processing that occupies days or weeks of analytical effort. Yet speed is critical in situations where delay may render the evidence useless or endanger personal safety, such as when a suspect may flee, a victim is at risk, criminal tactics or control infrastructure may change, etc. In these and other cases, investigators need tools to enable quick triage of computer evidence in order to answer urgent questions, maintain the pace of an investigation and assess the likelihood of acquiring pertinent information from the device. This paper details the design and application of a tool, OpenLV, that not only meets the needs for speedy initial triage, but also can facilitate the review of digital evidence at later stages of investigation. With OpenLV, an investigator can quickly and safely interact with collected evidence, much as if they had sat down at the computer at the time the evidence was collected. Since OpenLV works without modifying the evidence, its use in triage does not preclude subsequent, in-depth forensic analysis. Unlike many popular forensics tools, OpenLV requires little training and facilitates a unprecedented level of interaction with the evidence.",11,,S45,S53,First responder; Triage; Pace; Suspect; Digital evidence; Computer security; Computer science; Process (engineering); Virtualization; Digital forensics,,,,,https://www.sciencedirect.com/science/article/pii/S1742287614000115#! https://doi.org/10.1016/j.diin.2014.03.006 https://users.ece.cmu.edu/~tvidas/papers/DFRWSEU14.pdf https://www.sciencedirect.com/science/article/pii/S1742287614000115 https://core.ac.uk/display/82096948 https://core.ac.uk/download/pdf/82096948.pdf,http://dx.doi.org/10.1016/j.diin.2014.03.006,,10.1016/j.diin.2014.03.006,2059636126,,0,002-633-789-384-681; 004-260-804-798-107; 020-944-423-224-895; 032-286-659-568-014; 037-483-791-552-006; 038-668-970-194-854; 039-166-557-492-520; 047-630-600-014-492; 049-146-576-773-816; 049-313-374-093-607; 067-987-558-984-619; 081-458-407-971-603; 092-058-232-746-872; 094-295-279-676-447; 102-822-532-339-461; 142-884-607-464-932; 153-153-144-072-106; 167-592-705-831-583; 199-745-676-923-766,19,true,cc-by-nc-nd,hybrid
027-808-234-888-72X,An Approach for Validation of Digital Anti-Forensic Evidence,,2011,journal article,Information Security Journal: A Global Perspective,19393555; 19393547,Informa UK Limited,United Kingdom,Karthikeyan Shanmugam; Roger Powell; Thomas Owens,"e-crime is increasing and e-criminals are becoming better at masking their activities. The task of forensic data analysis is becoming more difficult and a systematic approach towards evidence validation is necessary. With no standard validation framework, the skills and interpretation of forensic examiners are unchecked. Standard practices in forensics have emerged in recent years, but none has addressed the development of a model of valid digital evidence. Various security and forensic models exist, but they do not address the validity of the digital evidence collected. Research has addressed the issues of validation and verification of forensic software tools but failed to address the validation of forensic evidence. The forensic evidence collected using forensic software tools can be questioned using an anti-forensic approach. The research presented in this paper is not intended to question the skills of forensic examiners in using forensic software tools but rather to guide forensic examiners to look at evidence in an anti-forensic way. This paper proposes a formal procedure to validate evidence of computer crime.",20,4,219,230,Forensic science; Data science; Software; Task (project management); Digital evidence; Computer security; Computer science; Masking (Electronic Health Record); Computer forensics,,,,,https://www.tandfonline.com/doi/full/10.1080/19393555.2011.604667 https://dblp.uni-trier.de/db/journals/isjgp/isjgp20.html#ShanmugamPO11 https://dl.acm.org/doi/10.1080/19393555.2011.604667,http://dx.doi.org/10.1080/19393555.2011.604667,,10.1080/19393555.2011.604667,1972019064,,0,007-532-413-242-967; 027-832-300-612-191; 037-423-792-391-123; 047-101-175-100-694; 050-044-888-092-612; 055-590-023-850-939; 062-049-901-374-904; 062-217-186-853-075; 078-598-867-814-365; 085-092-969-969-072; 118-969-096-928-979; 131-161-724-039-419; 136-745-511-009-321; 145-002-823-706-838; 161-074-241-095-611; 182-962-922-039-081; 192-741-199-953-58X,6,false,,
028-034-242-516-483,The Forensic Curator: Digital Forensics as a Solution to Addressing the Curatorial Challenges Posed by Personal Digital Archives,2012-10-23,2012,journal article,International Journal of Digital Curation,17468256,Edinburgh University Library,,Gareth Knight,"The growth of computing technology during the previous three decades has resulted in a large amount of content being created in digital form. As their creators retire or pass away, an increasing number of personal data collections, in the form of digital media and complete computer systems, are being offered to the academic institutional archive. For the digital curator or archivist, the handling and processing of such digital material represents a considerable challenge, requiring development of new processes and procedures. This paper outlines how digital forensic methods, developed by the law enforcement and legal community, may be applied by academic digital archives. It goes on to describe the strategic and practical decisions that should be made to introduce forensic methods within an existing curatorial infrastructure and how different techniques, such as forensic hashing, timeline analysis and data carving, may be used to collect information of a greater breadth and scope than may be gathered through manual activities.",7,2,40,63,World Wide Web; Digital media; Carving; Archivist; Law enforcement; Scope (project management); Computer science; Timeline; Computer forensics; Digital forensics,,,,,https://doi.org/10.2218/ijdc.v7i2.228 https://researchonline.lshtm.ac.uk/id/eprint/2192853/ http://doi.org/10.2218/ijdc.v7i2.228 https://core.ac.uk/display/42633111 http://www.ijdc.net/article/view/218 https://paperity.org/p/275612301/the-forensic-curator-digital-forensics-as-a-solution-to-addressing-the-curatorial https://dblp.uni-trier.de/db/journals/ijdc/ijdc7.html#Knight12a https://core.ac.uk/download/42633111.pdf,http://dx.doi.org/10.2218/ijdc.v7i2.228,,10.2218/ijdc.v7i2.228,2127988978,,0,019-698-064-288-240; 032-192-641-675-455; 037-647-066-964-858; 038-668-970-194-854; 061-326-248-978-030; 089-550-797-690-956; 132-355-634-397-986; 142-884-607-464-932; 164-812-767-509-816; 170-299-458-679-224; 182-420-694-496-099,2,true,cc-by,gold
028-180-038-189-484,Digital Forensics and Cyber Crime Datamining,,2012,journal article,Journal of Information Security,21531234; 21531242,"Scientific Research Publishing, Inc.",,K. K. Sindhu; Bandu B. Meshram,"Digital forensics is the science of identifying, extracting, analyzing and presenting the digital evidence that has been stored in the digital devices. Various digital tools and techniques are being used to achieve this. Our paper explains forensic analysis steps in the storage media, hidden data analysis in the file system, network forensic methods and cyber crime data mining. This paper proposes a new tool which is the combination of digital forensic investigation and crime data mining. The proposed system is designed for finding motive, pattern of cyber attacks and counts of attacks types happened during a period. Hence the proposed tool enables the system administrators to minimize the system vulnerability.",3,3,196,201,Data mining; File system; Digital evidence; Hidden data; Cyber crime; Digital forensic investigation; Computer security; Computer science; Computer forensics; Digital forensics; Vulnerability (computing),,,,,http://doi.org/10.4236/jis.2012.33024 http://dx.doi.org/10.4236/jis.2012.33024 https://doi.org/10.4236/jis.2012.33024 https://file.scirp.org/Html/3-7800083_21340.htm https://m.scirp.org/papers/21340 https://www.scirp.org/Journal/PaperInformation.aspx?paperID=21340 https://file.scirp.org/pdf/JIS20120300002_13729911.pdf https://www.scirp.org/Journal/PaperDownload.aspx?paperID=21340 http://www.scirp.org/Journal/PaperInformation.aspx?paperID=21340 https://dblp.uni-trier.de/db/journals/jisec/jisec3.html#SindhuM12,http://dx.doi.org/10.4236/jis.2012.33024,,10.4236/jis.2012.33024,1982246970,,0,007-832-595-971-443; 019-698-064-288-240; 055-425-122-624-954; 085-214-277-668-01X; 101-944-590-282-271; 117-626-618-645-095; 136-947-053-479-806; 139-567-850-350-938; 159-584-170-360-868; 177-597-414-067-285,28,true,,gold
028-270-938-839-090,Handbook of Digital Forensics of Multimedia Data and Devices - Standards and Best Practices in Digital and Multimedia Forensics,2015-12-18,2015,book chapter,Handbook of Digital Forensics of Multimedia Data and Devices,,"John Wiley & Sons, Ltd",,Shujun Li; Mandeep K. Dhami; Anthony T. S. Ho,"The chapter is organized as follows. In the next section we will give an overview of most important standards and best practice guides covered in this chapter, in order to show a big picture of what has been happening in this space since the early 1990s when electronic evidence started becoming an important area for law enforcement and forensic practitioners to look at seriously. This section will give a complete list of all; standards and best practice guides covered in this chapter. After the overview a number of sections are dedicated to different groups of standards and best practice guides according to their contents: Section 2.3 covers electronic evidence and digital forensics in general, Section 2.4 focuses on multimedia evidence and multimedia forensics, Section 2.5 looks at digital forensics laboratory accreditation, Section 2.6 focuses on general quality assurance (management) procedures important for digital forensics laboratories, and finally Section 2.7 covers training, education and certification. The last section concludes this chapter with a summary of existing standards and best practices and also future trends.",,,38,93,Quality assurance; Engineering; Best practice; Section (typography); Law enforcement; Multimedia forensics; Certification; Multimedia; Engineering ethics; Accreditation; Digital forensics,,,,,http://ieeexplore.ieee.org/xpl/articleDetails.jsp?tp=&arnumber=7394744& https://onlinelibrary.wiley.com/doi/pdf/10.1002/9781118705773.ch2 http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7394744tp=&arnumber=7394744& https://eprints.mdx.ac.uk/16055/ https://core.ac.uk/display/82952025 https://epubs.surrey.ac.uk/840244/ https://surrey.eprints-hosting.org/840244/ https://ieeexplore.ieee.org/document/7394744,http://dx.doi.org/10.1002/9781118705773.ch2,,10.1002/9781118705773.ch2,1891539936,,0,000-225-165-729-99X; 004-441-167-148-170; 014-326-501-762-141; 019-698-064-288-240; 029-632-996-742-459; 035-898-815-030-977; 067-938-325-014-282; 071-893-289-016-173; 075-803-590-008-037; 083-463-305-163-014; 096-629-055-859-535; 098-857-083-857-534; 106-885-306-836-498; 107-328-266-312-60X; 118-722-872-870-470; 122-880-373-616-302; 133-481-090-925-931; 154-433-934-437-766; 159-876-071-419-312; 173-034-553-635-460; 175-390-273-605-893; 179-503-171-644-756; 181-008-425-506-841; 186-277-076-071-41X,0,false,,
028-388-674-583-987,IFIP Int. Conf. Digital Forensics - Countering Hostile Forensic Techniques,,2006,book chapter,IFIP Advances in Information and Communication Technology,18684238; 1868422x,Springer New York,Germany,Scott Piper; Mark Davis; Sujeet Shenoi,"Digital forensic investigations can be subverted by hostile forensic techniques and tools. This paper examines various hostile forensic techniques, including the exploitation of vulnerabilities in standard forensic procedures and denial of service attacks on forensic tools during imaging and analysis. Several techniques for concealing evidence within file systems and external to file systems are highlighted. In addition, strategies for countering hostile forensic techniques and tools are discussed.",222,,79,90,Internet privacy; Forensic science; Computer security; Denial-of-service attack; Computer science; Digital forensics,,,,,https://link.springer.com/chapter/10.1007/0-387-36891-4_7 https://rd.springer.com/chapter/10.1007%2F0-387-36891-4_7 https://dblp.uni-trier.de/db/conf/ifip11-9/df2006.html#PiperDS06 http://ui.adsabs.harvard.edu/abs/2006adf..book...79P/abstract https://link.springer.com/content/pdf/10.1007%2F0-387-36891-4_7.pdf,http://dx.doi.org/10.1007/0-387-36891-4_7,,10.1007/0-387-36891-4_7,1499511950,,0,013-246-076-655-612; 037-033-888-832-030; 037-987-418-063-510; 043-558-435-836-556; 055-292-779-360-918; 085-214-277-668-01X; 091-179-859-192-169; 140-821-103-436-654,5,true,,bronze
028-399-721-856-065,Digital evidence exceptionalism? A review and discussion of conceptual hurdles in digital evidence transformation.,2020-08-28,2020,journal article,Forensic science international. Synergy,2589871x,Elsevier BV,Netherlands,Alex Biedermann; Kyriakos N. Kotsoglou,"Forensic science is currently undergoing a transformation and expansion to include modern types of evidence, such as evidence generated by digital investigations. This development is said to raise a series of challenges, both in operational and conceptual dimensions. This paper reviews and discusses a series of convoluted conceptual hurdles that are encountered in connection with the use of digital evidence as part of evidence and proof processes at trial, in contradistinction to investigative uses of such types of evidence. As a recent example raising such hurdles, we analyse and discuss assertions and proposals made in the article ""Digital Evidence Certainty Descriptors (DECDs)"" by Graeme Horsman (32 Forensic Science International: Digital Investigation (2020) 200896).",2,,262,274,Political science; Exceptionalism; Digital evidence; Weight of evidence; Engineering ethics; Certainty,Digital evidence; Evaluative reporting; Probability; Weight of evidence,,,Schweizerischer Nationalfonds zur Förderung der Wissenschaftlichen Forschung,https://www.ncbi.nlm.nih.gov/pubmed/32944711 https://serval.unil.ch/resource/serval:BIB_2D70F52A6C50.P001/REF.pdf https://pubmed.ncbi.nlm.nih.gov/32944711/ https://serval.unil.ch/en/notice/serval:BIB_2D70F52A6C50 https://researchportal.northumbria.ac.uk/en/publications/digital-evidence-exceptionalism-a-review-and-discussion-of-concep https://www.sciencedirect.com/science/article/pii/S2589871X2030053X https://core.ac.uk/download/334593742.pdf,http://dx.doi.org/10.1016/j.fsisyn.2020.08.004,32944711,10.1016/j.fsisyn.2020.08.004,3081942181,PMC7481130,0,000-178-375-284-248; 000-680-610-076-187; 001-794-049-244-772; 004-244-530-471-560; 007-545-564-801-255; 009-803-691-567-926; 013-430-618-958-58X; 014-401-428-086-120; 015-238-949-406-002; 016-976-912-187-206; 017-053-145-452-574; 017-532-588-960-752; 017-646-033-380-522; 017-676-770-095-833; 020-867-396-119-347; 022-799-618-827-180; 026-831-936-435-919; 026-943-588-349-358; 028-568-241-747-171; 030-561-874-846-524; 031-488-685-515-070; 038-406-981-485-542; 038-927-473-835-01X; 040-382-558-131-008; 043-832-112-590-677; 044-895-263-937-02X; 046-469-721-997-646; 049-861-007-939-866; 055-601-228-676-162; 056-285-104-372-145; 058-717-000-287-105; 060-224-586-183-448; 060-336-293-255-723; 064-107-009-692-27X; 073-790-480-897-758; 076-459-003-064-111; 079-046-994-186-390; 079-152-497-703-763; 081-453-315-841-69X; 085-370-444-410-812; 086-687-838-854-880; 088-306-589-450-500; 089-973-732-045-205; 093-053-768-366-548; 096-423-057-147-490; 099-407-105-258-080; 101-549-415-202-81X; 101-660-041-166-10X; 105-127-902-669-64X; 111-590-691-227-607; 117-555-147-368-574; 119-850-082-064-135; 146-400-282-561-102; 151-795-409-748-215; 152-902-067-717-677; 155-902-134-782-014; 159-382-983-272-683; 163-535-540-190-872; 173-145-269-859-717; 190-320-022-663-482,3,true,"CC BY, CC BY-NC-ND",gold
028-718-136-874-911,What Is Cybercrime,2017-09-28,2017,book chapter,Guide to Digital Forensics,21915768; 21915776,Springer International Publishing,,Joakim Kävrestad,"Computer forensic experts are commonly faced with the misconception that they work primarily on cybercrimes. The reality is quite opposite, namely that digital forensics is of importance in pretty much every possible type of crime ranging from computer intrusions to theft. This chapter provides a discussion on what cybercrime is, from the author’s perspective. But more importantly, this chapter gives the reader a presentation on how and in what cases digital evidence can be of use during criminal investigations. The aim of the chapter is to make the reader understand that in the modern world, we leave digital traces almost all the time. We may not always be aware of this fact, but knowing and understanding how digital traces are left behind is of great importance for a computer forensic expert. For instance, even if a criminal is conducting a crime without so much as looking at her phone or computer, chances are that she is a using chat client to talk to some friend about what she did. This action can leave incriminating evidence that can be valuable in court.",,,9,11,Internet privacy; Criminal investigation; Perspective (graphical); Presentation; Action (philosophy); Phone; Cybercrime; Digital evidence; Computer science; Digital forensics,,,,,https://link.springer.com/chapter/10.1007/978-3-319-67450-6_2 https://rd.springer.com/chapter/10.1007/978-3-319-67450-6_2,http://dx.doi.org/10.1007/978-3-319-67450-6_2,,10.1007/978-3-319-67450-6_2,2759161926,,0,070-429-471-311-739; 184-128-952-810-429,0,false,,
028-874-299-732-939,A Proposed Digital Forensics Business Model to Support Cybercrime Investigation in Indonesia,2015-10-08,2015,journal article,International Journal of Computer Network and Information Security,20749090; 20749104,MECS Publisher,,Yudi Prayudi; Ahmad Ashari; Tri Kuntoro Priyambodo,"Digital forensics will always include at least human as the one who performs activities, digital evidence as the main object, and process as a reference for the activities followed. The existing framework has not provided a description of the interaction between human, interaction between human and digital evidence, as well as interaction between human and the process itself. A business model approach can be done to provide the idea regarding the interaction in question. In this case, what has been generated by the author in the previous study through a business model of the digital chain of custody becomes the first step in constructing a business model of a digital forensics. In principle, the proposed business model already accommodates major components of digital forensics (human, digital evidence, process) and also considers the interactions among the components. The business model suggested has contained several basic principles as described in The Regulation of Chief of Indonesian National Police (Perkap) No 10/2010. This will give support to law enforcement to deal with cybercrime cases that are more frequent and more sophisticated, and can be a reference for each institution and organization to implement digital forensics activities.",7,11,1,8,Chain of custody; Cybercrime; Law enforcement; Digital evidence; Computer security; Computer science; Business model; Process (engineering); Computer forensics; Digital forensics,,,,,http://www.mecs-press.org/ijcnis/ijcnis-v7-n11/IJCNIS-V7-N11-1.pdf http://www.mecs-press.org/ijcnis/ijcnis-v7-n11/v7n11-1.html,http://dx.doi.org/10.5815/ijcnis.2015.11.01,,10.5815/ijcnis.2015.11.01,2106442285,,0,004-872-169-627-620; 020-944-423-224-895; 025-697-732-683-864; 026-774-296-742-022; 029-043-587-641-360; 035-565-993-122-262; 038-668-970-194-854; 040-772-996-011-165; 045-458-395-510-15X; 066-219-211-495-201; 067-950-012-629-210; 068-199-942-987-426; 074-059-805-644-745; 074-869-044-681-879; 078-730-781-174-18X; 079-608-463-065-647; 082-073-790-023-516; 093-778-033-321-400; 094-014-111-514-467; 097-475-798-512-089; 109-480-920-508-017; 111-090-978-711-139; 124-066-378-359-073; 125-384-800-661-375; 133-397-275-695-990; 134-927-490-231-285; 170-299-458-679-224; 192-955-966-543-738; 199-745-676-923-766,17,true,,bronze
028-880-210-585-719,Comparative analysis of Forensic Tools on Twitter applications using the DFRWS method,2020-10-30,2020,journal article,Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi),25800760,Ikatan Ahli Informatika Indonesia (IAII),,Ikhsan Zuhriyanto; Anton Yudhana;  Riadi,"Current crime is increasing, one of which is the crime of using social media, although no crime does not leave digital evidence. Twitter application is a social media that is widely used by its users. Acts of crime such as fraud, insults, hate speech, and other crimes lately use many social media applications, especially Twitter. This research was conducted to find forensic evidence on the social media Twitter application that is accessed using a smartphone application using the Digital Forensics Research Workshop (DFRWS) method. These digital forensic stages include identification, preservation, collection, examination, analysis, and presentation in finding digital evidence of crime using the MOBILedit Forensic Express software and Belkasoft Evidence Center. Digital evidence sought on smartphones can be found using case scenarios and 16 variables that have been created so that digital proof in the form of smartphone specifications, Twitter accounts, application versions, conversations in the way of messages and status. This study's results indicate that MOBILedit Forensic Express digital forensic software is better with an accuracy rate of 85.75% while Belkasoft Evidence Center is 43.75%.",4,5,829,836,Internet privacy; Forensic science; Presentation; Software; Digital evidence; Computer science; Social media; Mobile device forensics; Identification (information); Digital forensics,,,,,https://jurnal.iaii.or.id/index.php/RESTI/article/download/2152/310 http://jurnal.iaii.or.id/index.php/RESTI/article/view/2152,http://dx.doi.org/10.29207/resti.v4i5.2152,,10.29207/resti.v4i5.2152,3096850422,,0,,0,true,cc-by,gold
029-025-221-262-260,IFIP Int. Conf. Digital Forensics - EVALUATION OF THE SEMI-AUTOMATED CRIME-SPECIFIC DIGITAL TRIAGE PROCESS MODEL,,2013,book chapter,Advances in Digital Forensics IX,18684238; 1868422x,Springer Berlin Heidelberg,Germany,Gary D Cantrell; David A. Dampier,"The digital forensic process as traditionally laid out is very time intensive – it begins with the collection, duplication and authentication of every piece of digital media prior to examination. Digital triage, a process that takes place prior to this standard methodology, can be used to speed up the process and provide valuable intelligence without subjecting digital evidence to a full examination. This quick intelligence can be used in the field for search and seizure guidance, in the office to determine if media is worth sending out for an examination, or in the laboratory to prioritize cases for analysis. For digital triage to become accepted by the forensic community, it must be modeled, tested and peer reviewed, but there have been very few attempts to model digital triage. This work describes the evaluation of the Semi-Automated Crime-Specific Digital Triage Process Model, and presents the results of five experimental trials.",,,83,98,Authentication (law); Digital media; Data science; Digital forensic process; Triage; Digital evidence; Field (computer science); Computer security; Computer science; Process (engineering); Search and seizure,,,,,https://hal.inria.fr/hal-01460622/document https://hal.archives-ouvertes.fr/hal-01460622v1 https://link.springer.com/chapter/10.1007/978-3-642-41148-9_6 https://dblp.uni-trier.de/db/conf/ifip11-9/df2013.html#CantrellD13 https://hal.inria.fr/IFIP-AICT-410/hal-01460622 https://rd.springer.com/chapter/10.1007/978-3-642-41148-9_6 https://link.springer.com/content/pdf/10.1007%2F978-3-642-41148-9_6.pdf,http://dx.doi.org/10.1007/978-3-642-41148-9_6,,10.1007/978-3-642-41148-9_6,2231579286,,0,002-449-146-256-491; 002-495-833-326-831; 007-959-573-365-504; 020-944-423-224-895; 031-522-316-310-252; 032-697-093-668-898; 040-393-580-637-973; 041-561-245-686-942; 047-630-600-014-492; 062-217-186-853-075; 139-495-561-188-858; 140-821-103-436-654; 184-948-841-629-735; 199-745-676-923-766,3,true,cc-by,green
029-051-761-190-391,Mitigating security Risks Using Belkasoft Evidence Center,2020-08-01,2020,journal article,Digital Forensics (4n6) Journal,25821172,Digital Forensics (4N6),,Yuri Gubanov,,,,,,Business; Operations management; Center (algebra and category theory),,,,,http://dx.doi.org/10.46293/4n6/2020.02.03.10,http://dx.doi.org/10.46293/4n6/2020.02.03.10,,10.46293/4n6/2020.02.03.10,3097098449,,0,,0,false,,
029-358-230-855-979,THE DOCTRINE OF FORENSIC ACTIVITIES DIGITALIZATION AND THE PROBLEMS OF FORENSIC DIDACTICS,2020-04-01,2020,journal article,The rule-of-law state: theory and practice,25000217,Bashkir State University,,Елена Россинская,"<ns2:p>The global digitalization in all spheres of human activity has seriously affected the problems of using special knowledge when collecting and examining evidence in criminal, civil and administrative cases, and especially forensic activities.; Purpose: to develop a methodology for forensic examination of criminally significant computer information in the context of forensic activities digitalization.; Methods: methods of dialectical and formal logic, comparison, description, interpretation, special scientific methods of forensic expertology and the theory of information and computer support for forensic activities.; Results: the author develops the fundamentals of the forensic activity digitalization theory, the subject and objects of the theory, the main directions of the theory development, including the study of the types and forms of digital footprints in various types of forensic examinations; solving problems of integration in the production of forensic examinations in the context of digitalization; solving the problems of digitalization, unification and statutory regulation of reference and information collections and databases of forensic objects.</ns2:p>",16,4-1,88,101,Forensic science; Political science; Doctrine; Engineering ethics,,,,,https://pravgos.ru/index.php/journal/article/download/103/103,http://dx.doi.org/10.33184/pravgos-2020.4.9,,10.33184/pravgos-2020.4.9,3156819603,,0,,0,true,cc-by,gold
029-400-952-367-551,Digital Forensics of Cybercrimes and the Use of Cyber Forensics Tools to Obtain Digital Evidence,,2021,book chapter,"Cyber Security Auditing, Assurance, and Awareness Through CSAM and CATRAM",23270381; 23270373,IGI Global,,,"<jats:p>This chapter evaluates the most relevant methodologies and best practices for conducting digital investigations, preserving digital forensic evidence and following chain of custody (CoC) of cybercrimes. Cybercriminals are assuming new strategies to launch their sophisticated cyberattacks within the ever-changing digital ecosystems. The authors recommend that digital investigations must continually shift to tackle cybercrimes and prosecute cybercriminals to increase international collaboration networks, to share prevention knowledge, and to analyze lessons learned. They also establish a cyber forensics model for miscellaneous ecosystems called cyber forensics model in digital ecosystems (CFMDE). This chapter also reviews the most important categories of tools to conduct digital investigations. Nevertheless, as the cybercrime sophistication keeps improving, it is also necessary to harden technologies, techniques, methodologies, and tools to acquire digital evidence in order to support and make cyber investigation cases stronger. </jats:p>",,,45,68,Digital forensics; Cybercrime; Digital evidence; Sophistication; Computer forensics; Computer science; Computer security; Network forensics; Cyber crime; Data science,,,,,,http://dx.doi.org/10.4018/978-1-7998-4162-3.ch003,,10.4018/978-1-7998-4162-3.ch003,,,0,008-507-664-901-527; 012-459-130-312-50X; 019-698-064-288-240; 020-944-423-224-895; 021-850-998-857-676; 024-381-049-056-789; 028-180-038-189-484; 028-828-573-289-865; 028-874-299-732-939; 045-645-917-018-028; 057-705-375-581-007; 062-638-763-893-559; 067-950-012-629-210; 084-473-799-141-231; 088-938-096-763-07X; 092-506-898-894-624; 143-562-788-834-457; 144-124-797-675-052,0,false,,
029-412-624-967-097,WDFIA - Pypette: A Framework for the Evaluation of Live Digital Forensic Acquisition Techniques.,,2012,book,,,,,Brett Lempereur; Madjid Merabti; Qi Shi,"With the increasing scale of digital forensic investigations, there is a need for approaches that are capable of reducing the quantities of data forensic examiners are required to search. As this trend continues, traditional quiescent digital forensic analysis is in some cases becoming impractical; examiners must often rely on an in-situ investigation of the live computing environment. Numerous approaches to live digital forensic evidence acquisition have been proposed in the literature, but relatively little attention has been paid to the problem of identifying how the effects of these approaches, and their improvements over other techniques, can be evaluated and quantified. In this paper, we present Pypette, a novel framework enabling the automated, repeatable analysis of live digital forensic acquisition techniques.",,,87,96,Data science; Scale (ratio); Computer science; Digital forensics,,,,,http://www.cscan.org/openaccess/?paperid=94 https://dblp.uni-trier.de/db/conf/wdfia/wdfia2012.html#LempereurMS12,http://www.cscan.org/openaccess/?paperid=94,,,2397090966,,0,002-495-833-326-831; 004-441-167-148-170; 004-652-388-189-304; 005-296-771-590-748; 010-240-301-659-307; 031-277-863-923-457; 035-448-415-847-226; 035-467-233-982-594; 040-911-574-660-701; 042-880-741-738-793; 054-507-171-824-189; 089-048-294-489-077; 093-448-702-012-591; 097-567-011-227-46X; 106-885-306-836-498; 120-462-880-448-150; 142-816-347-811-541,1,false,,
029-667-675-412-459,"HICSS - Introduction to Digital Forensics--Education, Research and Practice Minitrack",,2012,conference proceedings article,2012 45th Hawaii International Conference on System Sciences,,IEEE,,Kara Nance; Matt Bishop,"The field of digital forensics has evolved to allow security professionals to examine evidence from the increasing plethora of digital devices to help determine what individuals might have done in the past. The evidence collected is used in a wide variety of settings: from corporate server farms to police raids on criminals' houses to the modern battlefield, and now to international cloud environments. This year, we accepted three papers for presentation in the Digital Forensics -- Education and Research Minitrack which should promote some interesting discussions in some emerging areas of digital forensics. The papers in this session represent much of the ongoing work in the forensics community and are an exciting representation of a larger body of work dedicated to ensuring that digital evidence remains available and useful for the good of the public.",,,5393,5393,Internet privacy; Variety (cybernetics); World Wide Web; Forensic science; Work (electrical); Presentation; Session (web analytics); Digital evidence; Computer science; Computer forensics; Cloud computing; Digital forensics,,,,,http://ieeexplore.ieee.org/document/7070442/ https://ieeexplore.ieee.org/document/7427880/ http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000006149547 https://doi.org/10.1109/HICSS.2015.665 https://www.computer.org/csdl/proceedings-article/hicss/2013/4892e879/12OmNAtK4py https://dblp.uni-trier.de/db/conf/hicss/hicss2014.html#NanceB14 https://www.computer.org/csdl/pds/api/csdl/proceedings/download-article/12OmNAtK4py/pdf http://ieeexplore.ieee.org/document/7427880/ http://doi.org/10.1109/HICSS.2015.665,http://dx.doi.org/10.1109/hicss.2012.669,,10.1109/hicss.2012.669,2066226528,,0,,2,false,,
029-748-683-221-796,Evaluation of Digital Forensic Process Models with Respect to Digital Forensics as a Service,2017-08-05,2017,,arXiv: Cryptography and Security,,,,Xiaoyu Du; Nhien-An Le-Khac; Mark Scanlon,"Digital forensic science is very much still in its infancy, but is becoming increasingly invaluable to investigators. A popular area for research is seeking a standard methodology to make the digital forensic process accurate, robust, and efficient. The first digital forensic process model proposed contains four steps: Acquisition, Identification, Evaluation and Admission. Since then, numerous process models have been proposed to explain the steps of identifying, acquiring, analysing, storage, and reporting on the evidence obtained from various digital devices. In recent years, an increasing number of more sophisticated process models have been proposed. These models attempt to speed up the entire investigative process or solve various of problems commonly encountered in the forensic investigation. In the last decade, cloud computing has emerged as a disruptive technological concept, and most leading enterprises such as IBM, Amazon, Google, and Microsoft have set up their own cloud-based services. In the field of digital forensic investigation, moving to a cloud-based evidence processing model would be extremely beneficial and preliminary attempts have been made in its implementation. Moving towards a Digital Forensics as a Service model would not only expedite the investigative process, but can also result in significant cost savings - freeing up digital forensic experts and law enforcement personnel to progress their caseload. This paper aims to evaluate the applicability of existing digital forensic process models and analyse how each of these might apply to a cloud-based evidence processing paradigm.",,,,,Forensic science; Data science; Digital forensic process; Law enforcement; Digital forensic investigation; Service (systems architecture); Computer security; Computer science; Process (engineering); Computer forensics; Process modeling; Identification (information); Cloud computing; Digital forensics,,,,,https://arxiv.org/pdf/1708.01730.pdf https://arxiv.org/abs/1708.01730,https://arxiv.org/abs/1708.01730,,,2617315052,,0,000-360-120-513-679; 005-630-640-664-939; 018-093-184-946-852; 019-698-064-288-240; 020-944-423-224-895; 032-697-093-668-898; 035-223-520-491-228; 035-448-415-847-226; 038-668-970-194-854; 051-645-938-939-51X; 066-235-037-082-291; 079-273-634-331-435; 086-091-202-010-191; 133-508-126-407-763; 170-299-458-679-224; 184-948-841-629-735; 192-810-463-153-431,18,true,,
029-826-735-978-186,Digital forensic evidence acquisition to mitigate neighbourhood crime,,2017,dissertation,,,,,Stacey Omeleze,,,,,,Neighbourhood (mathematics); Political science; Criminology; Digital forensics,,,,,https://repository.up.ac.za/handle/2263/62787,https://repository.up.ac.za/handle/2263/62787,,,2763131137,,0,005-573-416-928-102; 006-911-086-843-055; 008-598-808-594-324; 009-485-452-105-918; 015-236-298-864-739; 015-440-921-647-313; 017-060-167-812-521; 017-815-064-018-299; 018-064-287-024-751; 019-745-252-379-763; 019-831-293-743-518; 021-340-363-352-05X; 021-486-901-460-202; 025-487-313-702-455; 035-565-993-122-262; 038-668-970-194-854; 039-027-862-935-463; 039-774-603-243-832; 040-705-707-301-941; 041-227-773-004-745; 041-287-648-537-168; 046-296-020-329-845; 046-836-641-739-032; 050-749-988-811-688; 058-268-994-058-657; 058-867-890-975-332; 062-761-945-832-70X; 068-925-575-963-855; 072-649-380-391-806; 073-582-404-994-103; 074-466-638-386-23X; 079-632-772-814-891; 081-126-332-721-990; 081-437-161-307-223; 082-562-370-324-926; 085-200-261-468-390; 087-111-795-458-128; 087-300-425-406-630; 087-707-697-918-167; 088-019-720-346-046; 091-540-399-535-662; 092-175-168-161-425; 092-897-150-469-59X; 094-217-978-770-068; 095-634-146-634-286; 097-675-162-158-578; 097-694-666-599-602; 097-847-701-274-534; 098-081-008-763-743; 099-578-622-297-463; 100-226-961-489-480; 103-492-786-212-02X; 103-709-762-901-941; 106-885-306-836-498; 110-494-552-257-201; 115-036-799-197-654; 115-531-623-920-069; 115-701-216-859-300; 116-994-483-177-695; 126-403-505-438-119; 126-407-552-681-558; 127-866-720-882-586; 129-047-937-765-077; 136-169-475-733-423; 143-555-177-514-141; 143-875-130-007-110; 145-053-271-815-656; 146-400-675-750-131; 148-539-412-403-76X; 150-069-198-380-365; 152-121-020-313-075; 160-443-701-047-800; 178-883-713-153-793; 181-754-173-124-963; 185-397-141-573-046; 188-139-001-545-729; 199-745-676-923-766,1,false,,
029-916-772-135-494,"Towards the Leveraging of Data Deduplication to Break the Disk
  Acquisition Speed Limit",2016-10-18,2016,,,,,,Hannah Wolahan; Claudio Chico Lorenzo; Elias Bou-Harb; Mark Scanlon,"Digital forensic evidence acquisition speed is traditionally limited by two main factors: the read speed of the storage device being investigated, i.e., the read speed of the disk, memory, remote storage, mobile device, etc.), and the write speed of the system used for storing the acquired data. Digital forensic investigators can somewhat mitigate the latter issue through the use of high-speed storage options, such as networked RAID storage, in the controlled environment of the forensic laboratory. However, traditionally, little can be done to improve the acquisition speed past its physical read speed from the target device itself. The protracted time taken for data acquisition wastes digital forensic experts' time, contributes to digital forensic investigation backlogs worldwide, and delays pertinent information from potentially influencing the direction of an investigation. In a remote acquisition scenario, a third contributing factor can also become a detriment to the overall acquisition time - typically the Internet upload speed of the acquisition system. This paper explores an alternative to the traditional evidence acquisition model through the leveraging of a forensic data deduplication system. The advantages that a deduplicated approach can provide over the current digital forensic evidence acquisition process are outlined and some preliminary results of a prototype implementation are discussed.",,,,,Computer science; Data deduplication; Data acquisition; Upload; RAID; Digital forensics; Digital evidence; Process (computing); Computer data storage; Mass storage; Computer hardware; Computer security; Embedded system; Real-time computing; Operating system,,,,,,http://dx.doi.org/10.48550/arxiv.1610.05462,,10.48550/arxiv.1610.05462,,,0,,0,true,,green
029-985-060-352-924,System-Generated Digital Forensic Evidence in Graphic Design Applications,,2013,journal article,"Journal of Digital Forensics, Security and Law",15587223,Embry-Riddle Aeronautical University/Hunt Library,,Enos K. Mabuto; Hein S. Venter,"Graphic design applications are often used for the editing and design of digital art. The same applications can be used for creating counterfeit documents such as identity documents (IDs), driver’s licences, passports, etc. However, the use of any graphic design application leaves behind traces of digital information that can be used during a digital forensic investigation. Current digital forensic tools examine a system to find digital evidence, but they do not examine a system specifically for the creating of counterfeit documents created through the use of graphic design applications. The paper in hand reviews the system-generated digital forensic evidence gathered from certain graphic design applications, which indicates that a counterfeit document was created. This inference is made by associating the digital forensic information gathered with the possible actions taken, more specifically, the scanning, editing, saving and printing of counterfeit documents. The digital forensic information is gathered by analysing the files generated by the particular graphic design application used for creating the document. The acquired digital forensic information is corroborated to the creation of counterfeit documents and interpreted accordingly. In the end determining if a system was utilised for counterfeiting.",8,3,71,86,World Wide Web; Graphic design; Identity (object-oriented programming); Counterfeit; Digital evidence; Digital forensic investigation; Computer science; Multimedia; Digital art; Computer forensics; Digital forensics,,,,,https://core.ac.uk/display/91686147 https://commons.erau.edu/jdfsl/vol8/iss3/4/ https://dblp.uni-trier.de/db/journals/jdfsl/jdfsl8.html#MabutoV13 https://commons.erau.edu/cgi/viewcontent.cgi?article=1151&context=jdfsl,http://dx.doi.org/10.15394/jdfsl.2013.1151,,10.15394/jdfsl.2013.1151,2118811779,,0,,0,true,cc-by-nc,gold
030-290-105-311-611,Investigasi Aplikasi Messager Pada Smartphone Berbasis Android,2016-12-20,2016,journal article,Jurnal Rekayasa Sistem & Industri (JRSI),25799142; 23560843,Telkom University,,Haris Richard Adrian Taruma Selej,"in the era of technology has greatly advanced, mobile phones have become a necessity and a means of communicating with each other. even though they are separated by a considerable distance, no longer need to spend the time to meet physically. This reason also makes the phone as the primary choice for criminals to communicate. communication used a variety of purposes, such as positive or negative. In 2010, digital forensic analyst team has examined such as network Puslabfor drugs, pornography, gambling, corruption, defamation, fraud, bribery, and others. Of these, as many as 118 types of mobile phones in the form of evidence. It means that offenders still consider mobile phones as a primary communication tool. Digital forensic analysts and investigators, it shall be able to anticipate these things, so that when there is evidence of mobile phone, which was confiscated from criminals, can be checked properly in accordance with the basic principles of digital forensics. This study uses DFIF (Digital Forensic Investigation Framework) smartphone investigation by searching for evidence of a conversation via text message. the results of the investigation evidence to prove the offender information, the information will be presented in the form of a forensic report which will be used as evidence in court.",4,02,,,Internet privacy; Conversation; Mobile phone; Phone; Pornography; Text message; Digital forensic investigation; Computer science; Digital forensics,,,,,https://jrsi.sie.telkomuniversity.ac.id/index.php/JRSI/article/view/147,http://dx.doi.org/10.25124/jrsi.v4i02.147,,10.25124/jrsi.v4i02.147,2793944394,,0,,0,true,cc-by-sa,gold
030-325-897-533-091,Introduction,,2017,book chapter,"Synthesis Lectures on Information Security, Privacy, and Trust",19459742; 19459750,Springer International Publishing,,Vassil Roussev,"Forensic science (or forensics) is dedicated to the systematic application of scientific methods to gather and analyze evidence for a legal purpose. Digital forensics—a.k.a. cyber or computer forensics—is a subfield within forensics, which deals specifically with digital artifacts, such as files, and computer systems and networks used to create, transform, transmit, and store them.",,,1,3,Computer forensics; Digital forensics; Digital evidence; Computer science; Network forensics; Computer security,,,,,,http://dx.doi.org/10.1007/978-3-031-02351-4_1,,10.1007/978-3-031-02351-4_1,,,0,,0,false,,
030-333-349-393-032,Modelling and refinement of forensic data acquisition specifications,,2014,journal article,Digital Investigation,17422876,Elsevier BV,Netherlands,Benjamin Aziz,"This paper defines a model of a special type of digital forensics tools, known as data acquisition tools, using the formal refinement language Event-B. The complexity and criticality of many types of computer and Cyber crime nowadays combined with improper or incorrect use of digital forensic tools calls for more robust and reliable specifications of the functionality of digital forensics applications. As a minimum, the evidence produced by such tools must meet the minimum admissibility standards the legal system requires, in general implying that it must be generated from reliable and robust tools. Despite the fact that some research and effort has been spent on the validation of digital forensics tools by means of testing, the verification of such tools and the formal specification of their expected behaviour remains largely under-researched. The goal of this work is to provide a formal specification against which implementations of data acquisition procedures can be analysed.",11,2,90,101,Software engineering; Formal specification; Refinement; Data acquisition; Implementation; Event b method; Cyber crime; Computer security; Computer science; Computer forensics; Digital forensics,,,,,https://researchportal.port.ac.uk/en/publications/modelling-and-refinement-of-forensic-data-acquisition-specificati https://puredev.port.ac.uk/en/publications/modelling-and-refinement-of-forensic-data-acquisition-specificati https://researchportal.port.ac.uk/portal/files/1151700/elsarticle_template_4_harv.pdf https://www.sciencedirect.com/science/article/pii/S1742287614000346 http://www.sciencedirect.com/science/article/pii/S1742287614000346 https://core.ac.uk/download/29587147.pdf,http://dx.doi.org/10.1016/j.diin.2014.04.001,,10.1016/j.diin.2014.04.001,2039790515,,0,001-009-008-665-240; 001-752-080-318-279; 004-652-388-189-304; 006-731-367-983-371; 020-944-423-224-895; 021-039-461-635-181; 021-850-998-857-676; 028-995-053-119-836; 030-359-893-882-572; 032-477-197-285-256; 035-403-390-260-816; 041-855-656-823-650; 043-499-798-259-789; 045-439-795-806-132; 064-531-736-566-934; 070-946-535-584-257; 075-128-417-091-483; 094-183-392-175-808; 099-482-594-708-125; 117-821-177-762-731; 119-551-188-032-545; 123-082-630-503-713; 133-508-126-407-763; 142-653-298-375-689; 158-170-674-288-488; 184-948-841-629-735; 190-065-821-748-92X; 199-172-967-270-034,7,true,cc-by-nc-nd,green
030-341-862-818-724,WDFIA - Exploring solutions put forth to solve computer forensic investigations of large storage media.,,2011,book,,,,,Andrew Tabona; William Bradley Glisson,"The capacity of digital storage media is growing at a phenomenal rate, leading to an increase in the overall time it takes to process a typical digital forensics investigation. Conventional tools and techniques simply do not cater for the size of potential evidence that investigators have to analyse. With digital evidence being available on an increasing number of digital media types, ranging from portable media players, to Global Positioning System (GPS) devices, to rack-mountable servers, in addition to the fact that there is a rising trend for digitizing information in the business world, the problem is only getting worse. This paper endeavours to initiate an investigation into the current solutions put forth to solve computer forensic investigations of large storage media for the purpose of stimulating ideas and encouraging expansion of current solutions within the research community.",,,1,16,Computer graphics (images); Digital media; Data science; Digital evidence; Digital storage; Research community; Computer science; Process (engineering); Global Positioning System; Digital forensics; Server,,,,,https://dblp.uni-trier.de/db/conf/wdfia/wdfia2011.html#TabonaG11 https://www.cscan.org/openaccess/?id=86 http://www.cscan.org/openaccess/?paperid=86,https://dblp.uni-trier.de/db/conf/wdfia/wdfia2011.html#TabonaG11,,,2402652048,,0,009-946-711-970-084; 021-486-901-460-202; 031-234-153-523-379; 040-219-480-779-444; 047-630-600-014-492; 050-513-243-638-138; 052-665-370-203-554; 053-660-599-217-640; 054-145-255-092-055; 062-202-545-220-180; 066-458-503-104-207; 069-142-686-443-428; 080-018-383-947-573; 085-214-277-668-01X; 097-567-011-227-46X; 102-602-192-826-532; 113-264-745-950-390; 123-304-888-889-490; 125-384-800-661-375; 130-678-713-954-211; 134-927-490-231-285; 154-407-233-384-826; 170-707-612-203-751; 172-227-575-775-135; 178-100-501-663-130; 178-883-713-153-793,2,false,,
030-549-796-030-148,Design and Implementation of Linux based Workflow for Digital Forensics Investigation,2019-04-11,2019,journal article,International Journal of Computer Applications,09758887,Foundation of Computer Science,,Moses Ashawa; Morris Ntonja,"Window based digital forensic workflow has been the traditional investigation model for digital evidence. Investigating using Linux based platform tends challenging since there is no specific investigation workflow for Linux platform. This study designed and implemented a Linux forensic based-workflow for digital investigation. The workflow was divided into different investigation phases. The digital investigations processes in all the phases were performed using Linux riggings. The work-flow was tested and evidence such as (E01) Image was accurately acquired. This paper is presented in the following sections. Section one and two provided introduction and literature on existing forensic workflow using windows-based workflow respectively. Section three provided the approach to window workflow. The experimental design and tools used were presented in section four. The rest of the sections considered the research analysis, discussion and conclusion respectively. The implication of the test conducted, tools used with their corresponding weakness and strengths were highlighted in the appendix",181,49,40,46,Software engineering; Workflow; Digital evidence; Computer science; Digital forensics,,,,,https://dspace.lib.cranfield.ac.uk/handle/1826/14412 https://www.ijcaonline.org/archives/volume181/number49/ashawa-2019-ijca-918684.pdf https://www.ijcaonline.org/archives/volume181/number49/30491-2019918684,http://dx.doi.org/10.5120/ijca2019918684,,10.5120/ijca2019918684,2938074275,,0,020-959-006-156-504; 028-457-962-572-453; 032-487-265-797-544; 039-627-889-157-293; 056-674-370-113-188; 064-549-392-650-90X; 077-114-085-988-723; 082-490-100-922-264; 111-488-239-742-003; 130-080-242-566-434; 145-635-013-548-735; 154-912-841-322-255; 190-795-233-892-655,0,true,cc-by-nc,gold
030-605-117-881-535,Forensics and Limitations of Computer,,2011,journal article,China Public Security,,,,Wan Qiong,"Computer crime is one of the most devastating crime,and computer forensics is fighting against computer crime investigation main technology,is an important link in,such as access to evidence,identify suspects.Computer forensics is an emerging field and frontier areas,on the content of digital evidence technical details,so as to provide a set of practical,operable to forensic practice standards and legal,objective,associated electronic digital evidence.For the present,computer forensics technology facing computer anti-forensics technology challenges,i.e.,remove or hide evidence that evidence is invalid.In this paper,starting from the opposite,reverse forensics analysis techniques,summarizes its criminal laws,the author hopes that the thesis on computer forensics staff help.",,,,,Engineering; Digital evidence; Crime investigation; Field (computer science); Computer security; Computer forensics; Digital forensics,,,,,http://en.cnki.com.cn/Article_en/CJFDTOTAL-GGAQ201104034.htm,http://en.cnki.com.cn/Article_en/CJFDTOTAL-GGAQ201104034.htm,,,2385667210,,0,,0,false,,
030-941-913-345-349,Ensuring the Legality of the Digital Forensics Process in South Africa,2013-04-18,2013,journal article,International Journal of Computer Applications,09758887,Foundation of Computer Science,,Jason Jordaan,"In most legal systems, it is crucial that evidence that is obtained for use in any judicial proceedings, especially criminal prosecutions, is obtained lawfully. In other words, no crimes should be committed in the obtaining and examining of any evidence, which will be later, be relied upon in court. Section 86 of the Electronic Communications and Transactions Act 25 of 2002 in South Africa creates a criminal offence of unauthorized access to data, which has a significant potential impact on the acquisition, examination, and analysis of digital evidence; in that traditional digital forensic processes, unless legally authorized, may potentially be in contravention of this law. The legal ramifications for both digital forensics practitioners and the cases that they are engaged on are identified, and appropriate legal solutions are provided to ensure that digital forensic practitioners do not contravene the existing legislation.",68,23,36,39,Internet privacy; Legislation; Contravention; Digital evidence; Computer science; Principle of legality; Process (engineering); Digital forensics,,,,,https://research.ijcaonline.org/volume68/number23/pxc3887432.pdf http://ui.adsabs.harvard.edu/abs/2013IJCA...68w..36J/abstract http://www.lex-informatica.org/Ensuring%20the%20Legality%20of%20the%20Digital%20Forensics%20Process%20in%20South%20Africa.pdf https://www.ijcaonline.org/archives/volume68/number23/11722-7432,http://dx.doi.org/10.5120/11722-7432,,10.5120/11722-7432,2148128673,,0,072-712-275-844-913; 100-767-382-538-470; 106-885-306-836-498; 113-193-394-996-104; 130-217-725-914-477; 136-745-511-009-321; 142-108-488-120-966; 154-255-264-599-600; 154-778-607-714-379,0,true,,green
031-171-713-054-828,"STITCHER: Correlating Digital Forensic Evidence on Internet-of-Things
  Devices",2020-03-16,2020,,,,,,Yee Ching Tok; Chundong Wang; Sudipta Chattopadhyay,"The increasing adoption of Internet-of-Things (IoT) devices present new challenges to digital forensic investigators and law enforcement agencies when investigation into cybercrime on these new platforms are required. However, there has been no formal study to document actual challenges faced by investigators and whether existing tools help them in their work. Prior issues such as the correlation and consistency problem in digital forensic evidence have also become a pressing concern in light of numerous evidence sources from IoT devices. Motivated by these observations, we conduct a user study with 39 digital forensic investigators from both public and private sectors to document the challenges they faced in traditional and IoT digital forensics. We also created a tool, STITCHER, that addresses the technical challenges faced by investigators when handling IoT digital forensics investigation. We simulated an IoT crime that mimics sophisticated cybercriminals and invited our user study participants to utilize STITCHER to investigate the crime. The efficacy of STITCHER is confirmed by our study results where 96.2% of users indicated that STITCHER assisted them in handling the crime, and 61.5% of users who used STITCHER with its full features solved the crime completely.",,,,,Digital forensics; Cybercrime; Law enforcement; Internet of Things; Digital evidence; Computer science; Consistency (knowledge bases); Computer forensics; Computer security; Internet privacy; Data science; Crime scene; World Wide Web,,,,,,http://dx.doi.org/10.48550/arxiv.2003.07242,,10.48550/arxiv.2003.07242,,,0,,0,true,,green
031-288-091-847-688,Ensuring the Authenticity and Non-Misuse of Data Evidence in Digital Forensics,,2015,,,,,,null Jingsha; null He; null Gongzheng; null Liu; null Zhao; null Xuejiao; null Wan; null Huang,"In forensic investigations,it is vital that the authenticity of digital evidence should be ensured. In addition,technical means should be provided to ensure that digital evidence collected cannot be misused for the purpose of perjury. In this paper,we present a method to ensure both authenticity and non-misuse of data extracted from wireless mobile devices. In the method,the device ID and a timestamp become a part of the original data and the Hash function is used to bind the data together. Encryption is applied to the data,which includes the digital evidence,the device ID and the timestamp. Both symmetric and asymmetric encryption systems are employed in the proposed method where a random session key is used to encrypt the data while the public key of the forensic server is used to encrypt the session key to ensure security and efficiency. With the several security mechanisms that we show are supported or can be implemented in wireless mobile devices such as the Android,we can ensure the authenticity and non-misuse of data evidence in digital forensics.",,1,85,90,Timestamp; Engineering; Encryption; Session key; Public-key cryptography; Digital evidence; Computer security; Non-repudiation; Network forensics; Digital forensics,,,,,http://www.cqvip.com/QK/86045X/201501/72716889504849534849484952.html,http://www.cqvip.com/QK/86045X/201501/72716889504849534849484952.html,,,2482676411,,0,,0,false,,
031-451-250-321-657,SADFE - Computer Forensics Investigators or Private Investigators: Who Is Investigating the Drive?,,2010,book,2010 Fifth IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering,,IEEE,,Amelia Phillips; Kara Nance,"The number of states requiring a Private Investigator (PI) license to practice computer forensics is growing despite the wealth of evidence that demonstrates the requirements are inconsistent with the actual qualifications needed to be an effective digital forensics investigator. This paper explores the current trend, the early observed effects of this trend, the types of certifications available outside of the PI licensing requirements, and concludes with some alternatives that should be investigated in order to ensure that the ever-widening array of scenarios that involve digital evidence can be investigated thoroughly and properly by practicing professionals with the proper credentials to secure, investigate, analyze, and present the digital evidence.",,,150,157,Internet privacy; Engineering; Order (exchange); Legislation; License; Digital evidence; Certification; Computer forensics; Digital forensics,,,,,http://ieeexplore.ieee.org/document/5491891 https://ieeexplore.ieee.org/document/5491891/ http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5491891 http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000005491891 https://dblp.uni-trier.de/db/conf/sadfe/sadfe2010.html#PhillipsN10,http://dx.doi.org/10.1109/sadfe.2010.23,,10.1109/sadfe.2010.23,1966668010,,0,120-462-880-448-150; 136-586-134-083-714; 165-770-474-971-736,5,false,,
031-589-758-461-10X,ENHANCING INDUSTRIAL CONTROL SYSTEM FORENSICS USING REPLICATION-BASED DIGITAL TWINS,2021-10-15,2021,book chapter,Advances in Digital Forensics XVII,18684238; 1868422x,Springer International Publishing,Germany,Marietheres Dietz; Ludwig Englbrecht; Günther Pernul,"Industrial control systems are increasingly targeted by cyber attacks. However, it is difficult to conduct forensic investigations of industrial control systems because taking them offline is often infeasible or expensive. An attractive option is to conduct a forensic investigation of a digital twin of an industrial control system. This chapter demonstrates how a forensic investigation can be performed using a replication-based digital twin. A digital twin also makes it possible to select the appropriate tools for evidence acquisition and analysis before interacting with the real system. The approach is evaluated using a prototype implementation.",,,21,38,Data science; Industrial control system; Computer science; Replication (computing); Digital forensics,,,,,https://link.springer.com/chapter/10.1007/978-3-030-88381-2_2,http://dx.doi.org/10.1007/978-3-030-88381-2_2,,10.1007/978-3-030-88381-2_2,3207611109,,0,001-400-850-823-484; 003-179-703-682-143; 004-376-985-680-005; 014-206-084-650-088; 019-698-064-288-240; 019-714-685-338-295; 020-768-000-917-657; 035-651-100-325-97X; 038-542-792-016-217; 039-758-126-050-535; 044-669-654-214-376; 054-032-620-641-817; 054-976-482-984-181; 058-194-787-840-700; 071-152-595-696-535; 071-754-548-349-176; 073-113-353-720-599; 074-022-824-976-957; 085-700-776-414-798; 095-096-161-740-778; 097-939-114-561-254; 104-143-290-104-632; 124-075-416-858-75X; 141-049-530-527-580; 183-811-300-786-128,0,false,,
031-635-166-961-287,IFIP Int. Conf. Digital Forensics - File System Support for Digital Evidence Bags,,2006,book chapter,IFIP Advances in Information and Communication Technology,18684238; 1868422x,Springer New York,Germany,Golden G. Richard; Vassil Roussev,"Digital Evidence Bags (DEBs) are a mechanism for bundling digital evidence, associated metadata and audit logs into a single structure. DEB-compliant applications can update a DEB’s audit log as evidence is introduced into the bag and as data in the bag is processed. This paper investigates native file system support for DEBs, which has a number of benefits over ad hoc modification of digital evidence bags. The paper also describes an API for DEB-enabled applications and methods for providing DEB access to legacy applications through a DEB-aware file system. The paper addresses an urgent need for digital-forensics-aware operating system components that can enhance the consistency, security and performance of investigations.",222,,29,40,Operating system; File system; Digital evidence; Computer science; Database; Audit trail; Design rule for Camera File system; Self-certifying File System; Metadata; Computer file; File format,,,,,https://ui.adsabs.harvard.edu/abs/2006adf..book...29R/abstract https://link.springer.com/chapter/10.1007/0-387-36891-4_3 https://link.springer.com/content/pdf/10.1007/0-387-36891-4_3.pdf https://dblp.uni-trier.de/db/conf/ifip11-9/df2006.html#RichardR06 https://rd.springer.com/chapter/10.1007/0-387-36891-4_3,http://dx.doi.org/10.1007/0-387-36891-4_3,,10.1007/0-387-36891-4_3,1499839660,,0,060-650-561-577-338; 079-070-981-899-105; 107-745-435-451-959; 138-851-840-986-301,5,false,,
031-655-872-268-787,Triaging digital device content at-scene:- Formalising the decision-making process.,2021-12-09,2021,journal article,Science & justice : journal of the Forensic Science Society,18764452; 13550306,Forensic Science Society,United Kingdom,Graeme Horsman,"The prominence of technology usage in society has inevitably led to increasing numbers of digital devices being seized, where digital evidence often features in criminal investigations. Such demand has led to well documented backlogs placing pressure on digital forensic labs, where in an effort to combat this issue, the 'at-scene triage' of devices has been touted as a solution. Yet such triage approaches are not straightforward to implement with multiple technical and procedural issues existing, including determining when it is actually appropriate to triage the contents of a device at-scene. This work remains focused on this point due to the complexities associated with it, and to support first responders a nine-stage triage decision model is offered which is designed to promote consistent and transparent practice when determining if a device should be triaged.",62,1,86,93,Triage; Digital forensics; Process (computing); Computer science; Point (geometry); Crime scene; Computer security; Data science; Medical emergency; Medicine; Psychology; Geometry; Mathematics; Criminology; Operating system,Crime scene; Digital evidence; Digital forensics; Investigation; Triage,Humans; Triage,,,,http://dx.doi.org/10.1016/j.scijus.2021.12.001,35033331,10.1016/j.scijus.2021.12.001,,,0,000-750-047-594-348; 003-982-227-180-136; 010-985-077-415-59X; 015-340-476-560-675; 016-873-099-383-893; 032-451-540-235-796; 062-137-637-964-947; 066-235-037-082-291; 074-706-219-689-754; 076-508-293-079-677; 079-273-634-331-435; 090-752-043-508-733; 094-142-794-127-63X; 126-591-597-706-715; 131-516-331-360-906; 142-790-196-752-819; 182-719-735-421-509,1,false,,
031-661-643-699-664,FUZZ-IEEE - A fuzzy logic based expert system as a network forensics,,,conference proceedings article,2004 IEEE International Conference on Fuzzy Systems (IEEE Cat. No.04CH37542),,IEEE,,Jung-Sun Kim; Dong-Geun Kim; Bong-Nam Noh,"The field of digital forensic science emerged as a response to the growth of computer crimes. Digital forensics is the art of discovering and retrieving information about a crime in such a way to make a digital evidence admissible in court. Network forensics is digital forensic in networked environments. However, the amount of network traffic is huge and might crash the traffic capture system if left unattended. Not all the information captured or recorded can be useful for analysis or evidence. The more the network traffic, the harder the network analyzing. Therefore, we need an effective and automated analyzing system for network forensics. We propose a fuzzy logic based expert system for network forensics that can analyze computer crimes in networked environments and make digital evidences automatically. This system can provide an analyzed information for forensic experts and reduce the time and cost of forensic analysis.",2,,879,884,Forensic science; Digital evidence; Field (computer science); Computer security; Computer science; Network forensics; Computer forensics; Fuzzy logic; Expert system; Digital forensics,,,,,http://ieeexplore.ieee.org/document/1375521/ https://ieeexplore.ieee.org/document/1375521/ https://dblp.uni-trier.de/db/conf/fuzzIEEE/fuzzIEEE2004.html#KimKN04,http://dx.doi.org/10.1109/fuzzy.2004.1375521,,10.1109/fuzzy.2004.1375521,2161391695,,0,026-203-225-731-167; 037-423-792-391-123; 038-668-970-194-854; 065-326-136-386-79X; 123-063-376-714-166; 141-194-188-948-515; 188-762-236-378-448,16,false,,
031-800-007-340-922,A Review on Mobile Device's Digital Forensic Process Models,2014-07-15,2014,journal article,"Research Journal of Applied Sciences, Engineering and Technology",20407459; 20407467,Maxwell Scientific Publication Corp.,United Kingdom,Anahita Farjamfar; Mohd Taufik Abdullah; Ramlan Mahmod; Nur Izura Udzir,"The main purpose of this study is to discuss the different comparative studies on digital forensics process models specially in the field of mobile devices. In order to legally pursue digital criminals, investigation should be conducted in a forensically sound manner so that the acquired evidence would be accepted in the court of law. Digital forensic process models define the important steps that should be followed to assure the investigation is performed successfully. There are a number of digital forensic process models developed by various organizations worldwide, but yet, there is no agreement among forensics investigation and legislative delegation which procedures to adhere to; specially in the case of facing mobile devices with latest technologies. This is vital, as mobile phones and other mobile devices such as PDAs or tablets are becoming ever-present as the main technology platform around the world and people are obtaining and using mobile phones more than ever. In this study we will give a review of the proposed digital forensics process models within last 7 years and to discuss the need for a consensus to follow the same underlying approaches while continually updating digital forensics process models to cover new emerging technologies and devices.",8,3,358,366,Engineering; Mobile device; Emerging technologies; Data science; Digital forensic process; Digital evidence; Computer security; Computer forensics; Process modeling; Digital forensics; Delegation,,,,,https://maxwellsci.com/jp/mspabstract.php?jid=RJASET&doi=rjaset.8.981 http://psasir.upm.edu.my/id/eprint/36269/ https://core.ac.uk/display/153816752 https://core.ac.uk/download/153816752.pdf,http://dx.doi.org/10.19026/rjaset.8.981,,10.19026/rjaset.8.981,2165854381,,0,004-652-388-189-304; 004-872-169-627-620; 006-569-049-717-630; 010-086-703-646-194; 014-299-240-901-551; 017-815-064-018-299; 023-780-269-449-092; 030-359-893-882-572; 035-223-520-491-228; 041-059-041-666-09X; 048-141-687-795-752; 050-618-920-212-97X; 052-120-212-583-360; 066-602-804-060-133; 078-730-781-174-18X; 083-582-672-677-836; 090-390-906-646-037; 093-148-968-798-507; 095-613-498-169-127; 101-436-770-235-826; 133-397-275-695-990; 145-616-913-856-289; 168-476-681-195-292; 170-299-458-679-224,8,true,cc-by,hybrid
031-903-822-066-378,ESEC/SIGSOFT FSE - On evidence preservation requirements for forensic-ready systems,2017-08-21,2017,conference proceedings article,Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering,,ACM,,Dalal Alrajeh; Liliana Pasquale; Bashar Nuseibeh,"Forensic readiness denotes the capability of a system to support digital forensic investigations of potential, known incidents by preserving in advance data that could serve as evidence explaining how an incident occurred. Given the increasing rate at which (potentially criminal) incidents occur, designing so‰ware systems that are forensic-ready can facilitate and reduce the costs of digital forensic investigations. However, to date, little or no attention has been given to how forensic-ready so‰ftware systems can be designed systematically. In this paper we propose to explicitly represent evidence preservation requirements prescribing preservation of the minimal amount of data that would be relevant to a future digital investigation. We formalise evidence preservation requirements and propose an approach for synthesising specifications for systems to meet these requirements. We present our prototype implementation—based on a satisfiability solver and a logic-based learner—which we use to evaluate our approach, applying it to two digital forensic corpora. Our evaluation suggests that our approach preserves relevant data that could support hypotheses of potential incidents. Moreover, it enables significant reduction in the volume of data that would need to be examined during an investigation.",,,559,569,Risk analysis (engineering); Volume (computing); Engineering; Forensic science; Satisfiability; Solver; Computer security; Digital forensics; Reduction (complexity),,,,,https://ulir.ul.ie/handle/10344/6785 https://dl.acm.org/doi/10.1145/3106237.3106308 https://ulir.ul.ie/bitstream/10344/6785/2/Nuseibeh_2017_Evidence.pdf https://dblp.uni-trier.de/db/conf/sigsoft/fse2017.html#AlrajehPN17 https://core.ac.uk/display/132200872 https://oro.open.ac.uk/50894/,http://dx.doi.org/10.1145/3106237.3106308,,10.1145/3106237.3106308,2740163751,,0,001-009-008-665-240; 002-383-410-319-043; 005-859-821-142-158; 006-435-365-660-88X; 007-832-595-971-443; 009-730-713-043-791; 014-561-286-568-118; 019-587-382-043-888; 020-601-436-463-823; 021-486-901-460-202; 026-297-540-262-129; 030-758-631-051-726; 032-263-344-124-062; 035-346-857-615-388; 035-403-390-260-816; 039-756-277-761-714; 041-291-462-265-899; 042-767-661-429-064; 043-888-972-094-772; 046-143-775-958-052; 046-271-354-421-86X; 046-872-747-515-107; 052-913-311-818-380; 053-230-392-967-84X; 062-032-128-092-406; 063-974-671-883-002; 074-147-378-642-824; 075-907-852-957-192; 089-506-099-861-772; 100-250-267-613-648; 108-271-153-881-39X; 111-471-986-310-852; 112-321-663-201-881; 112-899-744-555-295; 113-569-557-973-592; 115-542-227-016-303; 117-459-057-747-79X; 122-326-764-410-354; 124-536-382-369-948; 124-837-341-752-034; 131-939-394-589-315; 135-336-855-038-27X; 137-569-254-769-800; 137-743-551-497-339; 137-848-395-325-041; 137-854-345-065-123; 145-499-257-020-829; 150-236-970-368-499; 150-781-309-249-335; 151-725-523-566-42X; 154-517-106-328-503; 158-793-612-834-755; 162-084-685-303-536; 162-201-727-094-331; 167-005-010-697-067; 199-172-967-270-034; 199-901-259-164-000,9,true,cc-by-nc-nd,green
031-928-219-465-244,TrustCom/BigDataSE/ICESS - Privileged Data Within Digital Evidence,,2017,conference proceedings article,2017 IEEE Trustcom/BigDataSE/ICESS,,IEEE,,Dominique Fleurbaaij; Mark Scanlon; Nhien-An Le-Khac,"In recent years the use of digital communication has increased. This also increased the chance to find privileged data in the digital evidence. Privileged data is protected by law from viewing by anyone other than the client. It is up to the digital investigator to handle this privileged data properly without being able to view the contents. Procedures on handling this information are available, but do not provide any practical information nor is it known how effective filtering is. The objective of this paper is to describe the handling of privileged data in the current digital forensic tools and the creation of a script within the digital forensic tool Nuix. The script automates the handling of privileged data to minimize the exposure of the contents to the digital investigator. The script also utilizes technology within Nuix that extends the automated search of identical privileged document to relate files based on their contents. A comparison of the 'traditional' ways of filtering within the digital forensic tools and the script written in Nuix showed that digital forensic tools are still limited when used on privileged data. The script manages to increase the effectiveness as direct result of the use of relations based on file content.",,,737,744,World Wide Web; Software; Digital evidence; Electronic mail; Computer science; Digital forensics,,,,,https://dblp.uni-trier.de/db/journals/corr/corr1708.html#abs-1708-01728 http://dblp.uni-trier.de/db/conf/trustcom/trustcom2017.html#FleurbaaijSL17 https://markscanlon.co/papers/PrivilegedDataWithinDigitalEvidence.pdf https://ieeexplore.ieee.org/document/8029510/ https://arxiv.org/abs/1708.01728 https://forensicsandsecurity.com/papers/PrivilegedDataWithinDigitalEvidence.php http://ieeexplore.ieee.org/document/8029510/ http://ui.adsabs.harvard.edu/abs/2017arXiv170801728F/abstract https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2017.307 http://arxiv.org/abs/1708.01728,http://dx.doi.org/10.1109/trustcom/bigdatase/icess.2017.307,,10.1109/trustcom/bigdatase/icess.2017.307,3100426958; 2622036913,,0,002-481-130-087-603; 017-475-683-410-857; 027-711-581-048-863; 066-952-299-040-253; 079-273-634-331-435; 086-260-554-462-428; 097-955-877-871-285; 149-276-740-761-042; 199-090-164-757-181,3,true,,green
031-935-242-453-239,"An ""order of data acquisition"" for digital forensic investigations.",2022-01-07,2022,journal article,Journal of forensic sciences,15564029; 00221198,Wiley-Blackwell,United States,Graeme Horsman,"Data acquisition is a fundamental stage of the digital forensic workflow, where without it, it may not be possible to conduct many criminal inquiries effectively. While any investigative team may want access to all digital data available, it is no longer an approach that is considered justifiable or proportionate in all cases. There is now an increasing narrative highlighting the invasiveness of digital data acquisition processes and their impact upon privacy, with calls to ensure greater scrutiny is placed upon their use. This work proposes the ""Order of Data Acquisition"" which defines 10 digital data acquisition methods that are available to practitioners as a part of a forensic examination, derived from a review of existing literature and best practice acquisition approaches, and arranged by their ""invasiveness."" Each method is discussed with examples provided in order to clarify and formalize the process of determining a suitable acquisition method in every case while acknowledging privacy invasion concerns. Finally, conclusions are drawn.",67,3,1215,1220,Workflow; Computer science; Data acquisition; Scrutiny; Process (computing); Digital forensics; Digital evidence; Data science; Digital data; Order (exchange); Computer security; Narrative,acquisition; data extraction; digital forensics; evidence,Forensic Medicine; Workflow,,,,http://dx.doi.org/10.1111/1556-4029.14979,34997585,10.1111/1556-4029.14979,,,0,000-225-165-729-99X; 003-982-227-180-136; 010-061-391-662-193; 010-963-610-208-920; 010-985-077-415-59X; 021-850-998-857-676; 044-161-230-287-523; 074-706-219-689-754; 090-752-043-508-733; 094-142-794-127-63X; 172-425-036-894-271; 183-000-233-873-221,0,false,,
031-977-004-268-359,IFIP Int. Conf. Digital Forensics - Applying The Biba Integrity Model to Evidence Management,,,book chapter,Advances in Digital Forensics III,,Springer New York,,Kweku Kwakye Arthur; Martin S. Olivier; Hein S. Venter,This paper describes the design of an integrity-aware Forensic Evidence Management System (FEMS). The well-known Biba integrity model is employed to preserve and reason about the integrity of stored evidence. Casey’s certainty scale provides the integrity classification scheme needed to apply the Biba model. The paper also discusses the benefits of using an integrity-aware system for managing digital evidence.,,,317,327,Classification scheme; Management system; Data science; Scale (ratio); Biba Model; Digital evidence; Computer security; Computer science; Certainty,,,,,https://link.springer.com/chapter/10.1007/978-0-387-73742-3_22 https://link.springer.com/content/pdf/10.1007%2F978-0-387-73742-3_22.pdf https://rd.springer.com/chapter/10.1007/978-0-387-73742-3_22 https://link.springer.com/10.1007/978-0-387-73742-3_22 https://dx.doi.org/10.1007/978-0-387-73742-3_22 https://dblp.uni-trier.de/db/conf/ifip11-9/df2007.html#ArthurOV07,http://dx.doi.org/10.1007/978-0-387-73742-3_22,,10.1007/978-0-387-73742-3_22,1533784222,,0,012-361-730-556-510; 018-182-926-340-45X; 041-763-294-010-194; 050-237-621-641-652; 060-661-629-527-243; 065-729-890-886-741; 072-064-847-202-72X; 113-114-063-444-526; 134-360-092-416-810; 158-068-559-447-649; 188-762-236-378-448,5,true,,bronze
032-173-768-139-787,Forensic science steps to applying on computer to process and analyze digital evidence,,2016,journal article,International Journal of Advance Research and Innovative Ideas in Education,23954396,,,Santosh Sitaram Varpe,"Digital investigators collect the crime related information from the crime scene then making document and preserving digital evidence. To perform this task properly digital investigators need a methodology and also need help to find the scientific truth.; For this forensic science is useful, it offer tested methods for processing and analyzing evidence and reaching to final conclusion. This paper provide seven stages of forensic science to process and analyze digital evidence. When applying all this stages of forensic science investigator easily collect and analyze digital evidence.",2,6,286,289,World Wide Web; Forensic science; Crime scene; Computational criminology; Data science; Task (project management); Digital evidence; Scientific truth; Computer science; Process (engineering); Computer forensics,,,,,https://ijariie.com/AdminUploadPdf/Forensic_science_steps_to_applying_on_computer_to_process_and_analyze_digital_evidence_ijariie3311.pdf https://ijariie.com/FormDetails.aspx?MenuScriptId=2201,https://ijariie.com/FormDetails.aspx?MenuScriptId=2201,,,2740244222,,0,,0,false,,
032-246-414-391-330,Im)proving chain of custody and digital evidence integrity with time stamp,2010-05-24,2010,conference proceedings,,,,,Jasmin Ćosić; Miroslav Bača,"The integrity of digital evidence plays an important role in the digital process of forensic investigation. Proper chain of custody must include information on how evidence is collected, transported, analyzed, preserved, and handled with. There are several adapted methods for evidence digital signing to (im)prove the integrity of digital evidence. Most forensic tools and applications use a certain kind of hashing algorithm to allow investigators later to verify the disk or image integrity. In this process there is a problem of binding integrity, identity and date and time of access to digital evidence. In this paper the authors will present a valid time stamping method to signing a digital evidence in all stages of digital investigation process. Time stamp will be obtained from the secure third party (Time Stamp Authority). It will be used to prove the time when the staff access the evidence in any stages of forensic investigation.",,,1226,1230,Chain of custody; Internet privacy; Timestamp; Digital signature; Engineering; Cryptography; Digital evidence; Computer security; Computer forensics; Valid time; Hash function,,,,,https://ieeexplore.ieee.org/document/5533653 https://www.bib.irb.hr/472213 http://ieeexplore.ieee.org/document/5533653/,https://ieeexplore.ieee.org/document/5533653,,,1647944177,,0,020-487-672-459-141; 188-762-236-378-448,24,false,,
032-261-449-992-051,Appling Bayesian Network to Electronic Evidence Relevancy Judgement,,2020,conference proceedings article,"2020 IEEE 4th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)",,IEEE,,Zhijun Liu; Ning Wang,"In judicial practice, because of lacking the evaluation standards and the quantitative analysis methods in the electronic evidence relevancy judgement, current electronic evidence usually have been questioned in the courts. This paper selects relevancy judgement between and among legal feature, case characteristic and events as the study object, firstly proposes a Event-Case characteristic-Legal feature relevancy model, then design the approach of converting the relevancy judgement process to a Bayesian network representation, and finally explores the application of the presented methods with a network pyramid selling case as an example. The initial practice shows the proposed approach is feasible and has a consulting value in analyzing the relevancy of electronic evidence.",1,,1652,1657,Information retrieval; Judgement; Quantitative analysis (finance); Bayesian network; Feature (machine learning); Computer science; Process (engineering); Representation (mathematics); Multi-level marketing; Digital forensics,,,,,https://ieeexplore.ieee.org/document/9084986,http://dx.doi.org/10.1109/itnec48623.2020.9084986,,10.1109/itnec48623.2020.9084986,3022611810,,0,000-965-663-206-482; 012-793-457-647-460; 043-692-851-904-738; 051-846-755-774-83X; 057-089-021-440-630; 061-549-181-856-861; 111-471-986-310-852; 154-927-290-119-809; 162-374-469-230-059; 180-327-460-336-608,1,false,,
032-286-659-568-014,"Digital Forensics for Network, Internet, and Cloud Computing: A Forensic Evidence Guide for Moving Targets and Data",2010-06-16,2010,book,,,,,Terrence V. Lillard,"Network forensics is an evolution of typical digital forensics, where evidence is gathered and analyzed from network traffic. This book will help security and network forensics professionals, as well as network administrators, understand the challenges faced by organizations and individuals investigating network-based criminal cases. The authors not only present various tools used to examine network traffic but also introduce different investigative methodologies. With the explosive growth in Internet-based technology (e.g., social networks, cloud computing, telecommuting), computer and network forensics investigators are among the fastest areas of growth. Specifically, in the area of cybercrime and digital forensics, the federal government is conducting a talent search for 10K qualified specialists. Key network forensics skills and tools are discussed-for example, capturing network traffic, using Snort for network-based forensics, using NetWitness Investigator for network traffic analysis, and deciphering TCP/IP.The current and future states of network forensics analysis tools are addressed.The admissibility of network-based traffic is covered as well as the typical life cycle of a network forensics investigation.",,,,,The Internet; Engineering; Telecommuting; Cybercrime; Traffic analysis; Computer security; Network forensics; Computer forensics; Cloud computing; Digital forensics,,,,,https://procon.bg/article/digital-forensics-network-internet-and-cloud-computing-forensic-evidence-guide-moving https://dl.acm.org/citation.cfm?id=1875294 https://connections-qj.org/article/digital-forensics-network-internet-and-cloud-computing-forensic-evidence-guide-moving,https://procon.bg/article/digital-forensics-network-internet-and-cloud-computing-forensic-evidence-guide-moving,,,188028618,,0,,32,false,,
032-416-169-299-416,Emerging Forensic Tools for Locating and Analyzing Digital Evidence - Providing a Road Map: : Evidence Led Analysis,,,book chapter,Emerging Forensic Tools for Locating and Analyzing Digital Evidence,,IGI Global,,Richard Boddington,,,,5738,6463,Road map; Geography; Cartography,,,,,,http://dx.doi.org/10.4018/978-1-4666-9591-7.les9,,10.4018/978-1-4666-9591-7.les9,2505556421,,0,,0,false,,
032-451-540-235-796,A case-based reasoning method for locating evidence during digital forensic device triage,,2014,journal article,Decision Support Systems,01679236,Elsevier BV,Netherlands,Graeme Horsman; Christopher Laing; Paul Vickers,"The role of triage in digital forensics is disputed, with some practitioners questioning its reliability for identifying evidential data. Although successfully implemented in the field of medicine, triage has not established itself to the same degree in digital forensics. This article presents a novel approach to triage for digital forensics. Case-Based Reasoning Forensic Triager (CBR-FT) is a method for collecting and reusing past digital forensic investigation information in order to highlight likely evidential areas on a suspect operating system, thereby helping an investigator to decide where to search for evidence. The CBR-FT framework is discussed and the results of twenty test triage examinations are presented. CBR-FT has been shown to be a more effective method of triage when compared to a practitioner using a leading commercial application.",61,61,69,78,World Wide Web; Forensic science; Case-based reasoning; Data science; Triage; Suspect; Test (assessment); Digital forensic investigation; Field (computer science); Computer science; Reliability (statistics); Digital forensics,,,,,https://research.tees.ac.uk/en/publications/a-case-based-reasoning-method-for-locating-evidence-during-digita https://dblp.uni-trier.de/db/journals/dss/dss61.html#HorsmanLV14 https://core.ac.uk/display/19479046 http://nrl.northumbria.ac.uk/15186/ https://researchportal.northumbria.ac.uk/en/publications/a-case-based-reasoning-method-for-locating-evidence-during-digita http://nrl.northumbria.ac.uk/15186/1/Horsman_et_al_Author_Accepted_Manuscript.pdf https://northumbria-test.eprints-hosting.org/id/document/264093 https://www.sciencedirect.com/science/article/pii/S0167923614000086,http://dx.doi.org/10.1016/j.dss.2014.01.007,,10.1016/j.dss.2014.01.007,1977236908,,2,003-982-227-180-136; 012-106-860-594-330; 015-353-077-946-637; 016-731-888-079-073; 018-618-238-562-758; 024-852-306-378-681; 029-938-776-068-353; 030-121-862-351-330; 032-840-153-267-455; 033-877-222-136-260; 042-423-147-359-818; 044-333-336-895-605; 047-630-600-014-492; 049-513-366-833-181; 049-896-268-388-337; 051-493-073-728-632; 057-254-747-112-851; 065-520-849-771-46X; 070-534-696-667-140; 075-056-106-679-562; 075-128-417-091-483; 089-564-665-174-244; 092-058-232-746-872; 093-007-312-043-778; 093-388-220-098-773; 094-081-969-768-185; 098-371-414-969-945; 109-598-947-309-943; 112-537-006-164-008; 145-062-913-009-934; 150-305-598-712-279; 167-398-164-200-13X; 168-819-441-615-181; 172-263-908-125-850; 191-319-072-202-754,30,true,cc-by-nc-nd,green
032-584-696-829-178,Limitations and Improvements of Adoption Criteria for Digital Forensic Evidence,,2018,,,,,,Minsu Kim,,18,4,35,43,Data science; Conviction; Pre-Registration; Computer science; Digital forensics,,,,,https://www.kci.go.kr/kciportal/ci/sereArticleSearch/ciSereArtiView.kci?sereArticleSearchBean.artiId=ART002401826,https://www.kci.go.kr/kciportal/ci/sereArticleSearch/ciSereArtiView.kci?sereArticleSearchBean.artiId=ART002401826,,,2904276826,,0,,0,false,,
032-694-541-842-762,SoK: Blockchain Solutions for Forensics,2020-05-26,2020,,,,,,Thomas K. Dasaklis; Fran Casino; Constantinos Patsakis,"As the digitization of information-intensive processes gains momentum in nowadays, the concern is growing about how to deal with the ever-growing problem of cybercrime. To this end, law enforcement officials and security firms use sophisticated digital forensics techniques for analyzing and investigating cybercrimes. However, multi-jurisdictional mandates, interoperability issues, the massive amount of evidence gathered (multimedia, text etc.) and multiple stakeholders involved (law enforcement agencies, security firms etc.) are just a few among the various challenges that hinder the adoption and implementation of sound digital forensics schemes. Blockchain technology has been recently proposed as a viable solution for developing robust digital forensics mechanisms. In this paper, we provide an overview and classification of the available blockchain-based digital forensic tools, and we further describe their main features. We also offer a thorough analysis of the various benefits and challenges of the symbiotic relationship between blockchain technology and the current digital forensics approaches, as proposed in the available literature. Based on the findings, we identify various research gaps, and we suggest future research directions that are expected to be of significant value both for academics and practitioners in the field of digital forensics.",,,,,Digital forensics; Cybercrime; Digitization; Blockchain; Digital evidence; Interoperability; Law enforcement; Computer forensics; Computer security; Computer science; Data science; Field (mathematics),,,,,,http://dx.doi.org/10.48550/arxiv.2005.12640,,10.48550/arxiv.2005.12640,,,0,,0,true,,green
033-052-944-470-280,Handbook of Digital and Multimedia Forensic Evidence - Handbook of Digital and Multimedia Forensic Evidence,,2008,book,,,Humana Press,,John J. Barbara,"Handbook of Digital and Multimedia Forensic Evidence presents an overview of computer forensics perfect for beginners. This volume will serve as a foundation and guide for: (a) students considering a career in this field; (b) the law enforcement investigator assigned to work cybercrimes; (c) establishing training programs for forensic examiners; (d) the IT professional; (e) the veteran forensic examiner; (f) the prosecutor faced with litigating cybercrime cases brought before a trier of fact. A distinguished group of specialist authors have crafted chapters rich with detail yet accessible for readers who are not experts in the field. Tying together topics as diverse as applicable laws on search and seizure, investigating cybercrime, and preparation for courtroom tesitmony, Handbook of Digital and Multimedia Forensic Evidence is the ideal overall reference for this multi-faceted discipline.",,,,,Information technology; Engineering; Library science; Cybercrime; Law enforcement; Tying; Foundation (evidence); Trier of fact; Multimedia; Computer forensics; Search and seizure,,,,,https://link.springer.com/10.1007/978-1-59745-577-0,http://dx.doi.org/10.1007/978-1-59745-577-0,,10.1007/978-1-59745-577-0,2484844672,,0,002-173-825-088-456; 002-673-615-411-826; 004-217-821-672-65X; 007-289-919-213-12X; 010-013-669-210-911; 017-358-994-049-12X; 022-970-439-122-406; 025-953-293-295-113; 026-971-851-512-334; 037-758-225-398-956; 039-649-325-117-154; 044-505-440-393-814; 048-495-347-955-746; 082-779-163-882-092; 085-214-277-668-01X; 088-263-775-250-441; 096-105-597-689-887; 105-126-222-909-334; 140-821-103-436-654; 146-970-724-314-649; 153-153-144-072-106; 167-592-705-831-583,4,false,,
033-100-272-262-254,"Security, Privacy, and Digital Forensics in the Cloud - Digital Evidence Management, Presentation, and Court Preparation in the Cloud: A Forensic Readiness Approach",2019-02-08,2019,book chapter,"Security, Privacy, and Digital Forensics in the Cloud",,John Wiley & Sons Singapore Pte. Ltd,,Lucia De Marco; Nhien-An Le-Khac; M-Tahar Kechadi,,,,283,299,Forensic science; Data science; Presentation; Digital evidence; Computer science; Cloud computing,,,,,https://api.wiley.com/onlinelibrary/tdm/v1/articles/10.1002%2F9781119053385.ch14,http://dx.doi.org/10.1002/9781119053385.ch14,,10.1002/9781119053385.ch14,2914820011,,0,004-064-907-119-420; 006-435-365-660-88X; 010-791-676-072-730; 018-965-911-481-154; 022-594-465-094-174; 025-768-635-842-670; 028-222-770-579-89X; 029-008-872-980-253; 032-697-093-668-898; 035-223-520-491-228; 036-164-436-495-911; 041-879-975-858-398; 045-114-676-521-139; 051-278-209-038-859; 052-152-063-024-042; 059-697-278-686-056; 067-950-012-629-210; 078-289-969-915-037; 080-554-305-771-401; 110-843-854-174-99X; 115-036-799-197-654; 120-361-603-676-195; 124-912-663-881-389; 144-124-797-675-052; 151-944-242-677-668; 168-735-970-391-234; 183-000-233-873-221; 189-596-290-541-547,1,false,,
033-161-651-925-256,Review on effectiveness of deep learning approach in digital forensics,2022-10-01,2022,journal article,International Journal of Electrical and Computer Engineering (IJECE),27222578; 20888708,Institute of Advanced Engineering and Science,Indonesia,Sonali Ekhande; Uttam Patil; Kshama Vishwanath Kulhalli,"<jats:p>&lt;p&gt;&lt;span&gt;Cyber forensics is use of scientific methods for definite description of cybercrime activities. It deals with collecting, processing and interpreting digital evidence for cybercrime analysis. Cyber forensic analysis plays very important role in criminal investigations. Although lot of research has been done in cyber forensics, it is still expected to face new challenges in near future. Analysis of digital media specifically photographic images, audio and video recordings are very crucial in forensics This paper specifically focus on digital forensics. There are several methods for digital forensic analysis. Currently deep learning (DL), mainly convolutional neural network (CNN) has proved very promising in classification of digital images and sound analysis techniques. This paper presents a compendious study of recent research and methods in forensic areas based on CNN, with a view to guide the researchers working in this area. We first, defined and explained preliminary models of DL. In the next section, out of several DL models we have focused on CNN and its usage in areas of digital forensic. Finally, conclusion and future work are discussed. The review shows that CNN has proved good in most of the forensic domains and still promise to be better.&lt;/span&gt;&lt;/p&gt;</jats:p>",12,5,5481,5481,Digital forensics; Computer science; Convolutional neural network; Cybercrime; Crime analysis; Deep learning; Network forensics; Data science; Computer forensics; Face (sociological concept); Artificial intelligence; Computer security; World Wide Web; The Internet; Criminology; Sociology; Social science,,,,,,http://dx.doi.org/10.11591/ijece.v12i5.pp5481-5592,,10.11591/ijece.v12i5.pp5481-5592,,,0,,0,true,,hybrid
033-296-701-979-892,"Handbook of Research on Computational Forensics, Digital Crime, and Investigation - Digital Camera Photographic Provenance",,2010,book chapter,"Handbook of Research on Computational Forensics, Digital Crime, and Investigation",23270381; 23270373,IGI Global,,Matthew Sorell,"<jats:p>Whether investigating individual photographs or a large repository of images, it is often critical to establish some history of the generation, manipulation and/or distribution of the images, which is to say the provenance. The applications of image provenance are wide, including the detection of steganographic messages and image tampering, the clustering of images with like provenance, and the gathering of evidence which establishes (or refutes) a hypothetical source. This chapter considers published research and identifies research gaps which address the general challenges of digital image provenance with an explicit emphasis on evidence related to the camera or other digital source.</jats:p>",,,104,129,Artificial intelligence; Digital photography; Stereo camera; Digital camera back; Digital camera; Provenance; Computer vision; Computer science,,,,,https://www.igi-global.com/chapter/digital-camera-photographic-provenance/39215 https://digital.library.adelaide.edu.au/dspace/handle/2440/59056 https://dblp.uni-trier.de/db/reference/forensics/forensics2010.html#Sorell10,http://dx.doi.org/10.4018/978-1-60566-836-9.ch005,,10.4018/978-1-60566-836-9.ch005,1562103178,,0,001-432-520-317-85X; 004-023-060-478-098; 004-522-417-492-842; 004-530-492-547-92X; 006-682-365-421-203; 007-896-809-960-655; 008-448-075-469-433; 013-766-124-774-712; 014-131-888-113-719; 015-717-506-603-742; 016-617-865-487-243; 016-898-456-817-102; 018-276-309-945-450; 019-466-667-607-252; 030-011-893-395-400; 039-418-276-597-80X; 040-425-146-348-064; 045-812-091-260-656; 047-645-450-221-93X; 047-755-139-590-756; 048-895-019-334-521; 049-052-751-043-806; 056-817-850-080-480; 060-409-308-040-210; 064-865-257-540-083; 067-303-718-151-959; 069-184-474-173-724; 072-248-809-174-656; 073-950-113-169-265; 074-016-367-199-505; 075-191-630-629-790; 079-458-616-165-307; 081-579-450-748-803; 083-097-133-928-799; 095-160-402-119-661; 106-688-419-298-857; 108-896-114-392-841; 110-952-912-805-626; 111-755-270-010-429; 112-496-670-451-605; 117-616-387-640-801; 119-542-794-779-003; 125-162-036-005-386; 126-089-127-973-25X; 133-793-082-960-465; 135-262-782-091-897; 135-488-578-174-515; 136-713-989-335-402; 140-408-113-219-371; 142-836-447-307-439; 161-171-671-691-645; 164-040-908-533-91X; 166-373-015-655-563; 173-881-114-277-726; 180-088-494-514-913; 180-552-666-228-97X; 184-897-235-429-285; 195-533-049-210-345,2,false,,
033-423-714-085-758,IFIP Int. Conf. Digital Forensics - Refining Evidence Containers for Provenance and Accurate Data Representation,,2010,book chapter,Advances in Digital Forensics VI,18684238; 18612288; 1868422x; 15715736,Springer Berlin Heidelberg,Germany,Bradley Schatz; Michael Cohen,"It is well acknowledged that there is a pressing need for a general solution to the problem of storing digital evidence, both in terms of copied bitstream images and general information that describes the images and context surrounding a case. In a prior paper, we introduced the AFF4 evidence container format, focusing on the description of an efficient, layered bitstream storage architecture, a general approach to representing arbitrary information, and a compositional approach to managing and sharing evidence. This paper describes refinements to the representation schemes embodied in AFF4 that address the accurate representation of discontiguous data and the description of the provenance of data and information.",,,227,242,External Data Representation; Architecture; Data mining; Bitstream; Container (abstract data type); Information retrieval; Representation (systemics); Refining; Context (language use); Digital evidence; Computer science,,,,,https://hal.inria.fr/hal-01060621 https://rd.springer.com/chapter/10.1007/978-3-642-15506-2_16 https://link.springer.com/content/pdf/10.1007/978-3-642-15506-2_16.pdf https://hal.archives-ouvertes.fr/hal-01060621v1 https://eprints.qut.edu.au/80311/ https://hal.inria.fr/hal-01060621/document https://dblp.uni-trier.de/db/conf/ifip11-9/df2010.html#SchatzC10 https://doi.org/10.1007/978-3-642-15506-2_16 https://link.springer.com/chapter/10.1007/978-3-642-15506-2_16 https://link.springer.com/10.1007/978-3-642-15506-2_16,http://dx.doi.org/10.1007/978-3-642-15506-2_16,,10.1007/978-3-642-15506-2_16,1591562510,,0,002-353-327-259-732; 002-534-435-127-422; 008-460-264-972-320; 033-241-817-699-448; 037-987-418-063-510; 039-807-307-685-44X; 051-165-387-606-715; 055-574-774-155-611; 055-614-100-530-52X; 060-650-561-577-338; 071-025-919-668-054; 087-023-674-376-409; 142-884-607-464-932; 178-883-713-153-793,4,true,cc-by,green
033-449-704-006-134,An Enhanced Approach for Digital Forensics using Innovative GSP Algorithm,2014-10-18,2014,journal article,International Journal of Computer Applications,09758887,Foundation of Computer Science,,Priyanka V. Kayarkar; Prashant Ricchariaya,"The advent of world-wide web not only changes our life view but also gives rise to advanced forms of digital crimes. Today’s era is the digital age, over the internet most of the facts are transferred through the digital devices. Cyber criminals always use Digital devices to conduct digital crime. The applicability of various forensics techniques in digital forensics helps the forensics investigators to adopt practical frameworks and methods to recover data for analysis which can comprise as evidence. In the field of Digital Forensics Data Mining has huge prospective. Computer forensics is a rising discipline investigating the computer crime. The goal of data mining technique is to find the valuable relationships between data items. This paper proposes a data mining approach for digital forensics investigations which is very important in today’s information age. Frequent Sequence Mining in data mining is one of the most important concepts used in Digital forensics Science. This thesis is an imperative work for Digital forensics investigations with maximum accuracy by using GSP algorithm.",103,6,18,22,The Internet; World Wide Web; Forensic science; Field (computer science); Computer science; Computer forensics; Digital forensics; GSP Algorithm,,,,,https://research.ijcaonline.org/volume103/number6/pxc3898308.pdf https://ui.adsabs.harvard.edu/abs/2014IJCA..103f..18K/abstract https://www.ijcaonline.org/archives/volume103/number6/18078-8308,http://dx.doi.org/10.5120/18078-8308,,10.5120/18078-8308,2131940555,,0,032-810-109-985-524; 080-816-595-560-369; 178-100-501-663-130; 181-095-475-426-346,1,true,,green
033-624-790-871-700,Identifikasi Bukti Digital WhatsApp pada Sistem Operasi Proprietary Menggunakan Live Forensics,2018-06-20,2018,journal article,Jurnal Teknik Elektro,25491571; 14110059,Universitas Negeri Semarang,," Riadi; Sunardi Sunardi; Muhamad Ermansyah Rauli","R apid development of computer technology is also accompanied with increasing of cybercrime. One of the most common crimes is fraud case in the online shop. This crime  abuses Whatapps, one of the most popular Instant Messenger (IM) applications.  WhatsApp is one of the IM applications that can be used on computers, especially on windows 8.1 operating system. All applications running on the computer leave data and information on Random Access Memory (RAM). The data and information that exist in RAM can be obtained using digital forensic technique called Live Forensics. Live forensics can be used when the computer is running and connected to the  network. This research aims to find digital evidence related to online shop fraud case. The digital evidence can be obtained using one of the forensic tools FTK Imager. FTK Imager can retrieve and analyze data and information on RAM. The results obtained in this research is the content of WhatsApp conversations that can be used as digital evidence to reveal a fraud in the online shop.",10,1,18,22,Cybercrime; Digital evidence; Live forensics; Computer technology; Instant messenger; Random access memory; Computer science; Multimedia; Digital forensics,,,,,https://journal.unnes.ac.id/nju/index.php/jte/article/view/14070/7872 https://journal.unnes.ac.id/nju/index.php/jte/article/download/14070/7872,http://dx.doi.org/10.15294/jte.v10i1.14070,,10.15294/jte.v10i1.14070,2904082727,,0,,3,true,cc-by,gold
033-655-019-302-215,The Search and Seizure of Digital Evidence by Forensic Investigators in South Africa,2019-04-25,2019,,Social Science Research Network,,,,Jacobus Gerhardus Nortje; Daniel Christoffel Myburgh,"The discipline of digital forensics requires a combination of skills, qualifications and knowledge in the area of forensic investigation, legal aspects and information technology. The uniqueness of digital evidence makes the adoption of traditional legal approaches problematic.; ; Information technology terminology is currently used interchangeably without any regard to being unambiguous and consistent in relation to legal texts. Many of the information technology terms or concepts have not yet achieved legal recognition.; ; The recognition and standardisation of terminology within a legal context are of the utmost importance to ensure that miscommunication does not occur.; ; To provide clarity or guidance on some of the terms and concepts applicable to digital forensics and for the search and seizure of digital evidence, some of the concepts and terms are reviewed and discussed, using the Criminal Procedure Act 51 of 1977 as a point of departure.; ; Digital evidence is often collected incorrectly and analysed ineffectively or simply overlooked due to the complexities that digital evidence poses to forensic investigators. As with any forensic science, specific regulations, guidelines, principles or procedures should be followed to meet the objectives of investigations and to ensure the accuracy and acceptance of findings. These regulations, guidelines, principles or procedures are discussed within the context of digital forensics: what processes should be followed and how these processes ensure the acceptability of digital evidence. These processes include international principles and standards such as those of the Association of Chiefs of Police Officers and the International Organisation of Standardisation. A summary is also provided of the most influential or best-recognised international (IOS) standards on digital forensics.; ; It is concluded that the originality, reliability, integrity and admissibility of digital evidence should be maintained as follows:; ; Data should not be changed or altered.; ; Original evidence should not be directly examined.; ; Forensically sound duplicates should be created.; ; Digital forensic analyses should be performed by competent persons.; ; Digital forensic analyses should adhere to relevant local legal requirements.; ; Audit trails should exist consisting of all required documents and actions.; ; The chain of custody should be protected.; ; Processes and procedures should be proper, while recognised and accepted by the industry.; ; If the ACPO (1997) principles and ISO/IEC 27043 and 27037 Standards are followed as a forensic framework, then digital forensic investigators should follow these standards as a legal framework.",,,,,Chain of custody; Information technology; Context (language use); Digital evidence; Computer science; Terminology; Engineering ethics; Search and seizure; Audit trail; Digital forensics,,,,,https://www.ssrn.com/abstract=3392338 https://papers.ssrn.com/sol3/Delivery.cfm/SSRN_ID3392338_code1435986.pdf?abstractid=3392338&mirid=1 https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3392338,https://www.ssrn.com/abstract=3392338,,,3125205193,,0,,0,false,,
033-830-223-679-592,Software Forensics : Collecting Evidence from the Scene of a Digital Crime,2004-01-12,2004,book,,,,,Robert Slade,,,,,,Engineering; World Wide Web; Software forensics; Computer security; Computer forensics,,,,,https://www.amazon.com/Software-Forensics-Collecting-Evidence-Digital/dp/0071428046 https://openlibrary.org/books/OL7300240M/Software_Forensics,https://www.amazon.com/Software-Forensics-Collecting-Evidence-Digital/dp/0071428046,,,2268047021,,0,,14,false,,
034-190-709-015-829,A standardised data acquisition process model for digital forensic investigations,,2017,journal article,International Journal of Information and Computer Security,17441765; 17441773,Inderscience Publishers,United Kingdom,Reza Montasari,"Similar to traditional evidence, courts of law do not assume that digital evidence is reliable if there is no evidence of some empirical testing regarding the theories and techniques pertaining to its production. Courts take a careful notice of the way in which digital evidence has been acquired and stored. In contrast with traditional crimes for which there are well-established standards and procedures upon which courts can rely, there are no formal procedures or models for digital data acquisition to which courts of law can refer. A standardised data acquisition process model is needed to enable digital forensic investigators to follow a uniform approach, and to assist courts of law in determining the reliability of digital evidence presented to them. This paper proposes a model that is standardised in that it can enable digital forensic investigators in following a uniform approach, and that is generic in that it can be applied in both law enforcement and corporate investigations. To carry out the research presented in the paper, the design science research process (DSRP) methodology proposed by Peffers et al. (2006) has been followed.",9,3,229,249,Empirical research; Data acquisition; Data science; Design science research; Notice; Law enforcement; Digital evidence; Computer security; Computer science; Computer forensics; Digital forensics,,,,,http://www.inderscience.com/link.php?id=85139 https://cronfa.swan.ac.uk/Record/cronfa54938 https://dblp.uni-trier.de/db/journals/ijics/ijics9.html#Montasari17 https://pure.hud.ac.uk/en/publications/a-standardised-data-acquisition-process-model-for-digital-forensi https://www.inderscienceonline.com/doi/abs/10.1504/IJICS.2017.085139 https://www.open-access.bcu.ac.uk/5973/,http://dx.doi.org/10.1504/ijics.2017.085139,,10.1504/ijics.2017.085139,2730257958,,0,004-652-388-189-304; 004-872-169-627-620; 005-515-442-506-880; 007-314-571-885-858; 019-698-064-288-240; 019-831-293-743-518; 020-944-423-224-895; 021-850-998-857-676; 022-433-931-814-136; 022-455-280-454-911; 022-502-903-446-942; 026-774-296-742-022; 030-359-893-882-572; 032-697-093-668-898; 035-260-452-778-173; 038-668-970-194-854; 042-230-817-975-353; 044-377-145-020-27X; 047-630-600-014-492; 047-859-979-695-194; 048-464-914-125-131; 052-052-141-922-342; 062-217-186-853-075; 063-274-848-736-685; 067-726-260-424-525; 067-844-385-207-96X; 067-950-012-629-210; 078-275-236-083-731; 081-056-635-953-384; 083-748-184-402-072; 098-666-081-238-973; 130-733-989-451-876; 132-355-634-397-986; 133-397-275-695-990; 133-508-126-407-763; 134-181-885-341-288; 140-821-103-436-654; 160-160-097-559-323; 162-110-149-751-921; 171-803-389-787-120; 182-691-566-109-191; 190-065-821-748-92X; 190-872-133-741-434; 192-810-463-153-431; 199-745-676-923-766,12,true,,green
034-320-165-648-048,Meniti Jejak Tindak Pidana Korupsi Melalui Digital Forensic,2021-11-22,2021,,,,,,M Makhfudz,"The development of corruption crimes proceed to increase, namly by utilizing network, which is known as cyber crime, as such digital forensic is needed. To posses this, mastery of every evidence principle can talk, which can create electronic evidence, in the form of conversations, though reconstructing these electronic evidence. Keywords : Cyber crime, every evidence can talk, digital prensic. ABSTRAK Perkembangan kejahatan korupsi terus meningkat yaitu dengan menggunakan / memanfaatkan jaringan yang dikenal cyber crime, sehingga dibutuhkan digital forensic. Untuk hal tersebut dibutuhkan penguasaan prinsip “every evidence can talk” yang dapat membuat alat bukti elektronik berupa percakapan dengan cara menkontruksi alat bukti elektronik. Kata Kunci : Cyber crime, every evidence can talk digital forensic",8,6,,,,,,,,http://journal.uinjkt.ac.id/index.php/salam/article/view/23242,http://journal.uinjkt.ac.id/index.php/salam/article/view/23242,,,3216988201,,0,,0,false,,
034-558-221-039-715,Cyber and Digital Forensic Investigations - Digital Forensic Approaches for Cloud Service Models: A Survey,2020-07-26,2020,book,Studies in Big Data,21976503; 21976511,Springer International Publishing,,Sebastian Schlepphorst; Kim-Kwang Raymond Choo; Nhien-An Le-Khac,"Cloud computing has become one of the fastest-growing IT infrastructures in the world. Criminals are aggressively expanding the use of digital technologies for illegal activities. As a consequence, the rise of cybercrimes in cloud systems exacerbates the problem of scale for digital forensic practitioners. Traditional digital forensic approaches such as the data acquisition of electronic devices, personal computer forensics, live data forensics, network investigations and forensics, mobile phone forensics, and are not sufficient or only partly applicable for the investigation, acquisition and analysis of evidence from cloud computing platforms. The evaluation of digital forensic techniques for cloud service models is still a challenge due to the lack of efficient criteria. Therefore, in this chapter, we first define the criteria for evaluating existing digital forensic approaches for the three main cloud service models: Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS). After that, we will review, analyse and compare each digital forensic approach in order to display existing gaps that need further solutions.",,,175,199,Electronics; Data acquisition; Software as a service; Data science; Mobile phone; Scale (chemistry); Personal computer; Computer science; Cloud computing; Digital forensics,,,,,https://link.springer.com/chapter/10.1007%2F978-3-030-47131-6_8 https://dblp.uni-trier.de/db/books/collections/LC2020.html#SchlepphorstCL20,http://dx.doi.org/10.1007/978-3-030-47131-6_8,,10.1007/978-3-030-47131-6_8,3044499889,,0,001-893-584-671-77X; 002-768-711-065-857; 010-457-858-470-314; 011-972-444-921-827; 017-708-113-657-756; 019-551-864-080-695; 025-319-861-345-580; 025-659-319-196-918; 033-100-272-262-254; 039-238-243-413-527; 041-879-975-858-398; 042-603-990-097-418; 050-019-822-464-159; 050-304-428-383-118; 051-278-209-038-859; 051-736-296-605-158; 052-152-063-024-042; 053-908-428-232-957; 058-631-300-195-90X; 058-884-035-549-345; 064-313-388-228-262; 067-285-795-856-454; 091-531-552-633-070; 092-121-205-176-412; 098-283-769-367-935; 121-207-616-071-874; 121-704-965-852-836; 124-912-663-881-389; 125-343-466-970-410; 125-817-456-334-439; 131-923-136-263-017; 136-947-053-479-806; 139-013-975-792-305; 144-124-797-675-052; 160-331-694-886-887; 170-108-067-251-840,2,false,,
034-651-507-138-790,Review Paper on Introduction to Cyber Forensics,2021-08-31,2021,journal article,International Journal for Research in Applied Science and Engineering Technology,23219653,International Journal for Research in Applied Science and Engineering Technology (IJRASET),,Priya R. Yadav,"<jats:p>Abstract: Cyber Forensics is termed as scientific methods or applications in association with the judiciary or court of laws. The aim behind these methods is to unveil the digital evidence to be utilized in court for solving crime cases. This sort of technology wasn’t practiced before therefore most criminals tend to urge away with their criminal acts without valid proof to incriminate or prosecute them. During that time the oaths, confessions, testimonies from witnesses were the sole determining factors of evidence Crimes committed within electronic or digital domains, particularly within cyberspace, have become common. Criminals are using technology to commit their offenses and make new challenges for law enforcement agents, attorneys, judges, military, and security professionals. Digital forensics has become a vital instrument in identifying and solving computer-based and computerassisted crime. This paper provides a quick introduction to cyber forensics. During this paper we present a typical model for both Incident Response and Computer Forensics processes which mixes their advantages in an exceedingly flexible way: It allows for a management oriented approach in digital investigations while retaining the chance of a rigorous forensics investigation. Keywords: cyber forensics, digital forensic science, computer forensics, evidence, judicial system.</jats:p>",9,8,1939,1942,Engineering; Computer security,,,,,http://dx.doi.org/10.22214/ijraset.2021.37684,http://dx.doi.org/10.22214/ijraset.2021.37684,,10.22214/ijraset.2021.37684,3195949822,,0,,0,true,,gold
035-029-754-848-788,TechnoSecurity's Guide to E-Discovery and Digital Forensics: A Comprehensive Handbook,2007-10-23,2007,book,,,,,Jack Wiles,"This book provides IT security professionals with the information (hardware, software, and procedural requirements) needed to create, manage and sustain a digital forensics lab and investigative team that can accurately and effectively analyze forensic data and recover digital evidence, while preserving the integrity of the electronic evidence for discovery and trial.; ; IDC estimates that the U.S. market for computer forensics will be grow from $252 million in 2004 to $630 million by 2009. Business is strong outside the United States, as well. By 2011, the estimated international market will be $1.8 billion dollars. The Techno Forensics Conference, to which this book is linked, has increased in size by almost 50% in its second year; another example of the rapid growth in the digital forensics world.; ; The TechnoSecurity Guide to Digital Forensics and E-Discovery features:; ; * Internationally known experts in computer forensics share their years of experience at the forefront of digital forensics; * Bonus chapters on how to build your own Forensics Lab; * 50% discount to the upcoming Techno Forensics conference for everyone; who purchases a book",,,,,Engineering; World Wide Web; Software; Digital evidence; International market; Computer security; Computer forensics; Digital forensics,,,,,http://dl.acm.org/citation.cfm?id=1543323,http://dl.acm.org/citation.cfm?id=1543323,,,103153726,,0,,1,false,,
035-126-027-906-691,Who is the digital forensic expert and what is their expertise?,2022-01-26,2022,journal article,WIREs Forensic Science,25739468,Wiley,,Graeme Horsman; Brett Shavers,"Given the importance of digital evidence to many inquiries, the services of practitioners in the digital forensic field are often sought. In some cases, a “digital forensic expert witness” may be required to conduct specific investigatory work and provide opinion evidence. Here we explore the concept of a digital forensic expert witness while also considering whether this term may now be potentially misleading to those outside of this domain. A discussion of the challenges that exist when trying to establish and assess the validity of expertise in this field is offered. Suggestions for ways to both evidence and correctly identify relevant expertise are made, taking into account the viewpoints of both the potential expert and client. This article is categorized under: Digital and Multimedia Science > Multimedia Forensics",4,5,,,Digital forensics; Expert witness; Viewpoints; Computer forensics; Witness; Digital evidence; Forensic psychology; Computer science; Field (mathematics); Forensic science; Data science; Subject-matter expert; Domain (mathematical analysis); Expert opinion; Engineering ethics; Internet privacy; Psychology; Computer security; Expert system; Engineering; Political science; Artificial intelligence; Medicine; Law; Criminology; Art; Mathematics; Mathematical analysis; Intensive care medicine; Visual arts; Programming language; Veterinary medicine; Pure mathematics,,,,,,http://dx.doi.org/10.1002/wfs2.1453,,10.1002/wfs2.1453,,,0,006-933-430-647-14X; 034-729-447-864-463; 083-380-435-354-691; 102-243-142-344-71X; 134-927-490-231-285,0,true,,hybrid
035-129-008-760-918,IC3 - Privacy preserving efficient digital forensic investigation framework,,2013,conference proceedings article,2013 Sixth International Conference on Contemporary Computing (IC3),,IEEE,,Anuradha Gupta,"In today's era, efficiency of digital forensic investigation process is the biggest challenge for digital forensic community. The efficiency of investigation depends on the other various factors like storage capacity of digital media, proficiency of investigator and type of investigating case. Moreover, these storage devices do not store only investigating case related data but also stores accused personal and professional information which can lead a breach of privacy of accused. Very little attention has been given to make digital investigation process fully automated. In the Privacy Preserving Efficient Digital Forensic Investigation (PPEDFI) framework, we bridge the gap between efficiency and the privacy issue in digital forensic investigation process. The main contribution of the PPEDFI framework is to make the digital investigation process automated and shorten the turnaround time in evidence extraction process, thus saving the cost and time of digital investigation process. To evaluate the system, we conducted an investigation study namely: Digitized Document Fraud. The proposed framework was able to extract the evidence files and also rank them on the basis of their relevancy for being evidence.",,,387,392,Rank (computer programming); Information privacy; Bridge (nautical); Digital media; Turnaround time; Computer security; Computer science; Process (engineering); Computer forensics; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/ic3/ic3-2013.html#Gupta13 https://ieeexplore.ieee.org/document/6612225/,http://dx.doi.org/10.1109/ic3.2013.6612225,,10.1109/ic3.2013.6612225,2076379225,,0,012-459-130-312-50X; 022-302-091-357-648; 060-637-905-571-153; 062-325-585-829-185; 068-573-357-666-979; 083-192-705-272-816; 092-445-869-422-787; 151-672-577-814-250,11,false,,
035-299-026-735-777,Placing the suspect at a PC: A preliminary study involving fingerprints on keyboards and mice.,2020-07-11,2020,journal article,Science & justice : journal of the Forensic Science Society,18764452; 13550306,Forensic Science Society,United Kingdom,Traian Fulea-Magarit; Helen Page; Graeme Horsman,"Abstract Digital devices now play an important role in the lives of many in society. Whilst they are used predominantly for legitimate purposes, instances of digital crime are witnessed, where determining their usage is important to any criminal investigation. Typically, when determining who has used a digital device, digital forensic analysis is utilised, however, biological trace evidence or fingerprints residing on its surfaces may also be of value. This work provides a preliminary study which examines the potential for fingerprint recovery from computer peripherals, namely keyboards and mice. Our implementation methodology is outlined, and results discussed which indicate that print recovery is possible. Findings are intended to support those operating at-scene in an evidence collection capacity.",61,1,89,96,Human–computer interaction; Criminal investigation; Crime scene; Trace evidence; Fingerprint (computing); Suspect; Digital device; Evidence collection; Computer science; Digital forensics,Crime scene; Digital forensics; Evidence; Fingerprints,Computer Peripherals; Crime; Forensic Medicine/methods; Humans,,,https://www.ncbi.nlm.nih.gov/pubmed/33357831 https://www.sciencedirect.com/science/article/abs/pii/S1355030620300290,http://dx.doi.org/10.1016/j.scijus.2020.07.003,33357831,10.1016/j.scijus.2020.07.003,3041697087,,0,016-352-495-743-48X; 019-831-293-743-518; 026-810-683-474-561; 044-781-123-854-77X; 058-829-172-935-902; 075-136-991-324-974; 080-161-175-307-872; 134-243-771-692-742; 192-869-837-381-364,0,false,,
035-465-696-100-413,Digital Applications in Forensic Odontology,,,book chapter,"Advances in Digital Crime, Forensics, and Cyber Terrorism",23270381; 23270373,IGI Global,,Robert E. Barsley; David R. Senn; Thomas J. David; Franklin D. Wright; Gregory S. Golden,"<jats:p>Forensic Odontology or forensic dentistry is the use of dental expertise, dental findings, and dental facts in legal proceedings. The principal efforts of dentists in this regard are geared toward establishing the identity of unknown human remains or verifying the identity of visually unrecognizable human remains. The digital revolution has impacted all aspects of forensic odontology. This chapter will discuss the impact on person identification through dental means, dental identification in mass or disaster victim incidents, establishing the age of an unknown individual or human remains through dental examination, digital photography in dentistry and forensic odontology, and the use of digital methods in the analysis and comparison of bite mark evidence.</jats:p>",,,217,225,Forensic odontology; History,,,,,https://www.igi-global.com/chapter/digital-applications-forensic-odontology/52290,http://dx.doi.org/10.4018/978-1-60960-483-7.ch010,,10.4018/978-1-60960-483-7.ch010,2488127886,,0,006-597-592-484-451; 009-941-409-083-908; 034-820-276-335-600; 038-024-627-807-808; 038-935-936-815-796; 056-562-264-990-885; 075-292-823-735-760; 087-010-190-701-495; 097-588-996-974-744; 101-436-770-235-826; 102-530-305-953-440; 136-785-742-768-145; 152-961-017-851-43X,0,false,,
035-492-160-906-551,IWCF - Using the ENF Criterion for Determining the Time of Recording of Short Digital Audio Recordings,,2009,book chapter,Computational Forensics,03029743; 16113349,Springer Berlin Heidelberg,Germany,Maarten Huijbregtse; Zeno Geradts,"The Electric Network Frequency (ENF) Criterion is a recently developed forensic technique for determining the time of recording of digital audio recordings, by matching the ENF pattern from a questioned recording with an ENF pattern database. In this paper we discuss its inherent limitations in the case of short --- i.e., less than 10 minutes in duration --- digital audio recordings. We also present a matching procedure based on the correlation coefficient, as a more robust alternative to squared error matching.",5718,,116,124,Duration (music); Matching (statistics); Speech recognition; Computer science; Digital audio,,,,,https://link.springer.com/chapter/10.1007/978-3-642-03521-0_11 https://rd.springer.com/chapter/10.1007/978-3-642-03521-0_11 https://link.springer.com/content/pdf/10.1007%2F978-3-642-03521-0_11.pdf https://ui.adsabs.harvard.edu/abs/2009LNCS.5718..116H/abstract https://dblp.uni-trier.de/db/conf/iwcf/iwcf2009.html#HuijbregtseG09 http://www.forensic.to/ENF%20processed.pdf https://doi.org/10.1007/978-3-642-03521-0_11 https://forensic.to/ENF%20processed.pdf,http://dx.doi.org/10.1007/978-3-642-03521-0_11,,10.1007/978-3-642-03521-0_11,2128876713,,0,007-237-563-451-826; 018-172-332-749-013; 091-970-428-713-932; 150-123-603-849-126,53,false,,
035-626-035-728-080,ICDF2C - Online Acquisition of Digital Forensic Evidence,,2010,book chapter,"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering",18678211; 1867822x,Springer Berlin Heidelberg,Germany,Mark Scanlon; Mohand Tahar Kechadi,"Providing the ability to any law enforcement officer to remotely transfer an image from any suspect computer directly to a forensic laboratory for analysis, can only help to greatly reduce the time wasted by forensic investigators in conducting on-site collection of computer equipment. RAFT (Remote Acquisition Forensic Tool) is a system designed to facilitate forensic investigators by remotely gathering digital evidence. This is achieved through the implementation of a secure, verifiable client/server imaging architecture. The RAFT system is designed to be relatively easy to use, requiring minimal technical knowledge on behalf of the user. One of the key focuses of RAFT is to ensure that the evidence it gathers remotely is court admissible. This is achieved by ensuring that the image taken using RAFT is verified to be identical to the original evidence on a suspect computer.",,,122,131,The Internet; Key (cryptography); Suspect; Digital evidence; Law enforcement officer; Computer security; Computer science; Computer forensics; Digital forensics; Verifiable secret sharing,,,,,https://markscanlon.co/papers/OnlineAcquisitionOfDigitalForensicEvidence.php https://rd.springer.com/chapter/10.1007/978-3-642-11534-9_12 https://link.springer.com/chapter/10.1007%2F978-3-642-11534-9_12 https://dx.doi.org/10.1007/978-3-642-11534-9_12 https://dblp.uni-trier.de/db/conf/icdf2c/icdf2c2009.html#ScanlonK09 https://forensicsandsecurity.com/papers/OnlineAcquisitionOfDigitalForensicEvidence.pdf https://link.springer.com/content/pdf/10.1007%2F978-3-642-11534-9_12.pdf https://forensicsandsecurity.com/papers/OnlineAcquisitionOfDigitalForensicEvidence.php https://www.markscanlon.co/papers/OnlineAcquisitionOfDigitalForensicEvidence.pdf,http://dx.doi.org/10.1007/978-3-642-11534-9_12,,10.1007/978-3-642-11534-9_12,1495423901,,0,012-495-836-083-305; 047-510-179-988-659; 053-660-599-217-640; 064-495-184-947-564; 068-573-357-666-979; 079-070-981-899-105; 097-567-011-227-46X; 108-446-208-631-649,10,false,,
036-352-996-540-117,ISSA - The current state of digital forensic practitioners in South Africa,,2015,conference proceedings article,2015 Information Security for South Africa (ISSA),,IEEE,,Jason Jordaan; Karen Bradshaw,"Recent high profile court trials around the world, including South Africa, have highlighted the importance of forensic science evidence in court. They have also show what can happen when forensic science is handled poorly in court leading to incorrect convictions or acquittals. Most often the problems have been linked to the qualifications, training, competency and experience of the forensic practitioners who examined and analysed the evidence. With digital forensics being recognised as a forensics science and criminal trials such as Casey Anthony and Julia Amero dominated by errors in the digital forensics process attributed to the examiners, it is crucial to understand what the current situation is in South Africa with regards local digital forensic practitioners, so as to identify any strengths or shortcomings which could impact on digital evidence in a court of law. The research focused on understanding the academic qualifications, digital forensics training, competency, and experience of South African digital forensic practitioners. General trends were identified through the research showing that South African digital forensic practitioners often lacked the necessary academic qualifications, training, competency and experience required of a digital forensics practitioner, raising concerns about the quality of digital forensics practice in South Africa. When contrasted against international standards, the research identified areas of improvement, and suggested potential remedial actions to address the situation.",,,1,9,Political science; State (polity); Quality (business); Digital evidence; Computer security; Public relations; Computer forensics; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/issa/issa2015.html#JordaanB15,http://dx.doi.org/10.1109/issa.2015.7335068,,10.1109/issa.2015.7335068,2098648924,,0,012-906-104-142-908; 014-261-775-435-338; 015-619-207-022-72X; 017-167-454-912-226; 023-418-828-545-549; 027-596-318-311-424; 052-550-640-264-796; 075-171-904-217-913; 081-321-738-203-441; 106-885-306-836-498; 168-476-681-195-292,3,false,,
036-389-147-094-633,Practice of Digital Forensic Investigation in the Czech Republic and ISO/IEC 27037:2012 [Praxe digitálního forenzního vyšetřování v České republice a norma ISO/IEC 27037:2012],,2015,,,,,,Jaromír Veber; Zdeněk Smutný; Ladislav Vyskočil,Digital forensics investigation undergone a great transformation in the past two decades. This is due to technological progress and already quite common use of ICT in society. This article deals with the standardization of the procedures for collecting potential digital evidence in connection with the ISO/IEC 27037:2012. This article presents some of the important principles presented in the standard. It also presents the views of two experts from the Czech Republic - criminal police investigator and forensic analyst. They introduce their practical experience regarding the collection and analysis of potential digital evidence and also discuss their views on the content of the standard. This makes it possible to point out the discrepancies between the recommendations laid down in the standard and practice. The general recommendations of the standard are commented in the article with references to some basic procedures used in the Czech Republic for potential digital evidence acquisition and collection.,2015,3,242,257,Engineering; Technological change; Standardization; Point (typography); Czech; Digital evidence; Digital forensic investigation; Engineering ethics; Information and Communications Technology; Digital forensics,,,,,https://ideas.repec.org/a/prg/jnlaip/v2015y2015i3id72p242-257.html,https://ideas.repec.org/a/prg/jnlaip/v2015y2015i3id72p242-257.html,,,3024421344,,0,,0,false,,
036-504-399-650-860,Perancangan Nenggala Disk Duplicator (Ndd) untuk Mendukung Proses Investigasi Forensik Digital,2018-03-01,2018,journal article,Teknoin,08538697; 26556529,Universitas Islam Indonesia (Islamic University of Indonesia),,Fietyata Yudha,"The development of information technology simplify human life. Its evoke crime loopholes, cyber crime. When solving criminal cases that utilize information technology is required the digital forensic science. In carrying out a digital investigation known multiple frameworks around the worlds. Every devices, every organization has their own framework. The most common framework divided into 4 sections. Preservation, Acquisition, Analysis, and Reporting are the most common used around the worlds. Acquisition is a key part of the investigation process because in this process digital evidence is collected form the electronic evidence. The acquisition processes uses special equipment. Forensic acquisition equipment mostly made by forensic vendors in the world. The problems that arise in the academic realm is the price of the equipment is quite expensive. The existence of the above problem there is a gap to conduct research on the applied field of development of tools for forensic acquisition. This study provides an early overview of the design of a digital forensics acquisition tool called Nenggala Disk Duplicator.",24,1,29,40,Information technology; Key (cryptography); Data science; Digital evidence; Common framework; Human life; Field (computer science); Computer science; Process (engineering); Digital forensics,,,,,https://www.neliti.com/publications/276235/perancangan-nenggala-disk-duplicator-ndd-untuk-mendukung-proses-investigasi-fore https://jurnal.uii.ac.id/jurnal-teknoin/article/view/11214 http://jurnal.uii.ac.id/jurnal-teknoin/article/view/11214 https://journal.uii.ac.id/jurnal-teknoin/article/view/11214 https://journal.uii.ac.id/jurnal-teknoin/article/download/11214/8554,http://dx.doi.org/10.20885/teknoin.vol24.iss1.art4,,10.20885/teknoin.vol24.iss1.art4,2914404623,,0,,0,true,cc-by-sa,gold
036-522-909-357-939,Digital evidence,,2012,journal article,"Zbornik radova Pravnog fakulteta, Novi Sad",05502179,Centre for Evaluation in Education and Science (CEON/CEES),,Lukic Tatjana,"Although computer makes human activities faster and easier, innovating and creating new forms of work and other kinds of activities, it also influenced the criminal activity. The development of information technology directly affects the development of computer forensics without which, it can not even imagine the discovering and proving the computer offences and apprehending the perpetrator. Information technology and computer forensic allows us to detect and prove the crimes committed by computer and capture the perpetrators. Computer forensics is a type of forensics which can be defined as a process of collecting, preserving, analyzing and presenting digital evidence in court proceedings. Bearing in mind, that combat against crime, in which computers appear as an asset or object of the offense, requires knowledge of digital evidence as well as specific rules and procedures, the author in this article specifically addresses the issues of digital evidence, forensic (computer) investigation, specific rules and procedures for detecting, fixing and collecting digital evidence and use of this type of evidence in criminal proceedings. The author also delas with international standards regarding digital evidence and cyber-space investigation.",46,2,177,192,Digital evidence; Computer forensics; Digital forensics; Computer science; Asset (computer security); Object (grammar); Computer security; Process (computing); Internet privacy; Data science; Artificial intelligence; Operating system,,,,,,http://dx.doi.org/10.5937/zrpfns46-1971,,10.5937/zrpfns46-1971,,,0,,0,true,cc-by,gold
036-549-696-564-159,Mobile Device's Digital Forensic Process Model,2022-07-26,2022,journal article,Advances in Multidisciplinary and scientific Research Journal Publication,24888699,Creative Research Publishers,,Bismark Boateng,"<jats:p>The primary goal is to compare various digital forensics process models, particularly mobile devices. One must conduct investigations forensically to prosecute digital offenders, with the resulting evidence acknowledged in a court of law. Digital forensic process models outline the necessary procedures that one must follow to ensure a successful enquiry.   Keywords: Mobile Devices, Digital Devices, Digital Evidence and Smartphone  BOOK Chapter ǀ Research Nexus in IT, Law, Cyber Security &amp; Forensics. Open Access. Distributed Free</jats:p>",1,1,267,272,Digital forensics; Digital evidence; Computer forensics; Computer science; Process (computing); Mobile device; Computer security; Nexus (standard); Network forensics; Internet privacy; World Wide Web; Operating system,,,,,,http://dx.doi.org/10.22624/aims/crp-bk3-p43,,10.22624/aims/crp-bk3-p43,,,0,,0,true,,bronze
036-649-050-636-633,"SIGITE Conference - Interdisciplinary minor in digital forensics, security and law",,2005,conference proceedings article,Proceedings of the 6th conference on Information technology education  - SIGITE '05,,ACM Press,,Glenn S. Dardick; Linda K. Lau,"Digital forensics is playing a more prominent role in law enforcement, network security, and information assurance. The field of study encompasses not just digital evidence, but also the areas of cyber law, sociology, and security to name a few. Its increasing importance is reflected in its growing role within crime investigations, civil cases and homeland security.An in-depth understanding of digital forensics will be needed by college students who will be entering the various fields within technology, business, criminal justice, law, and homeland security. Currently, many professionals in those fields are not well-prepared to understand the use and management of digital evidence - or the use of digital forensics in determining the causes of security breaches, or the avoidance of security breaches altogether.Today, many professionals are working with others from different fields - lawyers are working with IT managers, members of law enforcement are working with forensics engineers. Well, at least they are trying. Unless properly prepared, many of these professionals will not be able to communicate and work effectively with each other. Those communications will continue in their frequency and importance. The demand for forensics and investigative work by knowledgeable professionals will continue to exceed the supply available for the foreseeable future.While some topics or courses in forensics and security will be needed in a variety of majors such as criminal justice and computer science, an enhanced level of study should be provided for those wishing to have a more solid foundation in digital forensics, security and law. By having students from different disciplines participate together in a minor in digital forensics, security and law, we hope to provide a richer learning environment.The curriculum discussed contains core courses in digital forensics, security and law as well as a capstone course. The curriculum also contains individual tracks in several areas for more in-depth study outside the students chosen major. The core courses within the minor cover digital evidence and its relationship to forensics, security and the law. Many areas of law are covered within the curriculum because of the ubiquitous use of computers and the importance of such acts as Graham-Leach-Bliley Act (GLBA) of 1999, Electronic Communications Privacy Act of 1986 (ECPA), Sarbanes-Oxley (SOX), Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the USA PATRIOT Act.This article describes the background and the process of developing a minor in digital forensics, security and law to better prepare those students majoring in criminal justice, information technology and computer science. This article also presents information on extending the minor to students majoring in accounting, pre-law and public administration.",,,371,371,Sociology; Law; Law enforcement; Information assurance; Electronic Communications Privacy Act; Digital evidence; Homeland security; Engineering ethics; Computer forensics; Legal aspects of computing; Digital forensics,,,,,http://portal.acm.org/citation.cfm?doid=1095714.1095797 https://dl.acm.org/doi/10.1145/1095714.1095797 https://dblp.uni-trier.de/db/conf/sigite/sigite2005.html#DardickL05,http://dx.doi.org/10.1145/1095714.1095797,,10.1145/1095714.1095797,1999906952,,0,,3,false,,
036-725-291-998-768,Lessons learned managing a 60TB digital evidence corpus and writing digital forensics tools,2013-06-17,2013,,,,,,Simson L. Garfinkel,,,,,,Engineering; World Wide Web; Digital evidence; Multimedia; Digital forensics,,,,,https://calhoun.nps.edu/bitstream/10945/44322/4/Garfinkel_2013-12-16_Lessons_UMD.pdf http://calhoun.nps.edu/handle/10945/44322,https://calhoun.nps.edu/bitstream/10945/44322/4/Garfinkel_2013-12-16_Lessons_UMD.pdf,,,978018405,,0,,0,false,,
036-788-914-675-235,Digital Evidence and Forensic Analysis,2011-08-09,2011,book chapter,The Law of Cybercrimes and Their Investigations,,Routledge,,George Curtis,,,,342,365,Forensic science; Data science; Digital evidence; Computer science,,,,,https://www.taylorfrancis.com/chapters/digital-evidence-forensic-analysis-george-curtis/10.1201/b13651-16,http://dx.doi.org/10.1201/b13651-16,,10.1201/b13651-16,3112175837,,0,,0,false,,
036-805-194-565-354,Challenges to Digital Forensic Evidence in the Cloud,,,book chapter,Cybercrime and Cloud Forensics,,IGI Global,,Fred Cohen,"<jats:p>Digital forensic evidence is subject to a variety of challenges, and these challenges apply in the Cloud as anywhere else. This chapter is an overview of these issues specifically oriented toward the Cloud Computing environments of today.</jats:p>",,,59,78,Computer security; Computer science; Cloud computing; Digital forensics,,,,,https://www.igi-global.com/chapter/challenges-digital-forensic-evidence-cloud/73958,http://dx.doi.org/10.4018/978-1-4666-2662-1.ch003,,10.4018/978-1-4666-2662-1.ch003,2483237771,,0,045-693-341-460-61X; 106-885-306-836-498; 190-872-133-741-434,6,false,,
037-564-477-456-512,雲端服務模式數位證據之識別、蒐集、擷取、保全及驗證程序,,2016,,,,,,null 陳受湛; null 鄧思源; null 萬幼筠; null 陳威棋,"The method of the data storage and user control in cloud environment are significantly different than traditional digital forensic methods. Digital evidence in the cloud environment will be unable to fully identify and collected if digital forensic personal follows the traditional process. This article contains related researches and regulations from different nation. Furthermore, collects the digital evidence with the implementation of the cloud service through virtual environment, and provide the digital forensic process suitable for all types of cloud services.",22,1,28,48,Engineering; World Wide Web; Virtual machine; Digital forensic process; User control; Digital evidence; Service (systems architecture); Computer forensics; Cloud computing; Digital forensics,,,,,https://www.airitilibrary.com/Publication/alDetailedMesh?DocID=a0000270-201601-201602180014-201602180014-28-48,https://www.airitilibrary.com/Publication/alDetailedMesh?DocID=a0000270-201601-201602180014-201602180014-28-48,,,2338361156,,0,,0,false,,
037-995-282-226-500,Research and Implementation of Digital Forensic System in Web,,2008,journal article,Journal of Hebei University,,,,Zhang Hong-yi,"Digital Forensic has become hot spot of information and the judicial domain by analyzing the current information security.A digital forensics system for Web is highly effective developed based on analyzing the Web attacks,by Comprehensive utilization intrusion detecting technology based on host and network. This system unceasingly monitors and analyzes visiting situation for Web Server of the network by forensic agent.When the Web Server's intruder is found,on the base of protecting security of Web Server,the system confirms whether crime has happened,and then captures and analyzes the intruding evidence information,protects the integrity of them,finally,produces the intruding crime evidence by evidence fusion.",,,,,Web server; Engineering; Protocol analysis; World Wide Web; Intrusion; Hot spot (computer programming); Computer security; Web application security; Digital forensics,,,,,http://en.cnki.com.cn/Article_en/CJFDTotal-HBDD200803026.htm,http://en.cnki.com.cn/Article_en/CJFDTotal-HBDD200803026.htm,,,2362130117,,0,,0,false,,
038-066-239-094-338,The Urgency of Establishing Guidelines for Handling Cybercrime Cases in the Indonesian National Police Department,2022-10-04,2022,journal article,KnE Social Sciences,2518668x,Knowledge E DMCC,,Isdian Anggraeny; Cindy Monique; Yohana Puspitasari Wardoyo; Aprilia Bhirini Slamet,"<jats:p>The Urgency of Establishing Guidelines for Handling Cybercrime Cases in the Indonesian National Police DepartmentTechnological development has a strong influence on the development of criminals. In the past, crimes were carried out in conventional ways and tools, but now crimes are carried out in modern ways. Cybercrime is a borderless crime and requires special treatment when collecting digital evidence. Evidence in cyber crime allows criminals to hide or remove their tracks. Until now, Indonesian National Police (POLRI) does not have any case management guidelines for storing digital evidence using digital forensic methods. This research aims to determine what steps investigators take in obtaining digital evidence, whether these steps have been effective in law enforcement, or whether they are still unclear. The method in this writing is normative legal research based on a statute approach and a conceptual approach. The author offers to establish guidelines for handling cyber crime cases in the Indonesian National Police by relying on digital forensic methods by strengthening and choosing the right tools for handling cases.&#x0D;; Keywords: cybercrime, digital evidence, digital forensic</jats:p>",,,,,Cybercrime; Indonesian; Digital forensics; Law enforcement; Digital evidence; Normative; Statute; Political science; Computer security; Criminology; Law; Engineering; Computer science; Psychology; The Internet; World Wide Web; Philosophy; Linguistics,,,,,,http://dx.doi.org/10.18502/kss.v7i15.12107,,10.18502/kss.v7i15.12107,,,0,,0,false,,
038-149-979-394-786,Digital Forensic Investigation Development Model,,2013,conference proceedings article,2013 5th International Conference on Computational Intelligence and Communication Networks,,IEEE,,Ankur K Shrivastava; Nitisha Payal; Archit Rastogi; Amod Tiwari,"The arena of computer forensics investigation is a relatively new field of study. Many of the methods used in digital forensics have not been formally outlined. Digital Forensics is looked as part of art and part of science. This paper discussed breaking down the digital forensic investigation and their progression into an investigation development model so that an examiner can easily grip the problem and challenges during preparing and processing investigations. After going through various system and case analyses key issues, resulting in the documentation of role of computer examiner to gather evidence from a suspect computer terminal and determine whether the suspect committed a crime or violated a organization policies. As an outcome Digital forensic investigation development model (DFIDM) is introduced as a tailored approach for computer examiner or investigators for gathering and preserving the necessary digital evidence from different computer terminals or resources.",,,532,535,World Wide Web; Computer terminal; Computational criminology; Suspect; Digital evidence; Field (computer science); Computer science; Computer forensics; Documentation; Digital forensics,,,,,https://ieeexplore.ieee.org/document/6658051/ http://ieeexplore.ieee.org/document/6658051/,http://dx.doi.org/10.1109/cicn.2013.115,,10.1109/cicn.2013.115,2058085704,,0,,4,false,,
038-208-479-675-255,Case study: AOL instant messenger trace evidence,,2006,journal article,Digital Investigation,17422876,Elsevier BV,Netherlands,Jessica Reust,,3,4,238,243,World Wide Web; Trace evidence; Instant messenger; Computer science; Digital forensics,,,,,http://www.sciencedirect.com/science/article/pii/S1742287606001307 https://dx.doi.org/10.1016/j.diin.2006.10.009 https://dblp.uni-trier.de/db/journals/di/di3.html#Reust06 https://www.sciencedirect.com/science/article/pii/S1742287606001307 https://doi.org/10.1016/j.diin.2006.10.009 http://dx.doi.org/10.1016/j.diin.2006.10.009,http://dx.doi.org/10.1016/j.diin.2006.10.009,,10.1016/j.diin.2006.10.009,1998756461,,0,,20,false,,
038-533-189-153-255,IFIP Int. Conf. Digital Forensics - USING YIN’S APPROACH TO CASE STUDIES AS A PARADIGM FOR CONDUCTING EXAMINATIONS,2015-11-20,2015,book chapter,IFIP Advances in Information and Communication Technology,18684238; 1868422x,Springer International Publishing,Germany,Oluwasayo Oyelami; Martin S. Olivier,"At the heart of any forensic science discipline is the need to ensure that a method applied in the discipline is based on a factual foundation or valid scientific method. In digital forensics, the aim of an examination is to make consistent inferences about events with high certainty. The highest state of inference is a determination of causality. Two scientific methods that can be applied in digital forensic examinations to determine causality are experimentation and case studies. Experimentation has been used in a range of scientific studies, but there are situations where it is not always possible to conduct experiments. In these cases, the only option is to carry out case studies. A case study approach is not widely used in the natural sciences, but it has been accepted as a valid method that can produce insightful results in digital forensic examinations. This chapter focuses on conducting digital evidence examinations using Yin’s approach to case studies as a paradigm. The goal is to show that Yin’s case study approach can be applied suitably and that it is useful in digital forensic settings.",,,45,59,Causality; Data science; Inference; Foundation (evidence); Digital evidence; Computer science; Operations research; State (computer science); Scientific method; Certainty; Digital forensics,,,,,http://dx.doi.org/10.1007/978-3-319-24123-4_3 https://doi.org/10.1007/978-3-319-24123-4_3 https://dblp.uni-trier.de/db/conf/ifip11-9/df2015.html#OyelamiO15 https://hal.inria.fr/hal-01449070 https://hal.archives-ouvertes.fr/hal-01449070v1 https://rd.springer.com/chapter/10.1007/978-3-319-24123-4_3 https://hal.inria.fr/hal-01449070/document https://link.springer.com/chapter/10.1007/978-3-319-24123-4_3 https://dx.doi.org/10.1007/978-3-319-24123-4_3,http://dx.doi.org/10.1007/978-3-319-24123-4_3,,10.1007/978-3-319-24123-4_3,2284685011,,0,052-150-782-856-655; 070-915-018-547-43X,6,true,cc-by,green
038-668-970-194-854,An Examination of Digital Forensic Models,,2002,journal article,International Journal of Digital Evidence,,,,Mark Reith; Clint Carr; Gregg H. Gunsch,"Law enforcement is in a perpetual race with criminals in the application of digital technologies, and requires the development of tools to systematically search digital devices for pertinent evidence. Another part of this race, and perhaps more crucial, is the development of a methodology in digital forensics that encompasses the forensic analysis of all genres of digital crime scene investigations. This paper explores the development of the digital forensics process, compares and contrasts four particular forensic methodologies, and finally proposes an",1,,,,Crime scene; Data science; Digital forensic process; Law enforcement; Digital forensic investigation; Computer security; Computer science; Process (engineering); Computer forensics; Digital forensics,,,,,https://dblp.uni-trier.de/db/journals/ijde/ijde1.html#ReithCG02 https://www.utica.edu/academic/institutes/ecii/publications/articles/A04A40DC-A6F6-F2C1-98F94F16AF57232D.pdf https://www.just.edu.jo/~tawalbeh/nyit/incs712/digital_forensic.pdf,https://dblp.uni-trier.de/db/journals/ijde/ijde1.html#ReithCG02,,,24678375,,0,062-788-502-964-113,376,false,,
038-849-198-230-073,"Fusing business, science and law : presenting digital evidence in court",2009-01-01,2009,journal article,Journal of Contemporary Management,18157440,,,Marthie Grobler; S.H. Von Solms,"With the explosion of digital crime, science becomes more frequently applied in court. Criminals are exploiting the same technological advances that have helped Law Enforcement to progress; these exploits are often at the expense of businesses. The purpose of the article is to make business managers aware of the intricate relationship between business, science and the law. ; Businesses are regularly the target of digital crime and should be proactive in their forensic readiness. Scientists often present the evidence themselves, and need to be comfortable explaining technical principles to non-technical individuals. The legal system need to fairly arbitrate crime and presented evidence, integrating both business and scientific principles to ensure a fair ruling. It is necessary to bridge the gap between these disciplines to ensure the successful presentation of digital evidence in court. ; Digital Forensics is a contemporary management issue that should be embraced as vantage point within the business world. It is not only IT specialists that can be called to testify on digital incidents in a court of law, but any manager or senior employee and these individuals should be adequately prepared for this. Business, science and law should therefore find a compromise to ensure that the presentation of digital evidence in court benefits all the disciplines involved.",6,1,375,389,Economics; Exploit; Bridge (nautical); Law; Presentation; Law enforcement; Digital evidence; Vantage point; Public relations; Compromise; Digital forensics,,,,,http://reference.sabinet.co.za/proxy/DocumentView/aHR0cDovL3JlZmVyZW5jZS5zYWJpbmV0LmNvLnphL2RvY3VtZW50L0VKQzUxMDQz/a%3A1%3A%7Bs%3A6%3A%22source%22%3Bs%3A6%3A%22browse%22%3B%7D https://journals.co.za/content/jcman/6/1/EJC51043,http://reference.sabinet.co.za/proxy/DocumentView/aHR0cDovL3JlZmVyZW5jZS5zYWJpbmV0LmNvLnphL2RvY3VtZW50L0VKQzUxMDQz/a%3A1%3A%7Bs%3A6%3A%22source%22%3Bs%3A6%3A%22browse%22%3B%7D,,,428434950,,0,,2,false,,
039-179-703-998-793,Digital Forensics Evidence Acquisition and Chain of Custody in Cloud Computing,,2015,,,,,,Mahmoud Nasreldin; Magdy El-Hennawy; Heba K. Aslan; Adel El-Hennawy,"The new cloud computing concept delivers an adaptable service to many users. This is due to the fact that cloud computing offers an economic solution based on pay-per use idea. At the same time, digital forensics is a relatively new discipline born out due to the growing use of computing and digital solution. Digital forensics in cloud computing brings new technical and legal challenges (e.g. the remote nature of the evidence, trust required in the integrity and authenticity, and lack of physical access.) Digital forensics difficulties in cloud computing comprise acquisition of remote data, chain of custody, distributed and elastic data, big data volumes, and ownership. In the literature, there are many schemes that deal with these issues. In 2013, Hou et al. proposed a scheme to verify data authenticity and integrity in server-aided confidential forensic investigation. The authenticity and integrity are two essential requirements for the evidence admitted in court. The aim of this paper is twofold. First, to introduce a new concept for digital artifacts acquisition in cloud computing as a consolidation between digital forensic and cloud computing. This concept guarantees safe investigation to trusted digital evidence. Secondly, to analyze Hou et al.’s scheme with respect to its claimed integrity and authenticity properties. Our analysis shows that Hou et al.’s scheme does not satisfy the claimed integrity and authenticity in server-aided confidential forensics investigation. To achieve the authenticity, confidentiality and integrity of evidence in cloud, we illustrate how encryption and digital signature algorithms could be used within different designs to ensure confidentiality and chain of custody for the digital forensics process in the cloud.",,,,,Chain of custody; Digital signature; Engineering; Digital artifact; Encryption; Digital evidence; Computer security; Big data; Cloud computing; Digital forensics,,,,,https://ijcsi.org/papers/IJCSI-12-1-1-153-160.pdf,https://ijcsi.org/papers/IJCSI-12-1-1-153-160.pdf,,,2182792086,,0,003-148-232-365-149; 004-110-423-124-981; 006-526-589-708-33X; 015-868-814-003-691; 017-708-113-657-756; 017-815-064-018-299; 018-390-552-445-885; 019-698-064-288-240; 024-894-908-869-686; 035-877-258-121-493; 047-728-840-380-390; 050-513-243-638-138; 052-152-063-024-042; 055-602-900-718-397; 072-131-792-317-753; 075-030-204-753-88X; 088-318-849-093-879; 090-251-279-522-579; 093-158-141-304-133; 093-936-672-202-468; 117-605-677-394-019; 127-494-927-404-405; 134-927-490-231-285; 136-745-511-009-321; 136-947-053-479-806; 140-906-901-825-251; 142-015-049-367-673; 159-325-306-841-358; 162-110-149-751-921; 170-108-067-251-840; 170-515-127-054-40X; 188-847-827-212-602,2,false,,
039-185-326-500-312,ICDF2C - A Digital Forensic Investigation and Verification Model for Industrial Espionage,2018-12-30,2018,book chapter,"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering",18678211; 1867822x,Springer International Publishing,Germany,Jieun Dokko; Michael Shin,"This paper describes a digital forensic investigation and verification model for industrial espionage (DEIV-IE) focusing on insider data thefts at the company level. This model aims to advance the state-of practice in forensic investigation and to verify evidence sufficiency of industrial espionage cases by incorporating the crime specific features and analysis techniques of digital evidence. The model is structured with six phases: file reduction, file classification, crime feature identification, evidence mapping, evidence sufficiency verification, and documentations. In particular, we focus on characterizing crime features that have multiple aspects of commonalities in crime patterns in industrial espionage; and the evidence sufficiency verification that is a verification procedure for digital evidence sufficiency for court decision using these crime features. This model has been developed based on analysis of five industrial espionage cases and the literature review, being validated with three additional cases in terms of the effectiveness of the model.",,,128,146,Data science; Insider; Digital evidence; Verification procedure; Evidence mapping; Digital forensic investigation; Feature (machine learning); Computer science; Identification (information); Industrial espionage,,,,,https://dblp.uni-trier.de/db/conf/icdf2c/icdf2c2018.html#DokkoS18 https://scholars.ttu.edu/en/publications/a-digital-forensic-investigation-and-verification-model-for-indus-6 https://doi.org/10.1007/978-3-030-05487-8_7 https://link.springer.com/chapter/10.1007/978-3-030-05487-8_7 https://eudl.eu/pdf/10.1007/978-3-030-05487-8_7 https://eudl.eu/doi/10.1007/978-3-030-05487-8_7 https://rd.springer.com/chapter/10.1007/978-3-030-05487-8_7,http://dx.doi.org/10.1007/978-3-030-05487-8_7,,10.1007/978-3-030-05487-8_7,2908081874,,0,004-668-612-287-432; 008-598-808-594-324; 010-326-904-465-699; 018-182-926-340-45X; 019-645-930-990-548; 021-850-998-857-676; 023-709-114-205-69X; 030-351-009-711-953; 031-522-316-310-252; 051-885-225-497-160; 055-300-894-614-079; 058-631-300-195-90X; 059-609-113-377-949; 073-264-005-259-204; 075-529-701-912-32X; 078-995-601-408-182; 080-161-175-307-872; 090-169-352-123-185; 094-454-430-168-783; 121-809-008-900-278; 132-514-993-398-249; 148-698-839-036-557; 165-774-156-145-795; 184-948-841-629-735; 185-038-131-679-547; 186-220-305-057-260,3,false,,
039-238-243-413-527,IFIP Int. Conf. Digital Forensics - Isolating Instances in Cloud Forensics,,2012,book chapter,IFIP Advances in Information and Communication Technology,18684238; 18612288; 1868422x; 15715736,Springer Berlin Heidelberg,Germany,Waldo Delport; Martin S. Olivier,"The isolation of a computing environment is an integral part of a digital forensic process. Isolation helps prevent evidence contamination and possible tampering. This paper focuses on the process of isolating instances in cloud computing systems. Several conditions are specified to serve as a guide for the successful isolation of cloud instances. Also, the complications that can arise during a cloud forensic investigation are discussed.",,,187,200,Isolation (database systems); Digital forensic process; Cloud computing systems; Cloud forensics; Computer security; Computer science; Process (engineering); Cloud computing,,,,,https://hal.inria.fr/hal-01523713/document https://rd.springer.com/chapter/10.1007%2F978-3-642-33962-2_13 https://link.springer.com/content/pdf/10.1007%2F978-3-642-33962-2_13.pdf https://dblp.uni-trier.de/db/conf/ifip11-9/df2012.html#DelportO12 https://hal.archives-ouvertes.fr/hal-01523713v1 https://link.springer.com/chapter/10.1007/978-3-642-33962-2_13 http://dx.doi.org/10.1007/978-3-642-33962-2_13 https://hal.inria.fr/IFIP-AICT-383/hal-01523713,http://dx.doi.org/10.1007/978-3-642-33962-2_13,,10.1007/978-3-642-33962-2_13,2180638899,,0,013-135-828-012-125; 019-311-072-352-899; 021-391-746-549-677; 022-453-607-474-190; 031-840-576-754-304; 037-874-857-662-637; 040-155-905-622-611; 047-600-704-780-223; 052-152-063-024-042; 053-613-448-204-883; 057-695-390-763-881; 059-697-278-686-056; 073-925-766-797-600; 075-976-616-114-109; 101-642-745-156-410; 123-830-244-984-847; 127-494-927-404-405; 133-508-126-407-763; 139-052-313-432-986; 142-855-067-627-071,6,true,cc-by,green
040-012-113-608-784,Survey of Forensic and Analysis Tools based on Grouping of Digital Evidence using Metadata Functionality,2016-05-17,2016,journal article,International Journal of Computer Applications,09758887,Foundation of Computer Science,,Anubhav Kumar Vaid; Yogendra P. S. Maravi; Jitendra Singh Verma,"Computer forensics can be defined as obtaining computer storage media so that data can be used as evidence in court. Traditionally the analysis of sources of digital evidences is done by examining the artefacts and metadata of artefacts for authenticating the gathered information and sequencing them in the manner they occurred. Analyzing the information acquired by forensic investigator in traditional way is a cumbersome task but it can be overcome if all the related artefacts are grouped together on the basis of metadata information they prevails. This paper is mainly focused on metadata based association of digital evidences which can simplify the task of forensic investigator and can also help in reducing human intervention making the process automatic. The main objective of this paper is to study working principal and compare different existing forensic tools on the basis of various parameters such as capability for accessing digital evidence, sources they can examine, metadata parsing capability, and analyzing them that whether they can provide grouping of different artefacts present in same or different investigating sources on the basis of metadata they contain.",142,3,28,34,Principal (computer security); Information retrieval; Task (project management); Digital evidence; Computer science; Process (engineering); Computer forensics; Association (object-oriented programming); Metadata,,,,,https://www.ijcaonline.org/archives/volume142/number3/24878-2016909718 https://www.ijcaonline.org/archives/volume142/number3/vaid-2016-ijca-909718.pdf,http://dx.doi.org/10.5120/ijca2016909718,,10.5120/ijca2016909718,2487110025,,0,004-441-167-148-170; 009-692-861-529-254; 017-840-378-634-021; 020-944-423-224-895; 024-735-069-822-749; 032-192-641-675-455; 035-223-520-491-228; 038-668-970-194-854; 040-092-459-357-823; 042-450-851-467-680; 048-267-025-540-842; 058-409-370-512-563; 085-214-277-668-01X; 089-879-578-482-069; 133-752-203-150-119; 142-729-737-144-734; 142-884-607-464-932; 150-249-549-372-358; 156-571-272-274-491; 157-954-859-648-506; 162-864-397-044-696; 178-883-713-153-793; 184-948-841-629-735; 199-172-967-270-034,0,true,,bronze
040-446-675-235-64X,Digital forensic investigation using subject-based semantic document processing,,2016,conference proceedings article,2016 2nd International Conference on Contemporary Computing and Informatics (IC3I),,IEEE,,Shraddha S. More; Anita Chaudhari; Brinzel Rodrigues,"Digital Forensic is a branch of Forensic science that encompasses the recovery and investigation of digital devices for material mainly related to computer crime. Digital Forensic Investigation is the process of investigating digital devices for the purpose of generating digital evidence related to an incident or a crime under investigation. A proliferation in the amount of crimes and crime related data has lead to a demand in digital forensic investigation tools that helps the investigator to detect, analyze and investigate the criminal data stored on digital devices. This system introduces a subject-based semantic approach that retrieves a set of top documents that are semantically related to each other corresponding to the subject defined by the investigator.",,,312,315,Decision support system; World Wide Web; Set (abstract data type); Information retrieval; Subject (documents); Digital evidence; Computer science; Process (engineering); Computer forensics; Document processing; Digital forensics,,,,,http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=7917981 http://xplorestaging.ieee.org/ielx7/7911113/7917923/07917981.pdf?arnumber=7917981,http://dx.doi.org/10.1109/ic3i.2016.7917981,,10.1109/ic3i.2016.7917981,2610863110,,0,048-256-115-288-552; 052-814-620-196-112; 065-901-777-764-939; 080-826-345-483-814; 149-467-176-048-765,0,false,,
040-586-986-714-001,Computer Forensics: Dark Net Forensic Framework and Tools Used for Digital Evidence Detection,2022-04-17,2022,journal article,International Journal of Communication Networks and Information Security (IJCNIS),2073607x; 20760930,"Auricle Technologies, Pvt., Ltd.",Pakistan,May A. Alotaibi; Mohammed A. AlZain; Ben Soh; Mehedi Masud; Jehad Al-Amri,"<jats:p>As the development of technology increases and its use becomes increasingly more widespread, computer crimes grow. Hence, computer forensics research is becoming more crucial in developing good forensic frameworks and digital evidence detection tools to deter more cyber-attacks. In this paper, we explore the science of computer forensics, a dark web forensic framework, and digital evidence detection tools. </jats:p>",11,3,,,Digital forensics; Computer forensics; Digital evidence; Network forensics; Forensic science; Computer science; Data science; Cybercrime; Computer security; World Wide Web; The Internet; Archaeology; History,,,,,,http://dx.doi.org/10.17762/ijcnis.v11i3.4407,,10.17762/ijcnis.v11i3.4407,,,0,,0,true,,bronze
040-621-227-992-386,On Creating Digital Evidence in IP Networks With NetTrack,,2018,book chapter,Handbook of Research on Network Forensics and Analysis Techniques,19489730; 19489749,IGI Global,,Diana Berbecaru,"<jats:p>Computer forensic is the practice of collecting, analyzing, and reporting digital evidence in a way that is legally admissible in open court. Network forensics, an offset of computer forensic, is mainly concerned with the monitoring and analysis of network traffic, both local and WAN/internet, in order to identify security incidents and to investigate fraud or network misuse. In this chapter, the authors discuss challenges in creating high-speed network forensic tools and propose NetTrack, a tamper-proof device aimed to produce evidences with probative value via digital signatures for the network traffic. Since digitally signing each IP packet is not efficient, the authors used a specific technique exploiting the Merkle trees to create digital signatures for flows and multicasts and implemented it by using an optimized algorithm for Merkle tree traversal to save space and time. Through experiments, the authors show NetTrack signing is fast as it can produce digital evidence within a short time. </jats:p>",,,225,245,Digital evidence; Computer science; Multimedia,,,,,https://www.igi-global.com/chapter/on-creating-digital-evidence-in-ip-networks-with-nettrack/201613,http://dx.doi.org/10.4018/978-1-5225-4100-4.ch012,,10.4018/978-1-5225-4100-4.ch012,2790916133,,0,002-438-801-460-859; 003-689-260-772-982; 009-859-362-002-417; 011-238-744-840-803; 013-081-500-980-893; 013-974-763-694-029; 018-005-979-603-21X; 020-920-117-081-375; 021-727-629-932-059; 028-890-772-157-344; 030-051-507-075-692; 032-983-627-175-404; 035-013-555-567-776; 038-374-791-245-325; 050-312-472-274-322; 054-369-456-561-789; 054-479-217-230-170; 055-800-912-369-945; 056-640-923-678-088; 058-813-704-384-982; 061-160-101-920-005; 062-216-329-385-543; 066-314-462-224-92X; 067-533-226-899-825; 083-007-665-793-862; 083-615-770-612-938; 084-146-276-810-717; 084-335-532-048-999; 088-180-502-482-841; 091-067-154-779-342; 094-310-243-353-227; 095-109-843-213-094; 110-088-943-338-080; 110-391-966-153-152; 116-008-751-288-053; 119-257-928-407-449; 120-428-178-385-517; 123-449-928-895-236; 127-872-540-040-251; 155-172-467-850-474,1,false,,
041-059-041-666-09X,IFIP Int. Conf. Digital Forensics - The State of the Science of Digital Evidence Examination,,2011,book chapter,Advances in Digital Forensics VII,18684238; 18612288; 1868422x; 15715736,Springer Berlin Heidelberg,Germany,Fred Cohen; Julie Lowrie; Charles Preston,"This paper examines the state of the science and the level of consensus in the digital forensics community regarding digital evidence examination. The results of this study indicate that elements of science and consensus are lacking in some areas and are present in others. However, the study is small and of limited scientific value. Much more work is required to evaluate the state of the science of digital evidence examination.",,,3,21,Work (electrical); Data science; Value (mathematics); Digital evidence; State of the science; Computer science; Digital forensics,,,,,https://link.springer.com/content/pdf/10.1007%2F978-3-642-24212-0_1.pdf https://hal.inria.fr/hal-01569549 https://link.springer.com/chapter/10.1007%2F978-3-642-24212-0_1 https://hal.inria.fr/hal-01569549/document https://dblp.uni-trier.de/db/conf/ifip11-9/df2011.html#CohenLP11 https://rd.springer.com/chapter/10.1007/978-3-642-24212-0_1 http://all.net/ForensicsPapers/2011-01-30-IFIP-Accepted.pdf,http://dx.doi.org/10.1007/978-3-642-24212-0_1,,10.1007/978-3-642-24212-0_1,10903394,,0,001-829-135-644-040; 004-488-959-854-83X; 004-652-388-189-304; 028-772-101-828-269; 030-359-893-882-572; 031-422-064-027-419; 032-793-067-287-012; 035-877-529-326-686; 036-018-686-106-311; 041-049-773-563-310; 043-335-531-942-932; 047-859-979-695-194; 049-530-898-176-746; 057-528-464-249-001; 059-577-872-928-63X; 061-410-092-821-070; 077-928-143-541-253; 101-436-770-235-826; 160-160-097-559-323; 168-268-549-084-871; 168-476-681-195-292,13,true,cc-by,green
041-177-651-830-165,Digital Forensics Institute in Malaysia: The way forward,2014-01-28,2014,journal article,Digital Evidence and Electronic Signature Law Review,20548508; 17564611,School of Advanced Study,Spain,A. Arrifin; H. Jazri; Jill Slay; I. Lee,"Aswami Ariffin, Jill Slay and Husin Jazri set out the digital forensics landscape in Malaysia, analyze the problems encountered, consider its achievements to date, and proposes the formation of a Digital Forensics Institute Index words: digital forensics; digital forensics research; development of digital forensics in Malaysia",9,0,,,Set (abstract data type); Index (publishing); Computer security; Computer science; Computer forensics; Digital forensics,,,,,https://journals.sas.ac.uk/deeslr/article/view/1989 https://ir.nust.na/jspui/bitstream/10628/349/1/Slay.%20Digital%20Forensics%20Institute%20in%20Malaysia.pdf https://ir.nust.na/xmlui/handle/10628/349 https://sas-space.sas.ac.uk/5407/,http://dx.doi.org/10.14296/deeslr.v9i0.1989,,10.14296/deeslr.v9i0.1989,2013122022,,0,,1,true,cc-by-nc-nd,hybrid
041-231-462-732-579,CyberSec - User-generated digital forensic evidence in graphic design applications,,2012,book,"Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec)",,IEEE,,Enos K. Mabuto; Hein S. Venter,"Graphic design applications are often used for the editing and design of digital art. The same applications can be used for creating counterfeit documents like identity documents (IDs), driver's licenses or passports among others. However the use of any graphic design application leaves behind traces of digital information which can be used during a digital forensic investigation. Current digital forensic tools do not examine a system specifically for the creating of counterfeit documents. The paper in hand reviews the digital forensics analysis process involved in the creation of counterfeit documents by determining and corroborating the events that previously occurred. The analysis is conducted on user generated files, the actual files that can be used as potential evidence to establish file structural contents. The acquired digital forensic information is corroborated to the creation of counterfeit documents and interpreted accordingly.",,,195,200,World Wide Web; Graphic design; Graphics; Counterfeit; Digital evidence; Computer science; Digital art; Computer forensics; Digital forensics; XML,,,,,http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6246107 http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000006246107 https://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6246107 https://commons.erau.edu/cgi/viewcontent.cgi?article=1151&context=jdfsl https://commons.erau.edu/adfsl/2013/tuesday/9/ https://dblp.uni-trier.de/db/conf/cybersec/cybersec2012.html#MabutoV12,http://dx.doi.org/10.1109/cybersec.2012.6246107,,10.1109/cybersec.2012.6246107,2092671292,,0,057-248-775-735-756; 067-192-574-918-890; 076-346-829-732-533; 111-534-293-475-684; 113-406-811-671-711; 119-234-785-721-155; 120-697-354-224-33X; 148-698-839-036-557; 154-778-607-714-379; 173-348-062-884-819; 199-172-967-270-034,1,false,,
041-453-525-829-719,Digital Forensics and Data Mining,,2020,book chapter,"Advances in Digital Crime, Forensics, and Cyber Terrorism",23270381; 23270373,IGI Global,,Mohammad Suaib; Mohd. Akbar; Mohd. Shahid Husain,"<jats:p>Digital forensic experts need to identify and collect the data stored in electronic devices. Further, this acquired data has to be analyzed to produce digital evidence. Data mining techniques have been successfully implemented in various applications across the domains. Data mining techniques help us to gain insight from a large volume of data. It helps us to predict the pattern, classify the data, and other various aspects of the data based on the users' perspective. Digital forensics is a sophisticated area of research. As the information age is revolutionizing at an inconceivable speed and the information stored in digital form is growing at a rapid rate, law enforcement agencies have a heavy reliance on digital forensic techniques that can provide timely acquisition of data, zero fault data processing, and accurate interpretation of data. This chapter gives an overview of the tasks involved in cyber forensics. It also discusses the traditional approach for digital forensics and how the integration of data mining techniques can enhance the efficiency and reliability of the existing systems used for cyber forensics. </jats:p>",,,240,247,Data science; Computer science; Digital forensics,,,,,https://www.igi-global.com/chapter/digital-forensics-and-data-mining/247296,http://dx.doi.org/10.4018/978-1-7998-1558-7.ch014,,10.4018/978-1-7998-1558-7.ch014,3002998707,,0,012-749-721-964-978; 018-306-850-690-315; 019-698-064-288-240; 041-199-494-744-040; 042-092-499-860-725; 048-814-506-203-214; 068-500-962-201-128; 186-179-663-828-545,2,false,,
041-537-537-743-240,Overview of Licensing and Legal Issues for Digital Forensic Investigators,,2009,journal article,IEEE Security & Privacy Magazine,15407993; 15584046,Institute of Electrical and Electronics Engineers (IEEE),United States,G.W. Manes; E. Downing,"Digital forensic examiners face challenges outside the technical aspects of collecting, investigating, and storing digital information. Rules about admissibility and the licensing requirements for forensic professionals must also be taken into account. The use of digital data in an expanding number of US court cases and business investigations has precipitated changes in evidence handling and admissibility requirements, most notably in the 2006 changes to the Federal Rules of Civil Procedure. Knowledge of these rules and the ensuing case law is an essential component of any examiner's toolkit because improper evidence handling can lead to inadmissible evidence. The court's acceptance of such evidence is also greatly affected by the examiner's proper licensure. Unfortunately, these requirements vary by state (sometimes even by city) and are constantly changing. Therefore, digital forensic investigators must heed both the court's rules regarding evidence handling and the state's rules for licensing in order to be most effective.",7,2,45,48,Internet privacy; Forensic science; Common law; Order (exchange); Legislation; Federal Rules of Civil Procedure; Licensure; Computer security; Computer science; Certification; State (computer science); Digital forensics,,,,,https://dblp.uni-trier.de/db/journals/ieeesp/ieeesp7.html#ManesD09 https://ieeexplore.ieee.org/document/4812156/ https://www.computer.org/csdl/magazine/sp/2009/02/msp2009020045/13rRUwh80B8 http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000004812156 http://doi.ieeecomputersociety.org/10.1109/MSP.2009.46 https://www.infona.pl/resource/bwmeta1.element.ieee-art-000004812156,http://dx.doi.org/10.1109/msp.2009.46,,10.1109/msp.2009.46,1967566718,,0,,6,false,,
041-863-238-888-873,Applying a Digital forensic readiness framework: Three case studies,,2013,conference proceedings article,2013 IEEE International Conference on Technologies for Homeland Security (HST),,IEEE,,Antonis Mouhtaropoulos; Panagiotis Dimotikalis; Chang-Tsun Li,"A digital forensic investigation primarily attempts to reactively respond to an information security incident. While the predominant goal of an investigation is the maintenance of digital evidence of forensic value, little academic research has been conducted on an organization's proactive forensic capability. This capability is referred to as digital forensic readiness and aims to maximize the forensic credibility of digital evidence, while minimizing its post-incident forensic investigation. In this paper, we classify forensic investigation frameworks to expose gaps in proactive forensics research and we review three prominent information security incidents with regard to proactive forensics planning. The applicability of a proactive forensic plan into each incident is then discussed and put into context.",,,217,223,Forensic science; Context (language use); Credibility; Digital evidence; Computer security; Computer science; Information security; Computer forensics; Knowledge management; Plan (drawing); Digital forensics,,,,,http://dro.deakin.edu.au/view/DU:30123743 https://ieeexplore.ieee.org/abstract/document/6699003 http://ieeexplore.ieee.org/document/6699003/ https://researchoutput.csu.edu.au/en/publications/applying-a-digital-forensic-readiness-framework-three-case-studie http://wrap.warwick.ac.uk/id/eprint/61973 http://hdl.handle.net/10536/DRO/DU:30123743,http://dx.doi.org/10.1109/ths.2013.6699003,,10.1109/ths.2013.6699003,1964360911,,0,010-086-703-646-194; 020-944-423-224-895; 028-161-558-897-878; 031-604-145-879-389; 032-697-093-668-898; 038-668-970-194-854; 040-296-143-770-237; 047-630-600-014-492; 062-712-470-776-220; 111-090-978-711-139; 190-065-821-748-92X; 199-745-676-923-766,10,true,,green
042-721-475-914-361,SADFE - Combining Physical and Digital Evidence in Vehicle Environments,,2008,conference proceedings article,2008 Third International Workshop on Systematic Approaches to Digital Forensic Engineering,,IEEE,,Dennis K. Nilsson; Ulf E. Larson,"Traditional forensic investigations of vehicles aims at gathering physical evidence since most crimes involving vehicles are physical. However, in the near future digital crimes on vehicles will most likely surge, and therefore it will be necessary to also gather digital evidence. In this paper, we investigate the possibilities of combining physical and digital evidence in forensic investigations of vehicle crime scenes. We show that digital evidence can be used to improve the investigation of physical crimes and, respectively, that physical evidence can be used to improve the investigation of digital crimes. We also recognize that by gathering purely physical or digital evidence certain crimes cannot be solved. Finally, we show that by combining physical and digital evidence it is possible to distinguish between different types of physical and digital crime.",,,10,14,Forensic science; Fingerprint recognition; Crime scene; Digital evidence; In vehicle; Computer security; Computer science; Digital forensics,,,,,https://research.chalmers.se/en/publication/71217 http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000004545363 https://www.computer.org/csdl/pds/api/csdl/proceedings/download-article/12OmNzXnNpk/pdf https://dblp.uni-trier.de/db/conf/sadfe/sadfe2008.html#NilssonL08 https://doi.ieeecomputersociety.org/10.1109/SADFE.2008.10 https://www.computer.org/csdl/proceedings-article/sadfe/2008/3171a010/12OmNzXnNpk https://ieeexplore.ieee.org/document/4545363/,http://dx.doi.org/10.1109/sadfe.2008.10,,10.1109/sadfe.2008.10,2165239487,,1,120-610-170-036-33X; 164-237-361-721-835; 167-555-622-258-141; 178-340-395-388-923; 184-948-841-629-735,13,false,,
042-922-388-727-569,IFIP Int. Conf. Digital Forensics - Analyzing the Impact of a Virtual Machine on a Host Machine,,2009,book chapter,Advances in Digital Forensics V,18684238; 1868422x,Springer Berlin Heidelberg,Germany,Greg Dorn; Christopher Marberry; Scott Conrad; Philip Craiger,"As virtualization becomes more prevalent in the enterprise and in personal computing, there is a great need to understand the technology as well as its ramifications for recovering digital evidence. This paper focuses on trace evidence related to the installation and execution of virtual machines (VMs) on a host machine. It provides useful information regarding the types and locations of files installed by VM applications, the processes created by running VMs and the structure and identity of VMs, ancillary files and associated artifacts.",306,,69,81,Operating system; Structure (mathematical logic); Virtual finite-state machine; Virtual machine; Parallels; Identity (object-oriented programming); Digital evidence; Host machine; Computer science; Virtualization,,,,,https://commons.erau.edu/cgi/viewcontent.cgi?article=2095&context=publication https://commons.erau.edu/publication/1000/ https://rd.springer.com/chapter/10.1007/978-3-642-04155-6_5 https://works.bepress.com/john_craiger/7/ https://works.bepress.com/john_craiger/7/download/ http://ui.adsabs.harvard.edu/abs/2009adf5.conf...69D/abstract https://link.springer.com/chapter/10.1007/978-3-642-04155-6_5 https://doi.org/10.1007/978-3-642-04155-6_5,http://dx.doi.org/10.1007/978-3-642-04155-6_5,,10.1007/978-3-642-04155-6_5,1651026531,,0,,6,true,,green
043-059-429-544-825,Forensic Digital Photography: A Review,,2014,,,,,,Sushmita Senapati; N Balaji; Sumathi Mk,"Forensic digital photography is an essential technique used in forensic odontology which aids in the investigation, record purposes, crime and medico legal issues. The technological developments in modern dental photography have continued to facilitate and enhance the practice of forensic dentistry. This evolution to a contemporary photographic process is revolutionizing the way, the forensic odontologist deal with the cases involving identification, human abuse and perhaps most significantly, the bite mark cases. Evidence collection and preservation using forensic digital photography is a crucial aspect in future legal proceeding. This article summarizes the role of forensic digital photography in forensic odontology.",,,,,Forensic science; Digital photography; Forensic dentistry; Legal proceeding; Dental photography; Forensic odontology; Evidence collection; Bite mark; Engineering ethics; Medicine; Forensic engineering,,,,,,,,,2185937798,,0,000-528-548-051-109; 026-321-109-926-407; 035-578-241-599-984; 052-010-126-807-228; 053-780-887-899-021; 059-779-912-259-270; 074-527-261-659-950; 093-377-984-935-021; 105-209-738-664-116,2,false,,
043-112-794-493-421,Forensic Analysis of the Windows 7 Registry,,2010,journal article,"Journal of Digital Forensics, Security and Law",15587223,Embry-Riddle Aeronautical University/Hunt Library,,Khawla Alghafli; Andrew Jones; Thomas Martin,"The recovery of digital evidence of crimes from storage media is an increasingly time consuming process as the capacity of the storage media is in a state of constant growth. It is also a difficult and complex task for the forensic investigator to analyse all of the locations in the storage media. These two factors, when combined, may result in a delay in bringing a case to court. The concept of this paper is to start the initial forensic analysis of the storage media in locations that are most likely to contain digital evidence, the Windows Registry. Consequently, the forensic analysis process and the recovery of digital evidence may take less time than would otherwise be required. In this paper, the Registry structure of Windows 7 is discussed together with several elements of information within the Registry of Windows 7 that may be valuable to a forensic investigator. These elements were categorized into five groups which are system, application, networks, attached devices and the history lists. We have discussed the values of identified elements to a forensic investigator. Also, a tool was implemented to perform the function of extracting these elements and presents them in usable form to a forensics investigator.",5,4,5,30,World Wide Web; Data science; Windows Registry; Task (computing); USable; Digital evidence; Computer science; Process (engineering); State (computer science); Computer forensics; Function (engineering),,,,,https://commons.erau.edu/cgi/viewcontent.cgi?article=1081&context=jdfsl https://dblp.uni-trier.de/db/journals/jdfsl/jdfsl5.html#AlghafliJM10 https://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1071&context=adf https://ro.ecu.edu.au/adf/72/ https://commons.erau.edu/jdfsl/vol5/iss4/1/ https://core.ac.uk/display/41529205 https://core.ac.uk/download/41529205.pdf,http://dx.doi.org/10.15394/jdfsl.2010.1081,,10.15394/jdfsl.2010.1081,1512782868,,0,064-388-382-052-645; 141-125-834-658-119,15,true,cc-by-nc,gold
043-249-918-428-195,The Role of 'Digital Forensic Photography'- In the Indian Criminal Justice System,2021-05-15,2021,,Social Science Research Network,,,,Rakesh Mia; Vijay R. Panchal; Yukta Guglot,"Photography is one of the most critical factors in any crime scene solving cases. Crime Scene photography or forensic photography is an important role depending on the crime scene as well as its a photo in the criminal justice system as a scene of crime evidence. In the 21st century all over the world, all respective forensic science authorities used high-resolution camera, lens and modern instrumentation technology to capture crime scene occur photos. Evidence collection and preservation using digital forensic photography is a crucial aspect of a future legal proceeding. In this paper, we summarize the modern aspects of digital forensic photography in the Indian criminal justice system.",,,,,Criminal justice; Photography; Economic Justice; Visual arts; Digital photography; Crime scene; Forensic photography; Legal proceeding; Digital forensics; History,,,,,https://papers.ssrn.com/sol3/Delivery.cfm/SSRN_ID3845243_code4702265.pdf?abstractid=3845243&mirid=1 https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3845243,https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3845243,,,3200788849,,0,,0,false,,
043-658-180-859-745,Analysis of digital forensics live system acquisition methods to achieve optimal evidence preservation,,2016,conference proceedings article,SoutheastCon 2016,,IEEE,,Josh Jones; Letha H. Etzkorn,"Currently in the field of digital forensics, there are numerous books, papers and instructors that have conflicting recommendations on handling evidence preservation during the initial on-the-scene acquisition if the computer is found to be running. Many of the recommendations are based on opinion and to our knowledge there are no studies that perform a scientific analysis that provides evidence for the best way to perform runtime acquisition so as to preserve evidence and minimize data loss. In this paper we report an analysis of available storage techniques using a baseline scenario to determine which methods result in minimum loss of evidence. Thus, our research provides quantitative evidence as to the best methods a digital forensics investigator should use to preserve evidence.",,,1,6,Baseline (configuration management); Data loss; Data science; Qualitative evidence; Random access memory; Scientific analysis; Field (computer science); Computer security; Computer science; Digital forensics,,,,,http://ieeexplore.ieee.org/document/7506709/ https://ieeexplore.ieee.org/document/7506709/,http://dx.doi.org/10.1109/secon.2016.7506709,,10.1109/secon.2016.7506709,2477914202,,0,008-441-081-714-181; 033-114-732-899-81X; 063-460-864-934-103; 081-321-738-203-441; 085-138-340-371-322; 085-214-277-668-01X; 121-234-261-402-315; 122-880-373-616-302,6,false,,
043-810-977-349-13X,A Comprehensive Study of XSS Attack and the Digital Forensic Models to Gather the Evidence,2022-04-24,2022,journal article,ECS Transactions,19385862; 19386737; 21512051,The Electrochemical Society,United States,Saurabh Kumar; S.K. Pathak; Jagendra Singh,"<jats:p>Cyber Crime and fraud are growing at a rapid rate and the law practitioners require proper methodology to collect the digital evidences. When the criminals use digital platform in order to commit the crime, forensic examiners apply practical frameworks and methods to collect digital evidences. Digital forensics method involves the analysis of network traffic for detecting intrusions and investigating them. Different models have been proposed for the cyber crime investigation with the merits and demerit. This research paper explores cross-site scripting (XSS) attacks, features of the existing digital forensic investigation models and discusses some of the issues related to digital forensic research.</jats:p>",107,1,7153,7163,Digital forensics; Commit; Cross-site scripting; Computer science; Scripting language; Computer forensics; Digital evidence; Computer security; Cyber crime; Data science; Forensic science; Law enforcement; World Wide Web; Law; The Internet; Database; Political science; Web development; Web application security; Archaeology; History; Operating system,,,,,,http://dx.doi.org/10.1149/10701.7153ecst,,10.1149/10701.7153ecst,,,0,,0,false,,
043-947-795-550-171,New admissibility regime for expert evidence: the likely impact on digital forensics,,2013,journal article,International Journal of Electronic Security and Digital Forensics,1751911x; 17519128,Inderscience Publishers,United Kingdom,Oriola Sallavaci; Carlisle George,"The Law Commission in England and Wales has proposed a reform of the admissibility regime for expert evidence in criminal trials in England and Wales. The proposed reform builds on the US approach to admissibility of expert evidence, and establishes a multi-stage statutory test for admissibility to be applied by trial judges, aided by a set of guidelines. This paper focuses on the main aspects of the proposed reform with a view to discussing how they may impact on digital forensics experts giving opinion evidence in criminal trials.",5,1,67,79,Statutory law; Set (psychology); Law; Opinion evidence; Commission; Test (assessment); Criminal trial; Computer security; Computer science; Digital forensics,,,,,https://doi.org/10.1504/IJESDF.2013.054420 http://www.inderscience.com/link.php?id=54420 http://dx.doi.org/10.1504/IJESDF.2013.054420 https://www.inderscienceonline.com/doi/full/10.1504/IJESDF.2013.054420 https://www.researchgate.net/profile/Carlisle_George/publication/261844808_New_admissibility_regime_for_expert_evidence_the_likely_impact_on_digital_forensics/links/540836660cf23d9765ae878e.pdf?disableCoverPage=true https://dx.doi.org/10.1504/IJESDF.2013.054420 https://eprints.mdx.ac.uk/10488/ https://dblp.uni-trier.de/db/journals/ijesdf/ijesdf5.html#SallavaciG13,http://dx.doi.org/10.1504/ijesdf.2013.054420,,10.1504/ijesdf.2013.054420,2095615792,,0,024-695-810-060-22X; 032-521-211-251-163; 110-289-610-135-964; 139-839-459-373-025; 153-415-845-276-15X; 183-780-520-342-191,3,false,,
044-273-294-464-732,An advance to cloning detection in digital forensics investigations,,2016,conference proceedings article,2016 International Conference on Emerging Technological Trends (ICETT),,IEEE,,V. A. Binson; Neetha Mary Thomas; Sania Thoams; Abhijith Augustine; K. S. Sivakumar,"Digital images constitute a major part of data in many digital devices and become main information carriers in the digital era. In cyber-crimes the digital images are presented as court evidences. The authenticity of the digital images submitted as court evidence is a big question mark; since these pictures can been altered or modified. In this paper, an approach for Evidence Examination and Analysis in digital device forensics investigation platform is proposed. Here a method for cloning or copy-move forgery detection to be used in device forensic investigations is given. The suspected file obtained as court evidence is analyzed. Byte Frequency Analysis algorithm is used to validate the suspected file in PNG format. Fast Copy Move Forgery Detection algorithm is used for cloning detection. Finally, the detection result provides information that the digital image is altered or not.",2016,,1,5,Cloning (programming); Data mining; Portable Network Graphics; Fingerprint recognition; Information retrieval; Question mark; Thesaurus (information retrieval); Computer science; Digital image; Byte; Digital forensics,,,,,https://ieeexplore.ieee.org/document/7873743/,http://dx.doi.org/10.1109/icett.2016.7873743,,10.1109/icett.2016.7873743,2593357727,,0,001-599-061-358-509; 031-261-569-178-402; 060-651-390-606-02X; 071-332-829-444-727; 076-346-829-732-533; 161-589-884-103-104; 171-914-226-715-693,1,false,,
044-318-946-010-004,ISSA - Mobile forensics using the harmonised digital forensic investigation process,,2014,conference proceedings article,2014 Information Security for South Africa,,IEEE,,Emilio Raymond Mumba; Hein S. Venter,"Mobile technology is among the fastest developing technologies that have changed the way we live our daily lives. Over the past few years, mobile devices have become the most popular form of communication around the world. However, bundled together with the good and advanced capabilities of the mobile technology, mobile devices can also be used to perform various activities that may be of malicious intent or criminal in nature. This makes mobile devices a valuable source of digital evidence. For this reason, the technological evolution of mobile devices has raised the need to develop standardised investigation process models and procedures within the field of digital forensics. This need further supports the fact that forensic examiners and investigators face challenges when performing data acquisition in a forensically sound manner from mobile devices. This paper, therefore, aims at testing the harmonised digital forensic investigation process through a case study of a mobile forensic investigation. More specifically, an experiment was conducted that aims at testing the performance of the harmonised digital forensic investigation process (HDFIP) as stipulated in the ISO/IEC 27043 draft international standard through the extraction of potential digital evidence from mobile devices.",,,1,10,Technological evolution; Mobile device; Digital evidence; Computer security; Computer science; Process (engineering); Multimedia; Mobile technology; Mobile device forensics; Process modeling; Digital forensics,,,,,https://ieeexplore.ieee.org/document/6950491/ http://ieeexplore.ieee.org/document/6950491/ https://doi.org/10.1109/ISSA.2014.6950491,http://dx.doi.org/10.1109/issa.2014.6950491,,10.1109/issa.2014.6950491,2065088946,,3,013-008-749-693-063; 026-641-935-890-517; 039-348-351-800-580; 048-141-687-795-752; 059-259-197-397-244; 078-730-781-174-18X; 090-390-906-646-037; 101-944-590-282-271; 159-516-414-584-397; 163-227-995-393-241; 168-461-900-041-030; 180-352-675-042-601; 199-172-967-270-034; 199-745-676-923-766,18,false,,
044-596-122-844-41X,CyberSec - Process Model of Digital Forensics Readiness Scheme (DFRS) as a Recommendation of Digital Evidence Preservation,,2015,book,"2015 Fourth International Conference on Cyber Security, Cyber Warfare, and Digital Forensic (CyberSec)",,IEEE,,Ahmad Luthfi; Yudi Prayudi,"For an organization, the guarantee of the integrity of business processes in the event of an incident, which may cause paralysis of information technology infrastructure, including resources in it is a strategic necessity. Though considered difficult, at least for the organization's management are able to minimize the impact of the incident on their business processes. One of the vital assets that will be the impact of an incident is the loss or damage to the digital evidence. This study was motivated by the importance of a process model that is concise and effective in the domain of Digital Forensics Readiness (DFR), considering that several sources have published earlier DFR models that broadly has the similar four entities, namely people, process, policy, and technology. This paper produces a model of a process called Digital Forensics Readiness Schema (DFRS), which is the result of the normalization of the process model published by Caroline Crime Report by incorporating some key elements of the 10 stages to 5 stages, without reducing the quality and capability of the existing business processes.",,,117,122,Risk analysis (engineering); Information technology; Engineering; Schema (psychology); Business continuity; Digital evidence; Knowledge management; Digital forensics; Business process,,,,,https://ieeexplore.ieee.org/abstract/document/7491573,http://dx.doi.org/10.1109/cybersec.2015.31,,10.1109/cybersec.2015.31,2434507339,,0,007-394-596-774-68X; 007-820-520-191-524; 035-565-993-122-262; 045-030-101-355-768; 054-331-725-373-265; 067-950-012-629-210; 072-804-226-957-258; 074-014-335-505-388; 074-059-805-644-745; 077-514-039-587-286; 085-958-650-852-408; 154-191-465-535-558; 199-745-676-923-766,3,false,,
044-838-289-309-637,Digital Forensic Education - Social Media Data in Digital Forensics Investigations,2019-07-25,2019,book,Studies in Big Data,21976503; 21976511,Springer International Publishing,,Ashleigh Powell; Cydnee Haynes,"Evidence collected from social media presents valuable information that should not be overlooked. Evidence can be captured from social media using multiple methods including searching publicly viewable content, reviewing content metadata, soliciting and investigating interactions with other users, and utilizing legal holds. After the evidence is gathered, it can be utilized in various ways. Social media evidence can be used to create a timeline of events, show intent or conspiracy, and establish connections between persons. Digital forensics investigations can be used to collect such evidence. The evidence accumulated from social media is far-reaching and widely advantageous. However, there are many legal issues that can affect the collection and ultimate legal admissibility of this evidence. Evidence must be collected using careful, correct procedures and in a manner that ensures its integrity. The ethical implications of the collection of social media evidence also plays a role in these digital forensics investigations. These issues can present adverse circumstances for cases. Nonetheless, social media offers various avenues for the collection and use of its data as evidence within a digital forensics investigation. The advantageous and disadvantageous aspects of this use are discussed in this chapter.",,,281,303,Data science; Multiple methods; Computer science; Timeline; Social media; Digital forensics; Metadata,,,,,https://rd.springer.com/chapter/10.1007/978-3-030-23547-5_14 https://dblp.uni-trier.de/db/books/collections/ZC2020.html#PowellH20 https://link.springer.com/chapter/10.1007%2F978-3-030-23547-5_14,http://dx.doi.org/10.1007/978-3-030-23547-5_14,,10.1007/978-3-030-23547-5_14,2963134137,,0,003-504-554-245-316; 009-386-221-930-423; 013-600-425-145-995; 018-696-253-395-568; 020-405-975-217-252; 021-141-864-275-820; 023-682-868-251-118; 024-661-231-125-652; 039-209-746-505-586; 042-491-633-929-841; 049-458-877-483-882; 051-991-955-586-594; 055-535-324-298-816; 068-036-097-020-712; 071-436-508-746-368; 080-031-309-960-856; 082-172-053-796-651; 085-214-277-668-01X; 088-696-764-571-454; 097-756-989-729-994; 104-361-093-587-239; 112-068-839-902-010; 118-633-228-357-575; 149-832-831-488-752; 162-175-885-469-067; 167-109-432-601-404; 177-712-552-970-158,9,false,,
044-856-581-066-213,Evidentiary usage of e-mail forensics: real life design of a case,,2010,conference proceedings article,Proceedings of the First International Conference on Intelligent Interactive Technologies and Multimedia - IITM '10,,ACM Press,,Lokendra Kumar Tiwari; Shefalika Ghosh Samaddar; Arun Kumar Singh; C. K. Dwivedi,"Computer Forensic, the upcoming branch of forensic science where acquiring, preserving, retrieving and presenting content processed electronically and stored digitally, is used for legal evidence in computer related crimes or any other unethical practice involving manipulation of digital content. Such digital content can take many forms which are manifested by different file formats and digital artifacts.This paper concentrates on evidential usage of recovered deleted e-mail from off-line mail boxes to provide digital evidence in case of non-repudiation either by the sender or by the receiver. This is simply accomplished by using a digital forensic tool Encase 6.0 and applying a capturing mechanism to prove legitimacy of the evidence. The step-by-step procedure is able to increase the practical insight in the capturing of deleted e-mail as digital evidence of non-repudiation and able to provide an example for preparing evidentiary e-mail for presentation in the court of Law or for preparation of any legal procedure. Recovery of deleted e-mails in the form of digital evidence requires certain legal bindings which may be provided under this mechanism. This paper contributes to that extent that recovered files are ready digital evidence in the Court of Law.",,,226,230,World Wide Web; Communication source; Presentation; Digital content; Digital evidence; Legal evidence; Computer security; Computer science; Computer forensics; Digital forensics; File format,,,,,https://dl.acm.org/doi/10.1145/1963564.1963603,http://dx.doi.org/10.1145/1963564.1963603,,10.1145/1963564.1963603,2012122220,,0,088-947-485-059-830; 103-309-933-900-466,2,false,,
045-237-878-326-921,iPRES - Managing and Transforming Digital Forensics Metadata for Digital Collections.,,2013,book,,,,,Kam Woods; Alexandra Chassanoff; Christopher A. Lee,"In this paper we present ongoing work conducted as part of the BitCurator project to develop extensible strategies for transforming and incorporating digital forensics metadata into archival metadata schemas. We focus on metadata produced by open-source tools that support Digital Forensics XML (DFXML). We describe how portions of this metadata can be used when recording PREMIS events to describe activities relevant to preservation and access. We examine open issues associated with these transformations and suggest scenarios in which capturing forensic metadata can support digital curation goals by establishing clear documentation of integrity and provenance, tracking events associated with pre-ingest and post-ingest forensic processing, and providing specific evidence of authenticity.",,,,,World Wide Web; Digital asset management; Digital curation; Digital collections; Focus (computing); Computer science; Documentation; Digital forensics; XML; Metadata,,,,,http://dblp.uni-trier.de/db/conf/ipres/ipres2013.html#WoodsCL13,http://dblp.uni-trier.de/db/conf/ipres/ipres2013.html#WoodsCL13,,,2767832186,,0,002-534-435-127-422; 010-985-077-415-59X; 011-051-740-313-213; 024-216-399-693-64X; 029-537-963-034-821; 032-003-551-758-286; 033-241-817-699-448; 043-589-904-668-295; 074-028-601-448-433; 098-570-643-235-402; 134-927-490-231-285; 172-443-563-369-742,0,false,,
045-243-807-828-458,IFIP Int. Conf. Digital Forensics - Towards a Formalization of Digital Forensics,,2009,book chapter,Advances in Digital Forensics V,18684238; 1868422x,Springer Berlin Heidelberg,Germany,Jill Slay; Yi-Chi Lin; Benjamin Turnbull; Jason Beckett; Paul Lin,"While some individuals have referred to digital forensics as an art, the literature of the discipline suggests a trend toward the formalization of digital forensics as a forensic science. Questions about the quality of digital evidence and forensic soundness continue to be raised by researchers and practitioners in order to ensure the trustworthiness of digital evidence and its value to the courts. This paper reviews the development of digital forensic models, procedures and standards to lay a foundation for the discipline. It also points to new work that provides validation models through a complete mapping of the discipline.",306,,37,47,Internet privacy; Trustworthiness; Data science; Value (ethics); Quality (business); Foundation (evidence); Digital evidence; Soundness; Computer science; Computer forensics; Digital forensics,,,,,https://link.springer.com/content/pdf/10.1007%2F978-3-642-04155-6_3.pdf https://link.springer.com/chapter/10.1007/978-3-642-04155-6_3 https://rd.springer.com/chapter/10.1007/978-3-642-04155-6_3 http://ui.adsabs.harvard.edu/abs/2009adf5.conf...37S/abstract,http://dx.doi.org/10.1007/978-3-642-04155-6_3,,10.1007/978-3-642-04155-6_3,1592965724,,0,001-009-008-665-240; 005-864-457-096-322; 007-980-267-026-025; 030-355-787-595-360; 035-448-415-847-226; 038-668-970-194-854; 042-230-817-975-353; 050-230-653-557-621; 061-865-120-719-710; 063-984-859-415-066; 067-105-988-368-712; 075-128-417-091-483; 085-669-579-012-375; 093-629-817-947-592; 093-924-528-715-586; 096-095-990-199-036; 167-592-705-831-583; 199-745-676-923-766,17,true,,bronze
045-645-917-018-028,Digital forensic framework using feedback and case history keeper,,2015,conference proceedings article,"2015 International Conference on Communication, Information & Computing Technology (ICCICT)",,IEEE,,Nilakshi Jain; Dhananjay Kalbande,"Cyber crime investigation is the integration of two technologies named theoretical methodology and second practical tools. First is the theoretical digital forensic methodology that encompasses the steps to investigate the cyber crime. And second technology is the practically development of the digital forensic tool which sequentially and systematically analyze digital devices to extract the evidence to prove the crime. This paper explores the development of digital forensic framework, combine the advantages of past twenty five forensic models and generate a algorithm to create a new digital forensic model. The proposed model provides the following advantages, a standardized method for investigation, the theory of model can be directly convert into tool, a history lookup facility, cost and time minimization, applicable to any type of digital crime investigation.",,,1,6,A* search algorithm; Computational criminology; Data science; Crime investigation; Cyber crime; Computer security; Computer science; Computer forensics; Digital forensics,,,,,https://ieeexplore.ieee.org/document/7045670/,http://dx.doi.org/10.1109/iccict.2015.7045670,,10.1109/iccict.2015.7045670,1986949847,,0,004-706-447-836-905; 020-944-423-224-895; 038-668-970-194-854; 067-950-012-629-210; 111-090-978-711-139; 120-697-354-224-33X; 133-397-275-695-990; 170-299-458-679-224; 183-000-233-873-221; 183-155-928-447-559; 184-948-841-629-735; 199-745-676-923-766,16,false,,
045-836-935-354-801,Analysis and Interpretation of Data for Gathering Evidence for the Legal Constitution,,2013,,,,,,D. S. Jadhav; V. V. Patil; S. K. Patil,"Digital forensics is a branch of forensic science concerned with the use of digital information as source of evidence in investigations and legal proceedings. ""The use of scientifically derived and proven methods toward the preservation, validation, identification, analysis, interpretation, documentation and presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events found to be criminal, or helping to anticipate unauthorized actions shown to be disruptive to planned operations""(1). Computer forensics is the application of computer investigation and analysis techniques to determine potential legal evidence. Since computers are vulnerable to attack by some criminals, computer forensics is very important. Understanding computer forensic procedures will help to capture vital information which can be used to prosecute an intruder that compromises a computer or network. Also, deciding on the specific tools for computers or other equipment that is needed to correctly analyze evidence is crucial. These tools are very useful but bigger companies that handle more equipment and information might benefit from something that can combine all these tools into one application(2).",,,,,Engineering; Presentation; Constitution; Digital evidence; Computer security; Interpretation (philosophy); Computer forensics; Documentation; Identification (information); Digital forensics,,,,,,,,,2188111091,,0,009-284-801-057-774; 012-495-836-083-305; 015-475-053-818-716; 019-831-293-743-518; 140-821-103-436-654; 153-815-009-650-794,0,false,,
045-856-665-272-643,Book Review: Challenges to Digital Forensic Evidence,,2008,journal article,"Journal of Digital Forensics, Security and Law",15587223,Embry-Riddle Aeronautical University/Hunt Library,,Gary C. Kessler,"Cohen, F. (2008). Challenges to Digital Forensic Evidence. Livermore, CA: Fred Cohen & Associates. 129 pages, ISBN: 1-878109-41-3, US$39. Reviewed by Gary C. Kessler (gary.kessler@champlain.edu) This book is about evidence gleaned as the result of the digital forensics process and providing expert testimony about that evidence. I am always suspicious when someone self-proclaims themselves as an ""expert"" although all authors are doing just that, at least by inference. Readers who are familiar with the author, Fred Cohen, or his large body of published works will know that he neither proclaims his expertise quietly nor inaccurately. Indeed, Cohen is an ideal person to weigh in on the topic of suitability and malleability of information acquired from computers and about providing testimony about that information and the process with which it was found. (see PDF for full review)",3,1,57,60,Inference; Ideal (ethics); Media studies; Computer security; Computer science; Computer forensics; Digital forensics,,,,,https://dblp.uni-trier.de/db/journals/jdfsl/jdfsl3.html#Kessler08 https://commons.erau.edu/cgi/viewcontent.cgi?article=1144&context=publication https://commons.erau.edu/publication/134/ https://doaj.org/article/8d5c8fe50c554bca8efcfa37429df490 https://works.bepress.com/gary_kessler/59/ https://core.ac.uk/display/91843074 https://doi.org/10.15394/jdfsl.2008.1037,http://dx.doi.org/10.15394/jdfsl.2008.1037,,10.15394/jdfsl.2008.1037,1566244557,,0,,0,true,cc-by-nc,gold
046-187-322-871-872,Chapter 4 – Collecting Evidence,,2012,book chapter,The Basics of Digital Forensics,,Elsevier,,John Sammons,,,,45,64,Internet privacy; Digital evidence; Computer science,,,,,https://www.sciencedirect.com/science/article/pii/B9781597496612000048 http://www.sciencedirect.com/science/article/pii/B9781597496612000048,http://dx.doi.org/10.1016/b978-1-59749-661-2.00004-8,,10.1016/b978-1-59749-661-2.00004-8,3022797577,,0,,0,false,,
046-877-186-320-168,WorldCIS - Forensic investigation and analysis on digital evidence discovery through physical acquisition on smartphone,,2015,conference proceedings article,2015 World Congress on Internet Security (WorldCIS),,IEEE,,Taniza Tajuddin; Azizah Abd Manaf,"Cybercriminals are changing their strategies as users are less concerns on the smartphone and social networks security risks such as spams, that will threaten them as they are more dependent on the smartphone [1]. Thus, there's a need to perform the smartphone forensics analysis to retrieve and analysed the potentially great amounts and extremely valuable information on these devices. This paper investigates a wealth of personal and sensitive data by types of digital information as evidence and conducted forensic analysis on a popular smartphone Samsung Galaxy Note III. The standard approach applied to extract information from smartphone through physical acquisition and analysis using Cellebrite UFED. The results are presented to demonstrate the smartphone as a goldmine for investigators and as sources of digital evidence. Furthermore this research also presents the forensic tool and techniques for acquiring and examining digital evidence on this device. The evidence discovered include files, contacts, events of smartphone and social network data storage and location. The smartphone examined produced abundant user information and in total 98,127 artefacts were recovered. Performing the extraction and analysis of digital evidence over smartphone activities show the possibility of identifying potential suspects that could assist the forensic investigators in crime investigations.",,,132,138,The Internet; World Wide Web; Data extraction; User information; Digital evidence; Computer science; Mobile device forensics; Social network; Mobile telephony,,,,,https://ieeexplore.ieee.org/document/7359429/ http://ieeexplore.ieee.org/iel7/7349353/7359393/07359429.pdf?arnumber=7359429,http://dx.doi.org/10.1109/worldcis.2015.7359429,,10.1109/worldcis.2015.7359429,2288397030,,0,003-504-554-245-316; 011-609-885-661-788; 024-385-303-080-230; 048-141-687-795-752; 052-120-212-583-360; 056-955-029-329-402; 090-390-906-646-037; 091-213-859-740-328; 107-065-661-568-240; 110-890-344-207-140; 128-350-424-668-832; 139-548-139-786-277; 140-241-199-301-269; 167-109-432-601-404; 183-089-794-387-681,7,false,,
047-090-812-468-547,Effective Prosecution to Support Digital Forensic Evidence during Investigation and Court Proceedings,2018-06-07,2018,journal article,International Journal for Electronic Crime Investigation,26166003; 25223429,Lahore Garrison University,,Dr Aftab Ahmad Malik Aftab Ahmad Malik,"<jats:p>Firstly, the purpose of this work is to highlight the significance of digital evidence that exists in the form of digital data and is to be presented in court of law. Secondly, how this evidence (the digital information) can be effectively used during investigation process by the investigating agency. Thirdly, essence of keeping up continued liaison by investigating agency with the prosecutor who is to defend the prosecution side in the court. This paper deals with the offences carried out by offenders using computer, internet, digital media, other electronic devices, hacking and tracking the networks to harm the government agencies or private organizations by violating the network or database or cyber security. These offences are normally the frauds related to financial crimes category and illegal transfer of digital currency. Certain crimes of this area are classified as cyber terrorism. The procedure of collection of evidence and presentation in the court is deviant from other criminal cases. The initial digital evidence may consist of data acquisition, databases, data marts, hard disks, computer file systems and records of illegal transfer of money, This paper advocates to employ powerful prosecution in court of law to make the evidence stronger and consistent with the existing law at the investigation stage as well as in court. The focus of this paper is towards banking frauds and cyber crimes requiring forensic evidence to support the task of prosecution.</jats:p>",2,2,7,7,Digital evidence; Digital forensics; United States National Security Agency; Law; Computer forensics; Agency (philosophy); Computer security; Hacker; The Internet; Government (linguistics); Law enforcement; Criminal investigation; Computer science; Political science; Business; Internet privacy,,,,,,http://dx.doi.org/10.54692/ijeci.2018.020213,,10.54692/ijeci.2018.020213,,,0,,0,true,,bronze
047-187-524-979-335,"Digital Evidence, Computer Forensics, And Investigation",2015-12-01,2015,book chapter,Forensic Science,,CRC Press,,Jay A. Siegel; Kathy Mirakovits,,,,187,204,Digital evidence; Computer science; Multimedia; Computer forensics,,,,,https://www.taylorfrancis.com/books/9780429256783/chapters/10.1201/b16600-15 https://content.taylorfrancis.com/books/download?dac=C2016-0-95669-5&isbn=9780429256783&doi=10.1201/b16600-15&format=pdf,http://dx.doi.org/10.1201/b16600-15,,10.1201/b16600-15,3000444459,,0,,0,false,,
047-325-648-776-516,Applying Digital Forensics to Service Oriented Architecture,,2020,journal article,International Journal of Web Services Research,15457362; 15465004,IGI Global,United States,Aymen Akremi; Hassen Sallay; Mohsen Rouached; Rafik Bouaziz,"<jats:p>Digital forensics is an emerging research field involving critical technologies for obtaining evidence in digital crime investigations. Several methodologies, tools, and techniques have been developed to deal with the acquisition, preservation, examination, analysis, and presentation of digital evidence from different sources. However, new emerging infrastructures such as service-oriented architecture has brought new serious challenges for digital forensic research to ensure that evidence will be neutral, comprehensive, and reliable in such complex environment is a challenging research task. To address this issue, the authors propose in this article a generic conceptual model for digital forensics methodologies to enable their application in a service-oriented architecture. Challenges and requirements to construct a forensically sound evidence management framework for these environments are also discussed. Finally, the authors show how digital forensics standards and recommendations can be mapped to service-oriented architecture.</jats:p>",17,1,17,42,Computer science; Multimedia; Service-oriented architecture; Digital forensics,,,,,https://www.igi-global.com/article/applying-digital-forensics-to-service-oriented-architecture/245307 https://dblp.uni-trier.de/db/journals/jwsr/jwsr17.html#AkremiSRB20,http://dx.doi.org/10.4018/ijwsr.2020010102,,10.4018/ijwsr.2020010102,2997874685,,0,000-087-695-314-553; 001-507-239-208-313; 002-588-694-636-954; 003-296-552-356-852; 005-515-442-506-880; 005-630-640-664-939; 005-997-056-658-776; 010-414-070-550-327; 010-477-959-231-417; 016-150-300-348-872; 016-196-892-326-944; 018-245-873-246-94X; 019-698-064-288-240; 020-944-423-224-895; 026-774-296-742-022; 027-158-847-348-062; 028-103-684-022-268; 028-236-232-769-781; 032-229-233-316-986; 038-600-361-842-907; 039-423-460-322-861; 041-059-041-666-09X; 041-879-975-858-398; 043-557-483-984-559; 045-653-496-451-172; 046-395-342-063-537; 047-859-979-695-194; 049-216-276-407-671; 050-795-675-445-565; 054-601-093-496-749; 057-269-936-036-693; 059-697-278-686-056; 063-274-848-736-685; 065-882-272-263-097; 071-892-155-311-13X; 075-142-959-030-889; 077-702-229-787-594; 080-911-646-702-976; 088-239-867-090-166; 088-265-355-291-06X; 089-760-389-684-915; 090-819-867-759-870; 098-748-261-333-651; 110-619-142-027-944; 111-451-688-160-800; 113-691-446-842-345; 116-418-933-702-149; 116-908-834-541-492; 127-948-386-055-225; 130-217-725-914-477; 130-678-713-954-211; 131-922-138-141-529; 132-081-686-366-385; 134-927-490-231-285; 135-106-811-076-617; 144-124-797-675-052; 148-818-207-232-713; 163-330-758-807-944; 176-493-519-358-203; 180-048-913-144-640; 183-000-233-873-221; 188-762-236-378-448; 190-065-821-748-92X,4,false,,
047-782-671-230-742,SmartCloud - A Fog-Based Digital Forensics Investigation Framework for IoT Systems,,2018,book,2018 IEEE International Conference on Smart Cloud (SmartCloud),,IEEE,,Eyhab Al-Masri; Yan Bai; Juan Li,"The increasing number of IoT devices is prompting the need to investigate digital forensic techniques that can be efficiently applied to solve computer-related crimes involving IoT devices. In digital forensics, it is common for forensic investigators to consider computing hardware and operating systems for forensic data acquisition. However, applying current forensic data acquisition techniques for further digital evidence analysis may not be applicable to some IoT devices. It is becoming increasingly challenging to determine what type of data should be collected from IoT devices and how traces from such devices can be leveraged by forensic investigators. In this paper, we introduce a fog-based IoT forensic framework (FoBI) that attempts to address the key challenges associated with digital IoT forensics. Throughout this paper, we discuss the overall architecture, use cases and implementation details of FoBI. We further use our FoBI framework to provide insights on improving the digital forensics processes involving IoT systems.",,,196,201,Architecture; Data acquisition; Key (cryptography); Data science; Software; Digital evidence; Use case; Computer science; Cloud computing; Digital forensics,,,,,https://www.computer.org/csdl/proceedings-article/smartcloud/2018/800000a196/17D45Xtvpak https://dblp.uni-trier.de/db/conf/smartcloud/smartcloud2018.html#Al-MasriBL18 https://digitalcommons.tacoma.uw.edu/tech_pub/328/,http://dx.doi.org/10.1109/smartcloud.2018.00040,,10.1109/smartcloud.2018.00040,2899470007,,0,002-288-358-355-198; 005-630-640-664-939; 009-945-925-742-082; 018-552-581-098-658; 020-059-157-930-196; 021-692-645-646-928; 026-764-618-898-849; 037-410-787-134-293; 043-386-830-253-686; 060-294-953-084-788; 060-297-357-095-687; 099-807-551-324-909; 103-573-108-570-471; 118-153-044-320-37X; 118-615-170-925-891; 123-678-549-104-43X; 128-603-018-655-844; 144-570-178-573-508; 153-370-631-977-210; 156-514-400-707-597; 162-255-141-911-414; 164-125-333-160-800; 165-770-474-971-736; 170-108-067-251-840; 178-819-508-612-35X; 194-016-717-022-461,29,false,,
047-797-229-799-874,Collecting Evidence,2020-05-20,2020,book chapter,Fundamentals of Digital Forensics,,Springer International Publishing,,Joakim Kävrestad,"Digital forensics is all about examining digital evidence, and that implies that you need to collect the evidence before it can be examined. Every action that you carry out on a computer will leave traces, and that contradicts with the facts that evidence must be handled in a way that ensures that it is not altered. This chapter discusses the key points of securing digital evidence in a forensically sound manner. Doing that ensures that the examination can be conducted in a way that does not contaminate the evidence. The concept of using a write blocker to create a forensic copy of the evidence is also introduced. The reminder of the chapter provides an in-depth discussion on live investigations, examining computers that are running. A model that can be used to plan forensically sound live investigations is presented as well as the constraints that must be taken into consideration when working with live evidence.KeywordsDisk imageDigital evidenceLive investigationLive forensics",,,69,78,Digital evidence; Computer forensics; Computer science; Digital forensics; Key (lock); Plan (archaeology); Computer security; Action (physics); Data science; Multimedia,,,,,,http://dx.doi.org/10.1007/978-3-030-38954-3_8,,10.1007/978-3-030-38954-3_8,,,0,067-489-748-584-577,0,false,,
047-939-884-728-387,Law and Judicial Application of Digital Forensic Evidence in Nigeria,,2020,journal article,"Journal of Law, Policy and Globalization",,"International Institute for Science, Technology and Education",,,"The development of information &amp; communication technology has left the Nigerian polity to the application of technology infrastructure to daily activities. In essence, disputes arising from these activities may ordinarily not be effectively settled without applying electronic evidence in proceedings before the courts. The skills and knowledge of electronic evidence require the ingenuity of forensic experts or examiners for the purpose of bridging the gap that may arise in the mind of the courts. Does the Nigerian Law accept forensic expert evidence? Is every evidence expert evidence? Are there set down conditions before the courts for forensic expert evidence to be accepted or applied to proceedings before the courts? What nature of cases requires forensic evidence? This paper  will  demonstrate how  information and communication technology has resulted in the application of digital devices by Nigerians and the nature of the impact it  has . Keywords: Digital Forensics Evidence, Forensics Examiners, Digital Forensics Experts, Law, Judicial application DOI: 10.7176/JLPG/96-08 Publication date: April 30th 202",,,,,,,,,,https://core.ac.uk/download/pdf/327151750.pdf,http://dx.doi.org/10.7176/jlpg/96-08,,10.7176/jlpg/96-08,,,0,,0,true,cc-by,hybrid
047-962-088-356-215,A bizonyítékok kezelése. Az igazságügyi informatikai szakértő a büntetőeljárásban,2014-04-30,2014,,,,,,Máté István Zsolt,"These days digital footprints of human activities can be met in everyday life. During criminal procedures these digital footprints are turned into digital evidence by forensic experts. Handling, collection, preservation and presentation of digital evidence can greatly influence the success of criminal procedures. In this paper we can see the most important requirements and methods of evidence handling as well as the challenges still present in the Hungarian practice.",14,2,29–38,29–38,Internet privacy; Psychology; Presentation; Everyday life; Digital evidence,,,,,https://folyoirat.ludovika.hu/index.php/magyrend/article/view/3981,https://folyoirat.ludovika.hu/index.php/magyrend/article/view/3981,,,3189724232,,0,,0,false,,
048-228-308-826-291,The Need for a New Data Processing Interface for Digital Forensic Examination,,2012,journal article,International Journal of Advanced Research in Artificial Intelligence,21654069; 21654050,The Science and Information Organization,,Inikpi O Ademu; Chris Imafidon,"Digital forensic science provides tools, techniques and scientifically proven methods that can be used to acquire and analyze digital evidence. There is a need for law enforcement agencies, government and private organisations to invest in the advancement and development of digital forensic technologies. Such an investment could potentially allow new forensic techniques to be developed more frequently. This research identifies techniques that can facilitates the process of digital forensic investigation, therefore allowing digital investigators to utilize less time and fewer resources. In this paper, we identify the Visual Basic Integrated Development Environment as an environment that provides set of rich features which are likely to be required for developing tools that can assist digital investigators during digital forensic investigation. Establishing a user friendly interface and identifying structures and consistent processes for digital forensic investigation has been a major component of this research.",1,4,,,World Wide Web; Interface (Java); Visual Basic; Law enforcement; Digital evidence; Computer science; Process (engineering); Component (UML); User Friendly; Digital forensics,,,,,https://thesai.org/Publications/ViewPaper?Volume=1&Issue=4&Code=IJARAI&SerialNo=2 https://thesai.org/Downloads/IJARAI/Volume1No4/Paper_2-The_Need_for_a_New_Data_Processing_Interface_for_Digital_Forensic_Examination.pdf,http://dx.doi.org/10.14569/ijarai.2012.010402,,10.14569/ijarai.2012.010402,2135235429,,0,004-872-169-627-620; 015-455-002-340-996; 019-831-293-743-518; 046-867-351-033-973; 048-576-750-040-030; 119-234-785-721-155; 153-153-144-072-106; 157-954-859-648-506; 158-262-072-312-063; 158-630-449-182-358; 168-712-754-489-980; 170-299-458-679-224,0,true,cc-by,hybrid
048-250-488-210-056,Digital Stratigraphy: Contextual Analysis of File System Traces in Forensic Science,2017-12-28,2017,journal article,Journal of forensic sciences,15564029; 00221198,Wiley-Blackwell,United States,Eoghan Casey,"This work introduces novel methods for conducting forensic analysis of file allocation traces, collectively called digital stratigraphy. These in-depth forensic analysis methods can provide insight into the origin, composition, distribution, and time frame of strata within storage media. Using case examples and empirical studies, this paper illuminates the successes, challenges, and limitations of digital stratigraphy. This study also shows how understanding file allocation methods can provide insight into concealment activities and how real-world computer usage can complicate digital stratigraphy. Furthermore, this work explains how forensic analysts have misinterpreted traces of normal file system behavior as indications of concealment activities. This work raises awareness of the value of taking the overall context into account when analyzing file system traces. This work calls for further research in this area and for forensic tools to provide necessary information for such contextual analysis, such as highlighting mass deletion, mass copying, and potential backdating.",63,5,1383,1391,Empirical research; Data science; Copying; Context (language use); Stratigraphy (archaeology); File system; Digital evidence; Computer science; Context analysis; Digital forensics,best-fit file allocation; contextual forensic analysis; digital evidence; digital forensics; digital stratigraphy; file allocation strategies; file initialization; file system analysis; file tunneling; forensic science; next-available file allocation; valid data length slack,,,,https://www.ncbi.nlm.nih.gov/pubmed/29284066 https://dialnet.unirioja.es/servlet/articulo?codigo=6583741 https://onlinelibrary.wiley.com/doi/abs/10.1111/1556-4029.13722 http://europepmc.org/abstract/MED/29284066 https://core.ac.uk/download/226984361.pdf,http://dx.doi.org/10.1111/1556-4029.13722,29284066,10.1111/1556-4029.13722,2781008863,,0,001-507-239-208-313; 010-127-508-296-844; 022-712-934-601-162; 073-194-524-558-213; 150-354-696-101-675; 165-189-591-866-290,7,true,,green
048-299-122-258-861,Digital forensics tools,,2010,,,,,,Dragan Ranđelović; Tijana Bogdanović,"Computer forensics is a scientific discipline dealing with acquiring, collecting, storing and presenting data that are electronically processed and stored on computer media. Although a relatively new discipline, it has the potential to significantly influence the specific types of investigations and prosecutions. Computer forensics is significantly different than traditional forensic disciplines. First of all, tools and techniques that this discipline demands are relatively easily available to anyone who wants to conduct forensic analysis. Contrary to traditional forensic analysis, computer investigators need to conduct testing that is not always carried out in controlled conditions. Collecting digital evidence begins when information and/or physical objects are collected or stored in anticipation of testing. The term 'evidence' implies that the person who has collected it is recognized by the Court, so as the process of collecting evidence. Data or physical objects become evidence only when they are collected by an authorized person.",15,2,25,47,Internet privacy; Engineering; Anticipation (artificial intelligence); Data science; Digital evidence; Process (engineering); Computer forensics; Digital forensics,,,,,https://scindeks.ceon.rs/article.aspx?artid=0354-88721002025R,https://scindeks.ceon.rs/article.aspx?artid=0354-88721002025R,,,2287849240,,0,027-894-338-304-227; 044-720-373-398-974; 052-667-745-563-898; 056-718-102-206-216; 068-407-888-341-037; 079-070-981-899-105; 086-252-546-955-273; 100-591-663-032-154; 101-604-510-533-229; 112-563-446-292-328; 115-547-184-477-216; 167-150-701-246-645; 170-707-612-203-751,5,false,,
048-819-173-154-452,IEEE BigData - Identification of Attack-based Digital Forensic Evidences for WAMPAC Systems,,2018,conference proceedings article,2018 IEEE International Conference on Big Data (Big Data),,IEEE,,Asif Iqbal; Farhan Mahmood; Andrii Shalaginov; Mathias Ekstedt,"Power systems domain has generally been very conservative in terms of conducting digital forensic investigations, especially so since the advent of smart grids. This lack of research due to a multitude of challenges has resulted in absence of knowledge base and resources to facilitate such an investigation. Digitalization in the form of smart grids is upon us but in case of cyber-attacks, attribution to such attacks is challenging and difficult if not impossible. In this research, we have identified digital forensic artifacts resulting from a cyber-attack on Wide Area Monitoring, Protection and Control (WAMPAC) systems, which will help an investigator attribute an attack using the identified evidences. The research also shows the usage of sandboxing for digital forensics along with hardware-in-the-loop (HIL) setup. This is first of its kind effort to identify and acquire all the digital forensic evidences for WAMPAC systems which will ultimately help in building a body of knowledge and taxonomy for power system forensics.",,,3078,3086,Smart grid; Forensic science; Domain (software engineering); Computer security; Computer science; Identification (information); Digital forensics,,,,,http://kth.diva-portal.org/smash/record.jsf?pid=diva2:1272780 https://dblp.uni-trier.de/db/conf/bigdataconf/bigdataconf2018.html#IqbalMSE18 http://www.diva-portal.org/smash/record.jsf?pid=diva2:1272780,http://dx.doi.org/10.1109/bigdata.2018.8622550,,10.1109/bigdata.2018.8622550,2906097199,,0,006-618-508-717-68X; 007-472-112-945-149; 011-972-501-599-150; 014-234-595-502-472; 016-791-279-726-938; 025-363-489-880-082; 026-743-507-037-509; 029-848-235-432-379; 052-636-829-011-191; 053-632-784-991-365; 054-042-835-304-876; 086-491-155-977-449; 088-822-335-071-720; 093-927-452-382-124,1,false,,
049-040-456-790-093,Application Information for Forensic Analysis  Considerations for Registered Host / Users / Device Name & Bearer Tokens,2022-07-15,2022,journal article,Advances in Multidisciplinary and scientific Research Journal Publication,24888699,Creative Research Publishers,,Rosemond O. Addo-Sampong,"<jats:p>As the dependence on digital information and the Internet continues to grow, it changes the way of computer crime. The number of computer crimes increases dramatically in recent years and investigators have been facing the difficulty of admissibility of digital evidence. To solve this problem, we must collect evidence by digital forensics techniques and analyze the digital data or recover the damaged data. One place to collect evidence is from application software. This paper seeks to find out how to collect, store and analyze application information for forensic purposes. This is also to determine gaps in current research works and proffer recommendations on what future works relate to application forensics.  Keywords: Digital Forensics, Evidence, Application Information, Analysis, Registered Host   BOOK Chapter ǀ Research Nexus in IT, Law, Cyber Security &amp; Forensics. Open Access. Distributed Free  Citation: Rosemond O. Addo-Sampong (2022): Application Information for Forensic Analysis  (Considerations for Registered Host / Users / Device Name &amp; Bearer Tokens) Book Chapter Series on Research Nexus in IT, Law, Cyber Security &amp; Forensics. Pp 167-172 www.isteams.net/ITlawbookchapter2022. dx.doi.org/10.22624/AIMS/CRP-BK3-P27</jats:p>",1,1,167,172,Digital evidence; Computer forensics; Digital forensics; Computer science; Nexus (standard); Host (biology); Network forensics; The Internet; Computer security; World Wide Web; Internet privacy; Data science,,,,,,http://dx.doi.org/10.22624/aims/crp-bk3-p27,,10.22624/aims/crp-bk3-p27,,,0,,0,false,,
049-049-045-343-425,Mobile Forensic Investigation of Fake News Cases on Instagram Applications with Digital Forensics Research Workshop Framework,2022-07-20,2022,journal article,International Journal of Artificial Intelligence Research,25797298,STMIK Dharma Wacana,,Imam Riadi; Herman Herman; Irhash Ainur Rafiq,"<jats:p>The number of digital crimes or cybercrimes today continues to increase every year, and lately a lot of it happens on social media like Instagram. The social behavior of today's people who communicate more through social media encourages the perpetrators of these digital crimes. Instagram is a social media that is often found content that contains elements of pornography, hoax news, hate speech, etc. This research is aimed at processing digital evidence of cases of the spread of hoax news on the Instagram application. This research follows the framework of the Digital Forensics Research Workshop (DFRWS) with six stages, namely identification, preservation, collection, examination, analysis, and presentation. The process of obtaining digital evidence is assisted by the application of Axiom Magnet and Cellebrite UFED. Digital evidence sought from the smartphone device of the suspected hoax news disseminator seized following the case scenario consists of 8 variables in the form of accounts, emails, images, videos, URLs, times, IP address, and location. The results of this research with the help of the application of Magnet Axiom digital proof obtained 87.5% and the Cellebrite UFED application of 68.75%. The results of this study show that Magnet Axiom has better performance than MOBILedit Forensics.</jats:p>",6,2,,,Hoax; Digital forensics; Social media; Digital evidence; Computer science; Internet privacy; Digital media; Presentation (obstetrics); Computer security; World Wide Web; Advertising; Business; Medicine; Alternative medicine; Pathology; Radiology,,,,,,http://dx.doi.org/10.29099/ijair.v6i2.311,,10.29099/ijair.v6i2.311,,,0,,0,true,,gold
049-348-836-027-832,Android digital forensics — Simplifying Android forensics using regular expressions,,2017,conference proceedings article,2017 Seventeenth International Conference on Advances in ICT for Emerging Regions (ICTer),,IEEE,,Neera Jeyamohan,"The advancement of technology has increased the computing power of mobile devices and at the same time keeping their size small enough to fit inside user's pocket. Therefore, digital evidence can be collected not only from computers but also from any other electronic devices which stores and process user related data. Since digital forensics community has done minimal research on mobile devices forensics, forensic investigators are struggling without a standard approach or procedure to follow during investigations. Therefore, validated frameworks that can be used to collect evidence from mobile devices are virtually not existent in current digital forensics environment. The aim of this research is to present an appropriate framework for mobile device forensics which can be used by forensic investigators during their investigation. Another important objective of the research is to identify how regular expressions can be used to simplify evidence examination and analysis in android forensics.",,,1,1,Regular expression; Electronics; Mobile device; Digital evidence; Android forensics; Computer science; Multimedia; Android (operating system); Mobile device forensics; Digital forensics,,,,,https://ieeexplore.ieee.org/document/8257836/,http://dx.doi.org/10.1109/icter.2017.8257836,,10.1109/icter.2017.8257836,2783296327,,0,,1,false,,
049-404-833-736-24X,IFIP Int. Conf. Digital Forensics - TOWARD A SCIENCE OF DIGITAL FORENSIC EVIDENCE EXAMINATION,,2010,book chapter,Advances in Digital Forensics VI,18684238; 18612288; 1868422x; 15715736,Springer Berlin Heidelberg,Germany,Fred Cohen,Digital forensic evidence examination is not a normal science at this time. This paper discusses the important issue of moving toward a science of digital forensic evidence examination. It highlights key areas in which progress has to be made in order for digital forensic evidence examination to become a normal science.,,,17,35,Normal science; Key (cryptography); Data science; Order (business); Computer security; Computer science; Computer forensics; Digital forensics,,,,,https://hal.inria.fr/hal-01060607/document https://hal.archives-ouvertes.fr/hal-01060607v1 https://rd.springer.com/chapter/10.1007/978-3-642-15506-2_2 https://link.springer.com/chapter/10.1007/978-3-642-15506-2_2 https://dblp.uni-trier.de/db/conf/ifip11-9/df2010.html#Cohen10 https://link.springer.com/content/pdf/10.1007%2F978-3-642-15506-2_2.pdf https://hal.inria.fr/hal-01060607,http://dx.doi.org/10.1007/978-3-642-15506-2_2,,10.1007/978-3-642-15506-2_2,1562128981,,0,041-049-773-563-310; 045-693-341-460-61X; 055-419-412-775-186; 101-436-770-235-826; 116-344-252-215-864; 133-508-126-407-763,23,true,cc-by,green
049-446-135-635-21X,IFIP Int. Conf. Digital Forensics - Using a Local Search Warrant to Acquire Evidence Stored Overseas via the Internet,,2010,book chapter,Advances in Digital Forensics VI,18684238; 18612288; 1868422x; 15715736,Springer Berlin Heidelberg,Germany,Kenny Wang,"This paper argues that a search warrant issued by a local court does not have the power to search and seize digital evidence stored overseas but accessible via the Internet. Based on the fact that digital evidence can be altered or erased in a very short time, two scenarios are presented to illustrate the lack of power of a local search warrant to acquire digital evidence overseas. Two solutions are presented to overcome the shortcomings of a local search warrant. These solutions can assist law enforcement agencies around the world in searching and seizing digital evidence stored overseas with speed and accuracy, and in addressing court challenges regarding the admissibility and potential illegality of this evidence.",,,37,48,The Internet; Local search (optimization); Warrant; Search warrant; Law enforcement; Digital evidence; Computer security; Computer science,,,,,https://rd.springer.com/chapter/10.1007/978-3-642-15506-2_3 https://link.springer.com/chapter/10.1007%2F978-3-642-15506-2_3 https://hal.archives-ouvertes.fr/hal-01060608v1 https://dblp.uni-trier.de/db/conf/ifip11-9/df2010.html#Wang10 https://link.springer.com/content/pdf/10.1007/978-3-642-15506-2_3.pdf https://link.springer.com/10.1007/978-3-642-15506-2_3 https://hal.inria.fr/hal-01060608 https://hal.inria.fr/hal-01060608/document,http://dx.doi.org/10.1007/978-3-642-15506-2_3,,10.1007/978-3-642-15506-2_3,1539691336,,0,023-200-149-014-525; 034-727-808-419-439; 038-654-541-086-225; 085-810-653-983-621; 100-651-605-534-422; 108-364-206-991-297; 134-709-778-635-793; 136-482-348-445-34X; 155-400-523-928-128; 167-503-984-630-073,6,true,cc-by,green
049-520-166-251-457,THE VALUE OF DIGITAL EVIDENCE IN CRIMINAL INVESTIGATIONS,2019-12-15,2019,journal article,RUDN Journal of Law,24089001; 23132337,Peoples' Friendship University of Russia,,Oleg A Ostrovsky,"Modern information systems, such as e-learning, e-voting, e-health, etc., are often used inappropriately for irregular data changes (data falsification). These facts force to review security measures and find a way to improve them. Proof of computer crime is accompanied by very complex processes that are based on the collection of digital evidence, forensic analysis and investigation. Forensic analysis of database systems is a very specific and complex task and therefore is the main source of inspiration for research. This article presents the fact that classical methods of collecting digital evidence are not suitable and effective. To improve efficiency, a combination of well-known, world-independent database technologies and their application in the field of forensic science are proposed. It also offers new directions for research in this area.",23,1,123,140,Criminal investigation; Information system; Data science; Value (ethics); Task (project management); Digital evidence; Field (computer science); Computer science; Digital forensics,,,,,http://journals.rudn.ru/law/article/viewFile/21178/16962 https://doaj.org/article/12e6011695514c28b538bf384ba2de05,http://dx.doi.org/10.22363/2313-2337-2019-23-1-123-140,,10.22363/2313-2337-2019-23-1-123-140,2949390863,,0,,0,true,cc-by-nc,gold
049-790-206-917-63X,ICCSCI - A review of collisions in cryptographic hash function used in digital forensic tools,,2017,journal article,Procedia Computer Science,18770509,Elsevier BV,,Zulfany Erlisa Rasjid; Benfano Soewito; Gunawan Witjaksono; Edi Abdurachman,"Abstract Digital forensic tool is a software used by digital evidence investigators to extract data and information from a digital evidence. The integrity of the digital evidence must be maintained through the chain of custody in order to be admissible in court. Most digital extraction tool use either MD5 (Message Digest) or SHA (Secured Hash Algorithm) hashing to check the integrity of digital evidence. The hashing algorithm has been found to have a weakness known as collision in which two different messages have the same hashing values. Although the probability of producing such weakness is very small, this collision can be used to deny the usage of the evidence in court of justice. After the first collision has been found, many cryptanalysts have tried to explore various methods to detect the collisions with shorter and efficient time. This paper is to review the existing methods in digital forensic tools that have been used to create a collision attacks in digital evidence.",116,,381,392,Universal hashing; Double hashing; MD5; Cryptography; SHA-2; Digital evidence; Computer security; Computer science; Cryptographic hash function; Digital forensics; Collision attack; Hash function,,,,,https://www.sciencedirect.com/science/article/pii/S1877050917321221 https://research.binus.ac.id/publication/0C3BD288-768F-4963-8374-E71346FC4D05/a-review-of-collisions-in-cryptographic-hash-function-used-in-digital-forensic-tools/ https://doi.org/10.1016/j.procs.2017.10.072 https://dblp.uni-trier.de/db/conf/iccsci/iccsci2017.html#RasjidSWA17 https://www.sciencedirect.com/science/article/abs/pii/S1877050917321221,http://dx.doi.org/10.1016/j.procs.2017.10.072,,10.1016/j.procs.2017.10.072,2763181344,,0,001-056-964-012-575; 008-201-575-938-30X; 009-804-357-193-353; 015-733-665-464-372; 015-960-227-197-307; 020-862-355-877-19X; 021-505-445-622-458; 023-709-114-205-69X; 030-266-326-999-894; 031-709-972-765-490; 031-735-954-434-507; 040-725-252-545-808; 049-268-882-385-534; 051-746-726-632-359; 052-468-826-034-216; 062-255-652-923-956; 070-178-280-595-552; 096-482-369-526-828; 096-617-043-154-169; 104-687-422-815-408; 136-876-652-740-628; 142-957-728-651-077; 148-689-607-754-520; 155-469-441-979-904; 157-358-555-963-098; 167-398-164-200-13X; 183-936-440-633-990,19,true,cc-by-nc-nd,gold
050-213-824-812-128,Digitalna forenzika iOS uređaja,2020-12-25,2020,journal article,Zbornik radova Fakulteta tehničkih nauka u Novom Sadu,25605925; 0350428x,Faculty of Technical Sciences,,Jelena Maravić,"This paper addresses the theme of digital forensics with an emphasis on digital forensics of iOS devices. As digital forensics implies the application of the scientific method to provide digital evidence, the paper deals with all phases that include a single digital forensic investigation and describes in detail the techniques of data extraction from iOS devices and tools that implement these techniques.",36,01,87,90,Data science; Data extraction; Digital evidence; Digital forensic investigation; Theme (computing); Computer science; Digital forensics,,,,,http://www.ftn.uns.ac.rs/ojs/index.php/zbornik/article/download/1222/1242 http://www.ftn.uns.ac.rs/ojs/index.php/zbornik/article/view/1222,http://dx.doi.org/10.24867/11be14maravic,,10.24867/11be14maravic,3120557873,,0,,0,true,,bronze
050-296-813-523-597,"Digital evidence, 'absence' of data and ambiguous patterns of reasoning",,2016,journal article,Digital Investigation,17422876,Elsevier BV,Netherlands,Alex Biedermann; Joëlle Vuille,"In this paper we discuss the use of digital data by the Swiss Federal Criminal Court in a recent case of attempted homicide. We use this case to examine drawbacks for the defense when the presentation of scientific evidence is partial, especially when the only perspective mentioned is that of the prosecution. We tackle this discussion at two distinct levels. First, we pursue an essentially non-technical presentation of the topic by drawing parallels between the court's summing up of the case and flawed patterns of reasoning commonly seen in other forensic disciplines, such as DNA and particle traces (e.g., gunshot residues). Then, we propose a formal analysis of the case, using elements of probability and graphical probability models, to justify our main claim that the partial presentation of digital evidence poses a risk to the administration of justice in that it keeps vital information from the defense. We will argue that such practice constitutes a violation of general principles of forensic interpretation as established by forensic science literature and current recommendations by forensic science interest groups (e.g., the European Network of Forensic Science Institutes). Finally, we posit that argument construction and analysis using formal methods can help replace digital evidence appropriately into context and thus support a sound evaluation of the evidence.",16,,S86,S95,Epistemology; Scientific evidence; Parallels; Presentation; Administration of justice; Context (language use); Digital evidence; Computer security; Argument; Computer science; Formal methods,,,,Swiss National Science Foundation; SNSF; ERC; Ambizione; Universities of Lausanne; Neuchâtel,https://www.sciencedirect.com/science/article/abs/pii/S1742287616300056 https://serval.unil.ch/notice/serval:BIB_71F2C58C8DB2 https://www.unil.ch/esc/files/live/sites/esc/files/Fichiers%202016/Biedermann_Vuille_2016.pdf https://www.sciencedirect.com/science/article/pii/S1742287616300056 https://serval.unil.ch/resource/serval:BIB_71F2C58C8DB2.P001/REF.pdf https://core.ac.uk/display/77170769 https://core.ac.uk/download/77170769.pdf,http://dx.doi.org/10.1016/j.diin.2016.01.011,,10.1016/j.diin.2016.01.011,2332805147,,0,004-883-297-684-711; 005-222-685-769-643; 005-715-450-998-72X; 005-877-808-547-694; 011-900-233-916-611; 013-261-137-570-74X; 014-961-689-075-177; 016-976-912-187-206; 022-896-866-582-746; 042-398-266-516-108; 061-276-154-289-08X; 062-121-021-285-333; 079-046-994-186-390; 079-152-497-703-763; 085-370-444-410-812; 087-634-902-634-071; 088-306-589-450-500; 097-942-806-126-453; 101-323-230-956-293; 116-716-614-614-171; 119-299-092-875-116; 128-597-792-698-79X; 193-424-163-457-741; 197-058-703-260-084,9,true,cc-by-nc-nd,hybrid
050-694-164-774-292,Deleting collected digital evidence by exploiting a widely adopted hardware write blocker,,2016,journal article,Digital Investigation,17422876,Elsevier BV,Netherlands,Christopher S. Meffert; Ibrahim Baggili; Frank Breitinger,"In this primary work we call for the importance of integrating security testing into the process of testing digital forensic tools. We postulate that digital forensic tools are increasing in features (such as network imaging), becoming networkable, and are being proposed as forensic cloud services. This raises the need for testing the security of these tools, especially since digital evidence integrity is of paramount importance. At the time of conducting this work, little to no published anti-forensic research had focused on attacks against the forensic tools/process. We used the TD3, a popular, validated, touch screen disk duplicator and hardware write blocker with networking capabilities and designed an attack that corrupted the integrity of the destination drive (drive with the duplicated evidence) without the user's knowledge. By also modifying and repackaging the firmware update, we illustrated that a potential adversary is capable of leveraging a phishing attack scenario in order to fake digital forensic practitioners into updating the device with a malicious operating system. The same attack scenario may also be practiced by a disgruntled insider. The results also raise the question of whether security standards should be drafted and adopted by digital forensic tool makers.",18,,S87,S96,Security testing; Digital evidence; Computer security; Computer science; Forensic disk controller; Computer forensics; Firmware; Cloud computing; Digital forensics; Computer hardware; Vulnerability (computing),,,,,https://www.sciencedirect.com/science/article/pii/S1742287616300354 https://digitalcommons.newhaven.edu/electricalcomputerengineering-facpubs/56/ https://dl.acm.org/doi/10.1016/j.diin.2016.04.004 https://core.ac.uk/display/82539065 https://www.sciencedirect.com/science/article/abs/pii/S1742287616300354 https://core.ac.uk/download/pdf/82539065.pdf,http://dx.doi.org/10.1016/j.diin.2016.04.004,,10.1016/j.diin.2016.04.004,2510465603,,0,007-206-939-862-809; 009-642-902-074-79X; 018-483-378-650-703; 021-039-461-635-181; 021-850-998-857-676; 035-853-217-426-112; 042-880-741-738-793; 047-630-600-014-492; 055-416-156-661-003; 056-590-277-527-716; 059-176-928-707-661; 078-072-950-053-679; 090-792-295-657-205; 110-494-552-257-201; 120-916-795-553-371; 123-830-244-984-847; 146-548-188-554-839; 152-474-715-580-077; 158-931-700-122-435; 159-094-605-033-945; 187-849-196-324-650; 192-810-463-153-431,6,true,cc-by-nc-nd,hybrid
050-770-204-507-562,Digital data encryption – aspects of criminal law and dilemmas in Slovenia,2014-01-31,2014,journal article,Digital Evidence and Electronic Signature Law Review,20548508; 17564611,School of Advanced Study,Spain,Miha Šepec,"Miha Sepec discusses the issues and dilemmas of digital data encryption in the criminal context in Slovenia, whilst briefly taking into consideration the legal position in the United States of America and England & Wales Index words: Slovenia; encryption; digital data; digital evidence; criminal law; data protection; self-incrimination; privilege, law enforcement agents; digital evidence specialist; forensic examiner.",10,0,,,Encryption; Political science; Law; Criminal law; Digital data; Context (language use); Privilege (computing); Law enforcement; Digital evidence; Data Protection Act 1998,,,,,https://journals.sas.ac.uk/deeslr/article/view/2035 https://sas-space.sas.ac.uk/5376/,http://dx.doi.org/10.14296/deeslr.v10i0.2035,,10.14296/deeslr.v10i0.2035,2026302346,,0,,1,true,cc-by-nc-nd,hybrid
050-811-465-374-698,Emerging trends in Digital Forensic and Cyber security- An Overview,,2019,conference proceedings article,2019 Sixth HCT Information Technology Trends (ITT),,IEEE,,Bhoopesh Kumar Sharma; Michelle Ann Joseph; Biju Jacob; Bryan Miranda,"Digital forensics is the application of forensic and scientific knowledge to retrieve information legally from any digital device such as computers and smartphones. This legally fetched information is then presented as a piece of evidence in the courtroom further. Computer forensics also refers to digital forensics. It is the fusion of domains such as network forensics, server forensics, computer forensics, internet forensics, social media forensics, memory forensics, online gaming, data/disk forensics, and VR forensics. While investigating digital crimes, different steps are involved. These include the identification, recovery, investigation, validation, and presentation of evidence. Recent research has demonstrated the immense succession of cyber threats and attacks, requiring forensic experts and forensic scientists to simplify the digital world system. Since digital forensics is straightforwardly interconnected to data recovery and data carving, this area is dealing with different technical, legal, and resource challenges. In contrast to that, malware's constant rise allows forensic sector slacking. The objective of the present study was to explore new dimensions of digital forensics such as internet forensics, social media forensics, and IoT forensics in various emerging fields. Together, all our findings allow a better understanding of digital forensics, which can be helpful in forensic investigation.",2019,,309,313,The Internet; Botnet; Memory forensics; Computer security; Computer science; Network forensics; Malware; Computer forensics; Identification (information); Digital forensics,,,,,https://jglobal.jst.go.jp/en/detail?JGLOBAL_ID=202002265304640603,http://dx.doi.org/10.1109/itt48889.2019.9075101,,10.1109/itt48889.2019.9075101,3018602826,,0,008-433-298-020-56X; 020-405-975-217-252; 025-319-861-345-580; 026-774-296-742-022; 028-290-062-141-840; 047-125-525-662-686; 047-523-999-033-009; 050-304-428-383-118; 068-520-918-599-405; 068-870-314-701-595; 074-101-720-375-853; 075-268-039-596-63X; 087-012-217-023-866; 096-091-715-269-337; 098-520-592-151-771; 121-704-965-852-836; 135-626-485-398-950; 167-109-432-601-404,3,false,,
050-878-107-374-387,Role of Cyber Security and Cyber Forensics in India,,2018,book chapter,Handbook of Research on Network Forensics and Analysis Techniques,19489730; 19489749,IGI Global,,Gulshan Shrivastava; Kavita Sharma; Manju Khari; Syeda Erfana Zohora,"<jats:p>This chapter describes cyber forensics, also known as computer forensics, which is a subdivision of digital forensic science, relating to evidence detection in computers and digital storage media. The purpose of cyber forensics is the forensically-sound investigation of digital media with the intent to: identify, preserve, recover, analyze, present facts, and opinions; concerning the digital information. Even though it is generally allied with the analysis of cyber-based crimes, computer forensics may also be used in civil proceedings. Evidence composed from cyber forensic analysis is typically subjected to similar procedures and performs as supplementary digital evidence. With these advancements, it was desired that cyber forensics be to protect users and remain citizen-centric. This chapter shows that there is additional research needed to understand the implications of cyber forensic research to improve detection of cyber crimes. </jats:p>",,,143,161,,,,,,,http://dx.doi.org/10.4018/978-1-5225-4100-4.ch009,,10.4018/978-1-5225-4100-4.ch009,,,0,007-169-482-467-12X; 033-740-867-472-387; 034-742-644-592-168; 090-251-279-522-579; 116-008-751-288-053; 149-711-351-282-957; 186-605-882-654-433,8,false,,
050-880-783-704-348,Conceptual forensic readiness framework for infrastructure as a service consumers,,2014,conference proceedings article,"2014 IEEE Conference on Systems, Process and Control (ICSPC 2014)",,IEEE,,Ahmed Nour Moussa; Norafida Ithnin; Othman A. M. Miaikil,"Cloud computing provides to the consumers basic computing resources that range from storage and computing power to sophisticated applications. When digital forensics is needed for suspected cases involving cloud computing, the provider is responsible for collecting the digital evidence. Limitations of this approach include lack of efficient incident response, and that the consumers may have a little or no choice but to accept electronic evidences made available by the cloud provider. This research investigates whether it is possible to perform consumer-side digital forensics where a consumer independently collects all digital evidences required for a suspected case from Infrastructure as a Service resources (IaaS). In particular, the research contributes to a digital forensics readiness framework that shows how digital evidence collection can be made strongly consumer-centric, so that all the electronic evidences that digital forensic investigation requires for suspected cases can be provided independently by the IaaS consumers.",,,162,167,Engineering; Digital evidence; Incident response; Digital forensics cloud computing; Cloud forensics; Digital forensic investigation; Computer security; Computer forensics; Cloud computing; Digital forensics,,,,,https://ieeexplore.ieee.org/document/7086250/,http://dx.doi.org/10.1109/spc.2014.7086250,,10.1109/spc.2014.7086250,2047210738,,0,010-086-703-646-194; 021-486-901-460-202; 026-163-378-046-984; 027-829-293-463-29X; 043-858-213-986-473; 044-927-515-004-191; 047-600-704-780-223; 048-717-973-987-99X; 050-019-822-464-159; 058-723-704-218-926; 067-726-260-424-525; 068-383-476-721-435; 075-976-616-114-109; 078-321-628-189-695; 104-249-629-797-999; 133-397-275-695-990; 137-949-073-320-590; 138-097-495-143-351; 170-108-067-251-840; 184-948-841-629-735,16,false,,
051-017-609-417-019,Graphical evidence: forensic animations and virtual reconstructions,,2009,journal article,Australian Journal of Forensic Sciences,00450618; 1834562x,Informa UK Limited,United Kingdom,Damian Schofield,"Courtroom environments, which have been one of the last bastions of the oral tradition, are slowly morphing into cinematic display environments1. The persuasive oral rhetoric of lawyers is increasingly being replaced by compelling visual media displays presenting a range of digital evidence in a convincing and credible manner2. The digital age has brought a plethora of novel evidence forms, evidence detection methods, and new means of evidence presentation. In particular, three-dimensional reconstructions of evidence offer great potential in the field of forensic science, they can potentially help in the presentation of complex scientific, spatial and temporal data to a non-technical audience3. This paper outlines the forensic process in terms of the tasks and phases involved, specifically relating to the presentation of evidence represented in a digital media form. A range of examples of where evidence has been presented in courtrooms using digital media (particularly forensic animation and virtual recon...",41,2,131,145,Human–computer interaction; Rhetoric; Digital media; Presentation; Digital evidence; Computer science; Process (engineering); Multimedia; Animation; Morphing; Oral tradition,,,,,https://www.tandfonline.com/doi/full/10.1080/00450610903007020,http://dx.doi.org/10.1080/00450610903007020,,10.1080/00450610903007020,2056728753,,0,006-147-481-193-848; 011-266-643-505-000; 011-500-992-597-292; 026-876-385-709-061; 027-681-577-683-835; 031-203-363-695-193; 034-214-667-694-280; 034-916-306-834-918; 035-006-796-654-12X; 035-504-544-309-700; 038-668-970-194-854; 046-505-599-865-150; 053-122-526-126-117; 056-511-091-557-150; 057-091-476-338-133; 059-642-431-151-966; 066-608-594-705-50X; 078-532-673-859-432; 081-457-804-979-153; 085-379-403-609-164; 091-328-635-654-041; 093-319-343-499-893; 105-722-396-170-542; 112-956-806-130-734; 114-791-371-428-899; 116-716-725-948-123; 125-462-406-091-58X; 166-111-907-375-073; 180-352-675-042-601; 189-302-060-184-031; 199-745-676-923-766,1,false,,
051-394-259-564-919,IFIP Int. Conf. Digital Forensics - Forensic Analysis of Plug Computers,,2011,book chapter,Advances in Digital Forensics VII,18684238; 18612288; 1868422x; 15715736,Springer Berlin Heidelberg,Germany,Scott Conrad; Greg Dorn; Philip Craiger,"A plug computer is essentially a cross between an embedded computer and a traditional computer, and with many of the same capabilities. However, the architecture of a plug computer makes it difficult to apply commonly used digital forensic methods. This paper describes methods for extracting and analyzing digital evidence from plug computers. Two popular plug computer models are examined, the SheevaPlug and the Pogoplug.",361,,275,287,Architecture; Spark plug; Engineering drawing; Digital evidence; Computer science; Digital forensics,,,,,https://commons.erau.edu/publication/1003/ https://link.springer.com/content/pdf/10.1007%2F978-3-642-24212-0_21.pdf https://link.springer.com/10.1007/978-3-642-24212-0_21 https://dblp.uni-trier.de/db/conf/ifip11-9/df2011.html#ConradDC11 https://rd.springer.com/chapter/10.1007/978-3-642-24212-0_21 https://link.springer.com/chapter/10.1007%2F978-3-642-24212-0_21 https://hal.inria.fr/hal-01569554/document https://works.bepress.com/john_craiger/31/ https://works.bepress.com/john_craiger/31/download/ https://hal.inria.fr/hal-01569554 https://commons.erau.edu/cgi/viewcontent.cgi?article=2099&context=publication,http://dx.doi.org/10.1007/978-3-642-24212-0_21,,10.1007/978-3-642-24212-0_21,217858512,,0,051-481-663-528-544; 074-933-143-629-826; 084-930-629-154-823; 112-271-248-774-110,0,true,cc-by-nc-nd,green
051-846-755-774-83X,An embedded bayesian network hidden markov model for digital forensics,,2006,journal article,Lecture Notes in Computer Science,03029743,,,Olivier de Vel; Nianjun Liu; Terry Caelli; Tibério S. Caetano,In the paper we combine a Bayesian Network model for encoding forensic evidence during a given time interval with a Hidden Markov Model (EBN-HMM) for tracking and predicting the degree of criminal activity as it evolves over time. The model is evaluated with 500 randomly produced digital forensic scenarios and two specific forensic cases. The experimental results indicate that the model fits well with expert classification of forensic data. Such initial results point out the potential of such Dynamical Bayesian Network methods for the analysis of digital forensic data.,,,459,465,Data mining; Forensic science; Artificial intelligence; Markov model; Hidden Markov model; Bayesian network; Computer science; Variable-order Bayesian network; Dynamic Bayesian network; Digital forensics,,,,,,,,,2612635067,,0,,11,false,,
052-052-141-922-342,"Judges' awareness, understanding, and application of digital evidence",,2011,journal article,"Journal of Digital Forensics, Security and Law",15587223,Embry-Riddle Aeronautical University/Hunt Library,,Marlyn Kemper Littman; Gary C. Kessler,"As digital evidence grows in both volume and importance in criminal and civil courts, judges need to fairly and justly evaluate the merits of the offered evidence. To do so, judges need a general understanding of the underlying technologies and applications from which digital evidence is derived. Due to the relative newness of the computer forensics field, there have been few studies on the use of digital forensic evidence and none about judges’ relationship with digital evidence.; This study addressed judges’ awareness, knowledge, and perceptions of digital evidence, using grounded theory methods. The interaction of judges with digital evidence has a social aspect that makes a study of this relationship well suited to grounded theory. This study gathered data via a written survey distributed to judges in the American Bar Association and National Judicial College, followed by interviews with judges from Massachusetts and Vermont. ; The results indicated that judges generally recognize the importance of evidence derived from digital sources, although they are not necessarily aware of all such sources. They believe that digital evidence needs to be authenticated just like any type of evidence and that it is the role of attorneys rather than of judges to mount challenges to that evidence, as appropriate. Judges are appropriately wary of digital evidence, recognizing how easy it is to alter or misinterpret such evidence. Less technically aware judges appear even more wary of digital evidence than their more knowledgeable peers.; Judges recognize that they need additional training in computer and Internet technology as the computer forensics process and digital evidence, citing a lack of availability of such training. This training would enable judges to better understand the arguments presented by lawyers, testimony offered by technical witnesses, and judicial opinions forming the basis of decisional law. A framework for such training is provided in this report.; This study is the first in the U.S. to analyze judges and digital forensics, thus opening up a new avenue of research. It is the second time that grounded theory has been employed in a digital forensics study, demonstrating the applicability of that methodology to this discipline.",6,1,55,72,Judicial opinion; Internet privacy; The Internet; Grounded theory; Perception; Digital evidence; Computer security; Computer science; Process (engineering); Computer forensics; Digital forensics,,,,,https://dblp.uni-trier.de/db/journals/jdfsl/jdfsl6.html#Kessler11 https://core.ac.uk/display/91957629 https://commons.erau.edu/cgi/viewcontent.cgi?article=1024&context=db-security-studies https://works.bepress.com/gary_kessler/26/ https://oaji.net/articles/2014/1095-1408306507.pdf https://nsuworks.nova.edu/gscis_etd/196/ https://nsuworks.nova.edu/cgi/viewcontent.cgi?article=1195&context=gscis_etd https://doaj.org/article/525394f7cdf8460cb0572125a8e3bf79 https://commons.erau.edu/jdfsl/vol6/iss1/4/,http://dx.doi.org/10.15394/jdfsl.2011.1088,,10.15394/jdfsl.2011.1088,1533580595,,0,000-226-390-590-140; 000-557-324-827-169; 001-341-383-690-418; 005-392-088-749-603; 008-568-541-949-263; 009-789-829-591-139; 012-051-066-955-690; 014-878-350-846-852; 016-004-336-259-323; 017-335-677-993-203; 018-182-926-340-45X; 020-063-485-019-66X; 020-195-870-396-757; 025-166-882-986-85X; 030-706-989-114-061; 037-102-979-151-536; 038-109-905-911-318; 040-072-998-295-707; 046-010-400-424-32X; 048-645-419-219-088; 050-513-243-638-138; 052-256-274-749-496; 052-320-348-197-350; 056-580-888-214-429; 057-276-332-934-746; 057-991-197-390-530; 059-577-872-928-63X; 068-833-488-459-388; 069-559-732-098-383; 076-346-829-732-533; 077-507-989-797-441; 078-598-867-814-365; 079-196-538-217-628; 080-619-211-902-700; 081-447-017-308-327; 081-740-389-550-950; 085-723-979-354-790; 086-183-355-286-998; 090-582-267-408-193; 092-470-623-967-183; 093-180-137-587-370; 094-295-279-676-447; 095-634-146-634-286; 097-814-827-735-18X; 098-323-575-091-372; 099-953-330-898-859; 101-725-467-004-305; 102-707-705-385-893; 104-314-308-990-999; 105-766-861-752-64X; 110-926-229-290-139; 121-951-797-869-548; 123-140-392-837-736; 124-038-348-278-602; 125-384-800-661-375; 128-055-171-308-254; 129-360-320-775-188; 140-402-089-386-286; 144-672-001-748-904; 147-160-953-972-620; 151-378-930-836-964; 151-851-021-843-818; 157-481-301-540-451; 172-227-575-775-135; 182-962-922-039-081; 191-324-551-329-724; 193-691-238-331-868; 198-033-623-455-32X; 198-428-942-821-207; 198-748-404-535-361,23,true,cc-by-nc,gold
052-120-712-854-956,Computer Forensics Lab Requirements,2019-02-26,2019,book chapter,Digital Forensics Basics,,Apress,,Nihad A. Hassan,"With the increased number of cybercrime attacks that hit both the public and the private sector, the need for computer forensics lab to capture and analyze digital evidence with high accuracy increases. You may think that computer forensics labs are limited to law enforcement agencies. However, this is not true: many corporations in the United States maintain digital forensics labs with advanced investigation capabilities that exceed those of many police labs.",,,69,91,Private sector; Cybercrime; Law enforcement; Digital evidence; Computer security; Computer science; Computer forensics; Digital forensics,,,,,https://link.springer.com/chapter/10.1007%2F978-1-4842-3838-7_3,http://dx.doi.org/10.1007/978-1-4842-3838-7_3,,10.1007/978-1-4842-3838-7_3,2917537573,,0,,1,false,,
052-265-945-620-031,Automated Artefact Relevancy Determination from Artefact Metadata and Associated Timeline Events,,2020,book,2020 International Conference on Cyber Security and Protection of Digital Services (Cyber Security),,IEEE,,Xiaoyu Du; Quan Le; Mark Scanlon,"Case-hindering, multi-year digital forensic evidence backlogs have become commonplace in law enforcement agencies throughout the world. This is due to an ever-growing number of cases requiring digital forensic investigation coupled with the growing volume of data to be processed per case. Leveraging previously processed digital forensic cases and their component artefact relevancy classifications can facilitate an opportunity for training automated artificial intelligence based evidence processing systems. These can significantly aid investigators in the discovery and prioritisation of evidence. This paper presents one approach for file artefact relevancy determination building on the growing trend towards a centralised, Digital Forensics as a Service (DFaaS) paradigm. This approach enables the use of previously encountered pertinent files to classify newly discovered files in an investigation. Trained models can aid in the detection of these files during the acquisition stage, i.e., during their upload to a DFaaS system. The technique generates a relevancy score for file similarity using each artefact's filesystem metadata and associated timeline events. The approach presented is validated against three experimental usage scenarios.",,,1,8,Volume (computing); Information retrieval; Law enforcement; Digital forensic investigation; Service (systems architecture); Computer science; Timeline; Component (UML); Upload; Digital forensics; Metadata,,,,,https://ui.adsabs.harvard.edu/abs/2020arXiv201201972D/abstract https://arxiv.org/pdf/2012.01972 https://arxiv.org/abs/2012.01972,http://dx.doi.org/10.1109/cybersecurity49315.2020.9138874,,10.1109/cybersecurity49315.2020.9138874,3107271146; 3026406599,,0,000-360-120-513-679; 001-134-660-509-890; 006-352-188-170-383; 009-885-874-541-907; 014-767-056-602-687; 015-084-347-434-584; 016-536-694-167-514; 019-831-293-743-518; 042-767-661-429-064; 047-630-600-014-492; 064-170-716-528-26X; 068-147-459-781-01X; 074-614-672-576-143; 079-273-634-331-435; 087-950-081-760-226; 089-976-242-846-070; 093-668-583-258-461; 098-669-156-394-924; 102-117-623-922-990; 102-602-192-826-532; 108-250-961-343-220; 113-801-918-269-079; 114-454-611-706-935; 119-176-550-689-418; 122-553-557-970-535; 125-939-677-745-616; 131-948-799-258-180; 132-035-477-536-504; 133-752-203-150-119; 134-927-490-231-285; 135-125-358-681-811; 137-755-137-054-864; 146-194-305-164-130; 154-517-106-328-503; 172-227-575-775-135,1,true,,green
052-268-053-298-749,Digital Forensic and Machine Learning,,2016,book chapter,"Advances in Digital Crime, Forensics, and Cyber Terrorism",23270381; 23270373,IGI Global,,Poonkodi Mariappan; B Padhmavathi; Talluri Srinivasa Teja,"<jats:p>Digital Forensic as it sounds coerce human mind primarily with exploration of crime. However in the contemporary world, digital forensic has evolved as an essential source of tools from data acquisition to legal action. Basically three stages are involved in digital forensic namely acquisition, analysis and reporting. Digital Forensic Research Workshop (DFRW) defined digital forensic as “Use of Scientifically derived and proven method towards the identification, collection, analysis, interpretation, documentation and presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of event to be criminal”. The hard problem in digital forensic is such that the acquired data need to be cleaned and is required to be intelligible for reading by human. As a solution to this complexity problem a number of tools are present which may be repeated until relevant data is obtained. </jats:p>",,,141,156,Computer science; Multimedia; Digital forensics,,,,,https://www.igi-global.com/chapter/digital-forensic-and-machine-learning/251450,http://dx.doi.org/10.4018/978-1-5225-0193-0.ch009,,10.4018/978-1-5225-0193-0.ch009,2478107549,,0,015-893-932-355-393; 017-323-449-607-720; 017-358-994-049-12X; 023-983-763-871-985; 030-351-009-711-953; 038-955-150-444-274; 041-561-245-686-942; 047-630-600-014-492; 061-611-326-265-136; 087-950-081-760-226; 099-698-112-763-870; 106-164-360-101-150,0,false,,
052-325-754-641-659,Handbook of Electronic Security and Digital Forensics - DIGITAL EVIDENCE MANIPULATION USING ANTI-FORENSIC TOOLS AND TECHNIQUES,,2010,book chapter,Handbook of Electronic Security and Digital Forensics,,WORLD SCIENTIFIC,,Hamid Jahankhani; Elidon Beqiri,,,,411,425,Forensic science; Data science; Digital evidence; Computer science,,,,,,http://dx.doi.org/10.1142/9789812837042_0021,,10.1142/9789812837042_0021,2496327037,,0,,3,false,,
052-665-546-667-396,Design and Implementation of Forensic Systems for Android Devices based on Cloud Computing,,2012,,,,,,Chung-Huang Yang; Yen-Ting Lai,"As popularity of the smart phones continues to grow, it changes the way of cyber crime. Number of cyber crime increases dramatically in recent years and investigators have been facing the difficulty of admissibility of digital evidence on smart phones. To solve this problem, we must collect evidence by digital forensics techniques and analyze the digital data, or recover the damaged data in the phones. In this paper, we describe the design and implementation results of forensics software for Android smart phones. Our design is based on guidelines from the National Institute of Standards and Technology for cell phone forensics to ensure the effectiveness of digital evidence and credibility of the evidence on judicial review. In order to minimize the alteration of original evidence source in mobile phones, cloud computing platform is used to flexibly select proper forensic software and store the forensic results.",,,,,Engineering; Software; Digital data; Digital evidence; Computer security; Computer forensics; Android (operating system); Mobile device forensics; Cloud computing; Digital forensics,,,,,http://naturalspublishing.com/files/published/3r315k3w2rxp64.pdf,http://naturalspublishing.com/files/published/3r315k3w2rxp64.pdf,,,2185640336,,0,002-495-833-326-831; 005-864-457-096-322; 014-326-501-762-141; 017-815-064-018-299; 029-159-400-662-132; 052-152-063-024-042; 065-459-442-784-779; 092-470-623-967-183; 115-434-273-826-886; 125-703-640-612-130; 130-984-395-207-741; 134-927-490-231-285; 141-445-106-549-822; 154-778-607-714-379; 191-624-512-482-739,4,false,,
052-722-033-105-281,Forensically Sound Piecewise Hashing: Integrity checks with DEIC,2020-05-01,2020,journal article,Digital Forensics (4n6) Journal,25821172,Digital Forensics (4N6),,Ashok Kumar Mohan,"<jats:p>The integrity of a digital evidence is believed to be the paramount trait in the world of cyber forensics. Cyber- crime investigators face myriad challenges in the process similar to accommodating the call for bulk digital evidence. In due course extraction of useful information while maintaining the integrity and definitive protection against data degradation is mandatory. In this manuscript, we propose a novel approach by applying cryptographic hashing technique to only selected significant portions of the digital evidence, so even if the overall hash does not match, investigators could still verify the integrity of those critical section of the evidence. We put forward two notions in this manuscript, former is Heterogeneous piecewise hashing which is flexible version of piecewise hashing strategy and latter, novel evidence certification strategy which formalizes evidence provability process completely.</jats:p>",,,63,70,Algorithm; Piecewise; Sound (geography); Computer science; Hash function,,,,,http://dx.doi.org/10.46293/4n6/2020.02.02.14,http://dx.doi.org/10.46293/4n6/2020.02.02.14,,10.46293/4n6/2020.02.02.14,3023340899,,0,,0,false,,
052-741-859-732-488,Digital evidence and computer forensics,2019-06-20,2019,book chapter,Introduction to Forensic Science and Criminalistics,,CRC Press,,Raymond J. Hsieh,"The National Institute of Justice (NIJ) defines digital evidence as information and data of value to an investigation that is stored on, received, or sent by a digital-related device or attachment. This evidence can be collected when digital-related devices or attachments are seized and secured for examination. The Scientific Working Group on Digital Evidence and the Scientific Working Group on Imaging Technology (SWGDE/SWGIT) indicate Digital Multimedia Evidence (DME) is any information of probative value that is either stored or transmitted in a digital form including, but not limited to; film, tape, magnetic and optical media, and/or the information contained therein. Computer Forensics is a fast-growing discipline and practice that blends many areas of expertise together. It includes investigation of cyber crimes, terrorism, child pornography, fraud, e-scam, network intrusion, drug/human trafficking, and traditional crimes. With the increase in e-mail phishing, scams, and fraud attempts, forensic investigators need to understand how to review and analyze the unique content of e-mail messages.",,,201,221,Internet privacy; Terrorism; Justice (ethics); Value (ethics); Child pornography; Digital evidence; Human trafficking; Computer science; Computer forensics; Phishing,,,,,https://www.taylorfrancis.com/chapters/edit/10.4324/9781315119175-9/digital-evidence-computer-forensics-raymond-hsieh,http://dx.doi.org/10.4324/9781315119175-9,,10.4324/9781315119175-9,2962575560,,0,008-215-658-916-277,0,false,,
053-024-172-486-764,디지털증거의 증거능력요건으로서 동일성과 그 확보방법,2014-03-01,2014,,,,,,null 김재봉; Jae Bong Kim,"In the age of digital revolution, so called third industrial revolution. we enjoy the convenience of digital devices such as computers, smart phones, etc. Digital technology is inseperable from our everyday life any more. The proportion of digital information from all information in the world is estimated at over 95%. With this trends, digital information plays an important role to prove criminal facts and digital evidence which is presented to the court in the criminal proceedings has increased rapidly. Therefore, digital forensic continues to increase its importance. Nowadays criminal investigaion is impossible without computer forensic or digital forensic. However, legal or institutional bases for digital evidence is not sufficient. So it is questionable whether we are ready for dealing with digital evidence in the criminal procedure. So far, most researches have been concentrated on the procedural legality of search and seizure of digital evidence. The issue of identification or integrity has been relatively less handled. Digital evidence is easy to forge, falsify, modify and delete, so it is hard to preserve the chain of custody. This is the reason why we should have interests in the integrity of digital evidence. This paper deals with the admissibility of digital evidence, inter alia, identification or integrity as the requirement of admissibility of evidence. It consists of 4 chapters. The main ideas lie in chapter 2 and chapter 3. Chapter 2 deals with the identification or integrity of digital evidence as the requirement of evidence. At first, the concept and characteristics of digital evidence are laid out and the conditions of admissibility of digital evidence are looked into. Next, the integrity as the requirement of admissibility of evidence are discussed in detail. Chapter 3 handles the methods to ensure the integrity of digital evidence. It is studied what kind of measures and process are to be taken for securing of identification or integrity of digital evidence, while law enforcement agencies such as police officers or prosecutors collect and preserve digital evidence. Subsequently, which way or process is desirable to confirm the identification. Several ways e.g. Manipulation Detection Code(MDC), Message Authentication Code(MAC), Public Key Infrastructure(PKI), and so forth have been suggested for securing the integrity of digital evidence. Each method has strengths and weaknesses. This paper proposes the combination of them. In this paper the issue of identification of digital evidence is dealt with roughly. To prove criminal facts truthfully and efficiently, the more studies on identification or integrity of digital should be made consistently.",31,1,171,195,Chain of custody; Admissible evidence; Digital Revolution; Digital evidence; Computer security; Computer science; Criminal procedure; Public key infrastructure; Identification (information); Digital forensics,,,,,http://kiss.kstudy.com/thesis/thesis-view.asp?key=3233824 https://repository.hanyang.ac.kr/handle/20.500.11754/47945,http://kiss.kstudy.com/thesis/thesis-view.asp?key=3233824,,,2990321326,,0,,0,false,,
053-097-757-406-317,Cyber Forensics Evolution and Its Goals,,2020,book chapter,"Advances in Digital Crime, Forensics, and Cyber Terrorism",23270381; 23270373,IGI Global,,Mohammad Zunnun Khan; Anshul Mishra; Mahmoodul Hasan Khan,"<jats:p>This chapter includes the evolution of cyber forensics from the 1980s to the current era. It was the era when computer forensics came into existence after a personal computer became a viable option for consumers. The formation of digital forensics is also discussed here. This chapter also includes the formation of cyber forensic investigation agencies. Cyber forensic life cycle and related phases are discussed in detail. Role of international organizations on computer evidence is discussed with the emphasize on Digital Forensic Research Workshop (DFRWS), Scientific Working Group on Digital Evidence (SWDGE), chief police officers' involvement. Authenticity-, accuracy-, and completeness-related pieces of evidence are also discussed. The most important thing that is discussed here is the cyber forensics data. </jats:p>",,,16,30,Computer security; Computer science,,,,,https://www.igi-global.com/chapter/cyber-forensics-evolution-and-its-goals/247284,http://dx.doi.org/10.4018/978-1-7998-1558-7.ch002,,10.4018/978-1-7998-1558-7.ch002,3002268218,,0,032-697-093-668-898; 035-223-520-491-228; 038-668-970-194-854; 042-230-817-975-353; 117-066-639-504-133; 170-299-458-679-224; 199-745-676-923-766,1,false,,
053-195-417-076-074,"Computer Forensics: An Essential Guide for Accountants, Lawyers, and Managers - Presenting Digital Evidence In Court",2015-10-09,2015,book chapter,Computer Forensics,,"John Wiley & Sons, Inc.",,Michael Sheetz,,,,127,144,Internet privacy; Digital evidence; History,,,,,,http://dx.doi.org/10.1002/9781119202011.ch9,,10.1002/9781119202011.ch9,2475752004,,0,,0,false,,
053-291-235-020-512,"A Survey on Digital Forensics Phases, Tools and Challenges",2020-03-18,2020,book chapter,Proceedings of the Third International Conference on Computational Intelligence and Informatics,21945357; 21945365,Springer Singapore,,Sheena Mohammmed; R. Sridevi,"The digital technologies are grown in such way that they are also leading to growth in digital crimes. The aim of digital forensics is to collect, analyze and present evidence related to digital crime and in front of court of law. There are several methods and tools in evidence collection and analysis. This paper gives a survey on digital forensic evidence collection and analysis. Recently, the cloud forensics has become very interesting area of research, as cloud computing is a collection of computer resources and services that can be easily implemented and managed, generally over the Internet. It also discusses about the challenges to be faced in evidence collection and its analysis.",,,237,248,The Internet; Data science; Front (military); Cloud forensics; Computer resources; Evidence collection; Computer science; Cloud computing; Digital forensics,,,,,https://link.springer.com/chapter/10.1007%2F978-981-15-1480-7_20,http://dx.doi.org/10.1007/978-981-15-1480-7_20,,10.1007/978-981-15-1480-7_20,3012424806,,0,021-147-670-807-902; 021-850-998-857-676; 024-462-843-796-80X; 025-319-861-345-580; 026-510-318-976-518; 032-697-093-668-898; 035-223-520-491-228; 035-403-390-260-816; 038-668-970-194-854; 047-630-600-014-492; 048-256-115-288-552; 053-415-287-546-534; 057-379-164-149-336; 067-950-012-629-210; 163-853-761-819-084; 173-034-553-635-460; 187-762-907-549-695; 199-745-676-923-766,3,false,,
053-447-315-738-012,Using Blockchain to Ensure the Integrity of Digital Forensic Evidence in an IoT Environment,2022-06-03,2022,journal article,EAI Endorsed Transactions on Creative Technologies,24099708,European Alliance for Innovation n.o.,,Muhammad Akhtar; Tao Feng,"Digital forensics deals with digital evidence. Digital forensics is the study of data detection, acquisition, processing, analysis, and reporting. Encouraging the use of digital forensics in law enforcement investigations. With digital forensics, you can find out what data was taken and how it was c",,,174089,174089,Digital evidence; Digital forensics; Network forensics; Blockchain; Computer security; Internet of Things; Law enforcement; Computer science; Computer forensics; Internet privacy; Data science,,,,,,http://dx.doi.org/10.4108/eai.3-6-2022.174089,,10.4108/eai.3-6-2022.174089,,,0,,0,true,cc-by,gold
053-505-309-230-223,How To Get Call Detail and Cell Tower Records,,2017,book chapter,Cell Phone Location Evidence for Legal Professionals,,Elsevier,,Larry Daniel,,,,41,47,World Wide Web; Tower (mathematics); Computer science; Wireless; Line (text file); Ask price,,,,,https://www.sciencedirect.com/science/article/pii/B9780128093979000079 http://www.sciencedirect.com/science/article/pii/B9780128093979000079,http://dx.doi.org/10.1016/b978-0-12-809397-9.00007-9,,10.1016/b978-0-12-809397-9.00007-9,2660323237,,0,,0,false,,
053-544-580-011-767,Forensic Readiness for Enhanced eDiscovery,2020-08-21,2020,book chapter,Handbook of Research on Cyber Crime and Information Privacy,19489730; 19489749,IGI Global,,Dauda Sule,"<jats:p>To discover, uncover, and stamp out digital crime while ensuring information security and assurance, there is a need to investigate the crime once it has occurred. This will help trace the criminals and also secure an organization against future attacks. Forensic readiness entails organizations being at alert as per digital evidence collection and storage – that is collecting and storing such evidence constantly in a forensically sound manner, not just when the need for such evidence arises. In the event litigation arises or is anticipated, digital evidence may need to be reviewed by the opposing parties prior to court proceedings to assess quality of the evidence; this is eDiscovery. Digital evidence for eDiscovery needs to be forensically sound and provided in an efficient timely manner – forensic readiness helps to ensure this. This chapter is an update on the chapter on “Forensic Readiness and eDiscovery” in the previous edition and still seeks to establish how forensic readiness is relevant to the eDiscovery process, taking into consideration current developments in the field. </jats:p>",,,236,255,Computer science,,,,,https://www.igi-global.com/chapter/forensic-readiness-for-enhanced-ediscovery/261733,http://dx.doi.org/10.4018/978-1-7998-5728-0.ch013,,10.4018/978-1-7998-5728-0.ch013,3082950526,,0,007-249-950-331-734; 021-486-901-460-202; 145-945-225-083-101,0,false,,
053-579-091-790-149,Development and Design Strategies of Evidence Collection Framework in Cloud Environment,2020-03-22,2020,book chapter,Social Networking and Computational Intelligence,23673370; 23673389,Springer Singapore,,Yunus Khan; Sunita Varma,"Nowadays, cloud computing is one of the popular and widely used concepts in information technology paradigm. It is committed to improving the IT business technically and economically. On the other hand, digital forensic is the process of collection, identification, preservation, examination, and analysis of data or information for the proof in the court of law as an evidence. It is very difficult and challenging to apply digital forensic operation in a cloud environment because CSPs are dependent on each other either they provide IaaS, PaaS, or SaaS. So the cloud forensic, one of the applications of digital forensic in a cloud environment, is just a subset of network forensic. It is a cross-field of digital forensic and cloud computing. In this paper, we investigate all the research issues, problems, and implementation ethics of cloud forensic from the initial level. We found that lots of issues and challenges are remaining to address in this domain. Some major research domains are architectures, data collection and analysis, anti-forensic, incident first responders, roles and responsibilities, legal, standards, and some learning issues. In our research work, we mainly focus on the data collection and cloud forensic architectures and also implement a cloud forensic framework in the context of cloud service models. This research work is tested using different private cloud solutions such as eucalyptus, OpenNebula, VMware, vCloud, and Hadoop platform. In our research work, we implement pattern search facility using the proposed approach in open-source software called digital forensic framework. We also implement in near future digital forensic triage using Amazon Elastic MapReduce. In this research, we also implement designed and development of forensic method for the PaaS and SaaS delivery models of cloud computing, also apply machine learning principles to design and develop new digital forensic methods, and improve the efficiency of investigation using machine learning algorithms for feature extraction and priority of evidence classification of evidence in virtual machines.",,,27,37,Information technology; Data collection; Software as a service; Data science; Virtual machine; Context (language use); Computer science; Identification (information); Cloud computing; Digital forensics,,,,,https://link.springer.com/chapter/10.1007%2F978-981-15-2071-6_3,http://dx.doi.org/10.1007/978-981-15-2071-6_3,,10.1007/978-981-15-2071-6_3,3012930296,,0,000-566-000-503-971; 008-584-787-077-16X; 008-875-575-844-574; 010-414-070-550-327; 015-654-094-120-991; 017-951-024-986-099; 018-564-694-163-020; 018-948-094-812-86X; 024-462-843-796-80X; 026-685-280-764-118; 026-934-168-279-23X; 034-872-896-955-434; 046-357-391-782-442; 053-731-227-547-943; 069-012-869-463-290; 071-064-752-915-376; 091-531-552-633-070; 095-691-114-276-825; 116-056-471-784-278; 119-619-236-763-376; 130-740-959-004-35X; 131-861-074-437-518; 142-594-992-406-601; 144-124-797-675-052; 144-716-125-009-056; 154-554-333-840-374; 162-109-000-664-16X; 178-467-155-611-813; 182-651-669-227-864; 189-412-356-486-781,4,false,,
053-775-449-652-68X,Forensic Engineering Analysis Of Taillight Filaments By Digital Photomicroscopy,2004-01-01,2004,journal article,Journal of the National Academy of Forensic Engineers,23793252; 23793244,National Academy of Forensic Engineers,,James E. Flynn,"<jats:p>During The Analysis And Reconstruction Of An Automobile Accident, It Is Often Necessary For The Forensic Engineer To Examine The Headlights Or Taillights Of A Vehicle In An Attempt To Find Evidence Which Will Allow For A Determination Of Whether Or Not The Lights Were On And Operating At The Time Of The Collision. This Paper Describes The Use Of Digital Photomicroscopy For The Evaluation And Documentation Of Such Evidence.</jats:p>",21,2,,,Engineering; Forensic engineering,,,,,https://journal.nafe.org/ojs/index.php/nafe/article/download/636/606,http://dx.doi.org/10.51501/jotnafe.v21i2.636,,10.51501/jotnafe.v21i2.636,3195263844,,0,,0,true,cc-by-nd,hybrid
054-004-313-233-495,Requirements in digital forensics method definition : Observations from a UK study,,2018,journal article,Digital Investigation,17422876,Elsevier BV,Netherlands,Angus M. Marshall; Richard F. Paige,"Abstract During a project to examine the potential usefulness of evidence of tool verification as part of method validation for ISO 17025 accreditation, the authors have examined requirements statements in several digital forensic method descriptions and tools. They have identified that there is an absence of clear requirements statements in the methods and a reluctance or inability to disclose requirements on the part of tool producers. This leads to a break in evidence of correctness for both tools and methods, resulting in incomplete validation. They compare the digital forensics situation with other ISO 17025 accredited organisations, both forensic and non-forensic, and propose a means to close the gap and improve validation. They also review existing projects which may assist with their proposed solution.",27,,23,29,Data science; Computer science; Correctness; Accreditation; Digital forensics,,,,University of York Research Priming Fund,https://dblp.uni-trier.de/db/journals/di/di27.html#MarshallP18 https://www.sciencedirect.com/science/article/pii/S1742287618302718 https://eprints.whiterose.ac.uk/137032/ https://core.ac.uk/download/199218336.pdf,http://dx.doi.org/10.1016/j.diin.2018.09.004,,10.1016/j.diin.2018.09.004,2890279224,,0,019-953-559-571-756; 029-459-233-206-184; 067-938-325-014-282; 142-790-196-752-819,23,true,cc-by-nc-nd,green
054-130-228-266-070,CyberSA - Visualisation of device datasets to assist digital forensic investigation,,2017,book,"2017 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA)",,IEEE,,Gavin Hales,"The increasing use of digital devices in our everyday lives, and their ever-increasing storage capacities places digital forensics investigatory resources under significant pressure. The workload for investigators is increasing, and the time required to analyse the datasets is not decreasing to compensate. This research looks at the potential for utilising information visualisation techniques to increase investigative efficiency with a view to decreasing the overall time taken to investigate a case, while still maintaining a high level of accuracy. It is envisaged that this may have the potential to lead to a reduced backlog of cases for law enforcement agencies, and expedited processing of criminal cases involving digital evidence.",,,1,4,Engineering; Information visualization; Data science; Lead (geology); Workload; Law enforcement; Digital evidence; Digital forensic investigation; Visualization; Computer security; Digital forensics,,,,,https://rke.abertay.ac.uk/ws/files/8789945/Hales_VisualisationofDeviceDatasets_Author_2017.pdf http://ieeexplore.ieee.org/document/8073402/ https://rke.abertay.ac.uk/en/publications/visualisation-of-device-datasets-to-assist-digital-forensic-inves https://ieeexplore.ieee.org/document/8073402/authors https://core.ac.uk/download/141567453.pdf,http://dx.doi.org/10.1109/cybersa.2017.8073402,,10.1109/cybersa.2017.8073402,2744356685,,0,027-727-618-742-485; 091-860-649-892-498; 094-295-279-676-447; 110-180-886-331-297; 118-838-969-146-870; 125-166-157-303-425; 134-927-490-231-285; 142-777-818-860-501,3,true,,green
054-145-255-092-055,IFIP Int. Conf. Digital Forensics - Some Challenges in Digital Forensics,,2006,book chapter,IFIP Advances in Information and Communication Technology,18684238; 1868422x,Springer New York,Germany,Eugene H. Spafford,"This essay discusses some of the principal challenges facing the emerging discipline of digital forensics. Most of the challenges have a scientific basis—understanding the needs and limitations caused by changes in the scope and pace of information technology. Others are engineering in nature, requiring the construction of new software and hardware to enable the collection, retention and examination of potential digital evidence. All of the challenges have administrative and legal frameworks within which they must be addressed, and the limits and structures imposed by these frameworks must evolve and be shaped by science, engineering and practice.",222,,3,9,Information technology; Principal (computer security); Data science; Pace; Software; Scope (project management); Digital evidence; Computer security; Computer science; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/ifip11-9/df2006.html#Spafford06 https://link.springer.com/content/pdf/10.1007%2F0-387-36891-4_1.pdf https://link.springer.com/chapter/10.1007%2F0-387-36891-4_1 https://rd.springer.com/chapter/10.1007%2F0-387-36891-4_1 http://ui.adsabs.harvard.edu/abs/2006adf..book....3S/abstract,http://dx.doi.org/10.1007/0-387-36891-4_1,,10.1007/0-387-36891-4_1,1500030124,,0,048-029-723-086-698; 062-032-128-092-406; 071-083-032-751-880; 132-947-950-668-871; 134-596-210-986-357; 142-144-401-472-749,6,true,,bronze
054-336-486-986-971,Electronic Evidence and Digital Forensics Testimony in Court,,,book chapter,Handbook of Digital and Multimedia Forensic Evidence,,Humana Press,,Fred Chris Smith; Erin E. Kenneally,"Like many of the chapters in this book, this chapter will succeed to the extent that it is able to raise many more questions than it can answer. Because of the constantly changing nature of the contemporary standards for the admission of highly technical digital forensic expert witness testimony, our subject matter is a fast-moving target. What is essential for the tyro who is interested in learning how to testify and how best to present clear and cogent testimony about complex technological issues, processes, or investigations is to develop a scientific attitude about every aspect of his or her forensic work. That attitude must be maintained without becoming overly concerned with the clear differences between evolving standards to ascertain the nature of digital forensics expertise and the long-standing traditions for providing provenance for experts in the hard sciences such as physics or chemistry.",,,103,132,Hard and soft science; Political science; Law; Chemistry (relationship); Expert witness; Subject matter; Information security; Engineering ethics; Computer forensics; Digital forensics,,,,,https://link.springer.com/chapter/10.1007%2F978-1-59745-577-0_8 https://link.springer.com/content/pdf/10.1007%2F978-1-59745-577-0_8.pdf https://rd.springer.com/chapter/10.1007/978-1-59745-577-0_8,http://dx.doi.org/10.1007/978-1-59745-577-0_8,,10.1007/978-1-59745-577-0_8,33248467,,0,002-673-615-411-826; 017-358-994-049-12X; 025-953-293-295-113; 146-970-724-314-649,5,false,,
054-471-285-379-894,Digital Forensic Analysis of Hard Disk for Evidence Collection,,2018,journal article,International Journal of Cyber-Security and Digital Forensics,23050012,The Society of Digital Information and Wireless Communications (SDIWC),,Bandu B. Meshram; Dinesh N. Patil,,7,2,100,110,Evidence collection; Computer science; Multimedia; Wireless; Digital forensics,,,,,http://www.sdiwc.net/digital-library/digital-forensic-analysis-of-hard-disk-for-evidence-collection.html,http://dx.doi.org/10.17781/p002372,,10.17781/p002372,2791423273,,0,020-486-151-034-995; 054-321-069-682-537; 074-999-867-962-351; 085-214-277-668-01X; 110-576-638-767-244; 117-513-040-751-893,5,false,,
054-676-953-074-041,Digital Forensic Tools for Cloud Computing Environment,2021-12-06,2021,book chapter,ICT with Intelligent Applications,21903018; 21903026,Springer Singapore,Germany,Swapnil P. Bhagat; Bandu B. Meshram,"AbstractIn general, digital forensics process can be stated as a process of identifying, analyzing and presenting the digital evidence. It comprises activities like identification, preservation, examination, analysis. Complication and complexity in the execution of these activities increase with the size of data. Cloud computing technology exacerbate the situation. Various forensic tools have been developed to improve the performance and efficiency of forensic activities. This paper highlights such digital forensic tools and provides brief information about the forensic tools. This paper examines traditional digital forensic tools helpful for the cloud forensic as well as tools that are specially designed for the cloud environment. It includes commercial as well as open-source tools.KeywordsCloud computingDigital forensic toolOpen-source tools",,,49,57,Digital forensics; Cloud computing; Computer science; Computer forensics; Forensic science; Process (computing); Data science; Identification (biology); Digital evidence; Computer security; Operating system; Archaeology; Botany; Biology; History,,,,,,http://dx.doi.org/10.1007/978-981-16-4177-0_7,,10.1007/978-981-16-4177-0_7,,,0,023-579-099-677-492; 033-877-222-136-260; 041-879-975-858-398; 047-833-989-327-699; 060-874-727-746-537; 091-540-399-535-662; 125-953-547-941-716; 138-082-694-174-263; 160-331-694-886-887,0,false,,
054-803-693-090-06X,Cyber Forensics with Machine Learning,2022-04-01,2022,book chapter,Encyclopedia of Machine Learning and Data Science,,Springer US,,Faisal Shahzad; Abdul Rehman Javed; Zunera Jalil; Farkhund Iqbal,"The twenty-first century witnessed a rise in cybercrimes due to the fast proliferation of digital platform usage in everyday life (personal and business). Reliance on technology makes criminals play in the digital world, giving them more geo freedom, digital accessibility, and invisibility than the real world. This strength at the criminal’s end puts pressure on cybercrime investigators to tackle technological attacks, finding evidence from huge digital data piles. Digital forensics is the term used to represent the process of digging out credible pieces of evidence about the crime from the digital data and artifacts. Digital forensics using machine learning (ML) techniques can make finding the evidence faster than the manual analysis from vast piles of data generated from diverse sources. Resultantly, the investigators can use this saved time to focus on understanding crime dynamics and reporting. Furthermore, pattern recognition algorithms, abnormal behavior detection solutions, and other supervised and unsupervised ML techniques can speed up the cyber forensics process with better results in diverse digital crime scenarios. In addition, using deep learning (DL) algorithms can augment finding expected evidence for nonstructured data by making interlinkages and identifying otherwise hidden patterns.",,,1,6,Cybercrime; Invisibility; Digital forensics; Computer science; Process (computing); Digital evidence; Data science; Artificial intelligence; Everyday life; Computer security; Crime scene; Machine learning; World Wide Web; Criminology; The Internet; Psychology; Political science; Law; Operating system,,,,,,http://dx.doi.org/10.1007/978-1-4899-7502-7_987-1,,10.1007/978-1-4899-7502-7_987-1,,,0,002-442-932-223-580; 012-850-329-019-804; 017-121-149-624-099; 017-309-616-929-76X; 022-810-633-346-670; 025-366-195-449-207; 031-262-185-366-177; 034-940-557-037-083; 038-271-271-118-988; 039-779-363-873-706; 046-088-494-452-021; 046-535-971-090-839; 058-436-961-585-928; 060-733-043-439-457; 060-946-274-102-260; 070-117-404-582-026; 070-233-357-504-09X; 117-828-751-731-713; 119-578-880-196-191; 143-381-852-096-67X; 155-323-554-580-850; 159-538-886-540-592; 166-314-098-559-795,0,false,,
055-086-544-213-027,Analisis Kelayakan Integrated Digital Forensics Investigation Framework Untuk Investigasi Smartphone,2016-10-25,2016,journal article,Jurnal Buana Informatika,20897642; 20872534,Universitas Atma Jaya Yogyakarta,,Ruuhwan Ruuhwan;  Riadi; Yudi Prayudi,"Abstract. The handling of digital evidence each and every digital data that can proof a determination that a crime has been committed; it may also give the links between a crime and its victims or crime and the culprit. How to verify a valid evidence is to investigate using the approach known as the Digital Forensic Examination Procedures. Integrated Digital Forensic Investigation Framework (IDFIF) is the latest developed method, so that it is interesting to further scrutinize IDFIF, particularly in the process of investigation of a smartphone. The current smartphone devices have similar functions with computers. Although its functions are almost the same as the computer, but there are some differences in the process of digital forensics handling between computer devices and smartphones. The digital evidence handling process stages need to overcome the circumstances that may be encountered by an investigator involving digital evidence particularly on electronic media and smartphone devices in the field. IDFIF needs to develop in such a way so it has the flexibility in handling different types of digital evidence. Keywords: digital evidence, IDFIF, investigation, smartphone Abstraks. Penanganan bukti digital mencakup setiap dan semua data digital yang dapat menjadi bukti penetapan bahwa kejahatan telah dilakukan atau dapat memberikan link antara kejahatan dan korbannya atau kejahatan dan pelakunya. Cara pembuktian untuk mendapatkan bukti valid adalah dengan melakukan investigasi dengan pendekatan Prosedur Pemeriksaan Digital Forensic. Integrated Digital Forensics Investigation Framework (IDFIF) merupakan metode terbaru sehingga IDFIF ini menarik untuk diteliti lebih lanjut terutama dalam proses investigasi smartphone. Saat ini perangkat smartphone memiliki fungsi yang sama dengan komputer. Meskipun demikian, ada beberapa perbedaan dalam proses penanganan digital forensics diantara perangkat komputer dan smartphone. Tahapan proses penanganan barang bukti digital seharusnya dibuat untuk mengatasi keadaan umum yang mungkin dihadapi oleh investigator yang melibatkan barang bukti digital terutama pada perangkat smartphone dan media elektronik terkait di lapangan. IDFIF perlu dikembangkan sehingga memiliki fleksibilitas dalam menangani berbagai jenis barang bukti digital. Kata Kunci: bukti digital, IDFIF, investigasi, smartphone",7,4,77775,,,,,,,https://www.neliti.com/publications/77775/analisis-kelayakan-integrated-digital-forensics-investigation-framework-untuk-in https://core.ac.uk/download/pdf/268157138.pdf,http://dx.doi.org/10.24002/jbi.v7i4.767,,10.24002/jbi.v7i4.767,2558693854,,0,,2,true,,
055-166-120-045-285,"DF 2.0: An Automated, Privacy Preserving, and Efficient Digital Forensic Framework That Leverages Machine Learning for Evidence Prediction and Privacy Evaluation",,2019,journal article,"The Journal of Digital Forensics, Security and Law",15587223,Embry-Riddle Aeronautical University/Hunt Library,,Robin Verma; Jayaprakash Govindaraj; Saheb Chhabra; Gaurav Gupta,,14,2,13,44,Automation; Information privacy; Information retrieval; Privacy preserving; Computer science; Digital forensics,,,,,https://commons.erau.edu/jdfsl/vol14/iss2/3/ https://commons.erau.edu/cgi/viewcontent.cgi?article=1606&context=jdfsl https://dblp.uni-trier.de/db/journals/jdfsl/jdfsl14.html#VermaGCG19,http://dx.doi.org/10.15394/jdfsl.2019.1606,,10.15394/jdfsl.2019.1606,2962333476,,0,000-360-120-513-679; 012-547-708-771-754; 014-561-286-568-118; 020-343-122-748-675; 033-877-222-136-260; 059-078-762-318-13X; 066-271-426-147-659; 074-339-650-704-622; 097-567-011-227-46X; 099-600-335-833-663; 112-181-239-331-730; 119-759-887-719-875; 134-927-490-231-285; 135-626-485-398-950; 137-755-137-054-864; 163-330-758-807-944; 181-095-475-426-346,3,true,cc-by-nc,gold
055-167-931-095-336,IFIP Int. Conf. Digital Forensics - Measuring Evidential Weight in Digital Forensic Investigations,2018-08-30,2018,book chapter,Advances in Digital Forensics XIV,18684238; 1868422x,Springer International Publishing,Germany,Richard E. Overill; Kam-Pui Chow,"This chapter describes a method for obtaining a quantitative measure of the relative weight of each individual item of evidence in a digital forensic investigation using a Bayesian network. The resulting evidential weights can then be used to determine a near-optimal, cost-effective triage scheme for the investigation in question.",,,3,10,Data mining; Scheme (programming language); Triage; Relative weight; Digital forensic investigation; Individual item; Quantitative measure; Bayesian network; Computer science; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/ifip11-9/df2018.html#OverillC18 https://link.springer.com/10.1007/978-3-319-99277-8_1 https://rd.springer.com/chapter/10.1007/978-3-319-99277-8_1 https://hal.inria.fr/IFIP-AICT-532/hal-01988848 https://hal.inria.fr/hal-01988848/document https://link.springer.com/chapter/10.1007/978-3-319-99277-8_1 https://core.ac.uk/download/237586836.pdf,http://dx.doi.org/10.1007/978-3-319-99277-8_1,,10.1007/978-3-319-99277-8_1,2889519818,,0,005-515-909-003-84X; 010-408-812-989-291; 030-763-851-934-420; 033-628-237-537-481; 049-404-833-736-24X; 064-988-327-019-067; 106-964-315-836-68X; 133-508-126-407-763; 166-329-182-326-355; 171-688-355-851-832,2,true,cc-by,green
055-278-006-105-404,A Cry for Help: Persuading Cell phone Developers to Get Involved with Digital Forensics,,2012,,,,,,Kendra Carr,"Computer Forensics predominantly concentrates on the accessibility of retrievable information from a particular device. This paper focuses on the recovery of information from cell phones and the admissibility of the recovered data in court. The rapid advancement of cell phones has enlarged the amount of activities a user can implement and the quantity of information held within the cell phone. Digital Forensic tools are used to help forensic investigators recover information and determine whether or not a crime was committed and to present the potential evidence in court. The growing awareness of the critical information discovered within cell phones has pressed for Digital Forensic tools to rapidly evolve. However, without the help of cell phone designers, forensic tool developers will continue to struggle to keep up with the constant growth of new cell phone releases. This paper states the importance of Digital Forensic tools for cell phones, describes available methods to retrieve information off a cell phone, and discusses the legal requirements for the presenting evidence in court. The goal of this paper is to identify the weaknesses in cell phone Digital Forensics and inform cell phone developers that the advancement of cell phone forensic tools will not occur rapidly without their help, involvement, and cooperation.",,,,,Internet privacy; Engineering; Phone; Computer security; Computer forensics; Digital forensics,,,,,http://se.asee.org/proceedings/ASEE2012/Papers/FP2012car163_557.PDF,http://se.asee.org/proceedings/ASEE2012/Papers/FP2012car163_557.PDF,,,2341422677,,0,001-187-036-977-606; 005-204-756-049-67X; 007-648-632-822-878; 159-516-414-584-397,0,false,,
055-300-894-614-079,SADFE - A study of forensic & analysis tools,,2013,book,2013 8th International Workshop on Systematic Approaches to Digital Forensics Engineering (SADFE),,IEEE,,Sriram Raghavan; S. V. Raghavan,"There are a wide range of forensic and analysis tools to examine digital evidence in existence today. Traditional tool design examines each source of digital evidence as a BLOB (binary large object) and it is up to the examiner to identify the relevant items from evidence. In the face of rapid technological advancements we are increasingly confronted with a diverse set of digital evidence and being able to identify a particular tool for conducting a specific analysis is an essential task. In this paper, we present a systematic study of contemporary forensic and analysis tools using a hypothesis based review to identify the different functionalities supported by these tools. We highlight the limitations of the forensic tools in regards to evidence corroboration and develop a case for building evidence correlation functionalities into these tools. Keywords— Digital evidence, Binary abstraction, File system and schema support, Metadata, Evidence composition",,,1,5,World Wide Web; Schema (psychology); Data science; Binary large object; File system; Digital evidence; Analysis tools; Tool design; Computer science; Digital forensics; Metadata,,,,,https://ieeexplore.ieee.org/abstract/document/6911540 http://dx.doi.org/10.1109/SADFE.2013.6911540 https://securecyberspace.org/yahoo_site_admin/assets/docs/DF_5994_Paper_IEEE.232152154.pdf https://doi.org/10.1109/SADFE.2013.6911540 http://securecyberspace.org/yahoo_site_admin/assets/docs/DF_5994_Paper_IEEE.232152154.pdf https://dx.doi.org/10.1109/SADFE.2013.6911540 https://publications.iitm.ac.in/publication/a-study-of-forensic-analysis-tools https://dblp.uni-trier.de/db/conf/sadfe/sadfe2013.html#RaghavanR13 http://ieeexplore.ieee.org/document/6911540/,http://dx.doi.org/10.1109/sadfe.2013.6911540,,10.1109/sadfe.2013.6911540,2007429711,,0,009-692-861-529-254; 048-267-025-540-842; 051-165-387-606-715; 061-549-181-856-861; 089-879-578-482-069; 150-249-549-372-358; 162-864-397-044-696; 178-883-713-153-793; 184-948-841-629-735,8,false,,
055-378-270-496-000,Research and Implementation of Digital Evidence Enforcement Protection Program,,2013,conference proceedings article,2013 6th International Conference on Intelligent Networks and Intelligent Systems,,IEEE,,Zhu Shi-Dong; Jiang Liu; Yang Sheng; Zhang Xiaorui,"Digital forensics technology is an indispensable means to combat computer crime and cyber crime. In order to meet the needs of the legal proceedings on digital evidence, and to avoid accidental changes to the evidence, the protection of data evidence is an important principle throughout the process of digital forensics. The risks are existed for the current commonly used means of digital evidence consciously protection, such as evidence of the hard disk media easily damaged, the data evidence has been modified without being discovered. In this paper, we present a digital evidence enforcement protection program based on third party notary to improve the deficiencies of digital evidence consciously protection, we analyzed the techniques and implementation process of the program, and discussed the security of it in the end.",,,33,35,Internet privacy; Order (exchange); Enforcement; Digital evidence; Third party; Cyber crime; Computer security; Computer science; Process (engineering); Computer forensics; Digital forensics,,,,,https://ieeexplore.ieee.org/document/6754664/ http://ieeexplore.ieee.org/document/6754664/,http://dx.doi.org/10.1109/icinis.2013.15,,10.1109/icinis.2013.15,2316960143,,0,,1,false,,
055-395-917-460-063,"Call Detail Records—Origination, Business Purpose, and Contents",,2017,book chapter,Cell Phone Location Evidence for Legal Professionals,,Elsevier,,Larry Daniel,,,,33,40,Engineering; World Wide Web; Origination,,,,,https://www.sciencedirect.com/science/article/pii/B9780128093979000067,http://dx.doi.org/10.1016/b978-0-12-809397-9.00006-7,,10.1016/b978-0-12-809397-9.00006-7,2633535316,,0,,0,false,,
055-428-561-725-064,IFIP Int. Conf. Digital Forensics - Digital Forensics as a Surreal Narrative,,2009,book chapter,Advances in Digital Forensics V,18684238; 1868422x,Springer Berlin Heidelberg,Germany,Mark Pollitt,"Digital forensics is traditionally approached either as a computer science problem or as an investigative problem. In both cases, the goal is usually the same: attempt to locate discrete pieces of information that are probative. In the computer science approach, characteristics of the data are utilized to include or exclude objects, data or metadata. The investigative approach reviews the content of the evidence to interpret the data in the light of known facts and elements of the crime in order to determine probative information or information of lead value. This paper explores two literary theories, narrative theory and surrealism, for potential application to the digital forensic process. Narrative theory focuses on the “story” that is represented by text. At some level, a storage device may be viewed as a series of interweaving, possibly multi-dimensional, narratives. Furthermore, the narratives themselves, coupled with the metadata from the file system and applications, may form a meta-narrative. The literary theory of surrealism, the notion of disjointed elements, can be utilized to derive meaning from forensic evidence. This paper uses a technique known as surrealist games to illustrate the point.",306,,3,15,Literary theory; Epistemology; Meaning (philosophy of language); World Wide Web; Narrative; Digital forensic process; Value (ethics); Computer science; Digital forensics; Metadata; Narratology,,,,,https://link.springer.com/content/pdf/10.1007%2F978-3-642-04155-6_1.pdf http://ui.adsabs.harvard.edu/abs/2009adf5.conf....3P/abstract https://link.springer.com/chapter/10.1007%2F978-3-642-04155-6_1 https://rd.springer.com/chapter/10.1007/978-3-642-04155-6_1,http://dx.doi.org/10.1007/978-3-642-04155-6_1,,10.1007/978-3-642-04155-6_1,1554400287,,0,013-246-076-655-612; 017-739-386-892-972; 017-962-264-968-31X; 022-533-870-603-535; 050-458-323-398-42X; 052-665-370-203-554; 058-315-183-268-289; 064-388-382-052-645; 076-031-825-399-458; 085-214-277-668-01X; 086-433-689-525-556; 103-026-353-144-131; 140-821-103-436-654; 150-464-045-723-988; 174-292-573-956-403; 182-962-922-039-081; 186-179-663-828-545; 199-172-967-270-034,3,true,,bronze
055-628-715-083-217,COMPARATIVE DIGITAL FORENSIC MODEL,,2013,journal article,"International Journal of Innovative Research in Science, Engineering and Technology",23476710,,,Nilakshi Jain,"The computer forensic is the about evidence finding from computer or services using its reliability and justification which can be proved in court or in management. To accomplish this task various digital forensic model has been introduced till now. The proposed model ,Comparative Digital Forensic Model (CDFM) provides the authenticate evidence using less efforts because it based on required output only. Initially all models has been reviewed and listed advantages and disadvantages of all finally the CDFM has been developed, using that model very initial user can also understand the basic concept of digital forensic model.",2,8,3414,3419,Data mining; Data science; Task (project management); Computer science; Reliability (statistics); Digital forensics,,,,,https://www.rroij.com/open-access/comparative-digital-forensic-model.pdf https://www.omicsonline.org/peer-reviewed/comparative-digital-forensic-model-46459.html https://www.rroij.com/open-access/comparative-digital-forensic-model-.php?aid=46459 http://ijirset.com/upload/august/6_COMPARATIVE.pdf https://ijirset.com/upload/august/6_COMPARATIVE.pdf,https://www.omicsonline.org/peer-reviewed/comparative-digital-forensic-model-46459.html,,,2188909317,,0,004-706-447-836-905; 032-697-093-668-898; 035-223-520-491-228; 065-452-675-566-99X; 067-950-012-629-210; 133-397-275-695-990; 170-299-458-679-224; 183-000-233-873-221; 199-745-676-923-766,3,false,,
055-960-750-418-187,Forensic Analysis of Android-based Instant Messaging Application,,2018,conference proceedings article,"2018 12th International Conference on Telecommunication Systems, Services, and Applications (TSSA)",,IEEE,," Riadi; Arizona Firdonsyah","The rapid development of Android technology has an impact on the increasing number of devices that use Android as operating system. Applications developed for the Android platform are also very diverse, including instant messaging applications. Short Message Service, Blackberry Messenger, Line, and WhatsApp are multi-platform instant messaging applications with lots of users, so the possibility of digital crime that occurs by digital crime perpetrators has also increased significantly. The process of investigating digital crime cases require digital evidence to solve it. The process of obtaining digital evidence requires a forensic investigation technique against the physical evidence that has been obtained using certain methods. This research focuses on forensic steps to obtain digital evidence from Instant Messaging application on Android smartphones and smartwatches using widely used mobile forensic software, namely, Andriller, Oxygen Forensic Suite, WhatsApp DB / Key Extractor, and Metasploit using a framework developed by the National Institute of Standard Technology (NIST). The results of this research are presented in the form of a comparison table of artifact extraction success rate from each tool. The conclusions obtained from this research are: forensic measures carried out based on the NIST Mobile Forensics framework can be applied to the digital evidence retrieval process Instant Messaging applications on smartphones and Android smartwatches with Oxygen Forensic Suite has the highest successful rate at 57.14% on BBM and WhatsApp artifact extraction and 42.85 on Smartwatch’s SMS and LINE Messenger artifact extraction. WhatsApp DB/ Key Extractor has the highest successful rate at 42.85 on Smartphone’s WhatsApp artifact extraction but has weakness in Smartwatch’s SMS, BBM, and LINE Messenger artifact extraction and Metasploit has the lowest success ratio.",,,,,NIST; Software; Digital evidence; Smartwatch; Computer science; Multimedia; Android (operating system); Short Message Service; Mobile device forensics; Suite,,,,,http://xplorestaging.ieee.org/ielx7/8703603/8708743/08708798.pdf?arnumber=8708798 http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=8708798,http://dx.doi.org/10.1109/tssa.2018.8708798,,10.1109/tssa.2018.8708798,2943925766,,0,006-700-167-776-341; 050-671-553-044-371; 106-759-637-118-717; 110-902-708-894-566; 185-798-265-234-254,1,false,,
056-037-174-513-465,Integrating behavioural analysis within the digital forensics investigation process,2018-10-01,2018,dissertation,,,,,Al Mutawa; Noora Ahmad Khurshid,"This programme of research focused on incorporating Behavioural Analysis (BA) within the digital forensics investigation process. A review of previously developed digital forensics investigation models indicated a lack of sufficient consideration of the behavioural and motivational dimensions of offending, and the way in which digital evidence can be used to address these issues during the investigation process. This programme of research aimed to build on previous work by scientific researchers and investigators by developing a digital forensics investigation model which incorporates greater consideration of the behavioural and motivational implications of case-related digital evidence based on current theoretical understandings of these aspects of offending from forensic psychology. This can aid with understanding of the crime events and reconstruction, and lead to the development of more detailed models and guidelines for examining computer-facilitated interpersonal crimes.; The first study employed an abductive approach to forensically analyse individual cases (real cases obtained from the Dubai Police archives) applying BA to the online Sexually Exploitative Imagery of Children (SEIC) and cyberstalking. Its aim was to investigate what BA could contribute to the digital forensics investigation of cases within these crime categories. It identified five benefits: (1) providing focus, speed and investigative directions, (2) inferring victim/offender behaviours, (3) inferring offender motivation(s), (4) identifying potential victims, and (5) eliminating suspects. This was followed by a survey study empirically examining the perceptions of national and international digital forensics practitioners regarding the use and utility of BA during the process of investigating SEIC and cyberstalking cases. The results indicated that while the majority believed that BA has potential to contribute to many aspects of digital forensics investigations, their daily investigative activities involved a limited use of this technique. The implications of the study were outlined, and emphasised the need to design a digital forensics investigation model that provides guiding steps and illustrations on how to utilise BA in digital forensics investigations. ; Based on the findings from the conducted studies, a digital forensics investigation model that incorporates aspects of BA was designed. It aimed to provide a pragmatic, structured, multidisciplinary approach to performing a post mortem examination, analysis, and interpretation of the content of the digital devices associated with computer-facilitated interpersonal crimes. Two comprehensive case studies were also used to illustrate the investigative importance of the model in investigating computer-facilitated interpersonal crimes.",,,,,Psychology; Interpersonal communication; Forensic psychology; Multidisciplinary approach; Perception; Cyberstalking; Digital evidence; Process (engineering); Applied psychology; Digital forensics,,,,,http://clok.uclan.ac.uk/25412/ https://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.762459,http://clok.uclan.ac.uk/25412/,,,2909816205,,0,001-771-322-517-451; 002-177-289-965-440; 002-849-256-261-171; 004-872-169-627-620; 006-232-848-961-820; 007-314-571-885-858; 007-508-275-195-858; 007-803-508-283-309; 008-769-485-348-551; 009-727-233-833-316; 011-382-056-431-447; 013-568-618-083-770; 013-960-911-682-947; 014-521-825-422-809; 017-167-454-912-226; 017-855-735-496-379; 018-214-271-621-157; 019-831-293-743-518; 020-649-772-262-687; 020-944-423-224-895; 021-850-998-857-676; 023-567-852-178-67X; 026-394-480-576-963; 026-641-935-890-517; 026-846-584-335-499; 027-012-701-345-983; 029-080-630-499-48X; 029-638-263-419-336; 029-934-518-651-564; 031-614-539-275-181; 031-747-871-064-545; 033-956-207-822-073; 034-260-893-450-599; 034-277-988-671-627; 036-269-075-303-806; 036-379-097-728-319; 036-800-578-404-266; 037-080-678-479-39X; 037-657-165-598-848; 038-020-812-301-296; 038-542-054-276-658; 039-097-172-195-326; 039-822-500-668-84X; 040-043-814-199-348; 040-984-144-210-003; 041-702-856-336-534; 041-816-478-202-47X; 042-846-783-758-208; 046-358-758-810-206; 046-505-599-865-150; 047-077-329-783-399; 047-655-014-037-107; 048-645-419-219-088; 049-107-961-389-800; 049-277-362-625-64X; 049-404-833-736-24X; 051-049-495-074-885; 056-081-936-492-567; 057-269-936-036-693; 057-991-197-390-530; 058-863-862-327-794; 066-725-012-180-620; 067-410-380-403-816; 068-633-888-560-585; 068-876-222-328-962; 073-624-718-302-07X; 075-352-140-232-285; 078-385-199-956-202; 079-070-981-899-105; 085-596-140-479-249; 086-355-348-998-637; 086-419-575-179-359; 087-648-159-803-146; 088-881-933-377-818; 089-489-702-583-50X; 090-443-563-296-915; 096-118-713-124-772; 097-023-859-325-432; 097-882-935-794-78X; 098-148-870-777-427; 099-919-572-654-962; 099-984-285-588-895; 100-348-602-477-694; 102-632-580-219-184; 102-771-229-634-700; 103-175-545-949-937; 104-113-767-750-168; 104-258-481-168-508; 104-925-931-575-132; 106-588-703-560-375; 107-865-530-239-864; 109-591-555-954-431; 111-741-773-111-021; 112-181-239-331-730; 118-627-985-730-567; 118-838-969-146-870; 120-656-666-312-16X; 129-047-937-765-077; 130-834-531-769-009; 131-612-862-659-085; 132-355-634-397-986; 133-725-056-687-552; 134-950-794-353-447; 136-824-245-506-952; 137-254-164-534-059; 138-097-495-143-351; 140-730-540-277-926; 141-176-668-924-476; 142-013-955-927-231; 145-062-913-009-934; 146-053-151-379-972; 147-659-670-579-979; 150-082-581-072-150; 157-804-190-614-318; 160-160-097-559-323; 160-732-680-457-771; 160-976-357-855-420; 161-882-711-492-247; 162-166-184-814-855; 162-234-509-775-64X; 163-330-758-807-944; 163-783-999-143-861; 165-504-597-351-359; 165-791-490-543-275; 167-652-916-391-487; 169-061-977-724-028; 170-877-691-322-127; 191-513-419-424-524; 192-292-910-979-431; 199-172-967-270-034; 199-233-354-393-441,0,false,,
056-058-669-641-20X,"Security, Privacy, and Digital Forensics in the Cloud - Analysis of Cloud Digital Evidence",2019-02-08,2019,book,"Security, Privacy, and Digital Forensics in the Cloud",,John Wiley & Sons Singapore Pte. Ltd,,Irfan Ahmed; Vassil Roussev,,,,301,319,Software as a service; Digital evidence; Cloud forensics; Computer security; Computer science; Cloud computing; Digital forensics,,,,,https://onlinelibrary.wiley.com/doi/abs/10.1002/9781119053385.ch15,http://dx.doi.org/10.1002/9781119053385.ch15,,10.1002/9781119053385.ch15,2913444205,,0,002-768-711-065-857; 007-803-508-283-309; 019-698-064-288-240; 023-338-081-058-709; 023-341-419-324-638; 024-894-908-869-686; 025-723-055-730-999; 034-095-325-733-017; 041-879-975-858-398; 049-977-511-720-26X; 051-368-118-380-383; 058-631-300-195-90X; 077-300-853-561-650; 082-906-779-543-354; 083-345-094-971-128; 095-691-114-276-825; 124-912-663-881-389; 144-124-797-675-052; 170-546-031-309-748,2,false,,
056-161-895-385-676,ES - Challenges of Cloud Forensics,2017-03-19,2017,book,Enterprise Security,03029743; 16113349,Springer International Publishing,Germany,Hamid Jahankhani; Amin Hosseinian-Far,"Legal requirement for cloud forensics is currently uncertain and presents a challenge for the legal system. These challenges arises from the fact that cloud environment consists of distributed shared storages so there is a level of necessary interactions forensic examiners and law enforcement officers require from the cloud provider in order to conduct their investigations. Cloud computing has generated significant interest in both academia and industry, but it is still an evolving paradigm. Cloud computing services are also, a popular target for malicious activities; resulting to the exponential increase of cyber-attacks. Digital evidence is the evidence that is collected from the suspect’s workstations or electronic medium that could be used in order to assist computer forensics investigations. Cloud forensics involves digital evidence collection in the cloud environment. The current established forensic procedures and process models require major changes in order to be acceptable in cloud environment. This chapter aims to assess challenges that forensic examiners face in tracking down and using digital information stored in the cloud and discuss the importance of education and training to handle, manage and investigate computer evidence.",,,1,18,Data science; Order (business); Suspect; Law enforcement; Digital evidence; Computer science; Computer forensics; Workstation; Process modeling; Cloud computing,,,,,https://link.springer.com/chapter/10.1007/978-3-319-54380-2_1/fulltext.html https://pure.northampton.ac.uk/en/publications/challenges-of-cloud-forensics https://rd.springer.com/chapter/10.1007/978-3-319-54380-2_1 https://link.springer.com/chapter/10.1007/978-3-319-54380-2_1,http://dx.doi.org/10.1007/978-3-319-54380-2_1,,10.1007/978-3-319-54380-2_1,2596876795,,0,009-535-851-649-982; 009-982-185-089-921; 011-771-745-185-279; 011-782-730-801-925; 012-854-263-903-477; 020-253-023-257-580; 024-015-918-609-235; 026-677-583-290-327; 029-989-994-477-657; 032-863-929-801-136; 037-574-506-133-368; 041-879-975-858-398; 047-663-758-258-535; 058-201-787-577-183; 059-936-242-374-371; 072-591-730-174-555; 091-619-263-117-914; 095-691-114-276-825; 096-416-027-558-541; 098-932-244-174-265; 102-795-615-468-33X; 103-514-236-351-791; 105-431-975-054-415; 110-010-690-717-911; 112-262-827-652-770; 123-304-888-889-490; 127-919-547-090-29X; 141-537-815-904-426; 146-928-063-964-361; 153-835-640-481-249; 154-044-578-138-487; 158-371-944-033-364; 180-023-902-450-30X,4,false,,
056-371-111-040-908,Applications of Blockchain in Digital Forensics and Forensics Readiness,2020-08-02,2020,book chapter,Blockchain for Cybersecurity and Privacy,,CRC Press,,Manish Kumar,"The advancement in information technology has changed our life significantly. No doubt, the Internet, smartphones, and social media have connected people and society. It has contributed to various aspects of our daily life. However, there is also a dark side of cyberspace, that is, cybercrime. It is becoming a global threat and needs technological solutions to combat. Whenever there is a crime, there is a law to curb the crime. The role of digital forensics is to understand the ‘Who, What, Where and Why’ of the incident. Digital forensics is a scientific process to collect, analyze, and present the evidence in a court of law. As it is used to link the person with criminal activities, it is crucial that the entire process of investigation be trustworthy. Managing the digital evidence and maintaining the chain of custody and integrity of digital evidence are utmost important. This chapter discusses the applications of blockchain technology to address the challenging issues faced by the digital investigation process and forensic readiness. The chapter also discusses the legal issues and admissibility of blockchain-based evidence in a court of law.",,,339,364,Chain of custody; Internet privacy; The Internet; Information technology; Cybercrime; Cyberspace; Digital evidence; Computer science; Social media; Digital forensics,,,,,https://www.taylorfrancis.com/chapters/edit/10.1201/9780429324932-20/applications-blockchain-digital-forensics-forensics-readiness-manish-kumar,http://dx.doi.org/10.1201/9780429324932-20,,10.1201/9780429324932-20,3043704367,,0,106-204-830-624-073,1,false,,
056-621-919-744-851,SADFE - A DCT quantization-based image authentication system for digital forensics,,2005,book,First International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'05),,IEEE,,I-Chuan Chang; Bor-Wen Hsu; Chi-Sung Laih,"With the advent of digital times, the digital data has gradually taken the place of the original analog data. However, the authenticity of digital data faces a great challenge due to the fact that the digital edit software is ubiquitous. It has aroused the suspicion on the reliability of digital data especially when the digital data renders to the court as the digital evidence. We propose an integrated image authentication system for digital forensics and improve the detection problems of a DCT quantization-based image authentication scheme. The improved detection schemes effectively solve the detection problems and, at the same time, take into account the reliability, the security, and the practicability of the system. It is expected to reduce the wrong detection probability of the digital evidence. Finally, the improved image authentication schemes are implemented. If the digital evidence presented to the court is under suspicions, the system is expected to provide accurate information to help the judiciary to make the verdict right and objective.",,,223,235,Digital image processing; Message authentication code; Quantization (image processing); Digital data; Digital recording; Digital evidence; Computer security; Computer science; Data compression; Digital forensics,,,,,http://doi.ieeecomputersociety.org/10.1109/SADFE.2005.1 http://ieeexplore.ieee.org/document/1592535/ https://dblp.uni-trier.de/db/conf/sadfe/sadfe2005.html#HsuL05 https://www.computer.org/csdl/proceedings-article/sadfe/2005/24780223/12OmNxEBz5p https://ieeexplore.ieee.org/document/1592535/,http://dx.doi.org/10.1109/sadfe.2005.1,,10.1109/sadfe.2005.1,2535164079,,4,017-323-449-607-720; 018-498-145-998-911; 022-705-935-635-684; 023-983-763-871-985; 038-668-970-194-854; 038-955-150-444-274; 068-306-458-029-999; 106-164-360-101-150; 172-112-498-122-981,8,false,,
056-680-651-709-974,"Digital Analysis, Comparison, and Projection of Fingerprints: A New Digital Device for Crime Scene Investigation",2011-03-26,2011,,,,,,John Zheng Wang,"Since the mid-1990s, the forensic science community and law enforcement agencies have been using electronic/digital imaging devices such as video cameras, digital cameras, scanners, Power Point, and Adobe Photoshop software in crime scene recording. This paper introduces the Digital Imager in analyzing, comparing, and projecting fingerprint evidence. The portable device (software is included) can provide some unique functions: a larger field of view, longer zooming range, image dividing, and special viewings modes (of emboss, negative, edge, and grayscale effects). It is highly recommended that the new digital imaging device be utilized in fingerprint elimination and identification for crime scene investigation and courtroom presentation due to its multiple functions in one digital device. Key Words: Fingerprints, Digital Imager, Crime Scene Comparison and Elimination, Digital Analysis of Fingerprints, Courtroom Presentation, Digital Forensics",3,1,,,Digital imaging; Computer graphics (images); Zoom; Artificial intelligence; Crime scene; Projection (set theory); Fingerprint (computing); Software; Computer vision; Computer science; Grayscale; Digital forensics,,,,,,,,,1831238531,,0,005-964-207-118-558,1,false,,
057-089-021-440-630,A Knowledge Model of Digital Evidence Review Elements Based on Ontology,,2017,journal article,International Journal of Digital Crime and Forensics,19416210; 19416229,IGI Global,United States,Ning Wang,"<jats:p>As existing methods cannot express, share, and reuse the digital evidence review information in a unified manner, a solution of digital evidence review elements knowledge base model based on ontology is presented. Firstly, combing with the multi-source heterogeneous characteristic of digital evidence review knowledge, classification and extraction are accomplished. Secondly, according to the principles of ontology construction, the digital evidence review elements knowledge base model which includes domain ontology, application ontology, and atomic ontology is established. Finally, model can effectively acquire digital evidence review knowledge by analyzing review scenario.</jats:p>",9,3,49,57,Knowledge-based systems; Process ontology; Ontology (information science); Ontology-based data integration; Information retrieval; Digital evidence; Open Knowledge Base Connectivity; Computer science; Suggested Upper Merged Ontology; Upper ontology,,,,,https://doi.org/10.4018/IJDCF.2017070105 https://dblp.uni-trier.de/db/journals/ijdcf/ijdcf9.html#Wang17 https://www.igi-global.com/article/a-knowledge-model-of-digital-evidence-review-elements-based-on-ontology/182464,http://dx.doi.org/10.4018/ijdcf.2017070105,,10.4018/ijdcf.2017070105,2618635823,,0,001-299-770-551-075; 006-608-623-688-096; 014-674-876-390-218; 047-937-309-229-62X; 061-070-340-163-25X; 094-177-617-833-47X; 095-437-078-101-003; 128-190-997-064-091; 181-072-396-769-365,4,false,,
057-317-158-840-59X,Memory-Based Antiforensic Tools and Techniques,2008-04-01,2008,journal article,International Journal of Information Security and Privacy,19301650; 19301669,IGI Global,United Kingdom,Hamid Jahankhani; Elidon Beqiri,"Computer forensics is the discipline that deals with the acquisition, investigation, preservation, and presentation; of digital evidence in the court of law. Whereas antiforensics is the terminology used to describe; malicious activities deployed to delete, alter, or hide digital evidence with the main objective of manipulating,; destroying, and preventing the creation of evidence. Various antiforensic methodologies and tools can be; used to interfere with digital evidence and computer forensic tools. However, memory-based antiforensic; techniques are of particular interest because of their effectiveness, advanced manipulation of digital evidence,; and attack on computer forensic tools. These techniques are mainly performed in volatile memory using; advanced data alteration and hiding techniques. For these reasons memory-based antiforensic techniques; are considered to be unbeatable. This article aims to present some of the current antiforensic approaches; and in particular reports on memory-based antiforensic tools and techniques.",2,2,1,13,Data science; Presentation; Digital evidence; Information hiding; Computer security; Computer science; Terminology; Computer forensics; Volatile memory,,,,,https://dblp.uni-trier.de/db/journals/ijisp/ijisp2.html#JahankhaniB08 https://econpapers.repec.org/RePEc:igg:jisp00:v:2:y:2008:i:2:p:1-13 https://repository.uel.ac.uk/item/865q2 https://core.ac.uk/display/10809618 https://www.irma-international.org/viewtitle/2478/ https://ideas.repec.org/a/igg/jisp00/v2y2008i2p1-13.html https://www.igi-global.com/article/memory-based-antiforensic-tools-techniques/2478 http://roar.uel.ac.uk/1120/,http://dx.doi.org/10.4018/jisp.2008040101,,10.4018/jisp.2008040101,2078783929,,0,,1,true,cc-by-nd,green
057-329-251-106-443,IFIP Int. Conf. Digital Forensics - Specializing CRISP-DM for Evidence Mining,,2007,book chapter,Advances in Digital Forensics III,15715736; 18612288,Springer New York,Germany,Jacobus D. Venter; Alta de Waal; Cornelius J. Willers,"Forensic analysis requires a keen detective mind, but the human mind has neither the ability nor the time to process the millions of bytes on a typical computer hard disk. Digital forensic investigators need powerful tools that can automate many of the analysis tasks that are currently being performed manually.",,,303,315,Knowledge extraction; World Wide Web; Data science; Computer science; Process (engineering); Byte; Digital forensics,,,,,https://researchspace.csir.co.za/dspace/bitstream/10204/5539/1/Venter3_2007.pdf https://dblp.uni-trier.de/db/conf/ifip11-9/df2007.html#VenterWW07 https://rd.springer.com/chapter/10.1007/978-0-387-73742-3_21 https://link.springer.com/10.1007/978-0-387-73742-3_21 https://link.springer.com/content/pdf/10.1007%2F978-0-387-73742-3_21.pdf https://link.springer.com/chapter/10.1007%2F978-0-387-73742-3_21 https://researchspace.csir.co.za/dspace/handle/10204/5539,http://dx.doi.org/10.1007/978-0-387-73742-3_21,,10.1007/978-0-387-73742-3_21,1581592895,,0,001-381-793-304-07X; 010-388-991-543-520; 019-618-656-851-241; 032-760-465-037-173; 037-987-418-063-510; 041-891-130-085-647; 044-528-143-202-833; 049-160-025-583-881; 063-938-728-360-918; 066-271-426-147-659; 068-994-553-229-405; 086-550-459-763-922; 094-336-360-386-20X; 100-392-322-518-277; 106-687-444-489-343; 111-471-986-310-852; 137-617-097-405-934; 145-824-677-970-843; 148-953-524-971-503; 169-430-529-869-961; 196-230-731-477-315,13,true,,bronze
057-339-420-567-97X,IFIP Int. Conf. Digital Forensics - Investigating Computer Attacks Using Attack Trees,,,book chapter,Advances in Digital Forensics III,,Springer New York,,Nayot Poolsapassit; Indrajit Ray,"System log files contain valuable evidence pertaining to computer attacks. However, the log files are often massive, and much of the information they contain is not relevant to the investigation. Furthermore, the files almost always have a flat structure, which limits the ability to query them. Thus, digital forensic investigators find it extremely difficult and time consuming to extract and analyze evidence of attacks from log files. This paper describes an automated attack-tree-based approach for filtering irrelevant information from system log files and conducting systematic investigations of computer attacks.",,,331,343,Flat organization; Attack; Attack tree; Computer security; Computer science; Network forensics; Digital forensics,,,,,https://doi.org/10.1007%2F978-0-387-73742-3_23 https://link.springer.com/chapter/10.1007/978-0-387-73742-3_23 https://dblp.uni-trier.de/db/conf/ifip11-9/df2007.html#PoolsapassitR07 https://link.springer.com/content/pdf/10.1007/978-0-387-73742-3_23.pdf https://rd.springer.com/chapter/10.1007/978-0-387-73742-3_23,http://dx.doi.org/10.1007/978-0-387-73742-3_23,,10.1007/978-0-387-73742-3_23,1890286887,,0,032-618-168-283-733; 050-221-827-742-911; 053-353-605-663-947; 061-807-503-658-008; 071-269-562-942-065; 100-659-281-038-399; 102-433-494-395-059,28,true,,bronze
057-366-982-589-875,Reliability assessment of digital forensic investigations in the Norwegian police,,2022,journal article,Forensic Science International: Digital Investigation,26662817; 26662825,Elsevier BV,,Radina Stoykova; Stig Andersen; Katrin Franke; Stefan Axelsson,"This case study presents a qualitative assessment of the reliability of digital forensic investigation in criminal cases in Norway. A reliability validation methodology based on international digital forensic standards was designed to assess to what extent those standards are implemented and followed by law enforcement in their casework. 124 reports related to the acquisition, examination, and analysis of three types of digital data sources - computers, mobile phones, and storage devices were examined. The reports were extracted from the criminal case management system used by the police and prosecution services. The reports were examined on technology, method, and application level in order to assess the reliability of digital evidence for criminal proceedings. The study found that digital forensic investigation in 21 randomly sampled criminal cases in Norway were insufficiently documented to assess the reliability of the digital evidence. It was not possible to trace the digital forensic actions performed on each item or link the digital evidence to its source. None of the cases were shown to comply with digital forensic methodology, justify the methods and tools used, or validate tool results and error rates. • Digital forensic investigation in 21 randomly sampled criminal cases in Norway were insufficiently documented to assess the reliability of the digital evidence. • It was not possible to trace the digital forensic actions performed on each item or link the digital evidence to its source. • None of the cases were shown to comply with digital forensic methodology, justify the methods and tools used, or validate tool results.",40,,301351,301351,Digital evidence; Digital forensics; Reliability (semiconductor); Forensic science; Criminal investigation; Law enforcement; Computer science; Computer forensics; Computer security; Data science,,,,,,http://dx.doi.org/10.1016/j.fsidi.2022.301351,,10.1016/j.fsidi.2022.301351,,,0,004-441-167-148-170; 009-512-003-529-193; 017-779-541-978-693; 017-840-378-634-021; 026-774-296-742-022; 041-061-538-346-924; 054-004-313-233-495; 056-307-204-167-258; 061-269-967-405-492; 075-950-021-558-098; 083-748-342-549-230; 088-502-605-341-215; 111-488-239-742-003,1,true,,hybrid
057-758-781-093-331,Digital Evidence Exceptionalism? A Review and Discussion of Conceptual Hurdles in Digital Evidence Transformation,2020-05-22,2020,,Social Science Research Network,,,,Alex Biedermann; Kyriakos N. Kotsoglou,"Forensic science is currently undergoing a transformation and expansion to include modern types of evidence, such as evidence generated by digital investigations. This development is said to raise a series of challenges, both in operational and conceptual dimensions. This paper reviews and discusses a series of convoluted conceptual hurdles that are encountered in connection with the use of digital evidence as part of evidence and proof processes at trial, in contradistinction to investigative uses of such types of evidence. As a recent example raising such hurdles, we analyse and discuss assertions and proposals made in the article “Digital Evidence Certainty Descriptors (DECDs)” by Graeme Horsman (32 Forensic Science International: Digital Investigation (2020) 200896).",,,,,Political science; Exceptionalism; Digital evidence; Weight of evidence; Engineering ethics; Certainty,,,,,https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3688560,https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3688560,,,3214679339,,0,,0,false,,
057-814-822-953-013,Document Clustering in Forensic Investigation by Hybrid Approach,2014-04-18,2014,journal article,International Journal of Computer Applications,09758887,Foundation of Computer Science,,G. Thilagavathi; J. Anitha,"Digital Forensic Investigation is the branch of scientific forensic process for investigation of material found in digital devices related to computer crimes. Digital evidence analogous to particular incident is any digital data that provides hypothesis about incident. The essential part of Digital forensic Process is to analyze the documents present on suspect‟s computer. Due to increasing count of documents and larger size of storage devices makes very difficult to analyze the documents on computer. To overcome these problems, a subject based semantic document clustering algorithm along with bisecting-kmeans has been proposed that allows the examiner to analyze and cluster the documents based on particular subject and also the terms that does not belong to any subject. The accuracy of clustering of documents has been improved by means of this hybrid approach.",91,3,14,19,Data mining; Forensic science; Document clustering; Digital forensic process; Subject (documents); Suspect; Digital evidence; Digital forensic investigation; Computer science; Process (engineering); Cluster analysis,,,,,https://research.ijcaonline.org/volume91/number3/pxc3894784.pdf https://www.ijcaonline.org/archives/volume91/number3/15860-4784 http://ui.adsabs.harvard.edu/abs/2014IJCA...91c..14T/abstract,http://dx.doi.org/10.5120/15860-4784,,10.5120/15860-4784,2099207896,,0,006-169-257-799-439; 021-572-735-190-382; 025-484-182-808-044; 052-814-620-196-112; 063-976-673-171-817; 065-901-777-764-939; 074-249-424-367-729; 080-826-345-483-814; 095-274-059-975-043; 106-849-681-739-149; 120-695-214-222-114; 166-429-669-625-531; 168-493-303-499-04X; 176-271-242-066-828; 184-948-841-629-735,5,true,,green
058-268-994-058-657,A Novel Evidence Integrity Preservation Framework (EIPF) for Virtualised Environments: A Digital Forensic Approach,,2013,,,,,,Uchenna Ani; Tim French Gregory Epiphaniou,"Virtualisation technologies have established their importance as core components of modern digital communications. With the increasing trend towards outsourcing and cloud services, virtualisation features such as; versioning, isolation, encapsulation and their exploitability from adversaries becomes a critical area for system integrity. From a digital forensics perspective, the sole aim of preserving integrity is to ensure admissibility. This paper focuses on the identification of threats to the integrity of digital evidence using the VMware hypervisor as an example case study. A novel Evidence Integrity Preservation Framework (EIPF) is introduced which can be scaled for virtualised environments using Clark-Wilson’s principles. The key parameters of our EIPF include the strength of the hashing functions, the relative number of evidence attributes used and the number of evidence “cycles”. A Reliability Rating Factor (R) is also derived as a means of conceptualising integrity levels and imposing restrictions based on known processes related to data integrity.",,,97,106,Hypervisor; Engineering; System integrity; Digital evidence; Data integrity; Computer security; Outsourcing; Virtualization; Cloud computing; Digital forensics,,,,,https://sdiwc.net/digital-library/a-novel-evidence-integrity-preservation-framework-eipf-for-virtualised-environments-a-digital-forensic-approach.html,https://sdiwc.net/digital-library/a-novel-evidence-integrity-preservation-framework-eipf-for-virtualised-environments-a-digital-forensic-approach.html,,,1494794782,,0,000-965-663-206-482; 005-102-962-333-180; 006-147-210-361-045; 007-790-059-029-953; 017-028-822-590-17X; 018-182-926-340-45X; 030-266-326-999-894; 031-327-700-543-153; 032-246-414-391-330; 034-069-782-815-668; 034-591-836-174-686; 036-034-556-612-312; 037-483-791-552-006; 083-476-116-149-021; 090-792-295-657-205; 092-897-150-469-59X; 099-717-679-430-808; 184-948-841-629-735; 185-038-131-679-547; 194-016-717-022-461,3,false,,
058-721-168-953-513,"Smart Device Forensics - Acquisition, Analysis and Interpretation of Digital Evidences",,2015,conference proceedings article,2015 International Conference on Computational Science and Computational Intelligence (CSCI),,IEEE,,Ezhil Kalaimannan,"Smart Device Forensics is a classification under Digital Forensics, which primarily deals with the investigation of digital evidence found in smart devices such as Smart phones, tablets and televisions. There is an enormous rate of increase in threats with ever growing releases of smart devices and rapid advancement in innovative technologies. In this paper, we report a digital forensics investigation procedure to acquire and analyze digital evidences found in a smart device based on file systems, logical memory storage and operating system architectures.",,,837,838,Forensic science; Logical address; Smart device; Digital evidence; Computer security; Computer science; Network forensics; Interpretation (philosophy); Digital forensics,,,,,https://ieeexplore.ieee.org/document/7424210/,http://dx.doi.org/10.1109/csci.2015.58,,10.1109/csci.2015.58,2293736765,,0,037-249-650-631-223; 048-141-687-795-752,5,false,,
058-723-704-218-926,ISSA - A Digital Forensic Readiness framework for South African SME's,,2010,conference proceedings article,2010 Information Security for South Africa,,IEEE,,D. Barske; Adrie Stander; Jason Jordaan,"In this digital age, most business is conducted electronically. This contemporary paradigm creates openings for potentially harmful unanticipated information security incidents of both a criminal or civil nature, with the potential to cause considerable direct and indirect damage to smaller businesses. Electronic evidence is fundamental to the successful handling of such incidents. If an organisation does not prepare proactively for such incidents it is highly likely that important relevant digital evidence will not be available. Not being able to respond effectively could be extremely damaging to smaller companies, as they are unable to absorb losses as easily as larger organisations. In order to prepare smaller businesses for incidents of this nature, the implementation of Digital Forensic Readiness policies and procedures is necessitated. Numerous varying factors such as the perceived high cost, as well as the current lack of forensic skills, make the implementation of Digital Forensic Readiness appear difficult if not infeasible for smaller organisations. In order to solve this problem it is necessary to develop a scalable and flexible framework for the implementation of Digital Forensic Readiness based on the individual risk profile of a small to medium enterprise (SME). This paper aims to determine, from literature, the concepts of Digital Forensic Readiness and how they apply to SMEs. Based on the findings, the aspects of Digital Forensics and organisational characteristics that should be included in such a framework is highlighted.",,,1,6,Business; Information system; Order (exchange); Digital evidence; Computer security; Scalability; Information security; Computer forensics; Knowledge management; Electronic business; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/issa/issa2010.html#BarskeSJ10 https://ieeexplore.ieee.org/document/5588281/ http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000005588281 http://ieeexplore.ieee.org/document/5588281/,http://dx.doi.org/10.1109/issa.2010.5588281,,10.1109/issa.2010.5588281,2032274615,,0,002-383-410-319-043; 019-698-064-288-240; 021-486-901-460-202; 024-711-735-736-003; 041-291-462-265-899; 053-337-650-817-28X; 103-492-185-142-345; 136-745-511-009-321,31,false,,
058-875-551-223-929,A Review on Data Generation for Digital Forensic Investigation using Data Mining,,2014,,,,,,Prashant K. Khobragade; Latesh Malik,"Digital forensic is part of forensic science that unconditionally covers cyber crimes. In a cyber crime digital forensic evidence examination requires a special process and techniques in examination of cyber crime in crime scene and examination of evidence are accepted in law enforcement. Cyber crime involves log data, transactional data is occurs which tends to plenty of data for storage and analyze them. The network forensic traces involve Intrusion Detection System and firewall logs, logs generated by network services and applications, packet captures by sniffers. In network lots of data is generated in every event of action, so it is difficult for forensic investigators to find out clue and analyzing those data. In this paper general methodology is discussed for network data forensic analysis and also the survey of various network forensic analysis tools and approach in use to capturing data from different resources.",,,,,Engineering; Transaction data; Network packet; Crime scene; Firewall (construction); Law enforcement; Intrusion detection system; Computer security; Test data generation; Digital forensics,,,,,,,,,2183500627,,0,006-144-504-826-078; 009-372-939-859-569; 010-761-075-426-049; 014-147-422-032-729; 030-008-006-335-835; 053-225-079-920-619; 059-322-705-319-269; 092-564-888-201-404; 098-669-156-394-924; 116-653-582-139-111; 125-384-800-661-375; 146-773-338-621-314; 189-946-818-419-927,1,false,,
059-085-844-461-066,"Analyzing Registry, Log Files, and Prefetch Files in Finding Digital Evidence in Graphic Design Applications",2012-07-01,2012,,,,,,Enos K. Mabuto; Hein S. Venter,"The products of graphic design applications, leave behind traces of digital information which can be used during a digital forensic investigation in cases where counterfeit documents have been created. This paper analyzes the digital forensics involved in the creation of counterfeit documents. This is achieved by first recognizing the digital forensic artifacts left behind from the use of graphic design applications, and then analyzing the files associated with these applications. When analyzing digital forensic artifacts generated by an application, the specific focus is on determining whether the graphic design application was installed, whether the application was used, and determining whether an association can be made between the application’s actions and such a digital crime. This is accomplished by locating such information from the registry, log files and prefetch files. The file analysis involves analyzing files associated with these applications for file signatures and metadata. In the end it becomes possible to determine if a system has been used for creating counterfeit documents or not.",4,2,137,150,Instruction prefetch; World Wide Web; Graphic design; Counterfeit; Digital evidence; Focus (computing); Computer science; Association (object-oriented programming); Digital forensics; Metadata,,,,,https://dblp.uni-trier.de/db/journals/isecure/isecure4.html#MabutoV12 http://www.isecure-journal.com/article_39131_7de093f8bbec6cfe3c8b6822a36253fc.pdf https://www.sid.ir/En/Journal/ViewPaper.aspx?ID=350733 http://www.isecure-journal.com/article_39131.html https://doi.org/10.22042/isecure.2013.4.2.5 https://www.sid.ir/en/VEWSSID/J_pdf/5070420120205.pdf,https://dblp.uni-trier.de/db/journals/isecure/isecure4.html#MabutoV12,,,2285517485,,0,057-248-775-735-756; 067-192-574-918-890; 076-346-829-732-533; 100-810-724-643-272; 111-534-293-475-684; 113-406-811-671-711; 119-234-785-721-155; 132-171-677-621-785; 148-698-839-036-557; 154-778-607-714-379; 199-172-967-270-034,0,false,,
059-259-197-397-244,ISSA - Testing the harmonised digital forensic investigation process model-using an Android mobile phone,,2013,conference proceedings article,2013 Information Security for South Africa,,IEEE,,Stacey Omeleze; Hein S. Venter,"Mobile forensics is a branch of digital forensics relating to the recovery of digital evidence from mobile devices under forensically sound conditions. Mobile forensics is considered to be at an infant stage with different investigation process models being applied. The biggest challenge in many of the available digital forensic investigation process models lies in their lack of testing before being fully applied to mobile forensics. Furthermore, for any proposed digital forensic investigation process model to be approved by the scientific community, it has to be tested. The Harmonised Digital Forensic Investigation (HDFI) process model is currently in the working draft stage towards becoming an international standard for digital forensic investigations (ISO/IEC 27043), thus the need for its testing. In this paper, the (HDFI) process model is tested using an Android mobile phone. The selection of an Android mobile phone is motivated by the fact that Android mobile phones have the greatest share of the mobile market index. In the last three years, for example, the market share index for mobile phones put Android mobile devices at 75% of the entire smartphone market. Through observing the findings of the test using an Android mobile phone, this paper demonstrates that conducting mobile forensics using the HDFI process model produces satisfactory results.",,,1,8,Mobile computing; Mobile device; Mobile phone; Computer security; Computer science; Mobile Web; Android (operating system); Mobile technology; Mobile device forensics; Digital forensics,,,,,http://ieeexplore.ieee.org/document/6641063/ https://ieeexplore.ieee.org/document/6641063/,http://dx.doi.org/10.1109/issa.2013.6641063,,10.1109/issa.2013.6641063,1982655855,,0,010-553-539-781-211; 048-141-687-795-752,26,false,,
059-284-984-279-209,Gestión automatizada de actividades operativas en laboratorios de informática forense,2018-09-01,2018,,,,,,Hernán Horacio Herrera; Leopoldo Sebastián M. Gómez,"The paper shows the design of an extensible computer solution for computer forensic laboratories that will allow the automated management and monitoring of a set of tasks related to data processing to improve daily duties on digital evidence. The software works on an infrastructure composed of a local high-speed network and a group of workstations on which various forensiccomputer tools are executed. The forensic software tool is able to coordinate operational activities and the transfer of digital information on a set of network storage devices in which the sources of digital evidence and the results obtained from data processing are safeguarded. The framework has been designed for the automated management of operative activities and will enable the simultaneous and autonomous processing of multiple sources of digital evidence corresponding to different cases being processed in a computer forensic laboratory. Furthermore, it can also be managed through a web interface and will allow programming, controlling and reporting the progress of automated tasks that are executed on digital evidence. The results of those finalized jobsare stored in a database and after being validated they will be available and accessible through an online review system, so that judicial operators have without delays a fully set of forensic analysis reports and other potentially relevant findings that allow them an early evaluation of the digital evidence submitted to expertise. The solution proposed seeks to contribute to theautomated management of operative activities in the laboratory as a first step towards the so-called forensic computer systems of second generation.",,,,,Software engineering; Data processing; Set (abstract data type); Software; Digital evidence; Software tool; Network storage; Computer science; Workstation; User interface,,,,,http://sedici.unlp.edu.ar/bitstream/handle/10915/71801/Documento_completo.pdf?sequence=1 http://sedici.unlp.edu.ar/handle/10915/71801,http://sedici.unlp.edu.ar/handle/10915/71801,,,3003783362,,0,,0,false,,
059-294-756-490-060,BitScout: Remote Digital Forensics Toolkit,2020-05-01,2020,journal article,Digital Forensics (4n6) Journal,25821172,Digital Forensics (4N6),,Himani Rawat,"<jats:p>Forensic Science has been full of challenges for most of the Law Enforcement Agency (LEA) as we need to physically visit the crime scene, acquire evidence, then preserve it for forensic analysis. The path of collecting evidences from crime site and then bringing it to the Forensic Labs. becomes much cumbersome as the evidence may be corrupted or altered during transit. So why not to adopt a system for readily analysis of a compromised system without going to the crime site and sitting on one’s chair or forensic workstation?; The answer may be yes, we can but will it be easy and ethical to acquire evidence from a system remotely without visiting the crime scene physically. Vitaly Kamluk from Kaspersky Labs made this possible now by launching a new forensic tool called BitScout . To solve this problem, security researchers and Forensic Investigator can now use BitScout to collect remotely, key forensic evidences, to acquire full disk images via the network or locally attached storage devices, or simply to assist in malware incident handling. Evidence data can be viewed and analysed remotely or locally while the source data storage remains intact through reliable container-based isolation. BitScout is an open-source and free tool developed by security researchers for all people interested in digital forensics and cyber crimes investigations.</jats:p>",,,22,23,Computer science; Multimedia; Digital forensics,,,,,http://dx.doi.org/10.46293/4n6/2020.02.02.03,http://dx.doi.org/10.46293/4n6/2020.02.02.03,,10.46293/4n6/2020.02.02.03,3022406620,,0,,0,false,,
059-609-113-377-949,Forensic investigation of cyberstalking cases using Behavioural Evidence Analysis,,2016,journal article,Digital Investigation,17422876,Elsevier BV,Netherlands,Noora Al Mutawa; Joanne Bryce; Virginia N. L. Franqueira; Andrew Marrington,"Behavioural Evidence Analysis (BEA) is, in theory, useful in developing an understanding of the offender, the victim, the crime scene, and the dynamics of the crime. It can add meaning to the evidence obtained through digital forensic techniques and assist investigators with reconstruction of a crime. There is, however, little empirical research examining the application of BEA to actual criminal cases, particularly cyberstalking cases. This study addresses this gap by examining the utility of BEA for such cases in terms of understanding the behavioural and motivational dimensions of offending, and the way in which digital evidence can be interpreted. It reports on the forensic analysis of 20 cyberstalking cases investigated by Dubai Police in the last five years. Results showed that BEA helps to focus an investigation, enables better understanding and interpretation of victim and offender behaviour, and assists in inferring traits of the offender from available digital evidence. These benefits can help investigators to build a stronger case, reduce time wasted to mistakes, and to exclude suspects wrongly accused in cyberstalking cases.",16,16,S96,S103,Empirical research; Forensic science; Crime scene; Cyberstalking; Digital evidence; Computer security; Computer science; Interpretation (philosophy); Meaning (linguistics); Criminology; Digital forensics,,,,,https://www.infona.pl/resource/bwmeta1.element.elsevier-796b80b4-b548-3256-90c3-0614e1e6b193 https://www.sciencedirect.com/science/article/pii/S1742287616300068 https://cyberleninka.org/article/n/587101.pdf https://cyberleninka.org/article/n/587101 https://dl.acm.org/doi/10.1016/j.diin.2016.01.012 https://derby.openrepository.com/handle/10545/608462 http://www.sciencedirect.com/science/article/pii/S1742287616300068 https://dl.acm.org/citation.cfm?id=2910145 https://core.ac.uk/display/42138486 http://clok.uclan.ac.uk/14089/ https://core.ac.uk/download/42138486.pdf,http://dx.doi.org/10.1016/j.diin.2016.01.012,,10.1016/j.diin.2016.01.012,2329693662,,0,005-578-292-466-235; 009-625-838-012-548; 011-207-484-659-618; 019-645-930-990-548; 024-890-178-947-591; 036-269-075-303-806; 037-550-015-414-716; 039-097-172-195-326; 049-488-209-182-213; 060-822-607-399-070; 072-811-052-394-365; 073-624-718-302-07X; 090-152-464-314-890; 097-039-638-472-515; 104-401-234-970-738; 106-997-065-291-365; 120-664-015-054-54X; 121-601-580-498-491; 140-730-540-277-926; 145-062-913-009-934; 159-823-071-020-847; 160-976-357-855-420; 164-534-073-076-975; 167-652-916-391-487,15,true,cc-by-nc-nd,hybrid
059-644-575-967-904,AI-Enabled Digital Forensic Evidence Examination,2020-02-25,2020,book chapter,Advances in Intelligent Systems and Computing,21945357; 21945365,Springer International Publishing,,Jim Q. Chen,"Digital forensics is crucial for the prosecution of offenders in cyberspace, including nation-state actors and non-nation-state actors. The evidence discovered, verified, and associated during the evidence examination phase serves as the basis for digital forensic analysis and eventually the basis for the verdict of a judge and a jury. However, the current digital forensic evidence examination procedure usually takes a relatively long time, demands a great amount of resources, and requires great efforts from human experts. The biggest challenges in this procedure are accuracy and speed. Nevertheless, in some cases, delay is not allowed, as it may have significant impact upon a critical mission, especially a time-sensitive one. To address this challenge, this paper recommends an AI-based digital forensic evidence examination architecture that is empowered by contextual binding, machine learning, and human-machine teaming. In this approach, human experts are teamed up with artificial intelligence (AI) systems in conducting evidence examination. This approach certainly improves the efficiency and effectiveness of an investigation, thus successfully supporting missions.",,,832,841,Architecture; Phase (combat); Data science; Jury; Verdict; Cyberspace; Examination procedure; Computer science; Digital forensics,,,,,https://link.springer.com/chapter/10.1007%2F978-3-030-39445-5_60,http://dx.doi.org/10.1007/978-3-030-39445-5_60,,10.1007/978-3-030-39445-5_60,3008792526,,0,001-940-779-415-29X; 013-399-622-282-428; 024-539-327-776-880; 042-251-157-585-319; 043-208-000-767-088; 050-304-428-383-118; 050-513-243-638-138; 055-359-156-939-580; 079-795-075-139-962; 082-793-334-095-933; 124-507-616-796-502; 140-358-693-444-512; 148-732-709-522-772; 153-427-352-290-808,0,false,,
059-651-348-807-199,Digital media investigators: challenges and opportunities in the use of digital forensics in police investigations in England and Wales,2021-05-07,2021,journal article,Policing: An International Journal,1363951x,Emerald,United Kingdom,Dana Wilson-Kovacs,"In-depth knowledge about specific national approaches to using digital evidence in investigations is scarce. A clearer insight into the organisational barriers and professional challenges experienced, alongside a more detailed picture of how digital evidence can help police investigations are required to empirically substantiate claims about how digital technologies are changing the face of criminal investigations. The paper aims to focus on the introduction of digital media investigators to support investigating officers with the collection and interpretation of digital evidence.,Drawing on ethnographic and interview data collected as part of an Economic and Social Research Council-funded project on the application of digital forensics expertise in policing in England and Wales, this paper examines the changing face of investigations in relation to escalating digital demand.,The analysis presents the national and regional organisational parameters of deploying digital expertise in criminal investigation and examines some of the challenges of being a digital media investigator (DMI). Through testimonies from DMIs, digital forensic practitioners, investigating and senior officers and forensic managers, the analysis explores the organisational tensions in the collection, processing, interpretation and use of information from digital devices for evidential purposes.,The paper offers an empirical basis for the comparative study of how the DMI role has been implemented by law enforcement agencies and its fit within broader institutional considerations and processes.,The development of the DMI role has raised questions about the supply of digital expertise, especially to volume crime investigations, and tensions around occupational divisions between scientific and operational units.,The findings show that while the introduction of the DMI role was much needed, the development of this valuable provision within each force and the resources available require sustained and coordinated support to protect these professionals and retain their skills.,This study contributes to the growing sociological and criminological literature with an ethnographically based perspective into the organisational and occupational tensions in the identification and processing of digital evidence in England and Wales.",44,4,669,682,Criminal investigation; Digital media; Political science; Law enforcement; Digital evidence; Public relations; Social research; Organizational culture; Identification (information); Digital forensics,,,,,https://ore.exeter.ac.uk/repository/bitstream/10871/125904/4/Wilson-Kovacs%20March%202021%20DMI.pdf https://www.emerald.com/insight/content/doi/10.1108/PIJPSM-02-2021-0019/full/html https://ore.exeter.ac.uk/repository/handle/10871/125904,http://dx.doi.org/10.1108/pijpsm-02-2021-0019,,10.1108/pijpsm-02-2021-0019,3159541089,,0,004-200-813-216-207; 007-534-583-347-568; 009-285-002-570-736; 009-331-383-545-394; 009-512-003-529-193; 009-603-892-016-518; 009-737-876-320-900; 030-178-593-043-926; 031-614-539-275-181; 037-550-015-414-716; 059-355-319-008-527; 062-137-637-964-947; 069-830-580-589-946; 073-313-808-035-835; 074-706-219-689-754; 077-493-637-233-955; 083-769-333-117-658; 086-419-575-179-359; 113-225-815-651-029; 137-298-307-797-644; 142-790-196-752-819,4,true,,green
059-667-076-144-681,Libforensics For Developing Digital Forensics Applications,2022-07-26,2022,journal article,Advances in Multidisciplinary and scientific Research Journal Publication,24888699,Creative Research Publishers,,James Hebidzi Senanu,"<jats:p>The evolution of computers, increase in cybercrime and the demand by law requirements for the production of admissible forensic reports require the application of digital/computer technologies and require the development of a methodology to systematically search digital devices for significant evidence. Cyber and computer fraud are growing by the passing of the day with less than two percent of the reported cases resulting in confidence leading to securing justice and or convictions.  This study explores the digital forensic applications and ease of integration of the existing forensic applications. It was the view of the researcher that there exists a gap of monolithic in  forensic applications and the cyber universe. One requires different applications to conduct a forensic investigation into a crime revolving around different digital universes.  The study proposed research into the development of a single enterprise digital forensic application capable of examining all aspects of the universe regardless and producing an admissible report in the court of law    Keywords:  Forensic, Cybercrime, Monolithic, Digital universe, Cyberspace, Cyber ecosystem   BOOK Chapter ǀ Research Nexus in IT, Law, Cyber Security &amp; Forensics. Open Access. Distributed Free  Citation: James Hebidzi Senanu (2022): Libforensics For Developing Digital Forensics Applications. Book Chapter Series on Research Nexus in IT, Law, Cyber Security &amp; Forensics. Pp 335-338 www.isteams.net/ITlawbookchapter2022. dx.doi.org/10.22624/AIMS/CRP-BK3-P53</jats:p>",1,1,335,338,Digital forensics; Digital evidence; Computer forensics; Cybercrime; Nexus (standard); Cyberspace; Computer science; Computer security; Child pornography; Network forensics; Law enforcement; The Internet; World Wide Web; Law; Political science; Embedded system,,,,,,http://dx.doi.org/10.22624/aims/crp-bk3-p53,,10.22624/aims/crp-bk3-p53,,,0,,0,true,,bronze
059-772-116-963-222,PENGGUNAAN ALAT BUKTI DIGITAL DALAM KOMPUTER FORENSIK PADA PENYIDIKAN TINDAK PIDANA MAYANTARA DI DIREKTORAT KRIMINAL KHUSUS POLDA SUMBAR,2019-03-03,2019,,,,,,Noffezar Noffezar; Fitriati Fitriati; Iyah Faniyah,"Article 5 of Law No. 11 of 2008 concerning Electronic Information and Transactions states that electronic information and / or printed results from electronic information are valid evidence and have legal legal consequences. The use of digital evidence through computer forensics by investigators still encounters various problems. This research is legal research with analytical descriptive specifications. The form of print out of electronic evidence is contained in the minutes of investigation. Without going through Digital Forensics, an electronic document cannot be used as evidence because the validity of the electronic document cannot be guaranteed. In the investigation process physical evidence and digital evidence are part of a complementary investigation process. Constraints on the use of digital evidence on computer forensics are the few people who can be asked to become expert witnesses. The absence of a forensic computer laboratory at the West Sumatra Regional Police. Digital proofing is carried out by experts. Efforts are being made to overcome the obstacles in proof using digital evidence with computer forensics, among others, by using information or opinions from telematics experts who have expertise in their fields.",2,4,411,419,Internet privacy; Electronic document; Digital evidence; Electronic information; Computer laboratory; Computer science; Legal research; Computer forensics; Digital forensics; Telematics,,,,,https://swarajustisia.unespadang.ac.id/index.php/UJSJ/article/view/82 https://swarajustisia.unespadang.ac.id/index.php/UJSJ/article/download/82/54,https://swarajustisia.unespadang.ac.id/index.php/UJSJ/article/view/82,,,3166049037,,0,,0,false,,
060-294-953-084-788,SCC - FAIoT: Towards Building a Forensics Aware Eco System for the Internet of Things,,2015,conference proceedings article,2015 IEEE International Conference on Services Computing,,IEEE,,Shams Zawoad; Ragib Hasan,"The Internet of Things (IoT) involves numerous connected smart things with different technologies and communication standards. While IoT opens new opportunities in various fields, it introduces new challenges in the field of digital forensics investigations. The existing tools and procedures of digital forensics cannot meet the highly distributed and heterogeneous infrastructure of the IoT. Forensics investigators will face challenges while identifying necessary pieces of evidence from the IoT environment, and collecting and analyzing those evidence. In this article, we propose the first working definition of IoT forensics and systematically analyze the IoT forensics domain to explore the challenges and issues in this special branch of digital forensics. We propose a Forensics-aware IoT (FAIoT) model for supporting reliable forensics investigations in the IoT environment.",,,279,284,Domain (software engineering); Field (computer science); Computer security; Computer science; Network forensics; Internet of Things; Digital forensics,,,,,https://doi.org/10.1109/SCC.2015.46 https://dblp.uni-trier.de/db/conf/IEEEscc/scc2015.html#ZawoadH15 http://ieeexplore.ieee.org/document/7207364/ http://ieeexplore.ieee.org/abstract/document/7207364 https://ieeexplore.ieee.org/document/7207364/,http://dx.doi.org/10.1109/scc.2015.46,,10.1109/scc.2015.46,1555036802,,0,016-594-987-385-596; 018-024-197-516-000; 018-282-224-169-000; 019-698-064-288-240; 021-692-645-646-928; 024-693-530-527-287; 025-811-569-298-195; 033-894-840-098-286; 041-879-975-858-398; 051-368-118-380-383; 053-682-155-274-289; 056-205-328-777-528; 061-033-869-892-660; 061-451-931-450-073; 066-846-531-598-093; 079-682-860-947-681; 091-694-208-796-635; 093-117-308-515-186; 108-830-956-418-92X; 116-056-471-784-278; 118-008-780-783-558; 120-488-280-636-014; 125-315-092-261-151; 125-817-456-334-439; 131-088-279-222-806; 137-616-902-479-676; 163-329-152-156-499; 170-108-067-251-840; 174-975-127-130-321,109,false,,
060-458-784-647-284,Strategic Leadership in Digital Evidence - Digital forensic organisational capability,,2021,book chapter,Strategic Leadership in Digital Evidence,,Elsevier,,Paul Reedy,,,,39,41,Data science; Computer science; Digital forensics,,,,,https://api.elsevier.com/content/article/PII:B9780128196182000061?httpAccept=text/xml,http://dx.doi.org/10.1016/b978-0-12-819618-2.00006-1,,10.1016/b978-0-12-819618-2.00006-1,3109087775,,0,087-326-101-466-886,0,false,,
060-650-561-577-338,DFRWS - Unification of digital evidence from disparate sources (Digital Evidence Bags),,2005,journal article,Digital Investigation,17422876,Elsevier BV,Netherlands,Philip Turner,,2,3,223,228,Automatic identification and data capture; Human–computer interaction; World Wide Web; Container (abstract data type); Mobile phone; Digital evidence; Distributed Computing Environment; Computer science; Computer forensics; Audit trail; Digital forensics,,,,,https://www.sciencedirect.com/science/article/pii/S1742287605000575 https://doi.org/10.1016/j.diin.2005.07.001 https://dblp.uni-trier.de/db/conf/dfrws/dfrws2005.html#Turner05,http://dx.doi.org/10.1016/j.diin.2005.07.001,,10.1016/j.diin.2005.07.001,1987311960,,1,079-070-981-899-105; 183-320-282-603-781,70,false,,
060-659-035-509-926,Research of Requirement Based Computer Forensics Process,,2005,journal article,Computer Science,15082806,,,Sun B,"Research regarding digital forensic technologies has become more active with the recent increases in illegal accesses to computer system. Many researchers only focus on the techniques or tools for evidence detecting and evi- dence analyzing,overlooking key fundamentals. And the important part in digital forensic key fundamentals includes the development of standards,definitions and methodologies.This paper explores the development of the digital foren- sics,compares and contrasts several forensics periods,and specially explores the development of the digital forensics process. Based on them,trying to develop sound digital forensics system which fits for our contry.",,,,,Forensic science; Key (cryptography); Data science; Computer security; Focus (computing); Computer science; Process (engineering); Network forensics; Computer forensics; Digital forensics,,,,,http://en.cnki.com.cn/Article_en/CJFDTOTAL-JSJA200502003.htm,http://en.cnki.com.cn/Article_en/CJFDTOTAL-JSJA200502003.htm,,,2358632756,,0,,0,true,publisher-specific,gold
060-971-363-644-947,A Survey of Various Frameworks and Solutions in all Branches of Digital Forensics with a Focus on Cloud Forensics,,2019,journal article,International Journal of Advanced Computer Science and Applications,21565570; 2158107x,The Science and Information Organization,,Mohammed Khanafseh; Mohammad Qatawneh; Wesam Almobaideen,"Digital forensics is a class of forensic science interested with the use of digital information produced, stored and transmitted by various digital devices as source of evidence in investigations and legal proceedings. Digital forensics can be split up to several classes such as computer forensics, network forensics, mobile forensics, cloud computing forensics, and IoT forensics. In recent years, cloud computing has emerged as a popular computing model in various areas of human life. However, cloud computing systems lack support for computer forensic investigations. The main goal of digital forensics is to prove the presence of a particular document in a given digital device. This paper presents a comprehensive survey of various frameworks and solutions in all classes of digital forensics with a focus on cloud forensics. We start by discussing different forensics classes, their frameworks, limitations and solutions. Then we focus on the methodological aspect and existing challenges of cloud forensics. Moreover, the detailed comparison discusses drawbacks, differences and similarities of several suggested cloud computing frameworks providing future research directions.",10,8,,,Class (computer programming); Data science; Cloud forensics; Focus (computing); Computer science; Network forensics; Computer forensics; Mobile device forensics; Cloud computing; Digital forensics,,,,,https://thesai.org/Downloads/Volume10No8/Paper_80-A_Survey_of_Various_Frameworks_and_Solutions.pdf https://thesai.org/Publications/ViewPaper?Volume=10&Issue=8&Code=IJACSA&SerialNo=80,http://dx.doi.org/10.14569/ijacsa.2019.0100880,,10.14569/ijacsa.2019.0100880,2972427363,,0,000-451-779-646-297; 003-803-242-209-367; 004-706-447-836-905; 008-308-597-135-954; 009-885-874-541-907; 010-688-518-606-674; 018-552-581-098-658; 019-698-064-288-240; 020-311-734-615-623; 026-774-296-742-022; 032-286-659-568-014; 032-697-093-668-898; 034-916-306-834-918; 039-926-373-052-060; 044-353-273-186-518; 047-125-525-662-686; 047-630-600-014-492; 055-602-900-718-397; 056-205-328-777-528; 057-897-698-974-277; 060-808-935-547-406; 065-322-784-190-818; 066-235-037-082-291; 070-466-273-729-651; 074-014-335-505-388; 083-887-368-633-254; 088-719-274-824-438; 088-909-224-066-322; 091-619-263-117-914; 091-912-350-006-721; 093-778-033-321-400; 095-691-114-276-825; 096-188-680-470-989; 097-595-459-357-957; 097-939-114-561-254; 098-748-261-333-651; 111-090-978-711-139; 112-181-239-331-730; 120-937-322-045-732; 121-737-705-216-690; 124-912-663-881-389; 128-736-420-984-960; 137-563-945-652-129; 143-469-269-658-387; 148-338-977-232-362; 151-117-898-624-762; 153-276-821-446-997; 154-517-106-328-503; 162-110-149-751-921; 167-592-705-831-583; 185-741-441-912-96X; 187-762-907-549-695; 190-065-821-748-92X; 199-745-676-923-766,8,true,cc-by,gold
061-143-245-762-849,Emerging Forensic Tools for Locating and Analyzing Digital Evidence - Revitalizing Digital Forensic Investigations,,,book chapter,Emerging Forensic Tools for Locating and Analyzing Digital Evidence,,IGI Global,,Richard Boddington,,,,4437,5027,Digital forensics,,,,,,http://dx.doi.org/10.4018/978-1-4666-9591-7.les7,,10.4018/978-1-4666-9591-7.les7,2504695520,,0,,0,false,,
061-335-191-754-769,Mining social networking sites for digital evidence,,,,,,,,Brian Cusack; Saud Alshaifi,"OnLine Social Networking sites (SNS) hold a vast amount of information that individuals and organisations post about themselves. Investigations include SNS as sources of evidence and the challenge is to have effective tools to extract the evidence. In this exploratory research we apply the latest version of a proprietary tool to identify potential evidence from five SNS using three different browsers. We found that each web browser influenced the scope of the evidence extracted. In previous research we have shown that different open source and proprietary tools influence the scope of evidence obtained. In this research we asked, What variation in the scope of evidence extraction can be expected between different browsers? The implications of this exploratory research is for precaution. The choice of a web browser used to investigate a SNS directly influences the scope of digital evidence obtained.",,,,,World Wide Web; Business; Variation (game tree); Scope (project management); Digital evidence; Web browser; Open source; Exploratory research,,,,,https://openrepository.aut.ac.nz/handle/10292/10366 https://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1144&context=adf https://ro.ecu.edu.au/adf/145/ https://core.ac.uk/download/pdf/80334061.pdf,http://dx.doi.org/10.4225/75/57b3f23afb885,,10.4225/75/57b3f23afb885,2282083497,,0,009-386-221-930-423; 017-054-578-855-883; 018-945-932-052-000; 024-662-554-815-361; 029-676-550-090-956; 073-176-805-913-104; 076-960-533-712-760; 129-494-284-130-852; 169-167-102-777-78X; 171-637-120-942-780,3,true,,
061-353-104-200-573,Identifying Digital Forensic Frameworks Based on Processes Models,2021-01-14,2021,journal article,Iraqi Journal of Science,23121637; 00672904,University of Baghdad College of Science,,Talib M. Jawad Abbas; Ahmed Salem Abdulmajeed,Digital forensic is part of forensic science that implicitly covers crime related to computer and other digital devices. It‟s being for a while that academic studies are interested in digital forensics. The researchers aim to find out a discipline based on scientific structures that defines a model reflecting their observations. This paper suggests a model to improve the whole investigation process and obtaining an accurate and complete evidence and adopts securing the digital evidence by cryptography algorithms presenting a reliable evidence in a court of law. This paper presents the main and basic concepts of the frameworks and models used in digital forensics investigation.,,,249,258,Cryptography; Data science; Digital evidence; Computer science; Process (engineering); Digital forensics; Hash function,,,,,https://ijs.uobaghdad.edu.iq/index.php/eijs/article/view/3919 http://scbaghdad.edu.iq/eijs/index.php/eijs/article/view/3919,http://dx.doi.org/10.24996/ijs.2021.si.1.35,,10.24996/ijs.2021.si.1.35,3124116883,,0,002-183-091-505-394; 004-706-447-836-905; 004-872-169-627-620; 009-940-339-227-472; 014-713-031-827-317; 019-698-064-288-240; 020-944-423-224-895; 038-668-970-194-854; 065-850-676-779-341; 097-723-876-253-714; 109-482-615-363-500; 111-090-978-711-139; 199-745-676-923-766,0,true,,gold
061-403-653-422-913,Towards the Adoption of Software Engineering Principles for Assessing and Ensuring the Reliability of Digital Forensic Tools,2017-09-06,2017,book chapter,Advances in Intelligent Systems and Computing,21945357; 21945365,Springer International Publishing,,Adedayo M. Balogun; Tranos Zuva,"The swift mutative nature of digital evidence generally makes it open to challenge from usually the disadvantaged party during an incident proceeding. The fairness of the eventual ruling passed, after considering evidence, to the involved parties is important. This brings about the meticulousness with which legal systems admit digital evidence into the facts required to decide lawsuits. In response, digital forensics practitioners employ standardized methodologies that stress and guide the preservation of the integrity of digital evidence. Validation of software used at various phases of a digital forensic investigation is an important procedure within such methodologies. This paper explores the possibility of demonstrating the reliability of digital forensics software by the methodology with which they were developed. Various software engineering principles are analyzed for strengths and limitations, to examine how reliable the evidence produced by software that implement such principle may be regarded. The DESMET feature analysis and benchmarking evaluation methods are proposed to determine the most appropriate set of software development principles for digital forensics tools, as far as ensuring their non-damaging interactions with evidence is concerned. The paper explains the benefits, limitations and concepts behind the feasibility of this tool validation technique, as the actual evaluations and demonstration are not yet in place.",,,271,282,Software engineering; Engineering; Set (psychology); Software; Disadvantaged; Digital evidence; Reliability (statistics); Software development; Digital forensics; Benchmarking,,,,,https://rd.springer.com/chapter/10.1007/978-3-319-67618-0_25 https://link.springer.com/chapter/10.1007%2F978-3-319-67618-0_25,http://dx.doi.org/10.1007/978-3-319-67618-0_25,,10.1007/978-3-319-67618-0_25,2750622622,,0,005-166-701-065-82X; 017-815-064-018-299; 018-764-547-512-856; 019-831-293-743-518; 022-246-133-676-61X; 027-596-318-311-424; 027-711-581-048-863; 044-390-210-231-783; 044-413-535-259-492; 046-079-711-057-091; 049-612-152-783-506; 050-513-243-638-138; 051-642-166-449-276; 058-205-117-706-853; 059-286-132-305-816; 062-049-901-374-904; 067-105-988-368-712; 075-040-984-125-284; 075-128-417-091-483; 080-117-008-231-77X; 085-214-277-668-01X; 096-810-097-857-083; 118-480-312-397-241; 120-420-413-902-347; 133-839-073-755-612; 153-813-507-607-845; 165-917-981-586-676,2,false,,
061-510-175-138-195,Digital Forensic Evidence - The missing link in Threat Modeling,2020-10-26,2020,conference proceedings article,2020 International Conference on Data Analytics for Business and Industry: Way Towards a Sustainable Economy (ICDABI),,IEEE,,Asif Iqbal; Johannes Olegard; Ranjana Ghimire,"Threat modeling is a set of methodologies to analyze the potential threats in a digital system, in order to mitigate them. Digital forensics, on the other hand, is used in order to find the true origin of an event with the help of forensic evidence. Digital forensics is based on Locard’s Principle and dictates that even digital crime leaves behind some form of remnants. Both the domains, threat modeling and digital forensics, have separately existed, but have to our knowledge not been used together. In this research we establish the importance of forensic evidence and how it can aid threat modeling by providing more comprehensive threat intelligence. We provide practical examples of how the two fields can be combined, based on attack graphs and Bayesian networks.",,,,,Link (knot theory); Threat model; Set (psychology); Data science; Threat intelligence; Bayesian network; Computer science; Event (computing); Digital forensics; Server,,,,,http://kth.diva-portal.org/smash/record.jsf?pid=diva2:1598020,http://dx.doi.org/10.1109/icdabi51230.2020.9325650,,10.1109/icdabi51230.2020.9325650,3122323586,,0,000-743-388-885-703; 020-932-579-047-065; 032-618-168-283-733; 059-996-036-864-294; 083-763-079-918-881; 085-030-218-338-591; 090-100-049-945-025; 109-594-603-932-768; 135-446-297-600-105; 154-129-685-787-792; 161-489-547-734-484; 175-891-626-282-520; 189-200-806-092-09X,1,false,,
061-620-309-813-166,The Digital Crime Scene,,,book chapter,Handbook of Digital and Multimedia Forensic Evidence,,Humana Press,,Mark M. Pollitt,,,,65,76,Artificial intelligence; Crime scene; Computer vision; Computer science; Search and seizure,,,,,https://link.springer.com/chapter/10.1007/978-1-59745-577-0_5 https://rd.springer.com/chapter/10.1007/978-1-59745-577-0_5,http://dx.doi.org/10.1007/978-1-59745-577-0_5,,10.1007/978-1-59745-577-0_5,2235020936,,0,120-697-354-224-33X,3,false,,
061-826-181-454-689,DIGITAL & MULTIMEDIA SCIENCES,,2014,,,,,,Simson L. Garfinkel,"Forensically significant digital trace evidence that is frequently present in sectors of digital media not associated with allocated or deleted files. Modern digital forensic tools generally do not decompress such data unless a specific file with a recognized file type is first identified, potentially resulting in missed evidence. Email addresses are encoded differently for different file formats. As a result, trace evidence can be categorized as Plain in File (PF), Encoded in File (EF), Plain Not in File (PNF), or Encoded Not in File (ENF). The tool bulk_extractor finds all of these formats, but other forensic tools do not. A study of 961 storage devices purchased on the secondary market and shows that 474 contained encoded email addresses that were not in files (ENF). Different encoding formats are the result of different application programs that processed different kinds of digital trace evidence. Specific encoding formats explored include BASE64, GZIP, PDF, HIBER, and ZIP.",,,,,World Wide Web; Data file; Digital media; Information retrieval; Torrent file; Computer science; Indexed file; Image file formats; Digital forensics; Computer file; File format,,,,,,,,,2587020896,,0,004-652-388-189-304; 009-832-452-035-773; 025-832-466-975-926; 071-079-281-371-668; 085-214-277-668-01X,0,false,,
062-202-545-220-180,A Data Mining Approach for Data Generation and Analysis for Digital Forensic Application,,2010,journal article,International Journal of Engineering and Technology,17938236,IACSIT Press,,Veena H. Bhat; Prasanth G. Rao; R V Abhilash; P. Deepa Shenoy; K R Venugopal; L M Patnaik,"With the rapid advancements in information and communication technology in the world, crimes committed are becoming technically intensive. When crimes committed use digital devices, forensic examiners have to adopt practical frameworks and methods to recover data for analysis which can pose as evidence. Data Generation, Data Warehousing and Data Mining, are the three essential features involved in the investigation process. This paper proposes a unique way of generating, storing and analyzing data, retrieved from digital devices which pose as evidence in forensic analysis. A statistical approach is used in validating the reliability of the pre-processed data. This work proposes a practical framework for digital forensics on flash drives.",2,3,313,319,Data mining; Engineering; Data warehouse; Reliability (computer networking); Data science; Process (engineering); Test data generation; Information and Communications Technology; Digital forensics,,,,,http://ijetch.org/papers/140-L045.pdf http://www.ijetch.org/show-31-458-1.html,http://dx.doi.org/10.7763/ijet.2010.v2.140,,10.7763/ijet.2010.v2.140,2327759298,,0,010-086-703-646-194; 013-568-998-603-466; 021-486-901-460-202; 038-668-970-194-854; 047-630-600-014-492; 062-032-128-092-406; 092-827-221-228-520; 111-090-978-711-139; 125-384-800-661-375; 133-397-275-695-990; 146-773-338-621-314,22,true,,green
062-489-027-144-764,PENGGUNAAN METODE STATIS DAN LIVE FORENSIK PADA UAV UNTUK MENDAPATKAN BUKTI DIGITAL,2019-08-31,2019,journal article,ILKOM Jurnal Ilmiah,25487779; 20871716,Universitas Muslim Indonesia,,Ibnu Fajar Arrochman; Dhomas Hatta Fudholi; Yudi Prayudi,"In recent years, the use of drones by civilians is increasing rapidly by the presentation of total sales continued to increase rapidly every year. With the increasing possibility of Unmanned Aerial Vehicle (UAV) abuse, crime in the use of UAVs to be larger. Through forensic analysis of data using static forensic and live forensic to obtain data that allows it to be used as digital evidence. To dig up information that could be used as digital evidence in the UAV and controllers, as well as to know the characteristics of digital evidence on a UAV. The results showed that digital evidence on a UAV, the smartphone is used as a controller UAV has a very important role in the investigation. The findings in aircraft has a percentage of 50% and a camera memory card with 16.6%. DJI Phantom 3 Advanced GPS coordinates always store data in flight LOG; the data is always stored even when the flight mode is used does not use GPS signals to stability. Due to DJI Phantom 3 Advanced always use GPS on flights, file, image or video captured by the camera has the best GPS location coordinates to the metadata therein.",11,2,152,158,Geographic coordinate system; Controller (computing); GPS signals; Data analysis; Digital evidence; Computer science; Drone; Global Positioning System; Real-time computing; Metadata,,,,,https://dspace.uii.ac.id/handle/123456789/17446 http://jurnal.fikom.umi.ac.id/index.php/ILKOM/article/download/444/187 http://jurnal.fikom.umi.ac.id/index.php/ILKOM/article/view/444/187 https://core.ac.uk/download/pdf/228866677.pdf,http://dx.doi.org/10.33096/ilkom.v11i2.444.152-158,,10.33096/ilkom.v11i2.444.152-158,2974514758,,0,,0,true,cc-by-sa,gold
063-195-309-093-275,Network investigations of cyber attacks: the limits of digital evidence,,2006,journal article,"Crime, Law and Social Change",09254994; 15730751,Springer Science and Business Media LLC,Netherlands,David Chaikin,"Cyber attackers are rarely held accountable for their criminal actions. One explanation for the lack of successful prosecutions of cyber intruders is the dependence on digital evidence. Digital evidence is different from evidence created, stored, transferred and reproduced from a non-digital format. It is ephemeral in nature and susceptible to manipulation. These characteristics of digital evidence raise issues as to its reliability. Network-based evidence – ie digital evidence on networks – poses additional problems because it is volatile, has a short life span, and is frequently located in foreign countries. Investigators face the twin obstacles of identifying the author of a cyber attack and proving that the author has “guilty knowledge.” Even more is at stake when the cyber attacker is a trusted insider who has intimate knowledge of the computer security system of the organisation. As courts become more familiar with the vulnerabilities of digital evidence, they will scrutinise the reliability of computer systems and processes. It is likely that defence counsel will increasingly challenge both the admissibility and the weight of digital evidence. The law enforcement community will need to improve competencies in handling digital evidence if it is to meet this trend.",46,4,239,256,Cybernetics; Political science; Law; Cyber-attack; Child pornography; Trojan horse; Insider; Law enforcement; Digital evidence; Intrusion detection system; Computer security,,,,,https://rd.springer.com/article/10.1007%2Fs10611-007-9058-4 https://link.springer.com/content/pdf/10.1007%2Fs10611-007-9058-4.pdf,http://dx.doi.org/10.1007/s10611-007-9058-4,,10.1007/s10611-007-9058-4,2096725869,,0,,47,false,,
063-234-273-732-782,Live Forensic to Identify the Digital Evidence on the Desktop-based WhatsApp,2022-04-20,2022,journal article,Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi),25800760,Ikatan Ahli Informatika Indonesia (IAII),,null Triawan Adi Cahyanto; M Ainul Rizal; null Ari Eko Wardoyo; null Taufiq Timur Warisaji; null Daryanto,"<jats:p>The live forensics method was used to acquire lawful digital evidence data from device memory in the WhatsApp application, particularly for desktop-based WhatsApp. There has been little research on live forensics on desktop-based WhatsApp applications. These studies involve mimicking crime cases in cyberspace using the Instant Messenger application. Much of the acquisition process is completed only once, even though many possible conditions may arise during the purchase process. Investigators or experts can employ digital evidence data discovery to identify crimes that have occurred. The stages of research carried out in detecting digital evidence are data collecting, the examination process, and the acquisition of analysis and reporting outcomes. During the data-gathering phase, a case simulation dataset was obtained. The examination process stage results in the integrity of the duplicated data; data reduction is performed on data related to fundamental operating system components, influential application features, and incomplete data. According to the investigation findings, there are difficulties in looking for digital evidence, and the features of each digital evidence vary. The simulation file contained many reports on the finds of digital evidence. As a data acquisition method, the characteristics of live forensics are limited to the data retrieval process in RAM. Based on these findings, it is possible to conclude that the data collection and examination processing were completed effectively. The analysis results were acquired, and the report was presented with the indicated digital evidence. Further study can be paired with chip-off procedures on RAM devices for data recovery.</jats:p>",6,2,213,219,Digital evidence; Computer science; Digital forensics; Process (computing); Digital data; Data collection; Data science; Cyberspace; Computer forensics; Data acquisition; Computer security,,,,,,http://dx.doi.org/10.29207/resti.v6i2.3849,,10.29207/resti.v6i2.3849,,,0,,0,true,cc-by,gold
063-274-848-736-685,A Comprehensive and Harmonized Digital Forensic Investigation Process Model.,2015-08-10,2015,journal article,Journal of forensic sciences,15564029; 00221198,Wiley-Blackwell,United States,Aleksandar Valjarevic; Hein S. Venter,"Performing a digital forensic investigation (DFI) requires a standardized and formalized process. There is currently neither an international standard nor does a global, harmonized DFI process (DFIP) exist. The authors studied existing state-of-the-art DFIP models and concluded that there are significant disparities pertaining to the number of processes, the scope, the hierarchical levels, and concepts applied. This paper proposes a comprehensive model that harmonizes existing models. An effort was made to incorporate all types of processes proposed by the existing models, including those aimed at achieving digital forensic readiness. The authors introduce a novel class of processes called concurrent processes. This is a novel contribution that should, together with the rest of the model, enable more efficient and effective DFI, while ensuring admissibility of digital evidence. Ultimately, the proposed model is intended to be used for different types of DFI and should lead to standardization.",60,6,1467,1483,Standardization; Class (computer programming); Data science; International standard; Harmonization; Scope (project management); Digital evidence; Computer science; Process (engineering); Digital forensics,digital evidence; digital forensics; forensic science; harmonization; investigation; model; process; standardization,,,,https://onlinelibrary.wiley.com/doi/full/10.1111/1556-4029.12823 https://repository.up.ac.za/handle/2263/51445 https://dialnet.unirioja.es/servlet/articulo?codigo=5292849 http://onlinelibrary.wiley.com/doi/10.1111/1556-4029.12823/abstract https://europepmc.org/article/MED/26258644 https://pubmed.ncbi.nlm.nih.gov/26258644/ https://repository.up.ac.za/bitstream/2263/51445/1/Valjarevic_Comprehensive_2015.pdf,http://dx.doi.org/10.1111/1556-4029.12823,26258644,10.1111/1556-4029.12823,2160898275,,0,007-321-225-339-593; 020-944-423-224-895; 041-059-041-666-09X; 104-249-629-797-999,29,true,,green
063-661-720-912-563,Analisis Media Sosial Facebook Lite dengan tools Forensik menggunakan Metode NIST,2020-11-17,2020,journal article,"Techno (Jurnal Fakultas Teknik, Universitas Muhammadiyah Purwokerto)",25799096; 14108607,Lembaga Publikasi Ilmiah dan Penerbitan Universitas Muhammadiyah Purwokerto,,Rauhulloh Ayatulloh Khomeini Noor Bintang; Rusydi Umar; Anton Yudhana,"Social Media is becoming very popular among the public today, and the increasing number of social media use has of course a good or bad impact on the course of human life, for example the bad impact is doing cyberbully or chating on social media. Digital forensics is one of the sciences for how to catch criminals in digital which will be needed in evidence in court. Social media criminals need Smartphones to commit digital cybercrime. This research will raise evidence of digital crimes on the Facebook Lite application using forensics. In this study, the forensic tool that will be used is the MOBILEedit Forensic Pro forensic tools with the help of using methods NIST National Institute Of Standars Techlogogy. NIST has a good workflow for extracting digital forensic data. The research results will be obtained in the form of accounts Id, audio, conversations, and images",21,2,125,130,Internet privacy; NIST; Commit; Workflow; Cybercrime; Human life; Computer science; Social media; Digital forensics,,,,,http://jurnalnasional.ump.ac.id/index.php/Techno/article/download/8494/3602 http://jurnalnasional.ump.ac.id/index.php/Techno/article/view/8494/3602 https://doaj.org/article/eee14c43ee4f47bf88c4da1a19962cee,http://dx.doi.org/10.30595/techno.v21i2.8494,,10.30595/techno.v21i2.8494,3101211688,,0,,0,true,cc-by,gold
064-047-543-407-377,Digital Evidence and Incident Response,2016-12-02,2016,book chapter,Practical Information Security Management,,Apress,,Tony Campbell,"Digital forensics (also referred to as computer forensics) is a specialization within the security industry that converges with traditional forensic science. Digital forensics is concerned with the recovery of digital evidence from storage media, computer systems, electronic devices, and social media platforms, incorporating a wide variety of forensic artifacts that can support the efforts of a wider investigation.",,,179,191,Variety (cybernetics); Data science; Specialization (functional); Digital evidence; Incident response; Security industry; Computer science; Social media; Computer forensics; Digital forensics,,,,,https://link.springer.com/chapter/10.1007/978-1-4842-1685-9_11/fulltext.html https://link.springer.com/chapter/10.1007/978-1-4842-1685-9_11 https://rd.springer.com/chapter/10.1007/978-1-4842-1685-9_11,http://dx.doi.org/10.1007/978-1-4842-1685-9_11,,10.1007/978-1-4842-1685-9_11,2558079263,,0,,0,false,,
064-203-195-549-88X,Comparative Study and Analysis on Integrity of Data Files Using Different Tools and Techniques,2021-06-01,2021,journal article,Journal of Information Security and Cybercrimes Research,16587790; 16587782,Naif Arab University for Security Sciences,,Kumarshankar Raychaudhuri; M. George Christopher; Nayeem Abbas Hamdani,"<jats:p>Digital forensic investigation is the scientific process of collection, preservation, examination, analysis, documentation  and presentation of digital evidence from digital devices, so that the evidence is in compliance with legal terms and acceptable in a court of law. Integrity of the digital evidence is an indispensable part of the investigation process and should be preserved to maintain the chain of custody. This is done through hashing technique using standardized forensic tools. However, while handling the evidences , lack of knowledge might lead to unintentional alteration of computed hash. This violates the chain of custody and makes the evidence inadmissible in a court of   law. In this paper, our objective is to determine the different conditions under which the original hash value of a digital evidence changes. For this, we create different scenarios using sample data files and compute their hash values. A comparative study and analysis are done to determine in which scenario the original hash value of the data file changes. The results of the research will prove useful and essential for Criminal Justice Functionaries in gaining knowledge about various conditions leading to the change in hash value of digital evidence and therefore, avoid its accidental alteration during forensic investigation/examination.</jats:p>",4,1,43,54,Hash function; Computer science; Digital evidence; Documentation; Digital forensics; Computer security; Audit; Process (computing); Data science,,,,,,http://dx.doi.org/10.26735/symq8715,,10.26735/symq8715,,,0,,0,true,cc-by-nc,gold
064-319-287-151-339,CBMS - Cyber Autopsies: The Integration of Digital Forensics into Medical Contexts,,2020,conference proceedings article,2020 IEEE 33rd International Symposium on Computer-Based Medical Systems (CBMS),,IEEE,,George Grispos; Kiran Bastola,"The integration of information technology into medical environments introduces a variety of opportunities and challenges for the healthcare community. Medical devices such as ventilators, patient monitors, and infusion pumps, which once operated as standalone devices, now integrate network communication technology. As a result, these modern medical devices produce, store, and transmit large amounts of patient and therapy information. From a digital forensics' perspective, this information could provide a forensic investigator with a treasure trove of potential digital evidence. Hence, the purpose of this paper is to introduce and discuss the potential place and value of digital forensics processes within the context of healthcare providers, through five scenarios. The aim of the paper is twofold. First, it raises incentives for integrating digital forensics into various scenarios involving healthcare providers. Second, it encourages future research to address the adoption of digital forensics tools and techniques to assist stakeholders in the medical domain.",,,510,513,Information technology; Variety (cybernetics); Health care; Domain (software engineering); Data science; Context (language use); Digital evidence; Incentive; Computer science; Digital forensics,,,,,https://doi.org/10.1109/CBMS49503.2020.00102 https://ieeexplore.ieee.org/document/9183310/ https://experts.nebraska.edu/en/publications/cyber-autopsies-the-integration-of-digital-forensics-into-medical https://dblp.uni-trier.de/db/conf/cbms/cbms2020.html#GrisposB20,http://dx.doi.org/10.1109/cbms49503.2020.00102,,10.1109/cbms49503.2020.00102,3081793901,,0,000-518-582-856-737; 008-262-051-867-730; 020-712-001-338-793; 026-571-271-515-376; 028-127-448-830-438; 033-474-564-010-944; 034-749-403-537-40X; 041-766-892-921-055; 042-419-321-697-627; 049-871-818-826-194; 063-395-475-407-168; 071-965-163-727-252; 075-385-401-938-595; 091-619-263-117-914; 110-291-382-422-015; 118-884-755-257-10X; 122-122-885-976-800; 152-766-423-107-194; 166-672-926-353-670,6,false,,
064-344-970-910-349,Digital Forensics,,2006,book chapter,Enterprise Information Systems Assurance and System Security,,IGI Global,,David A. Dampier; A. Chris Bogen,"<jats:p>This chapter introduces the field of digital forensics. It is intended as an overview to permit the reader to understand the concepts and to be able to procure the appropriate assistance should the need for digital forensics expertise arise. Digital forensics is the application of scientific techniques of discovery and exploitation to the problem of finding, verifying, preserving, and exploiting digital evidence for use in a court of law. It involves the use of hardware and software for finding evidence of criminal activity on digital media, either in a computer or in a network device, and attributing that evidence to a suspect for the purposes of conviction. Digital forensics can also be used for non-law enforcement purposes. Data recovery is a form of computer forensics used outside of the legal arena. The authors hope that the reader will understand some of the intricacies of digital forensics and be able to intelligently respond to incidents requiring a digital forensic response.</jats:p>",,,311,325,Digital forensics; Computer forensics; Digital evidence; Suspect; Computer science; Law enforcement; Computer security; Field (mathematics); Conviction; Law; Political science; Mathematics; Pure mathematics,,,,,,http://dx.doi.org/10.4018/978-1-59140-911-3.ch020,,10.4018/978-1-59140-911-3.ch020,,,0,,0,false,,
064-549-392-650-90X,A Framework for Harmonizing Forensic Science Practices and Digital/Multimedia Evidence,,2018,report,,,Organization of Scientific Area Committees for Forensic Science,,David-Olivier Jaquet-Chiffelle; Eoghan Casey; Mark Pollitt; Pavel Gladyshev,"Like many other specializations within forensic science, the digital/multimedia discipline has been challenged with respect to demonstrating that the processes, activities, and techniques used are sufficiently scientific. To address this issue, in April 2015, the Organization of Scientific Area Committees for Forensic Science (OSAC) Digital/Multimedia Scientific Area Committee (SAC) established a Task Group (TG). This document summarizes the work of the TG that grew into establishing a harmonizing framework for forensic science practices and digital/multimedia evidence. ; ; The TG researched and deliberated on the essential elements of digital/multimedia science, the nature of evidence examined, the overarching scientific principles and reasoning processes, the questions addressed by core forensic processes, and the activities and techniques which support the core forensic processes. It reviewed a large volume of pertinent literature, conducted interviews of practitioners, academics, and other interested parties. ; ; Over a three-year period and many hours of debate, more than 40 discussion drafts were produced. The TG determined that digital/multimedia evidence, and other forensic disciplines, would be in a much stronger position to demonstrate their scientific basis as a harmonized forensic science rather than as mere disciplines at the intersection of forensic specialties and other sciences. The value of forensic science as a whole is that it uses scientific reasoning and processes within the framework articulated in this document to address questions – specific to an event or a case – for legal contexts, to provide decision-makers with trustworthy understanding of the traces in order to help them make decisions. The TG considered how the definitions and framework developed in the context of digital/multimedia evidence mesh with forensic science as a whole. ; ; The present document describes the concept of traces as the core nature of forensic evidence and the fundamental object of study in forensic science. It proposes a broad definition of forensic science, not limited to legal problems in civil and criminal justice systems (courtroom contexts), and describes the different types of reasoning that play a significant role in forensic science. Then it defines five core forensic processes, seven forensic activities, and three operational techniques. The formalization of forensic science reasoning processes and outcomes in this work leads to increased reliability, repeatability, and validation in forensic results. This, in turn, gives decision-makers increased confidence in and understanding of forensic results.; ; The resulting definitions and framework can be used to harmonize concepts and practices within digital/multimedia science, and are likely applicable to most forensic disciplines. As such, this work may be useful in articulating their scientific basis, and promoting forensic science as one science, which is more than the union of a patchwork of forensic disciplines. The new paradigm created by the digital realm brings a unique opportunity to revisit fundamental definitions in forensic science and to strengthen the identity of forensic science as a whole, unified by common principles and processes that can address questions for legal contexts.; ; This document represents the conclusions and recommendations of the TG as of the date of its writing. The work continues and future versions of this document can be expected to contain new observations and updated conclusions.",,,,,Criminal justice; Forensic science; Sociology; Value (ethics); Identity (social science); Realm; Context (language use); Object (philosophy); Event (computing); Engineering ethics,,,,,https://serval.unil.ch/resource/serval:BIB_32FB580596A3.P001/REF.pdf https://serval.unil.ch/notice/serval:BIB_32FB580596A3 https://core.ac.uk/download/151212923.pdf,http://dx.doi.org/10.29325/osac.ts.0002,,10.29325/osac.ts.0002,2795443247,,0,,34,true,,green
064-639-947-313-851,Manajemen Pengelolaan Bukti Digital Untuk Meningkatkan Aksesibilitas Pada Masa Pandemi Covid-19,2021-01-12,2021,journal article,Jurnal Ilmiah SINUS,25484028; 16931173,STMIK Sinar Nusantara Surakarta,,Moch Bagoes Pakarti; Dhomas Hatta Fudholi; Yudi Prayudi,"Covid-19 has a major impact on human life, including the process of managing digital evidence. Management of digital evidence requires special handling that can store and maintain the integrity of digital evidence. The current problem is there is no concept of storing digital evidence that can be accessed online in wider accessibility. Online digital evidence management is proposed as a solution to solve this problem. This concept is in the form of an online digital evidence management system that can be accessed anywhere and anytime using MD5 and SHA1 hash functions in order to maintain the properties of digital evidence so that it can be legally accepted. The problems with digital evidence management require a Management System for Digital Evidence that is suitable for application in Digital Forensics Laboratory. This research had successfully implemented the concept of online chain of custody. It is expected, with the concept of Online Digital Evidence Management, this digital evidence control and all activities related to it can be maintained and well documented. Moreover, it can reach a wider area accessed anywhere and any time and reduce the spread of Covid-19.",19,1,27,38,Chain of custody; MD5; Management system; Control (management); Digital evidence; Computer science; Process (engineering); Multimedia; Digital forensics; Hash function,,,,,https://p3m.sinus.ac.id/jurnal/index.php/e-jurnal_SINUS/article/download/502/pdf https://p3m.sinus.ac.id/jurnal/index.php/e-jurnal_SINUS/article/view/502/pdf,http://dx.doi.org/10.30646/sinus.v19i1.502,,10.30646/sinus.v19i1.502,3127048295,,0,,0,true,cc-by-nc-sa,gold
065-083-910-606-701,CHAPTER 20 – Getting Digital Images Admitted as Evidence at Trial,,2008,book chapter,Understanding Forensic Digital Imaging,,Elsevier,,Herbert Blitzer; Karen Stein-Ferguson; Jeffrey Huang,,,,347,368,Medical physics; Computer science; Digital image,,,,,https://www.sciencedirect.com/science/article/pii/B9780123704511000202,http://dx.doi.org/10.1016/b978-0-12-370451-1.00020-2,,10.1016/b978-0-12-370451-1.00020-2,2908322881,,0,120-697-354-224-33X; 185-215-159-365-253,0,false,,
065-214-612-228-13X,How Cell Phones Work in the Cellular Phone System,,2017,book chapter,Cell Phone Location Evidence for Legal Professionals,,Elsevier,,Larry Daniel,,,,23,28,Engineering; Mobile phone tracking; Work (electrical); Roaming; GSM services; Phone; Multimedia; Wireless; SVDO; Telecommunications,,,,,https://www.sciencedirect.com/science/article/pii/B9780128093979000043,http://dx.doi.org/10.1016/b978-0-12-809397-9.00004-3,,10.1016/b978-0-12-809397-9.00004-3,2651370314,,0,,0,false,,
065-322-784-190-818,ARES - Application-Specific Digital Forensics Investigative Model in Internet of Things (IoT),2017-08-29,2017,conference proceedings article,"Proceedings of the 12th International Conference on Availability, Reliability and Security",,ACM,,Tanveer A. Zia; Peng Liu; Weili Han,"Besides its enormous benefits to the industry and community the Internet of Things (IoT) has introduced unique security challenges to its enablers and adopters. As the trend in cybersecurity threats continue to grow, it is likely to influence IoT deployments. Therefore it is eminent that besides strengthening the security of IoT systems we develop effective digital forensics techniques that when breaches occur we can track the sources of attacks and bring perpetrators to the due process with reliable digital evidence. The biggest challenge in this regard is the heterogeneous nature of devices in IoT systems and lack of unified standards. In this paper we investigate digital forensics from IoT perspectives. We argue that besides traditional digital forensics practices it is important to have application-specific forensics in place to ensure collection of evidence in context of specific IoT applications. We consider top three IoT applications and introduce a model which deals with not just traditional forensics but is applicable in digital as well as application-specific forensics process. We believe that the proposed model will enable collection, examination, analysis and reporting of forensically sound evidence in an IoT application-specific digital forensics investigation.",,,55,,Context (language use); Digital evidence; Application specific; Computer security; Computer science; Process (engineering); Network forensics; Internet of Things; Digital forensics,,,,,https://dl.acm.org/doi/10.1145/3098954.3104052 https://dl.acm.org/citation.cfm?id=3104052 https://doi.org/10.1145/3098954.3104052 https://researchoutput.csu.edu.au/en/publications/application-specific-digital-forensics-investigative-model-in-int http://dblp.uni-trier.de/db/conf/IEEEares/ares2017.html#ZiaLH17 https://dblp.uni-trier.de/db/conf/IEEEares/ares2017.html#ZiaLH17 https://pennstate.pure.elsevier.com/en/publications/application-specific-digital-forensics-investigative-model-in-int,http://dx.doi.org/10.1145/3098954.3104052,,10.1145/3098954.3104052,2744140269,,0,004-916-495-289-390; 005-630-640-664-939; 008-695-981-906-47X; 013-686-038-522-199; 018-552-581-098-658; 020-392-480-692-190; 024-686-563-358-293; 037-781-439-537-419; 046-778-846-897-699; 060-294-953-084-788; 063-274-848-736-685; 066-535-898-423-646; 073-620-861-933-474; 093-117-308-515-186; 101-563-802-735-991; 118-008-780-783-558; 122-572-664-410-932; 135-626-485-398-950; 153-815-558-435-528,33,false,,
065-452-675-566-99X,Case-Relevance Information Investigation: Binding Computer Intelligence to the Current Computer Forensic Framework,,2005,journal article,International Journal of Digital Evidence,,,,Ruibin Gong; Tony Kai Yun Chan; Mathias Gaertner,"Computer Forensics has grown rapidly in recent years. The current computer forensic investigation paradigm is laborious and requires significant expertise on the part of the investigators. This paper proposes a highly automatic and efficient framework to provide the Case-Relevance information, by binding computer intelligence technology to the current computer forensic framework. Computer intelligence is expected to offer more assistance in the investigation procedures and better knowledge reuse and sharing in computer forensics. Background Cybercrime is a mirror of the dark side of human society in the cyberworld. Its countermeasure, Computer Forensics, also referred as Digital Forensic Science, has been explicitly defined as, The use of scientifically derived and proven methods toward the preservation, collection, validation, identification, analysis, interpretation, documentation and presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events found to be criminal, or helping to anticipate unauthorized actions shown to be disruptive to planned operations. [14] The process of ""identifying, preserving, analyzing, and presenting digital evidence in a manner that is legally acceptable via the application of computer technology to the investigation of computer based crime"" is called Forensic Computing [11] or Digital Evidence Investigation. As almost every piece of digital evidence could be challenged, computer forensic investigators are required to follow a rigorous process path. The work of the First Digital Forensics Research Workshop (DFRWS) [14] established a solid ground and allowed",4,,,,Computational intelligence; Computational criminology; Data science; Cybercrime; Digital evidence; Computer technology; Computer security; Computer science; Computer forensics; Documentation; Digital forensics,,,,,https://dblp.uni-trier.de/db/journals/ijde/ijde4.html#RuibinYG05 https://www.utica.edu/academic/institutes/ecii/publications/articles/B4A6A102-A93D-85B1-96C575D5E35F3764.pdf,https://dblp.uni-trier.de/db/journals/ijde/ijde4.html#RuibinYG05,,,2159280848,,0,020-944-423-224-895; 032-697-093-668-898; 035-448-415-847-226; 038-668-970-194-854; 085-669-579-012-375; 124-418-163-035-203; 145-900-307-293-904; 167-153-240-063-830; 179-703-555-795-891; 199-745-676-923-766,46,false,,
065-470-964-398-338,IFIP Int. Conf. Digital Forensics - Analysis of the digital evidence presented in the Yahoo! case,,2009,book chapter,Advances in Digital Forensics V,18684238; 1868422x,Springer Berlin Heidelberg,Germany,Michael Y. K. Kwan; Kam-Pui Chow; Pierre K. Y. Lai; Frank Y. W. Law; Hayson Tse,The “Yahoo! Case” led to considerable debate about whether or not an IP address is personal data as defined by the Personal Data (Privacy) Ordinance (Chapter 486) of the Laws of Hong Kong. This paper discusses the digital evidence presented in the Yahoo! Case and evaluates the impact of the IP address on the verdict in the case. A Bayesian network is used to quantify the evidentiary strengths of hypotheses in the case and to reason about the evidence. The results demonstrate that the evidence about the IP address was significant to obtaining a conviction in the case.,306,,241,252,Internet privacy; Verdict; Conviction; Digital evidence; Ip address; Bayesian network; Computer science,,,,,https://link.springer.com/content/pdf/10.1007/978-3-642-04155-6_18.pdf https://hub.hku.hk/handle/10722/61153 https://link.springer.com/chapter/10.1007/978-3-642-04155-6_18 https://ui.adsabs.harvard.edu/abs/2009adf5.conf..241K/abstract https://rd.springer.com/chapter/10.1007/978-3-642-04155-6_18 https://core.ac.uk/display/37896304,http://dx.doi.org/10.1007/978-3-642-04155-6_18,,10.1007/978-3-642-04155-6_18,1482925626,,0,001-829-135-644-040; 010-439-819-632-553; 032-599-374-042-403; 063-997-013-122-334; 074-523-216-524-637; 085-370-444-410-812; 085-422-339-052-701; 098-121-296-740-653; 106-964-315-836-68X; 107-743-222-150-811; 119-226-883-784-344; 158-623-161-627-789; 173-145-269-859-717,5,true,,bronze
065-517-309-064-222,Avoiding Burnout at the Digital Forensics Coalface: Targeted Strategies for Forensic Agencies in the Management of Job-related Stress,,2021,journal article,Forensic Science International: Digital Investigation,26662817,Elsevier BV,,Sally F. Kelty; Emma J. McQueen; Carly Pymont; Nathan Green,"Abstract Recent evidence shows digital forensics experts are at risk of burnout and job-related stress. This may be related to the increase in digital evidence and/or repetitive exposure to challenging material, either face to face or via digital imagery in real time or post-event. This exposure includes footage and/or sound recording of extreme violence, child exploitation, suicide, and death scenes. This increase in the risk of stress also aligns with the changing nature of policing with rates of serious crime, especially robbery and homicide decreasing, while digital crime in many countries increases. This increase changes workload demands and requires new skillsets in addition to traditional investigation methods. Workplace stress has high financial and personal costs, impacting organisations, teams, family, friends, and the individual. For organisations and teams, occupational stress is associated with increases in workplace accidents, absenteeism, early retirement, higher intention to quit, lower motivation and disillusionment with work, all of which impacts the cohesion of forensic teams. The aim of this paper is to present a set of key evidence-based, targeted strategies that forensic science and policing agencies can roll-out in order to manage workplace stress, thereby managing the risk of higher turnover, absenteeism and lower workplace innovation.",38,,301127,,Burnout; Absenteeism; Occupational stress; Face-to-face; Workload; Digital evidence; Computer science; Homicide; Applied psychology; Digital forensics,,,,Australian Federal Police,https://dfrws.org/presentation/avoiding-burnout-at-the-digital-forensics-coalface-targeted-strategies-for-forensic-agencies-in-the-management-of-job-related-stress/ https://researchprofiles.canberra.edu.au/en/publications/avoiding-burnout-at-the-digital-forensics-coalface-targeted-strat https://dfrws.org/wp-content/uploads/2021/01/2021_APAC_paper-avoiding_burnout_at_the_digital_forensics_coalface.pdf https://www.sciencedirect.com/science/article/pii/S2666281721000251,http://dx.doi.org/10.1016/j.fsidi.2021.301127,,10.1016/j.fsidi.2021.301127,3124493882,,0,003-465-350-737-256; 003-515-309-951-413; 003-839-478-173-887; 004-667-286-603-895; 007-787-000-383-125; 009-627-096-122-615; 015-984-449-641-211; 017-173-570-144-261; 017-805-463-199-729; 021-201-295-792-01X; 021-364-407-964-047; 025-185-383-460-70X; 028-166-854-587-500; 028-666-896-391-785; 030-223-936-109-852; 030-461-878-149-015; 031-614-539-275-181; 031-765-295-875-09X; 033-887-519-970-976; 040-667-269-018-788; 041-988-413-602-967; 042-544-068-549-235; 045-583-164-562-588; 046-608-153-837-157; 050-389-552-568-721; 051-704-112-565-897; 053-661-832-365-258; 056-754-398-867-512; 056-790-021-627-621; 061-152-473-911-898; 061-650-697-120-894; 062-605-298-093-546; 066-824-458-827-082; 068-715-824-881-688; 073-538-637-110-630; 076-978-451-221-437; 079-819-982-015-318; 081-073-384-566-025; 085-851-989-301-541; 086-211-015-805-881; 088-426-769-403-257; 096-218-094-826-721; 097-794-150-708-79X; 102-845-377-786-086; 105-024-117-660-277; 112-083-919-827-335; 112-666-147-939-621; 119-781-528-548-569; 123-344-253-312-598; 125-396-525-564-682; 125-508-990-959-413; 126-995-721-959-658; 134-557-570-320-178; 136-946-132-481-985; 138-435-369-121-724; 144-342-598-085-266; 144-488-546-528-952; 155-144-144-803-210; 157-454-151-474-60X; 161-423-003-024-482; 162-494-674-103-725; 168-037-498-947-236,0,true,cc-by-nc-nd,hybrid
065-654-832-541-493,An improved digital evidence acquisition model for the Internet of Things forensic I: A theoretical framework,,2017,conference proceedings article,2017 5th International Symposium on Digital Forensic and Security (ISDFS),,IEEE,,Malek Harbawi; Asaf Varol,"Digital evidence plays a vital role in determining legal case admissibility in electronic- and cyber-oriented crimes. Considering the complicated level of the Internet of Things (IoT) technology, performing the needed forensic investigation will be definitely faced by a number of challenges and obstacles, especially in digital evidence acquisition and analysis phases. Based on the currently available network forensic methods and tools, the performance of IoT forensic will be producing a deteriorated digital evidence trail due to the sophisticated nature of IoT connectivity and data exchangeability via the “things”. In this paper, a revision of IoT digital evidence acquisition procedure is provided. In addition, an improved theoretical framework for IoT forensic model that copes with evidence acquisition issues is proposed and discussed.",,,1,6,Engineering; Legal case; Digital evidence; Computer security; Computer forensics; Internet of Things; Digital forensics,,,,,http://ieeexplore.ieee.org/document/7916508 https://ieeexplore.ieee.org/document/7916508,http://dx.doi.org/10.1109/isdfs.2017.7916508,,10.1109/isdfs.2017.7916508,2611755027,,0,000-732-818-777-187; 005-630-640-664-939; 005-722-494-318-234; 010-196-658-878-056; 020-689-505-008-074; 029-483-255-064-711; 038-185-398-979-127; 048-923-605-630-986; 060-294-953-084-788; 093-271-958-885-096; 109-950-201-870-531; 112-181-239-331-730; 157-305-219-468-46X,42,false,,
065-671-045-136-370,Leveraging CybOX to standardize representation and exchange of digital forensic information,,2015,journal article,Digital Investigation,17422876,Elsevier BV,Netherlands,Eoghan Casey; Gregory Thomas Back; Sean Barnum,"With the growing number of digital forensic tools and the increasing use of digital forensics in various contexts, including incident response and cyber threat intelligence, there is a pressing need for a widely accepted standard for representing and exchanging digital forensic information. Such a standard representation can support correlation between different data sources, enabling more effective and efficient querying and analysis of digital evidence. This work summarizes the strengths and weaknesses of existing schemas, and proposes the open-source CybOX schema as a foundation for storing and sharing digital forensic information. The suitability of CybOX for representing objects and relationships that are common in forensic investigations is demonstrated with examples involving digital evidence. The capability to represent provenance by leveraging CybOX is also demonstrated, including specifics of the tool used to process digital evidence and the resulting output. An example is provided of an ongoing project that uses CybOX to record the state of a system before and after an event in order to capture cause and effect information that can be useful for digital forensics. An additional open-source schema and associated ontology called Digital Forensic Analysis eXpression (DFAX) is proposed that provides a layer of domain specific information overlaid on CybOX. DFAX extends the capability of CybOX to represent more abstract forensic-relevant actions, including actions performed by subjects and by forensic examiners, which can be useful for sharing knowledge and supporting more advanced forensic analysis. DFAX can be used in combination with other existing schemas for representing identity information (CIQ), and location information (KML). This work also introduces and leverages initial steps of a Unified Cyber Ontology (UCO) effort to abstract and express concepts/constructs that are common across the cyber domain.",12,,S102,S110,World Wide Web; Schema (psychology); Data science; Specific-information; Digital evidence; Cyber threat intelligence; Incident response; Computer science; Strengths and weaknesses; Digital forensics,,,,,https://dblp.uni-trier.de/db/journals/di/di12.html#CaseyBB15 https://www.sciencedirect.com/science/article/pii/S1742287615000158 http://www.sciencedirect.com/science/article/pii/S1742287615000158 https://core.ac.uk/display/82037839,http://dx.doi.org/10.1016/j.diin.2015.01.014,,10.1016/j.diin.2015.01.014,2003744325,,0,001-170-920-458-777; 006-008-915-210-060; 011-051-740-313-213; 016-873-099-383-893; 024-735-069-822-749; 033-241-817-699-448; 056-715-378-869-201; 058-052-081-943-595; 060-650-561-577-338; 061-549-181-856-861; 104-758-205-558-797; 105-102-860-204-164; 117-239-595-156-183; 153-474-160-113-956; 154-517-106-328-503,47,true,cc-by-nc-nd,hybrid
065-777-209-125-607,IFIP Int. Conf. Digital Forensics - Recovering Digital Evidence From Linux Systems,,,book chapter,Advances in Digital Forensics,,Kluwer Academic Publishers,,Philip Craiger,"As Linux-kernel-based operating systems proliferate there will be an inevitable increase in Linux systems that law enforcement agents must process in criminal investigations. The skills and expertise required to recover evidence from Microsoft-Windows-based systems do not necessarily translate to Linux systems. This paper discusses digital forensic procedures for recovering evidence from Linux systems. In particular, it presents methods for identifying and recovering deleted files from disk and volatile memory, identifying notable and Trojan files, finding hidden files, and finding files with renamed extensions. All the procedures are accomplished using Linux command line utilities and require no special or commercial tools.",,,233,244,Criminal investigation; Digital evidence; Computer security; Computer science; Process (engineering); Network forensics; Computer forensics; Line (text file); Volatile memory; Digital forensics,,,,,https://commons.erau.edu/cgi/viewcontent.cgi?article=2103&context=publication https://dblp.uni-trier.de/db/conf/ifip11-9/df2005.html#Craiger05 https://commons.erau.edu/publication/1007/ https://link.springer.com/chapter/10.1007/0-387-31163-7_19 https://rd.springer.com/chapter/10.1007/0-387-31163-7_19 https://link.springer.com/content/pdf/10.1007%2F0-387-31163-7_19.pdf,http://dx.doi.org/10.1007/0-387-31163-7_19,,10.1007/0-387-31163-7_19,1885648011,,0,027-711-581-048-863,9,true,cc-by-nc-nd,green
065-927-829-618-673,"Characteristic evidence, counter evidence and reconstruction problems in forensic computing",2015-12-01,2015,journal article,it - Information Technology,16112776; 21967032,Walter de Gruyter GmbH,,Andreas Dewald,"Historically, forensic computing (as digital forensics) developed pragmatically, driven by specific technical needs. Indeed, in comparison with other forensic sciences the field still is rather immature and has many deficits, such as the unclear terminology used in court. In this paper, we introduce notions of (digital) evidence, characteristic evidence, and (characteristic) counter evidence, as well as the definitions of two fundamental forensic reconstruction problems. We show the relation of the observability of the different types of evidence to the solvability of those problems. By doing this, we wish to exemplify the usefulness of formalization in the establishment of a precise terminology. While this will not replace all terminological shortcomings, it (1) may provide the basis for a better understanding between experts, and (2) helps to understand the significance of different types of digital evidence to answer questions in an investigation.",57,6,339,346,Data science; Relation (database); Digital evidence; Forensic computing; Field (computer science); Observability; Computer security; Computer science; Terminology; Digital forensics,,,,,https://dblp.uni-trier.de/db/journals/it/it57.html#Dewald15 https://www.degruyter.com/view/j/itit.2015.57.issue-6/itit-2015-0017/itit-2015-0017.xml,http://dx.doi.org/10.1515/itit-2015-0017,,10.1515/itit-2015-0017,2408235858,,0,,3,false,,
066-124-941-933-486,TrustBus - Decentralised and Collaborative Auditing of Workflows,2019-08-02,2019,book chapter,"Trust, Privacy and Security in Digital Business",03029743; 16113349,Springer International Publishing,Germany,Antonio Nehme; Vitor Jesus; Khaled Mahbub; Ali E. Abdallah,"Workflows involve actions and decision making at the level of each participant. Trusted generation, collection and storage of evidence is fundamental for these systems to assert accountability in case of disputes. Ensuring the security of audit systems requires reliable protection of evidence in order to cope with its confidentiality, its integrity at generation and storage phases, as well as its availability. Collusion with an audit authority is a threat that can affect all these security aspects, and there is room for improvement in existent approaches that target this problem.",,,129,144,Workflow; Order (exchange); Process management; Audit; Accountability; Collusion; Computer science; Confidentiality; Audit trail,,,,,https://link.springer.com/chapter/10.1007%2F978-3-030-27813-7_9 https://rd.springer.com/chapter/10.1007/978-3-030-27813-7_9 https://www.open-access.bcu.ac.uk/7621/ https://core.ac.uk/download/211163233.pdf,http://dx.doi.org/10.1007/978-3-030-27813-7_9,,10.1007/978-3-030-27813-7_9,2949288639,,0,003-105-359-045-054; 005-354-869-331-595; 006-457-431-165-076; 008-143-910-329-438; 013-886-180-805-882; 019-255-718-301-748; 019-478-263-194-568; 019-784-116-444-155; 020-027-847-350-15X; 021-417-762-373-619; 028-159-877-133-936; 030-681-115-613-179; 030-682-441-981-123; 032-630-257-357-193; 047-781-741-822-053; 050-862-101-117-818; 051-018-292-490-860; 052-382-015-544-100; 056-205-328-777-528; 064-774-237-029-655; 070-814-196-734-34X; 078-335-250-880-886; 078-374-004-811-342; 090-300-716-873-333; 100-764-538-512-485; 107-932-223-564-867; 132-342-259-584-364; 161-675-068-153-294; 179-859-247-927-662,1,true,,green
066-219-211-495-201,Digital Chain of Custody: State of the Art,2015-03-18,2015,journal article,International Journal of Computer Applications,09758887,Foundation of Computer Science,,Yudi Prayudi; Azhari Sn,"Digital forensics starts to show its role and contribution in the society as a solution in disclosure of cybercrime. The essential in digital forensics is chain of custody, which is an attempt to preserve the integrity of digital evidence as well as a procedure for performing documentation chronologically toward evidence. The characteristics of digital evidence have caused the handling chain of custody is becoming more complicated and complex. A number of researchers have contributed to provide solutions for the digital chain custody through a different point of views. This paper gives an overview of the extent to which the problem and challenges are faced in the digital chain of custody issue as well as the scope of researches that can be done to contribute in the issue of the digital chain of custody.",114,5,1,9,Chain of custody; Internet privacy; Point (typography); Cybercrime; Scope (project management); Digital evidence; Computer security; Computer science; State (computer science); Documentation; Digital forensics,,,,,https://www.researchgate.net/profile/Yudi_Prayudi/publication/273694917_Digital_Chain_of_Custody_State_of_The_Art/links/5508eb510cf2d7a2812b6945.pdf https://research.ijcaonline.org/volume114/number5/pxc3901856.pdf https://ui.adsabs.harvard.edu/abs/2015IJCA..114e...1P/abstract https://www.ijcaonline.org/archives/volume114/number5/19971-1856,http://dx.doi.org/10.5120/19971-1856,,10.5120/19971-1856,2000621030,,0,002-534-435-127-422; 004-872-169-627-620; 006-008-915-210-060; 016-123-869-009-118; 016-354-677-353-123; 019-784-116-444-155; 022-798-132-190-701; 026-160-736-120-096; 027-808-425-151-210; 030-266-326-999-894; 031-119-185-862-726; 032-246-414-391-330; 033-241-817-699-448; 033-423-714-085-758; 035-565-993-122-262; 038-283-679-946-304; 038-617-328-415-920; 038-793-093-462-716; 041-017-598-844-767; 045-553-653-288-228; 055-416-156-661-003; 055-474-788-258-576; 060-650-561-577-338; 070-930-241-111-87X; 071-469-254-831-765; 073-582-404-994-103; 079-048-464-716-330; 082-073-790-023-516; 093-778-033-321-400; 094-058-992-093-766; 098-748-261-333-651; 117-121-219-607-16X; 131-543-884-973-431; 132-355-634-397-986; 133-051-121-626-660; 134-927-490-231-285; 163-919-423-925-780; 180-327-460-336-608; 181-091-839-882-521; 186-208-668-595-170; 192-955-966-543-738,27,true,,green
066-235-037-082-291,Tiered forensic methodology model for Digital Field Triage by non-digital evidence specialists,,2016,journal article,Digital Investigation,17422876,Elsevier BV,Netherlands,Ben Hitchcock; Nhien-An Le-Khac; Mark Scanlon,"Due to budgetary constraints and the high level of training required, digital forensic analysts are in short supply in police forces the world over. This inevitably leads to a prolonged time taken between an investigator sending the digital evidence for analysis and receiving the analytical report back. In an attempt to expedite this procedure, various process models have been created to place the forensic analyst in the field conducting a triage of the digital evidence. By conducting triage in the field, an investigator is able to act upon pertinent information quicker, while waiting on the full report.The work presented as part of this paper focuses on the training of front-line personnel in the field triage process, without the need of a forensic analyst attending the scene. The premise has been successfully implemented within regular/non-digital forensics, i.e., crime scene investigation. In that field, front-line members have been trained in specific tasks to supplement the trained specialists. The concept of front-line members conducting triage of digital evidence in the field is achieved through the development of a new process model providing guidance to these members. To prove the model's viability, an implementation of this new process model is presented and evaluated. The results outlined demonstrate how a tiered response involving digital evidence specialists and non-specialists can better deal with the increasing number of investigations involving digital evidence.",16,,75,85,Crime scene; Data science; Triage; Premise; Digital evidence; Field (computer science); Computer security; Computer science; Process (engineering); Process modeling; Digital forensics; Forensic science,,,,,https://forensicsandsecurity.com/papers/TieredForensicMethodologyModelForDigitalFieldTriage.pdf https://dl.acm.org/doi/10.1016/j.diin.2016.01.010 https://researchrepository.ucd.ie/handle/10197/9253 https://forensicsandsecurity.com/papers/TieredForensicMethodologyModelForDigitalFieldTriage.php https://www.sciencedirect.com/science/article/abs/pii/S1742287616300044 http://ui.adsabs.harvard.edu/abs/2016arXiv160403844H/abstract https://www.markscanlon.co/papers/TieredForensicMethodologyModelForDigitalFieldTriage.php https://www.sciencedirect.com/science/article/pii/S1742287616300044 https://dblp.uni-trier.de/db/journals/corr/corr1604.html#HitchcockLS16 https://researchrepository.ucd.ie/bitstream/10197/9253/1/TieredForensicMethodologyModelForDigitalFieldTriage.pdf https://markscanlon.co/papers/TieredForensicMethodologyModelForDigitalFieldTriage.pdf https://core.ac.uk/display/82007263 https://core.ac.uk/download/pdf/82007263.pdf,http://dx.doi.org/10.1016/j.diin.2016.01.010,,10.1016/j.diin.2016.01.010,3122457477; 2297444916,,0,003-982-227-180-136; 022-502-903-446-942; 029-268-367-041-280; 047-630-600-014-492; 073-459-830-156-539; 075-529-701-912-32X; 081-447-017-308-327; 082-508-778-448-650; 094-295-279-676-447; 102-736-860-649-556,42,true,cc-by-nc-nd,hybrid
066-372-994-493-544,Digital Evidence in Criminal Procedures-A Comparative Approach-,2013-12-01,2013,journal article,Balkan Social Science Review,18578799,,,Gordana Buzarovska Lazetik; Olga Koshevaliska,"Digital evidence can be a litigant's best friend or worst nightmare, depending on the type of evidence, how it is used, and in what court it is presented. Therefore this article aims to provide an overview of computer forensics from general definitions on digital evidence, their potential sources and basic principles regarding the evaluation of phases of ""crime scene investigation"" and seizure of data in order to determinate the ""fingerprints"" of the crime. We illustrated the procedure regarding digital evidence in the USA because of its contemporariness. At last the purpose of this paper is to illustrate the “handling” of digital evidence in Macedonia and to give recommendations for a better compliance with the international instruments regarding this issue.; Key words: digital evidence, digital forensics, digital investigation, criminal procedure.",,2,63,83,Crime scene; Order (exchange); Law; Key (cryptography); Data science; Digital evidence; Compliance (psychology); Computer science; Criminal procedure; Computer forensics; Digital forensics,,,,,http://js.ugd.edu.mk/index.php/BSSR/article/download/756/730 https://www.ceeol.com/search/article-detail?id=78558,http://js.ugd.edu.mk/index.php/BSSR/article/download/756/730,,,2275809413,,0,042-941-502-428-700; 047-310-841-930-720; 050-019-822-464-159; 197-872-262-830-083,1,false,,
066-856-476-172-725,IFIP Int. Conf. Digital Forensics - IDENTIFYING MALWARE USING CROSS-EVIDENCE CORRELATION,,2011,book chapter,Advances in Digital Forensics VII,18684238; 18612288; 1868422x; 15715736,Springer Berlin Heidelberg,Germany,Anders O. Flaglien; Katrin Franke; André Årnes,"This paper proposes a new correlation method for the automatic identification of malware traces across multiple computers. The method supports forensic investigations by efficiently identifying patterns in large, complex datasets using link mining techniques. Digital forensic processes are followed to ensure evidence integrity and chain of custody.",,,169,182,Chain of custody; Correlation; Data mining; Botnet; Link mining; Correlation method; Computer science; Malware; Identification (information); Digital forensics,,,,,https://link.springer.com/content/pdf/10.1007/978-3-642-24212-0_13.pdf https://hal.inria.fr/hal-01569545 https://dblp.uni-trier.de/db/conf/ifip11-9/df2011.html#FlaglienFA11 https://dx.doi.org/10.1007/978-3-642-24212-0_13 https://rd.springer.com/chapter/10.1007/978-3-642-24212-0_13 http://dx.doi.org/10.1007/978-3-642-24212-0_13 https://hal.inria.fr/hal-01569545/document https://link.springer.com/chapter/10.1007/978-3-642-24212-0_13,http://dx.doi.org/10.1007/978-3-642-24212-0_13,,10.1007/978-3-642-24212-0_13,17401378,,2,001-381-793-304-07X; 010-388-991-543-520; 021-648-015-321-821; 028-050-555-799-314; 029-211-923-145-009; 032-760-465-037-173; 033-241-817-699-448; 033-877-222-136-260; 041-891-130-085-647; 061-549-181-856-861; 074-184-797-217-999; 094-336-360-386-20X; 097-567-011-227-46X; 099-169-442-324-498; 099-610-658-392-435; 114-621-082-012-238; 125-781-262-431-474; 127-767-955-792-282; 136-606-982-080-327; 137-320-213-389-496; 146-195-067-676-708; 150-249-549-372-358; 153-474-160-113-956,8,true,cc-by,green
067-021-297-054-070,How Does Cell Phone Location Work,,2017,book chapter,Cell Phone Location Evidence for Legal Professionals,,Elsevier,,Larry Daniel,,,,29,32,Human–computer interaction; Engineering; Triangulation; Work (electrical); Phone; Speech recognition; Terminology,,,,,https://www.sciencedirect.com/science/article/pii/B9780128093979000055 http://www.sciencedirect.com/science/article/pii/B9780128093979000055,http://dx.doi.org/10.1016/b978-0-12-809397-9.00005-5,,10.1016/b978-0-12-809397-9.00005-5,2631067940,,0,,0,false,,
067-056-009-770-815,Mitigating Challenges in Image Source Attribution through Digital Forensics,,2020,dissertation,,,,,B Venkata Udaya Sameer,"The study, analysis and investigation of digital evidences in relation to cybercrime investigation, constitutes the branch of science known as digital forensics. In today’s forensic world, images collected from electronic devices related to a crime scene are proven to be extremely useful elements in forensic investigations, and to trace perpetrators related to crime scenes. Digital images play a major role in forensic investigations today, and act as the primary elements to establish legal evidences. Mapping a contentious image correctly to its source of origin, hence attribution of an image collected from crime scene to a suspect’s device, is a crucial aspect of digital forensic investigation.; In this research, we focus on the problem of source camera identification in digital image forensics. In the forensic image source identification problem, the task at hand is to associate an image under question to a suspect’s camera, thus incriminating the suspect correctly. This is known as image source verification which answers the question of whether a particular camera device has indeed captured the query image. However, practically it may not always be feasible to obtain physical access to the devices owned by every suspect. In such cases, the traditional source verification mechanisms fail, and it becomes even more challenging to identify the correct image source (device make and model). In this thesis, we address the major present-day challenges associated with forensic source camera identification, aimed towards solving the practical problems encountered by a forensic analyst during image source attribution.; In this thesis, we also investigate the biggest threat to state-of-the-art forensic source attribution techniques, which is constituted of counter-forensic attacks on digital images. We propose efficient measures to distinctly identify counter-forensic images, as well as the class of attack that they have undergone, while accurately mapping such images back to their correct sources.",,,,,Crime scene; Data science; Relation (database); Suspect; Cybercrime; Focus (computing); Computer science; Digital image; Digital forensics; Image processing,,,,,http://ethesis.nitrkl.ac.in/10182/,http://ethesis.nitrkl.ac.in/10182/,,,3149850061,,0,,0,false,,
067-113-813-773-134,"Increasing digital investigator availability through efficient workflow
  management and automation",2017-08-29,2017,,,,,,Ronald In de Braekt; Nhien-An Le-Khac; Jason Farina; Mark Scanlon; M-Tahar Kechadi,"The growth of digital storage capacities and diversity devices has had a significant time impact on digital forensic laboratories in law enforcement. Backlogs have become commonplace and increasingly more time is spent in the acquisition and preparation steps of an investigation as opposed to detailed evidence analysis and reporting. There is generally little room for increasing digital investigation capacity in law enforcement digital forensic units and the allocated budgets for these units are often decreasing. In the context of developing an efficient investigation process, one of the key challenges amounts to how to achieve more with less. This paper proposes a workflow management automation framework for handling common digital forensic tools. The objective is to streamline the digital investigation workflow - enabling more efficient use of limited hardware and software. The proposed automation framework reduces the time digital forensic experts waste conducting time-consuming, though necessary, tasks. The evidence processing time is decreased through server-side automation resulting in 24/7 evidence preparation. The proposed framework increases efficiency of use of forensic software and hardware, reduces the infrastructure costs and license fees, and simplifies the preparation steps for the digital investigator. The proposed approach is evaluated in a real-world scenario to evaluate its robustness and highlight its benefits.",,,,,Workflow; Digital forensics; Automation; Digital evidence; Computer science; Context (archaeology); Software; Workflow engine; License; Digital rights management; MIT License; Computer security; Software engineering,,,,,,http://dx.doi.org/10.48550/arxiv.1708.09053,,10.48550/arxiv.1708.09053,,,0,,0,false,,
067-233-968-838-525,Digital Evidence,2015-11-10,2015,book chapter,Emerging Forensic Tools for Locating and Analyzing Digital Evidence,,IGI Global,,Richard Boddington,,,,958,1671,Computer science,,,,,,http://dx.doi.org/10.4018/978-1-4666-9591-7.les2,,10.4018/978-1-4666-9591-7.les2,,,0,,0,false,,
067-249-273-387-242,The pseudo metadata concept for the chain of custody of digital evidence,,2019,journal article,International Journal of Electronic Security and Digital Forensics,1751911x; 17519128,Inderscience Publishers,United Kingdom,Yudi Prayudi; Ahmad Ashari; Tri Kuntoro Priyambodo,"The handling of the chain of custody for digital evidence is a complex issue and more difficult than physical evidence. The main problem in the chain of custody of digital evidence is related to how to record and what should be documented the information of evidence in an investigative process. This paper provides a mechanism for recording and documentation of digital evidence as well as mapping information that must exist for a chain of custody of digital evidence. The recording mechanism is performed after the acquisition and disk imaging of electronic evidence while mapping the information is done into two parts, static and dynamic information. This concept is expected to be an alternative solution for digital evidence handling and to provide solutions for information standards for a chain of custody of digital evidence.",11,4,395,419,Chain of custody; Data science; Mechanism (sociology); Digital evidence; Computer science; Process (engineering); Documentation; Digital forensics; Metadata,,,,,https://dblp.uni-trier.de/db/journals/ijesdf/ijesdf11.html#PrayudiAP19 https://www.inderscienceonline.com/doi/abs/10.1504/IJESDF.2019.102554,http://dx.doi.org/10.1504/ijesdf.2019.10021732,,10.1504/ijesdf.2019.10021732,2948823357,,0,,0,false,,
067-463-597-327-112,IFIP Int. Conf. Digital Forensics - Applying Filter Clusters to Reduce Search State Space,,,book chapter,Advances in Digital Forensics,,Kluwer Academic Publishers,,Jill Slay; Kris Jorgensen,"Computer forensic tools must be both accurate and reliable so as not to miss vital evidence. While many investigations are conducted in sophisticated digital forensic laboratories, there is an increasing need to develop tools and techniques that could permit preliminary investigations to be carried out in the field. Pre-filtering electronic data in the field, before a computer is brought back to a laboratory for full investigation, can save valuable time. Filtering can also speed up in-house investigations by reducing search space size.",,,295,301,Filter (signal processing); Computer engineering; Filter design; Electronic data; Field (computer science); Computer science; Simulation; Speedup; State space; Digital forensics,,,,,https://link.springer.com/content/pdf/10.1007%2F0-387-31163-7_24.pdf https://rd.springer.com/chapter/10.1007/0-387-31163-7_24 https://dblp.uni-trier.de/db/conf/ifip11-9/df2005.html#SlayJ05 https://link.springer.com/10.1007%2F0-387-31163-7_24 https://link.springer.com/chapter/10.1007%2F0-387-31163-7_24,http://dx.doi.org/10.1007/0-387-31163-7_24,,10.1007/0-387-31163-7_24,1547498649,,0,111-741-773-111-021; 156-542-218-824-445,2,true,,bronze
067-489-748-584-577,A lightweight software write-blocker for virtual machine forensics,,2016,conference proceedings article,2016 Sixth International Conference on Innovative Computing Technology (INTECH),,IEEE,,Patrick Tobin; Nhien-An Le-Khac; M-Tahar Kechadi,"The integrity of any original evidence is fundamental to a forensic examination. Preserving the integrity of digital evidence is vitally important as changing just one bit among perhaps gigabits of data, will irrevocably alter that data and cast doubt on any evidence extracted. In traditional digital forensics write-blockers are used to preserve the integrity of that evidence and prevent changes from occurring, but virtual machine forensics presents more difficult challenges to address. Access to the digital storage device will probably not be possible, typically the only accessible storage will be a virtual hard disk drive. This will have the same integrity issues as those of a real device, but with the added complication that it is not possible to use a hardware write-blocker to prevent changes to those data. For this reason it is important to explore how to implement write-blocking mechanisms on a virtual device. In this paper we present an implementation of a software write-blocker and show how we can use it to be compliant with the 2nd ACPO principle on digital evidence.",,,730,735,Virtual machine; Software; Virtual device; Digital evidence; Computer security; Computer science; Forensic disk controller; Network forensics; Cloud computing; Digital forensics,,,,,http://ieeexplore.ieee.org/document/7845141/ https://researchrepository.ucd.ie/bitstream/10197/8150/1/insight_publication.pdf https://ieeexplore.ieee.org/document/7845141/ https://researchrepository.ucd.ie/handle/10197/8150,http://dx.doi.org/10.1109/intech.2016.7845141,,10.1109/intech.2016.7845141,2557342546,,0,002-495-833-326-831; 004-022-528-441-49X; 011-211-059-067-832; 020-681-475-438-842; 036-070-754-056-335; 038-914-873-897-532; 051-278-209-038-859; 063-128-918-481-572; 081-447-017-308-327; 091-865-413-941-073; 120-361-603-676-195; 131-516-331-360-906; 132-593-656-855-005; 145-932-798-899-180; 168-735-970-391-234; 172-443-563-369-742; 194-016-717-022-461; 199-745-676-923-766,4,true,cc-by-nc-nd,green
067-577-414-064-539,Digital Forensic Science: A Manifesto,2016-12-16,2016,journal article,South African Computer Journal,23137835; 10157999,South African Institute of Computer Scientists and Information Technologists,South Africa,Martin S. Olivier,"Forensic examination of evidence holds the promise of making claims about the truth of certain propositions with the inherent accuracy; and reliability that characterises scientific endeavours. The propositions may relate to the artefacts examined or related artefacts. The; nature of propositions about which claims can be made depend on the extent to which given propositions fall within the ambit of scientific; knowledge and on the extent to which the examined evidence is suitable for the application of established science. A continuing series; of incidents illustrate that in many forensic disciplines that promise is not met — often because some branch of forensic science happen; to not being scientific at all. In fact, serious assessments of forensic science have shown that many (if not most) branches of forensic; science are not scientifically valid.; Digital forensic science is one of the newest members of the family of forensic sciences. A number of reasons for concern exist that; it is following in the footsteps of its more established footsteps and repeating many of the mistakes of those other branches of forensic; science.; This viewpoint is written in the form of a manifesto that is situated in the current discourse about digital forensic science and practice.; If challenges the current developments in digital forensic science by positing a number of demands that digital forensic science have to; meet to be deemed scientific. The demands are posited as necessary, but not sufficient to ensure that digital forensic science uses science; to contribute to justice. Appropriate responses to the manifesto is a change in digital forensic developments or an informed debate about; the issues raised in the manifesto.",28,2,46,49,Situated; Forensic science; Sociology; Sociology of scientific knowledge; Law; Justice (ethics); Manifesto; Forensic examination; Questioned document examination; Engineering ethics; Digital forensics,,,,,https://doaj.org/article/fd3996c6cd6a4b50a4c43cb3dcef8058 https://sacj.cs.uct.ac.za/index.php/sacj/article/view/442 https://core.ac.uk/display/90989195 https://doi.org/10.18489/sacj.v28i2.442 https://dblp.uni-trier.de/db/journals/saj/saj28a.html#Olivier16 https://sacj.cs.uct.ac.za/index.php/sacj/article/download/442/194 https://www.dspace.up.ac.za/handle/2263/60561 https://repository.up.ac.za/handle/2263/60561,http://dx.doi.org/10.18489/sacj.v28i2.442,,10.18489/sacj.v28i2.442,2566075325,,0,,5,true,cc-by-nc,gold
067-629-806-155-212,Digital Records Forensics: A New Science and Academic Program for Forensic Readiness,,2010,journal article,"Journal of Digital Forensics, Security and Law",15587223,Embry-Riddle Aeronautical University/Hunt Library,,Luciana Duranti; Barbara Endicott-Popovsky,"This paper introduces the Digital Records Forensics project, a research endeavour located at the University of British Columbia in Canada and aimed at the development of a new science resulting from the integration of digital forensics with diplomatics, archival science, information science and the law of evidence, and of an interdisciplinary graduate degree program, called Digital Records Forensics Studies, directed to professionals working for law enforcement agencies, legal firms, courts, and all kind of institutions and business that require their services. The program anticipates the need for organizations to become “forensically ready,” defined by John Tan as “maximizing the ability of an environment to collect credible digital evidence while minimizing the cost of an incident response (Tan, 2001).” The paper argues the need for such a program, describes its nature and content, and proposes ways of delivering it.",5,2,45,62,World Wide Web; Political science; Digital preservation; Law enforcement; Digital evidence; Digital records; Public relations; Archival science; Computer forensics; Digital forensics; Information science,,,,,https://commons.erau.edu/cgi/viewcontent.cgi?article=1075&context=jdfsl https://core.ac.uk/display/92127065 https://dblp.uni-trier.de/db/journals/jdfsl/jdfsl5.html#DurantiE10 https://commons.erau.edu/jdfsl/vol5/iss2/4/,http://dx.doi.org/10.15394/jdfsl.2010.1075,,10.15394/jdfsl.2010.1075,1780515845,,0,002-383-410-319-043; 003-698-341-514-795; 014-261-775-435-338; 014-863-311-580-850; 014-992-406-139-591; 032-960-619-192-843; 037-647-066-964-858; 038-479-011-420-112; 041-291-462-265-899; 041-620-409-429-393; 049-223-763-769-747; 049-528-917-745-404; 052-308-687-231-910; 060-486-631-843-063; 063-874-121-007-405; 068-225-367-026-800; 069-689-937-128-684; 078-944-278-265-053; 081-042-044-554-106; 082-783-209-447-574; 085-214-277-668-01X; 088-309-759-208-842; 089-196-350-946-08X; 094-069-824-119-270; 100-370-255-379-23X; 105-494-642-200-718; 110-602-215-577-031; 116-679-504-830-017; 117-122-176-437-168; 117-943-382-787-511; 120-964-024-592-598; 121-098-780-472-16X; 124-386-684-933-152; 129-648-544-140-133; 144-924-692-716-271; 153-015-315-567-512; 167-375-606-992-866; 167-448-315-064-968; 174-616-011-533-052; 183-022-500-213-12X; 186-993-770-394-232; 199-172-967-270-034,20,true,cc-by-nc,gold
068-214-858-823-069,Overview of Digital Evidence Discovery,,2012,book chapter,Digital Forensics for Legal Professionals,,Elsevier,,Larry E. Daniel; Lars E. Daniel,,,,103,105,Internet privacy; Engineering; Data science; Task (project management); Electronic Communications Privacy Act; Digital evidence; Electronic data; Search and seizure,,,,,https://www.sciencedirect.com/science/article/pii/B9781597496438000146,http://dx.doi.org/10.1016/b978-1-59749-643-8.00014-6,,10.1016/b978-1-59749-643-8.00014-6,123545366,,0,,0,false,,
068-243-953-989-609,Per Call Measurement Data–Real Time Tool–Network Event Locations System Data,,2017,book chapter,Cell Phone Location Evidence for Legal Professionals,,Elsevier,,Larry Daniel,,,,79,88,Data mining; Engineering; Sprint; Phone; Event (computing); Real-time computing,,,,,https://www.sciencedirect.com/science/article/pii/B9780128093979000110 http://www.sciencedirect.com/science/article/pii/B9780128093979000110,http://dx.doi.org/10.1016/b978-0-12-809397-9.00011-0,,10.1016/b978-0-12-809397-9.00011-0,2663038926,,0,,0,false,,
068-427-192-465-179,Resolution of Complication in Territorial Sea by Using Digital Forensic,,2007,journal article,Journal of the Korea Society of Computer and Information,1598849x,,,Gyu-An Lee; Dea-Woo Park; Youg-Tae Shin,"Korea's seas have the potentials of dispute against China or Japan due to the overlap of the territorial waters and EEZ. In case of marine accidents, the nature of the sea tends to eliminate much of the track, making it another hardship in evidence adoption in case of an international dispute along with the false entries of fishing vessels' journals. Marine Digital Forensics Protects the functions of computers and IT appliance on vessels and extracts evidence of voyage and accidents to resolve international dispute. The digital evidence, if tampered with its integrity, my lead to the rejection to a critical claim or may even fail to make a case. As a solution, this thesis suggests Marine Digital Forensics as a way to extract evidence and prove a claim. This may be utilized as means of scientific investigation on sea as overseas exchange increases and the vessels digitalize, leading to a solution in international disputes that may occur in the future.",12,3,137,146,Exclusive economic zone; Resolution (logic); Business; International trade; China; Digital evidence; Digital forensics; Territorial waters,,,,,http://www.koreascience.or.kr/article/ArticleFullRecord.jsp?cn=CPTSCQ_2007_v12n3_137,http://www.koreascience.or.kr/article/ArticleFullRecord.jsp?cn=CPTSCQ_2007_v12n3_137,,,2992137876,,0,,0,false,,
068-558-695-475-467,Dilemmas in Digital Forensics for Computer Equipment Security and Maintenance in Remote Ships,,2012,journal article,Advanced Materials Research,16628985,"Trans Tech Publications, Ltd.",,Hu Chen,"As remote ships have equipped a large number of computer equipments, the maintenance of such equipments confronts a great challenge. Since some embedded devices among them may be hacked by attackers or disabled by Byzantine failure, to discover the attacking originality and fault source present foremost importance. In this article, we discuss digital investigation and forensics as a general viewpoint. We point out some dilemmas that hinder the development of digital forensics, some of which may be fundamental problems. We propose to expand the concept of digital forensics to a wider scope so as to include digital investigation for information instead of only evidence. We also argue that the fostering of novel contributions should be relied on technical experts instead of law experts as emerging new techniques always result in new digital crimes. We promote the divorce between the technical experts who focus on the contribution of technologies, and legal authorities who are responsible to bridge the gap between technologies and standard/formalization. Digital forensics methods are encouraged to be publicly available, but the contributors should be aware of the possibility of anti-forensics.",490-495,,1382,1386,Forensic science; Bridge (nautical); Point (typography); Originality; Scope (project management); Computer security; Focus (computing); Computer science; Computer forensics; Digital forensics,,,,,https://www.scientific.net/AMR.490-495.1382,http://dx.doi.org/10.4028/www.scientific.net/amr.490-495.1382,,10.4028/www.scientific.net/amr.490-495.1382,2025495556,,0,030-359-893-882-572; 042-230-817-975-353; 045-243-807-828-458; 049-216-276-407-671; 081-933-261-712-915; 134-927-490-231-285,0,false,,
068-573-357-666-979,Bluepipe: A Scalable Architecture for On-the-Spot Digital Forensics,,2004,journal article,International Journal of Digital Evidence,,,,Yun Gao; Golden G. Richard; Vassil Roussev,"Traditional digital forensics methods are based on the in-depth examination of computer systems in a lab setting. Such methods are standard practice in acquiring digital evidence and are indispensable as an investigative approach. However, they are also relatively heavyweight and expensive and require significant expertise on part of the investigator. Thus, they cannot be applied on a wider scale and, in particular, they cannot be used as a tool by regular law enforcement officers in their daily work. This paper argues for the need for on-the-spot digital forensics tools that supplement lab methods and discuss the specific user and software engineering requirements for such tools. The authors present the Bluepipe architecture for on-the-spot investigation and the Bluepipe remote forensics protocol that they have developed and relate them to a set of requirements. They also discuss some of the details of their ongoing prototype implementation.",3,,,,Software engineering; Architecture; World Wide Web; Law enforcement; Scale (chemistry); Digital evidence; Computer science; Network forensics; Computer forensics; Digital forensics; Protocol (object-oriented programming),,,,,http://www.cs.uno.edu/~golden/Papers/bluepipe-ijde.pdf https://www.utica.edu/academic/institutes/ecii/publications/articles/A0B57A8C-B6FD-092A-4D06F7039867505D.pdf https://dblp.uni-trier.de/db/journals/ijde/ijde3.html#GaoRR04,https://dblp.uni-trier.de/db/journals/ijde/ijde3.html#GaoRR04,,,39046966,,0,,9,false,,
068-809-585-056-724,Awareness of Problems and Defies with Big Data Involved in Network Security Management with Revised Data Fusion-Based Digital Investigation Model,2020-03-17,2020,book chapter,Big Data Analytics and Computing for Digital Forensic Investigations,,CRC Press,,Sateesh Kumar Pradhan; Satyasundara Mahapatra; Chandrakant Mallick,"The budding progress and relevance of digital information technology in quite a few areas of business, engineering, medical, agricultural and scientific studies are resulting in data explosion coined by the term “big data”. The dependency on digital media drives and devices has enlarged the dimensions of data formation and storage exponentially around the world, with a need of keeping a record of what data is accumulated and how the data is exercised. So it has raised an alarm of security for the data asset. To discover the pattern of interest leading to a decision from these voluminous data has put forth a challenge for the law enforcement and investigative agencies. Also, tracing such type of misutilization of digital technology in a big data age from the perspective of digital forensics requires minute bit-level examination and observations to locate the digital evidence that explains how maliciously nefarious activities have been done and by whom with the possible extent of the damage. The forensic examination and analysis in such a big data era requires appropriate digital investigation model with the application of tools, techniques and methodologies to boost decision-making and diagnostic process for advanced outfitted competence in digital forensic investigation with the intent of assembling valuable evidence from it. So, the need of the hour is to have a holistic outlook of the big data challenges and opportunities for its application in the digital forensic domain with the goal of making full-bodied investigation pronouncements. Much work has been done to model digital investigation as well as digital evidence but a comprehensive correlated and aggregated merging of voluminous data coming from different heterogeneous sources along with timely and accurate detection and analysis is the need of the hour. This chapter depicts the trends of digital forensics served for big data and the challenges of evidence acquisition, and further suggests the revision of the existing fusion-based digital investigation model by highlighting the formalization, quick detection and timely accurate analysis of digital evidence from multiple sources simultaneously. The modification adopted the inclusion of look-up table into the architecture with the application of data fusion to practice voluminous data effectually.",,,151,170,Information technology; Digital media; Data science; Digital evidence; Sensor fusion; Computer science; Big data; Asset (computer security); Digital forensics; Relevance (information retrieval),,,,,https://www.taylorfrancis.com/chapters/edit/10.1201/9781003024743-7/awareness-problems-defies-big-data-involved-network-security-management-revised-data-fusion-based-digital-investigation-model-sateesh-kumar-pradhan-satyasundara-mahapatra-chandrakant-mallick,http://dx.doi.org/10.1201/9781003024743-7,,10.1201/9781003024743-7,3011965819,,0,052-665-370-203-554,0,false,,
068-931-665-572-533,A Forensic Traceability Index in Digital Forensic Investigation,2013-01-30,2013,journal article,Journal of Information Security,,,,Siti Rahayu Selamat; Shahrin Sahib; Nor Hafeizah; Robiah Yusof; Mohd Faizal Abdollah,"Digital crime inflicts immense damage to users and systems and now it has reached a level of sophistication that makes it difficult to track its sources or origins especially with the advancements in modern computers, networks and the availability of diverse digital devices. Forensic has an important role to facilitate investigations of illegal activities and inappropriate behaviors using scientific methodologies, techniques and investigation frameworks. Digital forensic is developed to investigate any digital devices in the detection of crime. This paper emphasized on the research of traceability aspects in digital forensic investigation process. This includes discovering of complex and huge volume of evidence and connecting meaningful relationships between them. The aim of this paper is to derive a traceability index as a useful indicator in measuring the accuracy and completeness of discovering the evidence. This index is demonstrated through a model (TraceMap) to facilitate the investigator in tracing and mapping the evidence in order to identify the origin of the crime or incident. In this paper, tracing rate, mapping rate and offender identification rate are used to present the level of tracing ability, mapping ability and identifying the offender ability respectively. This research has a high potential of being expanded into other research areas such as in digital evidence presentation.",2013,1,19,32,Tracing; Forensic science; Traceability; Sophistication; Data science; Digital evidence; Digital forensic investigation; Research areas; Computer security; Computer science; Digital forensics,,,,,https://m.scirp.org/papers/27549 https://www.scirp.org/Journal/PaperDownload.aspx?paperID=27549 http://eprints.utem.edu.my/6777/ https://file.scirp.org/Html/4-7800122_27549.htm https://file.scirp.org/pdf/JIS_2013013014233287.pdf https://www.scirp.org/journal/PaperInformation.aspx?paperID=27549,https://m.scirp.org/papers/27549,,,2102916229,,0,006-004-640-148-035; 010-086-703-646-194; 012-779-911-526-394; 017-358-994-049-12X; 018-245-873-246-94X; 019-698-064-288-240; 020-064-435-529-922; 020-944-423-224-895; 024-917-519-955-520; 025-166-987-232-333; 030-809-391-871-561; 032-697-093-668-898; 038-668-970-194-854; 038-704-079-905-560; 040-823-216-153-224; 044-147-389-377-300; 050-513-243-638-138; 056-615-247-058-312; 056-889-959-233-076; 062-202-545-220-180; 069-894-023-646-007; 102-528-798-484-730; 102-602-192-826-532; 114-592-978-453-407; 124-837-341-752-034; 125-384-800-661-375; 132-089-355-719-664; 133-232-608-554-796; 133-397-275-695-990; 134-927-490-231-285; 137-203-237-364-717; 138-253-866-510-07X; 140-821-103-436-654; 170-108-067-251-840; 170-299-458-679-224; 171-886-869-522-486; 177-069-167-035-120; 180-327-460-336-608; 190-065-821-748-92X; 199-172-967-270-034; 199-745-676-923-766,11,false,,
068-938-185-831-702,How a Standardization Process May Impact on the Relation Between Digital Evidence and Digital Forensics,,2018,,,,,,Radina Stoykova,,,,,,Standardization; Data science; Relation (database); Digital evidence; Computer science; Process (engineering); Digital forensics,,,,,https://jusletter-it.weblaw.ch/en/issues/2018/IRIS/how-a-standardizatio_21bd9a1d87.html__ONCE&login=false,https://jusletter-it.weblaw.ch/en/issues/2018/IRIS/how-a-standardizatio_21bd9a1d87.html__ONCE&login=false,,,2997442329,,0,,0,false,,
068-957-682-952-20X,Cloud Computing Forensic Analysis: Trends and Challenges,2016-10-18,2016,book chapter,Intelligent Systems Reference Library,18684394; 18684408,Springer International Publishing,United States,Amira Sayed A. Aziz; Mohamed Mostafa M. Fouad; Aboul Ella Hassanien,"Computer forensics is a very important field of computer science in relation to computer, mobile and Internet related crimes. The main role of Computer forensic is to perform crime investigation through analyzing any evidence found in digital formats. The massive number of cybercrimes reported recently, raises the importance of developing specialized forensic tools for collecting and studying digital evidences in the digital world, in some situation even before they are lost or deleted. The emergence of the new Cloud Computing paradigm with its unique structures and various service models, had added more challenge to digital forensic investigators to gain the full access and control to the spread cloud resources. While, the current chapter starts to lay the importance of digital forensics as whole, it specially focuses on their role in cybercrimes investigations in the digital cloud. Therefore, the chapter goes through the definition of the basic concepts, structures, and service models of the cloud computing paradigm. Then, it describes the main advantages, disadvantages, challenges that face the digital forensic processes, and techniques that support the isolation and preservation of any digital evidences. Finally, the chapter stresses on a number of challenges in the cloud forensic analysis still open for future research.",,,3,23,The Internet; Crime scene; Data science; Relation (database); Virtual machine; Service (systems architecture); Computer science; Computer forensics; Cloud computing; Digital forensics,,,,,https://rd.springer.com/chapter/10.1007/978-3-319-44270-9_1 https://link.springer.com/chapter/10.1007%2F978-3-319-44270-9_1,http://dx.doi.org/10.1007/978-3-319-44270-9_1,,10.1007/978-3-319-44270-9_1,2536709179,,0,018-390-552-445-885; 032-697-093-668-898; 035-223-520-491-228; 044-923-583-419-913; 047-630-600-014-492; 049-977-511-720-26X; 050-513-243-638-138; 059-697-278-686-056; 067-950-012-629-210; 071-408-157-269-02X; 077-532-025-251-756; 084-910-509-998-37X; 085-214-277-668-01X; 088-713-878-415-259; 091-619-263-117-914; 092-039-178-633-223; 093-832-968-263-829; 111-933-804-702-243; 114-481-306-543-811; 116-056-471-784-278; 122-269-963-751-911; 130-287-928-782-084; 148-732-709-522-772; 170-108-067-251-840; 170-299-458-679-224; 178-512-695-972-193; 190-065-821-748-92X,3,false,,
068-961-652-174-269,ARTIFACTS INFORMATION MANAGEMENT SYSTEM (AIMS) FORDIGITAL FORENSICS (AIMS for Digital4N6),2021-08-04,2021,,,,,,P. Srinivasa Murthy; V. Nagalakshmi,"Digital Forensics is a systematic approach for recovering the contents from the digital sources and analyzing their evidence contents for detecting the cyber crimes. Presently cyber security issues are increasing around the globe, for this reason, it is essential to have digital forensic experts to handle the situation both technically and legally. During Investigation process, different types of evidences are collected from various digital source in the network environment. Artifacts are the areas to hold information about the digital activities performed on the computer system, networking environment or in any digital infrastructure set-up. The Artifacts Information Management System (AIMS) is intended for use by the Digital Investigators and their team members for the digital evidences analyses during the investigation process. The main idea of this system is to store and retrieve the digital forensics analysis information from a simple database which can be viewed and to understand the artifacts from digital sources.The present paper discusses briefly about thedesigning aspects of Artifacts Information Management System for Digital Forensics (AIMS) and its advantages.",,,6509,6517,Data science; SIMPLE (military communications protocol); Management information systems; Computer science; Process (engineering); Digital forensics,,,,,http://thedesignengineering.com/index.php/DE/article/view/3148,http://thedesignengineering.com/index.php/DE/article/view/3148,,,3189685933,,0,,0,false,,
069-143-332-486-492,Evaluation of Digital Forensics Tools on Data Recovery and Analysis,,2016,,,,,,Ioannis Lazaridis; Sotirios Pouros Theodoros Arampatzis,"This paper presents a comparison and evaluation of several digital forensics tools on data recovery scenarios. Modern tools have been tested and evaluated in order to provide evidence regarding their capabilities in qualitative analysis and recovery of deleted data from various file systems. Results derived from the comparisons, present the capability of each digital forensics tool. Based on variables and specifications, the tool with the best performance is considered the most suitable application for analysing and retrieving files. A comparison between digital forensics tools takes place as well, alongside conclusions.",,,67,71,Data mining; Data science; Order (business); Qualitative analysis; Computer science; Network forensics; Data recovery; Wireless; Digital forensics,,,,,http://www.sdiwc.net/digital-library/evaluation-of-digital-forensics-tools-on-data-recovery-and-analysis.html,http://www.sdiwc.net/digital-library/evaluation-of-digital-forensics-tools-on-data-recovery-and-analysis.html,,,2379501423,,0,004-553-537-193-953; 011-235-632-758-676; 017-815-064-018-299; 084-910-509-998-37X; 096-113-535-997-622; 135-343-703-752-971; 145-125-965-383-552; 153-153-144-072-106; 167-592-705-831-583; 172-525-294-031-581; 199-172-967-270-034,1,false,,
069-164-282-798-000,The Need for Digital Evidence Standardisation,2012-04-01,2012,journal article,International Journal of Digital Crime and Forensics,19416210; 19416229,IGI Global,United States,Marthie Grobler,"<p>Continuous developments in forensic processes and tools have aided in elevating the positioning of digital forensics within the legal system. The equally continuous developments in technology and electronic advances, however, are making it more difficult to match forensic processes and tools with the advanced technology. Therefore, it is necessary to create and maintain internationally accepted standards to control the use and application of digital forensic processes. This article addresses this need and touches on the motivation for such internationally recognised standards on digital evidence. It also looks at current work in and progress towards the establishment of digital evidence related documents addressing all phases of the digital forensic process.</p>",4,2,1,12,Data science; Digital evidence; Computer science,,,,,https://dblp.uni-trier.de/db/journals/ijdcf/ijdcf4.html#Grobler12 https://www.igi-global.com/article/need-digital-evidence-standardisation/68406 https://doi.org/10.4018/jdcf.2012040101,http://dx.doi.org/10.4018/jdcf.2012040101,,10.4018/jdcf.2012040101,1975327969,,0,002-383-410-319-043; 033-483-431-452-962; 075-268-039-596-63X; 130-388-474-945-856; 134-927-490-231-285; 135-193-618-945-495; 184-673-927-906-959,3,false,,
069-204-644-544-184,CECC - Digital Forensics vs. Due Process: Conflicting Standards or Complementary Approaches?,2019-11-14,2019,book,Proceedings of the Third Central European Cybersecurity Conference,,ACM,,Uwe Ewald,"Cybersecurity and digital forensics are closely related to current and even more to future criminal proceedings due to the fact that digital evidence is more and more dominating the body of evidence in criminal trials. It is also fair to say that digital forensics to a large extent performs in cybersecurity as a production of digital evidence.Not only in cybercrime but also in ordinary crimes like car theft, drug related crimes and forms of traditional organized crimes judicial decision-making and reasoning at trials and finally in judgments are more and more based on references to digital traces and data which are provided by forensic IT experts as exhibits.At the first glance providing digital data as evidence to criminal courts appears to be a straightforward more technical process. This paper claims that turning digital traces into digital evidence is anything but a simple and linear technical process just having to respect state-of-the-art technical standards and following rules for the chain of custody. Instead it will demonstrate that digital forensics is one part in a more complex social construction process where standards and methods of IT forensics of the 21st century meet evidentiary procedural rules in criminal justice of the 19th century, hence applied by a judiciary of the 20th century. This state of asynchrony leads to basic conflicts between digital forensics on the one side, rule of law, to process and fair trial on the other.The paper will reflect upon the central question if and how this conflict between digital forensics and traditional due process in the transition from analog to digital evidence in criminal justice proceedings can be turned into an integrated and complementary approach for the final sake of justice and security in the society.While the current situation is leading to a gap between data and judicial decision (digital divide), new standards for producing procedural truth in a comprehensible data-to-decision-cycle covering both the forensic acquisition, preparation and analysis at the pretrial stage, as well as presenting, testing (verifying/falsifying) and interpreting digital evidence at trial by judges, prosecutors and defense attorneys. Only if both sides, the forensic and judicial, are in balance the digital divide in today's criminal justice practice will fade away.Firstly, the paper will outline a conceptual view on the challenges electronic evidence based on digital code and machine language poses to a traditional judicial method of communicating evidentiary information relying on natural language and unstructured narratives in direct personal communication during trial which inevitably will lead to a paradigm shift in the judicial hermeneutic method.Criminal proceedings and judgments as their outcome are traditionally based on enlightenment principles of oral and direct communication in public hearings, hence human language and narrative is the crucial medium of communication and understanding during trial and post-trial addressing the wider public. If language at trial (which is already the case through judicial expert language) becomes exclusive, criminal proceedings lose their original sense of communicating what is 'right' and 'wrong' based on evidentiary reasoning as a rational evaluation and interpretation of legally relevant facts.If now digital evidence, produced by hard- and software applying technical standards, is not or only insufficiently communicated during trial and therefore neither understood regarding its reliability and validity by the court, prosecution and defense, nor grasped by the public, digital evidence jeopardizes the independence and autonomy of judicial decision-making at trial. As a result, the substance of rule of law will be changed since the power of decision-making is shifting away from the judiciary to digital experts.Thus, the understanding of ""digital evidence"" as a forensic-judicial construct leads to recognizing the substantial impact of digitization on criminal justice and the chances and risks digitization poses to modern criminal justice which is based on democratic rules and respecting human rights and individual freedom.Secondly, some light will briefly be shed on three aspects regarding the practical situation of digital evidence in Europe, it's actual risks and possible solutions.An analysis of European law-making since the Lisbon treaty shows the already well-known fact of the ubiquity of digital data in nearly all spheres of life represented in both big data as well as personalized data sets stored on mobile devices in detail.Exploring the flaws in cell phone evidence in Denmark which led to the review of 10,700 verdicts and the release of 32 prisoners show the fatal impact the digital divide in processing electronic evidence in criminal justice can have.Eventually, the judgement in the Case of Rook v. Germany at the European Court of Human Rights indicates perspectives in future dealing with digital evidence during criminal proceedings, in particular pointing out the special role defense attorneys (should) play in testing digital evidence by building up own independent resources and competencies in processing and analyzing digital data.Thirdly, against the backdrop of the above outlined conceptual framework and (selective) practical issues the paper will attempt to provide a perspective aiming at the integration of digital forensics and due process standards into a balanced and complementary approach allowing the court to reliably assess the probative value of digital data and drawing a red line for the admissibility of digital data into evidence where existing standards and tests do not allow judges an independent and informed decision, using the example of cell-site evidence. Only then the current digital gap in the processing of digital evidence in criminal justice will be closed when, in a joint effort, the IT-forensic industry in concert with law enforcement and judiciary provide reliable standards for testing electronic evidence at trial. Judicial players at trial, judges, prosecutors, defense attorneys, on the other hand, will be required to develop necessary skills and competencies to apply such standards in due process.Conclusive remarks will summarize challenging core issues but also the feasibility of ""integrated forensic-judicial standards for digital evidence"" which ultimately should guarantee the principles of rule of law and fair trial to safeguard in particular procedural principles such as the presumption of innocence and prevent their replacement by new concepts of risk probability and (cyber) threat scoring based on digital data.",,,,,Judicial opinion; Criminal justice; Digital divide; Digital media; Political science; Law and economics; Digitization; Cybercrime; Digital evidence; Digital forensics,,,,,https://dl.acm.org/doi/10.1145/3360664.3362697 https://doi.org/10.1145/3360664.3362697,http://dx.doi.org/10.1145/3360664.3362697,,10.1145/3360664.3362697,2981476769,,0,,0,false,,
069-296-818-197-962,Collecting Digital Evidence from Online Sources: Deficiencies in Current Polish Criminal Law,2021-12-29,2021,journal article,Criminal Law Forum,10468374; 15729850,Springer Science and Business Media LLC,United States,Piotr Lewulis,"<jats:title>Abstract</jats:title><jats:p>The importance of digital evidence, especially online content, is continuously increasing due to the proliferation of digital technologies in socio-economic life. However, the legal means of criminal evidence gathering in Polish legislation remain unchanged and do not take into account some contemporary challenges. In various countries, traditional rules of evidence gathering were created in the context of a physical world. These rules may be insufficient to safeguard the forensic soundness of evidence gathering methods. Inadequacies of current procedures may be especially visible in the context of transborder digital evidence gathering from online open sources. This article describes the practical shortcomings of Polish criminal evidence law in the context of digital evidence with particular attention to online open-source materials. Empirical data indicate that existing legal limitations are bypassed in practice to enable evidence collection. This unfortunately often happens at the expense of the forensic soundness of digital evidence.</jats:p>",33,1,39,62,Digital evidence; Soundness; Context (archaeology); Legislation; Digital forensics; Law; Political science; Criminal investigation; Transparency (behavior); Public relations; Internet privacy,,,,,,http://dx.doi.org/10.1007/s10609-021-09430-4,,10.1007/s10609-021-09430-4,,,0,,0,true,cc-by,hybrid
069-312-321-010-143,FrankenFRED: a custom digital forensics workflow and digital preservation lab for the Archives of Ontario,2021-06-08,2021,dissertation,,,Ryerson University Library and Archives,,Blanche Joslin,"<jats:p>Digital forensics allows cultural heritage institutions to validate, preserve, and recover digital objects. This thesis discusses the development and implementation of a custom digital forensics workflow for the Archives of Ontario. The justifications for the workflow are based on research into digital forensics, authenticity, diplomatics, and digital preservation. The workflow seeks to clarify best-practice policies and procedures for using a Digital Intelligence Forensic Recover of Evidence Device (FRED), an out-of-the-box digital forensics hardware solution. The Archive procured a FRED tower requiring an implementation plan and overall strategy for its effective use. Presented in this paper is a workflow built specifically for the needs of the Archives as well as justifications for the processes proposed within the workflow. The BitCurator processing environment is addressed as an integral tool for implementation. Also discussed are modifications made to the Archive’s FRED tower to produce what I have called FrankenFRED.</jats:p>",,,,,Workflow; Digital forensics; Computer science; Plan (archaeology); Tower; Workflow engine; Digital evidence; Digital preservation; Digital Archives; World Wide Web; Workflow technology; Computer forensics; Software engineering,,,,,,http://dx.doi.org/10.32920/ryerson.14654511.v1,,10.32920/ryerson.14654511.v1,,,0,,0,true,cc-by,green
069-578-076-143-783,HICSS - Digital Forensics--State of the Science and Foundational Research Activity,,2007,conference proceedings article,2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07),,IEEE,,Rayford B. Vaughn; David A. Dampier,"Within the fields of computer science and software engineering greater attention is being given today to the broad topic of information assurance. This minitrack focuses on an emerging subspecialty within information assurance that is largely driven by software technology -- that of Digital Forensics. Digital forensics involves the use of software, computer science, software engineering, and criminal justice procedures to explore and or investigate digital media with the objective of finding evidence to support a criminal or administrative case. It involves the preservation, identification, extraction, and documentation of computer or network evidence. This minitrack includes papers in two important general areas - digital forensics pedagogy at the university level and current research efforts in improving digital forensics tools and techniques.",1,,263,263,Criminal justice; World Wide Web; Digital media; Computational criminology; Data science; Software; Information assurance; Computer science; Information and Computer Science; Computer forensics; Documentation; Digital forensics,,,,,https://ieeexplore.ieee.org/document/4076914/ https://www.computer.org/csdl/proceedings-article/hicss/2007/27550263/12OmNxwncCf https://dblp.uni-trier.de/db/conf/hicss/hicss2007.html#VaughnD07 http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000004076914,http://dx.doi.org/10.1109/hicss.2007.174,,10.1109/hicss.2007.174,2049676552,,0,,1,false,,
069-749-448-215-252,SERF@ESEC/SIGSOFT FSE - Snap forensics: a tradeoff between ephemeral intelligence and persistent evidence collection,2017-09-04,2017,book,Proceedings of the 1st ACM SIGSOFT International Workshop on Software Engineering and Digital Forensics,,ACM,,Yijun Yu; Thein Than Tun,"Digital evidence needs to be made persistent so that it can be used later. For citizen forensics, sometimes intelligence cannot or should not be made persistent forever. In this position paper, we propose a form of snap forensics by defining an elastic duration of evidence/intelligence validity. Explicitly declaring such a duration could unify the treatment of both ephemeral intelligence and persistent evidence towards more flexible storage to satisfy privacy requirements.",,,10,11,Engineering; Digital evidence; Evidence collection; Computer security; Duration (project management); Ephemeral key; Position paper; Digital forensics,,,,Adaptive Security And Privacy,http://oro.open.ac.uk/50179/ https://core.ac.uk/display/84342310 https://dl.acm.org/doi/10.1145/3121252.3121255 https://dblp.uni-trier.de/db/conf/sigsoft/serf2017.html#YuT17 https://core.ac.uk/download/84342310.pdf,http://dx.doi.org/10.1145/3121252.3121255,,10.1145/3121252.3121255,2738702204,,0,019-587-382-043-888; 076-102-967-282-090; 090-169-352-123-185; 103-195-061-156-656; 106-757-197-520-622; 112-321-663-201-881; 112-899-744-555-295; 122-567-340-760-497,0,true,cc-by-nc-nd,green
069-884-249-384-899,Digital evidence and the crime scene.,2021-10-06,2021,journal article,Science & justice : journal of the Forensic Science Society,18764452; 13550306,Forensic Science Society,United Kingdom,Graeme Horsman,"Abstract Many criminal investigations maintain an element of digital evidence, where it is the role of the first responder in many cases to both identify its presence at any crime scene, and assess its worth. Whilst in some instances the existence and role of a digital device at-scene may be obvious, in others, the first responder will be required to evaluate whether any ‘digital opportunities’ exist which could support their inquiry, and if so, where these are. This work discusses the potential presence of digital evidence at crime scenes, approaches to identifying it and the contexts in which it may exist, focusing on the investigative opportunities that devices may offer. The concept of digital devices acting as ‘digital witnesses’ is proposed, followed by an examination of potential ‘digital crime scene’ scenarios and strategies for processing them.",61,6,761,770,Criminal investigation; Crime scene; Work (electrical); Element (criminal law); Data science; First responder; Digital evidence; Digital device; Computer science; Digital forensics,Crime Scene; Digital Evidence; Digital Forensics; First Responder; Investigation,Crime; Humans,,,https://www.sciencedirect.com/science/article/pii/S1355030621001295,http://dx.doi.org/10.1016/j.scijus.2021.10.003,34802650,10.1016/j.scijus.2021.10.003,3205130440,,0,000-385-377-624-228; 007-447-468-912-052; 015-527-658-048-875; 019-831-293-743-518; 022-837-571-402-576; 025-141-025-402-513; 029-164-830-214-360; 044-295-409-596-282; 061-620-309-813-166; 062-137-637-964-947; 066-032-563-680-259; 087-665-408-966-240; 094-142-794-127-63X; 101-898-536-025-026; 143-546-413-886-429; 159-477-048-665-066; 173-145-269-859-717; 184-221-983-536-940; 199-745-676-923-766,0,false,,
069-995-341-585-134,Digital analysis of bite marks and human identification.,,2001,journal article,Dental clinics of North America,00118532,W.B. Saunders Ltd,United Kingdom,C M Bowers; R J Johansen,"This article introduces the dental investigator to the basic concepts of digital imaging techniques as they apply to crime scene photographic evidence. In all aspects of forensic dentistry, analytical comparison methods demand rigorous attention to scale dimensions and the detection of photographic distortion in images of forensic interest. Dental radiographs, photographic slides, negatives, prints, and digital images are all amenable to digital techniques that are useful in controlling quality and expanding the abilities of the forensic dentist to compare known and questioned evidence. The intent of this article is to show accurate means of measuring physical parameters of dental evidence, correction of common photographic distortion and size discrepancies, elimination of examiner subjectivity, better control of image visualization, and standardization of comparison procedures.",45,2,327,"42, ix",Digital imaging; Photography; Crime scene; Information retrieval; Forensic dentistry; Dental Models; Visualization; Computer science; Digital image; Image processing,,"Bites, Human; Forensic Anthropology/instrumentation; Forensic Dentistry/instrumentation; Humans; Image Processing, Computer-Assisted/methods; Models, Dental; Photography; Software",,,https://europepmc.org/article/MED/11370458 https://pubmed.ncbi.nlm.nih.gov/11370458/ https://www.ncbi.nlm.nih.gov/pubmed/11370458,https://www.ncbi.nlm.nih.gov/pubmed/11370458,11370458,,2418299757,,0,,15,false,,
070-345-535-736-050,Analisis Forensik Metadata Kamera CCTV Sebagai Alat Bukti Digital,2020-11-07,2020,journal article,Digital Zone: Jurnal Teknologi Informasi dan Komunikasi,24773255; 20864884,Universitas Lancang Kuning,,Desti Mualfah; Rizdqi Akbar Ramadhan,"<jats:p>Kejahatan konvensial yang terekam kamera CCTV (Closed Circuit Televison) semakin banyak ditemukan di masyarakat, setiap pelaku kejahatan yang terbukti melakukan tindak pidana tertentu akan dihukum sesuai dengan peraturan perundang-undangan. Kamera CCTV memiliki peran penting dalam keamanan, banyak diantaranya hasil tangkapan rekaman kamera CCTV dijadikan sebagai alat bukti digital. Tantangannya adalah bagaimana teknik yang diperlukan untuk penanganan khusus investigasi digital forensik dalam mencari bukti ditgital rekaman kamera CCTV menggunakan metode live forensik, yaitu ketika barang bukti dalam keadan aktif berdasarkan pedoman SNI 27037:2014 sesuai acuan kerangka kerja Common Phases of Computer Forensics Investigation Models untuk di implementasikan ke dalam dokumen Chain of Custody. Hasil penelitian ini berupa hasil analisis video rekaman kamera CCTV tentang karakteristik bukti digital dan informasi metadata yang digunakan untuk memberikan penjelasan komprehensif secara terstruktur serta acuan pengelolaan informasi data yang didapat dari hasil investigasi digital forensik yang dapat dipertanggungjawabkan dalam persidangan.&#x0D;;  &#x0D;; Kata kunci: Bukti Digital, Live Forensik, Metadata, Kamera CCTV, Chain of Custody.&#x0D;;  &#x0D;; Abstract&#x0D;; Conventional crimes that are recorded on CCTV (Closed Circuit Television) cameras are increasingly being found in society, every crime that commits certain crimes will be in accordance with statutory regulations. CCTV cameras have an important role in security, many of which are recorded by CCTV cameras used as digital evidence. The challenge is how the techniques required for special handling, digital forensics in searching for digital evidence of CCTV camera footage using the live forensic method, namely when the evidence is in an active state based on the latest SNI 27037: 2014 according to the framework reference Common Phases of Computer Forensics Investigation Models for in implement it into the Chain of Custody document. These results of this research are in the form of analysis of CCTV camera video recordings about the characteristics of digital evidence and metadata information used to provide a structured comprehensive explanation and reference data management information obtained from the results of digital forensic investigations that can be accounted for in court. &#x0D;; Keywords: Digital Evidence, Live Forensic, Metadata, CCTV Camera, Chain of Custady.</jats:p>",11,2,257,267,,,,,,https://journal.unilak.ac.id/index.php/dz/article/download/5174/2493,http://dx.doi.org/10.31849/digitalzone.v11i2.5174,,10.31849/digitalzone.v11i2.5174,3104630931,,0,,0,true,cc-by-sa,gold
070-720-652-123-140,Chapter 4 – Collecting evidence,,2015,book chapter,The Basics of Digital Forensics,,Elsevier,,John Sammons,,,,47,64,Chain of custody; Faraday cage; Engineering; Digital evidence; Computer security; Volatile memory; Hash function,,,,,https://www.sciencedirect.com/science/article/pii/B9780128016350000048 http://www.sciencedirect.com/science/article/pii/B9780128016350000048,http://dx.doi.org/10.1016/b978-0-12-801635-0.00004-8,,10.1016/b978-0-12-801635-0.00004-8,2585879042,,0,,0,false,,
071-016-958-734-910,The realization of digital forensics identification workflow audit and custody system,,2010,conference proceedings article,The 2010 International Conference on Apperceiving Computing and Intelligence Analysis Proceeding,,IEEE,,Yang Zhang; Gao Yang,"Digital evidence gradually turns into a new type lawsuit evidence. The research on digital forensics technologies focus on evidence search, recovery and data analysis, while legality, authenticity and integrality of forensics process doesn't get supervised. In this paper, on the basis of forensic steps and process research, the author intends to illustrate modeling social auditing work and designing a system to monitor digital forensics verification workflow to solve the problem of chain of custody in the process of digital evidence acquisition, transfer, storage and analysis.",,,384,387,Chain of custody; Workflow; Audit; Data science; Digital evidence; Computer security; Computer science; Process (engineering); Computer forensics; Identification (information); Digital forensics,,,,,http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000005709925 https://ieeexplore.ieee.org/document/5709925/ http://ieeexplore.ieee.org/document/5709925/,http://dx.doi.org/10.1109/icacia.2010.5709925,,10.1109/icacia.2010.5709925,2031099653,,0,,0,false,,
071-064-752-915-376,A forensically-enabled IAAS cloud computing architecture,,,dissertation,,,,,Saad Alqahtany,"Current cloud architectures do not support digital forensic investigators, nor comply with today’s digital forensics procedures largely due to the dynamic nature of the cloud. Whilst much research has focused upon identifying the problems that are introduced with a cloud-based system, to date there is a significant lack of research on adapting current digital forensic tools and techniques to a cloud environment. Data acquisition is the first and most important process within digital forensics – to ensure data integrity and admissibility. However, access to data and the control of resources in the cloud is still very much provider-dependent and complicated by the very nature of the multi-tenanted operating environment. Thus, investigators have no option but to rely on cloud providers to acquire evidence, assuming they would be willing or are required to by law. Furthermore, the evidence collected by the Cloud Service Providers (CSPs) is still questionable as there is no way to verify the validity of this evidence and whether evidence has already been lost. This paper proposes a forensic acquisition and analysis model that fundamentally shifts responsibility of the data back to the data owner rather than relying upon a third party. In this manner, organisations are free to undertaken investigations at will requiring no intervention or cooperation from the cloud provider. The model aims to provide a richer and complete set of admissible evidence than what current CSPs are able to provide.",,,,,Service provider; Cloud testing; Admissible evidence; Cloud computing architecture; Data integrity; Computer security; Computer science; Data access; Cloud computing; Digital forensics,,,,,https://ro.ecu.edu.au/adf/136/ https://pearl.plymouth.ac.uk/handle/10026.1/9508 https://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1136&context=adf https://www.researchgate.net/profile/Saad_Alqahtany/publication/274457757_A_Forensically-Enabled_IAAS_Cloud_Computing_Architecture/links/5554f3be08ae6fd2d821ba9d.pdf https://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.720088,http://dx.doi.org/10.4225/75/57b3e3a5fb87e,,10.4225/75/57b3e3a5fb87e,1921848746,,0,000-087-695-314-553; 004-670-548-978-249; 004-753-336-309-960; 004-872-169-627-620; 008-308-597-135-954; 008-875-575-844-574; 017-615-514-367-685; 018-390-552-445-885; 019-698-064-288-240; 025-319-861-345-580; 027-869-107-299-008; 032-286-659-568-014; 033-877-222-136-260; 034-773-286-616-44X; 035-832-422-734-840; 039-189-453-189-406; 041-879-975-858-398; 046-245-011-128-62X; 047-600-704-780-223; 048-449-354-923-219; 051-645-938-939-51X; 052-152-063-024-042; 056-205-328-777-528; 068-383-476-721-435; 084-871-301-547-140; 091-694-208-796-635; 095-691-114-276-825; 122-269-963-751-911; 124-912-663-881-389; 125-817-456-334-439; 136-798-153-498-59X; 138-097-495-143-351; 139-052-313-432-986; 144-124-797-675-052; 151-944-242-677-668; 155-744-450-683-025; 167-109-432-601-404; 170-108-067-251-840; 172-227-575-775-135; 178-467-155-611-813; 189-137-848-237-120,6,false,,
071-247-941-315-734,WDFIA - Digital Forensics: The need for Integration.,,2011,book,,,,,Paul Sant; Moniphia Orlease Hewling,"Digital forensics fast is becoming quite predominant within the legal court system which has had to deal with an increase of cases that involve the use of digital devices over the past decade. The procedures presently used in the digital forensic process were developed with a focus on the practitioner‟s expertise or interest. This resulted in very little regard for all fields that may be impacted by any one investigation. Such omissions have resulted in digital forensics seeming to be an ad hoc process resulting in a number of cases in which digital evidence has been deemed invalid, producing negative results. Alleviation of such issues is possible with the development of a standard framework flexible enough to accommodate the intricacies of all areas directly impacted by digital forensics. A complete framework incorporating views from computer scientists, lawyers, law enforcement officers and all other practitioners in related the field, needs to be developed. Such a framework should provide the basis from which a set of standards will be generated, defined and used to govern the acquisition of evidence from digital devices/sources, irrespective of their use in or to inform they will be used in a legal case. This paper proposes the development of such a framework integrating technical and legal dimensions.",,,33,43,Set (psychology); Data science; Digital forensic process; Legal case; Law enforcement; Digital evidence; Field (computer science); Computer science; Process (engineering); Digital forensics,,,,,http://www.cscan.org/openaccess/?paperid=82 https://dblp.uni-trier.de/db/conf/wdfia/wdfia2011.html#SantH11,http://www.cscan.org/openaccess/?paperid=82,,,2402646247,,0,019-831-293-743-518; 034-916-306-834-918; 040-823-216-153-224; 042-230-817-975-353; 133-397-275-695-990; 134-927-490-231-285; 140-821-103-436-654,0,false,,
071-469-254-831-765,IFIP Int. Conf. Digital Forensics - A Network-Based Architecture for Storing Digital Evidence,,,book chapter,Advances in Digital Forensics,,Kluwer Academic Publishers,,Mark Davis; Gavin W. Manes; Sujeet Shenoi,"The storage and handling of digital evidence are creating significant challenges for federal, state and local law enforcement agencies. The problems include acquiring and processing massive amounts of digital evidence, maintaining the integrity of the evidence, and storing digital evidence for extended periods of time. This paper describes a network-based storage architecture that helps address these issues. The architecture also supports collaborative efforts by examiners and investigators located at geographically dispersed sites.",,,33,42,Architecture; Law enforcement; Digital evidence; Computer security; Computer science; State (computer science); Storage area network,,,,,https://link.springer.com/content/pdf/10.1007%2F0-387-31163-7_3.pdf https://rd.springer.com/chapter/10.1007/0-387-31163-7_3 https://dblp.uni-trier.de/db/conf/ifip11-9/df2005.html#DavisMS05 https://link.springer.com/10.1007%2F0-387-31163-7_3 https://link.springer.com/chapter/10.1007/0-387-31163-7_3,http://dx.doi.org/10.1007/0-387-31163-7_3,,10.1007/0-387-31163-7_3,1928372850,,0,002-581-808-517-59X; 004-689-539-253-182; 038-668-970-194-854; 044-353-273-186-518; 081-520-369-527-02X; 199-745-676-923-766,12,true,,bronze
071-486-700-319-775,Computer Forensic: An Evidence of various analytical tools for legal constitution,,2012,,,,,,D. S. Jadhav; S. K. Patil,"This paper defines the term computer forensics, discusses how digital media relates to the legal requirements for satisfactoriness of paper-based evidence and suggests a methodology for dealing with potential evidence. The conclusion is that digitally based evidence must be both scientifically sound and legally acceptable.",1,2,,,Engineering; World Wide Web; Digital media; Constitution; Forensic nursing; Engineering ethics; Computer forensics; Term (time),,,,,https://www.omicsonline.org/open-access/computer-forensic-an-evidence-of-various-analytical-tools-for-legal-constitution-2277-1891-1000107.php?aid=12859,https://www.omicsonline.org/open-access/computer-forensic-an-evidence-of-various-analytical-tools-for-legal-constitution-2277-1891-1000107.php?aid=12859,,,2582617264,,0,000-613-523-552-288; 165-687-793-010-302; 174-667-675-999-496,0,false,,
071-606-104-599-241,KONSEP ATTRIBUTE BASED ACCESS CONTROL (ABAC) PADA LEMARI PENYIMPANAN BUKTI DIGITAL (LPBD),2018-05-04,2018,journal article,JURNAL TEKNIK INFORMATIKA,25497901; 19799160,LP2M Universitas Islam Negeri (UIN) Syarif Hidayatullah Jakarta,,Moh Fadly Panende;  Riadi; Yudi Prayudi,"Abstract An important factor of the investigation into cybercrime cases is the case relating to the evidence found. Electronic evidence and digital evidence found in criminal cases should be maintained from the outset, to be held accountable for justice. Sistem digital evidence storage cabinets (LPBD) is one solution to overcome the management of digital evidence is based on digital evidence cabinet (DEC), only the system is not equipped with a good access control model. The LPBD system needs to be built not only on the issue of digital evidence management, but other important components in the digital proof storage cabinet itself, access arrangements, so that the scheme or the design of access control policies on LPBD is very important. The access controls used on previous LPBDs are only done by authentication mechanisms and User authorization mechanisms, no other more complex parameters to support requests made on LPBD systems. In the absence of a good access control model design scheme for LPBD, it is necessary to design an access control policy model using the attribute-based access control approach (ABAC) because ABAC is a more flexible access control model in the application of attributes to users , and the . XACML hierarchy can support control requirements access used in digital evidence storage cabinets (LPBD) . ABSTRAK Faktor penting dalam proses investigasi sebuah kasus cybercrime yaitu hal yang terkait dengan barang bukti yang ditemukan. Bukti elektronik maupun bukti digital yang ditemukan dalam sebuah kasus kejahatan harus tetap terjaga keasliannya, untuk dapat dipertanggung jawabkan dipengadilan. Sistem lemari penyimpanan bukti digital (LPBD) menjadi salah satu solusi untuk permasalahan manajemen bukti digital ini yang berdasar pada digital evidence cabinet (DEC), hanya saja sistem tersebut belum dilengkapi dengan model access control yang baik. Sistem LPBD seharusnya dibuat tidak hanya berdasar pada permasalahan-permasalahan tentang manajemen bukti digital saja, akan tetapi komponen-komponen penting lainnya dalam lemari penyimpanan bukti digital itu sendiri yaitu pengaturan aksesnya, sehingga skema atau desain access control policy terhadap LPBD menjadi sangat penting . Access control yang gunakan terhadap LPBD sebelumnya dibuat hanya dengan mekanisme authefikasi dan authorisasi user saja, tidak adanya parameter lain yang lebih kompleks untuk mendukung  sebuah request yang dilakukan pada sistem LPBD. Mengingat belum adanya skema rancangan model access control yang baik pada LPBD ini, maka perlu dilakukan perancangan model access control policy menggunakan pendekatan attribute based access control (ABAC) karena ABAC merupakan model access control yang lebih fleksibel dalam penerapan attribute terhadap user, dan hierarchy XACML yang dapat mendukung kebutuhan-kebutuhan access control yang digunakan pada lemari penyimpanan bukti digital (LPBD). How To Cite : Panende, M.F, Prayudi, Y. Riadi, I. (2018). KONSEP ATTRIBUTE BASED ACCESS CONTROL (ABAC) PADA LEMARI PENYIMPANAN BUKTI DIGITAL (LPBD) . Jurnal Teknik Informatika, 11(1), 85-94.  doi 10.15408/jti.v11i1.7220 Permalink/DOI: http://dx.doi.org/10.15408/jti.v11i1.7220",11,1,85,94,Operating system; XACML; Computer science,,,,,http://journal.uinjkt.ac.id/index.php/ti/article/download/7220/pdf http://journal.uinjkt.ac.id/index.php/ti/article/view/7220 https://core.ac.uk/download/pdf/290103868.pdf,http://dx.doi.org/10.15408/jti.v11i1.7220,,10.15408/jti.v11i1.7220,2800370617,,0,,0,true,cc-by-sa,gold
071-722-817-653-461,An Extended Immune-based Model for Computer,,2008,,,,,,Forensics Juling Ding,"In this paper, an extended model of network surveillance and dynamic computer forensics based on artificial immune system is presented. The proper time for forensic cell to catch evidence is given out. And the digital water-mark method of encapsulation and preservation for digital evidences is introduced. The experiments show that the model has the features of self-adaption, self-learning, distribution, and real time.",,,,,Data mining; Engineering; Artificial intelligence; Proper time; Extended model; Computer forensics; Encapsulation (networking); Artificial immune system,,,,,http://ieeexplore.ieee.org/iel5/4721667/4721668/04721960.pdf http://ieeexplore.ieee.org/abstract/document/4721960,http://ieeexplore.ieee.org/iel5/4721667/4721668/04721960.pdf,,,2184247050,,0,,0,false,,
071-800-728-068-632,디지털 포렌식과 법적 문제 고찰,2006-06-01,2006,,,,,,null 양근원,"Recently, the environment consisting of our legal life is changing. The environment is changing from the analog age to digital age. It is a main stream that the analog data has been converted to the digital data, and more than 90% of new information are produced by digital methods nowadays. But these digital environments have produced a new type of evidence called digital evidence. It is questionable that the digital data can be collected, analyzed and used for evidence as same as by the method of physical evidence. Digital data hold a status of independent information which overpass the limitation of physical sphere or space. Large and complex volume of data can be stored in just one flash time and various technologies are used to do it. Furthermore, as digital evidence could be changed and deleted easily. Therefore, digital forensics that legal conception applies to technology and take its result as evidence should be considered in depth. I have covered an overview of digital forensics contained substantially technical factors in terms of characteristics of digital evidence. I have researched an issue of the position and existed formation of digital forensics In this thesis, I have reviewed the legal application in terms of technical issues. Even it could not be enough, this proposed issue hopefully become a triggering point that Korean criminal procedural law could be amended. In addition, there should be a lot of discussion about digital forensics. And Reasonable and justifiable legal system should be introduced with the development of scientific technology.",,,205,246,Engineering; Analog signal; Point (typography); Space (commercial competition); Procedural law; Digital data; Digital evidence; Computer security; Computer forensics; Digital forensics,,,,,https://www.dbpia.co.kr/Journal/articleDetail?nodeId=NODE01548991 http://dspace.kci.go.kr/handle/kci/1427720,https://www.dbpia.co.kr/Journal/articleDetail?nodeId=NODE01548991,,,1931049439,,0,,1,false,,
071-910-164-950-466,A Didactic Tool for Digital Forensics,,2022,conference proceedings article,Human Factors in Cybersecurity,27710718,AHFE International,,Ebru Cankaya; Anindita Palit; Elissa Williams,"<jats:p>Several tools exist for performing digital forensics investigations on evidence data. As the vast variety of options available provides a wide span of choices to select from, this variation itself contributes to the complexity of learning and navigating these tools. To facilitate user’s learning efforts, we present a didactic tool that can be used to explore different digital forensics tools for investigating various evidence files in different OS platforms. We use synthetically generated data in the form of a made up scenario that offers safe, realistic, yet reliable data analysis. The digital forensics tools we use are Autopsy, WinHex, ProDiscover, and StegHide; and we demonstrate the execution of these tools in two different OS platforms as Windows and Mac. Our tool is promising to offer explanation and deep insight into commonly available digital forensics tools, and is offered to serve digital forensics students and/or professionals.</jats:p>",,,,,,,,,,,http://dx.doi.org/10.54941/ahfe1002197,,10.54941/ahfe1002197,,,0,,0,false,,
072-012-331-323-673,Morphological species identification of wildlife forensic evidence based on digital images,,2021,journal article,Forensic Science International: Animals and Environments,26669374,Elsevier BV,,Pepper W. Trail,"Abstract Species identifications of wildlife items from digital images are critical to many wildlife crime investigations. Digital images downloaded from social media or cell phones may be the only wildlife evidence available for examination. In other cases, examination of emailed photographs by morphological experts may provide probable cause for seizure of suspect items in time-sensitive situations such as customs inspections. This paper outlines protocols to document provisional identifications from emailed photos, and to assure the integrity of digital images submitted as evidence. These are based on the practices followed at the National Fish and Wildlife Laboratory (NFWFL) of the U.S. Fish and Wildlife Service Office of Law Enforcement (OLE).",1,,100021,,Internet privacy; Probable cause; Forensic science; Geography; Suspect; Law enforcement; Service (business); Wildlife; Digital image; Social media,,,,,https://www.sciencedirect.com/science/article/pii/S2666937421000202,http://dx.doi.org/10.1016/j.fsiae.2021.100021,,10.1016/j.fsiae.2021.100021,3183165376,,0,041-218-119-442-068; 043-547-957-059-869; 047-562-841-072-093; 089-250-953-730-178; 090-141-359-296-439; 096-399-144-888-441; 161-677-179-240-146; 162-083-325-708-201,1,true,"CC BY, CC BY-NC-ND",gold
072-654-582-113-608,Emergency 911 System,,2017,book chapter,Cell Phone Location Evidence for Legal Professionals,,Elsevier,,Larry Daniel,,,,89,98,Engineering; Mobile phone tracking; Ping (video games); GSM services; Phone; Wireless; Global Positioning System; U-TDOA; Telecommunications,,,,,https://www.sciencedirect.com/science/article/pii/B9780128093979000122,http://dx.doi.org/10.1016/b978-0-12-809397-9.00012-2,,10.1016/b978-0-12-809397-9.00012-2,2669921776,,0,,0,false,,
073-176-805-913-104,TESTING AND EVALUATING THE HARMONIZED DIGITAL FORENSIC INVESTIGATION PROCESS IN POST MORTEM DIGITAL INVESTIGATIONS,2014-05-28,2014,,,,,,Emilio Raymond Mumba; Hein S. Venter,"Existing digital forensic investigation process models have provided guidelines for identifying and preserving potential digital evidence captured from a crime scene. However, for any of the digital forensic investigation process models developed across the world to be adopted and fully applied by the scientific community, it has to be tested. For this reason, the Harmonized Digital Forensic Investigation Process (HDFIP) model, currently a working draft towards becoming an international standard for digital forensic investigations (ISO/IEC 27043), needs to be tested. This paper, therefore, presents the findings of a case study used to test the HDFIP model implemented in the ISO/IEC 27043 draft standard. The testing and evaluation process uses an anonymised real-life case to test each subprocess (grouped in classes) of the HDFIP model to show that it maintains a structured and precise logical flow that aims to provide acceptance, reliability, usability, and flexibility. The case study used also helps to analyse the effectiveness of the HDFIP model to ensure that the principles of validity and admissibility are fulfilled. A process with these properties would reduce the disparities within the field of digital forensic investigations and achieve global acceptance and standardization.",,,83,98,Software engineering; Engineering; Usability; Crime scene; Standardization; Digital evidence; Computer security; Process (engineering); Reliability (statistics); Process modeling; Digital forensics,,,,,https://commons.erau.edu/adfsl/2014/wednesday/3/ https://commons.erau.edu/cgi/viewcontent.cgi?article=1289&context=adfsl,https://commons.erau.edu/adfsl/2014/wednesday/3/,,,1779735160,,0,004-872-169-627-620; 020-944-423-224-895; 025-782-023-579-032; 038-668-970-194-854; 048-141-687-795-752; 060-808-935-547-406; 078-730-781-174-18X; 107-440-240-162-404; 120-697-354-224-33X; 133-397-275-695-990; 145-616-913-856-289; 171-637-120-942-780; 190-065-821-748-92X; 199-745-676-923-766,5,false,,
073-771-062-484-447,Forensic Enhancement of Digital Audio Recordings,2007-05-15,2007,journal article,Journal of The Audio Engineering Society,15494950,,,Bruce E. Koenig; Douglas S. Lacey; Steven A. Killion,"A protocol is described to improve the voice intelligibility of investigative and other forensic audio recordings collected via digital recording systems, whether audio only or audio/video units. Sections are included on the differences between analog and digital recordings used in the forensic field, appropriate laboratory space, applicable equipment and software, enhancement examination procedures, enhancement examples, evidence handling, and expert testimony.",55,5,352,371,Sound recording and reproduction; Intelligibility (communication); Software; Digital recording; Speech recognition; Computer science; Digital audio,,,,,https://www.aes.org/e-lib/browse.cfm?elib=14163,https://www.aes.org/e-lib/browse.cfm?elib=14163,,,1593665414,,0,,21,false,,
073-771-451-612-879,"Digital Forensics Workflow as A Mapping Model for People, Evidence, and Process in Digital Investigation",,2018,journal article,International Journal of Cyber-Security and Digital Forensics,23050012,The Society of Digital Information and Wireless Communications (SDIWC),,Subekti Ningsih; Riadi Yudi Prayudi,,7,3,294,304,Workflow; Computer science; Process (engineering); Multimedia; Wireless; Digital forensics,,,,,http://sdiwc.net/digital-library/digital-forensics-workflow-as-a-mapping-model-for-people-evidence-and-process-in-digital-investigation,http://dx.doi.org/10.17781/p002463,,10.17781/p002463,2903984546,,0,008-346-706-954-826; 019-698-064-288-240; 025-257-762-793-993; 026-774-296-742-022; 028-874-299-732-939; 038-287-375-579-320; 046-169-392-846-761; 051-039-889-631-382; 051-161-858-118-526; 138-232-752-906-225; 147-631-422-817-38X; 177-426-892-442-266,0,false,,
073-790-480-897-758,Digital Evidence Certainty Descriptors (DECDs),,2020,journal article,Forensic Science International: Digital Investigation,26662817,Elsevier BV,,Graeme Horsman,,32,,200896,,Set (psychology); Data science; Digital data; Expression (architecture); Digital evidence; Field (computer science); Computer science; Interpretation (philosophy); Certainty; Digital forensics,,,,,https://www.sciencedirect.com/science/article/pii/S1742287619303123,http://dx.doi.org/10.1016/j.fsidi.2019.200896,,10.1016/j.fsidi.2019.200896,2990925386,,0,000-281-908-950-22X; 003-359-256-146-450; 006-933-430-647-14X; 008-364-588-981-258; 014-580-488-694-132; 016-033-143-009-953; 017-792-811-186-108; 018-182-926-340-45X; 019-960-035-950-902; 020-867-396-119-347; 021-798-083-032-603; 032-451-540-235-796; 042-788-172-660-874; 044-552-087-341-555; 044-895-263-937-02X; 061-269-967-405-492; 062-923-490-829-764; 067-257-260-685-072; 070-378-356-319-383; 071-940-409-825-573; 101-436-770-235-826; 102-243-142-344-71X; 103-760-328-285-801; 111-488-239-742-003; 149-617-274-050-94X; 182-948-315-861-769,5,false,,
074-136-192-673-661,The Conceivability And Admissibility Of Forensic Evidence from IoT Devices in Digital Forensics,2020-05-01,2020,journal article,Digital Forensics (4n6) Journal,25821172,Digital Forensics (4N6),,Tanmayee Tilekar,"<jats:p>This article focuses on the prospects of IoT devices held by the users for their personal usages or in Workspace Mobility or Smart Home Solutions. IoT devices are now burgeoning its capability with the incorporation of Artificial Intelligence, Edge AI, RPA(Robotic Process Automation), AutoML, ARVR and NLP( Natural Language Processing). There are many superfluous IoT Devices and Industry 4.0 based Solutions in the market with great features in use such as Google Home Mini, Google Home Voice Controller, Amazon Echo plus Voice Controller, Kuri Mobile Robot, August Smart Lock than the others. These devices record, store or sometimes transmit the user inputs plus activities and it is unclear to what extent they record and store at each instance. There are countable instances of news and Forensic Use Cases from different parts of the globe which enlighten statements where The Court of Law has demanded the data recorded by the IoT devices as Digital Evidences to complete IOT Crimes Investigations.</jats:p>",,,53,54,Computer security; Computer science; Internet of Things; Digital forensics,,,,,http://dx.doi.org/10.46293/4n6/2020.02.02.10,http://dx.doi.org/10.46293/4n6/2020.02.02.10,,10.46293/4n6/2020.02.02.10,3021355926,,0,,0,false,,
074-271-546-742-17X,The prevalence of encoded digital trace evidence in the nonfile space of computer media(,2014-07-23,2014,journal article,Journal of forensic sciences,15564029; 00221198,Wiley-Blackwell,United States,Simson L. Garfinkel,"Forensically significant digital trace evidence that is frequently present in sectors of digital media not associated with allocated or deleted files. Modern digital forensic tools generally do not decompress such data unless a specific file with a recognized file type is first identified, potentially resulting in missed evidence. Email addresses are encoded differently for different file formats. As a result, trace evidence can be categorized as Plain in File (PF), Encoded in File (EF), Plain Not in File (PNF), or Encoded Not in File (ENF). The tool bulk_extractor finds all of these formats, but other forensic tools do not. A study of 961 storage devices purchased on the secondary market and shows that 474 contained encoded email addresses that were not in files (ENF). Different encoding formats are the result of different application programs that processed different kinds of digital trace evidence. Specific encoding formats explored include BASE64, GZIP, PDF, HIBER, and ZIP.",59,5,1386,1393,Encoding (memory); Data file; Digital media; Trace evidence; Computer science; Base64; Image file formats; Database; Digital forensics; File format,BASE64; GZIP; Microsoft Xpress; PDF; ZIP; bulk_extractor; digital forensics; encoded nonfile; forensic science; optimistic decompression; real data corpus,,,U.S. Department of Defense,https://europepmc.org/article/PMC/PMC4263158 https://core.ac.uk/display/36736445 http://simson.net/clips/academic/2014.JOFS.EncodedData.pdf https://www.ncbi.nlm.nih.gov/pmc/articles/PMC4263158 https://onlinelibrary.wiley.com/doi/full/10.1111/1556-4029.12528 https://onlinelibrary.wiley.com/doi/pdf/10.1111/1556-4029.12528,http://dx.doi.org/10.1111/1556-4029.12528,25053280,10.1111/1556-4029.12528,1969896394,PMC4263158,0,004-652-388-189-304; 009-832-452-035-773; 010-985-077-415-59X; 025-832-466-975-926; 071-079-281-371-668; 082-363-954-997-25X; 085-214-277-668-01X; 100-925-003-172-052,2,true,cc-by-nc,hybrid
074-324-806-516-184,Reconstructing and visualizing evidence of artifact from firefox sessionstorage,,2015,,,,,,Shinichi Matsumoto; Yuya Onitsuka; Junpei Kawamoto; Kouichi Sakurai,"Importance of digital forensics is expected to increase in the future. Many of researches on digital forensics are targeted to persistent memory. These researches concerns about the extraction of evidence directly or via filesystem. On the other hand, there is a movement to employ the Web browser supports HTML5 as software platform. In this situation, it is considered that the forensics techniques for extracting evidences from HTML5 browser is important.",8909,,83,94,World Wide Web; Thesaurus (information retrieval); Software; Artifact (software development); Computer science; HTML5; Digital forensics,,,,,https://jglobal.jst.go.jp/en/detail?JGLOBAL_ID=201902204360889037,https://jglobal.jst.go.jp/en/detail?JGLOBAL_ID=201902204360889037,,,3195029939,,0,,0,false,,
074-462-545-065-957,Implement Artificial Intelligence Add-In to execute Digital Forensics Investigation Software.,,2020,,,,,,Shaikha Hassan,"Implement Artificial Intelligence Machine Learning Add- In to execute Digital Forensics investigations. Searching the evidence from a database feeder with the objective needs to be learned by reinforcement learning. The pro­grammed Add-In programmed with an algorithm aiming and expect the Machine through trial-and-error to achieve that goal attempting to climb over the most object recog­nition until it finds with different percentages.; ; The Add-In will utilize the searching in the evidence copy any related pictures or photos which will be uploaded in the internal migrated database. Artificial Intelligence Add-In will help in protecting the suspect’s privacy from being seen by the digital forensic examiner/investigator. Moreover, it will illustrate related compared images to the investigator with the compared percentage and permit the digital examiner/investigator to search in a specific time frame, which usually will be in the time frame of the incidents",,,,,Frame (networking); Artificial intelligence; Software; Suspect; Specific time; Computer science; Object (computer science); Upload; Digital forensics; Reinforcement learning,,,,,https://toxicology.imedpub.com/abstract/implement-artificial-intelligence-addin-to-execute-digital-forensics-investigation-software-33154.html https://toxicology.imedpub.com/implement-artificial-intelligence-addin-to-execute-digital-forensics-investigation-software.pdf,https://toxicology.imedpub.com/abstract/implement-artificial-intelligence-addin-to-execute-digital-forensics-investigation-software-33154.html,,,3157422623,,0,,0,false,,
074-614-672-576-143,Evaluation of Digital Forensic Process Models with Respect to Digital Forensics as a Service,2017-06-01,2017,,,,,,Xiaoyu Du; Nhien-An Le-Khac; Mark Scanlon,"Digital forensic science is very much still in its infancy, but is becoming increasingly invaluable to investigators. A popular area for research is seeking a standard methodology to make the digital forensic process accurate, robust, and efficient. The first digital forensic process model proposed contains four steps: Acquisition, Identification, Evaluation and Admission. Since then, numerous process models have been proposed to explain the steps of identifying, acquiring, analysing, storage, and reporting on the evidence obtained from various digital devices. In recent years, an increasing number of more sophisticated process models have been proposed. These models attempt to speed up the entire investigative process or solve various of problems commonly encountered in the forensic investigation. In the last decade, cloud computing has emerged as a disruptive technological concept, and most leading enterprises such as IBM, Amazon, Google, and Microsoft have set up their own cloud-based services. In the field of digital forensic investigation, moving to a cloud-based evidence processing model would be extremely beneficial and preliminary attempts have been made in its implementation. Moving towards a Digital Forensics as a Service model would not only expedite the investigative process, but can also result in significant cost savings - freeing up digital forensic experts and law enforcement personnel to progress their caseload. This paper aims to evaluate the applicability of existing digital forensic process models and analyse how each of these might apply to a cloud-based evidence processing paradigm.",,,573,581,Data science; Digital forensic process; Service (systems architecture); Computer science; Process (engineering); IBM; Process modeling; Identification (information); Cloud computing; Digital forensics,,,,,https://dblp.uni-trier.de/db/journals/corr/corr1708.html#abs-1708-01730 https://forensicsandsecurity.com/papers/ProcessModelsDFaaS.pdf http://ui.adsabs.harvard.edu/abs/2017arXiv170801730D/abstract https://www.markscanlon.co/papers/ProcessModelsDFaaS.php https://arxiv.org/abs/1708.01730 https://forensicsandsecurity.com/papers/ProcessModelsDFaaS.php https://markscanlon.co/papers/ProcessModelsDFaaS.pdf,https://dblp.uni-trier.de/db/journals/corr/corr1708.html#abs-1708-01730,,,2963131312,,0,,11,true,,
074-782-777-153-860,ICCSA (1) - A Fuzzy Expert System for Network Forensics,,2004,book chapter,Computational Science and Its Applications – ICCSA 2004,03029743; 16113349,Springer Berlin Heidelberg,Germany,Jung-Sun Kim; Min-Soo Kim; Bong-Nam Noh,"The field of digital forensic science emerged as a response to the growth of a computer crime. Digital forensics is the art of discovering and retrieving information about a crime in such a way to make digital evidence admissible in court. Especially, network forensics is digital forensic science in networked environments. The more network traffic, the harder network analyzing. Therefore, we need an effective and automated analyzing system for network forensics. In this paper, we develop a fuzzy logic based expert system for network forensics that can analyze computer crimes in networked environments and make digital evidences automatically. This system can provide an analyzed information for forensic experts and reduce the time and cost of forensic analysis.",,,175,182,Legal expert system; Forensic science; Digital evidence; Fuzzy expert system; Field (computer science); Computer security; Computer science; Network forensics; Fuzzy logic; Expert system; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/iccsa/iccsa2004-1.html#KimKN04 https://link.springer.com/chapter/10.1007%2F978-3-540-24707-4_22 https://rd.springer.com/chapter/10.1007/978-3-540-24707-4_22 https://link.springer.com/content/pdf/10.1007/978-3-540-24707-4_22.pdf https://doi.org/10.1007/978-3-540-24707-4_22,http://dx.doi.org/10.1007/978-3-540-24707-4_22,,10.1007/978-3-540-24707-4_22,1546738276,,0,018-882-942-469-672; 023-555-526-255-547; 026-203-225-731-167; 037-423-792-391-123; 065-326-136-386-79X; 102-496-748-953-099; 123-273-858-461-486; 131-161-724-039-419; 132-688-692-083-155; 140-605-307-595-60X; 141-194-188-948-515,18,false,,
074-993-349-315-894,On the Electronic Evidence in Criminal Procedures,,2013,journal article,Chinese Journal of Forensic Sciences,16712072,,,Gu Fang,"The electronic evidence was first regarded as the independent proof in the modified Criminal Procedure Law in 2012,but related rules of evidence are still not perfect.The current researches mainly focus on digital evidence collection and identification techniques,and lack the study of basic rules and regulations about it.This paper,on the basis of existing problems in the forensic practice of digital evidence,analyses some issues of digital evidence,including the authentication,the proof power and the illegal evidence elimination rule,and puts forward a further discussion on how to strengthen the limitation of electronic evidence.",,,,,Authentication (law); Rules of evidence; Digital evidence; Computer security; Criminal procedure; Computer forensics; Medicine; Identification (information),,,,,https://en.cnki.com.cn/Article_en/CJFDTOTAL-SFJD201302018.htm,https://en.cnki.com.cn/Article_en/CJFDTOTAL-SFJD201302018.htm,,,2350198148,,0,,0,false,,
075-119-005-863-649,Investigating Proactive Digital Forensics Leveraging Adversary Emulation,2022-09-09,2022,journal article,Applied Sciences,20763417,MDPI AG,,Valentine Machaka; Titus Balan,"<jats:p>Traditional digital forensics techniques are becoming obsolete due to rapid technological change. Proactive digital forensic investigations (PDFI) solve the challenges of cloud computing forensics such as evidence identification, collection, preservation, and timelining from heterogeneous cumulative data. Cumulative data heterogeneity poses significant challenges to the sound collection of electronically stored information (ESI) or digital evidence across cloud endpoints and/or networked systems. In addition, the distribution of networked systems and/or cloud environments makes it impossible for forensics investigators to be present at several premises to perform the investigation. Hence, it is important to have PDFI in place to ensure continuous operation in the event of a cyberattack, because it does not require the presence of an investigator at the target location. In this study, researchers put the idea of proactive digital forensics to the test and concluded that it is an indispensable tool for networked systems and cloud computing environments in response to modern-day digital forensics challenges. This research was based on an experimental computer science and engineering approach using a virtualised environment simulating an information communication infrastructure. To generate evidence (digital artefacts), and validate the proof-of-concept, adversary emulation was used by adapting the MITRE ATT&amp;CK framework. Research results have shown that PDFI improves digital forensics activities in terms of speed and accuracy, thereby providing credible and timely comprehensive digital evidence. Enhanced Incident detection capabilities enable an analyst to focus much more on forensic investigation functions and thus perform their tasks effectively. However, the legality of live and/or remote forensics is still of great concern in several jurisdictions, thereby affecting the credibility of digital artefacts obtained in this manner. Nevertheless, where possible, the law component should also be kept up to date with modern-day technologies to solve any inconveniences caused by the ever-growing technology demands.</jats:p>",12,18,9077,9077,Digital forensics; Computer science; Network forensics; Emulation; Cloud computing; Adversary; Digital evidence; Computer security; Identification (biology); Event (particle physics); Computer forensics; Data science; Botany; Physics; Quantum mechanics; Economics; Biology; Economic growth; Operating system,,,,,,http://dx.doi.org/10.3390/app12189077,,10.3390/app12189077,,,0,005-515-442-506-880; 021-289-112-719-629; 025-815-030-235-519; 026-774-296-742-022; 046-143-775-958-052; 050-182-526-714-74X; 053-343-993-293-183; 091-531-552-633-070; 096-743-348-982-819; 113-474-844-200-128; 183-000-233-873-221; 184-069-302-229-82X,0,true,cc-by,gold
075-366-793-103-250,iThings/GreenCom/CPSCom/SmartData - Digital Forensics Challenges to Big Data in the Cloud,,2017,conference proceedings article,"2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData)",,IEEE,,Xiaohua Feng; Yuping Zhao,"As a new research area, Digital Forensics is a subject in a rapidly developing society. Cyber Security for Big Data in the Cloud is getting more attention than ever. A computing breach requires digital forensics to seize digital evidence to determine who is responsible and what has been done maliciously and the possible further consequences. In particular, for Big Data attack cases, Digital Forensics is facing even more challenge for earlier digital breach investigations. For the PPI (Protection of Personal Information) a GDPR (General Data Protection Regulation) law has been launched to be implemented from the 25th May 2018. This compulsory regulation will have an important impact on healthcare PPI in the cloud (ICO, 2017, Deloitte, 2014). Nowadays, Big Data with the characteristics of three “V”s (Volume, Velocity, and Variety), are either synchronized with the Cloud, or stored in the Cloud, in order to solve the storage capacity and so on problems, which made Digital Forensics investigation even more difficult. The Big Data Digital Forensics issue for the Cloud is difficult. One of them is the need to identify which physical devices have been compromised. Data are distributed in the Cloud, so the customer or digital forensics practitioner cannot have full access control like the traditional investigation does. Smart City are making use of ICT (information communications technology) to collect, detect, analyze and integrate the key information data of core systems in running the cities. Meanwhile, the Control Centre is making intelligent responses to different requirements that include daily livelihood, PPI security, environmental protection, public safety, industrial and commercial activities and city services. The Smart City healthcare Big Data are collected and gathered by the IoT (Internet of Things) (Liu, 2014, Qi, 2016) and applying GDPR prevent Cyberstalking and Cybercrimes. This paper summerises our review on the trends of Digital Forensics used for Big Data. The evidence acquisition challenge is discussed. A case study of a Smart City project with IoT services collecting Big Data which are stored in the Cloud computing environment is represented. The techniques can be generalised to other Big Data in the Cloud environment.",,,858,862,Personally identifiable information; Cloud computing security; Smart city; Digital evidence; General Data Protection Regulation; Computer security; Computer science; Big data; Cloud computing; Digital forensics,,,,,http://uobrep.openrepository.com/uobrep/bitstream/10547/622088/2/x%20feng%20Digital%20Forensics%20Challenges%20to%20Big%20Data%20in%20the%20Cloud.pdf https://doi.org/10.1109/iThings-GreenCom-CPSCom-SmartData.2017.132 https://core.ac.uk/display/82971343 https://dblp.uni-trier.de/db/conf/ithings/ithings2017.html#FengZ17 https://uobrep.openrepository.com/handle/10547/622088 https://core.ac.uk/download/82971343.pdf,http://dx.doi.org/10.1109/ithings-greencom-cpscom-smartdata.2017.132,,10.1109/ithings-greencom-cpscom-smartdata.2017.132,2611380412,,0,014-558-090-827-619; 015-264-924-343-905; 022-383-540-133-808; 023-789-485-678-544; 040-522-805-403-798; 051-368-118-380-383; 059-697-278-686-056; 069-888-964-196-57X; 071-874-173-142-983; 077-532-025-251-756; 091-368-024-192-825; 091-619-263-117-914; 124-912-663-881-389; 125-817-456-334-439; 136-798-153-498-59X,9,true,cc-by-nc-nd,green
075-431-891-877-59X,IFIP Int. Conf. Digital Forensics - A Novel Approach for Generating Synthetic Datasets for Digital Forensics,2020-08-06,2020,book chapter,Advances in Digital Forensics XVI,18684238; 1868422x,Springer International Publishing,Germany,Thomas Göbel; Thomas Schäfer; Julien Hachenberger; Jan Türr; Harald Baier,"Increases in the quantity and complexity of digital evidence necessitate the development and application of advanced, accurate and efficient digital forensic tools. Digital forensic tool testing helps assure the veracity of digital evidence, but it requires appropriate validation datasets. The datasets are crucial to evaluating reproducibility and improving the state of the art. Datasets can be real-world or synthetic. While real-world datasets have the advantage of relevance, the interpretation of results can be difficult because reliable ground truth may not exist. In contrast, ground truth is easily established for synthetic datasets.",,,73,93,Data mining; Ground truth; Digital evidence; Computer science; State (computer science); Digital forensics; Relevance (information retrieval),,,,,https://link.springer.com/chapter/10.1007/978-3-030-56223-6_5 https://dblp.uni-trier.de/db/conf/ifip11-9/df2020.html#GobelSHTB20 https://rd.springer.com/chapter/10.1007/978-3-030-56223-6_5,http://dx.doi.org/10.1007/978-3-030-56223-6_5,,10.1007/978-3-030-56223-6_5,3083140882,,0,011-803-755-196-645; 012-534-389-932-297; 018-899-136-635-77X; 030-489-880-657-363; 035-516-459-750-954; 036-112-898-081-145; 047-997-437-748-154; 055-932-190-232-115; 085-418-639-723-405; 097-870-438-024-364; 098-729-131-289-265; 132-501-353-021-125; 151-228-718-033-175; 154-075-645-442-182; 165-449-016-784-414,2,false,,
075-672-938-009-122,Image Processing and Analysis,2009-04-17,2009,reference entry,Wiley Encyclopedia of Forensic Science,,"John Wiley & Sons, Ltd",,Zeno Geradts,"Forensic image processing is a field that has developed rapidly. The old fashioned analog photography has disappeared for most parts in the last decades, and has been replaced with digital imaging. In analog photo and video, editing methods, such as contrast enhancement and color filtering, are available. However, with digital imaging, these methods and more are available to a much broader user group, who can edit these images, for example, on their mobile phones, or PC's. For forensic science, we see that digital images and closed circuit television (CCTV) streams are used as evidence in court. For this reason, it is important to do a proper forensic investigation. Crime scenes are visualized on CCTV. Forensic evidence image processing is used to visualize the fingerprint, handwriting, or shoe print more clearly. In this article, an overview is given of the methods that are available for digital image processing and some examples with CCTV and fingerprints are shown, with the risks. The risks can be minimized by having a good validation process, in which representative test samples are used.",,,,,Image processing; Computer science; Computer vision; Artificial intelligence; Image (mathematics),,,,,,http://dx.doi.org/10.1002/9780470061589.fsa430,,10.1002/9780470061589.fsa430,,,0,035-592-822-881-970; 059-730-428-158-876; 122-463-264-270-35X; 180-088-494-514-913; 184-897-235-429-285,0,false,,
075-768-712-488-657,The Emergence of Cloud Storage and the Need for a New Digital Forensic Process Model,,,book chapter,Cybercrime and Cloud Forensics,,IGI Global,,Richard Adams,"Cloud computing is just one of many recent technologies that have highlighted shortcomings in the development of formal digital forensic processes, which up until now have been focused on a particular group of practitioners, such as law enforcement, and have been too high-level to be of significant practical use, or have been too detailed and specific to accommodate new technology as it emerges. Because the tools and procedures employed by digital forensic practitioners are generally outside the knowledge and understanding of the courts, they need to be described in such a way that they can be understood by the layperson. In addition, they should also conform to some standards of practice and be recognised by other practitioners working in the field (Armstrong, 2003; Kessler, 2010). Unfortunately, as Cohen (2011) points out, the whole field of digital forensics lacks consensus in fundamental aspects of its activities in terms of methodology and procedures. There has been a lot of activity around different aspects of cloud computing, and in Australia this has centered on the protection of personal data (Solomon, 2010). On an international scale, there have been several articles written by lawyers (Gillespie, 2012; Hutz, 2012; Kunick, 2012) discussing other legal considerations of accessing data in the cloud; however, this chapter looks at the issues surrounding digital evidence acquisition and introduces a new high-level process model that can assist digital forensic practitioners when it comes to presenting evidence in court that originated in the cloud.",,,79,104,Engineering; Data science; Digital forensic process; Cloud storage; Law enforcement; Digital evidence; Field (computer science); Computer security; Process (engineering); Cloud computing; Digital forensics,,,,,https://researchrepository.murdoch.edu.au/id/eprint/19431/ https://www.igi-global.com/chapter/emergence-cloud-storage-need-new/73959 https://researchrepository.murdoch.edu.au/19431/1/emergence_of_cloud_storage.pdf,http://dx.doi.org/10.4018/978-1-4666-2662-1.ch004,,10.4018/978-1-4666-2662-1.ch004,620975999,,0,000-557-324-827-169; 002-495-833-326-831; 002-905-012-250-410; 004-420-896-494-302; 004-687-382-412-544; 010-240-301-659-307; 010-545-858-169-871; 014-283-999-201-941; 017-335-677-993-203; 020-944-423-224-895; 022-455-280-454-911; 028-367-224-045-089; 031-366-678-851-548; 032-697-093-668-898; 035-448-415-847-226; 037-084-950-178-093; 038-668-970-194-854; 042-230-817-975-353; 047-414-117-046-463; 052-052-141-922-342; 054-507-171-824-189; 072-712-275-844-913; 079-795-075-139-962; 097-541-981-128-766; 118-407-807-922-529; 118-722-872-870-470; 121-951-797-869-548; 122-880-373-616-302; 132-355-634-397-986; 140-821-103-436-654; 161-140-120-629-149; 161-817-282-708-87X; 171-803-389-787-120; 183-155-928-447-559; 190-065-821-748-92X; 190-855-547-373-526; 191-091-987-993-47X; 192-810-463-153-431; 199-172-967-270-034; 199-745-676-923-766,14,true,,green
075-811-384-469-940,"Comparative Analysis of the Concepts of Digital Evidence,Electronic Evidence,Scientific Evidence and Electronic Records",,2011,journal article,Chinese Journal of Forensic Sciences,16712072,,,Liao Gen-wei,"There are several terms relating to digital evidence,with certain differences in the intension and extension.In this paper,the concepts of digital evidence,electronic evidence,scientific evidence and electronic records are analyzed from the origin of the concept,its carrier,its manifestation and the study scope.The necessity of specialized study of digital evidence is then put forward.",,,,,Scientific evidence; Data mining; Data science; Digital evidence; Electronic records; Intension; Medicine,,,,,http://en.cnki.com.cn/Article_en/CJFDTOTAL-SFJD201104019.htm,http://en.cnki.com.cn/Article_en/CJFDTOTAL-SFJD201104019.htm,,,2369884411,,0,,0,false,,
075-872-921-268-845,Research on the Rules of Electronic Evidence in Chinese Criminal Proceedings,2020-07-01,2020,journal article,International Journal of Digital Crime and Forensics,19416210; 19416229,IGI Global,United States,Jin Du; Ding Liping; Guangxuan Chen,"<p>As a new object in judicial practice, electronic evidence is of great practical significance. To locate the probative force of electronic evidence, which can be used to prove the facts of the crime, judging the electronic evidence validity, and how to establish scientific rules of electronic evidence, which not only effectively contains crime, but also protects civil rights from illegal infringement of state power becomes very important. This article outlines the definition of electronic evidence and rules and establishes a suitable electronic evidence system of China's criminal procedure system based on the analysis of problems in each link of judicial proof in judicial practice and the four aspects of judicial proof.</p>",12,3,111,121,Computer science; Engineering ethics,,,,,https://doi.org/10.4018/IJDCF.2020070108 https://www.igi-global.com/article/research-on-the-rules-of-electronic-evidence-in-chinese-criminal-proceedings/252871 https://dblp.uni-trier.de/db/journals/ijdcf/ijdcf12.html#DuDC20,http://dx.doi.org/10.4018/ijdcf.2020070108,,10.4018/ijdcf.2020070108,3015917920,,0,,1,true,,bronze
075-950-021-558-098,"""I couldn't find it your honour, it mustn't be there!"" - Tool errors, tool limitations and user error in digital forensics.",2018-04-17,2018,journal article,Science & justice : journal of the Forensic Science Society,13550306,Forensic Science Society,United Kingdom,Graeme Horsman,"The field of digital forensics maintains significant reliance on the software it uses to acquire and investigate forms of digital evidence. Without these tools, analysis of digital devices would often not be possible. Despite such levels of reliance, techniques for validating digital forensic software are sparse and research is limited in both volume and depth. As practitioners pursue the goal of producing robust evidence, they face the onerous task of both ensuring the accuracy of their tools and, their effective use. Whilst tool errors provide one issue, establishing a tool's limitations also provides an investigatory challenge leading the potential for practitioner user-error and ultimately a grey area of accountability. This article debates the problems surrounding digital forensic tool usage, evidential reliability and validation.",58,6,433,440,Data science; Accountability; Software; Task (project management); Digital evidence; User Error; Field (computer science); Computer science; Reliability (statistics); Digital forensics,Crime; Digital forensics; Errors; Software; Tool testing; Validation,,,,https://www.ncbi.nlm.nih.gov/pubmed/30446072 https://research.tees.ac.uk/ws/files/4187177/621947.pdf https://www.sciencedirect.com/science/article/abs/pii/S1355030617301508 https://core.ac.uk/display/157860311 https://research.tees.ac.uk/en/publications/i-couldnt-find-it-your-honour-it-mustnt-be-there-tool-errors-tool https://pubmed.ncbi.nlm.nih.gov/30446072/ https://core.ac.uk/download/pdf/196165647.pdf,http://dx.doi.org/10.1016/j.scijus.2018.04.001,30446072,10.1016/j.scijus.2018.04.001,2800946632,,0,000-226-390-590-140; 003-982-227-180-136; 008-598-808-594-324; 018-237-240-343-299; 021-039-461-635-181; 030-333-349-393-032; 030-981-431-605-722; 032-451-540-235-796; 059-068-317-738-428; 072-697-564-999-716; 074-299-373-252-299; 075-128-417-091-483; 081-896-209-272-043; 102-223-296-418-971; 122-474-821-859-110; 124-776-641-347-974; 131-807-250-432-699; 142-388-561-082-054; 143-427-291-811-40X; 144-724-915-219-138; 148-698-839-036-557; 182-670-398-460-931; 187-762-907-549-695,17,true,cc-by-nc,green
075-957-901-920-632,Freeware Live Forensics tools evaluation and operation tips,,,,,,,,Ricci S. C. Ieong,"Highlighted by a digital forensics investigation specialists from FBI in DFRWS 2006, live forensics investigations already become one of the most important procedures in digital forensics investigations. Many digital forensics investigation product companies have already joint the battlefield in developing their only live forensics tools. However, similar to the development trend in traditional digital forensics, evaluation criteria for Live Digital Forensics could only be standardized after operating procedures being standardized. One way to standardize the Live Digital Forensics Investigation procedure is to define the investigation objectives around the core digital forensics principles. Through the use of FORZA framework, a more legal and investigation oriented live digital forensics investigation procedures have been outlined. Based on the FORZA based procedure, a set of operation best practices, operational tips and evaluation criteria was derived. Using the derived criteria, various free Live Forensics toolkits including Windows Forensics Toolchest (WFT), Incident Response Collection Report (IRCR), First Responders Evidence Disk (FRED) and Computer Online Forensic Evidence (COFEE) were evaluated and reported in this paper.",,,,,Engineering; World Wide Web; Best practice; Data science; Battlefield; Incident response; Live forensics; Operating procedures; Digital forensics,,,,,https://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1025&context=adf https://ro.ecu.edu.au/adf/26/,http://dx.doi.org/10.4225/75/57b1305ec7050,,10.4225/75/57b1305ec7050,1560257805,,0,002-905-012-250-410; 021-850-998-857-676; 046-527-367-793-765,3,false,,
076-189-053-735-123,NCM - VoIP network forensic analysis with digital evidence procedure,2010-09-16,2010,conference proceedings,,,,,I-Long Lin; Yun-Sheng Yen; Bo-Lin Wu; Hsiang-Yu Wang,"This paper will discuss how the evildoers use communication technology to commit the crime such as the crime facts and crime techniques. The analysis will be focused on the security of Internet phone and organize a prevention method of Internet phone call attack and the attention points of setting up a Internet phone. At the same time, the importance of digital evidence and digital forensics will be pointed out. At last, this paper will combine the discussion of the digital evidence mechanism and Internet phone call in order to integrate the VoIP for the crime investigators and people who are interested in digital evidence forensics to consult.",,,236,241,Internet privacy; Commit; Voice over IP; Cryptography; Order (business); Digital evidence; Computer security; Computer science; Computer forensics; Information and Communications Technology; Digital forensics,,,,,http://ieeexplore.ieee.org/document/5572499/ https://ieeexplore.ieee.org/document/5572499/ http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000005572499,https://ieeexplore.ieee.org/document/5572499/,,,1551089724,,0,018-847-752-429-414; 026-893-174-649-526; 030-233-008-685-549; 075-128-417-091-483; 102-549-430-780-964; 118-300-398-355-438,3,false,,
076-470-845-108-034,Digital forensics and the legal system: A dilemma of our times,,,,,,,,James Tetteh Ami-Narh; Patricia A. H. Williams,"Computers have become an important part of our lives and are becoming fundamental to activities in the home and workplace. Individuals use computer technology to send emails, access banking information, pay taxes, purchase products, surf the internet and so on. Business also use computers and the Internet to perform accounting tasks, manage customer information, store trade secrets, and develop new products and services. State, Federal and Local government agencies use the computer and Internet to create and access information. Similarly, digital systems have become the mainstay of criminal activity. Legal proceedings have always been influenced by tradition and court decisions. These legal traditions and decisions have necessitated the development of complex sets of rules that are used to assess forensic evidence in legal matters. Information and communication technology has impacted enterprise investigation and associated legal matters by requiring electronic evidence to be considered. However, not all evidence presented by digital forensic investigators in legal proceedings has been admissible. The digital forensics investigator must adopt procedures that adhere to the standards of admissibility for evidence in a court of law; proper content inspection of a computer system, proper analysis documentation and professional court representation to ensure a successful outcome. This paper presents an overview of issues in the discipline of digital forensics and explores some areas in the legal system where digital forensics evidence is most likely to be questioned. These include case jurisdiction, search and seizure, spoliation of evidence and issues of “good faith”, evidence preservation, investigation and analysis.",,,,,Internet privacy; The Internet; Engineering; Jurisdiction; Spoliation of evidence; Computer technology; Computer forensics; Information and Communications Technology; Search and seizure; Digital forensics,,,,,https://ro.ecu.edu.au/adf/41/ https://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1040&context=adf http://scissec.scis.ecu.edu.au/proceedings/2008/forensics/Ami-Narh%20and%20Williams%20Digital%20Forensics%20and%20the%20legal%20system.pdf,http://dx.doi.org/10.4225/75/57b268ce40cb6,,10.4225/75/57b268ce40cb6,1525201666,,0,009-284-801-057-774; 017-335-677-993-203; 018-048-724-400-402; 020-487-672-459-141; 024-400-331-384-306; 038-668-970-194-854; 038-996-783-156-871; 043-807-511-720-729; 044-573-813-253-30X; 048-464-914-125-131; 050-308-742-156-878; 051-051-291-274-255; 056-782-547-681-50X; 063-072-686-643-463; 063-333-763-356-816; 083-347-717-642-726; 085-333-426-670-044; 092-283-444-951-14X; 099-049-784-243-130; 101-493-813-721-842; 102-129-165-838-481; 123-695-113-513-413; 124-038-348-278-602; 138-239-231-045-433; 144-672-001-748-904; 153-815-009-650-794; 167-592-705-831-583; 177-356-399-936-317,8,true,,
076-508-293-079-677,KES - SEAKER: A mobile digital forensics triage device,,2019,journal article,Procedia Computer Science,18770509,Elsevier BV,,Eric Gentry; Michael Soltys,"Abstract As our world of digital devices continues to expand, the amount of digital evidence encountered by law enforcement during case investigation is ever increasing. Faced with a preponderance of high capacity digital media devices, forensic investigators must be able to review them quickly, and establish which devices merit further attention. Utilizing a small single-board computer called Raspberry Pi, this mobile digital forensics triage device provides fast, targeted feedback for immediate evidence assessment. A digital forensic device is presented in this paper. It is named SEAKER (Storage Evaluator and Knowledge Extraction Reader)[1] and it enables forensic investigators to perform triage on many digital devices very quickly. Developed for on-scene, time-sensitive investigations, its utility extends to preventing over-collection and large backlogs at digital forensics labs worldwide.",159,,1652,1661,Knowledge extraction; Forensic science; Digital media; Triage; Law enforcement; Digital evidence; Computer science; Multimedia; Digital forensics,,,,,https://doi.org/10.1016/j.procs.2019.09.335 https://dblp.uni-trier.de/db/conf/kes/kes2019.html#GentryS19 https://www.sciencedirect.com/science/article/abs/pii/S1877050919315364 https://www.sciencedirect.com/science/article/pii/S1877050919315364,http://dx.doi.org/10.1016/j.procs.2019.09.335,,10.1016/j.procs.2019.09.335,2980390299,,0,066-235-037-082-291; 090-752-043-508-733; 184-069-302-229-82X,4,true,cc-by-nc-nd,gold
076-526-517-597-73X,Web-based expert system to determine digital forensics tool using rule-based reasoning approach,2021-06-01,2021,journal article,Journal of Physics: Conference Series,17426588; 17426596,IOP Publishing,United Kingdom,Erika Ramadhani; H R Pratama; Elyza Gustri Wahyuni,"Digital forensics is a method to trace the digital evidence using knowledge of science. There are several stages in the method of digital forensics. Each stage has their own way to use the method collaborate with the tool of digital forensics. Nowadays, there are tools that we can use in digital forensics. Therefore, not all the tool coming with the help document on how to use the tool. This situation makes the investigator have to check the feature of the tool one by one in order to suit which one is the best tool to use in some stage. To overcome this problem, we made a system to determine the right tool in digital forensics using rule-based reasoning approach. The result of this paper is web-based system to determine the right tool in digital forensics. The system shows that only 40% in suitability to help the investigator to determine the right tool. This cause by lacking of the rule consists in the reasoning approach.",1918,4,042003,,Software engineering; Rule-based system; Digital evidence; Help document; Web based expert system; Computer science; Feature (computer vision); TRACE (psycholinguistics); Digital forensics,,,,,https://iopscience.iop.org/article/10.1088/1742-6596/1918/4/042003 https://iopscience.iop.org/article/10.1088/1742-6596/1918/4/042003/pdf https://ui.adsabs.harvard.edu/abs/2021JPhCS1918d2003R/abstract,http://dx.doi.org/10.1088/1742-6596/1918/4/042003,,10.1088/1742-6596/1918/4/042003,3168746969,,0,006-547-691-138-217; 007-790-059-029-953; 069-862-548-231-596; 084-296-717-156-065; 104-787-005-142-28X,1,true,,gold
076-698-947-460-953,A Triage Triangle Strategy for Law Enforcement to Reduce Digital Forensic Backlogs,,2020,conference proceedings article,2020 22nd International Conference on Advanced Communication Technology (ICACT),,IEEE,,Da-Yu Kao; Ni-Chen Wu; Fu-Ching Tsai,"The explosive growth of computer technologies creates many electronic data and produces much digital evidence of people's lives. As technology has improved, the volume of data for cybercrime investigation keeps growing at unprecedented rates and creating a quandary for Law Enforcement Agencies (LEAs). This study discusses the rise of digital evidence and the triage needs in digital forensic processing. It requires the sincere examination of all available data volumes at the scene or in the lab to present digital evidence in a court of law. In order to maintain the relevance, reliability, and sufficiency of digital evidence, investigators must establish a process model that can provide a quick response at the scene. This study proposes the novel triage triangle strategy of digital forensic components and illustrates TEAR phases from the viewpoint of THOR dimensions to describe the proper practices for identifying, collecting, acquiring, and preserving the digital data. It facilitates the efficiency and effectiveness of reducing digital forensic backlogs for LEAs.",,,,,Relevance (law); Triage; Cybercrime; Law enforcement; Digital evidence; Computer security; Computer science; Digital forensics,,,,,http://xplorestaging.ieee.org/ielx7/9046057/9061230/09061240.pdf?arnumber=9061240 http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=9061240,http://dx.doi.org/10.23919/icact48636.2020.9061240,,10.23919/icact48636.2020.9061240,3015503851,,0,016-526-859-340-786; 017-815-064-018-299; 019-831-293-743-518; 025-782-023-579-032; 077-314-954-898-241; 119-712-669-804-088; 168-819-441-615-181,2,false,,
076-736-545-734-215,A Framework for Digital Forensics and Investigations: The Goal-Driven Approach,2013-04-01,2013,journal article,International Journal of Digital Crime and Forensics,19416210; 19416229,IGI Global,United States,Shareeful Islam; Benjamin Aziz; Clive Blackwell,"Digital forensics investigations are an important task for collecting evidence based on the artifacts left in computer systems for computer related crimes. The requirements of such investigations are often a neglected aspect in most of the existing models of digital investigations. Therefore, a formal and systematic approach is needed to provide a framework for modeling and reasoning about the requirements of digital investigations. In addition, anti-forensics situations make the forensic investigation process challenging by contaminating any stage of the investigation process, its requirements, or by destroying the evidence. Therefore, successful forensic investigations require understanding the possible anti-forensic issues during the investigation. In this paper, the authors present a new method for guiding digital forensics investigations considering the anti-forensics based on goal-driven requirements engineering methodologies, in particular KAOS. Methodologies like KAOS facilitate modeling and reasoning about goals, requirements and obstacles, as well as their operationalization and responsibility assignments. The authors believe that this new method will lead in the future to better management and organization of the various steps of forensics investigations in cyberspace as well as provide more robust grounds for reasoning about forensic evidence.",5,2,1,22,Evidence-based practice; Data science; KAOS; Task (project management); Cyberspace; Computer security; Computer science; Process (engineering); Requirements engineering; Digital forensics; Operationalization,,,,,https://dblp.uni-trier.de/db/journals/ijdcf/ijdcf5.html#AzizBI13 https://researchportal.port.ac.uk/portal/en/publications/a-framework-for-digital-forensics-and-investigations-the-goaldriven-approach(922b64de-7919-4f1a-8313-3455bd3edb36)/export.html https://dl.acm.org/doi/10.4018/jdcf.2013040101 https://www.igi-global.com/article/a-framework-for-digital-forensics-and-investigations/83486,http://dx.doi.org/10.4018/jdcf.2013040101,,10.4018/jdcf.2013040101,1965414993,,0,000-546-270-897-052; 014-062-831-760-337; 019-831-293-743-518; 020-944-423-224-895; 025-166-987-232-333; 029-666-156-007-406; 030-359-893-882-572; 033-570-813-399-728; 035-448-415-847-226; 038-668-970-194-854; 062-032-128-092-406; 063-026-323-866-388; 071-269-562-942-065; 076-736-545-734-215; 078-598-867-814-365; 078-817-460-650-140; 081-032-497-600-401; 118-722-872-870-470; 122-880-373-616-302; 128-788-768-099-342; 137-854-345-065-123; 144-786-887-819-307; 160-421-312-635-281; 184-948-841-629-735; 190-065-821-748-92X; 199-901-259-164-000,4,false,,
076-771-386-025-262,Behavioural Evidence Analysis: A Paradigm Shift in Digital Forensics,,2021,journal article,International Journal of Digital Crime and Forensics,19416210; 19416229,IGI Global,United States,Barkha Shree; Parneeta Dhaliwal,"<jats:p>Recent developments in digital forensics (DF) have emphasized that along with inspection of digital evidence, the study of behavioural clues based on behavioural evidence analysis (BEA) is vital for accurate and complete criminal investigation. This paper reviews the existing BEA approaches and process models and concludes the lack of standardisation in the BEA process. The research comprehends that existing BEA methodologies are restricted to specific characteristics of the forensic domain in question. To address these limitations, the paper proposes a standardised approach detailing the step-by-step implementation of BEA in the DF process. The proposed model presents a homogenous technique that can be practically applied to real-life cases. This standard BEA framework classifies digital evidence into categories to decipher associated offender characteristics. Unlike existing models, this new approach collects evidence from diverse sources and leaves no aspect unattended while probing criminal behavioural cues, thus facilitating its applicability across varied forensic domains.</jats:p>",13,5,20,42,Data science; Evidence analysis; Computer science; Paradigm shift; Digital forensics,,,,,https://www.igi-global.com/article/behavioural-evidence-analysis/283125,http://dx.doi.org/10.4018/ijdcf.20210901.oa2,,10.4018/ijdcf.20210901.oa2,3181479678,,0,000-712-448-585-138; 001-710-107-055-603; 001-888-175-704-116; 003-692-278-633-267; 004-866-932-432-464; 004-872-169-627-620; 006-352-188-170-383; 006-382-928-763-481; 007-314-571-885-858; 007-489-161-042-780; 009-559-103-724-357; 010-963-610-208-920; 011-235-649-827-930; 013-568-618-083-770; 014-592-593-375-086; 020-944-423-224-895; 021-602-056-743-808; 025-770-745-916-602; 026-774-296-742-022; 029-509-980-283-055; 030-648-224-908-422; 030-725-210-334-09X; 037-194-651-631-81X; 046-806-348-582-163; 049-407-078-832-062; 050-751-725-872-625; 051-738-543-964-887; 053-204-120-030-157; 054-669-308-553-175; 059-259-578-782-71X; 059-851-945-677-333; 066-982-929-881-426; 067-410-380-403-816; 080-843-774-169-836; 082-055-672-791-486; 084-482-560-050-594; 085-858-788-409-152; 090-256-483-119-640; 098-276-664-978-304; 098-443-818-109-247; 099-528-795-169-106; 101-147-258-831-898; 104-258-481-168-508; 104-543-353-812-920; 117-151-034-673-328; 118-838-969-146-870; 118-968-004-680-589; 123-298-398-659-061; 130-131-335-093-872; 145-062-913-009-934,1,true,,gold
076-989-753-469-554,The Presumption of Innocence as a Source for Universal Rules on Digital Evidence — The guiding principle for digital forensics in producing digital evidence for criminal investigations,2021-06-01,2021,journal article,Computer Law Review International,21944164,Verlag Dr. Otto Schmidt,,Radina Stoykova,,22,3,74,82,,,,,,,http://dx.doi.org/10.9785/cri-2021-220303,,10.9785/cri-2021-220303,,,0,,0,false,,
077-192-695-325-584,"Introduction to HICCS-47 Digital Forensics - Education, Research and Practice Minitrack",,2013,,,,,,Kara Nance,"The field of digital forensics has evolved to allow security professionals to examine evidence from the increasing plethora of digital devices to help determine what individuals might have done in the past. The evidence collected is used in a wide variety of settings: from corporate server farms to police raids on criminals' houses to the modern battlefield, and now to international cloud environments. This year, we accepted three papers for presentation in the Digital Forensics Education and Research Minitrack which should promote an interesting discussion on anti-forensics as well as the opportunity to demonstrate some new educational techniques to stimulate our next generation of digital forensic researchers. The papers in this session represent much of the ongoing work in the forensics community and are an exciting sample of a larger body of work dedicated to ensuring that digital evidence remains available and useful for the good of the public. While mobile devices continue to grow in their complexity and widespread use, their vulnerabilities increase. As digital forensics techniques are developed, anti-forensic techniques also evolve in an ongoing “arms race.” This year two papers address the important concept of anti-forensics. In Mobile Phone OS Anti-Forensics by Karlsson and Glisson, they discuss how Android mobile devices inherently create opportunities to present environments that are conducive to anti-forensics activities. This paper will stimulate discussion on the viability of operation system modifications in an antiforensics context and provides a direction for future research in this area. In iOS Anti-forensics: How Can We Securely Conceal, Delete, and Insert Data? D’Orazion, Ariffin and Choo consider some of the same issues, but as applied to an iOS environment. They propose three techniques: concealment, deletion, and insertion, which may be challenging to detect during a forensics investigation. Our final paper, Teaching Digital Forensics Techniques for Process Identification within Linux Environments, describes an intriguing digital forensics Honeynet Project Challenge that can be adapted for educational purposes in a lab-lecture format. McDaniel and Hay address some of the challenges that complicate the design and presentation of traditional digital forensics exercises and provide in-depth discussion of a proven example that can be used and extended by digital forensics educators. 2014 47th Hawaii International Conference on System Science",,,,,Systems science; Mobile device; Honeypot; Data science; Mobile phone; Digital evidence; Computer science; Android (operating system); Cloud computing; Digital forensics,,,,,https://www.computer.org/csdl/proceedings/hicss/2014/2504/00/2504e827.pdf,https://www.computer.org/csdl/proceedings/hicss/2014/2504/00/2504e827.pdf,,,2916058735,,0,,0,false,,
077-370-369-059-187,A Procedure for Tracing Chain of Custody in Digital Image Forensics: A Paradigm Based on Grey Hash and Blockchain,2022-02-06,2022,journal article,Symmetry,20738994,MDPI AG,Switzerland,Mohamed Ali; Ahmed Ismail; Hany Elgohary; Saad Darwish; Saleh Mesbah,"<jats:p>Digital evidence is critical in cybercrime investigations because it is used to connect individuals to illegal activity. Digital evidence is complicated, diffuse, volatile, and easily altered, and as such, it must be protected. The Chain of Custody (CoC) is a critical component of the digital evidence procedure. The aim of the CoC is to demonstrate that the evidence has not been tampered with at any point throughout the investigation. Because the uncertainty associated with digital evidence is not being assessed at the moment, it is impossible to determine the trustworthiness of CoC. As scientists, forensic examiners have a responsibility to reverse this tendency and officially confront the uncertainty inherent in any evidence upon which they base their judgments. To address these issues, this article proposes a new paradigm for ensuring the integrity of digital evidence (CoC documents). The new paradigm employs fuzzy hash within blockchain data structure to handle uncertainty introduced by error-prone tools when dealing with CoC documents. Traditional hashing techniques are designed to be sensitive to small input modifications and can only determine if the inputs are exactly the same or not. By comparing the similarity of two images, fuzzy hash functions can determine how different they are. With the symmetry idea at its core, the suggested framework effectively deals with random parameter probabilities, as shown in the development of the fuzzy hash segmentation function. We provide a case study for image forensics to illustrate the usefulness of this framework in introducing forensic preparedness to computer systems and enabling a more effective digital investigation procedure.</jats:p>",14,2,334,334,Hash function; Computer science; Digital forensics; Digital evidence; Digital signature; Computer security; MD5; Data mining; Digital image; Data science; Image (mathematics); Artificial intelligence; Image processing,,,,,,http://dx.doi.org/10.3390/sym14020334,,10.3390/sym14020334,,,0,005-745-292-419-100; 022-368-637-317-210; 026-925-133-625-660; 043-721-415-613-58X; 048-793-700-598-627; 049-790-206-917-63X; 053-217-121-862-96X; 062-305-023-524-429; 066-219-211-495-201; 085-666-602-084-614; 126-634-051-095-972; 154-393-793-915-985; 189-812-209-913-90X,2,true,cc-by,gold
077-416-113-129-031,Sharia Law and Digital Forensics in Saudi Arabia,,2018,journal article,"Journal of Digital Forensics, Security and Law",15587223,Embry-Riddle Aeronautical University/Hunt Library,,Fahad Alanazi; Andrew Jones; Catherine Menon,"© 2018 ADFSLThese days, digital crime is one of the main challenges for law enforcement and the judicial system. Many of the laws which are used to protect the users of current technologies were derived from legislation and laws that are utilized in the control of crimes that are based in the physical realm. This applies not only in Western countries, but in countries that adopt Sharia law. There is a need to establish specific legislation and accepted best practice to deal with digital crimes that is compatible with Sharia law, which affects more than one billion Muslims. This paper presents a view of the approach to digital crime in Saudi Arabia under Sharia Law, demonstrating how this is founded on principles from the Qur'an and the Sunnah, which are the sayings and deeds of the Prophet Muhammad. We describe how Sharia law differs from Western law, and how evidence for digital forensics procedures can be obtained for use under Sharia law.Peer reviewe",13,3,5,20,Sharia; Political science; Law; Digital forensics,,,,,http://uhra.herts.ac.uk/bitstream/2299/21197/1/Sharia_Law_and_Digital_Forensics_in_Saudi_Arabia.pdf https://uhra.herts.ac.uk/handle/2299/21197 https://dblp.uni-trier.de/db/journals/jdfsl/jdfsl13.html#0002AM18 https://commons.erau.edu/jdfsl/vol13/iss3/5/ https://commons.erau.edu/cgi/viewcontent.cgi?article=1568&context=jdfsl https://doi.org/10.15394/jdfsl.2018.1568 https://core.ac.uk/download/287581583.pdf,http://dx.doi.org/10.15394/jdfsl.2018.1568,,10.15394/jdfsl.2018.1568,2914225100,,0,,1,true,cc-by-nc,gold
077-506-371-461-888,IFIP Int. Conf. Digital Forensics - SYSTEM SUPPORT FOR FORENSIC INFERENCE,,2009,book chapter,Advances in Digital Forensics V,18684238; 1868422x,Springer Berlin Heidelberg,Germany,Ashish Gehani; Florent Kirchner; Natarajan Shankar,"Digital evidence is playing an increasingly important role in prosecuting crimes. The reasons are manifold: financially lucrative targets are now connected online, systems are so complex that vulnerabilities abound and strong digital identities are being adopted, making audit trails more useful. If the discoveries of forensic analysts are to hold up to scrutiny in court, they must meet the standard for scientific evidence. Software systems are currently developed without consideration of this fact. This paper argues for the development of a formal framework for constructing “digital artifacts” that can serve as proxies for physical evidence; a system so imbued would facilitate sound digital forensic inference. A case study involving a filesystem augmentation that provides transparent support for forensic inference is described.",306,,301,316,Scientific evidence; Digital artifact; Software system; Inference; Digital evidence; Computer security; Computer science; Computer forensics; Audit trail; Digital forensics,,,,,https://link.springer.com/content/pdf/10.1007%2F978-3-642-04155-6_23.pdf http://ui.adsabs.harvard.edu/abs/2009adf5.conf..301G/abstract https://doi.org/10.1007/978-3-642-04155-6_23 http://www.csl.sri.com/users/gehani/papers/ICDF-2009.SSFI.pdf https://link.springer.com/chapter/10.1007/978-3-642-04155-6_23 https://rd.springer.com/chapter/10.1007/978-3-642-04155-6_23 https://link.springer.com/10.1007/978-3-642-04155-6_23,http://dx.doi.org/10.1007/978-3-642-04155-6_23,,10.1007/978-3-642-04155-6_23,1832591675,,0,009-818-796-575-588; 083-225-770-665-446; 118-155-027-016-113; 148-171-907-906-892; 151-899-948-778-92X; 183-945-180-035-840,0,true,,bronze
077-542-010-025-413,Cyber Forensics: From Data to Digital Evidence - Cyber Forensics: Investigative Smart Practices,2015-10-02,2015,book chapter,Cyber Forensics,,"John Wiley & Sons, Inc.",,Albert J. Marcella; Frederic Guillossou,,,,207,240,Engineering; Computer security,,,,,,http://dx.doi.org/10.1002/9781119203452.ch10,,10.1002/9781119203452.ch10,2486623791,,0,,0,false,,
077-562-513-283-201,The Case for Open Source Software in Digital Forensics,2009-12-30,2009,book chapter,Open Source Software for Digital Forensics,,Springer US,,Stefano Zanero; Ewa Huebner,"In this introductory chapter we discuss the importance of the use of open source software (OSS), and in particular of free software (FLOSS) in computer forensics investigations including the identification, capture, preservation and analysis of digital evidence; we also discuss the importance of OSS in computer forensics",,,3,7,World Wide Web; Software; Digital evidence; Open source software; Computer science; Network forensics; Computer forensics; Identification (information); Digital forensics,,,,,https://ui.adsabs.harvard.edu/abs/2010ossd.book....3Z/abstract https://rd.springer.com/chapter/10.1007%2F978-1-4419-5803-7_1 https://link.springer.com/chapter/10.1007/978-1-4419-5803-7_1/fulltext.html https://link.springer.com/chapter/10.1007/978-1-4419-5803-7_1,http://dx.doi.org/10.1007/978-1-4419-5803-7_1,,10.1007/978-1-4419-5803-7_1,1625777431,,0,000-557-324-827-169; 016-004-336-259-323; 016-922-297-286-929; 024-781-812-756-555; 062-032-128-092-406,1,false,,
077-604-181-180-814,The Diplomatic and Digital Forensic Science in Born-Digital Records: The Quest for Authenticity,2018-07-01,2018,journal article,Journal of Integrated OMICS,21820287,Proteomass Scientific Society,,Juan Bernardo Montoya-Mogollón; Sonia Maria Troitiño Rodriguez,"This paper aims at the application of Digital Diplomatic and Digital Forensics Science in digital-born records, in order to guarantee its authenticity in institutional routines and processes, but also as a source of proof in possible legal and juridical scenarios. In view of the vast and fruitful discussions focused on the complexity of the digital records in Archival Science and Information Science (I.S.), there is a gap to manage and preserve the digital records, keeping them reliable, accurate and authentic in systems that have the same conditions. This gap makes it impossible to preserve records in the long term due, firstly, to the fragility of the systems where they are stored and, secondly, to the constant risks of obsolescence of hardware and software that occur on a day by day. Digital Diplomatic Science assists this process by determining the form and content of the record to evidence its legal-diplomatic authenticity and establish its historical value. Digital Forensic Science, in turn, provides support for the chain of custody to remain intact, regardless of the medium on which the digital record is fixed. The following questions is raised: Is it possible to apply the practice of law and the Digital Forensics in the area of the Archival Science and information science, guaranteeing the authenticity of the born-digital record. In addition, in which way does the junction between Digital Diplomatic Science and Digital Forensic Science guarantee the preservation and preservation of the born-digital records. To answer such questions, this research proposes to link five areas of knowledge following the scientific experiences conducted at the University of British Columbia in Canada by the InterPares (International Research on Permanent Authentic Records) group. Areas of knowledge that are offering interesting results for the preservation not only of the record, but also of the social memory: 1.Digital Forensics: discipline that joint Forensics Science with Computer Science to analyze the digital evidence. 2. Diplomatics Science: Science to analyze the form and structure to the records. 3. Archival Science: Science to involves the whole of the principles, policies, strategies, and activities designed to ensure the physical and technological stabilization of records for the purpose of extending indefinitely their life and protecting the accuracy and authenticity of and maintaining the accessibility to their intellectually content [1] . 4. Information Science: Science to analyze the information in different contexts. The research will carried out in a theoretical and qualitative way, taking into account the literature shared in the site Digital Records Forensics Project, coordinated by the author Luciana Duranti of the InterPares group, and the bibliography produced in the country of the areas of knowledge already referenced. The results obtained will contribute to the realization of alternative researches in document conservation within the Archival Science and the Information Science.",8,1,74,76,Chain of custody; Data science; Practice of law; Born-digital; Digital evidence; Obsolescence; Computer science; Archival science; Digital forensics; Information science,,,,,http://www.jiomics.com/index.php/jio/article/view/219 http://dx.doi.org/10.5584/jiomics.v8i1.219,http://dx.doi.org/10.5584/jiomics.v8i1.219,,10.5584/jiomics.v8i1.219,2847700262,,0,,0,false,,
077-963-490-848-763,A comprehensive digital forensic investigation process model,,2016,journal article,International Journal of Electronic Security and Digital Forensics,1751911x; 17519128,Inderscience Publishers,United Kingdom,Reza Montasari,"A formal process model is needed to enable digital forensic practitioners in following a uniform approach and to enable courts of law in determining the reliability of digital evidence presented to them. Such a model also needs to be generic in that it can be applicable in the different fields of digital forensics including law enforcement, corporates and incident response. There does not currently exist such a comprehensive process model that is both formal and generic. To address these shortcomings, this paper proposes a model that is formal in that it can enable the digital forensic practitioners in following a uniform approach when carrying out investigations and that is generic in that it can be applied in the different environments of digital forensics.",8,4,285,302,Data science; Law enforcement; Digital evidence; Incident response; Computer security; Computer science; Process (engineering); Reliability (statistics); Computer forensics; Process modeling; Digital forensics,,,,,https://pure.hud.ac.uk/en/publications/a-comprehensive-digital-forensic-investigation-process-model https://www.open-access.bcu.ac.uk/4549/ https://cronfa.swan.ac.uk/Record/cronfa54939 https://www.inderscienceonline.com/doi/abs/10.1504/IJESDF.2016.079430 https://dl.acm.org/doi/10.1504/IJESDF.2016.079430 https://dblp.uni-trier.de/db/journals/ijesdf/ijesdf8.html#Montasari16a https://dl.acm.org/citation.cfm?id=3004918,http://dx.doi.org/10.1504/ijesdf.2016.079430,,10.1504/ijesdf.2016.079430,2523853946,,0,004-652-388-189-304; 004-872-169-627-620; 005-515-442-506-880; 007-314-571-885-858; 011-787-351-244-594; 019-831-293-743-518; 020-944-423-224-895; 021-486-901-460-202; 021-850-998-857-676; 022-502-903-446-942; 026-774-296-742-022; 030-359-893-882-572; 034-153-736-380-589; 038-668-970-194-854; 044-377-145-020-27X; 047-859-979-695-194; 052-052-141-922-342; 063-274-848-736-685; 067-726-260-424-525; 067-844-385-207-96X; 083-748-184-402-072; 087-041-369-426-333; 092-058-232-746-872; 120-697-354-224-33X; 132-355-634-397-986; 133-397-275-695-990; 140-821-103-436-654; 143-562-788-834-457; 151-378-930-836-964; 160-160-097-559-323; 162-110-149-751-921; 171-803-389-787-120; 173-034-553-635-460; 180-327-460-336-608; 182-691-566-109-191; 190-065-821-748-92X; 190-872-133-741-434; 192-810-463-153-431; 199-745-676-923-766,14,false,,
078-399-210-014-329,Digital evidence e tutele processuali: potenzialità della tecnologia blockchain,2018-12-01,2018,,,,,,Raffaella Brighi; Valeria Ferrari,"Datafication of society and proliferation of cybercrime determine the unique importance of digital evidence in today's criminal proceedings. The integrity of data is crucial for their usability as evidence before the court; the traceability and ex-post verifiability of their lifecycle is necessary for the cross-examination on their validity as evidence. In digital forensics, the term chain of custody refers to a set of tools and practices aimed at guaranteeing the proper treatment of digital evidence and the accurate documentation of all the activities concerning its identification, collection, storage and analysis. The need to verify the correctness of digital evidence's treatment is made more urgent by the diffusion of highly intrusive detection instruments such as trojan horses, and by the increasingly transitional dimension of digital investigations. Therefore, the development of proper recording tools is crucial. The present work discusses how blockchain technologies could be deployed to maintain a transparent and tamperproof register of forensics activities shared among all private and public actors which participate to the digital evidence lifecycle. This instrument would facilitate national and international cooperation in digital investigations, guaranteeing both the integrity of data and the transparency of meta-information concerning their treatment. Ultimately, this would allow to better protect defendants' rights in relation to digital evidence.",2018,51,329,342,Chain of custody; Internet privacy; Traceability; Datafication; Cybercrime; Transparency (behavior); Digital evidence; Computer science; Documentation; Digital forensics,,,,,https://dare.uva.nl/search?identifier=cb43f26f-37eb-4c30-b86a-e0724507b898 https://cris.unibo.it/handle/11585/659603 https://www.rivisteweb.it/doi/10.1415/91542 https://dialnet.unirioja.es/servlet/articulo?codigo=6808099 https://pure.uva.nl/ws/files/32992958/2018_Ragion_Pratica_Brighi_Ferrari.pdf https://www.narcis.nl/publication/RecordID/oai%3Adare.uva.nl%3Apublications%2Fcb43f26f-37eb-4c30-b86a-e0724507b898,https://dare.uva.nl/search?identifier=cb43f26f-37eb-4c30-b86a-e0724507b898,,,2919064615,,0,,0,false,,
078-451-188-373-346,Research onTort Forensics Method Based on Asymmetric Watermarking,,2012,journal article,Computer Simulation,10069348,,,HE Yi-hui,"In the study of digital image tort forensics optimization,the encryption method of digital image encryption pretreatment is directly related to the success rate of follow-up tort forensics.Symmetric watermarking mechanism needs to expose the key and vulnerable,the traditional method of the symmetric watermarking tort forensics is vulnerable,and so the success rate of tort forensics is not high.In order to solve this problem,a method of the tort forensics based on asymmetric watermark was presented.It made use of asymmetric watermarking embedding for digital image copyright protection in image encryption pretreatment,because of keys without exposed in the extraction of watermark.It can effectively resist the attacks to protect evidence of infringement and to avoid the insufficient of the traditional method vulnerable effects,by integrally extracting the digital watermark characteristic information in tort images and making use the clustering algorithm of LSH.Finally,it completed the tort evidence extraction to ensure the success rate of infringement evidence.The simulation results show that the improved method can effectively extract the evidence of infringement with high success rate of forensics and satisfactory results.",,,,,Image (mathematics); Engineering; Encryption; Digital watermarking; Watermark; Tort; Improved method; Computer security; Digital image; Cluster analysis,,,,,http://en.cnki.com.cn/Article_en/CJFDTOTAL-JSJZ201210042.htm,http://en.cnki.com.cn/Article_en/CJFDTOTAL-JSJZ201210042.htm,,,2374583683,,0,,0,false,,
078-730-781-174-18X,ISSA - Harmonised digital forensic investigation process model,,2012,conference proceedings article,2012 Information Security for South Africa,,IEEE,,Aleksandar Valjarevic; Hein S. Venter,"Digital forensics gained significant importance over the past decade, due to the increase in the number of information security incidents over this time period, but also due to the fact that our society is becoming more dependent on information technology. Performing a digital forensic investigation requires a standardised and formalised process to be followed. There is currently no international standard formalising the digital forensic investigation process, nor does a harmonised digital forensic investigation process exist that is acceptable in this field. This paper proposes a harmonised digital forensic investigation process model. The proposed model is an iterative and multi-tier model. The authors introduce the term “parallel actions”, defined as the principles which should be translated into actions within the digital forensic investigation process (i.e. principle that evidence's integrity must be preserved through the process and that chain of evidence must be preserved). The authors believe that the proposed model is comprehensive and that it harmonises existing state-of-the-art digital forensic investigation process models. Furthermore, we believe that the proposed model can lead to the standardisation of the digital forensic investigation process.",,,1,10,Chain of custody; Information technology; Data science; Field (computer science); Computer security; Computer science; Process (engineering); Information security; Computer forensics; Process modeling; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/issa/issa2012.html#ValjarevicV12 http://ieeexplore.ieee.org/document/6320441/ https://ieeexplore.ieee.org/abstract/document/6320441 https://doi.org/10.1109/ISSA.2012.6320441,http://dx.doi.org/10.1109/issa.2012.6320441,,10.1109/issa.2012.6320441,2028547439,,0,004-652-388-189-304; 020-944-423-224-895; 025-782-023-579-032; 038-668-970-194-854; 041-059-041-666-09X; 060-808-935-547-406; 101-436-770-235-826; 120-697-354-224-33X; 156-780-378-831-656; 168-476-681-195-292; 184-948-841-629-735; 190-065-821-748-92X; 199-745-676-923-766,53,false,,
078-908-560-808-973,Role and Impact of Digital Forensics in Cyber Crime Investigations,,2019,journal article,INROADS- An International Journal of Jaipur National University,22774904; 22774912,Diva Enterprises Private Limited,,S. Krishnan,"Cybercrime is a growing problem, but the ability of law enforcement agencies to investigate and successfully prosecute criminals for these crimes is unclear. While law enforcement agencies have been conducting these investigations for many years, the previously published needs assessments all indicated that there is lack the training, tools or staff to effectively conduct investigations with the volume or complexity included in many of these cases. This study discussed on Cybercrime and Global Economic Growth, Reasons for Conducting a Digital Forensic Investigation, Various Branches of Digital Forensics in details, Potential Source of Digital Evidence, standard operating procedure for digital evidence, Legal Aspects and What the Future Holds in the field of digital forensics.",8,1and2,64,75,Internet privacy; Standard operating procedure; Cybercrime; Law enforcement; Digital evidence; Needs assessment; Cyber crime; Potential source; Computer science; Digital forensics,,,,,https://www.indianjournals.com/ijor.aspx?target=ijor:inroads&volume=8&issue=1and2&article=012,http://dx.doi.org/10.5958/2277-4912.2019.00012.2,,10.5958/2277-4912.2019.00012.2,2999986322,,0,173-034-553-635-460,0,false,,
078-919-309-996-250,Emerging Forensic Tools for Locating and Analyzing Digital Evidence - Emerging Forensic Tools for Locating and Analyzing Digital Evidence,,2016,book,,,IGI Global,,Richard Boddington,,,,,,World Wide Web; Forensic science; Digital evidence; Computer science,,,,,,http://dx.doi.org/10.4018/978-1-4666-9591-7,,10.4018/978-1-4666-9591-7,2497297449,,0,,0,false,,
079-483-836-523-473,Phase-Oriented Advice and Review Structure (PARS)  for Digital Forensic Investigations,2022-07-26,2022,journal article,Advances in Multidisciplinary and scientific Research Journal Publication,24888699,Creative Research Publishers,,Aliloulaye Tchaou,"<jats:p>The PARS is the first documented peer review methodology for the digital forensics field, a six staged approach designed to formally support organizations and their staff in their goal of facilitating effective peer review of digital forensic work, from investigative tasks to forensic activities and forensic analysis processes (Pollitt et al., 2018). This assignment discusses how the PARS methodology can be implemented, and the available options and mechanisms available to ease the interpretation of this model into existing practices. Both the early ‘Advisor’ and later ‘Reviewer’ roles in PARS are discussed and their requirements and expectations are defined.  Keywords: Digital forensics, Peer review, Digital evidence, Quality assurance, Forensic science       Multi-staged Rview, Multi-person Review   BOOK Chapter ǀ Research Nexus in IT, Law, Cyber Security &amp; Forensics. Open Access. Distributed Free  Citation: Aliloulaye Tchaou (2022): Phase-Oriented Advice and Review Structure (PARS)  for Digital Forensic Investigations Book Chapter Series on Research Nexus in IT, Law, Cyber Security &amp; Forensics. Pp 173-180 www.isteams.net/ITlawbookchapter2022. dx.doi.org/10.22624/AIMS/CRP-BK3-P28</jats:p>",1,1,173,180,Digital forensics; Digital evidence; Computer forensics; Nexus (standard); Computer science; Forensic science; Advice (programming),,,,,,http://dx.doi.org/10.22624/aims/crp-bk3-p28,,10.22624/aims/crp-bk3-p28,,,0,,0,true,,bronze
079-624-398-794-48X,A UML-Based Approach for Analysing Potential Digital Forensic Evidence,,2018,journal article,International Journal of Cyber-Security and Digital Forensics,23050012,,,Victor R. Kebande; Nickson M. Karie,,7,4,354,362,Software engineering; Unified Modeling Language; Computer science; Wireless; Digital forensics,,,,,http://sdiwc.net/digital-library/a-umlbased-approach-for-analysing-potential-digital-forensic-evidence,http://sdiwc.net/digital-library/a-umlbased-approach-for-analysing-potential-digital-forensic-evidence,,,2892001513,,0,,0,false,,
079-898-099-612-912,Combatting the data volume issue in digital forensics : A structured literature review,2020-12-07,2020,,,,,,Mattias Sjöstrand,The increase in data volume and amount of data sources submitted as evidence such as from Internet of Things (IoT) devices or cloud computing systems has caused the digital forensics process to tak ...,,,,,Volume (computing); Systematic review; Data science; Cloud computing systems; Computer science; Process (engineering); Internet of Things; Digital forensics,,,,,http://www.diva-portal.org/smash/record.jsf?pid=diva2:1453501 http://his.diva-portal.org/smash/record.jsf?pid=diva2%3A1453501,http://www.diva-portal.org/smash/record.jsf?pid=diva2:1453501,,,3112235431,,0,005-447-731-933-916; 006-456-033-462-695; 009-963-999-321-861; 011-640-228-143-441; 013-332-803-763-857; 021-944-720-672-500; 022-206-961-508-236; 023-140-531-299-670; 023-858-572-607-02X; 035-526-338-581-84X; 036-040-734-133-893; 037-550-015-414-716; 039-627-889-157-293; 052-789-759-186-54X; 057-523-721-967-459; 059-565-325-800-110; 062-934-250-263-136; 085-343-554-667-033; 089-125-626-038-560; 093-482-620-988-83X; 098-748-261-333-651; 101-147-258-831-898; 108-739-522-468-172; 118-250-456-110-971; 122-553-557-970-535; 126-525-922-560-09X; 131-164-474-862-00X; 131-516-331-360-906; 134-927-490-231-285; 141-639-466-257-44X; 145-048-628-632-929; 147-640-789-885-64X; 156-990-496-742-22X; 174-191-150-234-799; 186-081-237-537-037; 198-820-820-012-184,0,false,,
080-148-650-955-89X,On the Benefits of Information Retrieval and Information Extraction Techniques Applied to Digital Forensics,2016-08-30,2016,book chapter,Lecture Notes in Electrical Engineering,18761100; 18761119,Springer Singapore,Germany,David Lillis; Mark Scanlon,"Many jurisdictions suffer from lengthy evidence processing backlogs in digital forensics investigations. This has negative consequences for the timely incorporation of digital evidence into criminal investigations, while also affecting the timelines required to bring a case to court. Modern technological advances, in particular the move towards cloud computing, have great potential in expediting the automated processing of digital evidence, thus reducing the manual workload for investigators. It also promises to provide a platform upon which more sophisticated automated techniques may be employed to improve the process further. This paper identifies some research strains from the areas of Information Retrieval and Information Extraction that have the potential to greatly help with the efficiency and effectiveness of digital forensics investigations.",,,641,647,Criminal investigation; Expediting; Information extraction; Information retrieval; Digital evidence; Computer science; Process (engineering); Timeline; Cloud computing; Digital forensics,,,,,https://link.springer.com/10.1007/978-981-10-1536-6_83 https://forensicsandsecurity.com/papers/OnTheBenefitsOfInformationRetrievalToDigitalForensics.php https://forensicsandsecurity.com/papers/OnTheBenefitsOfInformationRetrievalToDigitalForensics.pdf https://link.springer.com/chapter/10.1007/978-981-10-1536-6_83/fulltext.html https://markscanlon.co/papers/OnTheBenefitsOfInformationRetrievalToDigitalForensics.pdf https://rd.springer.com/chapter/10.1007/978-981-10-1536-6_83 https://www.markscanlon.co/papers/OnTheBenefitsOfInformationRetrievalToDigitalForensics.php https://link.springer.com/chapter/10.1007%2F978-981-10-1536-6_83,http://dx.doi.org/10.1007/978-981-10-1536-6_83,,10.1007/978-981-10-1536-6_83,2461132669,,0,000-360-120-513-679; 004-343-329-602-307; 004-714-367-794-397; 016-536-694-167-514; 032-988-665-285-105; 035-626-035-728-080; 043-706-844-430-938; 050-513-243-638-138; 051-645-938-939-51X; 055-261-733-210-250; 055-614-100-530-52X; 075-056-106-679-562; 102-602-192-826-532; 115-547-184-477-216; 127-299-160-013-260; 131-695-312-640-706; 154-517-106-328-503; 156-644-417-841-018; 167-311-879-371-915; 175-624-159-211-478,1,false,,
080-161-175-307-872,Cybercrime and Digital Forensics: An Introduction,2015-02-05,2015,book,,,,,Thomas J. Holt; Adam M. Bossler; Kathryn C. Seigfried-Spellar,"1. Technology and Cybercrime 2. Computer Hackers and Hacking 3. Malware and Automated Computer Attacks 4. Digital Piracy and Intellectual Property Theft 5. Economic Crimes and On-Line Fraud 6. Pornography, Prostitution, and Sex Crimes 7. Cyberbullying, On-Line Harassment, and Cyberstalking 8. On-line Extremism, Cyberterror, and Cyber Warfare 9. Cybercrime and Criminological Theories 10. Evolution of Digital Forensics 11. Acquisition and Examination of Forensic Evidence 12. Legal Challenges in Digital Forensic Investigations 13. The Future of Cybercrime, Terror, and Policy.",,,,,Internet privacy; Engineering; Cyberwarfare; Cyberstalking; Cybercrime; Pornography; Computer security; Malware; Computer forensics; Digital forensics; Hacker,,,,,https://www.taylorfrancis.com/books/mono/10.4324/9781315296975/cybercrime-digital-forensics-thomas-holt-adam-bossler-kathryn-seigfried-spellar https://openlibrary.org/books/OL28843670M/Cybercrime_and_Digital_Forensics https://works.bepress.com/adam-bossler/35/ https://www.thriftbooks.com/w/cybercrime-and-digital-forensics-an-introduction_adam-m-bossler_kathryn-c-seigfried-spellar/13932009/ https://www.taylorfrancis.com/books/9781317694786 https://ci.nii.ac.jp/ncid/BB18203417 https://www.amazon.com/Cybercrime-Digital-Forensics-Thomas-Holt/dp/113802130X https://www.goodreads.com/work/editions/42383528-cybercrime-and-digital-forensics-an-introduction https://digitalcommons.georgiasouthern.edu/crimjust-criminology-facpubs/71/,https://www.taylorfrancis.com/books/mono/10.4324/9781315296975/cybercrime-digital-forensics-thomas-holt-adam-bossler-kathryn-seigfried-spellar,,,354740698,,0,,35,false,,
080-341-576-018-535,Issues With Using Call Detail Records for Location Purposes,,2017,book chapter,Cell Phone Location Evidence for Legal Professionals,,Elsevier,,Larry Daniel,,,,59,67,Engineering; Tower; Phone; Radio signal; Multimedia; Data transmission; Telecommunications,,,,,http://www.sciencedirect.com/science/article/pii/B9780128093979000092,http://dx.doi.org/10.1016/b978-0-12-809397-9.00009-2,,10.1016/b978-0-12-809397-9.00009-2,2710049876,,0,,0,false,,
081-056-635-953-384,The Best Damn Cybercrime and Digital Forensics Book Period,2007-12-10,2007,book,,,,,Jack Wiles; Anthony Reyes,"Electronic discovery refers to a process in which electronic data is sought, located, secured, and searched with the intent of using it as evidence in a legal case. Computer forensics is the application of computer investigation and analysis techniques to perform an investigation to find out exactly what happened on a computer and who was responsible. IDC estimates that the U.S. market for computer forensics will be grow from $252 million in 2004 to $630 million by 2009. Business is strong outside the United States, as well. By 2011, the estimated international market will be $1.8 billion dollars. The Techno Forensics Conference has increased in size by almost 50% in its second year; another example of the rapid growth in the market. ; ; This book is the first to combine cybercrime and digital forensic topics to provides law enforcement and IT security professionals with the information needed to manage a digital investigation. Everything needed for analyzing forensic data and recovering digital evidence can be found in one place, including instructions for building a digital forensics lab.; ; * Digital investigation and forensics is a growing industry; * Corporate I.T. departments needing to investigate incidents related to corporate espionage or other criminal activities are learning as they go and need a comprehensive step-by-step guide to e-discovery; * Appeals to law enforcement agencies with limited budgets",,,,,Internet privacy; Engineering; Electronic discovery; Cybercrime; Law enforcement; Digital evidence; Electronic data; Computer security; Computer forensics; Digital forensics; Industrial espionage,,,,,https://www.amazon.com/Best-Cybercrime-Digital-Forensics-Period/dp/1597492280,https://www.amazon.com/Best-Cybercrime-Digital-Forensics-Period/dp/1597492280,,,1914375141,,0,101-653-903-588-029; 125-069-628-561-056; 180-352-675-042-601,22,false,,
081-075-040-457-06X,Digital crime – A review article,2010-01-06,2010,journal article,Journal of Forensic Medicine,24721026,,,C.R. Vasudeva Murthy; P.S. Chidananda; Manisa Mohanty; Natasha Nambia; K.P. Harsha,"As computers become more integrated into people's daily lives, investigators are encountering an increasing amount of evidence of criminal activity in the digital form. There is growing need of understanding these methods and trained experts to process digital evidence. So training and laws related must keep pace with advances in computer technology making digital forensics an exciting field.",4,1,58,60,Internet privacy; Review article; Pace; Digital evidence; Computer technology; Mathematics; Field (computer science); Process (engineering); Digital forensics,,,,,http://www.i-scholar.in/index.php/ijfmt/article/view/45843 http://www.indianjournals.com/ijor.aspx?target=ijor:ijfmt&volume=4&issue=1&article=020,http://www.i-scholar.in/index.php/ijfmt/article/view/45843,,,3038072372,,0,,0,false,,
081-152-890-798-991,Digital forensic standards and digital evidence in Polish criminal proceedings. An updated definition of digital evidence in forensic science,,2021,journal article,International Journal of Electronic Security and Digital Forensics,1751911x; 17519128,Inderscience Publishers,United Kingdom,Piotr Lewulis,Digital evidence is increasingly popular in criminal proceedings - not only to those commonly referred to as 'cybercrimes'. The credibility criteria of such evidence are in theory governed by a set...,13,1,403,417,Forensic science; Set (abstract data type); Data science; Credibility; Digital evidence; Computer science; Digital forensics,,,,,https://www.inderscienceonline.com/doi/abs/10.1504/IJESDF.2021.116024,http://dx.doi.org/10.1504/ijesdf.2021.10034988,,10.1504/ijesdf.2021.10034988,3122539278,,0,,0,false,,
081-437-161-307-223,An Open Architecture for Digital Evidence Integration,,2006,,,,,,Bradley Schatz; Andrew Clark,"Recently the need for “digital evidence bags” ‐ a c ommon storage format for digital evidence ‐ has been identified as a key requirement for enabling inter-organisational sharing of digital evidence, and interoperability b etween forensic analysis tools. Recent work has described an ontology based approach to co rrelation of event log based evidence, using semantic web technologies for describing and representing event log based digital evidence. In this paper we apply the representation al approach to the integration of metadata related to digital evidence, and propose a globally unique identification scheme for digital evidence and related metadata. We relat e the representational approach to the digital evidence bags concept identifying a number of shortcomings. We propose an alternative architecture for digital evidence bags, which we call the sealed digital evidence bags architecture. This approach treats bags as imm utable objects, and facilitates the building of a corpus of digital evidence by composi tion and referencing between evidence bags. This architecture facilitates modular forensi c tool development and interoperability between forensics tools.",,,,,Open architecture; World Wide Web; Ontology (information science); Interoperability; Semantic Web; Digital evidence; Computer science; Event (computing); Digital forensics; Metadata,,,,,https://eprints.qut.edu.au/21119/ http://www.schatzforensic.com.au/publications/An%20Open%20Architecture%20For%20Digital%20Evidence%20Integration.pdf,https://eprints.qut.edu.au/21119/,,,2168532597,,0,001-688-296-480-909; 005-859-239-651-619; 014-012-834-363-307; 022-976-500-434-458; 032-072-810-818-116; 048-452-854-305-529; 048-503-079-807-452; 050-760-962-056-175; 055-574-774-155-611; 058-844-959-118-274; 060-650-561-577-338; 065-260-447-841-666; 103-157-156-595-232; 118-095-530-189-407; 142-884-607-464-932; 147-017-529-889-412; 153-074-590-837-708; 159-672-390-025-500,22,false,,
081-496-834-498-248,A New Approach For Image Authentication Framework For Media Forensics Purpose,2017-01-01,2017,,,,,,Ahmad M. Nagm; Khaled Y. Youssef; Mohammad I; null Youssef,"With the increasing widely spread digital media become using in most fields such as medical care, Oceanography, Exploration processing, security purpose, military fields and astronomy, evidence in criminals and more vital fields and then digital Images become have different appreciation values according to what is important of carried information by digital images?. Due to the easy manipulation property of digital images (by proper computer software) makes us doubtful when are juries using digital images as forensic evidence in courts, especially, if the digital images are main evidence to demonstrate the relationship between suspects and the criminals. Obviously, here demonstrate importance of data Originality Protection methods to detect unauthorized process like modification or duplication and then enhancement protection of evidence to guarantee rights of incriminatory. In this paper, we shall introduce a novel digital forensic security framework for digital image authentication and originality identification techniques and related methodologies, algorithms and protocols that are applied on camera captured images. The approach depends on implanting secret code into RGB images that should indicate any unauthorized modification on the image under investigation. The secret code generation depends mainly on two main parameter types, namely the image characteristics and capturing device identifier. In this paper, the architecture framework will be analyzed, explained and discussed together with the associated protocols, algorithms and methodologies. Also, the secret code deduction and insertion techniques will be analyzed and discussed, in addition to the image benchmarking and quality testing techniques.",2017,06,1,11,Authentication (law); Identifier; Digital media; Information retrieval; Computer science; Digital image; Architecture framework; Identification (information); Digital forensics; Property (programming),,,,,https://www.scitechnol.com/abstract/a-new-approach-for-image-authentication-framework-for-media-forensics-purpose-7049.html https://dblp.uni-trier.de/db/journals/corr/corr2110.html#abs-2110-01065,https://www.scitechnol.com/abstract/a-new-approach-for-image-authentication-framework-for-media-forensics-purpose-7049.html,,,2783907572,,0,,0,false,,
081-543-972-482-315,EISIC - Digital-Forensics Based Pattern Recognition for Discovering Identities in Electronic Evidence,,2013,conference proceedings article,2013 European Intelligence and Security Informatics Conference,,IEEE,,Hans Henseler; Jop Hofste; Maurice van Keulen,"With the pervasiveness of computers and mobile devices, digital forensics becomes more important in law enforcement. Detectives increasingly depend on the scarce support of digital specialists which impedes efficiency of criminal investigations. This paper proposes and algorithm to extract, merge and rank identities that are encountered in the electronic evidence during processing. Two experiments are described demonstrating that our approach can assist with the identification of frequently occurring identities so that investigators can prioritize the investigation of evidence units accordingly.",,,112,116,Criminal investigation; World Wide Web; Ubiquitous computing; Mobile device; Merge (version control); Law enforcement; Law administration; Computer science; Computer forensics; Digital forensics,,,,,https://ris.utwente.nl/ws/files/5496421/pattern_recognition_discovering_identities_henselerhofstevankeulen_cameraready.pdf https://ieeexplore.ieee.org/document/6657134/ https://www.narcis.nl/publication/RecordID/oai%3Aris.utwente.nl%3Apublications%2F51241120-69b4-4f96-977f-413b837a2cd4 http://ieeexplore.ieee.org/document/6657134/ https://dblp.uni-trier.de/db/conf/eisic/eisic2013.html#HenselerHK13 https://doi.org/10.1109/EISIC.2013.24 https://research.utwente.nl/en/publications/digital-forensics-based-pattern-recognition-for-discovering-ident https://core.ac.uk/download/pdf/11489240.pdf,http://dx.doi.org/10.1109/eisic.2013.24,,10.1109/eisic.2013.24,1983590715,,0,005-123-553-786-165; 010-388-991-543-520; 016-922-297-286-929; 018-826-525-266-229; 020-855-412-051-322; 022-640-371-098-46X; 028-577-385-254-389; 037-456-087-839-878; 051-844-758-374-488; 070-673-111-451-994; 073-646-216-850-524; 080-182-852-123-652; 082-074-079-097-382; 098-255-728-086-08X; 109-320-883-551-987; 110-212-753-356-881; 121-543-799-545-35X; 157-250-095-355-248; 196-179-524-280-201,4,true,,green
081-583-488-684-931,Data Acquisition based Seizure Record Framework for Digital Forensics Investigations,2021-12-02,2021,conference proceedings article,"2021 5th International Conference on Electronics, Communication and Aerospace Technology (ICECA)",,IEEE,,Srinivasa Murthy Pedapudi; Nagalakshmi Vadlamani,"In the computer era, various digital devices are used along with networking technology for data communication in secured manner. But sometimes these systems are misused by the attackers. Information security with the high efficiency devices, tools are utilized for protecting the communication media and valuable data. In case of any unwanted incidents and security breaches, digital forensics methods and measures are well utilized for detecting the type of attacks, sources of attacks, their purposes. By utilizing information related to security measures, digital forensics evidences with suitable methodologies, digital forensics investigators detect the cyber-crimes. It is also necessary to prove the cyber-crimes before the law enforcement department. During this process investigators type to collect different types of information from the digital devices concerned to the cyber-attack. One of the major tasks of the digital investigator is collecting and managing the seizure records from the crime-scene. The present paper discusses the seizure record framework for digital forensics investigations.",,,,,Digital evidence; Digital forensics; Computer science; Computer security; Computer forensics; Network forensics; Law enforcement; Process (computing); Cyber crime; Internet privacy; World Wide Web; The Internet; Political science; Law; Operating system,,,,,,http://dx.doi.org/10.1109/iceca52323.2021.9676088,,10.1109/iceca52323.2021.9676088,,,0,,0,false,,
081-656-185-027-680,Evaluating and Comparing Tools for Mobile Device Forensics Using Quantitative Analysis,2013-10-08,2013,,,,,,Shahzad Saleem; Oliver Popov; Oheneba Kwame Appiah-Kubi,"Scientific development and progress in the fields of computer science, information technology and their related disciplines, have transformed our world into a “digital world”. Omnipresent digital devices and e-services running on numerous versions of pervasive e-infrastructures generate a wealth of electronically stored information (ESI) from which we can extract a great deal of potential digital evidence.Digital evidence is sometimes even more revealing than its traditional counterpart, but at the same time it is very fragile and volatile in nature. Preserving the integrity of digital evidence is therefore of major concern, especially when it comes from purportedly illegal, illicit and malicious activities. The acquisition and analysis of digital evidence are also crucial to the functioning of the digital world, regardless of the positive or negative implications of the actions and activities that generated the evidence. All stakeholders should have the right to be assured of the accuracy of the digital forensics process and the people involved in it. Currently they surrender these rights and have to trust the process and the individuals carrying it out. They do not have any guarantee that intentional or unintentional conduct or modification will not affect the outcome of the forensic process, which might compromise their other human rights as a consequence, such as their right to liberty and even their right to life. Protecting basic human rights by ensuring the correctness of the entire forensics process, and its output in the form of digital evidence, is thus a point of concern. The “right to a fair trial” given in Article 6 of the European Convention as an umbrella principle that affects the forensics process, is one example of the protection of basic human rights.In digital forensics there are principles and models on the top (theoretical basis), acting as a platform on abstract and generic level, in the middle, there are policies and practices and at the bottom, there are technical procedures and techniques. During this research we worked to solve the above mentioned problems, concentrating on all three layers, by extending the abstract models, defining best practice, and by providing new technical procedures employing latest technology. Our work also helps to implement organisational policies.The research was undertaken in two cycles, starting with an exploration of the theoretical basis and continuing to procedures and techniques. The methods used to preserve the integrity of digital evidence were explored and evaluated in the first cycle. A new technical model called PIDESC[1] was thus proposed. This can preserve the integrity of digital evidence by orchestrating both software- and hardware-based security solutions. The model was evaluated in terms of time and cost. The results suggest that the gains outweigh the additional cost and time. The increase in time is a constant negligible factor of only half a millisecond on average. In the next cycle we built on our knowledge and extended the theoretical basis on an abstract and generic level to preserve the integrity of digital evidence and to protect basic human rights as overarching umbrella principles (2PasU[2]). We then developed specific solutions, including a formal method to select the best mobile device forensics tool, and developed a guide for best practices to fulfil the requirements of preservation and protection. Finally, we mapped the solutions to the proposed extended model with 2PasU, putting all the research into its context in order to pave the way for future work in this domain.[1] Protecting Digital Evidence Integrity by Using Smart Cards[2] Preservation and Protection as Umbrella Principles",,,264,282,Information technology; Engineering; Electronically stored information; Context (language use); Digital evidence; Computer security; Process (engineering); Mobile device forensics; Formal methods; Digital forensics,,,,,https://eudl.eu/pdf/10.1007/978-3-642-39891-9_17 http://www.diva-portal.org/smash/record.jsf?pid=diva2:734996 https://eudl.eu/doi/10.1007/978-3-642-39891-9_17,http://www.diva-portal.org/smash/record.jsf?pid=diva2:734996,,,2180469547,,0,,1,false,,
082-140-450-245-734,IDENTIFICATION OF DIGITAL EVIDENCE FACEBOOK MESSENGER ON MOBILE PHONE WITH NATIONAL INSTITUTE OF STANDARDS TECHNOLOGY (NIST) METHOD,2019-01-15,2019,journal article,Kursor,23016914; 02160544,University of Trunojoyo Madura,,Anton Yudhana;  Riadi; Ikhwan Anshori,"<jats:p>Facebook Messenger is a popular social media. The increasing number of Facebook Messenger users certainly has a positive and negative impact, one of the negative effects is being used for digital crime. One of the sciences to get digital evidence is to do Digital forensics. Digital forensics can be done on a smartphone used by criminals. This research will carry out as much evidence of digital crime as possible from Facebook Messenger. In this study the forensic devices, Magnet AXIOM and Oxygen Forensics Suite 2014 were used using the National Institute of Standards Technology (NIST) method. NIST has work guidelines for both policies and standards to ensure that each examiner follows the same workflow so that their work is documented and the results can be repeated and maintained. The results of the research in the Magnet AXIOM and Oxygen Forensics Suite 2014 get digital evidence in the form of accounts, conversation texts, and images. This study successfully demonstrated the results of an analysis of forensic devices and digital evidence on Facebook Messenger. The results of the performance evaluation of forensic tools in the acquisition process using AXIOM Magnets are considered the best compared to Oxygen Forensics Suite 2014.</jats:p>",9,3,,,NIST; World Wide Web; Mobile phone; Digital evidence; Computer science; Identification (information),,,,,http://kursorjournal.org/index.php/kursor/article/view/152 https://kursorjournal.org/index.php/kursor/article/download/152/95,http://dx.doi.org/10.28961/kursor.v9i3.152,,10.28961/kursor.v9i3.152,2915261871,,0,000-225-165-729-99X; 070-740-822-724-693; 087-863-544-029-830,0,true,cc-by,gold
082-188-923-827-797,IITSI - Research on the Key Technology of Secure Computer Forensics,,2010,conference proceedings article,2010 Third International Symposium on Intelligent Information Technology and Security Informatics,,IEEE,,Yan Zhang; Ying Lin,"Computer Forensics is a research hot topic in the field of computer security with the recent increases in illegal accesses to computer system. According to the procedure of computer forensics, this paper presents the frame model of computer forensics, analyses the source of digital evidence. Because of digital feature, it is especially critical to how to secure the protection of digital evidence and make computer forensics have legal recognition of ability. From the computer evidence collection phase, transmission phase and the storage stage, this paper discusses the key technologies and approaches to ensure the security of digital evidence respectively. Through the guidance of the frame model and the security guarantee to each stage of computer forensics, the evidence would eventually be provided to the court.",,,649,652,Frame (networking); Encryption; Key (cryptography); Digital evidence; Computer security; Computer science; Network forensics; Information security; Computer forensics; Digital forensics,,,,,http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000005453709 https://ieeexplore.ieee.org/document/5453709 https://dblp.uni-trier.de/db/conf/iitsi/iitsi2010.html#ZhangL10,http://dx.doi.org/10.1109/iitsi.2010.134,,10.1109/iitsi.2010.134,2033536268,,0,009-284-801-057-774; 009-866-216-542-090; 019-042-754-733-944; 084-450-839-656-829; 111-900-249-134-046; 166-120-929-678-264; 196-416-598-622-506,6,false,,
082-216-018-661-366,IFIP Int. Conf. Digital Forensics - Data Recovery Function Testing for Digital Forensic Tools,,2010,book chapter,Advances in Digital Forensics VI,18684238; 18612288; 1868422x; 15715736,Springer Berlin Heidelberg,Germany,Yinghua Guo; Jill Slay,"Many digital forensic tools used by investigators were not originally designed for forensic applications. Even in the case of tools created with the forensic process in mind, there is the issue of assuring their reliability and dependability. Given the nature of investigations and the fact that the data collected and analyzed by the tools must be presented as evidence, it is important that digital forensic tools be validated and verified before they are deployed. This paper engages a systematic description of the digital forensic discipline that is obtained by mapping its fundamental functions. The function mapping is used to construct a detailed function-oriented validation and verification framework for digital forensic tools. This paper focuses on the data recovery function. The data recovery requirements are specified and a reference set is presented to test forensic tools that implement the data recovery function.",337,,297,311,Software engineering; Data mining; Set (abstract data type); Construct (python library); Computer science; Process (engineering); Reliability (statistics); Data recovery; Function (engineering); Dependability; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/ifip11-9/df2010.html#GuoS10 https://link.springer.com/content/pdf/10.1007/978-3-642-15506-2_21.pdf https://link.springer.com/chapter/10.1007%2F978-3-642-15506-2_21 https://doi.org/10.1007/978-3-642-15506-2_21 https://rd.springer.com/chapter/10.1007/978-3-642-15506-2_21,http://dx.doi.org/10.1007/978-3-642-15506-2_21,,10.1007/978-3-642-15506-2_21,1495421545,,0,021-039-461-635-181; 035-448-415-847-226; 043-409-832-398-87X; 075-128-417-091-483; 085-669-579-012-375; 094-933-978-324-364,9,true,cc-by,green
082-417-796-624-941,A near-miss management system architecture for the forensic investigation of software failures.,2015-10-28,2015,journal article,Forensic science international,18726283; 03790738,Elsevier Ireland Ltd,Netherlands,M.A. Bihina Bella; Jan H. P. Eloff,"Abstract Digital forensics has been proposed as a methodology for doing root-cause analysis of major software failures for quite a while. Despite this, similar software failures still occur repeatedly. A reason for this is the difficulty of obtaining detailed evidence of software failures. Acquiring such evidence can be challenging, as the relevant data may be lost or corrupt following a software system's crash. This paper proposes the use of near-miss analysis to improve on the collection of evidence for software failures. Near-miss analysis is an incident investigation technique that detects and subsequently analyses indicators of failures. The results of a near-miss analysis investigation are then used to detect an upcoming failure before the failure unfolds. The detection of these indicators – known as near misses – therefore provides an opportunity to proactively collect relevant data that can be used as digital evidence, pertaining to software failures. A Near Miss Management System (NMS) architecture for the forensic investigation of software failures is proposed. The viability of the proposed architecture is demonstrated through a prototype.",259,,234,245,Architecture; Software system; Crash; Management system; Near miss; Software; Digital evidence; Computer security; Computer science; Digital forensics,Digital evidence; Digital forensics; Near miss; Near-miss management system (NMS); Software failure,,,,https://www.sciencedirect.com/science/article/pii/S0379073815004314 https://www.ncbi.nlm.nih.gov/pubmed/26727616 https://europepmc.org/abstract/MED/26727616 https://repository.up.ac.za/handle/2263/56011 https://repository.up.ac.za/bitstream/2263/56011/1/Bella_NearMiss_2016.pdf,http://dx.doi.org/10.1016/j.forsciint.2015.10.007,26727616,10.1016/j.forsciint.2015.10.007,2193388524,,0,001-808-197-846-489; 002-366-662-229-867; 005-867-919-846-09X; 005-902-773-372-039; 009-662-282-544-479; 011-905-511-601-111; 013-081-766-379-747; 013-887-768-477-01X; 021-448-156-714-737; 031-611-368-763-776; 042-185-248-691-579; 045-920-797-897-761; 045-930-609-986-652; 056-639-947-708-941; 058-507-647-155-191; 064-314-255-895-12X; 079-314-174-384-71X; 079-406-212-807-655; 109-985-341-960-184; 110-398-250-080-48X; 114-542-186-088-354; 114-839-605-739-519; 147-557-846-895-696; 153-054-383-154-973; 166-411-911-305-152; 168-678-724-053-274; 191-707-142-292-682,0,true,,green
082-558-751-788-933,Analisis Forensik Rekayasa Dokumen Digital  dengan Metode NIST,2022-08-31,2022,journal article,INFORMAL: Informatics Journal,2503250x,UPT Penerbitan Universitas Jember,,Arizona Firdonsyah; Danur Wijayanto,"<jats:p>Digital Forensics is one of the technological fields contained many sub-fields that can assist technically in collecting digital evidence to be presented in a trial in accordance with applicable law. The example of digital forensics sub-field is Image Forensics, which aims to digitally collect and look for evidentiary facts in determining the authenticity of an image or document that contained images. Various criminal and pornographic cases involving image files are still happening nowadays, therefore forensics on images as evidence is an important key to assist the court in making decisions. This research examines the authenticity of documents in the form of digital letters using National Institute of Standard and Technology (NIST) method by applying the forensic ELA (Error Level Analysis). Several previous researches have proven that the forensic ELA is able to detect modifications that have been made to images. Differences with previous researches and this research are the authors also checked the metadata of the images before performing the ELA examination using Fotoforensics. The results of the analysis shows a high level of consistency in the images and writings due to the accumulation of white dots in several places such as in headers, logos, header’s writings, text contents, footnotes, and signatures.</jats:p>",7,2,121,121,Digital forensics; Header; Computer science; Consistency (knowledge bases); NIST; Metadata; Field (mathematics); Forensic examination; Digital image; Key (lock); Digital evidence; Information retrieval; Data science; World Wide Web; Image (mathematics); Computer security; Artificial intelligence; Engineering; Image processing; Natural language processing; Computer network; Mathematics; Forensic engineering; Pure mathematics,,,,,,http://dx.doi.org/10.19184/isj.v7i2.31198,,10.19184/isj.v7i2.31198,,,0,,0,true,,gold
082-793-334-095-933,Scenario-Based Digital Forensics Challenges in Cloud Computing,2016-10-20,2016,journal article,Symmetry,20738994,MDPI AG,Switzerland,Erik Miranda Lopez; Seo Yeon Moon; Jong Hyuk Park,"The aim of digital forensics is to extract information to answer the 5Ws (Why, When, Where, What, and Who) from the data extracted from the evidence. In order to achieve this, most digital forensic processes assume absolute control of digital evidence. However, in a cloud environment forensic investigation, this is not always possible. Additionally, the unique characteristics of cloud computing create new technical, legal and architectural challenges when conducting a forensic investigation. We propose a hypothetical scenario to uncover and explain the challenges forensic practitioners face during cloud investigations. Additionally, we also provide solutions to address the challenges. Our hypothetical case scenario has shown that, in the long run, better live forensic tools, development of new methods tailored for cloud investigations and new procedures and standards are indeed needed. Furthermore, we have come to the conclusion that forensic investigations biggest challenge is not technical but legal.",8,10,107,,Digital evidence; Cloud forensics; Scenario based; Computer security; Computer science; Cloud computing; Digital forensics,,,,Ministry of Science ICT and Future Planning,https://www.mdpi.com/2073-8994/8/10/107/pdf https://dblp.uni-trier.de/db/journals/symmetry/symmetry8.html#LopezMP16 https://doaj.org/article/16744493008a4c63a18fc76483706aef https://ui.adsabs.harvard.edu/abs/2016Symm....8..107M/abstract https://core.ac.uk/display/90726715 https://www.mdpi.com/2073-8994/8/10/107,http://dx.doi.org/10.3390/sym8100107,,10.3390/sym8100107,2538056117,,0,000-360-120-513-679; 001-148-044-584-317; 011-972-444-921-827; 017-708-113-657-756; 019-119-495-482-994; 023-338-081-058-709; 025-319-861-345-580; 027-031-165-049-753; 028-180-038-189-484; 028-290-062-141-840; 029-934-518-651-564; 035-448-415-847-226; 042-767-661-429-064; 047-221-550-114-462; 048-001-521-822-787; 049-977-511-720-26X; 050-032-081-738-330; 052-152-063-024-042; 058-122-722-153-464; 058-631-300-195-90X; 061-960-915-134-527; 074-503-636-433-987; 083-322-626-930-350; 086-091-202-010-191; 086-365-780-774-340; 091-619-263-117-914; 092-655-509-442-333; 100-459-328-094-990; 115-547-184-477-216; 116-798-667-947-625; 121-704-965-852-836; 124-912-663-881-389; 125-371-043-627-395; 144-124-797-675-052; 148-434-515-794-491; 148-732-709-522-772; 156-313-798-378-998; 166-183-210-534-575; 170-108-067-251-840; 171-483-137-477-150; 179-568-985-512-784,10,true,cc-by,gold
082-862-997-118-012,IFIP Int. Conf. Digital Forensics - Identity and Sufficiency of Digital Evidence,2020-08-06,2020,book chapter,Advances in Digital Forensics XVI,18684238; 1868422x,Springer International Publishing,Germany,Michael Losavio,"Digital evidence proffered by prosecutors is subject to the same standards as all other evidence. However, a major concern is that the novelty of digital evidence may lead to less rigor in its application. This chapter discusses issues related to identity and sufficiency of digital evidence, including the need for authenticity and reliability, and concerns about identification via digital evidence.",,,25,36,Internet privacy; Authentication (law); Identity (social science); Novelty; Subject (philosophy); Hearsay; Digital evidence; Computer science; Reliability (statistics); Identification (information),,,,,https://link.springer.com/chapter/10.1007/978-3-030-56223-6_2 https://dblp.uni-trier.de/db/conf/ifip11-9/df2020.html#Losavio20 https://rd.springer.com/chapter/10.1007/978-3-030-56223-6_2,http://dx.doi.org/10.1007/978-3-030-56223-6_2,,10.1007/978-3-030-56223-6_2,3083654635,,0,078-862-713-690-072,0,false,,
083-090-527-338-917,Handbook of Digital Forensics of Multimedia Data and Devices - Forensic Authentication of Digital Audio and Video Files,2015-12-18,2015,book,Handbook of Digital Forensics of Multimedia Data and Devices,,"John Wiley & Sons, Ltd",,Anthony T. S. Ho; Shujun Li,"Requests of a forensic laboratory to conduct authenticity examinations of digital audio and video files are usually based on one or more of the following reasons: legal, investigative or administrative. This chapter discusses the types of common recording devices, digital file formats and evidence requirements. Next, it talks about the physical laboratory facility, and requisite software and equipment. The chapter explains the protocols for conducting scientific authenticity examinations of digital audio and video files, including critical listening and visual reviews, data analysis and temporal/frequency analyses. The protocol used when conducting forensic authenticity examinations of digital audio and video files is based on a number of different analysis steps, as applicable, which are generally categorized as follows: hashing and cloning; playback and conversion optimization; digital data analysis; audio analyses; video analyses; and preparation of work notes. The chapter also talks about the importance of expert testimony, and provides some case examples.",,,133,181,Authentication; Active listening; Software; Digital data; Protocol (science); Computer science; Multimedia; Video processing; Digital audio; Hash function,,,,,https://ieeexplore.ieee.org/document/7394745/ https://onlinelibrary.wiley.com/doi/10.1002/9781118705773.ch4 http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=7394745,http://dx.doi.org/10.1002/9781118705773.ch4,,10.1002/9781118705773.ch4,2549779701,,1,000-780-924-227-038; 002-890-793-739-219; 005-586-408-222-540; 010-994-160-373-874; 015-483-896-467-045; 017-565-646-840-275; 018-172-332-749-013; 019-540-115-676-172; 024-358-770-245-934; 024-369-591-371-584; 026-163-602-249-656; 036-168-951-240-17X; 036-335-162-732-070; 039-614-975-031-707; 042-973-448-134-352; 046-392-586-979-126; 052-371-131-434-386; 055-729-954-340-148; 057-114-681-558-820; 058-068-521-026-069; 073-771-062-484-447; 074-796-013-951-077; 081-327-993-951-268; 082-787-949-974-44X; 087-895-411-431-312; 089-486-184-814-377; 092-417-065-430-628; 106-841-987-129-734; 118-751-612-770-855; 119-542-503-006-191; 126-698-276-806-301; 133-481-090-925-931; 138-870-891-535-969; 140-408-113-219-371; 150-123-603-849-126; 158-623-161-627-789; 161-244-899-151-973; 163-165-789-113-826; 174-557-156-109-888; 181-740-335-341-470; 189-087-169-291-237; 191-088-158-622-324; 198-764-909-499-378,2,false,,
083-237-130-206-338,The Virtual Digital Forensics Lab: Expanding Law Enforcement Capabilities,2008-04-23,2008,,,,,,Sean A. Ensz; Mark R. McCoy,"Law enforcement is attempting to respond to the growing and complex need to examine all manner of digital evidence using stand-alone forensic workstations and limited storage solutions. Digital forensic investigators often find their cases stalled by cumbersome and inflexible technology limiting their effectiveness. The Virtual Digital Forensics Lab (VDFL) is a new concept that applies existing enterprise host, storage, and network virtualization technologies to current forensic investigative methods. This paper details the concept of the VDFL, the technology solutions it employs, and the flexibility it provides for digital forensic investigators.",,,33,38,Engineering; Host (network); Network virtualization; Law enforcement; Flexibility (engineering); Digital evidence; Computer security; Network forensics; Computer forensics; Digital forensics,,,,,https://commons.erau.edu/adfsl/2008/thursday/4/ https://commons.erau.edu/cgi/viewcontent.cgi?article=1052&context=adfsl,https://commons.erau.edu/adfsl/2008/thursday/4/,,,820487181,,0,,0,false,,
083-312-117-071-763,The Advanced Data Acquisition Model (ADAM): A process model for digital forensic practice,,2012,dissertation,,,,,Richard Adams,"Given the pervasive nature of information technology, the nature of evidence presented in court is now less likely to be paper-based and in most instances will be in electronic form . However, evidence relating to computer crime is significantly different from that associated with the more ‘traditional’ crimes for which, in contrast to digital forensics, there are well-established standards, procedures and models to which law courts can refer.; ; The key problem is that, unlike some other areas of forensic practice, digital forensic practitioners work in a number of different environments and existing process models have tended to focus on one particular area, such as law enforcement, and fail to take into account the different needs of those working in other areas such as incident response or ‘commerce’.; ; This thesis makes an original contribution to knowledge in the field of digital forensics by developing a new process model for digital data acquisition that addresses both the practical needs of practitioners working in different areas of the field and the expectation of law courts for a formal description of the process undertaken to acquire digital evidence.; ; The methodology adopted for this research is design science on the basis that it is particularly suited to the task of creating a new process model and an ‘ideal approach’ in the problem domain of digital forensic evidence. The process model employed is the Design Science Research Process (DSRP) (Peffers, Tuunanen, Gengler, Rossi, Hui, Virtanen and Bragge, 2006) that has been widely utilised within information systems research.; ; A review of current process models involving the acquisition of digital data is followed by an assessment of each of the models from a theoretical perspective, by drawing on the work of Carrier and Spafford (2003)1, and from a legal perspective by reference to the Daubert test2. The result of the model assessment is that none provide a description of a generic process for the acquisition of digital data, although a few models contain elements that could be considered for adaptation as part of a new model.; ; Following the identification of key elements for a new model (based on the literature review and model assessment) the outcome of the design stage is a three-stage process model called the Advance Data Acquisition Model (ADAM) that comprises of three UML3 Activity diagrams, overriding Principles and an Operation Guide for each stage. Initial testing of the ADAM (the Demonstration stage from the DSRP) involves a ‘desk check’ using both in-house documentation relating to three digital forensic investigations and four narrative scenarios. The results of this exercise are fed back into the model design stage and alterations made as appropriate.; ; The main testing of the model (the DSRP Evaluation stage) involves independent verification and validation of the ADAM utilising two groups of ‘knowledgeable people’. The first group, the Expert Panel, consists of international ‘subject matter experts’ from the domain of digital forensics. The second group, the Practitioner Panel, consists of peers from around Australia that are digital forensic practitioners and includes a representative from each of the areas of relevance for this research, namely: law enforcement, commerce and incident response. Feedback from the two panels is considered and modifications applied to the ADAM as appropriate.; ; This thesis builds on the work of previous researchers and demonstrates how the UML can be practically applied to produce a generic model of one of the fundamental digital forensic processes, paving the way for future work in this area that could include the creation of models for other activities undertaken by digital forensic practitioners. It also includes the most comprehensive review and critique of process models incorporating the acquisition of digital forensics yet undertaken.",,,,,Subject-matter expert; Engineering; Problem domain; Data science; Design science research; Design science; Digital evidence; Operations research; Process (engineering); Documentation; Digital forensics,,,,,https://researchrepository.murdoch.edu.au/id/eprint/14422/,https://researchrepository.murdoch.edu.au/id/eprint/14422/,,,2678071009,,0,,8,false,,
083-383-986-301-127,e-Forensics - Digital Forensic Analysis on Runtime Instruction Flow,,2011,book chapter,"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering",18678211; 1867822x,Springer Berlin Heidelberg,Germany,Juanru Li; Dawu Gu; Chaoguo Deng; Yuhao Luo,"Computer system’s runtime information is an essential part of the digital evidence. Current digital forensic approaches mainly focus on memory and I/O data, while the runtime instructions from processes are often ignored. We present a novel approach on runtime instruction forensic analysis and have developed a forensic system which collects instruction flow and extracts digital evidence. The system is based on whole-system emulation technique and analysts are allowed to define analysis strategy to improve analysis efficiency and reduce overhead. This forensic approach and system are applicable to binary code analysis, information retrieval and malware forensics.",,,168,178,Overhead (computing); Software engineering; Emulation; Artificial intelligence; Virtual machine; Digital evidence; Binary code analysis; Flow (mathematics); Focus (computing); Computer science; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/eforensics/eforensics2010.html#LiGDL10 https://link.springer.com/chapter/10.1007%2F978-3-642-23602-0_15 https://eudl.eu/doi/10.1007/978-3-642-23602-0_15 https://eudl.eu/pdf/10.1007/978-3-642-23602-0_15 https://rd.springer.com/chapter/10.1007/978-3-642-23602-0_15,http://dx.doi.org/10.1007/978-3-642-23602-0_15,,10.1007/978-3-642-23602-0_15,1024654068,,0,002-633-789-384-681; 022-579-695-699-245; 026-810-683-474-561; 041-277-806-049-882; 073-041-490-800-755; 099-794-122-344-645; 116-772-642-263-870; 134-453-729-069-59X,0,false,,
083-400-942-048-619,Comparative Analysis of Forensic Software on Android-based Blackberry Messenger using NIJ Framework,2018-11-01,2018,journal article,Proceeding of the Electrical Engineering Computer Science  and Informatics,2407439x,Institute of Advanced Engineering and Science,," Riadi; Sunardi Sunardi; Arizona Firdonsyah","Instant Messaging application is the most widely used application all over the world. Blackberry Messenger is a multiplatform instant messaging with lots of features that can be a magnet for many people to use Blackberry Messenger for commiting digital crimes. In the process of investigating digital crime cases, digital evidences are required. To obtain digital evidence, a set of forensic tools are needed to conduct forensic process on physical evidences. The topic of this research is to describe the forensic process and to compare the current forensic tools used based on acquired digital evidences by using method that refers to mobile device forensic guidelines made by the National Institute of Justice (NIJ). The forensic tools used in this research are Magnet AXIOM, Belkasoft Evidence Center, and MOBILedit Forensic Express. The outcome shows that Magnet AXIOM has the highest capability to obtain digital evidences, Belkasoft Evidence Center has superiority in terms of data text acquisition, and MOBILedit Forensic Express has superiority in physical evidence preserving and cloning.",5,1,472,477,Forensic science; Mobile device; Data science; Software; Digital evidence; Instant messaging; Computer science; Android (operating system); Digital forensics,,,,,http://journal.portalgaruda.org/index.php/EECSI/article/view/1615 http://journal.portalgaruda.org/index.php/EECSI/article/download/1615/1128 https://core.ac.uk/download/pdf/296976143.pdf,http://dx.doi.org/10.11591/eecsi.v5.1615,,10.11591/eecsi.v5.1615,2981464727,,0,002-633-335-300-244; 006-700-167-776-341; 055-473-899-043-485; 185-798-265-234-254,0,true,,
083-438-962-366-837,"New Technologies for Digital Crime and Forensics: Devices, Applications, and Software",2011-04-30,2011,book,,,,,Chang-Tsun Li; Anthony T. S. Ho,"Central to understanding and combating digital crime is the ability to develop new methods for the collection and analysis of electronic evidence. New Technologies for Digital Crime and Forensics: Devices, Applications, and Software provides theories, methods, and studies on digital crime prevention and investigation, which are useful to a broad range of researchers and communities. This field is under constant evolution as the nature of digital crime continues to change and new methods for tracking and preventing digital attacks are developed.",,,,,Criminal investigation; Engineering; Emerging technologies; Crime prevention; Software; Field (computer science); Computer security; Computer forensics,,,,,https://researchoutput.csu.edu.au/en/publications/new-technologies-for-digital-crime-and-forensics-devices-applicat https://www.amazon.com/New-Technologies-Digital-Crime-Forensics/dp/1609605152 https://ci.nii.ac.jp/ncid/BB08662156,https://researchoutput.csu.edu.au/en/publications/new-technologies-for-digital-crime-and-forensics-devices-applicat,,,588756128,,0,,1,false,,
083-578-059-674-117,IEEE Symposium on Security and Privacy Workshops - DF-C2M2: A Capability Maturity Model for Digital Forensics Organisations,,2014,conference proceedings article,2014 IEEE Security and Privacy Workshops,,IEEE,,Ebrahim Hamad Al Hanaei; Awais Rashid,"The field of digital forensics has emerged as one of the fastest changing and most rapidly developing investigative specialisations in a wide range of criminal and civil cases. Increasingly there is a requirement from the various legal and judicial authorities throughout the world, that any digital evidence presented in criminal and civil cases should meet requirements regarding the acceptance and admissibility of digital evidence, e.g., Daubert or Frye in the US. There is also increasing expectation that digital forensics labs are accredited to ISO 17025 or the US equivalent ASCLD-Lab International requirements. On the one hand, these standards cover general requirements and are not geared specifically towards digital forensics. On the other hand, digital forensics labs are mostly left with costly piece-meal efforts in order to try and address such pressing legal and regulatory requirements. In this paper, we address these issues by proposing DF-C^2M^2, a capability maturity model that enables organisations to evaluate the maturity of their digital forensics capabilities and identify roadmaps for improving it in accordance with business or regulatory requirements. The model has been developed through consultations and interviews with digital forensics experts. The model has been evaluated by using it to assess the digital forensics capability maturity of a lab in a law enforcement agency.",,,57,60,Engineering management; Agency (sociology); Enforcement; Law enforcement; Digital evidence; Maturity (finance); Computer security; Computer science; Accreditation; Digital forensics; Capability Maturity Model,,,,,http://ieeexplore.ieee.org/document/6957285 https://www.computer.org/csdl/proceedings-article/spw/2014/5103a057/12OmNwCsdIH https://eprints.lancs.ac.uk/id/eprint/69796/ https://www.ieee-security.org/TC/SPW2014/papers/5103a057.PDF https://dblp.uni-trier.de/db/conf/sp/spw2014.html#HanaeiR14 https://ieeexplore.ieee.org/abstract/document/6957285/,http://dx.doi.org/10.1109/spw.2014.17,,10.1109/spw.2014.17,1976109263,,0,020-944-423-224-895; 032-697-093-668-898; 076-578-902-718-395; 111-090-978-711-139; 199-745-676-923-766,10,false,,
083-864-737-085-600,Extension and Evaluation of Guideline Total Support System for Digital Forensics,,2014,conference proceedings,,,,,Takamichi Amano; Ryoichi Sasaki Tetsutaro Uehara,"The recent rise in disputes relating to electromagnetic computer records has prompted the demand for digital forensic tools that can be used to preserve, investigate, and analyze digital evidence. Among the currently available digital forensic publications are the Guidelines for Preservation of Evidence published by the Institute of Digital Forensics, a non-profit organization. However, in the field of digital evidence preservation, speed and accuracy are fundamental requirements. Under such circumstances, working with guidelines in paper media form is difficult for investigators. Therefore, we have developed an application program that supports evidence preservation work by displaying contents based on the Guidelines for Preservation of Evidence on the Android operating system. The system consists of three components: the first is the creation of contents for display on an Android terminal from the paper guidelines, the second is a guideline execution section for first responders, and third is a function that allows the system to generate an output report based on the first two components. In this paper, the authors report on improvements to the first and second components, and the development of the third. Additionally, after applying the complete system to a small trial scenario based on an actual incident, an evaluation of the utility and effectiveness of the system was conducted.",,,50,61,Software engineering; World Wide Web; Guideline; Digital evidence; Support system; Scenario based; Computer science; Wireless; Android (operating system); Digital forensics,,,,,https://sdiwc.net/digital-library/extension-and-evaluation-of-guideline-total-support-system-for-digital-forensics.html,https://sdiwc.net/digital-library/extension-and-evaluation-of-guideline-total-support-system-for-digital-forensics.html,,,2149284531,,0,006-839-535-410-076; 015-023-959-124-895; 121-487-767-415-637; 137-356-705-015-428; 188-659-384-239-209,0,false,,
084-240-004-733-026,Cybercrimes Solutions using Digital Forensic Tools,2015-11-08,2015,journal article,International Journal of Wireless and Microwave Technologies,20761449; 20769539,MECS Publisher,,Dhwaniket Ramesh Kamble; Nilakshi Jain; Swati Deshpande,"The crimes using computers is growing with rapid speed. As computer crimes have hit up to a high mark, the tools used to fight such crimes is budding faster. In today's world the use of Digital Forensics have also become vital. Digital Forensics is a step-by-step process of scientific methods and techniques to investigate crime obtained from digital evidences. For investigating the digital evidence there are many Digital Forensic tools which are used to investigate digital crimes by identifying the digital evidences. The study results in giving the solutions for Digital Forensic tools for investigators looking to spread out their serviceability in using Digital Forensic tools.",5,6,11,18,Engineering; Digital evidence; Serviceability (computer); Computer security; Process (engineering); Computer forensics; Digital forensics,,,,,http://www.mecs-press.org/ijwmt/ijwmt-v5-n6/v5n6-2.html http://www.mecs-press.org/ijwmt/ijwmt-v5-n6/IJWMT-V5-N6-2.pdf,http://dx.doi.org/10.5815/ijwmt.2015.06.02,,10.5815/ijwmt.2015.06.02,2198066681,,0,092-733-362-703-818,2,true,,bronze
084-473-799-141-231,Digital Forensic Analysis of Cybercrimes: Best Practices and Methodologies,,2017,journal article,International Journal of Information Security and Privacy,19301650; 19301669,IGI Global,United Kingdom,Regner Sabillon; Jordi Serra-Ruiz; Víctor Cavaller; Jeimy J. Cano,"This paper reviews the existing methodologies and best practices for digital investigations phases like collecting, evaluating and preserving digital forensic evidence and chain of custody of cybercrimes. Cybercriminals are adopting new strategies to launch cyberattacks within modified and ever changing digital ecosystems, this article proposes that digital investigations must continually readapt to tackle cybercrimes and prosecute cybercriminals, working in international collaboration networks, sharing prevention knowledge and lessons learned. The authors also introduce a compact cyber forensics model for diverse technological ecosystems called Cyber Forensics Model in Digital Ecosystems CFMDE. Transferring the knowledge, international collaboration, best practices and adopting new digital forensic tools, methodologies and techniques will be hereinafter paramount to obtain digital evidence, enforce organizational cybersecurity policies, mitigate security threats, fight anti-forensics practices and indict cybercriminals. The global Digital Forensics community ought to constantly update current practices to deal with cybercriminality and foreseeing how to prepare to new technological environments where change is always constant.",11,2,25,37,Chain of custody; Best practice; Cybercrime; Digital evidence; Computer security; Computer science; Computer forensics; Digital forensics,,,,,https://doi.org/10.4018/IJISP.2017040103 https://dl.acm.org/doi/10.4018/IJISP.2017040103 https://www.ideas.repec.org/a/igg/jisp00/v11y2017i2p25-37.html https://dl.acm.org/citation.cfm?id=3077898 http://services.igi-global.com/resolvedoi/resolve.aspx?doi=10.4018/IJISP.2017040103 https://dblp.uni-trier.de/db/journals/ijisp/ijisp11.html#SabillonSCC17 https://www.igi-global.com/article/digital-forensic-analysis-of-cybercrimes/178643,http://dx.doi.org/10.4018/ijisp.2017040103,,10.4018/ijisp.2017040103,2594254612,,0,012-459-130-312-50X; 020-944-423-224-895; 021-850-998-857-676; 024-381-049-056-789; 028-180-038-189-484; 028-828-573-289-865; 028-874-299-732-939; 030-634-360-648-226; 032-697-093-668-898; 038-668-970-194-854; 041-026-099-291-867; 045-645-917-018-028; 047-630-600-014-492; 050-612-532-454-179; 057-705-375-581-007; 067-950-012-629-210; 092-506-898-894-624; 101-914-860-452-14X; 111-090-978-711-139; 127-948-386-055-225; 132-355-634-397-986; 133-397-275-695-990; 138-421-957-980-413; 140-821-103-436-654; 143-562-788-834-457; 170-299-458-679-224; 177-696-123-391-61X; 190-065-821-748-92X; 199-172-967-270-034,8,false,,
084-664-495-486-822,Forensic Digital Image Processing: Optimization of Impression Evidence,2018-03-20,2018,book,,,,,Brian E. Dalrymple; E. Jill Smith,"The digital revolution over the past several decades has advanced every facet of evidence detection, photography, optimization, and interpretation. Forensic scientists and practitioners have benefited tremendously from the move from film to digital. With proper procedures in place, digital images and casework capabilities have increased tremendously in both complexity and range due to a vast array of tools to enhance evidence and photography. ; Forensic Digital Image Processing: Optimization of Impression Evidence provides the forensic investigator with the tools and understanding to extract, optimize, and interpret the maximum evidence possible from crime scenes to increase identifications. The book begins by examining the emergence of forensic digital image processing, and the gradual improvement and acceptance of the science over the past four decades. Coverage includes looking at the issues of image integrity and authentication including forensic image optimization and the manipulation of images.　 Chapters explore techniques exploiting color theory, modes, and channels to optimize signal-to-noise ratio in images.; One of the greatest assets of digital image technology is the ability to combine multiple images of the same subject to create a final, blended image: one that displays the desired evidence and is especially useful for fingerprint or footwear impression. Later chapters demonstrate image subtraction, focus stacking, and high dynamic range, utilizing images in optimum focus and with substrate interference diminished or removed entirely. The authors look at fast Fourier transform as an optimal tool for noise removal, addressing basic theory and diagnosis of the noise signatures. The book discusses the history of digital imaging techniques and their treatment within the court system.; Forensic Digital Image Processing: Optimization of Impression Evidence serves as an invaluable resource and tool for practicing professionals–as well as those new to the field—to look at best practices, the latest technology, and advances in utilizing the increasing array of tools of the trade.",,,,,Digital image processing; Digital imaging; Photography; Focus stacking; Authentication (law); Crime scene; Digital Revolution; Computer science; Digital image; Multimedia,,,,,https://www.amazon.com/Forensic-Digital-Image-Processing-Optimization/dp/1498743439 https://www.taylorfrancis.com/books/mono/10.4324/9781351112239/forensic-digital-image-processing-brian-dalrymple-jill-smith https://www.taylorfrancis.com/books/9781351112239 https://openlibrary.org/books/OL28915911M/Forensic_Digital_Image_Processing,https://www.amazon.com/Forensic-Digital-Image-Processing-Optimization/dp/1498743439,,,2889185177,,0,,1,false,,
084-871-301-547-140,"ARES - The ""Explore, Investigate and Correlate' (EIC) Conceptual Framework for Digital Forensics Information Visualisation",,2010,conference proceedings article,"2010 International Conference on Availability, Reliability and Security",,IEEE,,Grant Osborne; Benjamin Turnbull; Jill Slay,"Establishing effective and novel techniques that are able to represent digital evidence in an efficient and understandable manner to investigators is a significant challenge within the digital forensics domain. Current tools and techniques do not scale well with the increasing volumes of evidence required for analysis. This paper defines a high-level conceptual framework to address issues surrounding scalability and comprehension of digital evidence. The aim of the Explore, Investigate and Correlate (EIC) framework is to provide a set of streamlined processes and tasks that enable digital evidence to be presented in a manner that can be rapidly understood, easily focused and to minimize the overall workload of a forensic analyst.",,,629,634,Conceptual framework; Domain (software engineering); Data visualization; Information visualization; Data science; Digital evidence; Computer science; Scalability; Computer forensics; Digital forensics,,,,,http://dx.doi.org/10.1109/ARES.2010.74 https://doi.org/10.1109/ARES.2010.74 https://dblp.uni-trier.de/db/conf/IEEEares/ares2010.html#OsborneTS10 http://ieeexplore.ieee.org/document/5438026/ http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000005438026 https://ieeexplore.ieee.org/document/5438026/,http://dx.doi.org/10.1109/ares.2010.74,,10.1109/ares.2010.74,2053961291,,0,006-019-193-374-154; 011-305-212-011-315; 012-349-270-120-879; 018-183-299-147-515; 027-127-606-316-324; 035-448-415-847-226; 041-978-387-804-100; 043-395-009-848-761; 050-000-944-827-798; 055-590-023-850-939; 056-386-235-841-645; 062-054-192-940-331; 076-559-907-569-735; 083-751-031-809-821; 088-400-884-660-771; 089-048-294-489-077; 106-054-633-069-866; 123-463-738-100-093; 123-707-719-752-131; 128-101-595-890-350; 144-391-958-518-741; 144-837-804-461-424,6,false,,
084-910-509-998-37X,Forensic Analysis in the Digital World.,,2002,journal article,International Journal of Digital Evidence,,,,Gary L. Palmer,,1,,,,Forensic science; Data science; Computer science; Computer forensics,,,,,https://dblp.uni-trier.de/db/journals/ijde/ijde1.html#Palmer02 https://www.utica.edu/academic/institutes/ecii/publications/articles/9C4E938F-E3BE-8D16-45D0BAD68CDBE77.doc,https://dblp.uni-trier.de/db/journals/ijde/ijde1.html#Palmer02,,,88580462,,0,,26,false,,
085-253-666-115-752,The Necessity of Developing an Digital Evidence Ontology,2012-05-06,2012,,,,,,Jasmin Ćosić; Zoran Ćosić,"The aim of this paper is to highlight the problems encountered by investigators in the pursuit of  forensic investigations of digital devices, primarily because of misunderstanding or false understanding of certain important concepts. An ontology of digital evidence was proposed as one of possible method suitable as a solution of this problem.",,,,,Chain of custody; Process ontology; Ontology (information science); Data science; Digital evidence; Computer science; Knowledge management,,,,,,,,,2239042930,,0,,0,false,,
085-553-225-309-716,WDFIA - Towards Requirements for a Case Preparation Support System Based on Digital Evidence,,2009,book,,,,,Maximilian Bielecki; Gerald Quirchmayr,"This paper describes an approach for presentation and argumentation support systems within a legal IT forensic case. The first part is dedicated to a very short analysis of the current legal situation in the context of Austrian laws and regulations. This analysis is followed by a discussion about gathering digital evidence, which provides the basis for the entire argumentation process. The paper then continues with the presentation of our approach towards developing an automated expert software tool for supporting the generation of an argumentation strategy needed for taking a case to court. The core aim of this paper is to demonstrate the need for a tool which is capable of preparing an IT forensic case based on the digital evidence provided by forensic specialists. The results have to be presented in an understandable way so that also people who are not specialised within this kind of forensics can understand the produced results and work with them.",,,42,52,Data mining; Engineering; Work (electrical); Data science; Presentation; Context (language use); Digital evidence; Support system; Software tool; Argumentation process; Argumentation theory,,,,,https://dblp.uni-trier.de/db/conf/wdfia/wdfia2009.html#BieleckiQ09 http://www.cscan.org/openaccess/?paperid=66,http://www.cscan.org/openaccess/?paperid=66,,,2182393445,,0,122-880-373-616-302; 165-770-474-971-736,1,false,,
085-666-602-084-614,KES - Semantic Representation and Integration of Digital Evidence,,2013,journal article,Procedia Computer Science,18770509,Elsevier BV,,Spyridon Dosis; Irvin Homem; Oliver Popov,"The ever-increasing complexity and sophistication of computer and network attacks challenge society's dependability on digital infrastructure. Digital investigations recover and reconstruct the digital trails of such events and may employ practices from various subfields (computer, network forensics), each with its own set of techniques and tools. Integration of evidence from heterogeneous sources of data (e.g. disk images, network packet captures, logs) is often a manual and time- consuming process relying significantly on the investigator's expertise. In this paper, we propose and develop an approach, based on the Semantic Web framework, for ontologically representing and integrating digital evidence. The presented approach enhances existing forensic analysis techniques by providing partial and eventually full automation of the investigative process.",22,,1266,1275,Forensic science; Network packet; Knowledge representation and reasoning; Information system; Semantic Web; Data science; Digital evidence; Computer science; Process (engineering); Network forensics; Dependability,,,,,https://doi.org/10.1016/j.procs.2013.09.214 https://dblp.uni-trier.de/db/conf/kes/kes2013.html#DosisHP13 https://core.ac.uk/display/82030201 http://su.diva-portal.org/smash/record.jsf?pid=diva2%3A676278 http://www.sciencedirect.com/science/article/pii/S1877050913010077 http://www.diva-portal.org/smash/record.jsf?pid=diva2:676278 https://www.sciencedirect.com/science/article/pii/S1877050913010077 https://core.ac.uk/download/pdf/82030201.pdf,http://dx.doi.org/10.1016/j.procs.2013.09.214,,10.1016/j.procs.2013.09.214,1985620065,,0,006-008-915-210-060; 011-051-740-313-213; 014-012-834-363-307; 019-831-293-743-518; 024-559-797-435-528; 024-735-069-822-749; 030-758-631-051-726; 033-877-222-136-260; 038-793-093-462-716; 061-549-181-856-861; 085-958-650-852-408; 104-758-205-558-797; 132-081-686-366-385; 134-927-490-231-285; 178-883-713-153-793; 180-327-460-336-608; 184-948-841-629-735,18,true,,gold
085-816-961-933-906,Temporal Forensics and Anti-Forensics for Motion Compensated Video,,2012,journal article,IEEE Transactions on Information Forensics and Security,15566013; 15566021,Institute of Electrical and Electronics Engineers (IEEE),United States,Matthew C. Stamm; W. S. Lin; K.J.R. Liu,"Due to the ease with which digital information can be altered, many digital forensic techniques have been developed to authenticate multimedia content. Similarly, a number of anti-forensic operations have recently been designed to make digital forgeries undetectable by forensic techniques. However, like the digital manipulations they are designed to hide, many anti-forensic operations leave behind their own forensically detectable traces. As a result, a digital forger must balance the trade-off between completely erasing evidence of their forgery and introducing new evidence of anti-forensic manipulation. Because a forensic investigator is typically bound by a constraint on their probability of false alarm (P_fa), they must also balance a trade-off between the accuracy with which they detect forgeries and the accuracy with which they detect the use of anti-forensics. In this paper, we analyze the interaction between a forger and a forensic investigator by examining the problem of authenticating digital videos. Specifically, we study the problem of adding or deleting a sequence of frames from a digital video. We begin by developing a theoretical model of the forensically detectable fingerprints that frame deletion or addition leaves behind, then use this model to improve upon the video frame deletion or addition detection technique proposed by Wang and Farid. Next, we propose an anti-forensic technique designed to fool video forensic techniques and develop a method for detecting the use of anti-forensics. We introduce a new set of techniques for evaluating the performance of anti-forensic operations and develop a game theoretic framework for analyzing the interplay between a forensic investigator and a forger. We use these new techniques to evaluate the performance of each of our proposed forensic and anti-forensic techniques, and identify the optimal actions of both the forger and forensic investigator.",7,4,1315,1329,Frame (networking); Forensic science; Message authentication code; Set (psychology); Information retrieval; False alarm; Computer security; Computer science; Computer forensics; Data compression; Digital forensics,,,,,http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000006222325 https://dblp.uni-trier.de/db/journals/tifs/tifs7.html#StammLL12 http://dx.doi.org/10.1109/TIFS.2012.2205568 https://ieeexplore.ieee.org/document/6222325/ https://dl.acm.org/doi/10.1109/TIFS.2012.2205568 https://www.infona.pl/resource/bwmeta1.element.ieee-art-000006222325 https://dx.doi.org/10.1109/TIFS.2012.2205568 http://ieeexplore.ieee.org/document/6222325/ http://sig.umd.edu/publications/Stamm_TIFS_201208.pdf,http://dx.doi.org/10.1109/tifs.2012.2205568,,10.1109/tifs.2012.2205568,2016828421,,0,006-715-003-756-565; 012-624-635-540-803; 015-717-506-603-742; 018-172-332-749-013; 023-624-827-239-301; 024-242-565-906-946; 024-793-013-451-77X; 031-876-583-652-183; 040-639-509-253-00X; 041-796-476-831-023; 045-294-718-031-754; 051-035-217-903-949; 055-256-082-961-475; 056-148-934-103-963; 068-413-789-098-79X; 077-218-726-181-521; 079-709-089-662-769; 083-097-133-928-799; 092-522-060-753-940; 106-688-419-298-857; 120-453-234-664-794; 122-164-403-164-304; 135-262-782-091-897; 140-408-113-219-371; 166-999-959-693-14X,162,true,,green
085-823-606-855-734,MIPRO - Competencies and skills needed for digital forensic trainer,,2015,conference proceedings article,"2015 38th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO)",,IEEE,,D. Foit; J. Vukalovic; K. Hausknecht,"Today we live in a time where everything is digitalized and technology moves rapidly forward. This big technology progress is closely linked to increase of cybercrime. In an effort to fight e-crime and to collect relevant digital evidence, law enforcement agencies are incorporating the collection and analysis of digital evidence, also known as computer forensics, into their infrastructure. They are challenged by the need to train officers and specialists to collect digital evidence and keep up with rapidly evolving technologies such as computer operating systems and mobile devices. With a lack of resources to send new people to the trainings, very often recently trained officers and experts become trainers to their colleagues. This role demands specific competencies and skills that can be learned on specialized courses. Based on an empirical analysis done on specimen of 20 experienced digital forensic specialists, this paper shows results of this research, offers explanation of competencies and skills needed for digital forensic trainer and helps law enforcement agencies to recognize potential trainers in their ranks, and helps them in their fight with the e-crime.",,,1376,1381,Mobile device; Data science; Cybercrime; Law enforcement; Trainer; Digital evidence; Computer science; Multimedia; Computer forensics; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/mipro/mipro2015.html#FoitVH15 https://ieeexplore.ieee.org/document/7160489/,http://dx.doi.org/10.1109/mipro.2015.7160489,,10.1109/mipro.2015.7160489,1576621636,,0,039-283-948-801-805; 193-144-851-984-75X,1,false,,
086-153-084-433-759,ICCST - A Digital Triage Forensics framework of Window malware forensic toolkit: Based on ISO/IEC 27037:2012,,2015,conference proceedings article,2015 International Carnahan Conference on Security Technology (ICCST),,IEEE,,Da-Yu Kao; Guan-Jie Wu,"The rise of malware attack and data leakage is putting the Internet at a higher risk. Digital forensic examiners responsible for cyber security incident need to continually update their processes, knowledge and tools due to changing technology. These attack activities can be investigated by means of Digital Triage Forensics (DTF) methodologies. DTF is a procedural model for the crime scene investigation of digital forensic applications. It takes place as a way of gathering quick intelligence, and presents methods of conducting pre/post-blast investigations. A DTF framework of Window malware forensic toolkit is further proposed. It is also based on ISO/IEC 27037: 2012 — guidelines for specific activities in the handling of digital evidence. The argument is made for a careful use of digital forensic investigations to improve the overall quality of expert examiners. This solution may improve the speed and quality of pre/post-blast investigations. By considering how triage solutions are being implemented into digital investigations, this study presents a critical analysis of malware forensics. The analysis serves as feedback for integrating digital forensic considerations, and specifies directions for further standardization efforts.",,,217,222,The Internet; Software engineering; Crime scene; Standardization; Digital evidence; Computer security; Computer science; Network forensics; Malware; Computer forensics; Digital forensics,,,,,http://ieeexplore.ieee.org/document/7389685/ https://ieeexplore.ieee.org/document/7389685/ https://dblp.uni-trier.de/db/conf/iccst/iccst2015.html#KaoW15,http://dx.doi.org/10.1109/ccst.2015.7389685,,10.1109/ccst.2015.7389685,2281088515,,0,000-031-956-664-082; 002-633-789-384-681; 002-856-570-549-435; 017-815-064-018-299; 019-831-293-743-518; 025-403-345-898-084; 035-828-698-958-94X; 041-805-592-234-965; 047-630-600-014-492; 050-406-358-554-387; 074-299-373-252-299; 085-138-340-371-322; 096-993-850-376-090; 149-798-016-481-910; 156-319-343-115-38X; 168-819-441-615-181,1,false,,
086-161-291-588-657,Computer Forensics and Digital Investigation with EnCase Forensic v7,2014-05-28,2014,book,,,,,Suzanne Widup,"Conduct repeatable, defensible investigations with EnCase Forensic v7 Maximize the powerful tools and features of the industry-leading digital investigation software. Computer Forensics and Digital Investigation with EnCase Forensic v7 reveals, step by step, how to detect illicit activity, capture and verify evidence, recover deleted and encrypted artifacts, prepare court-ready documents, and ensure legal and regulatory compliance. The book illustrates each concept using downloadable evidence from the National Institute of Standards and Technology CFReDS. Customizable sample procedures are included throughout this practical guide. Install EnCase Forensic v7 and customize the user interface Prepare your investigation and set up a new case Collect and verify evidence from suspect computers and networks Use the EnCase Evidence Processor and Case Analyzer Uncover clues using keyword searches and filter results through GREP Work with bookmarks, timelines, hash sets, and libraries Handle case closure, final disposition, and evidence destruction Carry out field investigations using EnCase Portable Learn to program in EnCase EnScript",,,,,Software engineering; Engineering; World Wide Web; Encryption; Set (abstract data type); Software; Field (computer science); Filter (software); Computer forensics; User interface; Hash function,,,,,https://dl.acm.org/citation.cfm?id=2823955 https://www.amazon.com/Computer-Forensics-Digital-Investigation-Forensic/dp/0071807918,https://www.amazon.com/Computer-Forensics-Digital-Investigation-Forensic/dp/0071807918,,,2760899636,,0,,3,false,,
086-772-265-875-364,Evidence Based Reconstruction for Digital Forensics,2022-07-15,2022,journal article,Advances in Multidisciplinary and scientific Research Journal Publication,24888699,Creative Research Publishers,,Ellen Akongwin Abanga,"<jats:p>Evidence based reconstruction may often be even more illuminating than other traditional evidence gathering strategies, but it is also extremely delicate and unpredictable due to the fact that evidence may not always be conclusive. The integrity of digital evidence is therefore extremely important, particularly when it comes from allegedly unlawful, illegitimate, or harmful activity. Regardless of the good or bad consequences of the acts and activities that created the evidence, the capture and reconstruction of events are critical to the operation of the digital world. Owing to the lack of skill and knowledge of digital forensics in Ghana, it creates a susceptible environment for criminals to continue their operations while avoiding prosecution due to a lack of evidence to prosecute them. The reconstruction of occurrences based on evidence is considered an eminent need for Africa and for that matter Ghana. Hence, the need for well-defined and advanced knowledge in evidence based reconstruction in digital forensics investigation to bridge the gap currently existing. This paper reviews literature on the concept of evidence based reconstruction as a means to advance knowledge on its relevance to the Africa region and Ghana for that matter. This would help forensics investigators to better understand the need for focus on using digital tools for reconstruction and focusing on evidence driven activities in case of crime and investigations. Finally, this paper presents an elaborated view from a literature point of view over the evidence based reconstruction and also helps other fellow colleagues in their quest to further understand the concept.   Keywords: Evidence, Reconstruction, Digital evidence, Digital forensics, Investigation.</jats:p>",1,1,185,190,Digital evidence; Digital forensics; Relevance (law); Empirical evidence; Crime scene; Computer science; Data science; Best evidence; Internet privacy; Computer security; Psychology; Political science; Criminology; Epistemology; Law; Medicine; Philosophy; Family medicine,,,,,,http://dx.doi.org/10.22624/aims/crp-bk3-p30,,10.22624/aims/crp-bk3-p30,,,0,,0,true,,bronze
086-891-420-750-310,CRC - Digital Evidence Case Management Tool for Collaborative Digital Forensics Investigation,2021-01-29,2021,conference proceedings article,2021 3rd International Cyber Resilience Conference (CRC),,IEEE,,Vimal Raj Silvarajoo; Shu Yun Lim; Paridah Daud,"Digital forensics investigation process begins with the acquisition, investigation until the presentation of investigation findings. Investigators are required to manage bits and pieces of digital evidence in the cloud and to correlate with evidence found in physical machines and network. The process could be made easy with a proper case management tool that is hosted in the web. The challenge of maintaining chain of custody, determining access to evidence, assignment of forensics investigator could be overcome when digital evidence is fully integrated in a single platform. Our proposed case management tool streamlines information gathering and integrates information on different platforms, shares information, tracks cases, and uploads data directly into a database. In addition, the case management tool facilitates the collaboration of investigators through sharing of forensics findings. These features allow case owner or administrator to track and monitor investigation progress in a forensically sound manner.",,,1,4,Chain of custody; Data science; Presentation; Resilience (network); Digital evidence; Computer science; Process (engineering); Upload; Cloud computing; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/crc2/crc2021.html#SilvarajooLD21,http://dx.doi.org/10.1109/crc50527.2021.9392497,,10.1109/crc50527.2021.9392497,3152507618,,0,016-316-214-363-950; 024-462-843-796-80X; 030-858-457-088-176; 049-977-511-720-26X; 067-950-012-629-210; 080-196-042-005-758; 114-454-611-706-935; 134-927-490-231-285; 136-667-855-189-193,1,false,,
087-597-848-929-337,Awareness and Understanding of Computer Forensics in the Ghana Legal System,2014-03-26,2014,journal article,International Journal of Computer Applications,09758887,Foundation of Computer Science,,Michael AdjeiFrempong; Kamal Kant Hiran,"era of Technological age also called digital age, most transactions are conducted electronically. This modern-day paradigm makes way for the possibility of harmful unanticipated information security breaches of both civil and criminal nature. However, there is a tremendous knowledge gap in the legal system concerning computer/digital forensics with respect to digital evidence. Courtroom and Legal issues relevant to computer/digital forensics are extensive and differs with respect to procedural evidence rules that ensure reliability of the evidence so produced in the court of law for fair adjudication. Electronic evidence is very fundamental to the successful handling of cases related to such information security breaches. This paper on the impact of awareness and understanding of computer/digital forensics in the Ghana Legal System especially Judges, with regards to the electronic evidence, laws and jurisprudence covered twenty (20) superior Judges. The findings revealed a gap between the Judges and issues on computer forensics which if not looked at may create problems in relation to the influx of computer related crimes.",89,20,54,59,Internet privacy; Civil law (legal system); Adjudication; Relation (database); Digital evidence; Computer security; Computer science; Information security; Computer forensics; Jurisprudence; Digital forensics,,,,,http://ui.adsabs.harvard.edu/abs/2014IJCA...89t..54A/abstract https://research.ijcaonline.org/volume89/number20/pxc3894640.pdf https://www.ijcaonline.org/archives/volume89/number20/15752-4640,http://dx.doi.org/10.5120/15752-4640,,10.5120/15752-4640,2165564806,,0,048-645-419-219-088; 052-320-348-197-350; 086-103-316-225-727; 087-348-393-776-727; 098-323-575-091-372; 119-385-247-230-234; 124-038-348-278-602; 140-402-089-386-286; 199-172-967-270-034,3,true,,bronze
087-648-388-748-494,A Survey on Digital Forensic Investigation Practitioners Approach and Challenges,2021-06-25,2021,journal article,International Journal for Research in Applied Science and Engineering Technology,23219653,International Journal for Research in Applied Science and Engineering Technology (IJRASET),,Sachin Babulal Jadhav,"<jats:p>Digital crimes are taking place over the entire world. For any digital crime which commit at any part of world, computer or any electronic devices are used. The devices which are used to commit the crime are useful evidences which must be identified and protected for further use. The crimes involving electronic devices are called as cyber-crime. To investigate such crimes, a scientific procedures needs to be followed. The data collection, analysis, preservation and presentation of digital evidence is must in order investigate the cybercrime. This paper highlights the practices that are used worldwide in the investigation process of cyber-crime. Keywords: Digital Forensics, Analysis, Investigation, models of investigation.</jats:p>",9,VI,2733,2736,Data science; Digital forensic investigation; Computer science,,,,,http://dx.doi.org/10.22214/ijraset.2021.35544,http://dx.doi.org/10.22214/ijraset.2021.35544,,10.22214/ijraset.2021.35544,3173190289,,0,020-226-264-847-537; 025-319-861-345-580; 091-008-187-932-075; 130-726-198-049-287,0,true,,gold
087-665-408-966-240,Defining event reconstruction of digital crime scenes.,,2004,journal article,Journal of forensic sciences,00221198,Wiley-Blackwell,United States,Brian D. Carrier; Eugene H. Spafford,"Event reconstruction plays a critical role in solving physical crimes by explaining why a piece of physical evidence has certain characteristics. With digital crimes, the current focus has been on the recognition and identification of digital evidence using an object's characteristics, but not on the identification of the events that caused the characteristics. This paper examines digital event reconstruction and proposes a process model and procedure that can be used for a digital crime scene. The model has been designed so that it can apply to physical crime scenes, can support the unique aspects of a digital crime scene, and can be implemented in software to automate part of the process. We also examine the differences between physical event reconstruction and digital event reconstruction.",49,6,1291,1298,Human–computer interaction; Artificial intelligence; Crime scene; Event reconstruction; Software; Digital evidence; Computer vision; Object (philosophy); Focus (computing); Computer science; Computer forensics; Identification (information),,"Forensic Medicine/methods; Humans; Image Processing, Computer-Assisted",,,http://europepmc.org/abstract/MED/15568702 https://www.astm.org/DIGITAL_LIBRARY/JOURNALS/FORENSIC/PAGES/JFS2004127.htm https://dialnet.unirioja.es/servlet/articulo?codigo=1044303 http://www.astm.org/doiLink.cgi?JFS2004127 https://www.ncbi.nlm.nih.gov/pubmed/15568702 https://pubmed.ncbi.nlm.nih.gov/15568702/ https://www.cerias.purdue.edu/assets/pdf/bibtex_archive/bibtex_archive/2004-37.pdf,https://www.ncbi.nlm.nih.gov/pubmed/15568702,15568702,,2163422513,,0,001-009-008-665-240; 005-859-821-142-158; 016-004-336-259-323; 034-916-306-834-918; 085-379-403-609-164; 114-791-371-428-899; 140-730-540-277-926; 150-516-083-469-599; 158-483-743-440-402; 199-745-676-923-766,63,false,,
087-707-570-810-132,SADFE - Implications of Attorney Experiences with Digital Forensics and Electronic Evidence in the United States,,2008,book,2008 Third International Workshop on Systematic Approaches to Digital Forensic Engineering,,IEEE,,Michael Losavio; Deborah Keeling; Adel Elmaghraby; George E. Higgins; J. Shutt,"The experiences of lawyers with electronic evidence and digital forensics are examined. The assessment indicates disparate experiences based on case type as to 1) the use of different types of electronic evidence, 2) disputes over that use and 3) utilization of digital forensics experts. Further study indicates use of electronic evidence continues to increase, from which we infer increased challenges to the reliability of digital forensic testimony.",,,79,90,Internet privacy; The Internet; Engineering; Electronic mail; Computer forensics; Digital forensics,,,,,https://ieeexplore.ieee.org/document/4545369/ http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000004545369 https://www.computer.org/csdl/proceedings-article/sadfe/2008/3171a079/12OmNwMFMi3 https://dblp.uni-trier.de/db/conf/sadfe/sadfe2008.html#LosavioKEHS08 http://ieeexplore.ieee.org/iel5/4545351/4545352/04545369.pdf https://doi.ieeecomputersociety.org/10.1109/SADFE.2008.11,http://dx.doi.org/10.1109/sadfe.2008.11,,10.1109/sadfe.2008.11,2130599125,,0,049-478-158-688-10X; 065-616-911-667-484; 076-446-481-036-18X; 101-815-143-609-825,1,false,,
087-802-653-164-16X,An Optimistic Approach for Implementing a Forensic Systems for Android Devices based on Cloud,,2015,,,,,,Richa Singh; Saurabh Gupta,"During these days the demand of the smart phones continues to grow, due to this a lot of security problems are arises. Cybercrime is very familiar.Cybercrime increases dramatically in recent years and investigators have been facing the problem of acceptability of digital evidence on smart phones. To remove this problem, we must collect evidence by digital forensics techniques and analyse the digital data, or recover the damaged data in the phones. Our design is based on guidelines from the National Institute of Standards and Technology to ensure the effectiveness of digital evidence and credibilityof the evidence on judicial review. The alteration of original evidence source in smart phones are minimized by using cloud computing platform which select proper forensic software to storethe forensic results.",,,,,Engineering; World Wide Web; Software; Digital data; Cybercrime; Digital evidence; Computer security; Judicial review; Android (operating system); Cloud computing; Digital forensics,,,,,,,,,2559281293,,0,017-815-064-018-299; 027-596-318-311-424; 052-152-063-024-042; 092-470-623-967-183; 134-927-490-231-285; 154-778-607-714-379,0,false,,
088-082-886-974-394,Trace Map Model for Forensic Investigation Process,,2010,,,,,,Roslan Irda; Y. Robiah; Mas'ud Mohd Zaki; Selamat Siti Rahayu; Abdollah Mohd Faizal,"Over the last decade, the number of crimes that involve computers has grown, spurring an increase in companies and products that aim to assist law enforcement in using computer-based evidence to determine the who, what, where, when, and how for crimes. As a result,.computer and network forensics has evolved to assure proper presentation of computer crime evidentiary data into court. The role of forensic become highly important to get digital evidence since it still lack of standard on the investigation procedures and more on conceptual description. Furthermore, the main challenge in the investigation process is the cross referencing and linking, and identification of the origin of the crime scene or the location of the incident or crime originated. Hence, the aim of this research is to formulate a mapping of evidence traces for digital forensic investigation process that focuses on malware intrusion to assist the investigator on investigating the digital incident or crime; By doing this, it should help the investigator tracing effective evidence in order to acquire complete evidence.",,,,,Engineering; Crime scene; Presentation; Law enforcement; Digital evidence; Computer security; Process (engineering); Network forensics; Malware; Identification (information),,,,,,,,,2216124762,,0,,0,false,,
089-048-294-489-077,SADFE - Technical challenges and directions for digital forensics,,,book,First International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'05),,IEEE Comput. Soc,,George M. Mohay,"Digital forensics is concerned with the investigation of any suspected crime or misbehaviour that may be manifested by digital evidence. The digital evidence may be manifest in various forms. It may be manifest on digital electronic devices or computers that are simply passive repositories of evidence that documents the activity, or it may consist of information or meta-information resident on the devices or computers that have been used to actually facilitate the activity, or that have been targeted by the activity. In each of these three cases, we have recorded digital evidence of the activity. This paper examines some recent advances in digital forensics and some important emerging challenges. It considers the following topics: tools and their evolution; the implications of large volumes of data; the impact of embedded and special-purpose computer systems; corporate governance and its implications for 'forensic readiness'; and the role of forensics in securing the Internet.",,,155,164,Internet privacy; The Internet; Engineering; Legislation; Digital evidence; Computer security; Corporate governance; Computer forensics; Digital forensics,,,,,https://www.computer.org/csdl/proceedings-article/sadfe/2005/24780155/12OmNvUaNrx https://ieeexplore.ieee.org/document/1592529/ https://dblp.uni-trier.de/db/conf/sadfe/sadfe2005.html#Mohay05 https://eprints.qut.edu.au/25308/ http://ieeexplore.ieee.org/document/1592529/,http://dx.doi.org/10.1109/sadfe.2005.24,,10.1109/sadfe.2005.24,2536999591,,0,004-026-427-749-880; 030-758-631-051-726; 042-230-817-975-353; 055-336-490-747-486; 059-776-523-454-271; 083-576-133-771-97X; 090-897-291-421-511; 103-327-744-686-658; 132-606-928-404-807; 158-483-743-440-402; 159-639-976-080-289; 167-592-705-831-583,57,false,,
089-380-540-556-832,Forensic Inspection of Sensitive User Data and Artifacts from Smartwatch Wearable Devices,2019-06-10,2019,journal article,Journal of forensic sciences,15564029; 00221198,Wiley-Blackwell,United States,Nicole R. Odom; Jesse M. Lindmar; John Hirt; Josh Brunty,"Wearable devices allow users the ability to leave mobile phones behind while remaining connected to the digital world; however, this creates challenges in the examination, acquisition, identification, and analysis of probative data. This preliminary research aims to provide an enhanced understanding of where sensitive user data and forensic artifacts are stored on smartwatch wearable devices, both through utilization as a connected and standalone device. It also provides a methodology for the forensically sound acquisition of data from a standalone smartwatch wearable device. The results identify significant amounts of data on the SamsungTM Gear S3 Frontier, greater than that stored on the companion mobile phone. An Apple Watch Series 3 manual examination method which produces native screenshots was identified; however, the companion mobile phone was found to store the greatest amount of data. As a result of this research, a data extraction tool for the SamsungTM Gear S3 Frontier was created.",64,6,1673,1686,Human–computer interaction; Wearable computer; Mobile phone; Data extraction; Smartwatch; Computer science; Data recovery; Wearable technology; Mobile device forensics; Digital forensics,data recovery; digital forensics; forensic artifacts; forensic science; internet of things; mobile forensics; smartwatch wearable devices,Artifacts; Computer Security; Forensic Sciences; Humans; Information Storage and Retrieval; Smartphone; Wearable Electronic Devices,,,https://dialnet.unirioja.es/servlet/articulo?codigo=7121547 https://www.ncbi.nlm.nih.gov/pubmed/31674672 https://onlinelibrary.wiley.com/doi/abs/10.1111/1556-4029.14109,http://dx.doi.org/10.1111/1556-4029.14109,31674672,10.1111/1556-4029.14109,2952607946,,0,000-281-222-726-856; 019-698-064-288-240; 024-225-776-970-302; 025-549-978-484-457; 051-558-525-539-694; 084-452-444-628-355,15,false,,
089-387-545-335-141,CCC - Windows Forensic Investigations Using PowerForensics Tool,,2016,conference proceedings article,2016 Cybersecurity and Cyberforensics Conference (CCC),,IEEE,,Akram Barakat; Ali Hadi,"Digital forensic investigations has become an important field in this era due to the raise of cybercrimes. Therefore, most governments and companies found the urgent need to invest more in research related to digital forensic investigations. To perform digital forensic investigations covering extraction, analysis, and reporting of digital evidences, new methods and techniques are required. One of these methods used when applying digital forensics on a Windows operating system, is PowerShell. While PowerShell is mainly used to configure, manage and administrate the Windows operating system and other installed programs, this paper will also show that it could be used to collect forensic evidences from a Windows operating system. This paper will discuss Windows PowerShell functions and how they can be beneficiary to a digital forensic investigator. Moreover, the paper will focus on the tools and modules made specifically for forensic investigations. Subsequently, different digital forensic experiments will be conducted using PowerForensics tool in order to extract and identify different Windows forensic artifacts. The results are presented the capabilities of PowerForensics tool to extract forensic evidences from Windows operating system and provide an insight into its limitations.",,,41,47,Engineering; Forensic science; Data science; Field (computer science); Computer security; Focus (computing); Microsoft Windows; Digital forensics,,,,,https://ieeexplore.ieee.org/document/7600208/ http://dblp.uni-trier.de/db/conf/ccc2/ccc2016.html#BarakatH16 http://ieeexplore.ieee.org/document/7600208/ https://www.computer.org/csdl/proceedings-article/ccc/2016/2657a041/12OmNwp74N3 https://dblp.uni-trier.de/db/conf/ccc2/ccc2016.html#BarakatH16,http://dx.doi.org/10.1109/ccc.2016.18,,10.1109/ccc.2016.18,2533982999,,0,013-206-935-502-854; 028-560-659-547-672; 028-814-189-879-409; 043-112-794-493-421; 058-606-015-182-806; 066-199-364-383-133; 085-214-277-668-01X; 163-533-522-115-124; 167-592-705-831-583; 184-948-841-629-735,3,false,,
089-638-379-171-949,ICDF2C - A Review and Comparative Study of Digital Forensic Investigation Models,,2013,book chapter,"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering",18678211; 1867822x,Springer Berlin Heidelberg,Germany,Kwaku Kyei; Pavol Zavarsky; Dale Lindskog; Ron Ruhl,"In this paper we present a review and comparative study of existing digital forensic investigation models and propose an enhanced model based on Systematic Digital Forensic Investigation Model. One significant drawback in digital forensic investigation is that they often do not place enough emphasis on potential admissibility of gathered evidence. Digital forensic investigation must adhere to the standard of evidence and its admissibility for successful prosecution. Therefore, the techno-legal nature of this proposed model coupled with the incorporation of best practices of existing models makes it unique. The model is not a waterfall model, but iterative in nature helping in successful investigation and prosecution. The result of the study is expected to improve the whole investigation process including possible litigation.",,,314,327,Best practice; Waterfall model; Data science; Information sharing; Digital evidence; Drawback; Digital forensic investigation; Computer science; Process (engineering),,,,,https://link.springer.com/chapter/10.1007/978-3-642-39891-9_20 https://link.springer.com/content/pdf/10.1007%2F978-3-642-39891-9_20.pdf https://rd.springer.com/chapter/10.1007/978-3-642-39891-9_20 https://dblp.uni-trier.de/db/conf/icdf2c/icdf2c2012.html#KyeiZLR12 https://www.researchgate.net/profile/Pavol_Zavarsky/publication/259647357_A_Review_and_Comparative_Study_of_Digital_Forensic_Investigation_Models/links/54397af90cf24a6ddb95d922.pdf,http://dx.doi.org/10.1007/978-3-642-39891-9_20,,10.1007/978-3-642-39891-9_20,1833640729,,0,001-009-008-665-240; 004-872-169-627-620; 009-487-143-854-13X; 019-698-064-288-240; 028-367-224-045-089; 032-697-093-668-898; 034-916-306-834-918; 038-668-970-194-854; 050-612-532-454-179; 054-652-203-133-595; 070-429-471-311-739; 085-214-277-668-01X; 090-894-834-543-459; 094-058-992-093-766; 132-355-634-397-986; 140-730-540-277-926; 140-821-103-436-654; 170-299-458-679-224; 190-065-821-748-92X; 199-745-676-923-766,17,false,,
089-695-854-791-989,A method and a case study for the selection of the best available tool for mobile device forensics using decision analysis,,2016,journal article,Digital Investigation,17422876,Elsevier BV,Netherlands,Shahzad Saleem; Oliver Popov; Ibrahim Baggili,"The omnipresence of mobile devices (or small scale digital devices - SSDD) and more importantly the utility of their associated applications for our daily activities, which range from financial transactions to learning, and from entertainment to distributed social presence, create an abundance of digital evidence for each individual. Some of the evidence may be a result of illegal activities that need to be identified, understood and eventually prevented in the future. There are numerous tools for acquiring and analyzing digital evidence extracted from mobile devices. The diversity of SSDDs, types of evidence generated and the number of tools used to uncover them posit a rather complex and challenging problem of selecting the best available tool for the extraction and the subsequent analysis of the evidence gathered from a specific digital device. Failing to select the best tool may easily lead to incomplete and or improper extraction, which eventually may violate the integrity of the digital evidence and diminish its probative value. Moreover, the compromised evidence may result in erroneous analysis, incorrect interpretation, and wrong conclusions which may eventually compromise the right of a fair trial. Hence, a digital forensics investigator has to deal with the complex decision problem from the very start of the investigative process called preparatory phase. The problem could be addressed and possibly solved by using multi criteria decision analysis. The performance of the tool for extracting a specific type of digital evidence, and the relevance of that type of digital evidence to the investigative problem are the two central factors for selecting the best available tool, which we advocate in our work. In this paper we explain the method used and showcase a case study by evaluating two tools using two mobile devices to demonstrate the utility of our proposed approach. The results indicated that XRY (Alt1) dominates UFED (Alt2) for most of the cases after balancing the requirements for both performance and relevance.",16,,S55,S64,Multiple-criteria decision analysis; Decision problem; Data mining; Relevance (law); Decision analysis; Mobile device; Data science; Digital evidence; Computer science; Mobile device forensics; Digital forensics,,,,,https://www.sciencedirect.com/science/article/abs/pii/S1742287616300020 https://core.ac.uk/display/82434076 https://digitalcommons.newhaven.edu/electricalcomputerengineering-facpubs/52/ https://doi.org/10.1016/j.diin.2016.01.008 https://dl.acm.org/doi/10.1016/j.diin.2016.01.008 https://www.sciencedirect.com/science/article/pii/S1742287616300020 http://www.diva-portal.org/smash/record.jsf?pid=diva2:806835 http://digitalcommons.newhaven.edu/cgi/viewcontent.cgi?article=1052&context=electricalcomputerengineering-facpubs https://core.ac.uk/download/pdf/82434076.pdf,http://dx.doi.org/10.1016/j.diin.2016.01.008,,10.1016/j.diin.2016.01.008,638340418,,0,002-633-335-300-244; 013-428-450-747-670; 021-274-925-963-096; 024-696-473-476-447; 050-956-099-345-084; 067-545-085-582-063; 088-133-805-930-451; 092-879-045-056-401; 094-587-727-381-031; 098-955-499-112-850; 114-090-829-194-843; 132-942-022-718-554; 153-061-100-745-489; 154-092-845-528-110; 159-094-605-033-945; 192-810-463-153-431,12,true,cc-by-nc-nd,hybrid
089-739-766-223-692,A Platform Independent Forensic Process Model for Smartphones,2013-04-18,2013,book,,,,,Frances Chevonne Dancer; David A. Dampier,"A properly conducted forensic examination is one of the most fundamental aspects of a digital investigation. Examiners are obligated to obtain the skills necessary to use forensic tools and methodologies and rely on sound judgment when analyzing a digital device. Anytime during this process, the quality of the methods, skills, and expertise of the examiner may be challenged, thus, placing the forensic value of the evidence collected during the process in jeopardy. In order to combat the potential challenges posed as a result of the forensic examination process, the digital forensics community must ensure that suitable protocols are used throughout the analysis process. Currently, there is no standard methodology forensic examiners use to analyze a small scale digital device. This research addresses these issues by introducing the concept of an extendable forensic process model applicable to smartphones regardless of platform. This book provides a description of the forensic process, the models currently used, the developed model, and experiments to show its usefulness.",,,,,Engineering; Forensic science; Data science; Quality (business); Scale (chemistry); Forensic examination; Platform independent; Computer security; Process (engineering); Computer forensics; Digital forensics,,,,,http://dl.acm.org/citation.cfm?id=2530330,http://dl.acm.org/citation.cfm?id=2530330,,,39497274,,0,,0,false,,
089-850-724-685-27X,ISDFS - Overview of Digital Forensics and Anti-Forensics Techniques,,2020,book,2020 8th International Symposium on Digital Forensics and Security (ISDFS),,IEEE,,Hussein Majed; Hassan N. Noura; Ali Chehab,"Digital forensics is very essential in any investigation where data is involved after a security breach. Data contents might be personal, business-related, or strictly confidential. The aim of digital forensics is to legally acquire and analyze the examined data, while Anti-forensics techniques aim to hide, manipulate, and even wipe the data, or to target the credibility of the acquired evidence. This paper presents the current antiforensics techniques, the methods applied, and the available countermeasures.",,,1,5,Credibility; Computer security; Computer science; Confidentiality; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/isdfs/isdfs2020.html#MajedNC20 https://doi.org/10.1109/ISDFS49300.2020.9116399 https://ieeexplore.ieee.org/document/9116399/,http://dx.doi.org/10.1109/isdfs49300.2020.9116399,,10.1109/isdfs49300.2020.9116399,3035867696,,0,004-119-009-833-695; 004-968-449-376-682; 005-102-962-333-180; 007-790-059-029-953; 025-319-861-345-580; 069-553-351-193-961; 115-078-371-524-007; 120-633-529-256-980; 144-614-319-071-141; 157-067-567-418-679; 163-853-761-819-084; 181-095-475-426-346,1,false,,
089-976-242-846-070,Guidelines for the digital forensic processing of smartphones,,,,,,,,Khawla Alghafli; Andrew Jones; Thomas Martin,"Today Smartphone devices are widespread and they hold a number of types of information about the owner and their activities. As a result of the widespread adoption of these devices into every aspect of our lives they can be involved in almost any crime. The aim of digital forensics of Smartphone devices is to recover the digital evidence in a forensically sound manner so that the digital evidence can be presented and accepted in court. The digital forensic process consists of four phases which are preservation, acquisition, examination/analysis and finally presentation. In this paper we look at various types of crime and their associated digital evidence. The digital forensics process of the Smartphone devices is discussed and, this paper also contains recommended guidelines and procedures for how to perform the phases of the digital forensics process on Smartphone devices. Finally, a description of some challenges that may be faced in this field is given.",,,,,Internet privacy; Engineering; Digital forensic process; Presentation; Digital evidence; Field (computer science); Process (engineering); Computer forensics; Digital forensics,,,,,https://ro.ecu.edu.au/adf/90/ https://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1089&context=adf,http://dx.doi.org/10.4225/75/57b2b82a40ce7,,10.4225/75/57b2b82a40ce7,1574669239,,0,007-317-884-495-045; 137-356-705-015-428; 188-259-013-084-890; 199-172-967-270-034,10,false,,
090-284-704-481-407,IFIP Int. Conf. Digital Forensics - BULK EMAIL FORENSICS,,2009,book chapter,Advances in Digital Forensics V,18684238; 1868422x,Springer Berlin Heidelberg,Germany,Fred Cohen,"Legal matters related to unsolicited commercial email often involve several hundred thousand messages. Manual examination and interpretation methods are unable to deal with such large volumes of evidence. Furthermore, as the actors gain experience, it is increasingly difficult to show evidence of spoliation and detect intentional evidence construction. This paper presents improved automated techniques for bulk email analysis and presentation to aid in evidence interpretation.",306,,51,67,Internet privacy; World Wide Web; Presentation; Computer science; Interpretation (philosophy),,,,,https://rd.springer.com/chapter/10.1007/978-3-642-04155-6_4 https://link.springer.com/10.1007/978-3-642-04155-6_4 https://ui.adsabs.harvard.edu/abs/2009adf5.conf...51C/abstract https://link.springer.com/content/pdf/10.1007%2F978-3-642-04155-6_4.pdf https://link.springer.com/chapter/10.1007%2F978-3-642-04155-6_4,http://dx.doi.org/10.1007/978-3-642-04155-6_4,,10.1007/978-3-642-04155-6_4,1506187245,,0,102-221-192-895-272; 141-182-449-198-823; 189-347-387-118-510,11,true,,bronze
091-355-583-764-225,IFIP Int. Conf. Digital Forensics - An Evidence Acquisition Tool for Live Systems,,,book chapter,IFIP — The International Federation for Information Processing,15715736; 18612288,Springer US,Germany,Renico Koen; Martin S. Olivier,"Evidence acquisition is concerned with the collection of evidence from digital devices for subsequent analysis and presentation. It is extremely important that the digital evidence is collected in a forensically-sound manner using acquisition tools that do not affect the integrity of the evidence. This paper describes a forensic acquisition tool that may be used to access files on a live system without compromising the state of the files in question. This is done in the context of the Reco Platform, an open source forensic framework that was used to develop the prototype evidence acquisition tool both quickly and efficiently. The paper also discusses the implementation of the prototype and the results obtained.",,,325,334,Data science; Presentation; Context (language use); Digital evidence; Open source; Computer science; State (computer science),,,,,https://dx.doi.org/10.1007/978-0-387-84927-0_25 https://link.springer.com/content/pdf/10.1007/978-0-387-84927-0_25.pdf https://dblp.uni-trier.de/db/conf/ifip11-9/df2008.html#KoenO08 https://link.springer.com/chapter/10.1007/978-0-387-84927-0_25 https://rd.springer.com/chapter/10.1007/978-0-387-84927-0_25,http://dx.doi.org/10.1007/978-0-387-84927-0_25,,10.1007/978-0-387-84927-0_25,1486419048,,0,002-495-833-326-831; 005-859-821-142-158; 012-495-836-083-305; 016-922-297-286-929; 018-182-926-340-45X; 054-507-171-824-189; 069-256-079-734-894; 071-345-315-077-336; 091-232-341-607-454; 099-582-340-445-44X,5,true,,bronze
091-513-401-669-560,ANALISIS KEMIRIPAN SUARA MELALUI HANDPHONE UNTUKBARANG BUKTI DIGITAL DENGAN MENGGUNAKAN METODEAUDIO FORENSIK,2018-12-07,2018,dissertation,,,,,Luqman Arief Dharmawan,"Audio forensic is one of the digital forensic parts, basically audio forensic; is focusing to examination digital evidence which is related to audio record. Digital; evidence often presented to problems in the trial. The submitted evidence must be; valid which is already analyzed and proven by the expert is related to digital; evidence.; Method used is audio forensic method which consisting of Pitch, Formant; and Bandwidth, Graphical Distribution and Spectogram, to analysis audio record; can also follow Standard Operational Procedure (SOP) 12 about Analysis Audio; Forensic from Digital Forensic Analyst Team (DFAT).; The result of analysis later can be differentiated with the other record or voice; comparision that has been using audio forensic method and can be proven by the; similarity whether the sound recording of evidence is the same as the comparative; sound.",,,,,Sound recording and reproduction; Formant; Digital evidence; Speech recognition; Computer science; Digital forensics,,,,,https://digilib.uin-suka.ac.id/34530/,https://digilib.uin-suka.ac.id/34530/,,,2936496663,,0,,0,false,,
091-694-208-796-635,Digital Forensics in the Cloud,2013-10-01,2013,,,,,,Shams Zawoad; Ragib Hasan,"Today's cloud computing architectures often lack support for computer forensic investigations. Besides this, the existing digital forensics tools cannot cope with the dynamic nature of the cloud. This paper explores the challenges of digital forensics in the cloud, possible attacks on cloud-evidence, and mitigation strategies against those challenges.",,,,,Cloud computing security; Computer security; Computer science; Network forensics; Cloud computing; Digital forensics,,,,,https://apps.dtic.mil/sti/citations/ADA590911 https://apps.dtic.mil/sti/pdfs/ADA590911.pdf http://secret.cis.uab.edu/media/zawoad-2013-digital-forensics-cross-talk.pdf,https://apps.dtic.mil/sti/citations/ADA590911,,,2133919537,,0,001-603-808-939-061; 019-698-064-288-240; 042-969-030-470-170; 051-368-118-380-383; 078-321-628-189-695; 136-745-511-009-321; 170-108-067-251-840,26,false,,
091-696-315-070-855,Explainable digital forensics AI: Towards mitigating distrust in AI-based digital forensics analysis using interpretable models,,2022,journal article,Forensic Science International: Digital Investigation,26662817; 26662825,Elsevier BV,,Abiodun A. Solanke,"The present level of skepticism expressed by courts, legal practitioners, and the general public over Artificial Intelligence (AI) based digital evidence extraction techniques has been observed, and understandably so. Concerns have been raised about closed-box AI models’ transparency and their suitability for use in digital evidence mining. While AI models are firmly rooted in mathematical, statistical, and computational theories, the argument has centered on their explainability and understandability, particularly in terms of how they arrive at certain conclusions. This paper examines the issues with closed-box models; the goals; and methods of explainability/interpretability. Most importantly, recommendations for interpretable AI-based digital forensics (DF) investigation are proposed.",42,,301403,301403,Interpretability; Skepticism; Distrust; Transparency (behavior); Computer science; Digital forensics; Argument (complex analysis); Digital evidence; Artificial intelligence; Data science; Computer security; Psychology; Epistemology; Psychotherapist; Philosophy; Biochemistry; Chemistry,,,,,,http://dx.doi.org/10.1016/j.fsidi.2022.301403,,10.1016/j.fsidi.2022.301403,,,0,000-360-120-513-679; 000-449-131-016-986; 003-015-137-620-130; 003-026-991-770-318; 003-360-732-233-044; 007-392-723-533-629; 018-822-581-363-834; 023-063-388-078-229; 025-060-592-657-50X; 025-415-725-538-599; 033-344-357-648-800; 036-563-037-799-705; 044-638-092-768-171; 052-696-669-041-854; 053-071-743-643-578; 054-547-096-894-887; 054-819-045-052-125; 055-502-988-908-057; 055-807-088-113-125; 059-149-073-001-124; 059-786-079-109-47X; 065-001-388-509-041; 066-042-439-542-747; 070-717-463-864-129; 071-860-959-402-137; 083-839-515-156-421; 086-574-303-424-904; 087-323-490-534-091; 094-581-471-765-72X; 102-225-149-387-887; 109-466-069-133-838; 123-498-859-171-509; 124-191-464-465-991; 125-939-677-745-616; 139-924-660-355-079; 153-221-094-384-217; 189-305-371-273-262,0,true,,hybrid
091-820-915-650-314,ICACIE (1) - Evaluation of Digital Forensic Tools in MongoDB Database Forensics,2020-10-30,2020,book,Advances in Intelligent Systems and Computing,21945357; 21945365,Springer Singapore,,Rupali M. Chopade; V. K. Pachghare,Wide usage of online applications has increased the risk of misuse of data by affecting privacy and security policies. Digital forensics is a process of solving criminal cases related to digital devices. Technical growth in this area is the expansion of forensic tools to collect the pieces of evidence. Database forensics is one of the categories of digital forensics. Database forensics covers the scanning of various parts of it for data recovery or finding data tampering. Forensic tools are available for most of the relational databases. Very few tools are available in the market for NoSQL databases. This paper is an attempt to present available digital forensic tools and to experiment with relevant free tools on the MongoDB database to check the usefulness.,,,427,439,Security policy; Data science; Database forensics; NoSQL; Computer science; Process (engineering); Data recovery; Relational database; Digital forensics,,,,,https://link.springer.com/chapter/10.1007/978-981-15-6584-7_40 https://dblp.uni-trier.de/db/conf/icacie/icacie2019-1.html#ChopadeP19,http://dx.doi.org/10.1007/978-981-15-6584-7_40,,10.1007/978-981-15-6584-7_40,3097571454,,0,001-255-768-346-633; 007-648-632-822-878; 009-963-999-321-861; 012-459-130-312-50X; 016-922-297-286-929; 020-263-373-977-632; 030-269-579-295-629; 031-701-720-222-354; 032-664-290-593-804; 048-299-122-258-861; 050-513-243-638-138; 053-415-287-546-534; 059-829-333-909-69X; 075-264-586-699-234; 090-933-338-506-017; 119-234-785-721-155; 120-753-186-411-42X; 150-423-079-028-448; 159-663-632-955-205; 173-348-062-884-819,0,false,,
091-842-610-823-656,Performance and Application of Digital Forensic Tools: A Comparative Study,2022-09-22,2022,book chapter,Proceedings of the 6th International Conference on Advance Computing and Intelligent Engineering,23673370; 23673389,Springer Nature Singapore,,Savali Deshmukh; Pramod Kumar Jha,"AbstractCurrently, computers and the Internet are used to conduct the majority of business transactions, communications and the automated control of industrial equipment, among other things. Working online makes the process more efficient and convenient. The risk of cyber-attacks has also increased significantly as a result of devices being exposed to the Internet on a daily basis. The Internet’s speed, ease of use and invisibility, lack of geographical boundaries cyber financial crimes, stalking and bullying are becoming more commonplace, according to the FBI. A digital forensic investigation carried out with the assistance of software tools yields evidence against cybercriminals that can be presented in court. This review work aimed to evaluate and compare the performance and applications of ten online digital forensic tools. The conclusions, limitations of these tools and how after moral improvement, they can be used to assist digital forensics professionals in discovering digital evidence are presented.KeywordsDigital forensic toolsCybercrimeOpen-source softwarePerformanceApplication",,,661,671,Digital forensics; Invisibility; The Internet; Computer science; Computer forensics; Cybercrime; Computer security; Digital evidence; Internet privacy; World Wide Web; Artificial intelligence,,,,,,http://dx.doi.org/10.1007/978-981-19-2225-1_57,,10.1007/978-981-19-2225-1_57,,,0,002-946-177-908-111; 006-933-430-647-14X; 008-667-688-301-190; 011-741-889-496-677; 012-495-836-083-305; 021-039-461-635-181; 047-386-524-667-691; 052-525-234-356-113; 058-734-389-352-474; 061-619-590-658-306; 064-938-865-982-891; 074-022-824-976-957; 075-529-701-912-32X; 087-715-554-347-379; 100-835-534-402-495; 142-388-561-082-054; 144-124-797-675-052; 153-229-976-131-816; 165-400-601-024-320; 186-179-663-828-545,0,false,,
091-888-415-273-656,What is a Cell Tower,,2017,book chapter,Cell Phone Location Evidence for Legal Professionals,,Elsevier,,Larry Daniel,,,,7,16,Beam diameter; Electrical engineering; Engineering; Omnidirectional antenna; Tower; Cover (telecommunications); Wireless,,,,,http://www.sciencedirect.com/science/article/pii/B978012809397900002X https://www.sciencedirect.com/science/article/pii/B978012809397900002X,http://dx.doi.org/10.1016/b978-0-12-809397-9.00002-x,,10.1016/b978-0-12-809397-9.00002-x,2723262951,,0,,0,false,,
091-898-525-405-92X,IFIP Int. Conf. Digital Forensics - Establishing Findings in Digital Forensic Examinations: A Case Study Method,2017-08-31,2017,book chapter,Advances in Digital Forensics XIII,18684238; 1868422x,Springer International Publishing,Germany,Oluwasayo Oyelami; Martin S. Olivier,"In digital forensics, examinations are carried out to explain events and demonstrate the root cause from a number of plausible causes. Yin’s approach to case study research offers a systematic process for investigating occurrences in their real-world contexts. The approach is well suited to examining isolated events and also addresses questions about causality and the reliability of findings. The techniques that make Yin’s approach suitable for research also apply to digital forensic examinations. The merits of case study research are highlighted in previous work that established the suitability of the case study research method for conducting digital forensic examinations. This research extends the previous work by demonstrating the practicality of Yin’s case study method in examining digital events. The research examines the relationship between digital evidence – the effect – and its plausible causes, and how patterns can be identified and applied to explain the events. Establishing these patterns supports the findings of a forensic examination. Analytic strategies and techniques inherent in Yin’s case study method are applied to identify and analyze patterns in order to establish the findings of a digital forensic examination.",,,3,21,Causality; Data science; Digital evidence; Case method; Forensic examination; Computer science; Systematic process; Reliability (statistics); Digital forensics; Root cause,,,,,https://doi.org/10.1007/978-3-319-67208-3_1 https://dblp.uni-trier.de/db/conf/ifip11-9/df2017.html#OyelamiO17 https://hal.inria.fr/hal-01716393 https://hal.inria.fr/hal-01716393/document https://rd.springer.com/chapter/10.1007/978-3-319-67208-3_1 https://link.springer.com/chapter/10.1007/978-3-319-67208-3_1,http://dx.doi.org/10.1007/978-3-319-67208-3_1,,10.1007/978-3-319-67208-3_1,2753280209,,0,000-537-535-465-34X; 004-652-388-189-304; 004-982-415-119-478; 005-515-442-506-880; 014-966-931-773-938; 018-013-990-264-909; 019-831-293-743-518; 020-884-523-153-420; 029-373-804-401-972; 032-875-845-675-054; 038-533-189-153-255; 039-027-862-935-463; 052-150-782-856-655; 055-428-561-725-064; 064-988-327-019-067; 106-964-315-836-68X; 124-536-382-369-948; 133-508-126-407-763; 141-018-791-775-943; 145-743-906-992-348; 199-566-397-751-128,1,true,cc-by,green
092-034-798-973-875,Mobile Forensics,2021-07-05,2021,book chapter,Crime Science and Digital Forensics,,CRC Press,,Manish Kumar,"Nowdays to solve any crime and incident, mobile phone evidence plays a vital role. Digital forensics experts need specialized tools and techniques to extract the evidence from mobile phones for analysis. Extracting the evidence from mobile phones in a forensically sound manner has never been an easy task. The evidence extraction from mobile phones poses many challenges, as the entire process must ensure the integrity of evidence and its admissibility in the court of law. There are various tools and techniques available for mobile forensics which are classified based on its complexity and its physical characteristics. In this paper we are discussing various contemporary state-of-the art approach and advanced techniques used in mobile forensic. The different level of approach for mobile forensics, its advantages, disadvantages, cost and complexity are discussed in detail. The paper also highlights critical technical issues, research opportunities and challenges. [144]",,,102,116,Computer science; Internet privacy; Computer security,,,,,,http://dx.doi.org/10.1201/9780429322877-8,,10.1201/9780429322877-8,,,0,,1,false,,
092-046-002-157-986,Digital Forensic Logistics: The Basics of Scientific Theory,,2021,journal article,International Journal of Law and Society,26401894,Science Publishing Group,,Sergey Zuev; Dmitry Bakhteev,"Investigations of complex crimes with digital evidence increasingly require the use of modern digital devices and computer programs. Working with big data involves the accumulation, processing, and analysis of forensic information for further algorithmization and modeling of investigative actions, as well as the automation of the organizational activities of investigators. The article substantiates the need for the use of digital forensic logistics to optimize information flows and build the most effective analytical human and computer processing, not excluding the use of artificial intelligence systems. Digital forensic logistics is a sub-branch of digital forensics in the collection, identification, storage, verification, and analysis of data, as well as the generation of electronic evidence for evidence in court. The article provides the main directions of digital forensic logistics, including the logistics of evidence in criminal cases; logistics of the general organization of crime investigation; logistics planning (selection of tools and methods of investigation); logistics of putting forward versions of events; logistics of decisions in criminal matters. It is argued that the efficiency of the entire system will largely depend on the establishment of information flows and the prioritization of tasks. Quality work requires the improvement of applied digital technologies capable of providing the necessary algorithms of the evidentiary process. The use of special software, including the use of artificial intelligence systems, is becoming increasingly relevant. The logistics of making decisions in criminal cases ideally represents an electronic assistant, endowed with artificial intelligence or in the form of a special computer program, capable, based on the determination of the forensic significance of the obtained digital information (electronic evidence), to offer the investigator solutions that can change the course of the investigation and transfer the entire information system in a new state.",4,2,83,,Automation; Information system; Data science; Digital evidence; Computer science; Process (engineering); State (computer science); Big data; Identification (information); Digital forensics,,,,,https://article.sciencepublishinggroup.com/pdf/10.11648.j.ijls.20210402.14.pdf https://membership.sciencepublishinggroup.com/journal/paperinfo?journalid=306&doi=10.11648/j.ijls.20210402.14 http://www.sciencepublishinggroup.com/journal/paperinfo?journalid=306&doi=10.11648/j.ijls.20210402.14,http://dx.doi.org/10.11648/j.ijls.20210402.14,,10.11648/j.ijls.20210402.14,3163211431,,0,,0,true,cc-by,gold
092-223-657-810-83X,THE INTEGRATION OF DIGITAL FORENSICS SCIENCE AND ISLAMIC EVIDENCE LAWS,2019-12-15,2019,journal article,"International Journal of Law, Government and Communication",01281763,Global Academic Excellence (M) Sdn Bhd,,Mohamad Khairudin Kallil; Ahmad Che Yaacob,"<jats:p>Evidence is anything that tends to prove or disprove a fact at issue in legal action. It involves the offering of alleged proof through testimony or objects at court proceedings to persuade the trier of fact about an issue in dispute. Islamic Evidence Law is a body of rules that helps to govern conduct and determines what will admissible in certain legal proceedings and trials. In the proceeding that involves digital evidence, the court will consider whether the digital evidence is admissible or inadmissible depends on the requirements of admissibility stated in law statutes in force and the existence of any Standard Operating Procedure (SOP). Under section 33 of the Syariah Court (Federal Territories) Evidence Act or other Syariah Evidence Enactments, digital evidence is subjected to be authenticated by the digital forensics experts. In digital forensics, the process of identification, preservation, collection, analysis, and presentation is the main procedures contained in any Standard Operating Procedure (SOP) of any digital forensics services. The court will ensure that this procedure can maintain the authenticity and the originality of the evidence especially on the issue of expert qualification, a chain of custody and analysis part. Thus, digital forensics is integrated with the Islamic law of evidence to maintain justice in delivering judgment. Therefore, this article examines the standard requirement of the admissibility of digital evidence by digital forensic methodology by using the qualitative approach on the analysis of articles, books, law statutes documents and law cases. The results show that the need for amendment of Syariah Court Evidence and Procedure statutes and the necessity of the existence of Standard Operating Procedure (SOP) on digital evidence in the Syariah courts as a guideline for judges, lawyers and parties involved.</jats:p>",4,17,61,70,Law; Computer science; Islam; Digital forensics,,,,,http://dx.doi.org/10.35631/ijlgc.417006,http://dx.doi.org/10.35631/ijlgc.417006,,10.35631/ijlgc.417006,2999286939,,0,,1,true,,gold
092-461-654-973-880,Studying the Documentation Process in Digital Forensic Investigation Frameworks/ Models,,2015,journal article,Journal of Al-Nahrain University-Science,18145922; 25190881,Al-Nahrain Journal of Science,,Talib M. Jawad Abbas,"With the proliferation of the digital crime around the world, there are numerous and diverse digital forensic investigation models for driving digital investigation processes. Now more than ever, it must be a criminal investigation to obtain digital evidence which wouldn't be admissible in court. Therefore, digital forensic investigation should be implemented successfully, and there are a number of significant steps that should be taken into account. Each step and phase produces documents that are essential in understanding how the investigation process is built.The aim of this paper is to study models/ frameworks for the digital forensic investigation over a time period of ten years and find out the degree and level of attention to the process of documentation. This paper also includes definitions and descriptions of the basic and core concepts that the frameworks/ models use.",18,4,153,162,Criminal investigation; Systems engineering; Data science; Digital evidence; Digital forensic investigation; Computer science; Process (engineering); Documentation; Digital forensics,,,,,https://anjs.edu.iq/index.php/anjs/article/download/299/1699 https://anjs.edu.iq/index.php/anjs/article/view/299 https://www.iasj.net/iasj?func=fulltext&aId=107014,http://dx.doi.org/10.22401/jnus.18.4.21,,10.22401/jnus.18.4.21,2588900731,,0,006-708-208-065-949; 010-086-703-646-194; 019-698-064-288-240; 032-697-093-668-898; 109-482-615-363-500; 170-299-458-679-224; 170-346-482-774-626; 190-065-821-748-92X; 199-172-967-270-034; 199-745-676-923-766,1,false,,
092-506-898-894-624,Towards a Comprehensive Ontology Based-Investigation for Digital Forensics Cybercrime,2015-10-31,2015,journal article,International Journal on Communications Antenna and Propagation (IRECAP),25332929; 20395086,Praise Worthy Prize,Italy,Amir Mohamed Talib; Fahad Omar Alomary,"Cyber physical attacks against information and computer systems are a tangible and dangerous threat that requires an effective response. In this paper, digital forensics cybercrime ontology is proposed to collect, examine, analyze, prepare, acquire and preserve evidence of computer crimes of digital forensics in cyberspace. The power of the proposed ontology is to determine the difficulties of association of the digital crime types and their collection evidences in digital forensics cases. Ontology development has consists three main steps, 1) domain, purpose and scope setting, 2) important terms acquisition, classes and class hierarchy conceptualization and 3) instances creation. Digital forensics and ontology are two normally unrelated topics. Ontology congruent to this paper is method that will help to better understanding and defining terms of digital forensics. Our proposed digital forensics cybercrime ontology resulting from the Protege has a total of 180 classes, 179 subclasses and 84 instances regarding digital forensics crime cases.",5,5,263,268,World Wide Web; Ontology (information science); Protégé; Cybercrime; Cyberspace; Class hierarchy; Computer science; Computer forensics; Digital forensics; Conceptualization,,,,,https://www.praiseworthyprize.org/jsm/index.php?journal=irecap&page=article&op=view&path%5B%5D=17418,http://dx.doi.org/10.15866/irecap.v5i5.6112,,10.15866/irecap.v5i5.6112,2283915427,,0,014-384-963-565-48X; 095-437-078-101-003; 105-646-650-348-579; 160-810-323-281-473; 181-072-396-769-365; 187-367-973-147-176,8,false,,
092-689-605-929-980,Forensic Investigation and Analysis of User Input Information in Business Application,2016-07-14,2016,journal article,Indian Journal of Science and Technology,09745645; 09746846,Indian Society for Education and Environment,India,Funminiyi Olajide; Sanjay Misra,"Objectives: This paper investigates the amount of user input that can be recovered from the volatile memory of Windows computer systems while an application is still running. Additionally, an investigation into temporal, functional analysis and event reconstruction of user input activities in business application is discussed and reported upon. Methods/Analysis: Forensically, relevant user information is suitable for an evidentiary purpose. Therefore, the qualitative assessment of user input on commonly used windows-based applications is presented. Findings: In this research, detailed emphasis has been laid on the quality of evidence recovered from the allocated line numbers of the application memory. This approach describes the process of securing digital evidence for investigators. The research uncovers the process of analysing the forensically relevant data recovered from Windows applications. The investigation comprises of the following; dumping of memory, data extraction, strings evidence strings conversion, result finding of the evidence and also, reconstructing the extracted evidence of user information. Applications/Improvement: This research focuses on digital forensic investigation of digital images captured and the memory analysis of user information on using some very popular windows based applications. It is aimed that this may become part of forensic analysis in digital investigations.",9,25,1,7,Data mining; Information retrieval; Data extraction; User information; Digital evidence; Digital forensic investigation; Computer science; Digital image; Process (computing),,,,,https://indjst.org/articles/forensic-investigation-and-analysis-of-user-input-information-in-business-application http://www.i-scholar.in/index.php/indjst/article/view/134916,http://dx.doi.org/10.17485/ijst/2016/v9i25/95211,,10.17485/ijst/2016/v9i25/95211,2485980299,,0,016-536-694-167-514; 018-332-230-662-937; 030-121-862-351-330; 036-093-518-856-770; 046-189-168-242-806; 052-994-844-746-276; 064-388-382-052-645; 076-095-910-918-008; 078-598-867-814-365; 130-093-060-692-651; 141-182-449-198-823; 149-010-267-691-537; 155-874-936-366-797; 170-957-355-705-751,2,true,,gold
092-799-000-473-471,IFIP Int. Conf. Digital Forensics - Evaluating the Authenticity of Smartphone Evidence,2017-08-31,2017,book chapter,Advances in Digital Forensics XIII,18684238; 1868422x,Springer International Publishing,Germany,Heloise Pieterse; Marius Olivier; Renier van Heerden,"The widespread use and rich functionality of smartphones have made them valuable sources of digital evidence. Malicious individuals are becoming aware of the importance of digital evidence found on smartphones and may be interested in deploying anti-forensic techniques to alter evidence and thwart investigations. It is, therefore, important to establish the authenticity of smartphone evidence.",,,41,61,Internet privacy; World Wide Web; Digital evidence; Computer science; Reference architecture,,,,,https://hal.inria.fr/hal-01716408/document https://rd.springer.com/chapter/10.1007/978-3-319-67208-3_3 https://hal.inria.fr/hal-01716408 https://link.springer.com/chapter/10.1007%2F978-3-319-67208-3_3 https://researchspace.csir.co.za/dspace/handle/10204/9651 https://dblp.uni-trier.de/db/conf/ifip11-9/df2017.html#PieterseOH17,http://dx.doi.org/10.1007/978-3-319-67208-3_3,,10.1007/978-3-319-67208-3_3,2751498141,,0,002-633-335-300-244; 005-102-962-333-180; 005-427-296-440-851; 015-871-550-785-921; 019-831-293-743-518; 029-261-528-771-339; 037-313-891-890-73X; 060-348-778-499-353; 061-733-902-008-548; 066-890-334-771-22X; 068-081-042-069-298; 068-922-095-054-528; 073-546-311-377-634; 075-268-039-596-63X; 076-753-080-882-502; 078-598-867-814-365; 080-794-222-751-707; 086-454-591-703-628; 098-520-592-151-771; 109-526-401-810-59X; 110-570-444-347-682; 124-551-718-579-355; 133-508-126-407-763; 136-363-377-189-97X; 137-169-298-997-386; 192-410-422-550-155,3,true,cc-by,green
092-822-397-043-068,The Five Levels of Data Destruction: A Paradigm for Introducing Data Recovery in a Computer Science Course,,2019,conference proceedings article,2019 International Conference on Computational Science and Computational Intelligence (CSCI),,IEEE,,Gary Cantrell; Joan Runs Through,"Digital forensics has become a fundamental piece of many cyber security programs across the US, and data recovery is an integral building block of digital forensics. Data recovery can be a difficult topic to cover without a system or organization to the different methods of recovery. The following manuscript offers a structure for introducing data recovery in a digital forensics or information technology course and a method for evaluating the admissibility of recovered files as court evidence based on how the data were recovered. This offers both a framework for teaching data recovery and a way for discussing evidence admissibility. The five levels of destruction paradigm is a result of over a decade of teaching digital forensics in vocational and academic environments in a computer science program. The authors offer up this paradigm in hopes it will be useful to other computer science and digital forensics educators.",,,,,Information technology; Evidence-based practice; Block (data storage); Structure (mathematical logic); Data science; Computer science; Data recovery; Vocational education; Digital forensics; Metadata,,,,,http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=9071161 http://xplorestaging.ieee.org/ielx7/9052554/9070327/09071161.pdf?arnumber=9071161,http://dx.doi.org/10.1109/csci49370.2019.00029,,10.1109/csci49370.2019.00029,3019770352,,0,016-983-559-523-04X; 019-922-177-175-457; 025-421-213-608-128; 031-234-153-523-379; 033-808-740-218-611; 043-093-846-816-675; 067-105-988-368-712; 084-400-371-771-884; 094-933-978-324-364; 127-624-902-375-444; 133-752-203-150-119; 134-927-490-231-285; 149-798-016-481-910; 156-208-735-029-358,1,false,,
092-862-941-073-444,Digital Forensics Explained,2012-12-03,2012,book,,,,,Greg Gogolin,"What Is Digital Forensics and What Should You Know about It? Introduction Forensic Science What Does It Take to Be a Digital Forensic Investigator? Educational Opportunities What Opportunities Are There for Digital Forensic Investigators? What Are the Trends and Challenges in Digital Forensics? Resources Available to Digital Forensic Investigators Conclusion References Digital Forensic Approaches and Best Practices Introduction First Response Responding to a Case Conclusion References Other Useful References Digital Forensics Tool Kit Introduction Computer Forensics Write Blockers Imaging Add-Ons and Other Technologies Tools Mobile Forensics Tools Visual Analysis Secured Storage Damaged Media Summary Internet and E-Mail Examinations Introduction E-mail Chat and Messaging Logs Peer to Peer Search Engine Activity Internet History Social Networking and Gaming Malware and Viruses Summary Mobile Forensics Introduction Mobile Phone Technology How a Call Is Made Forensic Challenges Forensic Process Digital Cell Phone Investigation Geographic Positioning Systems Cameras Summary Cellular Communications Technology Overview References Cloud Computing and Digital Forensics, Prof. Gerald Emerick Introduction Infrastructure as a Service Platform as a Service Software as a Service Service and Deployment Models Customer versus Cloud Provider Responsibilities Other Service Models Multi-Tenancy User Access and Provisioning Data Protection and Breaches Information Technology and Information Security Governance and Change Control Processes Service Access Vulnerabilities Migration Planning Incident Response Virtualization Security Benefits of Cloud Incident Response, Det . Jason Otting Introduction Case Summary The Initiation of an Investigation Information Evidence Gathering Interviews and the Analyzing of Evidence Analyzing the Electronic Evidence Prosecution and Testimony Things to Consider Conclusion Report Writing and Presentation Introduction Report Content and Considerations Sample Reports Presenting and Testifying Archiving Summary Social Media Forensics, Dr. Barbara L. Ciaramitaro Introduction to Social Media Social Networking E-mail Blogs Microblogs Event Coordination Location Identification Multimedia Sharing Search Wikis Web Conferencing Virtual Worlds Social Media Forensics Street Gangs Terrorist Activity White Collar Crimes Summary References Social Engineering Forensics, Dr. Barbara L. Ciaramitaro Introduction to Social Engineering Online Social Engineering Attacks Telephone Social Engineering Attacks Waste Management Social Engineering Attacks Mobile Device Social Engineering Attacks Personal Social Engineering Attacks Reverse Social Engineering Attacks Social Engineering Forensics Social Engineering Attack Vector Vulnerabilities Conclusion References Anti -Forensics, Prof. Velislav Pavlov Anti-Forensic Definition and Concepts Anti-Forensic Methods Eliminate Trails Hide Evidence Destroy Evidence Mobile Anti-Forensics Conclusion References Link and Visual Analysis Introduction Link and Visual Analysis Conclusion Psychological, Ethical, and Cultural Implications of Digital Forensics Introduction Psychological Implications of Digital Forensics Ethical Implications of Digital Forensics Cultural Implications Conclusion References Index",,,,,Internet privacy; The Internet; Engineering; World Wide Web; Mobile phone; Network forensics; Social media; Computer forensics; Social engineering (security); Mobile device forensics; Digital forensics,,,,,https://www.taylorfrancis.com/books/mono/10.1201/9781003049357/digital-forensics-explained-greg-gogolin https://ci.nii.ac.jp/ncid/BB11595895 http://www.ittoday.info/Excerpts/Digital_Forensics_Explained.pdf https://www.amazon.com/Digital-Forensics-Explained-Greg-Gogolin/dp/1439874956,https://www.taylorfrancis.com/books/mono/10.1201/9781003049357/digital-forensics-explained-greg-gogolin,,,625769238,,0,025-421-213-608-128; 038-140-298-113-191; 042-983-770-684-52X; 073-847-291-567-156; 091-383-639-590-665; 105-166-314-182-714,2,false,,
092-878-184-623-918,Digital video forensics: a comprehensive survey,,2019,journal article,International Journal of Advanced Intelligence Paradigms,17550386; 17550394,Inderscience Enterprises Ltd,United Kingdom,Mohammad A. Alsmirat; Ruba A. Al-Hussien; Walaa Al-Sarayrah; Yaser Jararweh; Morad Etier,"The wide spread of digital devices and tools causes the simplification of the manipulation of any digital multimedia content. As a result, digital videos and photos are not trusted to be used as evidence in courts. This fact raises the need for finding techniques to ensure the authenticity of digital multimedia contents. Experts in digital-signal processing conducted a huge number of researches to find new strategies, using digital forensics, to verify digital evidences and trace its origins. The aim of this paper is to collect and provide the definitions of the main concepts related to media forensics. Also, this paper gives an overview of the different techniques used in media forensics concentrating on video forensics. Furthermore, it classifies the work done in the field according to the main technique used in the proposed solution approach.",15,3,437,456,Double compression; Digital multimedia; Image forensics; Digital video; Field (computer science); Computer science; Multimedia; TRACE (psycholinguistics); Data compression; Digital forensics,,,,,https://www.inderscienceonline.com/doi/abs/10.1504/IJAIP.2020.106040 https://dblp.uni-trier.de/db/journals/ijaip/ijaip15.html#AlsmiratAAJE20 http://dblp.uni-trier.de/db/journals/ijaip/ijaip15.html#AlsmiratAAJE20 https://doi.org/10.1504/IJAIP.2020.106040,https://www.inderscienceonline.com/doi/abs/10.1504/IJAIP.2020.106040,,,2810653893,,0,,3,false,,
093-327-100-232-043,Application of Static Forensics Method for Extracting Steganographic Files on Digital Evidence Using the DFRWS Framework,2020-06-20,2020,journal article,Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi),25800760,Ikatan Ahli Informatika Indonesia (IAII),,null Sunardi;  Riadi; Muh. Hajar Akbar,"Steganography is one of the anti-forensic techniques that allow criminals to hide information in other messages so that during the investigation, the investigator will experience problems and difficulty in getting evidence of original information on the crime. Therefore an investigator is required to have the ability to be able to find and extract (decoding) using the right tools when opening messages that have been inserted by steganography techniques. The purpose of this study is to analyze digital evidence using the static forensics method by applying the six stages to the Digital Forensics Research Workshop (DFRWS) framework and extracting steganography on files that have been compromised based on case scenarios involving digital crime. The tools used are FTK Imager, Autopsy, WinHex, Hiderman, and StegSpy. The results of extraction of 9 out of 10 files that were scanned by steganography files had 90% success and 10% of steganography files were not found, so it can be concluded that the extraction files in steganographic messages can be used as legal digital proofs according to law.",4,3,576,583,Mathematical proof; Steganography; Information retrieval; Digital evidence; Computer science; Decoding methods; Digital forensics,,,,,http://jurnal.iaii.or.id/index.php/RESTI/article/view/1906 http://jurnal.iaii.or.id/index.php/RESTI/article/download/1906/265,http://dx.doi.org/10.29207/resti.v4i3.1906,,10.29207/resti.v4i3.1906,3036917890,,0,,0,true,cc-by,gold
093-431-358-523-075,Enhancing Digital Forensic Analysis throughDocument Clustering,,2014,journal article,International Journal of Innovative Research in Computer and Communication Engineering,23209798,,,null B.Vidhya; R. Priya Vaijayanthi,"Digital forensic is the process of uncovering and interpreting process of uncovering and interpreting electronic data for use in a court of law. The goal of the process is to preserve any evidence in its most original form while performing a structured investigation by collecting identifying and validating the digital information for the purpose of reconstructing past events. Digital forensics deals with the analysis of artifacts on all types of digital devices. The role of digital forensics is to facilitate the investigation of criminal activities that involve digital devices, to preserve, gather, analyze and provide scientific and technical evidence, and to prepare the documentation for law enforcement authorities. Clustering methods can be used to automatically group the retrieved documents into a list of meaningful categories. Document clustering involves descriptors and descriptor extraction. Descriptors are sets of words that describe the contents within the cluster. Document cluster is generally considered to be a centralized process. Example of document clustering is web document clustering. Application of document clustering can be categorized to two types that are online and offline. Seized digital devices can provide precious information and evidence about facts. Large amount of data analyzed. Digital tools supported. In this paper do the work of extracting document and get a brief knowledge.",2,1,2496,2501,Document clustering; k-means clustering; Information retrieval; Online and offline; Law enforcement; Computer science; Process (engineering); Documentation; Cluster analysis; Digital forensics,,,,,http://www.rroij.com/open-access/enhancing-digital-forensic-analysis-throughdocument-clustering.pdf https://www.rroij.com/open-access/enhancing-digital-forensic-analysis-throughdocument-clustering.pdf,http://www.rroij.com/open-access/enhancing-digital-forensic-analysis-throughdocument-clustering.pdf,,,2611297783,,0,,0,false,,
093-629-817-947-592,Digital Forensics: Principles of digital evidence collection,,2003,journal article,Network Security,13534858,Mark Allen Group,Netherlands,Dario Forte,The collection of digital evidence must follow certain basic steps in order to be effective. This article introduces the main principles.,2003,12,6,7,World Wide Web; Order (business); Digital evidence; Computer science; Digital forensics,,,,,https://www.sciencedirect.com/science/article/pii/S1353485803000060,http://dx.doi.org/10.1016/s1353-4858(03)00006-0,,10.1016/s1353-4858(03)00006-0,2260921253,,0,,3,false,,
093-924-528-715-586,DFRWS - Reproducibility of digital evidence in forensic investigations,,2005,conference proceedings,,,,,Lei Pan; Lynn Batten,"We present a three-component model of a digital investigation which comprises: determination of input-output layers, assignment of read and write operations associated with use of forensic tools, and time-stamping of read and write operations. This builds on work of several authors, culminating in the new model presented here which is generic, scalable and compatible with all functions in the system, and which is guaranteed to produce a high quality of reproducibility.",,,1,8,Computer engineering; Quality (business); Digital evidence; Computer science; Scalability; Computer hardware; Reproducibility,,,,,https://dblp.uni-trier.de/db/conf/dfrws/dfrws2005.html#PanB05 http://dro.deakin.edu.au/view/DU:30005841 http://dro.deakin.edu.au/eserv/DU:30005841/batten-reproducibilityofdigital-2005.pdf https://www.dfrws.org/2005/proceedings/pan_reproducibility_slides.pdf,https://dblp.uni-trier.de/db/conf/dfrws/dfrws2005.html#PanB05,,,1492627288,,0,072-245-054-212-971; 156-571-272-274-491; 178-883-713-153-793; 188-762-236-378-448,16,false,,
094-373-885-308-346,"Registration, classification and presentation of digital forensics and incident response tools",2015-12-01,2015,dissertation,,,,,Αργυρώ Λιακοπούλου; Argyro Liakopoulou,"The objective of this thesis is to record, categorize and present the tools available, freely and commercially, for the needs of digital forensics and security incident response process. Initially, this study presents the structure of the security incident response team and, then, the procedures and techniques applicable for a successful response to a security incident. The same procedure is followed for the digital forensics team. Afterwards, the specific procedures, that should be followed for the collection and processing of electronic evidence in order to be valid for legal use, are analyzed. Then, an overview of the legal framework within the EU, surrounding the security incident response and digital forensics procedures, is presented. Next is presented the structure of the web page created containing the collection of forensics tools categorized according to their functionality. Finally, some tools for digital forensics and security incident response are presented and categorized according to their functionality.",,,,,Engineering; World Wide Web; Structure (mathematical logic); Information retrieval; Presentation; Incident response; Process (engineering); Computer forensics; Digital forensics,,,,,http://dione.lib.unipi.gr/xmlui/handle/unipi/10029,http://dione.lib.unipi.gr/xmlui/handle/unipi/10029,,,2761333554,,0,,0,false,,
094-631-307-774-31X,Digital Forensics Specialist Group,2014-01-28,2014,journal article,Digital Evidence and Electronic Signature Law Review,20548508; 17564611,School of Advanced Study,Spain,Miranda Moore; Simon Iveson,Miranda Moore QC and Simon Iveson give a personal impression on the work of the Digital Forensics Specialist Group and the difficulties in identifying appropriately qualified digital evidence specialists in the UK Index words: Digital Forensics Specialist Group; Forensic Science Regulator; Forensic Science Advisory Council; accreditation; digital forensic methods; validation,9,0,,,Psychology; Index (publishing); Digital evidence; Computer security; Medical education; Computer forensics; Accreditation; Digital forensics,,,,,https://journals.sas.ac.uk/deeslr/article/view/1995 https://sas-space.sas.ac.uk/5418/,http://dx.doi.org/10.14296/deeslr.v9i0.1995,,10.14296/deeslr.v9i0.1995,2150343373,,0,,0,true,cc-by-nc-nd,hybrid
094-662-617-802-824,Wiley Encyclopedia of Forensic Science - Image Processing and Analysis,2013-03-15,2013,book,Wiley Encyclopedia of Forensic Science,,"John Wiley & Sons, Ltd",,Zeno Geradts,"Forensic image processing is a field that has developed rapidly. The old-fashioned analog photography has disappeared for most parts in the last decades, and has been replaced with digital imaging. In analog photo and video, editing methods, such as contrast enhancement and color filtering, are available. However, with digital imaging, these methods and more are available to a much broader user group, who can edit these images, for example, on their mobile phones, or personal computers. For forensic science, we see that digital images and closed circuit television (CCTV) streams are used as evidence in court. For this reason, it is important to do a proper forensic investigation. Crime scenes are visualized on CCTV. Forensic evidence image processing is used to visualize the fingerprint, handwriting, or shoe print more clearly. In this article, an overview is given of the methods that are available for digital image processing, and some examples with CCTV and fingerprints are shown, with the risks. The risks can be minimized by having a good validation process, in which representative test samples are used.; ; ; Keywords:; ; image processing;; video;; CCTV;; 3GP;; FFT;; fingerprints;; deblurring",,,,,Digital image processing; Digital imaging; Computer graphics (images); Artificial intelligence; Crime scene; Geography; Analog photography; Deblurring; Fingerprint (computing); Computer vision; Digital image; Image processing,,,,,https://onlinelibrary.wiley.com/doi/10.1002/9780470061589.fsa430,http://dx.doi.org/10.1002/9780470061589.fsa430.pub2,,10.1002/9780470061589.fsa430.pub2,2162778425,,0,035-592-822-881-970; 059-730-428-158-876; 122-463-264-270-35X; 180-088-494-514-913; 184-897-235-429-285,1,false,,
095-027-106-758-298,Disconnects of Specialized Mobile Digital Forensics within the Generalized Field of Digital Forensic Science,,2020,book chapter,Cyber Warfare and Terrorism,,IGI Global,,Gregory H. Carlton; Gary C. Kessler,"<jats:p>The study and practice of forensic science comprises many distinct areas that range from behavioral to biological to physical and to digital matters, and in each area forensic science is utilized to obtain evidence that will be admissible within the legal framework. This article focuses on inconsistencies within the accepted methodology of digital forensics when comparing the current best practices of mobile digital devices and traditional computer devices. Here the authors raise the awareness of this disconnect in methodology, and they posit that some specific tasks within the traditional best practices of digital forensic science are artifacts of ritual rather than based on scientific requirements. </jats:p>",,,593,596,Digital forensics; Computer forensics; Forensic science; Field (mathematics); Digital evidence; Computer science; Mobile device; Data science; Best practice; Computer security; Engineering ethics,,,,,,http://dx.doi.org/10.4018/978-1-7998-2466-4.ch036,,10.4018/978-1-7998-2466-4.ch036,,,0,123-275-701-676-787,0,false,,
095-086-035-972-341,Implementation of Cloud Based Evidence Acquisitions in Digital Forensic Education,2020-12-01,2020,,,,,,Diane Diane,,18,6,46,,Data science; Cloud forensics; Computer science; Cloud computing; Digital forensics,,,,,https://isedj.org/2020-18/n6/ISEDJv18n6p46.html,https://isedj.org/2020-18/n6/ISEDJv18n6p46.html,,,3139133771,,0,,0,false,,
095-334-367-573-486,Practical Guideline for Digital Forensics Laboratory Accreditation – A Case Study,2021-10-31,2021,,,,,,Sarah Taylor; AkmalSuriani Mohamed Rakof; Mohd Zabri Adil Talib,"Digital forensics is a branch of forensic science that is used to assist investigation of cybercrime cases. Digital evidence, such as from mobile devices and computers, are analysed and the data are interpreted to assist the court of law in understanding what has taken place. In order to provide an assurance to the stakeholder on the accuracy of the forensic result, ISO/IEC 17025 has been used by forensic accreditation bodies to accredit laboratories. This paper, presents the case study in getting a digital forensics laboratory accreditation, the methodology, and the lesson learnt. This paper is hoped to provide guidance to those who would like to pursue accreditation for their Digital Forensics Laboratories (DFL).",3,1,1,6,Engineering management; Engineering; Mobile device; Stakeholder; Cybercrime; Digital evidence; Practical guideline; Accreditation; Digital forensics,,,,,https://www.oic-cert.org/en/journal/pdf/3/1/311.pdf https://www.oic-cert.org/en/journal/vol-3-issue-1/practical-guideline-for-digital-forensic.html,https://www.oic-cert.org/en/journal/vol-3-issue-1/practical-guideline-for-digital-forensic.html,,,3209095750,,0,,0,false,,
095-362-324-026-43X,"Digital ""Evidence"" is Often Evidence of Nothing",,2006,book chapter,Digital Crime and Forensic Science in Cyberspace,,IGI Global,,Michael A. Caloyannides,"<jats:p>Digital data increasingly presented in courts as evidence is mistakenly viewed by judges and juries as inherently unalterable. In fact, digital data can be very easily altered and it can be impossible for this falsification to be detected. A number of common ways are described whereby data in one’s computer can enter without the computer owner’s knowledge, let alone complicity. The same applies to all digital storage media, such as those used in digital cameras, digital “tape” recorders, digital divers’ computers, GPS “navigators”, and all other digital devices in common use today. It is important for judges and juries to be highly skeptical of any claims by prosecution that digital “evidence” proves anything at all.</jats:p>",,,334,339,Internet privacy; Nothing; Digital evidence; Computer science; Digital forensics,,,,,https://www.igi-global.com/chapter/digital-evidence-often-evidence-nothing/8361,http://dx.doi.org/10.4018/978-1-59140-872-7.ch015,,10.4018/978-1-59140-872-7.ch015,2482283995,,0,,3,false,,
095-379-515-897-482,Process Forensics: A Pilot Study on the Use of Checkpointing Technology in Computer Forensics,,2004,journal article,International Journal of Digital Evidence,,,,Mark Foster; Joseph N. Wilson,"The goal of this paper is to introduce a new area of computer forensics: process forensics. Process forensics involves extracting information from a process’s address space for the purpose of finding digital evidence pertaining to a computer crime. The challenge of this sub-field is that the address space of a given process is usually lost long before the forensic investigator is analyzing the hard disk and file system of a computer. Therefore, the authors make the case that an accurate and reliable checkpointing tool could create a new source of evidence for the forensic investigator. The technology of checkpointing is nothing new when considering process migration, fault tolerance, or load balancing. However, with respect to computer forensics, the gains from checkpointing have yet to be explored.",3,,,,Load balancing (computing); Address space; File system; Digital evidence; Process migration; Computer security; Computer science; Network forensics; Computer forensics; Fault tolerance,,,,,https://www.utica.edu/academic/institutes/ecii/publications/articles/A0B687DB-C476-3187-6211DDBF21DF3FB8.pdf https://dblp.uni-trier.de/db/journals/ijde/ijde3.html#FosterW04,https://dblp.uni-trier.de/db/journals/ijde/ijde3.html#FosterW04,,,49061614,,0,007-648-632-822-878; 017-358-994-049-12X; 023-146-057-500-521; 039-331-174-673-312; 084-910-509-998-37X; 100-581-939-060-06X; 158-262-072-312-063,2,false,,
095-536-705-667-609,Integrated Forensic Tool for Network Attacks,2019-04-17,2019,book chapter,Security with Intelligent Computing and Big-data Services,21945357; 21945365,Springer International Publishing,,Chia-Mei Chen; Gu-Hsin Lai; Zheng-Xun Tsai,"With the proliferation of cyber-attacks, Digital Forensic, also known as Computer Forensic, becomes more important to collect and analyze the seamless tracks that hackers leave. Through data acquisition, collection, preservation, analysis, examination and report generation, internet administrators are able to trace hackers and make sure of the loss. However, digital forensic is difficult since hackers tend to clean up the evidence of their existence, the complication of devices and log formats further increase the challenges. Existing digital forensic tools usually support some of the tasks in the forensic process instead of the comprehensive one. To make things harder for forensic investigators, these tools typically do not support each other. In order to ease the burden for investigators and make digital forensic available for general users, this re-search proposes an integrated system that can facilitate evidence acquisition, testing, analysis, and reporting in an integrated manner. This proposed system is expected to enhance the efficiency of digital forensic.",,,451,455,The Internet; Forensic science; Data acquisition; Computer security; Computer science; Process (engineering); Computer forensics; TRACE (psycholinguistics); Digital forensics; Hacker,,,,,https://rd.springer.com/chapter/10.1007/978-3-030-16946-6_35 https://link.springer.com/chapter/10.1007%2F978-3-030-16946-6_35,http://dx.doi.org/10.1007/978-3-030-16946-6_35,,10.1007/978-3-030-16946-6_35,2936427245,,0,004-872-169-627-620; 032-697-093-668-898; 068-064-550-401-600,0,false,,
095-707-758-141-911,IFIP Int. Conf. Digital Forensics - Anti-Forensic Threat Modeling,2017-08-31,2017,book chapter,Advances in Digital Forensics XIII,18684238; 1868422x,Springer International Publishing,Germany,Bruno W. P. Hoelz; Marcelo Maues,"The role of a digital forensic professional is to collect and analyze digital evidence. However, anti-forensic techniques can reduce the availability or usefulness of the evidence. They threaten the digital forensic examination process and may compromise its conclusions. This chapter proposes the use of threat modeling to manage the risks associated with anti-forensic threats. Risk management is introduced in the early stages of the digital forensic process to assist a digital forensic professional in determining the resources to be invested in detecting and mitigating the risk. The proposed threat model complements the incident response and digital forensic processes by providing a means for assessing the impact and likelihood of anti-forensic threats, evaluating the cost of risk mitigation and selecting tools and techniques that can be used as countermeasures. This renders the digital forensic process more robust and less susceptible to the consequences of anti-forensic actions.",,,169,183,Risk analysis (engineering); Forensic science; Threat model; Digital forensic process; Digital evidence; Risk management; Computer science; Process (engineering); Compromise; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/ifip11-9/df2017.html#HoelzM17 https://link.springer.com/chapter/10.1007/978-3-319-67208-3_10 https://rd.springer.com/chapter/10.1007/978-3-319-67208-3_10,http://dx.doi.org/10.1007/978-3-319-67208-3_10,,10.1007/978-3-319-67208-3_10,2752965482,,0,008-751-783-762-210; 020-944-423-224-895; 029-059-641-609-668; 043-561-145-542-661; 078-598-867-814-365; 081-087-997-150-265; 088-785-835-330-450; 144-308-011-665-781; 159-958-036-223-962; 195-483-550-768-462,1,true,cc-by,green
095-803-907-508-984,Critical phases in network forensics - a review,,2014,,,,,,Nik Mariza Nik Abdull Malik; Saadiah Yahya; Mohd Taufik Abdullah,"The fragility nature of digital evidence required an adequate investigation procedure to maintain its admissibility. Thus, a Digital Forensic Investigation (DFI) models and frameworks had been proposed by many researchers. These models and frameworks cover all processes involved in investigating digital crimes, from preparation until presentation of the evidence. However, the existing DFI encountered inconsistency in terminologies, sequences and scope of investigation. Therefore, this study reviews the literature on fifteen DFI models and frameworks that has network forensic as a part. This is followed by a proposed conceptual model of two critical phases in network forensics investigation that are, Examination and Analysis.",,,68,75,Conceptual model; World Wide Web; Data science; Scope (project management); Digital evidence; Digital forensic investigation; Computer science; Network forensics,,,,,https://www.sdiwc.net/digital-library/critical-phases-in-network-forensics--a-review.html http://psasir.upm.edu.my/id/eprint/39825/,https://www.sdiwc.net/digital-library/critical-phases-in-network-forensics--a-review.html,,,2111526851,,0,004-706-447-836-905; 005-515-442-506-880; 019-698-064-288-240; 020-944-423-224-895; 026-774-296-742-022; 032-594-758-412-722; 032-697-093-668-898; 038-668-970-194-854; 051-380-288-368-274; 120-454-127-510-479; 120-697-354-224-33X; 132-355-634-397-986; 154-492-912-779-474; 184-948-841-629-735; 190-065-821-748-92X; 199-745-676-923-766,0,false,,
095-847-865-864-079,Forensic Importance of SIM Cards as a Digital Evidence,,2016,journal article,Journal of Forensic Research,21577145,OMICS Publishing Group,,Ankit Srivastava; Pratik Vatsal,"Digital Forensics is a branch of Forensic Science pertaining to evidential articles of digital and electronic nature, of which mobile forensics is a major stream. A proliferation of handheld cellular devices and crimes involving mobile phones in the previous years has led to an enormous demand for specialists in the field of mobile forensics. The interesting part is that any mobile phone is incomplete without a SIM card. Therefore, SIM cards are the most common type of forensic evidence to be found in cases where handheld devices are involved, a SIM card is imperative, no matter the phone belongs to the normal mobile phones category or the satellitephones that contain an iDEN (Integrated Digital Enhanced Network) SIM. These cards are all around us and are now being integrated in driving licenses, debit cards, credit cards, ATM cards, Identity cards, etc. Digital Forensic Science is the skill of a forensic expert to apply the knowledge of computer sciences and the investigative measures for a legal cause requiring the analysis of digital evidences. It is the process of identifying, preserving, analyzing, and presenting digital evidence in a manner that is legally acceptable. The motive of the process is to preserve any digital evidence in its most original form while performing a planned analysis by identifying, collecting and validating the digital information for the purpose of reconstructing past events.",7,2,1,4,ATM card; Mobile device; Mobile phone; Digital evidence; Computer security; Subscriber identity module; Computer science; Computer forensics; Mobile device forensics; Digital forensics,,,,,https://www.hilarispublisher.com/open-access/forensic-importance-of-sim-cards-as-a-digital-evidence-2157-7145-1000322.pdf https://www.hilarispublisher.com/abstract/forensic-importance-of-sim-cards-as-a-digital-evidence-36355.html https://www.omicsonline.org/open-access/forensic-importance-of-sim-cards-as-a-digital-evidence-2157-7145-1000322.pdf https://www.mendeley.com/catalogue/e95a0629-9d1f-3e8a-9e81-8ab38be513b3/,http://dx.doi.org/10.4172/2157-7145.1000322,,10.4172/2157-7145.1000322,2516654580,,0,084-620-225-862-010; 132-234-095-047-23X; 155-784-834-321-193; 159-516-414-584-397,2,true,cc-by,hybrid
095-901-461-200-457,FrankenFRED: a custom digital forensics workflow and digital preservation lab for the Archives of Ontario,2021-06-08,2021,dissertation,,,Ryerson University Library and Archives,,Blanche Joslin,"<jats:p>Digital forensics allows cultural heritage institutions to validate, preserve, and recover digital objects. This thesis discusses the development and implementation of a custom digital forensics workflow for the Archives of Ontario. The justifications for the workflow are based on research into digital forensics, authenticity, diplomatics, and digital preservation. The workflow seeks to clarify best-practice policies and procedures for using a Digital Intelligence Forensic Recover of Evidence Device (FRED), an out-of-the-box digital forensics hardware solution. The Archive procured a FRED tower requiring an implementation plan and overall strategy for its effective use. Presented in this paper is a workflow built specifically for the needs of the Archives as well as justifications for the processes proposed within the workflow. The BitCurator processing environment is addressed as an integral tool for implementation. Also discussed are modifications made to the Archive’s FRED tower to produce what I have called FrankenFRED.</jats:p>",,,,,Workflow; Digital forensics; Computer science; Plan (archaeology); Workflow engine; Digital evidence; Digital Archives; Digital preservation; Tower; World Wide Web; Digital content; Computer forensics; Software engineering,,,,,,http://dx.doi.org/10.32920/ryerson.14654511,,10.32920/ryerson.14654511,,,0,,0,true,,green
097-001-053-310-699,Photographic evidence protocol: The use of digital imaging methods to rectify angular distortion and create life size reproductions of Bite mark evidence,2002-01-01,2002,journal article,Journal of forensic sciences,00221198,Wiley-Blackwell,United States,Charles Michael Bowers; Raymond J. Johansen,"Bite mark evidence seen in skin injuries or objects is commonly photographed for evidentiary documentation, preservation, and analysis. Distortion in forensic evidence photographs diminishes the outcome of analytical procedures available to the forensic odontologist. Inaccurate positioning of the evidence, camera, or measurement reference scale creates perspective and parallax distortion of the captured image. These variables must be eliminated, if possible, to ensure reliable results derived from comparison of the suspect teeth and the bite mark. Detection and measurement of camera/evidence/scale misalignment is the threshold step in evidence evaluation, and is possible through digital imaging methods coupled with established methods. Correction (rectification) of perspective distortion is possible through the application of additional digital editing techniques. This study establishes type categories of perspective and parallax distortion seen in bite mark evidence, validates the use of the digital imaging tools of Adobe® Photoshop® to correct certain types of distortion, and establishes a forensic protocol to verify the accuracy of evidence photographs requiring dimensional accuracy.",47,1,178,185,Digital imaging; Distortion; Photography; Perspective (graphical); Engineering; Artificial intelligence; Parallax; Forensic dentistry; Perspective distortion; Protocol (science); Computer vision,,"Bites, Human; Forensic Dentistry/methods; Humans; Image Processing, Computer-Assisted; Photography; Sensitivity and Specificity; Software",,,https://europepmc.org/article/MED/12064648 https://www.astm.org/DIGITAL_LIBRARY/JOURNALS/FORENSIC/PAGES/JFS15221J.htm https://www.astm.org/cgi-bin/googleScholar.cgi?JFS15221J+PDF,http://dx.doi.org/10.1520/jfs15221j,12064648,10.1520/jfs15221j,9726582,,0,000-097-289-632-651; 002-822-634-996-811; 015-840-881-736-102; 019-019-577-536-660; 028-647-558-047-152; 095-856-925-718-642; 105-166-314-182-714; 117-533-140-820-84X,18,false,,
097-475-798-512-089,Digital Evidence Bags,,,dissertation,,,,,Philip Bryan Turner,"This thesis analyses the traditional approach and methodology used to conduct; digital forensic information capture, analysis and investigation. The predominant; toolsets and utilities that are used and the features that they provide are reviewed.; This is used to highlight the difficulties that are encountered due to both; technological advances and the methodologies employed. It is suggested that these; difficulties are compounded by the archaic methods and proprietary formats that are; used.; An alternative framework for the capture and storage of information used in digital; forensics is defined named the `Digital Evidence Bag' (DEB). A DEB is a universal; extensible container for the storage of digital information acquired from any digital; source. The format of which can be manipulated to meet the requirements of the; particular information that is to be stored. The format definition is extensible thereby; allowing it to encompass new sources of data, cryptographic and compression; algorithms and protocols as developed, whilst also providing the flexibility for some; degree of backwards compatibility as the format develops.; The DEB framework utilises terminology to define its various components that are; analogous with evidence bags, tags and seals used for traditional physical evidence; storage and continuity. This is crucial for ensuring that the functionality provided by; each component is comprehensible by the general public, judiciary and law; enforcement personnel without detracting or obscuring the evidential information; contained within.; Furthermore, information can be acquired from a dynamic or more traditional static; environment and from a disparate range of digital devices. The flexibility of the DEB; framework permits selective and/or intelligent acquisition methods to be employed; together with enhanced provenance and continuity audit trails to be recorded.; Evidential integrity is assured using accepted cryptographic techniques and; algorithms.; The DEB framework is implemented in a number of tool demonstrators and applied; to a number of typical scenarios that illustrate the flexibility of the DEB framework; and format.; The DEB framework has also formed the basis of a patent application",,,,,Internet privacy; Digital evidence; Computer science,,,,,https://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.490497 https://radar.brookes.ac.uk/radar/items/73e440b3-4c3b-4fe3-8dea-1860ff32bd2b/1/ https://radar.brookes.ac.uk/radar/file/73e440b3-4c3b-4fe3-8dea-1860ff32bd2b/1/turner2008digital.pdf https://core.ac.uk/download/341768724.pdf,http://dx.doi.org/10.24384/fkhx-sx78,,10.24384/fkhx-sx78,3034128678,,0,,1,true,,
097-729-559-656-234,Cyber Forensic – A Literature Review,,2019,journal article,"Trinity Journal of Management, IT & Media",23206470,ACS Publisher,,Aparna Chaturvedi; Ashish Awasthi,"<jats:p>Cyber Forensics is a branch of forensic science that is aimed to restore, collect and examine the digital evidence of materials found in digital devices, in relation to cybercrimes. With the advancement in cyber area, frequent use of internet and technologies leads to cyber-attacks. Cyber forensic is opted for acquiring electronic information and investigation of malicious evidence found in system or on network in such a manner that makes it admissible in court. It is also used to recover lost information in a system. The retrived information is used to prosecute a criminal. Number of crimes committed against an internet and malware attacks over the digital devices have increased. This paper contains a brief review of the literature aimed to identify the relevant pieces of knowledge in the digital forensics field.</jats:p>",10,1,24,29,Digital forensics; Digital evidence; Computer forensics; Computer security; Cyber crime; The Internet; Malware; Computer science; Network forensics; Relation (database); Field (mathematics); Internet privacy; Forensic examination; Cybercrime; Data science; World Wide Web; Engineering; Data mining; Forensic engineering; Mathematics; Pure mathematics,,,,,,http://dx.doi.org/10.48165/tjmitm.2019.1002,,10.48165/tjmitm.2019.1002,,,0,,1,false,,
098-112-404-431-213,IFIP Int. Conf. Digital Forensics - Forensics and Privacy-Enhancing Technologies - Logging and Collecting Evidence in Flocks.,,2005,book,,,,,Martin S. Olivier,,,,17,31,Internet privacy; Logging; Engineering; Flock; Privacy-enhancing technologies; Computer security,,,,,https://dblp.uni-trier.de/db/conf/ifip11-9/df2005.html#Olivier05,https://dblp.uni-trier.de/db/conf/ifip11-9/df2005.html#Olivier05,,,28512324,,0,007-472-120-727-053; 018-002-185-931-71X; 024-993-702-381-603; 026-302-583-616-373; 046-505-599-865-150; 060-106-266-405-518; 076-799-264-693-179; 090-936-186-496-086; 110-054-267-420-832; 122-578-717-500-550; 122-880-373-616-302; 124-645-321-705-234; 124-782-072-913-075; 134-015-275-935-720; 152-405-075-297-556; 188-524-810-842-310,5,false,,
098-789-704-370-365,An Analysis of Zinc-Toxicological Profiling from Forensic Biological Evidence-Urine,2019-04-25,2019,journal article,Journal of Forensic Sciences and Digital Investigation,,Northern California Open Access Publications,,,,,,55,59,Forensic science; Profiling (computer programming); Urine; DNA profiling; Biology; Computational biology; Computer science; Genetics; Biochemistry; DNA; Operating system,,,,,,http://dx.doi.org/10.29199/2637-7136/fsdi-201023,,10.29199/2637-7136/fsdi-201023,,,0,,0,true,cc-by,hybrid
098-869-712-584-566,A Comparative Study of Analysis and Extraction of Digital Forensic Evidences from exhibits using Disk Forensic Tools,,2019,journal article,International Journal of Cyber-Security and Digital Forensics,23050012,The Society of Digital Information and Wireless Communications (SDIWC),,Kumarshankar Raychaudhuri,,8,3,194,205,Forensic science; Information retrieval; Computer science; Extraction (chemistry); Wireless; Digital forensics,,,,,http://sdiwc.net/digital-library/a-comparative-study-of-analysis-and-extraction-of-digital-forensic-evidences-from-exhibits-using-disk-forensic-tools,http://dx.doi.org/10.17781/p002608,,10.17781/p002608,3039935325,,0,025-832-466-975-926; 052-417-651-826-763; 054-471-285-379-894; 099-582-340-445-44X; 151-798-189-363-682,0,false,,
098-880-940-361-257,The use of Artificial Intelligence in digital forensics: An introduction,2014-01-27,2014,journal article,Digital Evidence and Electronic Signature Law Review,20548508; 17564611,School of Advanced Study,Spain,F. Mitchell,"Dr Faye Mitchell argues that the use of Artificial Intelligence, which is a well-established area of modern computer science that is capable of dealing with computationally large or complex problems, could be useful for digital forensics. Digital forensics is becoming increasingly important, and often requires the intelligent analysis of large amounts of complex data. Artificial Intelligence could help to bridge the gap.",7,0,35,41,Artificial intelligence; Bridge (interpersonal); Complex problems; Computer science; Digital forensics,,,,,https://pureportal.coventry.ac.uk/en/publications/the-use-of-artificial-intelligence-in-digital-forensics-an-introd https://sas-space.sas.ac.uk/5533/ https://journals.sas.ac.uk/deeslr/article/view/1922/1859 https://core.ac.uk/download/228154935.pdf,http://dx.doi.org/10.14296/deeslr.v7i0.1922,,10.14296/deeslr.v7i0.1922,2026744384,,0,,15,true,cc-by-nc-nd,hybrid
098-981-636-587-676,A Forensic Investigation for Suspects' Digital Evidences Using Image Categorization,,2008,conference proceedings article,2008 Advanced Software Engineering and Its Applications,,IEEE,,Youngsoo Kim; Dowon Hong; Dongho Won,"In computer crimes, even in general crimes, important evidence or clues are increasingly stored in a variety of electronic media, such as computer or mobile devices. The digital data is easily duplicated and it is difficult to discriminate the original from a copy. Further, the digital data can be easily falsified, changed, or deleted from the original data. Therefore, criminal investigations need high level forensic technologies to get better evidences from digital data in suspectspsila computers. This paper is about forensic analyses for digital evidences including a lot of images like pictures and photos. Usually forensic examiners open to check every image files included at hard disks of suspectspsila computers or memory cards. If they have huge amount of images, it takes too much time to check and analyze them. Therefore we use an image filter applying a learning model to divide them into some categories automatically. Through this way, forensic examiners can check out only related image files and then reduce analyzing time. Since, in advance, forensic examiners make some categories for classifying images and input and learn huge amount of image samples to this image filter, accuracy for classifying image files could be improved.",,,241,244,Criminal investigation; Electronic media; Artificial intelligence; Mobile device; Information retrieval; Digital data; Computer vision; Computer science; Image file formats; Contextual image classification; Composite image filter; Digital forensics,,,,,http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000004721352 https://www.computer.org/csdl/proceedings-article/asea/2008/3432a241/12OmNzVXNYu http://ieeexplore.ieee.org/document/4721352/ https://ieeexplore.ieee.org/document/4721352/,http://dx.doi.org/10.1109/asea.2008.19,,10.1109/asea.2008.19,2134775072,,1,003-978-064-785-082; 016-255-634-578-521; 027-596-318-311-424; 058-854-706-201-482; 095-679-717-550-852; 125-950-878-824-107; 132-734-618-609-74X; 191-624-512-482-739,0,false,,
099-138-819-317-377,LABORATORY #16 Digital Forensics,,2014,book chapter,,,,,Elizabeth Erickson,"Laboratory #16, Digital Forensics, introduces the student to various forms of electronic evidence. Electronic devices and the different components of external evidence are explained to illustrate the different items that can be retrieved at the forensic laboratory. Packaging of digital evidence is explained with photographic techniques to prevent destruction of files due to deletion or static. The chapter ends with a laboratory exercise to show proficiency in analyzing data retrieved from an electronic device and completion of required paperwork.",,,197,198,Engineering; Electronics; Digital evidence; Multimedia; Digital forensics,,,,,https://content.taylorfrancis.com/books/download?dac=C2014-0-36881-X&isbn=9781315721811&doi=10.4324/9781315721811-24&format=pdf http://www.sciencedirect.com/science/article/pii/B9781455731404000460 https://www.taylorfrancis.com/books/9781315721811/chapters/10.4324/9781315721811-24,https://content.taylorfrancis.com/books/download?dac=C2014-0-36881-X&isbn=9781315721811&doi=10.4324/9781315721811-24&format=pdf,,,2219815346,,0,,0,false,,
099-446-510-492-905,Digital investigations: relevance and confidence in disclosure,2021-09-21,2021,journal article,ERA Forum,16123093; 18639038,Springer Science and Business Media LLC,Germany,Philip Anderson; Dave Sampson; Seanpaul Gilroy,"<jats:title>Abstract</jats:title><jats:p>The field of digital forensics has grown exponentially to include a variety of digital devices on which digitally stored information can be processed and used for different types of crimes. As a result, as this growth continues, new challenges for those conducting digital forensic examinations emerge. Digital forensics has become mainstream and grown in importance in situations where digital devices used in the commission of a crime need examining. This article reviews existing literature and highlights the challenges while exploring the lifecycle of a mobile phone examination and how the disclosure and admissibility of digital evidence develops.</jats:p>",22,4,587,599,,,,,,,http://dx.doi.org/10.1007/s12027-021-00687-1,,10.1007/s12027-021-00687-1,,,0,009-284-801-057-774; 050-618-920-212-97X; 088-938-096-763-07X; 094-468-232-325-36X; 167-751-222-897-487,0,true,cc-by,hybrid
099-610-658-392-435,Cross-Computer Malware Detection in Digital Forensics,,2010,dissertation,,,,,Anders Orsten Flaglien,"Malware poses a huge threat to society, which is heavily dependent on computer technology. Traces of malicious activity can be identified through digital forensics techniques. Digital forensics is performed in a semi-automatic manner. Forensic personnel have to administrate the forensic tools and the process of searching for digital evidence on suspect, confiscated computers. This becomes a daunting task when multiple machines are to be analyzed and the data volumes increase. Analysis of common characteristics in a set of multiple computers can be used to improve knowledge and to detect anomalies and thereby malware. This Master thesis proposes a correlation method for the automatic identification of malware traces across multiple computers. Through the use of existing digital forensics methods and data mining techniques, correlations between multiple machines are used to improve the efficiency and effectiveness of detecting traces of malware.",,,,,Set (abstract data type); Digital evidence; Computer technology; Computer security; Computer science; Network forensics; Malware; Identification (information); Digital forensics; Process (computing),,,,,https://brage.bibsys.no/xmlui/handle/11250/143928,https://brage.bibsys.no/xmlui/handle/11250/143928,,,2501996246,,0,001-159-184-276-045; 001-381-793-304-07X; 002-633-789-384-681; 003-914-087-930-50X; 004-652-388-189-304; 005-134-067-072-427; 008-799-792-677-985; 010-000-232-173-430; 010-373-563-566-070; 010-423-042-177-734; 015-537-933-151-383; 017-335-677-993-203; 017-792-082-122-197; 018-182-926-340-45X; 021-648-015-321-821; 024-735-069-822-749; 028-050-555-799-314; 029-211-923-145-009; 029-559-417-117-483; 032-760-465-037-173; 033-241-817-699-448; 033-245-654-510-492; 033-877-222-136-260; 037-159-624-709-438; 039-210-184-712-636; 041-293-049-296-658; 052-665-370-203-554; 053-231-211-358-450; 060-207-250-206-859; 060-510-623-690-965; 061-326-248-978-030; 061-549-181-856-861; 065-407-200-990-620; 067-579-992-792-30X; 072-827-051-004-149; 074-184-797-217-999; 085-214-277-668-01X; 089-125-626-038-560; 094-336-360-386-20X; 097-567-011-227-46X; 098-389-706-603-764; 099-169-442-324-498; 100-153-238-992-349; 103-190-538-717-121; 114-621-082-012-238; 124-318-862-509-182; 125-781-262-431-474; 127-767-955-792-282; 136-606-982-080-327; 136-745-511-009-321; 140-821-103-436-654; 146-195-067-676-708; 150-249-549-372-358; 173-739-209-507-152; 184-948-841-629-735; 186-993-770-394-232; 187-147-326-263-096,5,false,,
099-630-130-390-763,A Project of Protection Digital Evidence,,2011,journal article,Advanced Materials Research,16628985,"Trans Tech Publications, Ltd.",,Huan Zhou Li; Jian Zhang; Zhang Guo Tang; Ming Quan Zhong,"To protect digital evidence during Computer Forensics, the measure of protection digital evidence was analyzed, and a project of protection digital evidence (Digital Evidence Protection System, called DEPS) was designed. In this paper, the framework and element of DEPS was introduced, and the mechanism of multi-digital-signature and digital time-stamp of DEPS was described.",268-270,,1653,1656,Engineering; Digital evidence; Protection system; Computer security; Computer forensics,,,,,https://www.scientific.net/AMR.268-270.1653,http://dx.doi.org/10.4028/www.scientific.net/amr.268-270.1653,,10.4028/www.scientific.net/amr.268-270.1653,2002790918,,0,032-875-845-675-054; 038-668-970-194-854; 188-762-236-378-448; 199-745-676-923-766,0,false,,
100-289-225-534-501,Challenges and Requirements of Digital Forensics Investigation in Wireless Ad-hoc Networks,,2012,journal article,International Journal of Advanced Research in Computer Science,09765697,,,Muhammad Sufyian Mohd Azmi; Labeeb Mohsin Abdullah Abdulrahman H. Altalhi; Zailani Mohamed Sidek,"Digital forensics involves the acquisition and investigation of materials that are collected from digital devices involved in digital crimes. Currently, the term ―digital forensics ― is used to cover the investigation of all devices used to store digital data .There are some technologies that have the ability of expanding, and wireless ad-hoc network technology is one of them. Due to the nature of wireless ad-hoc networks, difficulties commonly arise, and as a result, investigating such networks, create large challenges. Thus, the goals of this paper are to understand the concepts of wireless ad-hoc networks and the challenges of collecting live evidence on such networks, to highlight the research requirements, and to propose solutions to some of these challenges. Keywords: Digital forensics, Wireless Ad-hoc networks, Digital crimes, Digital investigation.",3,1,26,30,Digital data; Cover (telecommunications); Computer science; Multimedia; Wireless; Term (time); Digital forensics; Wireless ad hoc network,,,,,https://www.ijarcs.info/index.php/Ijarcs/article/view/980,https://www.ijarcs.info/index.php/Ijarcs/article/view/980,,,2948414786,,0,,0,false,,
100-604-273-662-062,WDFIA - Finding Digital Forensic Evidence in Graphic Design Applications.,,2012,book,,,,,Enos K. Mabuto; Hein S. Venter,"Graphic design applications are often used for the editing and design of digital art. The same applications can be used for creating counterfeit documents like identity documents (IDs), driver’s licenses or passports among others. However the use of any graphic design application leaves behind traces of digital information which can be used during a digital forensic investigation. Current digital forensic tools examine a system to find digital evidence but they do not examine a system specifically for the creating of counterfeit documents. This paper reviews the digital forensics analysis process involved in the creation of counterfeit documents by determining and corroborating the events that previously occurred. The analysis is achieved by associating the digital forensic information gathered to the possible actions taken, precisely, the scanning, editing, saving and printing of counterfeit documents. The digital forensic information is gathered by analyzing the files generated by the particular graphic design application used for document creating. Another analysis is conducted on user generated files, the actual files that can be used as potential evidence to establish file structural contents and the relationship with the associated actions. This involves analyzing the user generated files associated with these applications and determining their signatures and related metadata. Contextually, the authors illustrate an evaluation disclosing the digital forensic evidence gathered from graphic design applications.",,,12,26,World Wide Web; Graphic design; Identity (object-oriented programming); Counterfeit; Digital evidence; Computer science; Process (engineering); Digital art; Digital forensics; Metadata,,,,,https://dblp.uni-trier.de/db/conf/wdfia/wdfia2012.html#MabutoV12 http://www.cscan.org/openaccess/?paperid=93,https://dblp.uni-trier.de/db/conf/wdfia/wdfia2012.html#MabutoV12,,,2396028928,,0,057-248-775-735-756; 119-234-785-721-155; 148-698-839-036-557; 154-778-607-714-379; 178-802-460-523-444; 199-172-967-270-034,0,false,,
100-605-679-523-470,Advantages of micro-CT in the case of a complex dismemberment.,2022-02-04,2022,report,Journal of forensic sciences,15564029; 00221198,Wiley-Blackwell,United States,Kirsty Alsop; Danielle G Norman; Waltraud Baier; Jim Colclough; Mark A Williams,"This case study reports the advantages of micro-CT to aid the investigative process in a complex dismemberment case. Micro-CT was successfully implemented to scan all skeletal remains of a dismembered female. The digital models were utilized to (i) screen for any further injuries not related to the dismemberment, (ii) provide measurements from false starts non-destructively, and (iii) visually represent the evidence in a structured format in court to improve the understanding of the forensic evidence by the jury. Acquiring high-resolution scans in this manner improved the efficiency of the forensic investigation by screening the remains and provided complementary toolmark evidence to the investigating team and forensic pathologist. A total of 14 false starts were identified along with the directionality of each dismemberment cut. Furthermore, the visual 3D representation of the remains in court provided a powerful tool to communicate this important evidence to the jury and form a prosecution narrative. As a forensic radiological method, micro-CT provided valuable information both in the investigation and the court presentation.",67,3,1258,1266,Dismemberment; Jury; Presentation (obstetrics); Narrative; Digital forensics; Process (computing),case report; dismemberment; false start; micro-CT; tool marks,Corpse Dismemberment; Female; Humans; X-Ray Microtomography,,,,http://dx.doi.org/10.1111/1556-4029.15007,35118663,10.1111/1556-4029.15007,,PMC9305105,0,007-059-931-241-63X; 007-764-914-784-708; 008-352-522-201-011; 008-926-843-467-099; 010-939-151-593-806; 011-086-933-034-499; 020-814-452-501-251; 023-963-722-027-341; 024-441-245-472-976; 032-634-687-844-547; 032-965-583-542-305; 037-654-439-155-056; 042-107-717-234-431; 042-141-941-221-562; 044-898-264-340-763; 053-650-463-239-366; 054-533-652-183-967; 061-309-114-020-746; 070-365-266-271-475; 074-740-330-884-645; 087-197-245-898-84X; 088-783-580-458-92X; 090-396-559-845-089; 100-605-679-523-470; 100-631-662-757-173; 106-917-349-248-93X; 114-183-567-845-310; 127-218-544-065-062; 135-595-220-431-568; 142-002-284-513-308; 173-754-658-098-425; 178-456-110-092-227,1,true,cc-by,hybrid
101-313-419-021-994,Understanding Computer Forensics Requirements in China via the “Panda Burning Incense” Virus Case,,2014,journal article,"Journal of Digital Forensics, Security and Law",15587223,Embry-Riddle Aeronautical University/Hunt Library,,Kam-Pui Chow; Frank Y. W. Law; Y. H. Mai,"In March 2012, Mainland China has amended its Criminal Procedure Law, which includes the introduction of a new type of evidence, i.e., digital evidence, to the court of law. To better understand the development of computer forensics and digital evidence in Mainland China, this paper discusses the Chinese legal system in relation to digital investigation and how the current legal requirements affect the existing legal and technical usage of digital evidence at legal proceedings. Through studying the famous ""Panda Burning Incense (Worm.WhBoy.cw)"" virus case that happened in 2007, this paper aims to provide a better understanding of how to properly conduct computer forensics examination and present digital evidence at court of law in Mainland China.",9,2,51,58,Mainland China; Political science; China; Law; Digital evidence; Computer security; Criminal procedure; Incense; Computer forensics,,,,,https://core.ac.uk/display/91667418 https://doaj.org/article/d8d352362129465b89a2631dfcac16ab https://commons.erau.edu/jdfsl/vol9/iss2/5/ https://commons.erau.edu/cgi/viewcontent.cgi?article=1170&context=jdfsl https://dblp.uni-trier.de/db/journals/jdfsl/jdfsl9.html#ChowLM14 https://www.mendeley.com/catalogue/5cc31364-f57d-3fb0-8321-cb4f4a8f7c35/,http://dx.doi.org/10.15394/jdfsl.2014.1170,,10.15394/jdfsl.2014.1170,2130476451,,0,001-139-787-841-711; 021-850-998-857-676; 029-611-752-396-235; 110-079-538-894-548; 140-967-697-100-606; 199-172-967-270-034,0,true,cc-by-nc,gold
101-492-226-103-156,Challenges in Digital Forensics and Future Aspects,2022-06-29,2022,book chapter,Unleashing the Art of Digital Forensics,,Chapman and Hall/CRC,,Shreyas S. Muthye,"Digital forensics is an important arm of information technology and, more importantly, law enforcement agencies. Since the rise of digital evidence, all law enforcement agencies have a dedicated digital forensics division to carry out examination and investigation. Digital forensic investigations get complex quite often and hit a few hurdles. The challenges faced by a digital forensic expert often go unnoticed or overlooked and need attention from senior authorities. In this chapter, we’ll briefly discuss these challenges and how they hamper the investigation process and how these are being tackled. Each stage of digital forensic investigation has its own challenge – forensic imaging of high-volume storage media will take a lot of time and slow the examination process. Encrypted device/data is not useful until it is decrypted. If advanced methods such as JTAG and Chip-off are required, then the forensic lab must have the setup and skilled personnel to conduct such an advanced level of examination.",,,75,84,Digital forensics; Digital evidence; Computer forensics; Law enforcement; Process (computing); Encryption; Computer security; Computer science; Internet privacy; Engineering,,,,,,http://dx.doi.org/10.1201/9781003204862-6,,10.1201/9781003204862-6,,,0,,0,false,,
101-549-415-202-81X,Standardization of forming and expressing preliminary evaluative opinions on digital evidence,,2020,journal article,Forensic Science International: Digital Investigation,26662817,Elsevier BV,,Eoghan Casey,,32,,200888,,Standardization; Data science; Standardized approach; Interim; International community; Digital evidence; Computer science; Reliability (statistics); Interpretation (philosophy); Digital forensics,,,,,https://www.sciencedirect.com/science/article/abs/pii/S1742287619303147 https://doi.org/10.1016/j.fsidi.2019.200888,http://dx.doi.org/10.1016/j.fsidi.2019.200888,,10.1016/j.fsidi.2019.200888,3003603895,,0,009-512-003-529-193; 010-963-610-208-920; 014-966-931-773-938; 015-238-949-406-002; 018-182-926-340-45X; 021-798-083-032-603; 028-472-372-312-622; 040-376-945-320-975; 041-724-921-575-089; 048-250-488-210-056; 050-296-813-523-597; 058-717-000-287-105; 061-269-967-405-492; 064-549-392-650-90X; 066-351-117-066-660; 085-315-744-117-237; 085-370-444-410-812; 087-342-951-350-054; 106-010-372-725-049; 117-555-147-368-574; 123-006-126-477-128; 131-696-619-498-120; 141-366-693-391-357; 148-223-435-969-407; 173-145-269-859-717,15,false,,
101-875-322-318-577,Mobile Digital Forensic Procedure for Crime Investigation in Social Network Service,2013-06-30,2013,journal article,The Journal of Korea Navigation Institute,12269026,The Korea Navigation Institute,,Yu Jong Jang; Jin Kwak,"Social network services(SNS) has been used as a means of communication for user or express themselves user. Therefore, SNS has a variety of information. This information is useful to help the investigation can be used as evidence. In this paper, A study of mobile digital forensic procedure for crime investigation in social network service. Analysis of database file taken from the smartphone at social network service application for mobile digital forensic procedure. Therefore, we propose a procedure for the efficient investigation of social network service mobile digital forensic.",17,3,325,331,Engineering; Variety (cybernetics); World Wide Web; Crime investigation; Social network service; Database file; Digital forensics; Social network,,,,,http://www.koreascience.or.kr/article/ArticleFullRecord.jsp?cn=HHHHBI_2013_v17n3_325,http://dx.doi.org/10.12673/jkoni.2013.17.3.325,,10.12673/jkoni.2013.17.3.325,2041159558,,0,105-128-303-857-483; 159-397-815-304-211; 199-745-676-923-766,4,false,,
101-894-461-425-579,A New Digital Evidence Retrieval Model for Gambling Machine Forensic Investigation,2012-01-20,2012,journal article,Jurnal Teknologi,21803722; 01279696,Penerbit UTM Press,Malaysia,Pritheega Magalingam; Azizah Abdul Manaf; Zuraimi Yahya; Rabiah Ahmad,"Analisis forensik perkakasan melibatkan proses menganalisa data yang di perolehi secara elektronik untuk menunjukkan bukti sama ada peralatan elektronik adalah digunakan untuk melakukan jenayah, mengandungi bukti jenayah atau ia adalah satu sasaran jenayah. Penyalahgunaan mesin permainan merupakan sumber utama permainan haram dijalankan. Kerja penyelidikan ini memperkenalkan kaedah mendapatkan maklumat dari satu mesin permainan yang telah dirampas oleh PDRM dan menganalisis data yang diterjemahkan untuk membuktikan bahawa mesin permainan tersebut digunakan secara haram. Prosedur mendapatkan bukti digital ini dibina untuk membantu pihak polis atau penyiasat dalam penganalisaan maklumat digital dan ia boleh dijadikan sebagai satu garis panduan untuk mengenalpasti bukti yang relevan untuk menunjukan aktiviti perjudian haram dijalankan.;  Kata kunci: Forensik digital, analisis forensik, mesin judi, kaedah pengambilan informasi, penterjemahan, pencarian kata;  Hardware forensic analysis involves the process of analyzing digital evidence derived from digital sources. The analysis is done to facilitate and prove either the device is used to commit crime, whether it contains evidence of a crime or is the target of a crime. Gambling machines serve as the main source by which illegal games are conducted. This paper presents a method for retrieving information from a seized gaming machine, along with an analysis of the interpreted information to prove that the gaming machine was used illegally. The proposed procedures for the gambling machine forensic process will be important for forensic investigators (e.g., the police or private investigators), as they will assist these individuals in the digital forensic evidence analysis necessary to produce evidence relevant to illegal gambling.;  Key words: digital forensic, forensic analysis, gambling machine, information retrieval method, interpretation, string search",54,1,55,69,Forensic science; Psychology; Information retrieval; Digital evidence; Computer security; Digital forensics,,,,,http://jurnalteknologi.utm.my/index.php/jurnalteknologi/article/view/91 https://www.researchgate.net/profile/Pritheega_Magalingam/publication/269758697_A_New_Digital_Evidence_Retrieval_Model_For_Gambling_Machine_Forensic_Investigation/links/557a3f2108ae75363756ffdf.pdf https://core.ac.uk/display/42912128 https://journals.utm.my/jurnalteknologi/article/view/91 http://www.ijofcs.org/V04N1-PP05%20-%20A%20New%20Digital%20Evidence%20Retrieval%20Model%20for%20Gambling%20Machine.pdf http://eprints.utm.my/id/eprint/44692/,http://dx.doi.org/10.11113/jt.v54.91,,10.11113/jt.v54.91,2039523489,,0,026-810-683-474-561; 074-933-143-629-826; 087-705-894-476-40X; 105-427-271-392-801; 107-096-001-312-874; 126-338-081-626-731,0,false,,
102-039-076-781-269,Comprehensive analysis on hardware forensic for gambling machine,2008-11-01,2008,dissertation,,,,,Pritheega Magalingam,"Hardware forensic analysis involves process of analyzing digital evidence derived from digital sources in order to facilitate and prove either the device is used to commit crime, contains evidence of crime or it is a target of crime. The digital evidence is analyzed to determine the type of information that is stored. For this purpose special tools might be needed to translate the digital information in a format that is useful to the investigators. Besides other electronic devices that commonly encountered in crime scenes such as computer systems, access control devices, answering machines, personal digital assistants, modems, network components, pagers and etc. which can produce digital evidence, law enforcement also shows their wide concern towards gambling machine which is the main source of conducting illegal game. An illegal game is defined by the law as a game which a player can win money or gifts by the game results and the results is based on chances. Law forbids conducting or involving in such games. This project presents information retrieval method from a gaming machine which was seized and analysis on the information interpreted to prove that the gaming machine is used illegally. These procedures were required by PDRM which will be part of gambling machine forensic process and it will assist them in digital forensic evidence analysis as a guideline to produce evidence which is relevant to prove the illegal gambling.",,,,,Engineering; Pager; Commit; Crime scene; Law enforcement; Digital evidence; Computer security; Process (engineering); Access control; Digital forensics; Computer hardware,,,,,http://eprints.utm.my/id/eprint/9458/,http://eprints.utm.my/id/eprint/9458/,,,187424979,,0,,0,false,,
102-047-507-068-765,Forensic aspects of digital evidence: contributions and initiatives by the National Center for Forensic Science (NCFS),2002-08-14,2002,conference proceedings article,SPIE Proceedings,0277786x,SPIE,,Carrie Morgan Whitcomb,"Digital evidence is information of probative value that is either stored or transmitted in a digital form. Digital evidence can exist as words (text), sound (audio), or images (video or still pictures). Law enforcement and forensic scientists are faced with collecting and analyzing these new forms of evidence that previously existed on paper or on magnetic tapes. They must apply the law and science to the processes they use. Extrapolating the old processes into the new formats has been proceeding since the 1980's. Regardless of the output format, all digital evidence has a certain commonality. One would assume that the rules of evidence and the scientific approach would also have some common characteristics. Obviously, there is also a divergence due to the differences in outputs. It is time to approach the issues regarding digital evidence in a more deliberate, organized, and scientific manner. The program outlined by the NCFS would explore these various formats, their features common to traditional types of forensic evidence, and their divergent features and explore the scientific basis for handling of digital evidence. Our web site, www.ncfs.org, describes our programs.",4708,,111,120,Engineering; Forensic science; Divergence (linguistics); Data science; Center (algebra and category theory); Rules of evidence; Law enforcement; Digital evidence; Web site; Computer security; Computer forensics,,,,,https://www.spiedigitallibrary.org/conference-proceedings-of-spie/4708/1/Forensic-aspects-of-digital-evidence--contributions-and-initiatives-by/10.1117/12.479289.full https://proceedings.spiedigitallibrary.org/proceeding.aspx?articleid=884582 https://ui.adsabs.harvard.edu/abs/2002SPIE.4708...23W/abstract,http://dx.doi.org/10.1117/12.479289,,10.1117/12.479289,2073112710,,0,,0,false,,
102-117-623-922-990,ISSE - Digital Forensics as a Big Data Challenge,,2013,journal article,ISSE 2013 Securing Electronic Business Processes,,Springer Fachmedien Wiesbaden,,Alessandro Guarino,"Digital Forensics, as a science and part of the forensic sciences, is facing new challenges that may well render established models and practices obsolete. The dimensions of potential digital evidence supports has grown exponentially, be it hard disks in desktop and laptops or solid state memories in mobile devices like smartphones and tablets, even while latency times lag behind. Cloud services are now sources of potential evidence in a vast range of investigations and network traffic also follows a growing trend and in cyber security the necessity of sifting through vast amount of data quickly is now paramount. On a higher level investigations - and intelligence analysis - can profit from sophisticated analysis of such datasets as social network structures, corpora of text to be analysed for authorship and attribution. All of the above highlights the convergence between so-called data science and digital forensics, to tack the fundamental challenge of analyse vast amount of data (""big data"") in actionable time while at the same time preserving forensic principles in order for the results to be presented in a court of law. The paper, after introducing digital forensics and data science, explores the challenges above and proceed to propose how techniques and algorithms used in big data analysis can be adapted to the unique context of digital forensics, ranging from the managing of evidence via Map-Reduce to machine learning techniques for triage and analysis of big forensic disk images and network traffic dumps. In the conclusion the paper proposes a model to integrate this new paradigm into established forensic standards and best practices and tries to foresee future trends.",,,197,203,Solid-state; Internet privacy; Best practice; Mobile device; Data science; Digital evidence; Computer science; Intelligence analysis; Big data; Cloud computing; Digital forensics,,,,,https://doi.org/10.1007/978-3-658-03371-2_17 https://rd.springer.com/chapter/10.1007/978-3-658-03371-2_17 http://www.studioag.pro/wp-content/uploads/2013/10/DigitalForensicsBigData.pdf https://link.springer.com/chapter/10.1007/978-3-658-03371-2_17 https://dblp.uni-trier.de/db/conf/isse/isse2013.html#Guarino13,http://dx.doi.org/10.1007/978-3-658-03371-2_17,,10.1007/978-3-658-03371-2_17,138782056,,0,001-741-032-719-461; 087-690-831-820-163,54,false,,
102-243-142-344-71X,Formalising investigative decision making in digital forensics: Proposing the Digital Evidence Reporting and Decision Support (DERDS) framework,,2019,journal article,Digital Investigation,17422876,Elsevier BV,Netherlands,Graeme Horsman,"Abstract In the field of digital forensics it is crucial for any practitioner to possess the ability to make reliable investigative decisions which result in the reporting of credible evidence. This competency should be considered a core attribute of a practitioner’s skill set and it is often taken for granted that all practitioners possess this ability; in reality this is not the case. A lack of dedicated research and formalisation of investigative decision making models to support digital forensics practitioner’s is an issue given the complexity of many digital investigations. Often, the ability to make forensically sound decisions regarding the reliability of any findings is arguably an assumed trait of the practitioner, rather than a formally taught competency. As a result, the digital forensic discipline is facing increasing recent scrutiny with regards to the quality and validity of evidence it’s practitioners are producing. This work offers the Digital Evidence Reporting and Decision Support (DERDS) framework, designed to help the practitioner assess the reliability of their ‘inferences, assumptions of conclusions’ in relation to any potentially evidential findings. The structure and application of the DERDS framework is discussed, demonstrating the stages of decision making a practitioner must undergo when evaluating the accuracy of their findings, whilst also recognising when content may be deemed unsafe to report.",28,,146,151,Decision support system; Set (psychology); Relation (database); Scrutiny; Quality (business); Digital evidence; Decision-making models; Computer science; Knowledge management; Digital forensics,,,,,https://jglobal.jst.go.jp/en/detail?JGLOBAL_ID=201902227595710700 https://research.tees.ac.uk/en/publications/formalising-investigative-decision-making-in-digital-forensics-pr https://dblp.uni-trier.de/db/journals/di/di28.html#Horsman19 https://www.sciencedirect.com/science/article/pii/S1742287618302731,http://dx.doi.org/10.1016/j.diin.2019.01.007,,10.1016/j.diin.2019.01.007,2911386828,,0,000-659-280-122-390; 004-200-813-216-207; 008-598-808-594-324; 012-410-670-929-028; 026-774-296-742-022; 034-773-286-616-44X; 042-230-817-975-353; 050-513-243-638-138; 061-269-967-405-492; 064-549-392-650-90X; 066-235-037-082-291; 075-529-701-912-32X; 078-730-781-174-18X; 080-196-042-005-758; 111-488-239-742-003; 120-454-127-510-479; 137-755-137-054-864; 142-790-196-752-819; 182-670-398-460-931,24,true,cc-by-nc-nd,green
102-814-076-156-265,Establishing the Validity of Md5 and Sha-1 Hashing in Digital Forensic Practice in Light of Recent Research Demonstrating Cryptographic Weaknesses in these Algorithms,2013-04-18,2013,journal article,International Journal of Computer Applications,09758887,Foundation of Computer Science,,Veronica Schmitt; Jason Jordaan,"and SHA-1 cryptographic hash algorithms are a standard practice in digital forensics that is used in the preservation of digital evidence and ensuring the integrity of the digital evidence. Recent studies have shown that both MD5 and SHA-1 have vulnerabilities and collisions. Based on this, the use of MD5 and SHA-1 hash algorithms in the practice of digital forensics to preserve and ensure the integrity of digital evidence has been questioned in certain instances. Using experimentation, the researcher proves the validity of using either MD5 or SHA-1 hashing algorithms to ensure the integrity of seized digital evidence, from the moment of seizure of the evidence, through to eventual presentation and use of the evidence in court; thus demonstrating that the use of hashing remains a valid forensic methodology to ensure the integrity of digital evidence. Keywordsforensics, integrity of digital evidence, hash collisions,",68,23,40,43,Algorithm; Forensic science; MD5; Cryptography; Digital evidence; Computer security; Computer science; Cryptographic hash function; SHA-1; Digital forensics; Hash function,,,,,http://www.lex-informatica.org/2%20Ensuring%20the%20Legality%20of%20the%20Digital%20Forensics%20Process%20in%20South%20Africa.pdf https://www.ijcaonline.org/archives/volume68/number23/11723-7433 https://research.ijcaonline.org/volume68/number23/pxc3887433.pdf https://www.ijcaonline.org/archives/volume68/number23/11723-7433?format=pdf,http://dx.doi.org/10.5120/11723-7433,,10.5120/11723-7433,2106303773,,0,017-167-454-912-226; 033-361-255-406-653; 085-214-277-668-01X; 095-080-443-019-181; 124-466-422-768-986; 142-108-488-120-966; 154-255-264-599-600; 159-970-925-091-033,9,true,,bronze
103-028-372-925-311,ISSA - Implementation guidelines for a harmonised digital forensic investigation readiness process model,,2013,conference proceedings article,2013 Information Security for South Africa,,IEEE,,Aleksandar Valjarevic; Hein S. Venter,"Digital forensic investigation readiness enables an organisation to prepare itself in order to perform a digital forensic investigation in a more efficient and effective manner. Benefits of achieving a high level of digital forensic investigation readiness include, but are not limited to, higher admissibility of digital evidence in a court of law, better utilisation of resources (including time and financial resources) and higher awareness of forensic investigation readiness. The problem that this paper addresses is that there is no harmonised digital forensic investigation readiness process model with appropriate implementation guidelines and, thus, there is a lack of an effective and standardised implementation of digital forensic investigation readiness measures within organisations. Valjarevic and Venter have, in their previous work, proposed a harmonised digital forensic investigation readiness process model. This paper proposes implementation guidelines for such a harmonised digital forensic investigation process model in order to help practitioners and researchers to successfully implement the proposed model. The authors believe that these guidelines will significantly help to properly and consistently implement digital forensic readiness measures in different organisations in a bid to achieve higher admissibility of digital evidence in a court of law, as well as more efficient and effective digital forensic investigations.",,,1,9,Engineering management; Work (electrical); Digital evidence; Digital forensic investigation; Computer security; Computer science; Process (engineering); Digital forensics,,,,,https://ieeexplore.ieee.org/document/6641041/ https://doi.org/10.1109/ISSA.2013.6641041,http://dx.doi.org/10.1109/issa.2013.6641041,,10.1109/issa.2013.6641041,2001191963,,0,020-944-423-224-895; 021-486-901-460-202; 058-205-117-706-853; 060-808-935-547-406; 078-730-781-174-18X; 184-948-841-629-735; 199-745-676-923-766,12,false,,
103-294-378-905-305,Part 1:- quality assurance mechanisms for digital forensic investigations: Introducing the Verification of Digital Evidence (VODE) framework,,2020,journal article,Forensic Science International: Reports,26659107,Elsevier BV,,Horsman Graeme,"Abstract Quality assurance measures in the field of digital forensics play a vital role for upholding and developing investigatory standards. Coupled with the fast pace of technology, practitioners in this discipline are often faced with the challenge of interpreting previously unseen or undocmented forms of potentially evidential digital data, content which may be crucial to a current case under investigation. Mechanisms to support this interpretative process offer support for the practitioner, helping to guide them through this task and the steps involved in ensuring any reported information is accurate. This work presents the Verification of Digital Evidence (VODE) framework, designed to support digital forensic practitioners when testing and verifying their interpretation of digital data. The stages of VODE are discussed and its application placed in context.",2,,100038,,Quality assurance; Data science; Pace; Digital data; Context (language use); Task (project management); Digital evidence; Computer science; Process (engineering); Digital forensics,,,,,https://www.sciencedirect.com/science/article/pii/S2665910719300386 https://research.tees.ac.uk/en/publications/part-1-quality-assurance-mechanisms-for-digital-forensic-investig https://core.ac.uk/download/pdf/232941017.pdf,http://dx.doi.org/10.1016/j.fsir.2019.100038,,10.1016/j.fsir.2019.100038,2981002495,,0,006-933-430-647-14X; 010-963-610-208-920; 017-792-811-186-108; 018-552-581-098-658; 026-810-683-474-561; 028-413-064-651-69X; 030-178-593-043-926; 038-803-786-854-954; 039-999-270-718-277; 047-386-524-667-691; 061-269-967-405-492; 063-579-080-753-513; 064-549-392-650-90X; 066-840-680-591-488; 078-730-781-174-18X; 089-048-294-489-077; 095-691-114-276-825; 102-243-142-344-71X; 105-904-512-640-36X; 111-488-239-742-003; 137-755-137-054-864; 142-790-196-752-819; 184-948-841-629-735,2,true,"CC BY, CC BY-NC-ND",gold
103-640-715-429-426,Analiza značajki alata SPF Pro u forenzici mobilnih uređaja,2019-09-25,2019,dissertation,,,,,Matija Stepić,"Digital forensics is one of the branches of forensic science and its primary task is to detect and interpret electronic data. Digital forensics consists of many branches and one of them is mobile forensics, which is aimed to detect and interpret digital evidence from mobile devices. The main goal of forensic investigation is preserving data in its original form. Forensic analysis is performed by using a number of methods, such as: manual, logical, file and manual extraction. These methods can be find in forensic tools and task for forensic investigators is to implement them. Data extraction is a term that refers to the retrieval of data for further processing and storage. During forensic analysis, forensic investigators face numerous challenges as well as antiforensics that inhibits the extraction of mobile device data. Forensic tools are divided into software and hardware tools by basic division, and they are intended to assist forensic investigators in collecting, preserving and examining digital evidence from mobile devices. One of the tools of mobile forensics is the software tool SPF Pro from Chinese company SalvationDATA. Using SPF Pro is very simple, but in comparison to other tools of the same purpose, it seems like it is not a proper choice. The tool is targeted at Chinese mobile devices and devices that have Root access. For other devices, the tool does not allow a large number of extraction methods to be performed.",,,,,Mobile device; Information retrieval; Data extraction; Software; Task (project management); Digital evidence; Electronic data; Computer science; Mobile device forensics; Digital forensics,,,,,https://repozitorij.fpz.unizg.hr/islandora/object/fpz:1741/datastream/PDF/download https://zir.nsk.hr/islandora/object/fpz:1741/datastream/PDF/download https://zir.nsk.hr/islandora/object/fpz%3A1741 https://repozitorij.fpz.unizg.hr/islandora/object/fpz:1741,https://zir.nsk.hr/islandora/object/fpz%3A1741,,,2989968340,,0,,0,false,,
103-692-873-925-665,디지털 증거(證據)의 특징(特徵)과 증거법상(證據法上)의 문제(問題) 고찰(考察),,2006,,,,,,null 양근원,"Recently, the environment consisting of our legal life is changing. The environment is changing from the analog age to digital age. It is a main stream that the analog data has been converted to the digital data, and more than 90% of new information are produced by digital methods nowadays. But these digital environments have produced a new type of evidence called digital evidence. It is questionable that the digital data can be collected, analyzed and used for evidence as same as by the method of physical evidence, Digital data hold a status of independent information which overpass the limitation of physical sphere or space, Large and complex volume of data can be stored in just one flash time and various technologies are used to do it. Furthermore, as digital evidence could be changed and deleted easily. In this thesis, I have reviewed the legal issues of digital evidence. Even it could not be enough, this proposed issues hopefully become a triggering point that Korean criminal procedural law could be amended. In addition, there should be a lot of discussion about digital evidence and digital forensics. And Reasonable and justifiable legal system should be introduced with the development of scientific technology.",41,1,177,212,Volume (computing); Engineering; Analog signal; Point (typography); Data science; Space (commercial competition); Procedural law; Digital data; Digital evidence; Computer security; Digital forensics,,,,,http://www.papersearch.net/google_link/fulltext.asp?file_name=2u200638.pdf http://www.papersearch.net/view/detail.asp?detail_key=2u200638,http://www.papersearch.net/google_link/fulltext.asp?file_name=2u200638.pdf,,,2257877916,,0,,0,false,,
104-566-238-921-242,Traceability in Digital Forensic InvestigationProcess,2011-09-25,2011,,,,,,Siti Rahayu Selamat; Robiah Yusof; Shahrin Sahib; Mohd Faizal Abdollah; Nor Hafeizah Hassan; Z. Zainal Abidin,"Digital forensic is part of forensic science that; implicitly covers crime that is related to computer technology.; In a cyber crime, digital evidence investigation requires a; special procedures and techniques in order to be used and be; accepted in court of law. Generally, the goals of these special; processes are to identify the origin of the incident reported as; well as maintaining the chain of custody so that the legal; process can take its option. Subsequently, the traceability; process has become a key or an important element of the digital; investigation process, as it is capable to map the events of an; incident from difference sources in obtaining evidence of an; incident to be used for other auxiliary investigation aspects.; Hence, this paper introduces a trace map model to illustrate the; relationship in the digital forensic investigation process by; adapting and integrating the traceability features. The objective; of this integration is to provide the capability of trace and map; the evidence to the sources and shows the link between the; evidence, the entities and the sources involved in the process,; particularly in the collection phase of digital forensic; investigation framework. Additionally, the proposed model is; expected to help the forensic investigator in obtaining accurate; and complete evidence that can be further used in a court of law.",,,,,Chain of custody; Engineering; Traceability; Element (criminal law); Data science; Digital evidence; Computer technology; Computer security; Process (engineering); TRACE (psycholinguistics); Digital forensics,,,,,http://eprints.utem.edu.my/254/,http://eprints.utem.edu.my/254/,,,2478854979,,0,,0,false,,
105-022-814-285-549,Alleviating the Digital Forensic Backlog: A Methodology for Automated Digital Evidence Processing,2020-09-01,2020,,,,,,Xiaoyu Du,,,,,,Data science; Digital evidence; Computer science; Digital forensics,,,,,https://markscanlon.co/papers/PhDThesis-MethodologyAutomatedDigitalEvidenceProcessing.pdf https://www.markscanlon.co/papers/PhDThesis-MethodologyAutomatedDigitalEvidenceProcessing.php https://forensicsandsecurity.com/papers/PhDThesis-MethodologyAutomatedDigitalEvidenceProcessing.pdf https://www.forensicsandsecurity.com/papers/PhDThesis-MethodologyAutomatedDigitalEvidenceProcessing.php,https://www.markscanlon.co/papers/PhDThesis-MethodologyAutomatedDigitalEvidenceProcessing.php,,,3133526432,,0,,0,false,,
105-054-122-831-381,IFIP Int. Conf. Digital Forensics - A Model for Digital Evidence Admissibility Assessment,2017-08-31,2017,book chapter,Advances in Digital Forensics XIII,18684238; 1868422x,Springer International Publishing,Germany,Albert Antwi-Boasiako; Hein S. Venter,"Digital evidence is increasingly important in legal proceedings as a result of advances in the information and communications technology sector. Because of the transnational nature of computer crimes and computer-facilitated crimes, the digital forensic process and digital evidence handling must be standardized to ensure that the digital evidence produced is admissible in legal proceedings. The different positions of law on matters of evidence in different jurisdictions further complicates the transnational admissibility of digital evidence. A harmonized framework for assessing digital evidence admissibility is required to provide a scientific basis for digital evidence to be admissible and to ensure the cross-jurisdictional acceptance and usability of digital evidence. This chapter describes a harmonized framework that integrates the technical and legal requirements for digital evidence admissibility. The proposed framework, which provides a coherent techno-legal foundation for assessing digital evidence admissibility, is expected to contribute to ongoing developments in digital forensics standards.",,,23,38,Usability; Data science; Digital forensic process; Foundation (evidence); Digital evidence; Computer science; Information and Communications Technology; Digital forensics,,,,,https://hal.inria.fr/hal-01716394 https://rd.springer.com/chapter/10.1007/978-3-319-67208-3_2 https://link.springer.com/content/pdf/10.1007%2F978-3-319-67208-3_2.pdf https://dblp.uni-trier.de/db/conf/ifip11-9/df2017.html#Antwi-BoasiakoV17 https://link.springer.com/chapter/10.1007/978-3-319-67208-3_2 https://hal.inria.fr/hal-01716394/document https://hal.archives-ouvertes.fr/hal-01716394 https://www.repository.up.ac.za/handle/2263/70619,http://dx.doi.org/10.1007/978-3-319-67208-3_2,,10.1007/978-3-319-67208-3_2,2751082626,,0,000-084-741-857-185; 000-566-000-503-971; 000-911-372-504-056; 004-916-146-042-728; 005-630-640-664-939; 012-745-853-976-403; 014-767-056-602-687; 019-831-293-743-518; 022-455-280-454-911; 028-127-448-830-438; 029-563-465-806-154; 029-748-683-221-796; 030-359-893-882-572; 031-309-466-858-480; 038-668-970-194-854; 038-803-786-854-954; 041-018-610-330-094; 042-230-817-975-353; 043-961-624-437-482; 048-993-244-146-024; 052-052-141-922-342; 058-721-168-953-513; 062-788-502-964-113; 064-376-774-486-022; 065-654-832-541-493; 074-147-378-642-824; 076-470-845-108-034; 078-051-270-103-107; 078-730-781-174-18X; 080-619-211-902-700; 085-379-403-609-164; 090-971-496-143-765; 093-294-917-313-78X; 095-691-114-276-825; 116-899-052-927-954; 121-951-797-869-548; 132-355-634-397-986; 133-508-126-407-763; 137-755-137-054-864; 144-614-319-071-141; 146-443-544-608-91X; 158-262-072-312-063; 180-327-460-336-608; 186-917-484-914-167; 193-154-027-591-826; 199-745-676-923-766,6,true,cc-by,green
105-075-525-082-461,Acquiring and Analysing Digital Evidence - a Teaching and Learning Experience in Class,,2018,conference proceedings article,2018 Cyber Resilience Conference (CRC),,IEEE,,Normaziah Abdul Aziz; Muhammad Saifulldin M. Yusof; Muhammad Helmi Bin Ab. Malik; Ahmad Rasyad Hanizam; Lukman Hakim Abd Rahman,"The advancement of Information and Communication Technology (ICT) offers positive and negative impacts in our daily life today. Criminals too leverage on sophisticated ICT in their modus operandi. Hence, digital evidences are abundant to be acquired and analysed as part of investigation, today. Two homegrown tools i.e. PenDua and Kloner are used for digital evidence acquisition tool while FTK and Autopsy are among tools applied for analysis of the evidences. Various artifacts are used as evidences of some made-up crime cases. The whole exercise is compiled as a learning package that can be a good exposure for beginners of Digital Evidence Forensics learners. We have tested the usage of this learning package with 120 students of a Digital Evidence Forensic class for 3 semesters. Majority of the students found that they enjoyed experiencing the hands-on to learn the proper procedure of acquiring and analyzing digital evidence, usage of several popular digital forensics tool and producing proper report. The made-up of real cases make the exercise interesting, appreciated by the students and enhance their understanding.",,,,,Leverage (statistics); Class (computer programming); Data science; Digital evidence; Learning experience; Computer science; Information and Communications Technology; Digital forensics,,,,,http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=8626819 http://xplorestaging.ieee.org/ielx7/8616746/8626815/08626819.pdf?arnumber=8626819 https://core.ac.uk/download/pdf/300474611.pdf,http://dx.doi.org/10.1109/cr.2018.8626819,,10.1109/cr.2018.8626819,2911970227,,0,038-875-969-940-882; 065-370-790-052-493,2,true,,green
105-095-237-899-969,Pertimbangan Hakim Atas Penghadiran Bukti Digital Forensik dalam Perkara Kejahatan Fraud,2021-10-15,2021,journal article,Wajah Hukum,2598604x,Universitas Batanghari Jambi,,Wahdah Prasetya; Puti Priyana,"The problems in this research are regulate digital forensic law in proving crime in Indonesia, judges consider the presence of digital forensic evidence in fraud crime. This research uses normative juridical approach, by examining and interpreting matters relating theoretical principles, conceptions, doctrines and legal norms relating to the presence of forensic digital evidence. The result showed that digital Forensic Arrangements in analyzing digital evidence in terms of proving criminal acts are not specifically regulated in the Criminal Procedure Code (KUHAP) because exceptions to electronic / digital evidence are regulated in the Information and Electronic Transaction (ITE) Act so that can be a legal basis for digital forensics. Law No. 11 of 2008 on Information and Electronic Transactions on Article 5 has been clearly stated that electronic information is a valid legal evidence in the form of electronic information and / or electronic documents and / or printout. The rise of data fraud requires a legal arrangement that is expected to be able to prevent and reduce these crimes. For this reason, it is important to elaborate legal arrangements for both implementation and criminal sanctions related to data fraud in Indonesia.",5,2,448,459,Law; Sanctions; Digital evidence; Legal evidence; Electronic information; Electronic transaction; Normative; Criminal procedure; Medicine; Digital forensics,,,,,http://wajahhukum.unbari.ac.id/index.php/wjhkm/article/view/472 https://wajahhukum.unbari.ac.id/index.php/wjhkm/article/download/472/172,http://dx.doi.org/10.33087/wjh.v5i2.472,,10.33087/wjh.v5i2.472,3210705332,,0,,0,true,cc-by-sa,gold
105-379-195-922-28X,Design and Implementation of a Cloud Based Computer Forensic Tool,,2015,conference proceedings article,2015 Fifth International Conference on Communication Systems and Network Technologies,,IEEE,,Monali P. Mohite; Shrikant B. Ardhapurkar,"Nowadays, Cloud computing is receiving more and more attention from the information and communication technology industry recently. Thus, From the demand of cloud users digital forensics in cloud computing are a raw expanse of study linked to the increasing use of information processing governance, internet and digital computer storage devices in numerous criminal actions in both traditional and Hi-Tech. The digital forensics, including handle, conduct of, study, and document digital evidence in a court of law. Digital Forensic tool in a cloud computing environment is a big demand from forensic investigator. Thus, in the process of digital forensics, it is needed to create an image of the original digital data without damage and to show that the computer evidence existed at the specific time. The evidences are then analyzed by the forensic investigator. After the proof is examined, it is obliged to make a report to embrace it as legitimately successful confirmation in the law court. To give an advanced crime scene investigation benefit on cloud environment, a cloud based computer forensic tool is proposed in this paper. To probe the evidence multiple features are provided in this tool like data recovery, sorting, indexing, hex viewer, data bookmarking.",,,1005,1009,The Internet; World Wide Web; Crime scene; Computational criminology; Digital evidence; Computer science; Network forensics; Computer forensics; Cloud computing; Digital forensics,,,,,https://ieeexplore.ieee.org/document/7280070/ http://ieeexplore.ieee.org/document/7280070/,http://dx.doi.org/10.1109/csnt.2015.180,,10.1109/csnt.2015.180,1671638969,,0,001-105-589-691-307; 049-977-511-720-26X; 121-566-747-020-190; 139-567-850-350-938; 155-855-942-114-621; 158-058-753-766-767; 197-447-574-115-76X,9,false,,
105-432-235-864-222,타임라인 분석 기법을 이용한 디지털 증거 분석 방법론,2014-02-01,2014,,,,,,null 이근기; null 황성진; Lee， Changhoon; Lee， Sangjin,"최근 다양한 유형의 증거 분석에서 디지털 증거 분석 기법의 도입이 가속화되고 있으며 중요도가 증가하고 있다. 하지만 개인용 디스크 용량이 커지면서 저장하는 파일의 용량의 수가 증가하면서 전체 데이터를 모두 분석하는 것은 시간과 노력이 많이 소요된다. 대부분의 디지털 증거는 항상 시간정보를 저장하고 있으며, 시간 정보는 디지털 증거 분석에서 가장 중요한 요소 중 하나이다. 하지만 시간 유형이 다양하여 단순히 저장된 시간을 기준으로 사건을 분석하면 잘못된 분석결과를 도출할 가능성이 크다. 따라서 본 논문에서는 다양한 디지털 증거의 시간 유형에 대하여 고찰하고, 하나의 시간 축을 기준으로 디지털 증거 분석을 수행할 수 있는 타임라인 분석 기법에 대하여 설명한다. 【Recently, importance of digital forensics has increased and using analysis methods of digital evidence in the analysis of evidence of various types. However, analysis time and effort is steadily increasing because personal disk capacity is too big and it has many number of files. Most digital evidence has time property, such as access time, creation time, and modification time. These time information of digital evidence is one of most important factors in the digital forensic area. But if digital examiner simply analyze based on binary source only, it is possible to have wrong result because time has various types. In this paper, we classify various type of time in the digital evidence and describe advanced analysis method based on timeline chart for digital forensic investigation.】",18,1,50,55,Data mining; Computer science,,,,,http://dspace.kci.go.kr/handle/kci/1122272?show=full,http://dspace.kci.go.kr/handle/kci/1122272?show=full,,,2545063128,,0,,0,false,,
105-954-388-944-926,Eksistensi Hasil Uji Forensikdigital Dalam Sistem Pembuktian Perkara Pidana,2017-04-11,2017,dissertation,,,,,Mahendra Ananda Pratama,"Digital forensic is an investigation methodof digital evidence that is using science. Digital forensic investigation is used to obtain digital evidences that will be accepted in the court for judicial proof. Digital forensic procedure is implemented; in criminal cases whichare related to digital evidence.Output ofthe digital forensic is called the digital forensic test result that will be used as a proof at the trial process. However, the absence of regulation especially in the digital evidencetesting process has also become one of the main problems of the existence of digital forensic test results in trial process. This research was done by using normative method. It used primary and secondary legal materials and the data collection was done by using literature study and interviews.The juridical argument of the digital forensic test result submission into the court is focused on the validity of the digital evidence. The digital forensic test results had met at least two items of evidenceswhich areletter evidence and an expert testimony. The process of the digital forensic test results submission to trial are also have no differences with the usual evidence.",,,,,Data collection; Psychology; Information retrieval; Test (assessment); Digital evidence; Digital forensic investigation; Literature study; Computer security; Argument; Digital forensics,,,,,http://e-journal.uajy.ac.id/12203/,http://e-journal.uajy.ac.id/12203/,,,2753611304,,0,,0,false,,
106-169-386-186-36X,P2DF: A Privacy-Preserving Digital Forensics Framework,2021-11-01,2021,journal article,International Journal of Digital Crime and Forensics,19416210; 19416229,IGI Global,United States,Muhammad Abulaish; Nur Al Hasan Haldar; Jahiruddin Jahiruddin,"<p>The extensive use of digital devices by individuals generates a significant amount of private data which creates challenges for investigation agencies to protect suspects' privacy. Existing digital forensics models illustrate the steps and actions to be followed during an investigation, but most of them are inadequate to investigate a crime with all the processes in an integrated manner and do not protect suspect's privacy. In this paper, we propose the development of a privacy-preserving digital forensics (P2DF) framework, which facilitates investigation through maintaining confidentiality of the suspects through various privacy standards and policies. It includes an access control mechanism which allows only authorized investigators to access private data and identified digital evidences. It is also equipped with a digital evidence preservation mechanism which could be helpful for the court of law to ensure the authenticity, confidentiality, and reliability of the evidences, and to verify whether privacy of the suspect was preserved during the investigation process.</p>",13,6,1,15,Privacy preserving; Computer security; Computer science; Digital forensics,,,,,https://www.igi-global.com/viewtitle.aspx?TitleId=288547,http://dx.doi.org/10.4018/ijdcf.288547,,10.4018/ijdcf.288547,3206525595,,0,001-381-793-304-07X; 012-608-868-939-962; 020-944-423-224-895; 021-850-998-857-676; 026-774-296-742-022; 028-656-707-596-927; 031-400-709-717-795; 035-129-008-760-918; 039-365-534-871-351; 041-018-610-330-094; 045-581-544-307-619; 062-325-585-829-185; 087-665-408-966-240; 089-048-294-489-077; 098-748-261-333-651; 105-972-775-368-649; 109-652-769-766-539; 121-830-022-805-361; 125-833-554-920-626; 127-948-386-055-225; 134-927-490-231-285; 142-388-561-082-054; 159-477-048-665-066,0,true,,gold
106-270-008-194-721,Adopting Hadith Verification Techniques in to Digital Evidence Authentication,2010-06-01,2010,journal article,Journal of Computer Science,15493636,Science Publications,United States,Yunus Yusoff; Roslan Ismail; Zainuddin Hassan,"Problem statement: The needs of computer forensics investigators have been directly influenced by the increasing number of crimes performed using computers. It is the responsibility of the investigator to ascertain the authenticity of the collected digital evidence. Without proper classification of digital evidence, the computer forensics investigator may ended up investigating using untrusted digital evidence and ultimately cannot be use to implicate the suspected criminal. Approach: The historical methods of verifying the authenticity of a hadith were studied. The similarities between hadith authentication and digital evidence authentication were identified. Based on the similarities of the identified processes, a new method of authenticating digital evidence was proposed, together with the trust calculation algorithm and evidence classification. Results: The new investigation processes and an algorithm to calculate the trust value of given digital evidence was proposed. Furthermore, a simple classification of evidence, based on the calculated trust values was also proposed. Conclusion/Recommendations: We had successfully extracted the methods to authenticate hadith and mapped it into the digital evidence authentication processes. The trust values of digital evidence were able to be calculated and the evidence can be further classified based on the different level of trust values. The ability to classify evidence based on trust levels can offer great assistance to the computer forensics investigator to plan their works and focus on the evidence that would give them a better chance of catching the criminals.",6,6,613,618,Evidence-based practice; Authentication (law); Authentication; Information retrieval; Value (ethics); Digital evidence; Computer security; Computer science; Computer forensics; Plan (drawing); Historical method,,,,,https://www.thescipub.com/abstract/10.3844/jcssp.2010.613.618,http://dx.doi.org/10.3844/jcssp.2010.613.618,,10.3844/jcssp.2010.613.618,2088159802,,0,008-342-229-709-474; 032-697-093-668-898; 038-622-207-031-37X; 047-630-600-014-492; 068-816-417-067-120; 111-741-773-111-021; 115-547-184-477-216,6,true,cc-by,hybrid
106-316-531-328-780,A Survey in Modern Techniques in Digital Forensic Evidence in Graphics Design Applications,2016-02-23,2016,,,,,,Muna E. M. Ahmed Elsheik,"Digital forensics syndicates computer science theories, including computer architecture, applications, operating systems, file systems, software engineering, and computer networking as well as legal procedures that describe criminal and civil litigation, cyberlaw, and rules of evidence. This paper explores the modern techniques innovated in gathering digital forensic evidence from certain design application that proof counterfeit image or document was formed. The extrapolation is created by linking  digital forensic information gathered with the imaginable deeds established such as scanning, printing, editing, saving, importing, exporting the fake documents or images. The file generated by the particular graphic application is analyzed to accumulate the digital forensic information that concludes if the system is used for designing counterfeit document or image.",1,1,,,Engineering; World Wide Web; Graphics; Counterfeit; Rules of evidence; Civil litigation; Multimedia; Computer forensics; Legal aspects of computing; Digital forensics,,,,,,,,,2601683378,,0,,0,false,,
106-327-211-472-998,The Presumption of Innocence as a Source for Universal Rules on Digital Evidence: The guiding principle for digital forensics in producing digital evidence for criminal investigations,2021-08-11,2021,journal article,Computer law review international,16107608,,,Radina Stoykova,"This paper proposes a conceptual framework for the development of digital evidence rules in technology-assisted investigations based on the presumption of innocence. The presumption of innocence (PI) is examined as a general principle of criminal procedure to delineate its scope and application on pre-trial and clarify its role for the development and harmonization of practical and enforceable rules for digital evidence. It is demonstrated that PI provides a theoretical background for digital evidence regulation, digital forensics standards, and harmonized rules on the use of technology for investigative purposes irrespective of jurisdictional differences. The derived PI-based evidence rules reveal missing techno-legal policy for their implementation in digital evidence systems and processes. After introducing the wide-spread use of digital evidence by law enforcement in the course of criminal investigations and proceedings (I.), this article reviews the schools of thought regarding the impact of PI on evidence procedures focussing on the question whether PI’s protection against wrongful conviction could support measures against arbitrary and intrusive investigations (II.). The reviewing analysis strives to balance contradictory opinions about the scope and application of the PI, before examining digital forensics specifics in the context of the derived PI-based evidence rules to identify techno-legal policy tailored for the digital investigations and its effective implementation in digital evidence systems (III.).",22,3,74,82,Criminal investigation; Conceptual framework; Law and economics; Presumption of innocence; Context (language use); Law enforcement; Digital evidence; Computer science; Criminal procedure; Digital forensics,,,,,https://research.rug.nl/en/publications/the-presumption-of-innocence-as-a-source-for-universal-rules-on-d https://www.narcis.nl/publication/RecordID/oai%3Apure.rug.nl%3Apublications%2F4164567c-4dc7-4e5e-a050-6b3ca0f42833,https://research.rug.nl/en/publications/the-presumption-of-innocence-as-a-source-for-universal-rules-on-d,,,3192800931,,0,,0,false,,
106-647-368-937-426,Statistical Methods for the Forensic Analysis of User-Event Data,2020-07-02,2020,,,,,,Christopher Michael Galbraith,"Author(s): Galbraith, Christopher Michael | Advisor(s): Smyth, Padhraic | Abstract: A common question in forensic analysis is whether two observed data sets originate from the same source or from different sources. Statistical approaches to addressing this question have been widely adopted within the forensics community, particularly for DNA evidence, providing forensic investigators with tools that allow them to make robust inferences from limited and noisy data. For other types of evidence, such as fingerprints, shoeprints, bullet casing impressions and glass fragments, the development of quantitative methodologies is more challenging. In particular, there are significant challenges in developing realistic statistical models, both for capturing the process by which the evidential data is produced and for modeling the inherent variability of such data from a relevant population. In this context, the increased prevalence of digital evidence presents both opportunities and challenges from a statistical perspective. Digital evidence is typically defined as evidence obtained from a digital device, such as a mobile phone or computer. As the use of digital devices has increased, so too has the amount of user-generated event data collected by these devices. However, current research in digital forensics often focuses on addressing issues related to information extraction and reconstruction from devices and not on quantifying the strength of evidence as it relates to questions of source. This dissertation begins with a survey of techniques for quantifying the strength of evidence (the likelihood ratio, score-based likelihood ratio and coincidental match probability) and evaluating their performance. The evidence evaluation techniques are then adapted to digital evidence. First, the application of statistical approaches to same-source forensic questions for spatial event data, such as determining the likelihood that two sets of observed GPS locations were generated by the same individual, is investigated. The methods are applied to two geolocated event data sets obtained from social networks. Next, techniques are developed for quantifying the degree of association between pairs of discrete event time series, including a novel resampling technique when population data is not available. The methods are applied to simulated data and two real-world data sets consisting of logs of computer activity and achieve accurate results across all data sets. The dissertation concludes with suggestions for future work.",,,,,Statistical model; Resampling; Information extraction; Data science; Context (language use); Digital evidence; Population; Computer science; Event (computing); Digital forensics,,,,,https://lib.dr.iastate.edu/csafe_pubs/60/ https://escholarship.org/uc/item/8s22s5kb,https://lib.dr.iastate.edu/csafe_pubs/60/,,,3044302221,,0,,0,false,,
106-885-306-836-498,IFIP Int. Conf. Digital Forensics - When is Digital Evidence Forensically Sound,,,book chapter,IFIP — The International Federation for Information Processing,15715736; 18612288,Springer US,Germany,Rodney McKemmish,"“Forensically sound” is a term used extensively in the digital forensics community to qualify and, in some cases, to justify the use of a particular forensic technology or methodology. Indeed, many practitioners use the term when describing the capabilities of a particular piece of software or when describing a particular forensic analysis approach. Such a wide application of the term can only lead to confusion. This paper examines the various definitions of forensic computing (also called digital forensics) and identifies the common role that admissibility and evidentiary weight play. Using this common theme, the paper explores how the term “forensically sound” has been used and examines the drivers for using such a term. Finally, a definition of “forensically sound” is proposed and four criteria are provided for determining whether or not a digital forensic process may be considered to be “forensically sound.”",285,,3,15,Sound (geography); Data science; Digital forensic process; Confusion; Digital evidence; Forensic computing; Computer security; Computer science; Computer forensics; Term (time); Digital forensics,,,,,https://doi.org/10.1007/978-0-387-84927-0_1 https://rd.springer.com/chapter/10.1007/978-0-387-84927-0_1 https://dblp.uni-trier.de/db/conf/ifip11-9/df2008.html#McKemmish08 https://link.springer.com/chapter/10.1007%2F978-0-387-84927-0_1 https://link.springer.com/content/pdf/10.1007%2F978-0-387-84927-0_1.pdf https://www.mendeley.com/catalogue/531d90dd-8d65-32c1-94e1-693ed3be4ebe/,http://dx.doi.org/10.1007/978-0-387-84927-0_1,,10.1007/978-0-387-84927-0_1,47249053,,0,002-183-091-505-394; 002-886-380-137-445; 018-182-926-340-45X; 018-804-658-663-933; 019-831-293-743-518; 035-448-415-847-226; 092-058-232-746-872; 093-924-528-715-586; 096-415-583-286-394; 178-883-713-153-793; 189-598-793-297-549; 197-412-247-170-278; 199-172-967-270-034,71,true,,bronze
107-232-400-142-992,Forensic Readiness: Emerging Discipline for Creating Reliable and Secure Digital Evidence,,2015,,,,,,null Barbara; null Endicott-Popovsky; null Nicolai; null Kuntze; null Carsten; null Rudolph,"Traditional approaches to digital forensics reconstruct events within digital systems that often are not built for the creation of evidence; however,there is an emerging discipline of forensic readiness that examines what it takes to build systems and devices that produce digital data records for which admissibility is a requirement. This paper reviews the motivation behind research in this area,a generic technical solution that uses hardware-based security to bind digital records to a particular state of a device and proposed applications of this solution in concrete,practical scenarios. Research history in this area,the notion of secure digital evidence and a technical solution are discussed. A solution to creating hardware-based security in devices producing digital evidence was proposed in 2012. Additionally,this paper revises the proposal and discusses three distinct scenarios where forensic readiness of devices and secure digital evidence are relevant. It shows,how the different requirements of the three scenarios can be realized using a hardware-based solution. The scenarios are:lawful interception of voice communication,automotive black box,precise farming. These three scenarios come from very distinctive application domains. Nevertheless,they share a common set of security requirements for processes to be documented and data records to be stored.",,1,1,8,Set (psychology); Lawful interception; Digital data; Black box (phreaking); Digital evidence; Computer security; Computer science; State (computer science); Automotive industry; Digital forensics,,,,,http://www.cqvip.com/QK/86045X/201501/72716889504849534849484849.html,http://www.cqvip.com/QK/86045X/201501/72716889504849534849484849.html,,,3140986196,,0,,0,false,,
107-353-840-356-047,Digital forensics and law enforcement,,2016,,,,,,Fred Klingelberger,Examines the need for law enforcement agencies to have personnel trained to handle digital evidence properly.,,,,,Criminal investigation; Business; Law enforcement; Digital evidence; Computer security; Digital forensics,,,,,https://shsu-ir.tdl.org/handle/20.500.11875/2048,https://shsu-ir.tdl.org/handle/20.500.11875/2048,,,3099014345,,0,,0,false,,
107-440-240-162-404,Computer and Network Forensics,,2006,book chapter,Digital Crime and Forensic Science in Cyberspace,,IGI Global,,S. Sitaraman; Subbarayan Venkatesan,"<jats:p>This chapter introduces computer and network forensics. The world of forensics is well understood in the non-digital world, whereas this is a nascent field in the digital cyberworld. Digital evidence is being increasingly used in the legal system such as e-mails, disk drives containing damaging evidence, and so on. Computer forensics deals with preserving and collecting digital evidence on a single machine while network forensics deals with the same operations in a connected digital world. Several related issues and available tools are discussed in this chapter.</jats:p>",,,55,74,Computer security; Computer science; Network forensics; Computer forensics,,,,,https://www.igi-global.com/chapter/computer-network-forensics/8349,http://dx.doi.org/10.4018/978-1-59140-872-7.ch003,,10.4018/978-1-59140-872-7.ch003,2489557937,,0,,5,false,,
107-650-337-362-459,WDFIA - Processing Algorithms for Components within a Forensic Evidence Management System,,2009,book,,,,,Kweku Kwakye Arthur; Martin S. Olivier,"It is well established that the integrity and reliability associated with digital evidence is integral to the successful prosecution of digital crimes. Consequently, forensic specialists continue to employ investigative tools and processes that maintain the integrity of digital evidence throughout the investigation cycle. Understandably, such tool-sets and processes are often non-trivial, and can be improved upon. As a contribution to such improvements, we present an architecture for a forensic evidence management system (FEMS), whose core components are a rule base, a knowledge base, an inference engine, and a data component. Given these system components, we develop a finite state automaton (FSA) to model the FEMS’ general behaviour. In so doing, we demonstrate the interactions amongst these core system components. Ultimately, the purpose of the FEMS is to preserve the integrity of digital evidence, thereby improving the quality of investigative inferences made by forensic specialists. In this paper we develop processing algorithms for the hypothesis state and the rule state described in our FEMS automaton. This elaboration is achieved through the use of flowcharts; we present the processing steps of these states, we present the input and output parameters of the transitions, and we provide the decision points that influence the probative value of the inferences within the FEMS.",,,53,62,Automaton; Algorithm; Engineering; Finite-state machine; Management system; Digital evidence; Knowledge base; Inference engine; State (computer science); Component (UML),,,,,http://www.cscan.org/openaccess/?paperid=67 https://dblp.uni-trier.de/db/conf/wdfia/wdfia2009.html#ArthurO09,http://www.cscan.org/openaccess/?paperid=67,,,2295744320,,0,000-965-663-206-482; 060-661-629-527-243; 188-762-236-378-448,0,false,,
107-814-078-721-776,Record File Carving Technique for Efficient File Recovery in Digital Forensic Investigation,2013-02-28,2013,journal article,KIPS Transactions on Computer and Communication Systems,22875891,Korea Information Processing Society,,Min Su Park; Jung Heum Park; Sang Jin Lee,"These days digital data have become essential for digital investigation because most of the crime was occurred by using the digital devices. However, digital data is very easier to falsify or delete. If digital data was deleted, it is necessary to recover the deleted data for obtain digital evidence. Even though file carving is the most important thing to gather. digital evidence in digital forensic investigation, most of popular carving tools don`t contemplate methods of selection or restoration for digital forensic investigation. The goal of this research is suggested files which can obtain useful information for digital forensic investigation and proposed new record file carving technique to be able to recover data effectively than before it.",2,2,93,102,Selection (linguistics); World Wide Web; File carving; Carving; Digital data; Digital evidence; Digital forensic investigation; Computer science; Multimedia,,,,,http://www.koreascience.or.kr/article/ArticleFullRecord.jsp?cn=JBCRIN_2013_v2n2_93 http://www.ndsl.kr/soc_img/society/kips/JBCRIN/2013/v2n2/JBCRIN_2013_v2n2_93.pdf http://koreascience.or.kr/journal/view.jsp?kj=JBCRIN&py=2013&vnc=v2n2&sp=93 https://www.kci.go.kr/kciportal/ci/sereArticleSearch/ciSereArtiView.kci?sereArticleSearchBean.artiId=ART001743148 http://ktccs.kips.or.kr/digital-library/4660,http://dx.doi.org/10.3745/ktccs.2013.2.2.093,,10.3745/ktccs.2013.2.2.093,2067157203,,0,002-449-146-256-491; 009-832-452-035-773; 077-066-116-235-027; 082-272-471-651-277; 085-214-277-668-01X; 091-812-839-578-217; 121-786-737-888-521,1,true,,bronze
107-992-128-750-519,Implementation of ACPO Framework for Digital Evidence Acquisition in Smartphones,2022-02-07,2022,journal article,CCIT Journal,26554275; 19788282,iLearning Journal Center,,Muhammad Saleh Jafri; Suwanto Raharjo; M. Rudiyanto Arief,"<jats:p>A forensic investigator or analyst should implement an appropriate digital forensic framework to acquire valid digital evidence to be presented at court. Choosing an unsuitable digital forensic framework with the investigation process may lead to failure at acquiring or maintaining complete digital evidence. Missing a step or turning a certain step into another irrelevant step may lead to unclear results and invalid conclusions. Digital evidence extracted from risky electronic evidence cannot be accepted by the court. Accordingly, a forensic investigator or forensic analyst should refer to a structuralized standard structure to perform well.Several internal digital forensic frameworks are available, one of which is the Good Practice Guide for Computer-based Electronic Evidence [1], an English issuance by ACPO (Association of Chief Police Officers) in cooperation with 7Safe. The digital forensic framework is commonly called the digital forensic framework from ACPO or the ACPO Framework. This research brings into focus the analysis of the percentage of success rate for using the ACPO digital forensic framework or the ACPO Framework in comparison with another digital forensic framework, i.e., NIST Framework. This research is also aimed at examining the performance of a mobile forensic tool, i.e., Cellebrite’s UFED Touch2 in comparison with another mobile forensic tool for digital evidence acquisition in smartphones.The research objects were smartphones containing deleted WhatsApp messages. This research successfully implemented the ACPO Framework for digital evidence acquisition in smartphones using Cellebrite’s UFED Touch2 as the mobile forensic tool.</jats:p>",15,1,82,105,Digital evidence; Digital forensics; Computer science; Mobile device; Computer forensics; Data science; Process (computing); Forensic science; Computer security; World Wide Web; Geography; Archaeology; Operating system,,,,,,http://dx.doi.org/10.33050/ccit.v15i1.1586,,10.33050/ccit.v15i1.1586,,,0,,0,true,,bronze
108-070-913-448-812,From time theft to time stamps: mapping the development of digital forensics from law enforcement to archival authority,2019-03-04,2019,journal article,International Journal of Digital Humanities,25247832; 25247840,Springer Science and Business Media LLC,,Corinne Rogers,"The field of digital forensics seems at first glance quite separate from archival work and digital preservation. However, professionals in both fields are trusted to attest to the identity and integrity of digital documents and traces – they are regarded as experts in the acquisition, interpretation, description and presentation of that material. Archival science and digital forensics evolved out of practice and grew into established professional disciplines by developing theoretical foundations, which then returned to inform and standardize that practice. They have their roots in legal requirements and law enforcement. A significant challenge to both fields, therefore, is the identification of records (archival focus) and evidence (digital forensics focus) in digital systems, establishing their contexts, provenance, relationships, and meaning. This paper traces the development of digital forensics from practice to theory and presents the parallels with archival science.",1,1,13,28,Data science; Parallels; Presentation; Digital preservation; Law enforcement; Archival science; Interpretation (philosophy); Identification (information); Digital forensics; History,,,,,https://link.springer.com/article/10.1007/s42803-019-00002-y,http://dx.doi.org/10.1007/s42803-019-00002-y,,10.1007/s42803-019-00002-y,2920267616,,0,002-214-848-360-115; 002-328-258-595-526; 004-441-167-148-170; 005-573-416-928-102; 013-133-468-228-985; 016-004-336-259-323; 017-840-378-634-021; 020-944-423-224-895; 021-850-998-857-676; 025-421-213-608-128; 031-234-153-523-379; 032-960-619-192-843; 037-647-066-964-858; 038-113-177-930-482; 038-668-970-194-854; 043-589-904-668-295; 055-740-268-775-122; 066-537-795-300-925; 067-629-806-155-212; 069-713-118-371-629; 088-309-759-208-842; 091-484-846-148-688; 098-120-541-214-151; 111-741-773-111-021; 127-086-844-715-002; 127-948-386-055-225; 133-397-275-695-990; 134-927-490-231-285; 149-080-386-855-18X; 151-378-930-836-964; 157-954-859-648-506; 167-906-378-249-754; 178-883-713-153-793; 190-065-821-748-92X; 199-745-676-923-766,2,false,,
108-250-961-343-220,TrustCom/BigDataSE - Deduplicated Disk Image Evidence Acquisition and Forensically-Sound Reconstruction,,2018,conference proceedings article,"2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)",,IEEE,,Xiaoyu Du; Paul Ledwith; Mark Scanlon,"The ever-growing backlog of digital evidence waiting for analysis has become a significant issue for law enforcement agencies throughout the world. This is due to an increase in the number of cases requiring digital forensic analysis coupled with the increasing volume of data to process per case. This has created a demand for a paradigm shift in the method that evidence is acquired, stored, and analyzed. The ultimate goal of the research presented in this paper is to revolutionize the current digital forensic process through the leveraging of centralized deduplicated acquisition and processing approach. Focusing on this first step in digital evidence processing, acquisition, a system is presented enabling deduplicated evidence acquisition with the capability of automated, forensically-sound complete disk image reconstruction. As the number of cases acquired by the proposed system increases, the more duplicate artifacts will be encountered, and the more efficient the processing of each new case will become. This results in a time saving for digital investigators, and provides a platform to enable non-expert evidence processing, alongside the benefits of reduced storage and bandwidth requirements.",,,1674,1679,Volume (computing); Digital forensic process; Bandwidth (computing); Digital evidence; Data deduplication; Computer science; Paradigm shift; Real-time computing; Digital forensics; Process (computing),,,,,https://dblp.uni-trier.de/db/conf/trustcom/trustcom2018.html#DuLS18 https://forensicsandsecurity.com/papers/ForensicallySoundReconstruction.php https://markscanlon.co/papers/ForensicallySoundReconstruction.php https://forensicsandsecurity.com/papers/ForensicallySoundReconstruction.pdf https://markscanlon.co/papers/ForensicallySoundReconstruction.pdf,http://dx.doi.org/10.1109/trustcom/bigdatase.2018.00249,,10.1109/trustcom/bigdatase.2018.00249,2808994121,,0,000-360-120-513-679; 018-093-184-946-852; 026-774-296-742-022; 029-268-367-041-280; 050-513-243-638-138; 051-645-938-939-51X; 054-182-695-649-382; 055-614-100-530-52X; 061-290-436-168-797; 061-549-181-856-861; 066-235-037-082-291; 074-614-672-576-143; 079-273-634-331-435; 080-196-042-005-758; 090-752-043-508-733; 094-182-197-652-715; 094-295-279-676-447; 119-234-785-721-155; 119-759-887-719-875; 125-939-677-745-616; 134-927-490-231-285; 139-472-153-252-310; 142-821-739-103-225; 154-517-106-328-503,6,false,,
108-285-718-831-232,Digital imaging methods as an aid in dental identification of human remains.,2002-03-01,2002,journal article,Journal of forensic sciences,00221198,Wiley-Blackwell,United States,C. Michael Bowers; Raymond J. Johansen,"The physical comparison of known (K) and questioned (Q) evidence samples is an accepted tool in numerous forensic identification disciplines (1). A subset of this process is the use of antemortem and postmortem dental radiographs to identify unidentified human remains. This method has been generally accepted for decades (2). The outcome is performed with a considerable degree of accuracy, due in part to a finite pool of possible candidates for identification derived via the NCIC database, passenger lists, and law enforcement Missing Persons reports. This paper describes a dental identification comparison protocol that incorporated digital imaging technology in this process. The computer was used to create digital exemplars of the K and Q evidence that were spatially and quantitatively compared (3). The digital mode allowed direct metric and morphologic comparison through the aid of a digital camera, desktop computer, monitor, and printer. The well-known computer program Adobe Photoshop 5.0 (4) was used to process the digital information in two forensic cases described in this paper. It is a commercially available digital imaging editing program that is operated on laptop and desktop computers possessing sufficient chip speed and RAM (Pentium II or equivalent and at least 76MB RAM) to open the large-size files generated by high-resolution digital capture devices. This program accepts raster-based image formats (e.g. .JPG, .BMP). Photoshop is noted for its diverse imaging functions, which allow the computer monitor to be used as a comparison microscope when Q and K sample images are tiled side-by-side and/or superimposed. Two and three-dimensional Q and K evidence samples can be individually digitized and then independently resized to allow two-dimensional comparison. The investigator also has the ability to create magnified images (200% to 300%) when the original digital image has been captured at near photoquality resolution (300 dpi). The visual comparison of physical features on the computer monitor permits a large field of view and robust digital control over image quality. Photographic measurement and enhancement features of Adobe Photoshop mimics and in some circumstances surpasses the historic use of conventional photographic manipulation in forensic casework. This paper presents two cases processed via routine forensic odontology identification protocols. These protocols had minimal results due to limitations described in the case histories. The additional application of digital methods proved useful in the ultimate identification of these human remains.",47,2,354,359,Digital imaging; Computer graphics (images); Engineering; Raster graphics; Computer monitor; Digital camera; Forensic identification; Digital image; Image file formats; Identification (information),,"Adolescent; Adult; Dental Restoration, Permanent; Female; Forensic Anthropology/methods; Forensic Dentistry/methods; Humans; Odontometry/methods; Postmortem Changes; Radiography, Dental, Digital/methods; Time Factors; Tooth Root/anatomy & histology",,,https://europepmc.org/article/MED/11908607 https://www.astm.org/DIGITAL_LIBRARY/JOURNALS/FORENSIC/PAGES/JFS15257J.htm http://www.astm.org/DIGITAL_LIBRARY/JOURNALS/FORENSIC/PAGES/JFS15257J.htm https://www.ncbi.nlm.nih.gov/pubmed/11908607 https://pubmed.ncbi.nlm.nih.gov/11908607/,http://dx.doi.org/10.1520/jfs15257j,11908607,10.1520/jfs15257j,1809936814,,0,,23,false,,
108-428-003-640-577,Digital Forensic Readiness for Financial Network,,2019,conference proceedings article,2019 International Conference on Platform Technology and Service (PlatCon),,IEEE,,Sungmoon Kwon; Jaehan Jeong; Taeshik Shon,"Major bank hacking cases such as the Carbanak and the Bangladesh bank robbery are reported constantly. As a result of a global joint investigation, Carbanak’s leader has been caught in March 2018, but in the case of the Bangladesh bank robbery, the damage has not been restored to this day due to lack of digital forensic evidence. As shown in the Bangladesh bank robbery, digital forensic evidence is the most important thing for incident response. Therefore, in this paper we propose IP (Internet Protocol) traceback and visualization techniques for better digital forensic.",,,,,Creative visualization; Data visualization; Incident response; Bank robbery; Internet Protocol; Computer security; Computer science; Digital forensics; Hacker; Server,,,,,http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=8669428 http://xplorestaging.ieee.org/ielx7/8668543/8668955/08669428.pdf?arnumber=8669428,http://dx.doi.org/10.1109/platcon.2019.8669428,,10.1109/platcon.2019.8669428,2923856554,,0,033-810-183-595-766; 035-415-282-335-727; 053-098-921-775-048; 062-941-010-577-879; 072-623-440-901-631; 072-713-714-956-410; 088-482-482-964-512; 090-107-201-926-905; 171-865-602-371-41X,2,false,,
108-675-691-849-160,Digital Forensics: 2020 (Seeds are Sown),,2019,,,,,,Santosh Khadsare,"Digital Forensics is a scientifically derived and proved method of Identification, Collection , Analysis, Preservation and Presentation of evidence derived from digital exhibits such as  Computers. Storage Media, Mobiles, Network, Cloud, etc. The Investigation Officer on the basis on the analysis report should be able to reconstruct the sequence of events that took place in the digital domain.",1,7,23,25,Domain (software engineering); Computer science; Multimedia; Identification (information); Cloud computing; Digital forensics,,,,,http://www.cybernomics.in/index.php/cnm/article/view/144,http://www.cybernomics.in/index.php/cnm/article/view/144,,,3019487481,,0,,0,false,,
108-810-448-550-563,Emerging Forensic Tools for Locating and Analyzing Digital Evidence - IT Security Professionals Seizing the Moment,,,book chapter,Emerging Forensic Tools for Locating and Analyzing Digital Evidence,,IGI Global,,Richard Boddington,,,,7155,7781,Business; Seizing; Computer security; Moment (mathematics),,,,,,http://dx.doi.org/10.4018/978-1-4666-9591-7.les11,,10.4018/978-1-4666-9591-7.les11,2487447050,,0,,0,false,,
109-266-091-105-175,Post-Genesis Digital Forensics Investigation,2017-09-22,2017,preprint,,,Center for Open Science,,Andysah Putera Utama Siahaan; Robbi Rahim,"<p>Digital Forensics is a technique used to search for evidence of events that have occurred. This quest aims to reveal the hidden truth. The existence of digital forensic activities due to the occurrence of crimes both in the field of computers or other. Legal treatment in digital forensic field makes this area of science a compulsory device to dismantle crimes involving the computer world. In general, the cyber crime leaves a digital footprint, so it is necessary for a computer forensics expert to secure digital evidence. Computer forensics necessarily requires a standard operational procedure in taking digital evidence so as not to be contaminated or modified when the data is analyzed. The application of digital forensic is beneficial to the legal process going well and correctly.</p>",,,,,Digital forensics; Computer forensics; Digital evidence; Computer science; Field (mathematics); Computer security; Crime scene; Forensic science; Process (computing); Data science; Law; Political science; Geography; Mathematics; Archaeology; Pure mathematics; Operating system,,,,,,http://dx.doi.org/10.31227/osf.io/h5bds,,10.31227/osf.io/h5bds,,,0,,0,true,,green
109-830-530-152-905,LegalAIIA@ICAIL - Technology assisted analysis of timeline and connections in digital forensic investigations,2019-06-17,2019,book,,,,,Hans Henseler; Jessica Hyde,"This article describes ongoing research on the application of AI techniques such as Graph Neural Networks to assist investigators with the discovery of relations and patterns in digital forensic evidence. Digital forensic analysis of smartphones and computers reveals forensic artifacts that are extracted from structured databases maintained by the operating system and applications. Such forensic artifacts are part of a forensic ontology which can be used to build a relational graph of identifiers (e.g. users, documents) and a timeline of events. This information can assist with answering key investigation questions such as who, when, where etc. We propose to use a graph database and query language to assist in this analysis. Further, using key identifiers and aliases we want to augment digital forensic artifacts with entities, relations and events by extraction from the full-text of unstructured electronic contents such as emails and documents.",,,32,37,Identifier; Ontology (information science); Graph database; Query language; Key (cryptography); Information retrieval; Relational graph; Computer science; Timeline; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/icail/legalaiia2019.html#HenselerH19 https://hbo-kennisbank.nl/resolve/hsleiden/eyJoIjogIjYzZTI1MjQ2N2E3MTlmMjFmN2ZkYTFlODU0ZTIwMGQ4ZTg0NzIyNjU2ODg0NWNhYWEyODgzZTQxODY3OTFkN2EiLCAidSI6ICJodHRwczovL3N1cmZzaGFyZWtpdC5ubC9vYmplY3RzdG9yZS84NzQ5MGM3MC1hYmZmLTQyNDktOTczYS05ZGMwOGIyZjQ4M2EifQ== https://www.narcis.nl/publication/RecordID/oai%3Ahbokennisbank.nl%3Asharekit_hsleiden%3Aoai%3Asurfsharekit.nl%3Af9e4cd16-0577-4bb9-a41c-359ebecbf344 http://ceur-ws.org/Vol-2484/paper5.pdf https://hbo-kennisbank.nl/details/sharekit_hsleiden%3Aoai%3Asurfsharekit.nl%3Af9e4cd16-0577-4bb9-a41c-359ebecbf344,https://dblp.uni-trier.de/db/conf/icail/legalaiia2019.html#HenselerH19,,,3013983985,,0,035-031-257-128-045; 044-692-024-531-380; 057-720-182-045-334; 058-524-881-329-30X; 070-673-111-451-994; 094-426-455-409-08X; 154-517-106-328-503; 191-787-431-475-170,2,false,,
110-131-476-217-052,Data Mining Technique to Data Collection and Analysis for Cyber Forensic,2020-01-30,2020,journal article,International Journal of Recent Technology and Engineering (IJRTE),22773878,Blue Eyes Intelligence Engineering and Sciences Engineering and Sciences Publication - BEIESP,,Prashant Khobragade*; Pranay Saraf; Preeti Thakre; Priya maidamwar,"<jats:p>In the world of Digital forensic the uncovered digital may contain vital information for digital data investigation for investigator. Digital data collected from the crime scene leads to find out the clue after performing analysis by the examiner. This process of data examination data collection and analysis plays important role in cyber world for the forensic investigator. The cybercrime is a part of computer forensics where the digital evidences are analyze by the investigator and to perform analysis special measurements and techniques are required in order to use this details that has to be accepted in court of law for law enforcement. The data collection of evidence is a key aspect for the investigator, such kind of digital data has to be collected from different sources at the crime scene and this process involves to collect each and every evidence of digital crime scene and later this gather data will be analyze by the experts to reach to the conclusion. In this paper the proposed method collected the data from the crime scene efficiently which includes log data, transactional data, physical drive data, and network data; later this collected data analyzed to find out the theft node in the network. In this paper FTK 4.0 digital forensic tool used to reduce plenty of time for data processing and later report will be produce that will be accepted tin the court of law. This paper also focuses the data collection method with in the network and reach to the faulty node and later this faulty node analyzed with all collected data for forensic analysis. For this standard algorithm used to analyze the performance of distinct features used for network attacks. Kmeans clustering methodology is used to create cluster of victim node and represent victim data in systematic manner for the ease of law enforcement.</jats:p>",8,5,2786,2789,Digital evidence; Digital forensics; Law enforcement; Computer science; Data collection; Crime scene; Digital data; Network forensics; Node (physics); Cybercrime; Process (computing); Data science; Computer security,,,,,,http://dx.doi.org/10.35940/ijrte.d8543.018520,,10.35940/ijrte.d8543.018520,,,0,,0,true,,gold
110-142-835-904-035,Digital Evidence Object Model for Situation Awareness and Decision Making in Digital Forensics Investigation,2021-09-01,2021,journal article,IEEE Intelligent Systems,15411672; 19411294,Institute of Electrical and Electronics Engineers (IEEE),United States,Sarunas Grigaliunas; Jevgenijus Toldinas; Algimantas Venčkauskas; Nerijus Morkevicius; Robertas Damasevicius,"The aim of a forensic investigation is to provide situation awareness in terms of identification and preservation of digital evidence, extraction of information, and analysis of extracted information to facilitate time-critical decision making. Digital forensic investigation is a process of collecting, examining, and analyzing digital data from various places such as digital devices, networks, and big data in the cloud. Here we propose a novel digital evidence object (DEO) model for the reduction of forensics data in digital forensic investigation and describe its application. The proposed DEO model is based on the synergy of category theory and integration of 5Ws (Who, What, When, Where, and Why) of digital investigation analysis techniques for digital evidence acquisition. We present a real-life case study to demonstrate its suitability for assisting computer forensics experts in the digital evidence investigation. Our results demonstrate that the application of the DEO model can noticeably decrease the number of false positive evidence objects submitted to a forensics expert, thus reducing his/her workload and improving decision making performance in a time-critical setting.",36,05,39,48,Situation awareness; Data science; Digital data; Digital evidence; Computer science; Computer forensics; Intelligent decision support system; Big data; Identification (information); Digital forensics,,,,,https://www.computer.org/csdl/magazine/ex/2021/05/09178959/1mDpBvAEzn2 https://ieeexplore.ieee.org/abstract/document/9178959/ https://dblp.uni-trier.de/db/journals/expert/expert36.html#GrigaliunasTVMD21,http://dx.doi.org/10.1109/mis.2020.3020008,,10.1109/mis.2020.3020008,3082246520,,0,031-733-321-509-944; 033-826-748-864-027; 046-568-990-053-305; 057-744-964-946-459; 062-032-128-092-406; 067-752-747-116-312; 088-553-642-323-93X; 112-910-981-584-836; 122-299-786-698-239; 133-508-126-407-763; 146-021-806-272-345; 167-751-222-897-487,5,false,,
110-377-139-748-215,The case for Zero Trust Digital Forensics,,2022,journal article,Forensic Science International: Digital Investigation,26662817; 26662825,Elsevier BV,,Christopher Neale; Ian Kennedy; Blaine Price; Yijun Yu; Bashar Nuseibeh,"It is imperative for all stakeholders that digital forensics investigations produce reliable results to ensure the field delivers a positive contribution to the pursuit of justice across the globe. Some aspects of these investigations are inevitably contingent on trust, however this is not always explicitly considered or critically evaluated. Erroneously treating features of the investigation as trusted can be enormously damaging to the overall reliability of an investigation's findings as well as the confidence that external stakeholders can have in it. As an example, digital crime scenes can be manipulated by tampering with the digital artefacts left on devices, yet recent studies have shown that efforts to detect occurrences of this are rare and argue that this leaves digital forensics investigations vulnerable to accusations of inaccuracy. In this paper a new approach to digital forensics is considered based on the concept of Zero Trust, an increasingly popular design in network security. Zero Trust describes the practitioner mindset and principles upon which the reliance on trust in network components is eliminated in favour of dynamic verification of network interactions. An initial Definition of Zero Trust Digital Forensics will be proposed and then a specific example considered showing how this strategy can be applied to digital forensic investigations to mitigate against the specific risk of evidence tampering. A definition of Zero Trust Digital Forensics is proposed, specifically that it is ‘a strategy adopted by investigators whereby each aspect of an investigation is assumed to be unreliable until verified’. A new principle will be introduced, namely the ‘multifaceted verification of digital artefacts’ that can be used by practitioners who wish to adopt a Zero Trust Digital Forensics strategy during their investigations. A qualitative review of existing artefact verification techniques is also conducted in order to briefly evaluate the viability of this approach based on current research efforts. • Trust influences the reliability of forensic investigations yet is rarely explicitly considered. • A new strategy for investigations is proposed influenced by Zero Trust principles. • A motivating example illustrates the need for such a strategy.",40,,301352,301352,Digital forensics; Mindset; Computer security; Computer science; Globe; Network forensics; Computer forensics; Digital evidence; Zero (linguistics); Field (mathematics); Internet privacy; Data science,,,,UK Research and Innovation; Engineering and Physical Sciences Research Council; Science Foundation Ireland,,http://dx.doi.org/10.1016/j.fsidi.2022.301352,,10.1016/j.fsidi.2022.301352,,,0,003-232-363-219-004; 007-832-595-971-443; 009-344-895-342-85X; 009-512-003-529-193; 016-145-301-135-450; 022-626-519-506-300; 045-783-901-971-215; 047-386-524-667-691; 048-250-488-210-056; 062-168-384-023-533; 078-598-867-814-365; 081-032-497-600-401; 131-807-250-432-699; 134-927-490-231-285; 166-999-959-693-14X,0,true,cc-by,hybrid
110-433-285-269-70X,Reduction of Digital Forensic Evidence Using Data Science,2018-09-29,2018,book chapter,Advances in Intelligent Systems and Computing,21945357; 21945365,Springer Singapore,,Devesh Kumar Srivastava,"The hasty headway in the field of information technology has lead ways for an escalating crime rate being technically exhaustive. The crimes involving digital tools and devices assist to be the forensic evidences. An upsurge in digital evidences is coalesced with the growing size of storage devices. Pertaining to the ineffectualness of the traditional analysis methods to handle the colossal amount of digital data, the forensic investigators have to adopt big data analytics to store, recover, and analyze the digital evidence. The storage of digital evidence calls for surveillance and security, thereby preserving its evidential significance. The digital analysis and fraud detection make the recovery and storage of digital data achievable by effective data reduction and exploiting the features of data mining for storage and data archive. Advancement with the forensic analysis assures automated management of digital data thus safeguarding the sensitivity of data. The paper aims to take the facets of data reduction for efficient storage and retrieval of digital data, and an overall digital forensic research framework has been outlined. The proposed work supports the existing framework for data reduction and storage. It also outlines the challenges and the unaddressed aspects of digital forensics. In this paper, I also discussed the unaddressed aspects of forensic investigations and peaks into the loopholes and the opportunity realms that can lay groundwork for future.",,,381,389,Information technology; Conceptual framework; Data reduction; Data science; Digital data; Digital evidence; Field (computer science); Computer science; Big data; Digital forensics,,,,,https://rd.springer.com/chapter/10.1007/978-981-13-1165-9_35 https://link.springer.com/chapter/10.1007/978-981-13-1165-9_35,http://dx.doi.org/10.1007/978-981-13-1165-9_35,,10.1007/978-981-13-1165-9_35,2893204368,,0,013-133-468-228-985; 033-877-222-136-260; 046-169-392-846-761; 049-223-763-769-747; 050-513-243-638-138; 057-269-936-036-693; 062-202-545-220-180; 066-840-680-591-488; 081-458-407-971-603; 125-384-800-661-375; 134-927-490-231-285; 146-773-338-621-314; 156-972-666-676-888,3,false,,
110-625-045-233-448,GUIDELINES FOR COLLECTING AND CENTRALIZING NETWORK DIGITAL EVIDENCES,,2011,journal article,International journal of new computer architectures and their applications,,,,Mohammed Abbas; Elfadil Sabeil Azizah Abdul Manaf,"Network forensic investigators have stated the significance of network digital evidences due to digital crimes science and depicted its ability to come up with rare solutions that limited to network forensic and meanwhile system (computer) forensic cannot. Normally, researchers and experts suggest and propose many different solutions such as Firewall's Logs, IDS/IPD Logs, Switches and Router's Logs and eventually incorporate more advanced systems like Honeywall Architecture to effectively help to investigate network digital evidences. Actually, Honeynet Architecture basically is built to simplify network forensic investigation operations through key features that help to collect and capture network inbound and outbound packets [1][2]. Honeynet Architecture is unique in terms of builtin and well configured tools and utilities which help to achieve the mission. A Honeynet is an architecture which its purpose is basically to build a highly controlled network that control and ABSTRACT",1,2,437,458,Architecture; World Wide Web; Network packet; Honeypot; Firewall (construction); Router; Key features; Computer security; Computer science; Digital library; Wireless,,,,,http://sdiwc.net/digital-library/guidelines-for-collecting-and-centralizing-network-digital-evidences.html,http://sdiwc.net/digital-library/guidelines-for-collecting-and-centralizing-network-digital-evidences.html,,,2149273170,,0,008-012-687-867-953; 035-117-517-526-478; 037-141-626-931-184; 063-984-859-415-066; 116-536-149-434-424; 119-993-734-113-560; 120-582-628-652-957; 125-156-551-161-614; 152-481-755-437-975; 185-003-308-382-926,0,false,,
111-031-348-042-452,The Context and Background,,2014,book chapter,Judiciary-Friendly Forensics of Software Copyright Infringement,,IGI Global,,,"<jats:p>This chapter introduces the nature, evolution, and development of cyber (digital) crimes in the context of the modern digital revolution with particular stress on software piracy and copyright infringement. Firstly, it overviews the various forensic implications of cyber criminality in its various forms and goes on to talk about the detection, preservation, and forensic utilisation of digital evidence, as well as its relationship to global cyber legislation. Next, it concentrates on exploring the fields of digital and software forensics and then software piracy as a cyber crime. The chapter then discusses the forensics of the infringement of software copyright, especially in terms of its legal and judicial complexity. Finally, it concludes by explaining how all the various complex issues bear on the crucial role of the cyber forensic consultant experts in the collection, interpretation and presentation of the digital evidence in a manner that is both judicially efficient and convincing. </jats:p>",,,1,34,Digital forensics; Context (archaeology); Software; Computer security; Presentation (obstetrics); Legislation; Interpretation (philosophy); Computer forensics; Internet privacy; Computer science; Judicial interpretation; Political science; Data science; Law; History; Medicine; Archaeology; Radiology; Programming language,,,,,,http://dx.doi.org/10.4018/978-1-4666-5804-2.ch001,,10.4018/978-1-4666-5804-2.ch001,,,0,002-598-630-428-311; 005-136-753-965-857; 014-082-506-216-299; 017-619-716-693-348; 018-780-253-164-948; 021-575-322-862-578; 029-956-698-780-087; 047-010-436-077-442; 063-984-859-415-066; 074-777-270-980-043; 167-592-705-831-583,0,false,,
111-088-673-516-057,A Digital Forensics Method in Cloud Computing Environment,,2014,journal article,Applied Mechanics and Materials,16627482,"Trans Tech Publications, Ltd.",,Hai Yan Chen,"In the context of the wide application of cloud computing technology, Internet crimes with the support of such technology will increase. In this article, the author proposed a holistic set of digital forensics method applicable in could computing environment from the point of the four stages of digital evidence collection, preservation, analysis and presentation. In evidence collection session, original resource of electric data collection was discussed. In evidence preservation session, electronic data storage system on Hadoop was designed. In evidence analysis session, two types of crime data were analyzed. In evidence presentation session, what the result should be shown were explained.",635-637,,1471,1475,The Internet; Data collection; World Wide Web; Digital evidence; Session (computer science); Computer science; Multimedia; Network forensics; Computer forensics; Cloud computing; Digital forensics,,,,,https://www.scientific.net/AMM.635-637.1471,http://dx.doi.org/10.4028/www.scientific.net/amm.635-637.1471,,10.4028/www.scientific.net/amm.635-637.1471,2064447703,,0,040-155-905-622-611; 052-152-063-024-042; 175-615-330-621-211; 182-355-544-654-815,0,false,,
111-347-025-588-953,“Chain of Digital Evidence” Based Model of Digital Forensic Investigation Process,,2011,,,,,,Jasmin Ćosić; Zoran Ćosić; Miroslav Bača,"Computer forensics is essential for the successful prosecution of criminals in computer (cyber) crime. Digital investigation process must be done in a lawful way, and some proposed steps must be followed in order for evidence to be accepted by the court of law. The digital forensic investigation process will be successful, if we follow simple rules. The aim of this paper is to compare different existing models and framework developed in recent years and propose a new framework based on “chain of digital evidence”. This Framework will be modeled using a UML – Use Case and Activity diagrams. The authors also warns of certain shortcomings and suggests some recommendation for further research.",9,8,18,24,Unified Modeling Language; Order (exchange); Data science; Digital evidence; Digital forensic investigation; Computer security; Computer science; Process (engineering); Computer forensics; Activity diagram; Digital forensics,,,,,https://www.bib.irb.hr/601447,https://www.bib.irb.hr/601447,,,2741294679,,0,010-086-703-646-194; 032-246-414-391-330; 190-065-821-748-92X,6,false,,
111-488-239-742-003,Framework for Reliable Experimental Design (FRED):: A research framework to ensure the dependable interpretation of digital data for digital forensics,,2018,journal article,Computers & Security,01674048,Elsevier BV,United Kingdom,Graeme Horsman,"Abstract The establishment of fact forms the cornerstone of any forensic discipline, with digital analysis being no exception. Practitioners are under an obligation as expert witnesses to provide factual accounts of digital scenarios, which must be underpinned by robust knowledge and evidential findings. To achieve this level of reliability, investigatory research must be suitably planned, implemented and analysed in a way which instills confidence in the accuracy of any findings. This is particularly important as digital forensic organisations are now facing the impending requirement to have acquired ISO/IEC 17025 accreditation. This article proposes the Framework for Reliable Experimental Design (FRED) to support those engaged in the field of digital forensics research to contribute reliable, robust findings. FRED focuses on the underpinning procedures involved within undertaking the reverse engineering of digital data structures and the process of extracting and interpreting digital content in a reliable way. The proposed framework is designed to be a resource for those operating within the digital forensic field, both in industry and academia, to support and develop research best practice within the discipline.",73,,294,306,Forensic science; Conceptual framework; Data science; Digital data; Digital content; Digital evidence; Computer security; Computer science; Process (engineering); Resource (project management); Digital forensics,,,,,https://doi.org/10.1016/j.cose.2017.11.009 https://research.tees.ac.uk/en/publications/framework-for-reliable-experimental-design-fred-a-research-framew https://research.tees.ac.uk/ws/files/4355231/621551.pdf https://dblp.uni-trier.de/db/journals/compsec/compsec73.html#Horsman18 https://www.sciencedirect.com/science/article/pii/S0167404817302468 https://core.ac.uk/download/pdf/196166325.pdf,http://dx.doi.org/10.1016/j.cose.2017.11.009,,10.1016/j.cose.2017.11.009,2769542598,,0,002-625-978-577-247; 004-706-447-836-905; 007-790-059-029-953; 009-386-221-930-423; 011-946-587-391-596; 012-410-670-929-028; 019-620-931-459-002; 021-039-461-635-181; 032-697-093-668-898; 033-877-222-136-260; 035-672-281-328-899; 037-886-407-309-770; 038-668-970-194-854; 043-947-795-550-171; 045-243-807-828-458; 050-171-086-268-964; 050-513-243-638-138; 066-235-037-082-291; 066-403-963-486-412; 067-577-414-064-539; 067-844-385-207-96X; 074-014-335-505-388; 074-299-373-252-299; 075-128-417-091-483; 078-275-236-083-731; 081-896-209-272-043; 086-419-575-179-359; 090-894-834-543-459; 093-650-425-263-585; 095-691-114-276-825; 098-748-261-333-651; 101-436-770-235-826; 111-090-978-711-139; 118-838-969-146-870; 125-384-800-661-375; 127-053-349-240-432; 129-080-110-367-50X; 133-397-275-695-990; 133-828-777-357-301; 134-927-490-231-285; 137-755-137-054-864; 172-364-607-042-640; 174-414-868-068-131; 184-948-841-629-735,29,true,cc-by-nc-nd,green
111-660-907-279-133,Organisational preparedness for hosted virtual desktops in the context of digital forensics,,,,,,,,Nirbhay Jawale; Ajit Narayanan,"Virtualization in computing has progressed to an extent where desktops can be virtualized and accessed from anywhere. The server hosted model has already surpassed 1% market share of the worldwide professional PC market, with estimates indicating that this is a rapidly growing area. This paper investigates the adequacy of current digital forensic procedures on hosted virtual desktops (HVDs) as there does not appear to be specific methods of locating and extracting evidences from this infrastructure. A hosted virtual desktop deployed in private clouds was simulated to reflect two different computer crime scenarios. It was found that current digital forensic procedures may not be adequate for locating and extracting evidence, since the infrastructure introduces complications such as persistent/non-persisted disk modes and segregating data in a multi-tenant environment.",,,,,Virtual desktop; Engineering; World Wide Web; Market share; Preparedness; Context (language use); Computer security; Virtualization; Digital forensics,,,,,https://ro.ecu.edu.au/adf/97/ https://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1096&context=adf,http://dx.doi.org/10.4225/75/57b2be5e40ced,,10.4225/75/57b2be5e40ced,1575207699,,0,015-264-924-343-905,2,false,,
112-049-549-865-940,The Protection Mechanism for Digital Evidence Collecting System and its Future Trend,,2004,journal article,Computer Science,15082806,,,Ji Jian,"Research regarding Digital Forensic Technologies has become more active with the recent increases in illegal accesses to computer system. Many researchers focus only on the techniques or mechanisms for evidence detecting and evidence analyzing, without considering the security of forensic mechanisms themselves. In this situation, we can't protect the digital evidence completely. Based on the analysis of relative researches, this paper summarizes the existing proposals, and offers suggestions to enhance the protection of Digital Evidence Collecting System.",,,,,Forensic science; Protection mechanism; Digital evidence; Collection system; Future trend; Computer security; Focus (computing); Computer science; Digital forensics,,,,,http://en.cnki.com.cn/Article_en/CJFDTOTAL-JSJA200407002.htm,http://en.cnki.com.cn/Article_en/CJFDTOTAL-JSJA200407002.htm,,,2389710391,,0,,0,true,publisher-specific,gold
112-416-596-524-614,Digital Forensic Investigation using WinHex Tool,,2012,,,,,,B. B. Meshram,"Cyber attacks from various sources are demanding its prevention in the new era of information security. Cyber forensic is a relatively new fields that is the collection, analysis and documentation of a Cyber attacks. It is becoming increasingly important as criminals aggressively expand the use of technology in their enterprise of illegal activities. An established forensic analyst mines the crucial evidence from susceptible locations to comprehend attacker’s intension. Digital evidences are collected from storage media and preserve it for further processing. The typical goal of an investigation is to collect evidence using generally acceptable methods in order to make the evidence is accepted and admitted on the court. Main focus of this paper is the complete investigation procedure of storage media. Our paper also explains emerging cyber crimes and its digital forensic investigation procedures using digital forensic tools and techniques.",,,,,Engineering; Use of technology; Digital forensic investigation; Computer security; Information security; Documentation; Intension; Digital forensics,,,,,http://www.ijcst.com/vol31/3/sindhu.pdf,http://www.ijcst.com/vol31/3/sindhu.pdf,,,2189254576,,0,019-698-064-288-240; 025-321-851-072-69X; 055-425-122-624-954; 085-214-277-668-01X; 139-567-850-350-938,1,false,,
112-744-755-472-229,Forensic Analysis using Text Clustering in the Age of Large Volume Data: A Review,,2019,journal article,International Journal of Advanced Computer Science and Applications,21565570; 2158107x,The Science and Information Organization,,Bandar Saleh Mouhammed ِAlmaslukh,"Exploring digital devices in order to generate digital evidence related to an incident being investigated is essential in modern digital investigation. The emergence of text clustering methods plays an important role in developing effective digital forensics techniques. However, the issue of increasing the number of text sources and the volume of digital devices seized for analysis has been raised significantly over the years. Many studies indicated that this issue should be resolved urgently. In this paper, a comprehensive review of digital forensic analysis using text-clustering methods is presented, investigating the challenges of large volume data on digital forensic techniques. Moreover, a meaningful classification and comparison of the text clustering methods that have been frequently used for forensic analysis are provided. The major challenges with solutions and future research directions are also highlighted to open the door for researchers in the area of digital forensics in the age of large volume data.",10,6,,,Volume (computing); Forensic science; Document clustering; Data science; Digital evidence; Computer science; Digital forensics,,,,,https://thesai.org/Publications/ViewPaper?Volume=10&Issue=6&Code=IJACSA&SerialNo=10 https://thesai.org/Downloads/Volume10No6/Paper_10-Forensic_Analysis_using_Text_Clustering.pdf https://repository.psau.edu.sa/xmlui/handle/123456789/92614,http://dx.doi.org/10.14569/ijacsa.2019.0100610,,10.14569/ijacsa.2019.0100610,2955593819,,0,,8,true,cc-by,gold
112-973-164-071-334,PENERAPAN METODE COMPOSITE LOGIC UNTUK PERANCANGAN FRAMEWORK PENGUMPULAN BUKTI DIGITAL PADA MEDIA SOSIAL,2019-08-31,2019,journal article,ILKOM Jurnal Ilmiah,25487779; 20871716,Universitas Muslim Indonesia,,Muhammad Naim Al Jumah; Bambang Sugiantoro; Yudi Prayudi,"Social media has become a major part of society. But most of the time social media is used as a way people commit the crime. Due to numerous crimes that use social media, it is essential to design a framework to gather digital evidence on social media. This study develops the design of Framework by implementing Composite Logic Model.  A logic Composite model can be used to determine the role model of any variable or pattern that need to collaborate. Composite Logic Model will produce a role model that has a role to produce patterns so that it can produce the same goal. A method of Composite Logic will collaborate with the Digital Forensics Investigation framework to produce a Digital Evidence Collection Framework on Social Media. Based on data and facts, this study has been producing a new framework of gathering digital evidence on social media. The framework has four main stages in the process of collecting digital evidence on social media including pre-process, collection, analysis, and report.",11,2,135,142,Commit; Variable (computer science); Data science; Logic model; Digital evidence; Computer science; Process (engineering); Role model; Social media; Digital forensics,,,,,http://jurnal.fikom.umi.ac.id/index.php/ILKOM/article/download/442/185 http://jurnal.fikom.umi.ac.id/index.php/ILKOM/article/view/442 https://doaj.org/article/efcb636576584f61b976088a5506c006 https://core.ac.uk/download/pdf/228866360.pdf,http://dx.doi.org/10.33096/ilkom.v11i2.442.135-142,,10.33096/ilkom.v11i2.442.135-142,2974808412,,0,,0,true,cc-by-sa,gold
113-186-841-910-048,Learn Computer Forensics,2020-06-11,2020,book,,,,,William Oettinger,"Get up and running with collecting evidence using forensics best practices to present your findings in judicial or administrative proceedings; Key Features; Learn the core techniques of computer forensics to acquire and secure digital evidence skillfully; ; Conduct a digital forensic examination and document the digital evidence collected; ; Analyze security systems and overcome complex challenges with a variety of forensic investigations; Book Description; A computer forensics investigator must possess a variety of skills, including the ability to answer legal questions, gather and document evidence, and prepare for an investigation. This book will help you get up and running with using digital forensic tools and techniques to investigate cybercrimes successfully. ; ; Starting with an overview of forensics and all the open source and commercial tools needed to get the job done, you'll learn core forensic practices for searching databases and analyzing data over networks, personal devices, and web applications. You'll then learn how to acquire valuable information from different places, such as filesystems, e-mails, browser histories, and search queries, and capture data remotely. As you advance, this book will guide you through implementing forensic techniques on multiple platforms, such as Windows, Linux, and macOS, to demonstrate how to recover valuable information as evidence. Finally, you'll get to grips with presenting your findings efficiently in judicial or administrative proceedings. ; ; By the end of this book, you'll have developed a clear understanding of how to acquire, analyze, and present digital evidence like a proficient computer forensics investigator.; What you will learn; Understand investigative processes, the rules of evidence, and ethical guidelines; ; Recognize and document different types of computer hardware; ; Understand the boot process covering BIOS, UEFI, and the boot sequence; ; Validate forensic hardware and software; ; Discover the locations of common Windows artifacts; ; Document your findings using technically correct terminology; Who this book is for; If you're an IT beginner, student, or an investigator in the public or private sector this book is for you.This book will also help professionals and investigators who are new to incident response and digital forensics and interested in making a career in the cybersecurity domain.",,,,,Web application; Variety (cybernetics); Domain (software engineering); Best practice; Data science; Digital evidence; Computer science; Terminology; Computer forensics; Digital forensics,,,,,http://www.business-vox.com/catalog/book/88897587,http://www.business-vox.com/catalog/book/88897587,,,3035603959,,0,,0,false,,
113-259-217-133-665,Cyber Forensics: Issues and Approaches,,,book chapter,Managing Cyber Threats,,Springer-Verlag,,Jau-Hwang Wang,"This chapter introduces the concept of cyber forensics, digital evidence, and computer forensic process. Cyber forensics is defined as the application of computer science to laws — to process and analyze digital evidence, to reconstruct a crime, and to provide links among the offender, the victim and the crime scene. Basically Digital evidence includes all digital data, which can be used to establish that a crime has been committed or can provide a link between a crime and its victim or a crime and its perpetrator. The forensic process of digital evidences includes evidence recognition, collection, preservation, and analysis for crime reconstruction.",,,313,330,Crime scene; Digital data; Digital evidence; Crime investigation; Computer security; Computer science; Process (engineering),,,,,https://rd.springer.com/chapter/10.1007/0-387-24230-9_13 https://link.springer.com/content/pdf/10.1007%2F0-387-24230-9_13.pdf https://link.springer.com/chapter/10.1007/0-387-24230-9_13,http://dx.doi.org/10.1007/0-387-24230-9_13,,10.1007/0-387-24230-9_13,93745046,,0,003-053-324-410-996; 019-831-293-743-518; 022-376-310-087-249; 025-832-466-975-926; 041-030-338-346-880; 055-590-023-850-939; 085-379-403-609-164; 091-715-099-676-430; 118-616-296-088-480; 129-850-634-633-918; 140-821-103-436-654; 177-397-698-749-440; 180-352-675-042-601; 182-962-922-039-081; 199-172-967-270-034,2,false,,
114-090-829-194-843,KES - Extended abstract digital forensics model with preservation and protection as umbrella principles,,2014,journal article,Procedia Computer Science,18770509,Elsevier BV,,Shahzad Saleem; Oliver Popov; Ibrahim Bagilli,"Abstract In this research, a literature review was conducted where twenty (n=20) frameworks and models highlighting preservation of the integrity of digital evidence and protection of basic human rights during digital forensic investigations were studied. The models not discussing the process at an abstract level were excluded. Therefore, thirteen (n=13) of the studied models were included in our analysis. The results indicated that published abstract models lack preserving the integrity of digital evidence and protecting the basic human rights as explicit overarching umbrella principles. To overcome this problem, we proposed an extension to Reith's abstract digital forensics model explicating preservation of integrity and protection of human rights as the two necessary umbrella principles.",35,,812,821,Human rights; Information system; Digital evidence; Computer security; Computer science; Process (engineering); Engineering ethics; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/kes/kes2014.html#SaleemPB14 https://core.ac.uk/display/82554968 http://www.diva-portal.org/smash/record.jsf?pid=diva2:773761 https://www.researchgate.net/profile/Ibrahim_Baggili/publication/265848150_Extended_abstract_digital_forensics_model_with_preservation_and_protection_as_umbrella_principles/links/541e2d720cf2218008d1dd10.pdf https://www.sciencedirect.com/science/article/abs/pii/S1877050914012113 https://www.sciencedirect.com/science/article/pii/S1877050914012113 https://core.ac.uk/download/pdf/82554968.pdf,http://dx.doi.org/10.1016/j.procs.2014.08.246,,10.1016/j.procs.2014.08.246,2080628430,,0,001-009-008-665-240; 001-135-038-170-705; 002-633-335-300-244; 009-701-742-236-493; 011-972-444-921-827; 017-840-378-634-021; 019-505-819-376-748; 019-698-064-288-240; 019-831-293-743-518; 020-944-423-224-895; 021-274-925-963-096; 021-850-998-857-676; 032-697-093-668-898; 035-223-520-491-228; 035-877-258-121-493; 038-668-970-194-854; 041-227-773-004-745; 043-557-221-344-121; 045-581-544-307-619; 062-325-585-829-185; 065-452-675-566-99X; 067-545-085-582-063; 076-578-517-786-850; 078-072-950-053-679; 080-145-245-150-605; 094-587-727-381-031; 097-723-876-253-714; 110-079-538-894-548; 111-741-773-111-021; 124-912-663-881-389; 132-355-634-397-986; 138-304-979-688-517; 145-002-823-706-838; 154-446-346-619-232; 159-094-605-033-945; 160-240-603-104-314; 178-883-713-153-793; 181-095-475-426-346; 184-948-841-629-735; 199-745-676-923-766,15,true,,gold
114-642-612-579-69X,PERANAN ILMU DIGITAL FORENSIK TERHADAP PENYIDIKAN KASUS PERETASAN WEBSITE,2020-07-14,2020,journal article,Vol. 21 No 1 April 2020,24422274,Universitas Pasundan,,Synthiana Rachmie,"<jats:p>Digital forensic is part of  forensic science being used for investigation and cases inquiry in terms of digital datafinding.  This  research  focusedon understandingthe application of investigator’s expertise  on  digital forensic to support identification process of a case to obtain evidence in a relatively fast and precise time and to reveal the motive  and  mens  rea behind the act  of the  offender.  Conceptual  approach was  used  in this research alongsidethe case approach. The findings showed that digital forensic science has been applied by investigators however it cannot be maximal for it also depends on what case the investigator is working on. In the case of website hacking, investigator used internet/network forensic through surveillance and collecting evidence as leads. It is suggested that every investigator should learn and master digital forensic science to support  their  expertise  and  other  non-legal  knowledge  and  it  is  vital  to  provide  sufficientfacilities  and infrastructures to obtain a comprehensive investigation.</jats:p>",,21,104,127,,,,,,http://dx.doi.org/10.23969/litigasi.v21i1.2388,http://dx.doi.org/10.23969/litigasi.v21i1.2388,,10.23969/litigasi.v21i1.2388,3049232542,,0,022-036-544-197-474; 052-054-657-975-487; 055-086-544-213-027; 075-591-424-638-445; 076-463-766-205-148; 086-018-338-372-932; 086-586-745-336-678; 104-993-530-236-37X; 113-002-819-576-830; 118-397-112-434-709; 119-753-128-756-504,0,true,cc-by,gold
114-953-077-218-128,Izgradnja otvorenog okvira za uspostavu i očuvanje lanca dokaza u forenzičkoj analizi digitalnih dokaza,2014-05-16,2014,dissertation,,,,,Jasmin Ćosić,"The ultimate goal of every digital forensic investigation is lawfully acquiredand by the court accepteddigital evidence. This means that all the evidence must be collected through the process of digital forensic investigation, which cannotbegin without the order of the court, prosecution or administrative case of internal investigations in enterprises.The integrity of digital evidence must be preserved and prove, on the way proving the inviolability of the chain of evidence. This means that weanytimemust: know, who, what, when, how, why and where they come into contact with digital evidence. If there is an interruption of the chain, the court will not accept theevidence. The main aim of this thesisis scientific research that will give insight into the methods of maintaining the chain of digital evidence, methods to provethe integrity of digital evidenceand clarification of the life cycle of digital evidence. The goal isto address the shortcomings of existing methods, and defining new directions of research in solving chain of digital evidence problems using the ontology of digital evidence through ""DEMF"" - Digital Evidence Management Framework. The reason is to exactly know answer all the important questions participants in the digital investigation, but would also maintain the chain of evidence. The ultimate goal is to formally describe concepts that occur in the process of managing digital evidence, and build a framework to help judges and other persons engaged in the admissibility of digital evidence. Ontology of digital evidence and the chain of evidence aredeveloped, basic business rules (if-then rules) are defined, which are the main driver framework that allows determiningwhich evidence is formally acceptable and which isnot. Validation and evaluation of ontologyare constructed, and few instances created, that were used for the framework testing.In addition, in this paperispresented, a preliminary research conducted atthe courts in Bosnia and Herzegovina, related to digital evidence, proving the inviolability of the chain of evidence, and construct the admissibility of digital evidence.",,,,,Chain of custody; Business rule; Engineering; Construct (philosophy); Data science; Ontology; Knowledge modeling; Digital evidence; Computer security; Process (engineering); Digital forensics,,,,,https://dabar.srce.hr/en/islandora/object/foi%3A513 https://repozitorij.foi.unizg.hr/islandora/object/foi%3A513 https://dr.nsk.hr/en/islandora/object/foi%3A513 https://dr.nsk.hr/islandora/object/foi:513/datastream/PDF/download https://repozitorij.foi.unizg.hr/islandora/object/foi:513/datastream/PDF/download https://repozitorij.unizg.hr/islandora/object/foi:513/datastream/PDF/download https://repozitorij.unizg.hr/islandora/object/foi%3A513,https://dabar.srce.hr/en/islandora/object/foi%3A513,,,2599043938,,0,002-534-435-127-422; 005-116-312-278-527; 010-086-703-646-194; 010-425-787-869-822; 016-123-869-009-118; 019-698-064-288-240; 020-487-672-459-141; 026-787-086-442-120; 030-136-936-524-671; 032-246-414-391-330; 032-697-093-668-898; 033-667-214-179-329; 035-381-853-639-810; 036-132-248-316-123; 037-789-654-228-885; 038-617-328-415-920; 038-668-970-194-854; 038-793-093-462-716; 044-458-688-648-965; 045-449-268-226-880; 047-937-309-229-62X; 050-239-836-136-054; 052-052-141-922-342; 058-268-994-058-657; 058-802-719-897-373; 060-650-561-577-338; 069-199-916-826-078; 071-771-810-100-152; 072-712-275-844-913; 073-582-404-994-103; 077-287-216-746-675; 078-856-904-218-693; 079-639-054-473-422; 081-437-161-307-223; 088-850-103-072-175; 089-373-543-566-272; 090-068-563-961-709; 090-792-295-657-205; 095-437-078-101-003; 111-090-978-711-139; 111-347-025-588-953; 119-026-547-881-771; 129-360-320-775-188; 130-642-909-511-67X; 132-081-686-366-385; 133-397-275-695-990; 134-927-490-231-285; 137-030-298-496-518; 137-779-759-473-584; 138-735-529-589-081; 140-402-089-386-286; 141-182-449-198-823; 162-864-397-044-696; 167-675-522-662-522; 170-299-458-679-224; 180-327-460-336-608; 181-091-839-882-521; 188-762-236-378-448; 190-065-821-748-92X,0,false,,
114-962-716-707-687,Challenges to Digital Forensic Evidence,2005-09-19,2005,book chapter,Forensic Computer Crime Investigation,,CRC Press,,Thomas A. Johnson,,,,173,202,Data science; Digital forensics,,,,,https://content.taylorfrancis.com/books/download?dac=C2006-0-16056-0&isbn=9780429247491&doi=10.1201/9781420028379-13&format=pdf https://www.taylorfrancis.com/books/9780429247491/chapters/10.1201/9781420028379-13,http://dx.doi.org/10.1201/9781420028379-13,,10.1201/9781420028379-13,2999078137,,0,,0,false,,
114-976-379-033-024,Review of the accreditation of digital forensics in China,2018-07-03,2018,journal article,Forensic sciences research,24711411; 20961790,Informa UK Limited,England,Hong Guo; Junlei Hou,"As a result of the many developments in information technology, digital evidence plays an increasingly important role in criminal and civil litigation. Because digital evidence is necessary for litigation, the judicial system must be assured of its accuracy, reliability, and verifiability, which can be assured by accreditation. This paper focuses on a comparison of the evolution of the accreditation of digital forensics internationally and domestically, discusses the existing problems that such accreditation encounters, and proposes the corresponding solutions. Moreover, this paper discusses the future of digital forensic laboratory accreditation and its implementation.",3,3,194,201,Engineering management; Information technology; Engineering; China; Digital evidence; Civil litigation; Reliability (statistics); Accreditation; Digital forensics,Accreditation; digital forensics; forensic science; methodology; personnel training,,,National Key Research and Development Program of China; Shanghai Forensic Service Platform; Shanghai Key Laboratory of Forensic Medicine,https://pubmed.ncbi.nlm.nih.gov/30483669/ https://doaj.org/article/8f9b08b437904df595539a131ea9c9a5 https://www.tandfonline.com/doi/full/10.1080/20961790.2018.1503526 https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6201810 https://europepmc.org/article/MED/30483669,http://dx.doi.org/10.1080/20961790.2018.1503526,30483669,10.1080/20961790.2018.1503526,2895746766,PMC6201810,0,085-669-579-012-375,4,true,"CC BY, CC BY-NC",gold
115-036-799-197-654,ISSA - Towards a Digital Forensic Readiness Framework for Public Key Infrastructure systems,,2011,conference proceedings article,2011 Information Security for South Africa,,IEEE,,Aleksandar Valjarevic; Hein S. Venter,"The Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, store, distribute, and revoke digital certificates [18]. PKI systems are today one of the most accepted and used technologies to enable successful implementation of information systems security services such as authentication and confidentiality. Digital forensics is a branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime [2][3]. A forensic investigation of digital evidence is commonly employed as a post-event response to a serious information security incident. In fact, there are many circumstances where an organization may benefit from an ability to gather and preserve digital evidence before an incident occurs. Digital forensic readiness enables an organization to maximize its potential to use digital evidence whilst minimizing the costs of an investigation [7]. The problem that this paper addresses is that there is no Digital Forensic Readiness Framework for PKI systems, thus not enabling an implementation of Digital Forensic Readiness measures to PKI systems. This paper focuses on defining the basic postulates of a Digital Forensic Readiness Framework for PKI systems. The authors investigate a model that can be proposed to accomplish this and also certain policies, guidelines and procedures which can be followed. When proposing the framework the authors take into account requirements for preserving or improving information security and not to interfere with the existing PKI systems' business processes.",,,1,10,Public key certificate; Information system; Public-key cryptography; Digital evidence; Computer security; Computer science; Information security; Computer forensics; Public key infrastructure; Digital forensics,,,,,http://ieeexplore.ieee.org/document/6027536/ http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000006027536 https://dblp.uni-trier.de/db/conf/issa/issa2011.html#ValjarevicV11 https://ieeexplore.ieee.org/abstract/document/6027536,http://dx.doi.org/10.1109/issa.2011.6027536,,10.1109/issa.2011.6027536,2101502851,,0,015-676-683-585-284; 015-868-814-003-691; 020-944-423-224-895; 021-486-901-460-202; 030-415-006-904-231; 038-668-970-194-854; 052-372-203-604-706; 058-205-117-706-853; 072-245-054-212-971; 111-090-978-711-139; 113-769-491-576-864; 121-470-066-080-79X; 158-320-064-405-609; 184-948-841-629-735; 199-745-676-923-766,26,true,,green
115-204-360-176-558,AEACFE System—An Intelligent Digital Forensic System,2018-09-29,2018,book chapter,Advances in Intelligent Systems and Computing,21945357; 21945365,Springer Singapore,,Shruti B. Yagnik; Esan P. Panchal,"The significant increase in cyber crime has led to an increasing demand for researches to be done on cyber forensics. Cyber forensic investigation paradigm is laborious and requires significant expertise on the part of the investigators. There are various cyber forensic tools that are available in the market to analyze cyber forensic evidences. Those tools need manual intervention to make analysis and generate reports accordingly. Analysis of cyber forensic evidences needs to be automated such that investigator can directly conclude cyber forensic case. Taking and preserving evidences and analyzing evidences become a need of the hour. This paper highlights the various phases in which automation is a substitute for manual evidence taking and analysis. Evidences are automatically taken and analyzed without much intervention of the investigators. This method makes use of special kind of machine learning algorithms which aids in these situations. Machine learning algorithm analyzes digital evidences and presents hidden features to digital forensic investigators that may useful to make decision of digital forensic crime. Hence, this work is a complete fusion of cyber forensics and machine learning.",,,409,416,Automation; Data science; Cyber crime; Computer science; Digital forensics,,,,,https://link.springer.com/chapter/10.1007/978-981-13-1165-9_38 https://rd.springer.com/chapter/10.1007/978-981-13-1165-9_38,http://dx.doi.org/10.1007/978-981-13-1165-9_38,,10.1007/978-981-13-1165-9_38,2894247182,,0,024-216-399-693-64X; 038-668-970-194-854; 061-549-181-856-861; 134-927-490-231-285; 153-815-009-650-794; 170-299-458-679-224,2,false,,
115-862-137-088-04X,MIPRO - Using DEMF in process of collecting volatile digital evidence,,2016,conference proceedings article,"2016 39th International Convention on Information and Communication Technology, Electronics and Microelectronics (MIPRO)",,IEEE,,Miroslav Bača; Jasmin Ćosić; Petra Grd,"Acquisition of volatile data for further forensic analysis still represents a challenge to both practitioners and researchers. The current tools used for acquisition of such data are focused exclusively on a way to capture content. However, the development of forensic science, in particular in the area of digital evidence in terms of the admissibility in court, has introduced additional elements to be evaluated. Mainly, the integrity of the collected digital evidence, authenticity and other elements of the digital chain of evidence to be presented in court. This paper describes a framework for capturing volatile data using Digital Evidence Management Framework (DEMF) with regards to integrity of captured data.",,,1442,1446,Chain of custody; World Wide Web; Data acquisition; Work in process; Data science; Digital evidence; Random access memory; Computer science; Metadata,,,,,https://dblp.uni-trier.de/db/conf/mipro/mipro2016.html#BacaCG16 https://ieeexplore.ieee.org/document/7522366/ http://ieeexplore.ieee.org/document/7522366/ https://www.bib.irb.hr/860134,http://dx.doi.org/10.1109/mipro.2016.7522366,,10.1109/mipro.2016.7522366,2499525693,,0,090-792-295-657-205; 144-124-797-675-052; 159-584-170-360-868,1,false,,
116-008-751-288-053,GCCE - An Encapsulated Approach of Forensic Model for digital investigation,,2014,conference proceedings article,2014 IEEE 3rd Global Conference on Consumer Electronics (GCCE),,IEEE,,Gulshan Shrivastava; Brij B. Gupta,"Digital forensic investigation is the methodical restoration of evidences collected as a consequence of exploration of concrete happenings based on digital data. After analyzing all the historical approaches used in existing models, their merits and demerits are conferred and an Encapsulated Approach of Forensic (EAF) Model is proposed; which encapsulates all the phases of digital investigation. It gives a systematic, meticulous and step-by-step procedure; from identification of facts and evidences to presentation of results by the investigator in front of investigating organization.",,,280,284,Forensic science; Data science; Presentation; Digital forensic investigation; Computer security; Computer science; Data modeling; Identification (information); Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/gcce/gcce2014.html#ShrivastavaG14 http://dblp.uni-trier.de/db/conf/gcce/gcce2014.html#ShrivastavaG14 http://ieeexplore.ieee.org/document/7031241/ https://ieeexplore.ieee.org/document/7031241/,http://dx.doi.org/10.1109/gcce.2014.7031241,,10.1109/gcce.2014.7031241,1973693296,,0,004-872-169-627-620; 005-515-442-506-880; 008-047-275-222-577; 020-944-423-224-895; 038-668-970-194-854; 065-633-470-283-075; 090-251-279-522-579; 090-390-906-646-037; 120-697-354-224-33X; 132-355-634-397-986; 140-821-103-436-654; 143-562-788-834-457; 170-299-458-679-224,12,false,,
116-407-767-962-450,What Is Digital Forensics?,2020-05-20,2020,book chapter,Fundamentals of Digital Forensics,,Springer International Publishing,,Joakim Kävrestad,"This chapter introduces the concept of digital forensics and provides a discussion of what computer forensics is, examining data in order to reconstruct what happened in a digital environment. Further, the chapter discusses the steps involved in a forensic examination in a digital environment, from collecting evidence to reporting on the findings of the examination. Common constraints and processes handled during a forensics examination are also introduced. Emphasis is put on making the reader understand the reason for a computer forensic examination and the fact computer forensics follows the same rules and regulations as traditional forensic disciplines. The fact that a forensic examination is commonly initiated for a reason, answering some question, is also described. The aim of the chapter is to provide the reader with a brief and nontechnical overview of the subject digital forensics. As such, the chapter can be read and understood without any technical knowledge.",,,3,7,Computer forensics; Digital forensics; Forensic examination; Digital evidence; Computer science; Subject (documents); Data science; Computer security,,,,,,http://dx.doi.org/10.1007/978-3-030-38954-3_1,,10.1007/978-3-030-38954-3_1,,,0,,0,false,,
116-409-674-094-323,Federal Rules of Evidence 2006,,2008,book chapter,Understanding Forensic Digital Imaging,,Elsevier,,,,,,369,381,Federal Rules of Evidence; Rules of evidence; Computer science,,,,,,http://dx.doi.org/10.1016/b978-0-12-370451-1.00026-3,,10.1016/b978-0-12-370451-1.00026-3,,,0,,0,false,,
116-426-342-165-222,Digital Evidence: Disclosure and Admissibility in the United Kingdom Jurisdiction,,2016,book chapter,"Global Security, Safety and Sustainability - The Security Challenges of the Connected World",18650929; 18650937,Springer International Publishing,Germany,Reza Montasari,"Digital forensics, originally known as computer forensics, first presented itself in the 1970s. During the first investigations, financial fraud proved to be the most common cause on suspects’ computers. Since then, digital forensics has grown in importance in situations where digital devices are used in the commission of a crime. The original focus of digital forensic investigations was on crimes committed through computers. However, over the past few years, the field has extended to include various other digital devices in which digitally stored information can be processed and used for different types of crimes. This paper explores how the admissibility of digital evidence is governed within the United Kingdom jurisdictions.",,,42,52,Internet privacy; Common cause and special cause; Political science; Commission; Jurisdiction; Digital evidence; Financial fraud; Computer forensics; Digital forensics,,,,,https://link.springer.com/chapter/10.1007/978-3-319-51064-4_4/fulltext.html https://link.springer.com/chapter/10.1007%2F978-3-319-51064-4_4 https://rd.springer.com/chapter/10.1007/978-3-319-51064-4_4 https://cronfa.swan.ac.uk/Record/cronfa54947 https://pure.hud.ac.uk/en/publications/digital-evidence-disclosure-and-admissibility-in-the-united-kingd,http://dx.doi.org/10.1007/978-3-319-51064-4_4,,10.1007/978-3-319-51064-4_4,2566219375,,0,000-557-324-827-169; 005-392-088-749-603; 005-515-442-506-880; 007-314-571-885-858; 010-086-703-646-194; 019-831-293-743-518; 020-063-485-019-66X; 020-944-423-224-895; 021-486-901-460-202; 021-850-998-857-676; 024-711-735-736-003; 026-774-296-742-022; 030-706-989-114-061; 031-234-153-523-379; 043-858-213-986-473; 047-630-600-014-492; 049-404-833-736-24X; 052-052-141-922-342; 063-274-848-736-685; 074-014-335-505-388; 082-061-692-717-698; 083-312-117-071-763; 092-058-232-746-872; 092-470-623-967-183; 098-323-575-091-372; 111-741-773-111-021; 120-697-354-224-33X; 120-916-795-553-371; 125-384-800-661-375; 132-355-634-397-986; 134-927-490-231-285; 140-402-089-386-286; 140-821-103-436-654; 151-378-930-836-964; 162-110-149-751-921; 173-034-553-635-460; 179-881-224-143-743; 180-327-460-336-608; 190-065-821-748-92X; 190-872-133-741-434; 192-810-463-153-431; 198-033-623-455-32X; 199-745-676-923-766,3,false,,
116-690-629-016-841,X-Ways Forensics Platform For Digital Forensics Examiners,2022-07-26,2022,journal article,Advances in Multidisciplinary and scientific Research Journal Publication,24888699,Creative Research Publishers,,Seth Adjei Gyimah,"<jats:p>Digital Forensics &amp; Cyber Security  Graduate Programme  Department Of Information Systems &amp; Innovations Ghana Institute of Management &amp; Public Administration Greenhill, Accra, Ghana E-mails: sethadjeigyimah@gmail.com/ seth-adjei.gyimah@st.gimpa.edu.gh Phone: +233244475540   ABSTRACT  Crime has evolved over the years from its traditional form to digital crimes. Those who commit such crimes use advanced and sophisticated tools, equipment and techniques to perpetuate such crimes. In order to effectively and efficiently investigate, examine and gather evidence from such complex crimes, digital examiners have to employ various tools and techniques to analyze, extract and recover data as evidence to assist in prosecution of the perpetrators of the crime.  This paper analyzes X-Ways Forensics platform which is an application software for forensic examiners as a forensic tool for data extraction, analysis and recovery. Dr. Larry Leibrock, Founder and CTO of eForensics revealed his admiration for X-Ways Forensics application when he said “As a professional forensics examiner, I have used X-Ways Forensics as a forensics instrument in recovering and analyzing digital information. I have tested and validated the professional version and it has proved to be accurate and trustworthy in its reporting. I have the highest level of confidence in X-Ways Forensics efficacy in digital forensics cases. I am confident that the tool and my use of this instrument would stand legal review and opposing challenge.”   Keywords: X_ways, Cybersecurity, Forensics, Detection, Cyber space, Examiners  BOOK Chapter ǀ Research Nexus in IT, Law, Cyber Security &amp; Forensics. Open Access. Distributed Free  Citation: Seth Adjei  Gyimah (2022): X-Ways Forensics Platform For Digital Forensics Examiners Book Chapter Series on Research Nexus in IT, Law, Cyber Security &amp; Forensics. Pp 353-356 www.isteams.net/ITlawbookchapter2022. dx.doi.org/10.22624/AIMS/CRP-BK3-P56</jats:p>",1,1,353,356,Digital forensics; Digital evidence; Computer forensics; Computer science; Computer security; Commit; Internet privacy; Database,,,,,,http://dx.doi.org/10.22624/aims/crp-bk3-p56,,10.22624/aims/crp-bk3-p56,,,0,,0,true,,bronze
117-095-420-741-153,On Integrating Mobile Applications into the Digital Forensic Investigative Process,,2013,journal article,International Journal of Advanced Computer Science and Applications,2158107x; 21565570,The Science and Information Organization,,April Tanner; Soniael Duncan,"What if a tool existed that allowed digital forensic investigators to create their own apps that would assist them with the evidence identification and collection process at crime scenes? First responders are responsible for ensuring that digital evidence is examined in such a way that the integrity of the evidence is not jeopardized. Furthermore, they play a pivotal part in preserving evidence during the collection of evidence at the crime scene and transport to the laboratory. This paper proposes the development of a mobile application that can be developed for or created by a first responder to assist in the identification, acquisition, and preservation of digital evidence at a crime scene. Keywords—mobile device forensics; digital forensics; forensic process, forensic models; MIT App Inventor I. INTRODUCTION Digital Forensics involves the identification, preservation, collection, examination, and analysis of digital devices. These devices include, but are not limited to, digital cameras, flash drives, computers, internal and external memory drives, mobile devices, etc. Some mobile devices that can be examined include graphic tablets, cell phones, smart phones, CDs, DVDs, and MP3s. Digital evidence has to be collected under certain parameters as to maintain the integrity of the investigation. This process is referred to as a forensic process. While there is not a concrete set of rules for the forensic process there are models that have been proposed to aid in trying to eliminate damage and contamination that can occur at crime scenes. This paper identifies the types of damage and contamination that can occur at crime scenes when inexperienced first responders arrive at the scene; in addition, we discuss the models that address the preservation and acquisition of evidence at crime scenes, and also explore possible solutions to aid first responders in utilizing techniques to preserve digital evidence at the scene of the crime. In this paper, we propose the development and implementation of a mobile application that first responders can create and use as a guide when identifying, preserving, collecting, and securing evidence. As a result, this application would be useful in assisting first responders during the acquisition process of a digital forensics investigation.",4,8,,,Forensic science; Crime scene; Mobile device; Data science; Digital evidence; Computer security; Computer science; Network forensics; Computer forensics; Mobile device forensics; Identification (information); Digital forensics,,,,,https://thesai.org/Downloads/Volume4No8/Paper_9-On_Integrating_Mobile_Applications_into_the_Digital_Forensic.pdf https://thesai.org/Publications/ViewPaper?Volume=4&Issue=8&Code=IJACSA&SerialNo=9,http://dx.doi.org/10.14569/ijacsa.2013.040809,,10.14569/ijacsa.2013.040809,2145109049,,0,100-246-306-965-821; 171-464-767-472-377,1,true,cc-by,hybrid
117-206-617-862-919,IFIP Int. Conf. Digital Forensics - An Integrated System for Insider Threat Detection,,,book chapter,Advances in Digital Forensics III,,Springer New York,,Daniel A. Ray; Phillip G. Bradford,"This paper describes a proof-of-concept system for detecting insider threats. The system measures insider behavior by observing a user’s processes and threads, information about user mode and kernel mode time, network interface statistics, etc. The system is built using Microsoft’s Windows Management Instrumentation (WMI) implementation of the Web Based Enterprise Management (WBEM) standards. It facilitates the selection and storage of potential digital evidence based on anomalous user behavior with minimal administrative input.",,,75,86,Network interface; Insider threat; Insider; Digital evidence; Windows management instrumentation; Computer security; Computer science; Mode (computer interface); Anomaly detection; Kernel (statistics),,,,,https://link.springer.com/content/pdf/10.1007%2F978-0-387-73742-3_5.pdf https://link.springer.com/10.1007/978-0-387-73742-3_5 https://link.springer.com/chapter/10.1007/978-0-387-73742-3_5 https://dblp.uni-trier.de/db/conf/ifip11-9/df2007.html#RayB07 https://rd.springer.com/chapter/10.1007/978-0-387-73742-3_5,http://dx.doi.org/10.1007/978-0-387-73742-3_5,,10.1007/978-0-387-73742-3_5,1513549866,,0,001-711-715-297-491; 003-074-429-408-537; 013-246-076-655-612; 014-022-011-253-069; 029-762-441-634-02X; 034-183-561-604-364; 093-312-453-177-957; 125-608-548-358-496; 130-919-597-852-457; 144-516-734-875-893; 153-852-808-629-003; 163-242-204-925-228; 168-194-168-895-890; 182-405-620-475-695; 198-508-847-136-56X,0,true,,bronze
117-319-780-113-791,Teaching computer forensics course: challenges and opportunities,2017-06-01,2017,journal article,Journal of Computing Sciences in Colleges,19374763,,,Yana Kortsarts,"Computer forensics, still a relatively new discipline in computer security, focuses on finding digital evidence after a computer security incident has occurred. Computer forensics is the scientific examination and analysis of data held on, or retrieved from, computer storage media in such a way that the information can be used as evidence in a court of law. Computer evidence is often transparently created by the operating system without the knowledge of the computer user. The information may be hidden from view. To find it, special forensic software tools and techniques are required. Technology is expanding at a fast rate, and along with the increased use of computers, the Internet, and digital devices comes an increase in digital crime. With the increased use of computers to commit crimes, a need has rapidly developed for forensic experts to extract useful information from computer evidence. Computer forensics is a fast-growing field with high long-term projected demand for trained professionals.",32,6,208,209,The Internet; World Wide Web; Forensic science; Computer literacy; Data science; Digital evidence; Computer science; Network forensics; Information and Computer Science; Computer forensics; Digital forensics,,,,,https://dl.acm.org/citation.cfm?id=3069693,https://dl.acm.org/citation.cfm?id=3069693,,,2727309882,,0,074-246-041-325-050; 085-214-277-668-01X,0,false,,
117-509-642-665-78X,A Study on Development of Digital Forensic Capability Evaluation Indices,2015-10-31,2015,journal article,Journal of the Korea Institute of Information Security and Cryptology,15983986,Korea Institute of Information Security and Cryptology,,Hee-il Park; Jongseong Yoon; Sangjin Lee,"ABSTRACT With the acceleration of information digitization caused by fas t growth of Information Technology, the application of digital forensics has increased but it is underestimated becaus e digital evidence is easy to forge. Especially, the evaluation of the reliability of digital forensics organization is judged onl y by judges domestically because there is no objective verification system or evaluation method of the capability of d igital forensics organization. Therefore, the evaluation model and indices of the capability of digital forensics concentrated on the digital forensics organization, personnel, technology, facilities and the procedure in domestic justice system was pre sented in this research after reviewing the domestic and foreign evaluation method and the standard of the capability of digital forensics and informati on security. The standard for judicial evaluation of digital evidence and composition, manage ment, evaluation of digital forensics organization would be presented based on this research.Keywords: Digital Forensics, Digital Forensic Capability Evaluation, Cap ability Evaluation Indices",25,5,1153,1166,Information technology; Digitization; Digital evidence; Verification system; Evaluation methods; Computer security; Computer science; Reliability (statistics); Digital forensics,,,,,https://www.kci.go.kr/kciportal/ci/sereArticleSearch/ciSereArtiView.kci?sereArticleSearchBean.artiId=ART002042112 http://koreascience.or.kr/article/ArticleFullRecord.jsp?cn=JBBHCB_2015_v25n5_1153,http://dx.doi.org/10.13089/jkiisc.2015.25.5.1153,,10.13089/jkiisc.2015.25.5.1153,2343682835,,0,029-632-996-742-459; 035-200-969-642-039; 067-938-325-014-282; 083-578-059-674-117,1,true,,bronze
117-594-679-776-482,A Proposed Model of Digital Forensic on Cloud Computing Security Infrastructure,2018-07-30,2018,journal article,International Journal of Innovation in Enterprise System,25803050,Telkom University,,Mohammad Hafiz Hersyah,"Over the past decades, practitioners and researchers have made remarkable achievements in digital forensic. The abilities to conquer major technical obstacles are bestowing practitioners greater access to digital evidence. Sophisticated forensic techniques and tools are being developed to assist forensic acquisition and extraction of volatile data, inspection of remote repositories system and analysis of network traffic. Computer forensic is a comprehensive work that based on several attributes that are : objectivity, relevance and legitimacy to compose a system model that projected to be an electronic evidence forensic system. Latest studies show that the rapid growing of cloud computing facilities usage that has enable various improvements as part of the innovation process at organisations. Information systems are in frequently exposed to various types of threats which able to trigger different types of bad consequences as more and more information stored, problems arise especially about security information technology risk aspects.; Keywords—computer forensic, cloud computing, electronic evidence forensic system, security, information technology risk, information system",2,02,18,23,System model; Information system; Cloud computing security; IT risk; Data science; Digital evidence; Computer science; Cloud computing; Digital forensics; Relevance (information retrieval),,,,,https://www.neliti.com/publications/349400/a-proposed-model-of-digital-forensic-on-cloud-computing-security-infrastructure https://ijies.sie.telkomuniversity.ac.id/index.php/IJIES/article/download/21/19 https://core.ac.uk/download/pdf/295356391.pdf,http://dx.doi.org/10.25124/ijies.v2i02.21,,10.25124/ijies.v2i02.21,2912999517,,0,035-448-415-847-226; 190-025-622-260-327,0,true,,gold
117-828-751-731-713,ISDFS - The Role of Machine Learning in Digital Forensics,,2020,book,2020 8th International Symposium on Digital Forensics and Security (ISDFS),,IEEE,,Abdalbasit Mohammed Qadir; Asaf Varol,"Digital forensics, as a branch of the forensic sciences, is facing new challenges from the aspect that potential digital evidence is growing and expanding. Rapid development in the fields of computer science and information technology provides innovative techniques for digital investigations. In this paper, the important role of machine learning is explained as an application of artificial intelligence, and how it can be used to analyse large amounts of diverse datasets in order to reveal any criminal behaviour and intent through learning from previous and historical activities to predict criminal behaviours in the future.",,,1,5,Machine learning; Information technology; Artificial intelligence; Digital evidence; Criminal behaviour; Computer science; Digital forensics,,,,,https://ieeexplore.ieee.org/abstract/document/9116298 https://dblp.uni-trier.de/db/conf/isdfs/isdfs2020.html#QadirV20,http://dx.doi.org/10.1109/isdfs49300.2020.9116298,,10.1109/isdfs49300.2020.9116298,3036099181,,0,003-778-685-613-826; 004-562-487-736-159; 006-806-033-749-765; 010-346-798-988-493; 012-951-791-733-306; 013-347-340-415-929; 016-145-301-135-450; 016-501-316-469-881; 030-351-009-711-953; 031-065-716-152-168; 032-760-465-037-173; 036-318-056-062-638; 037-304-752-152-900; 038-575-522-957-560; 052-512-756-984-51X; 067-978-433-455-065; 098-346-650-110-898; 102-117-623-922-990; 114-024-002-725-962; 124-959-019-336-468; 136-483-930-123-113; 150-289-924-980-74X; 168-977-532-644-731; 182-251-135-147-621; 190-546-706-723-812,7,false,,
118-921-122-290-09X,IFIP Int. Conf. Digital Forensics - A LOG FILE DIGITAL FORENSIC MODEL,,2012,book chapter,IFIP Advances in Information and Communication Technology,18684238; 18612288; 1868422x; 15715736,Springer Berlin Heidelberg,Germany,Himal Lalla; Stephen Flowerday; Tendai Sanyamahwe; Paul Tarwireyi,"This paper describes a digital forensic model for investigating computer networks, focusing specifically on network log mining. A thorough examination of log files is needed to reveal the hidden actions of criminals in computer networks. The proposed model specifies the steps that forensic investigators can follow with regard to the extraction and examination of digital evidence from log files for use in legal proceedings.",,,247,259,Web log analysis software; World Wide Web; Digital evidence; Log mining; Computer science; Network forensics; Digital forensics,,,,,https://link.springer.com/content/pdf/10.1007%2F978-3-642-33962-2_17.pdf https://hal.inria.fr/hal-01523708/document https://rd.springer.com/chapter/10.1007/978-3-642-33962-2_17 https://hal.inria.fr/hal-01523708 https://link.springer.com/chapter/10.1007/978-3-642-33962-2_17 https://dblp.uni-trier.de/db/conf/ifip11-9/df2012.html#LallaFST12,http://dx.doi.org/10.1007/978-3-642-33962-2_17,,10.1007/978-3-642-33962-2_17,1508226546,,0,001-170-920-458-777; 007-066-403-548-609; 010-086-703-646-194; 012-361-730-556-510; 015-086-753-305-381; 019-698-064-288-240; 020-944-423-224-895; 021-486-901-460-202; 021-850-998-857-676; 032-697-093-668-898; 033-877-222-136-260; 038-668-970-194-854; 041-145-605-154-681; 047-630-600-014-492; 058-736-328-857-558; 061-323-368-391-863; 074-261-096-208-674; 079-993-250-115-392; 104-096-578-552-005; 105-427-271-392-801; 124-602-316-098-708; 128-450-652-988-596; 151-126-879-730-038; 170-299-458-679-224; 190-065-821-748-92X; 199-745-676-923-766,6,true,cc-by,green
118-998-556-606-739,The Impact of Digital Evidence in Forensic Laboratories,,2021,journal article,Forensic Science International: Synergy,2589871x,Elsevier BV,,Tracy Walraven,,3,,100178,,Engineering; Forensic science; Data science; Digital evidence,,,,,https://api.elsevier.com/content/article/PII:S2589871X21000486?httpAccept=text/xml,http://dx.doi.org/10.1016/j.fsisyn.2021.100178,,10.1016/j.fsisyn.2021.100178,3208116366,,0,,0,true,"CC BY, CC BY-NC-ND",gold
119-051-858-123-067,A Study on Maritime Digital Forensic with Necessity,,2008,journal article,The Journal of the Korea institute of electronic communication sciences,19758170,,,Gyu-An Lee,"Marine accidents show various causes and effects in Korea where 3 sides of the country are surrounded by the ocean. Every year, 600 to 700 marine accidents occur mostly by small fishing boats. There are repeated accidents which involve crashes of coastal ships with fishing boats, which produce casualties and massive environmental hazard and the need for underwater search for shipwrecks. From the beginning of 21st century, the decrease of large ships with large number of crews led to the emergence of digitalvessels and the digital data storage of the installed equipments on the vessels, marine digital forensic - the extraction and analysis of the stored digital data within digital vessels - became necessary. This article is intended to suggest marine digital forensics as a solution of collecting evidence for discovering the causes, liabilities and compensations of marine accidents.",3,4,204,209,Engineering; Environmental hazard; Digital data; Digital Data Storage; Digital evidence; Fishing; Forensic engineering; Digital forensics,,,,,http://www.koreascience.or.kr/article/ArticleFullRecord.jsp?cn=KCTSAD_2008_v3n4_204,http://www.koreascience.or.kr/article/ArticleFullRecord.jsp?cn=KCTSAD_2008_v3n4_204,,,2400191225,,0,,1,false,,
119-393-361-170-802,Faster File Imaging Framework for Digital Forensics,,2015,journal article,Procedia Computer Science,18770509,Elsevier BV,,Neha Kishore; Bhanu Kapoor,"Abstract The use of digital forensics tools has become common in typical crime investigations involving computing and communication devices. As with any evidence in criminal investigations, the preservation of digital evidence is of critical importance for the success of the investigation. Cryptographic Hash Functions (CHFs) are used by digital forensic tools to ensure the preservation of digital evidence during the acquisition and analysis of evidence. These tools make the use of the CHFs during the acquisition process to ensure that the created image of the evidence is accurate. The CHFs that are currently in use are serial in nature and can be time consuming when working with the large data sets. We propose a new parallel CHF transformation to speed up the image creation process by a factor of 6.5 over existing methods. We discuss the use of the parallel algorithm in the image creation process and compare the results with the existing sequential methods.",49,,74,81,Criminal investigation; Data mining; CHFS; Digital evidence; Computer science; Process (engineering); Cryptographic hash function; SHA-1; Digital forensics,,,,,http://www.sciencedirect.com/science/article/pii/S1877050915007383 https://core.ac.uk/display/82323347 https://www.sciencedirect.com/science/article/abs/pii/S1877050915007383 https://www.sciencedirect.com/science/article/pii/S1877050915007383 https://core.ac.uk/download/pdf/82323347.pdf,http://dx.doi.org/10.1016/j.procs.2015.04.229,,10.1016/j.procs.2015.04.229,831794578,,0,029-099-495-279-336; 030-121-862-351-330; 030-229-281-428-189; 035-596-177-483-109; 038-668-970-194-854; 056-831-726-504-70X; 083-874-058-446-063; 134-927-490-231-285; 154-388-664-351-152; 157-369-788-606-44X; 159-160-746-436-214,2,true,,gold
119-610-724-897-364,"A 20,000-foot View of the Wireless Telephone System",,2017,book chapter,Cell Phone Location Evidence for Legal Professionals,,Elsevier,,Larry Daniel,,,,17,22,Telephone line; DMS-100; Engineering; Mobile radio telephone; Telephone switchboard; Telephone network; Class 4 telephone switch; Computer network; Class 5 telephone switch; Telephone exchange; Telecommunications,,,,,https://www.sciencedirect.com/science/article/pii/B9780128093979000031,http://dx.doi.org/10.1016/b978-0-12-809397-9.00003-1,,10.1016/b978-0-12-809397-9.00003-1,2691164893,,0,,0,false,,
120-031-812-264-697,Understanding Anti-Forensics Techniques for Combating Digital Security Breaches and Criminal Activity,,2020,book chapter,Digital Forensics and Forensic Investigations,,IGI Global,,Ricardo Marques; Alexandre Mota; Lia Mota,"<jats:p>This chapter deals with the understanding of techniques that are used to create damage to the expert in an investigative process. The name used for these techniques is called anti-forensics, whose mission is to conceal, remove, alter evidence, or make inaccessible a cybercrime. These techniques aim to make the work of the slower expert or difficult to reach a conclusion; however, this chapter will explore some techniques used as measures to subvert digital evidence through anti-forensic measures. </jats:p>",,,365,373,Cybercrime; Digital forensics; Computer forensics; Digital evidence; Computer security; Computer science; Process (computing); Criminal investigation; Internet privacy; Data science,,,,,,http://dx.doi.org/10.4018/978-1-7998-3025-2.ch026,,10.4018/978-1-7998-3025-2.ch026,,,0,,0,false,,
120-253-559-901-026,Digital Forensics in the Era of Artificial Intelligence,2022-05-05,2022,book,,,CRC Press,,Nour Moustafa,"Digital forensics plays a crucial role in identifying, analysing, and presenting cyber threats as evidence in a court of law. Artificial intelligence, particularly machine learning and deep learning, enables automation of the digital investigation process. This book provides an in-depth look at the fundamental and advanced methods in digital forensics. It also discusses how machine learning and deep learning algorithms can be used to detect and investigate cybercrimes. This book demonstrates digital forensics and cyber-investigating techniques with real-world applications. It examines hard disk analytics and style architectures, including Master Boot Record and GUID Partition Table as part of the investigative process. It also covers cyberattack analysis in Windows, Linux, and network systems using virtual machines in real-world scenarios. Digital Forensics in the Era of Artificial Intelligence will be helpful for those interested in digital forensics and using machine learning techniques in the investigation of cyberattacks and the detection of evidence in cybercrimes.",,,,,Digital forensics; Computer forensics; Computer science; Digital evidence; Network forensics; Process (computing); Artificial intelligence; Computer security; Automation; Analytics; Data science,,,,,,http://dx.doi.org/10.1201/9781003278962,,10.1201/9781003278962,,,0,,0,false,,
120-283-434-693-435,Evidence and Cloud Computing: The Virtual Machine Introspection Approach.,,2013,,,,,,Rainer Poisel; Erich Malzer; Simon Tjoa,"Cloud forensics refers to digital forensics investigations performed in cloud computing environments. Nowadays digital investigators face various technical, legal, and organizational challenges to keep up with current developments in the field of cloud computing. But, due to its dynamic nature, cloud computing also offers several opportunities to improve digital investigations in cloud environments. The enormous available computing power can be leveraged to process massive amounts of information in order to extract relevant evidence. In the first part of this paper we focus on the current state-ofthe-art of affected fields of cloud forensics. The benefit for the reader of this paper is therefore a clear overview of the challenges and opportunities for scientific developments in the field of cloud forensics. As this paper represents an extended version of our paper presented at the ARES 2012 conference, we describe digital forensics investigations at the hypervisor level of virtualized environments in greater detail. cloud computing setups typically consist of several virtualized computer systems. Therefore we introduce the reader to the topic of evidence correlation within cloud computing infrastructures.",4,,135,152,Hypervisor; Distributed computing; Data science; Virtual machine introspection; Cloud forensics; Field (computer science); Focus (computing); Computer science; Process (engineering); Cloud computing; Digital forensics,,,,,http://isyou.info/jowua/papers/jowua-v4n1-7.pdf https://doi.org/10.22667/JOWUA.2013.03.31.135 https://dblp.uni-trier.de/db/journals/jowua/jowua4.html#PoiselMT13,https://dblp.uni-trier.de/db/journals/jowua/jowua4.html#PoiselMT13,,,2407024423,,0,000-087-695-314-553; 003-835-547-984-117; 004-022-528-441-49X; 007-067-041-476-760; 011-972-444-921-827; 015-264-924-343-905; 015-925-291-741-991; 018-919-282-622-761; 019-831-293-743-518; 024-952-897-231-953; 032-286-659-568-014; 032-761-363-352-02X; 034-773-286-616-44X; 035-223-520-491-228; 035-448-415-847-226; 038-914-873-897-532; 040-155-905-622-611; 041-719-597-940-972; 042-653-566-399-199; 047-600-704-780-223; 048-450-618-243-195; 049-446-135-635-21X; 049-641-296-634-035; 050-513-243-638-138; 050-612-532-454-179; 051-368-118-380-383; 052-152-063-024-042; 052-320-348-197-350; 053-754-642-826-159; 054-338-929-485-914; 056-122-492-187-163; 056-294-265-787-418; 057-421-097-368-120; 060-575-386-901-366; 063-128-918-481-572; 063-148-701-844-043; 075-962-601-774-828; 075-976-616-114-109; 079-070-981-899-105; 083-414-342-093-288; 088-132-206-137-473; 090-331-699-962-239; 091-619-263-117-914; 093-179-411-090-01X; 095-222-748-097-915; 095-691-114-276-825; 097-567-011-227-46X; 097-875-632-120-571; 098-369-078-956-009; 099-717-679-430-808; 111-134-876-516-879; 116-056-471-784-278; 119-385-247-230-234; 122-880-373-616-302; 134-927-490-231-285; 137-292-579-653-532; 139-052-313-432-986; 144-124-797-675-052; 153-474-160-113-956; 155-855-942-114-621; 158-468-997-833-921; 161-201-342-740-519; 166-178-398-716-39X; 170-108-067-251-840; 194-016-717-022-461; 199-745-676-923-766,29,false,,
120-454-127-510-479,ISSA - Guidelines for procedures of a harmonised digital forensic process in network forensics,,2012,conference proceedings article,2012 Information Security for South Africa,,IEEE,,George Sibiya; Hein S. Venter; Sipho Ngobeni; Thomas Fogwill,"Cloud computing is a new computing paradigm that presents fresh research issues in the field of digital forensics. Cloud computing builds upon virtualisation technologies and is distributed in nature. Depending on its implementation, the cloud can span across numerous countries. Its distributed nature and virtualisation introduces digital forensic research issues that include among others difficulty in identifying and collecting forensically sound evidence. Even if the evidence may be identified and essential tools for collecting the evidence are acquired, it may be illegal to access computer data residing beyond the jurisdiction of a forensic investigator. The investigator needs to acquire a search warrant that can be executed in a specific foreign country - which may not be a single country due to the distributed nature of the cloud. Obtaining warrants for numerous countries at once may be costly and time consuming. Some countries may also fail to comply with the demands of cloud forensics. Since the field of digital forensics is itself still in its infancy, it lacks standardised forensic processes and procedures. Thus, digital forensic investigators are able to collect evidence, but often fail in following a valid investigation process that is acceptable in a court of law. In addressing digital forensic issues such as the above, the authors are writing a series of papers that are aimed at providing guidelines for digital forensic procedures in a cloud environment. Live forensics and network forensics constitute an integral part of cloud forensics. A paper that deals with guidelines for digital forensic procedures in live forensics was submitted elsewhere. The current paper is therefore the second in a series where the authors propose and present guidelines for digital forensic procedures in network forensics. The authors eventually aim to have guidelines for digital forensic procedures in a cloud environment as the last paper in the series.",,,1,7,Data; Digital forensic process; Search warrant; Computer security; Computer science; Process (engineering); Network forensics; Computer forensics; Cloud computing; Digital forensics,,,,,https://researchspace.csir.co.za/dspace/handle/10204/6543 http://pta-dspace-dmz.csir.co.za/dspace/handle/10204/6543 https://ieeexplore.ieee.org/document/6320451/ https://dblp.uni-trier.de/db/conf/issa/issa2012.html#SibiyaVNF12,http://dx.doi.org/10.1109/issa.2012.6320451,,10.1109/issa.2012.6320451,2073008201,,0,011-550-234-148-733; 019-698-064-288-240; 030-142-639-835-212; 030-359-893-882-572; 031-579-216-572-877; 034-503-552-969-169; 055-075-538-156-691; 058-205-117-706-853; 060-808-935-547-406; 085-049-092-321-849; 109-482-615-363-500; 117-626-618-645-095; 120-697-354-224-33X; 136-947-053-479-806; 154-492-912-779-474; 166-605-689-815-076; 172-950-342-461-883,12,false,,
120-634-705-713-39X,Digital Forensic in Cloudsim,2014-12-11,2014,book chapter,Computational Intelligence in Data Mining - Volume 1,21903018; 21903026,Springer India,Germany,J. J. Shah; Latesh Malik,"Digital forensic is the method of providing digital evidence in order to prove the crime in digital world. In context of cloud environment the term digital forensics becomes more challenging due to dynamic and decentralized nature of cloud. The research proposes the digital forensic technique using Cloudsim. Cloud simulator is a powerful tool for modeling, simulating and carry out experimentation. This research presents digital forensic technique in context of cloud environment using cloudsim. The scenario of crime is created by hacking the client’s sensitive data, which is stored in cloud. The tiled bitmap algorithm is used to detect tampering of database on cloud server which presents the potential evidence. Also the proposed method is used to store the file on cloud server using timestamp and encryption method to avoid hacking. The research focuses on one of the category of crime that is tampering of data on cloud server.",,,563,572,Timestamp; Encryption; CloudSim; Context (language use); Digital evidence; Bitmap; Computer science; Database; Cloud computing; Digital forensics,,,,,https://rd.springer.com/chapter/10.1007/978-81-322-2205-7_52 https://link.springer.com/chapter/10.1007/978-81-322-2205-7_52,http://dx.doi.org/10.1007/978-81-322-2205-7_52,,10.1007/978-81-322-2205-7_52,148563964,,0,003-992-134-273-527; 009-372-939-859-569; 041-879-975-858-398; 063-600-821-499-481; 091-619-263-117-914; 093-778-033-321-400; 125-817-456-334-439; 136-798-153-498-59X; 144-124-797-675-052; 170-108-067-251-840; 199-732-324-695-074,1,false,,
120-820-821-223-194,Forensic acquisition on MP3 players,,2011,conference proceedings article,2011 International Conference on Pattern Analysis and Intelligence Robotics,,IEEE,,Sarah Khadijah Taylor; Mohd Izuan Effenddy Bin Yusof,"MP3 player, a portable digital music player used for playing songs, despite its popularity feature for storing audio files, can also be used to store other types of data, namely .doc, .pdf or .avi. Its portability makes it easy for users to store any data into the device. Investigators now need to be prepared for such devices, as they might contain evidence of a crime. To complicate things further, each MP3 player may have its own proprietary file system, format and technology. This paper will discuss the forensic acquisition on three types of MP3 player; Creative Zen Mosaic, Sony NZW E443 and Samsung YP-Q1.",1,,143,147,Engineering; Data type; MP3 player; Popularity; File system; Mosaic (geodemography); Multimedia; Computer forensics; Software portability; Digital audio,,,,,https://ieeexplore.ieee.org/document/5976885/,http://dx.doi.org/10.1109/icpair.2011.5976885,,10.1109/icpair.2011.5976885,2119417281,,0,027-147-017-496-425; 030-389-189-134-332,0,false,,
120-936-178-540-100,Digital forensics investigation jurisprudence: issues of admissibility of digital evidence,2020-07-31,2020,journal article,"Journal of Forensic, Legal & Investigative Sciences",2473733x,Herald Scholarly Open Access,,Abel Yeboah-Ofori; Akoto Derick Brown,"Digital Forensics investigations represent the science and legal process of investigating cybercrimes and digital media or objects to gather evidence. The digital evidence must prove that it has been used to commit a crime or used to gain unauthorized access. Digital Forensics investigations jurisprudence is the theory and philosophy of the study of law and the principles upon which a law is based. For digital evidence to appear at court and be legally admissible, the evidence must be authentic, accurate, complete, and convincing to the jury. Presenting digital forensic evidence at court has proved to be challenging, due to factors such as inadequate chain of custody, not maintaining legal procedures and inadequate evidential integrity. Following legal procedures in evidence gathering at a digital crime scene is critical for admissibility and prosecution. However, inadequate evidence gathering and maintaining accuracy, authenticity, completeness has prevented many cases to be inadmissible at court. This paper aims to discuss digital forensics investigations jurisprudence and the issues of authentic, accurate, complete, and convincing evidence leading to inadmissibility at court. To achieve the applicability of the study, we highlight the legal and technical factors required to harmonize these issues and how it could be addressed. This paper does not follow any forensic investigations process. Rather, it discusses how digital evidence could be admissible irrespective of the process implemented. The observations and outcomes of these legal criteria will contribute to the improvement of the evolving nature of digital evidence gathering phases.",6,1,1,8,Chain of custody; Internet privacy; Crime scene; Digital media; Jury; Legal process; Digital evidence; Computer science; Jurisprudence; Digital forensics,,,,,https://www.scilit.net/article/e17394e85b9e94a3191647c7d867a22e https://repository.uwl.ac.uk/id/eprint/8012/,http://dx.doi.org/10.24966/flis-733x/100045,,10.24966/flis-733x/100045,3080215576,,0,,3,true,cc-by,gold
121-485-457-832-591,Disconnects of Specialized Mobile Digital Forensics within the Generalized Field of Digital Forensic Science,,2020,book chapter,Digital Forensics and Forensic Investigations,,IGI Global,,Gregory H. Carlton; Gary C. Kessler,"<jats:p>The study and practice of forensic science comprises many distinct areas that range from behavioral to biological to physical and to digital matters, and in each area forensic science is utilized to obtain evidence that will be admissible within the legal framework. This article focuses on inconsistencies within the accepted methodology of digital forensics when comparing the current best practices of mobile digital devices and traditional computer devices. Here the authors raise the awareness of this disconnect in methodology, and they posit that some specific tasks within the traditional best practices of digital forensic science are artifacts of ritual rather than based on scientific requirements. </jats:p>",,,325,328,Digital forensics; Forensic science; Computer forensics; Field (mathematics); Computer science; Mobile device; Data science; Digital evidence; Best practice,,,,,,http://dx.doi.org/10.4018/978-1-7998-3025-2.ch022,,10.4018/978-1-7998-3025-2.ch022,,,0,123-275-701-676-787,0,false,,
121-524-737-571-153,How Cell Phone Location Evidence is Presented in Court,,2017,book chapter,Cell Phone Location Evidence for Legal Professionals,,Elsevier,,Larry Daniel,,,,49,57,Human–computer interaction; Data mining; RADIUS; Graphics; Phone; Computer science,,,,,http://www.sciencedirect.com/science/article/pii/B9780128093979000080 https://www.sciencedirect.com/science/article/pii/B9780128093979000080,http://dx.doi.org/10.1016/b978-0-12-809397-9.00008-0,,10.1016/b978-0-12-809397-9.00008-0,2673592312,,0,,0,false,,
121-807-002-846-726,Google Drive: Forensic Analysis of Cloud Storage Data Remnants,2013-10-14,2013,,Social Science Research Network,,,,Darren Quick; Kim-Kwang Raymond Choo,"Cloud storage is an emerging challenge to digital forensic examiners. The services are increasingly used by consumers, business, and government, and can potentially store large amounts of data. The retrieval of digital evidence from cloud storage services (particularly from offshore providers) can be a challenge in a digital forensic investigation, due to virtualisation, lack of knowledge on location of digital evidence, privacy issues, and legal or jurisdictional boundaries. Google Drive is a popular service, providing users a cost-effective, and in some cases free, ability to access, store, collaborate, and disseminate data. Using Google Drive as a case study, artefacts were identified that are likely to remain after the use of cloud storage, in the context of the experiments; on a computer hard drive and Apple iPhone3G, and the potential access point(s) for digital forensics examiners to secure evidence.",,,,,Internet privacy; Engineering; World Wide Web; Cloud storage; Context (language use); Digital evidence; Service (systems architecture); Network forensics; Virtualization; Computer forensics; Digital forensics,,,,,https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2340234 https://papers.ssrn.com/sol3/Delivery.cfm/SSRN_ID2340234_code2138273.pdf?abstractid=2340234&mirid=1,https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2340234,,,2103964960,,0,035-448-415-847-226,1,false,,
121-931-608-998-802,Identification of User Ownership in Digital Forensic using Data Mining Technique,2012-07-28,2012,journal article,International Journal of Computer Applications,09758887,Foundation of Computer Science,,KM Kumar; Sanjeev Sofat; Naveen Aggarwal; Shreyans K. Jain,"As existing technology used by criminal rapidly changes and growing, digital forensics is also growing and important fields of research for current intelligence, law enforcement and military organizations today. As huge information is stored in digital form, the need and ability to analyze and process this information for relevant evidence has grown in complexity. During criminal activities crime committed use digital devices, forensic examiners have to adopt practical frameworks and methods to recover data for analysis which can comprise as evidence. Data Preparation/ Generation, Data warehousing and Data Mining, are the three essential features involved in the investigation process. The purpose of data mining technique is to find the valuable relationships between data items. This paper proposes an approach for preparation, generation, storing and analyzing of data, retrieved from digital devices which pose as evidence in forensic analysis. Attribute classification model has been presented to categorized user files. The data mining tools has been used to identify user ownership and validating the reliability of the pre-processed data. This work proposes a practical framework for digital forensics on hard drives.",50,4,1,5,Data mining; Data warehouse; Forensic science; Reliability (computer networking); Work (electrical); Data preparation; Law enforcement; Computer science; Process (engineering); Identification (information); Digital forensics,,,,,https://ui.adsabs.harvard.edu/abs/2012IJCA...50d...1K/abstract https://www.ijcaonline.org/archives/volume50/number4/7756-0818 https://research.ijcaonline.org/volume50/number4/pxc3880818.pdf,http://dx.doi.org/10.5120/7756-0818,,10.5120/7756-0818,2099922782,,0,003-448-142-212-67X; 003-868-023-351-977; 009-101-513-978-03X; 037-927-986-476-095; 062-202-545-220-180; 083-366-581-383-158; 094-999-990-049-790; 096-459-953-942-294; 115-547-184-477-216; 125-658-973-713-722; 128-983-879-520-615; 132-355-634-397-986; 136-606-982-080-327,5,true,,green
121-951-797-869-548,Confluence of Digital Evidence and the Law: On the Forensic Soundness of Live-Remote Digital Evidence Collection.,2005-09-01,2005,,Social Science Research Network,,,,Erin Kenneally,"This article advocates the formal recognition of an evolved digital evidence acquisition process in light of the changing dynamics of computer searches and seizures. Other articles have argued for changes in legal procedural rules. This article addresses the other side of the coin, namely, that the changing contexts of computer search and seizure and digital forensic investigation demand an evolution in forensic acquisition methodology, and that this evolved methodology can meet the standards for evidence admissibility and reliability. This methodology entails evidence recovery on live systems via a remote connection (hereinafter, ""live-remote"").",,,,,Engineering; Digital evidence; Computer security; Soundness; Process (engineering); Reliability (statistics); Computer forensics; Legal aspects of computing; Search and seizure; Digital forensics,,,,,https://papers.ssrn.com/sol3/Delivery.cfm/SSRN_ID2145647_code451206.pdf?abstractid=2145647&mirid=1&type=2 https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2145647,https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2145647,,,322610004,,0,,13,false,,
122-269-963-751-911,Digital Forensic Framework for a Cloud Environment,2012-05-01,2012,,,,,,George Sibiya; Hein S. Venter; Thomas Fogwill,"The advent of cloud computing provides good opportunities for both good and malicious use. Cloud computing is at its infanc y stage and its security is still an open research issue. Malicious users take advantage of the current lack of advanced security mechanisms in the cloud. Cloud computing paradigm enables users to access computing resources without necessarily owni ng physical infrastructures. It is therefore easy for an attacker who intends to perfo rm malicious activities in the cloud to create a remotely hosted desktop, perform their activities and then destroy the desktop later. With the remotely hosted desktop destroyed, there is very little evidence left that can be collected by forensic exp erts using traditional static digital forensic methods. A scenario such as this therefore requires live digital forensic processes as a large amount of evidence can be gath ered while the system is running. Key issues in cloud forensics include, but are not limited to, identity, encryption, and jurisdiction and data distribution. Digital forensi c investigators currently face a challenge when criminal incidences occur as there a re no well developed tools and procedures for conducting digital forensic investig ations in the cloud. This paper proposes a novel framework that addresses issues of digital forensics in the cloud computing environment.",,,,,Cloud testing; Engineering; Encryption; Cloud computing security; Open research; Identity (object-oriented programming); Cloud forensics; Computer security; Cloud computing; Digital forensics,,,,,https://researchspace.csir.co.za/dspace/bitstream/10204/5890/1/Sibiya_2012.pdf https://researchspace.csir.co.za/dspace/handle/10204/5890,https://researchspace.csir.co.za/dspace/handle/10204/5890,,,2099236609,,0,005-859-821-142-158; 011-424-193-134-097; 051-368-118-380-383; 110-754-935-358-497; 161-491-242-469-483,34,false,,
122-947-135-495-49X,"Cybercrime, Cyber Aided Crime, and Digital Evidence",2020-05-20,2020,book chapter,Fundamentals of Digital Forensics,,Springer International Publishing,,Joakim Kävrestad,"Computer forensic experts are commonly faced with the misconception that they work primarily on cybercrimes. The reality is quite opposite, namely, that digital forensics is of importance in pretty much every possible type of crime ranging from computer intrusions to theft. This chapter provides a discussion on what cybercrime is, from the author’s perspective. But more importantly, this chapter gives the reader a presentation on how and in what cases digital evidence can be of use during criminal investigations. The aim of the chapter is to make the reader understand that in the modern world, we leave digital traces almost all the time. We may not always be aware of this fact, but knowing and understanding how digital traces are left behind are of great importance for a computer forensic expert. For instance, even if a criminal is conducting a crime without so much as looking at her phone or computer, chances are that she is using a chat client to talk to some friend about what she did. This action can leave incriminating evidence that can be valuable in court.",,,59,62,Cybercrime; Digital evidence; Computer forensics; Digital forensics; Presentation (obstetrics); Phone; Cyber crime; Perspective (graphical); Computer security; Computer science; Internet privacy; Action (physics); Crime scene; Criminology,,,,,,http://dx.doi.org/10.1007/978-3-030-38954-3_6,,10.1007/978-3-030-38954-3_6,,,0,,0,false,,
123-269-864-509-86X,Digital Evidence and Forensic Readiness (Dagstuhl Seminar 14092),,,,,,,,Glenn S. Dardick; Barbara Endicott-Popovsky; Pavel Gladyshev; Thomas Kemmerich; Carsten Rudolph,"The seminar on Digital Evidence and Forensic Readiness provided the space for interdisciplinary discussions on clearly defined critical aspects of engineering issues, evaluation and processes for secure digital evidence and forensic readiness. A large gap exists between the state-of-the-art in IT security and best-practice procedures for digital evidence. Experts from IT and law used this seminar to develop a common view on what exactly can be considered secure and admissible digital evidence. ; ; In addition to sessions with all participants, a separation of participants for discussing was arranged. The outcome of these working sessions was used in the general discussion to work on a common understanding of the topic. The results of the seminar will lead to new technological developments as well as to new legal views to this points and to a change of organizational measures using ICT. Finally, various open issues and research topics have been identified. In addition to this report, open research issues will also be published in the form of a manifesto on digital evidence.; ; One possible definition for Secure Digital Evidence was proposed by Rudolph et al. at the Eighth Annual IFIP WG 11.9 International Conference on Digital Forensics 2012. It states that a data record can be considered secure if it was created authentically by a device for which the following holds:; ; - The device is physically protected to ensure at least tamper-evidence.; - The data record is securely bound to the identity and status of the device (including running software and configuration) and to all other relevant parameters (such as time, temperature, location, users involved, etc.); - The data record has not been changed after creation.; ; Digital Evidence according to this definition comprises the measured value and additional information on the state of the measurement device. This additional information on the state of the measurement device aims to document the operation environment providing evidence that can help lay the foundation for; admissibility. ; ; This definition provided one basis of discussion at the seminar and was compared to other approaches to forensic readiness. ; ; Additional relevant aspects occur in the forensic readiness of mobile device, cloud computing and services. Such scenarios are already very frequent but will come to full force in the near future. ; ; The interdisciplinary Dagstuhl seminar on digital evidence and forensic readiness has provided valuable input to the discussion on the future of various types of evidence and it has build the basis for acceptable and sound rules for the assessment of digital evidences. Furthermore, it has established new links between experts from four continents and thus has set the foundations for new interdisciplinary and international co-operations.",4,2,150,190,Engineering; World Wide Web; Mobile device; Open research; Foundation (evidence); Digital evidence; State (computer science); Information and Communications Technology; Cloud computing; Digital forensics,,,,,https://dx.doi.org/10.4230/DagRep.4.2.150 http://dblp.uni-trier.de/db/journals/dagstuhl-reports/dagstuhl-reports4.html#DardickEGKR14 http://dx.doi.org/10.4230/DagRep.4.2.150 http://drops.dagstuhl.de/opus/volltexte/2014/4549/ https://dblp.uni-trier.de/db/journals/dagstuhl-reports/dagstuhl-reports4.html#DardickEGKR14 https://drops.dagstuhl.de/opus/volltexte/2014/4549/pdf/dagrep_v004_i002_p150_s14092.pdf/,http://dx.doi.org/10.4230/dagrep.4.2.150,,10.4230/dagrep.4.2.150,2233120777,,0,,2,false,,
123-275-701-676-787,Are mobile device examinations practiced like ‘forensics’?,2015-11-16,2015,journal article,Digital Evidence and Electronic Signature Law Review,20548508; 17564611,School of Advanced Study,Spain,Gary C. Kessler,"Gary C. Kessler considers the issue of mobile device forensics and the relationship between digital forensics and other forensic sciences, and compares mobile device forensics to the broader field of digital forensics. Index words: Cell phone forensics, computer forensics, digital forensics, mobile device forensics",12,0,3,9,Mobile device; Computer security; Computer science; Network forensics; Computer forensics; Mobile device forensics; Digital forensics,,,,,https://journals.sas.ac.uk/deeslr/article/download/2237/2170 https://commons.erau.edu/cgi/viewcontent.cgi?article=1127&context=publication https://journals.sas.ac.uk/deeslr/article/view/2237 https://commons.erau.edu/publication/119/ https://works.bepress.com/gary_kessler/50/,http://dx.doi.org/10.14296/deeslr.v12i0.2237,,10.14296/deeslr.v12i0.2237,2206488084,,0,,6,true,cc-by-nc-nd,gold
123-707-719-752-131,ARES - Enhancing Computer Forensics Investigation through Visualisation and Data Exploitation,,2009,conference proceedings article,"2009 International Conference on Availability, Reliability and Security",,IEEE,,Grant Osborne; Benjamin Turnbull,"This paper focuses on establishing the need for new architectures on which to build visualisation systems that enhance computer forensic investigation of digital evidence. The issues surrounding processing of large quantities of digital evidence are established. In addition, the current state of visualisation and data analysis techniques for computer forensics are highlighted. This paper suggests need for new visualisation techniques in order to display data in familiar visual forms that facilitate efficient insight gaining into digital evidence. Visualisations techniques also require a source of processed data that contains context relevant information to present to an investigator. To this end this paper introduces the notion of data exploitation as a way to describe techniques that provide opportunistic data analysis across multiple sources of digital evidence. Data exploitation techniques provide normalisation techniques, event correlation, relationship extraction and investigative domain knowledge processing to occur across a set of evidence. This enables a visual representation of digital evidence to highlight relationships and events across many data sources, support an investigator throughout the entire data analysis process and enable an investigator to focus on the context of the current crime.",,,1012,1017,Relationship extraction; Data visualization; Data analysis; Domain knowledge; Data science; Context (language use); Digital evidence; Visualization; Computer science; Computer forensics,,,,,http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000005066603 https://ieeexplore.ieee.org/document/5066603/ https://dx.doi.org/10.1109/ARES.2009.120 https://doi.org/10.1109/ARES.2009.120 http://ieeexplore.ieee.org/document/5066603/ http://dx.doi.org/10.1109/ARES.2009.120 https://dblp.uni-trier.de/db/conf/IEEEares/ares2009.html#OsborneT09,http://dx.doi.org/10.1109/ares.2009.120,,10.1109/ares.2009.120,2114488215,,0,001-381-793-304-07X; 003-245-307-819-411; 014-463-306-251-216; 029-215-632-456-876; 035-448-415-847-226; 040-148-545-247-997; 041-978-387-804-100; 043-395-009-848-761; 050-000-944-827-798; 059-251-701-206-851; 062-054-192-940-331; 074-804-211-130-47X; 076-559-907-569-735; 083-751-031-809-821; 089-048-294-489-077; 099-298-336-735-737; 106-054-633-069-866; 163-620-841-463-148,8,true,,green
123-822-670-262-791,Emerging Role of Digital Forensics in the Investigation of Online Child Pornography,,2019,journal article,Indian Journal of Forensic Medicine & Toxicology,09739122; 09739130,Diva Enterprises Private Limited,India,Nirmal Rallan; Komal Vig,"Information Technology has been of immense use to the mankind. It has heralded a new age of faster and easier communication and access to information. But it has also provided a new platform for criminal activities such as child pornography. Online Child pornography is a global crime whose investigation may require the joint support of several countries. Detection and investigation of online child pornography involves the role of digital forensics to ensure admissibility of digital evidence in a court of law. In this paper, the authors have presented an overview of online child pornography, its impact and the role of digital forensics in the investigation of online child pornography.",13,3,199,202,Internet privacy; Information technology; Sociology; Child pornography; Pornography; Digital evidence; Access to information; Digital forensics,,,,,https://www.indianjournals.com/ijor.aspx?target=ijor:ijfmt&volume=13&issue=3&article=042,http://dx.doi.org/10.5958/0973-9130.2019.00195.6,,10.5958/0973-9130.2019.00195.6,2961286481,,0,,0,false,,
124-003-981-384-267,Computer Forensics: Dark Net Forensic Framework and Tools Used for Digital Evidence Detection,2019-12-28,2019,,,,,,May A. Alotaibi; Mohammed A. AlZain; Ben Soh; Mehedi Masud; Jehad F. Al-Amri,"As the development of technology increases and its use becomes increasingly more widespread, computer crimes grow. Hence, computer forensics research is becoming more crucial in developing good forensic frameworks and digital evidence detection tools to deter more cyber-attacks. In this paper, we explore the science of computer forensics, a dark web forensic framework, and digital evidence detection tools.",11,3,,,Data science; Digital evidence; Computer science; Deep Web; Computer forensics,,,,,https://www.ijcnis.org/index.php/ijcnis/article/view/4407 https://www.ijcnis.org/index.php/ijcnis/article/download/4407/370 https://dblp.uni-trier.de/db/journals/ijcnis/ijcnis11.html#AlotaibiASMA19,https://www.ijcnis.org/index.php/ijcnis/article/view/4407,,,3001565613,,0,,0,false,,
124-170-512-765-508,<title>Forensic aspects of digital evidence: contributions and initiatives by the National Center for Forensic Science (NCFS)</title>,2002-07-19,2002,conference proceedings article,SPIE Proceedings,0277786x,SPIE,,Carrie M. Whitcomb,,,,,,Forensic science; Digital forensics; Center (category theory); Data science; Computer science; Library science; Engineering ethics; Engineering; Computer security; History; Archaeology; Chemistry; Crystallography,,,,,,http://dx.doi.org/10.1117/12.474732,,10.1117/12.474732,,,0,,0,false,,
124-605-471-601-661,Cloud Collaboration for Forensically Ready Cyber Space,,2015,,,,,,Bruno Opara,"The major challenge of forensic investigation of networked systems is the lack or incompleteness of relevant evidence collected for the specific crime being investigated. In cloud networks, acquisition of irrelevant data together with evidential data is also a challenge imposed due to multitenacy in cloud architectures. Since cloud forensic is still at its infacy and faced with technical, organizational and legal challenges (Ruan and Cathy, 2013); acquisition of forensic evidence still adopts traditional digital forensic frameworks and acquisition processes for investigating cyber-related crimes. These techniques, when employed for a single-cloud or multi- cloud environment leads to incompleteness of digital evidence and most times raises integrity concerns. Thus, cloud forensic is faced with the challenge of widely spread evidentiary data in the cloud and existing approaches do not harness evidence sufficiently in a manner suitable for complete of acquisition of evidence. This is because there are missing forensic considerations and capabilities in current cloud computing deployments that can be leveraged upon towards achieving a forensic ready cloud environment. In order to offset some of these challenges, there is need for the development of a novel cloud forensic framework with a collaborative forensic capability model, which acquires evidentiary data proactively and reactively within a multi-cloud environment. This work leverages the multi-cloud’s robustness to acquire and examine exhaustive digital evidence in the cloud for legal prosecution of computer aided crimes.",,,,,Engineering; Computer-aided; Digital evidence; Cyber Space; Legal prosecution; Computer security; Cloud computing; Digital forensics; Capability Maturity Model; Robustness (computer science),,,,,http://www.ijoar.org/journals/IJOARCS/papers/Cloud-Collaboration-for-Forensically-Ready-Cyber-Space.pdf,http://www.ijoar.org/journals/IJOARCS/papers/Cloud-Collaboration-for-Forensically-Ready-Cyber-Space.pdf,,,2740969296,,0,019-698-064-288-240; 023-471-707-127-597; 025-686-187-146-727; 041-879-975-858-398; 049-977-511-720-26X; 052-152-063-024-042; 091-694-208-796-635; 095-691-114-276-825; 124-837-341-752-034; 134-927-490-231-285; 144-124-797-675-052; 150-244-287-238-032; 175-601-228-135-674,0,false,,
124-866-644-987-239,Cyber Forensics: From Data to Digital Evidence - Time and Forensics,2015-10-02,2015,book chapter,Cyber Forensics,,"John Wiley & Sons, Inc.",,Albert J. Marcella; Frederic Guillossou,,,,241,261,,,,,,,http://dx.doi.org/10.1002/9781119203452.ch11,,10.1002/9781119203452.ch11,2506801777,,0,,0,false,,
125-131-677-260-393,A Critical Evaluation of Validation Practices in the Forensic Acquisition of Digital Evidence in South Africa,2020-12-19,2020,book chapter,Information and Cyber Security,18650929; 18650937,Springer International Publishing,Germany,Jason Jordaan; Karen Bradshaw,"Accepted digital forensics practice requires the tools used in the forensic acquisition of digital evidence to be validated, meaning that the tools perform as intended. In terms of Sect. 15 of the Electronic Communications and Transactions Act 25 of 2002 in South Africa, validation would contribute to the reliability of the digital evidence. A sample of digital forensic practitioners from South Africa was studied to determine to what extent they make use of validated forensic tools during the acquisition process, and how these tools are proven to be validated. The research identified significant concerns, with no validation done, or no proof of validation done, bringing into question the reliability of the digital evidence in court. It is concerning that the justice system itself is not picking this up, meaning that potentially unreliable digital evidence is used in court.",,,129,143,Data science; Justice (ethics); Digital evidence; Computer science; Forensic disk controller; Process (engineering); Sample (statistics); Reliability (statistics); Meaning (linguistics); Digital forensics,,,,,https://link.springer.com/chapter/10.1007/978-3-030-66039-0_9 https://link.springer.com/content/pdf/10.1007%2F978-3-030-66039-0_9.pdf,http://dx.doi.org/10.1007/978-3-030-66039-0_9,,10.1007/978-3-030-66039-0_9,3116187895,,0,004-441-167-148-170; 005-392-088-749-603; 007-375-878-067-656; 012-906-104-142-908; 019-831-293-743-518; 021-039-461-635-181; 025-782-023-579-032; 065-285-489-729-438; 130-217-725-914-477; 161-943-902-374-725; 178-883-713-153-793; 185-343-535-827-64X,0,false,,
125-429-401-452-724,A survey of machine learning applications in digital forensics,2021-04-08,2021,journal article,Trends in Computer Science and Information Technology,26413086,Peertechz Publications Private Limited,,Hilmand Khan; Sarmad Hanif; Bakht Muhammad,"We address the role of machine learning in digital forensics in this paper, in order to have a better understanding of where machine learning stand in today’s cyber security domain when it comes to collecting digital evidence. We started by talking about Digital Forensics and its past. Then, to illustrate the fields of digital forensics where machine learning methods have been used to date, we recommend a brief literature review. The aim of this paper is to promote machine learning applications in digital forensics. We went through different applications of machine learning in different areas and analysed how machine learning can potentially be used in other areas by considering its current applications and we believe that the ideas presented here will provide promising directions in the pursuit of more powerful and successful digital forensics tools.",6,1,020,024,Machine learning; Artificial intelligence; Domain (software engineering); Digital evidence; Computer science; Digital forensics,,,,,https://www.peertechzpublications.com/articles/TCSIT-6-134.php https://www.peertechzpublications.com/articles/TCSIT-6-134.pdf,http://dx.doi.org/10.17352/tcsit.000034,,10.17352/tcsit.000034,3157681744,,0,006-296-899-452-535; 012-446-212-270-670; 015-084-347-434-584; 015-434-377-944-478; 029-539-345-954-419; 032-810-296-055-161; 034-183-561-604-364; 036-720-465-389-565; 041-561-245-686-942; 059-151-526-215-807; 062-421-316-909-478; 089-932-159-207-310; 093-668-583-258-461; 115-547-184-477-216; 131-948-799-258-180; 139-610-896-512-796; 153-826-237-509-69X; 170-516-749-420-456; 184-428-240-098-87X,0,true,cc-by-nc,hybrid
125-473-815-302-935,Open Source Software for Digital Forensics - Open Source Software for Digital Forensics,,2010,book,,,Springer US,,Ewa Huebner; Stefano Zanero,"Open Source ApplicationsSpringer Book SeriesEditor: Ernesto Damiani, University of Milan, Italyhttp://sesar.dti.unimi.it/ossbook/ Open Source Software for Digital Forensics is the first book dedicated to the use of FLOSS (Free Libre Open Source Software) in computer forensics. It presents the motivations for using FLOSS applications as tools for collection, preservation and analysis of digital evidence in computer and network forensics. It also covers, extensively, several forensic FLOSS tools, their origins and evolution. Open Source Software for Digital Forensics is based on the OSSCoNF workshop, which was held in Milan, Italy, September 2008 at the World Computing Congress, co-located with OSS 2008. This edited volume is a collection of contributions from researchers and practitioners world wide. Open Source Software for Digital Forensics is designed for advanced level students and researchers in computer science as a secondary text and reference book. Computer programmers, software developers, and digital forensics professionals will also find this book to be a valuable asset.",,,,,World Wide Web; Software; Edited volume; Digital evidence; Computer science; Network forensics; Software development; Computer forensics; Asset (computer security); Digital forensics,,,,,https://link.springer.com/10.1007/978-1-4419-5803-7 http://ui.adsabs.harvard.edu/abs/2010ossd.book.....H/abstract https://core.ac.uk/display/55202255 https://re.public.polimi.it/handle/11311/564635,http://dx.doi.org/10.1007/978-1-4419-5803-7,,10.1007/978-1-4419-5803-7,77903978,,0,,5,true,,bronze
125-934-140-322-856,Forensic document examination of electronically captured signatures,2014-01-28,2014,journal article,Digital Evidence and Electronic Signature Law Review,20548508; 17564611,School of Advanced Study,Spain,Heidi H. Harralson,"Heidi H. Harralson considers the use of biodynamic electronic signatures by which a person provides a signature in electronic format that is reproduced on the screen as a representation of their manuscript signature, and analyzes the procedures used in the forensic analysis of such system, indicating that not all systems produce reliable information to support forensic opinions, and that examiners are failing to understand the need to analyze the digital data. Index words:electronic signature; biometric signature; biodynamic signature; digital signature; forensic document examination; forensic handwriting examination",9,0,,,Digital signature; World Wide Web; Forensic science; Signature (logic); Biometrics; Electronic signature; Information retrieval; Index (publishing); Digital data; Handwriting; Computer science,,,,,https://sas-space.sas.ac.uk/5587/ https://journals.sas.ac.uk/deeslr/article/view/1991,http://dx.doi.org/10.14296/deeslr.v9i0.1991,,10.14296/deeslr.v9i0.1991,2020370348,,0,,2,true,cc-by-nc-nd,hybrid
126-220-333-961-269,STITCHER: Correlating Digital Forensic Evidence on Internet-of-Things Devices,2020-03-16,2020,,arXiv: Cryptography and Security,,,,Yee Ching Tok; Chundong Wang; Sudipta Chattopadhyay,"The increasing adoption of Internet-of-Things (IoT) devices present new challenges to digital forensic investigators and law enforcement agencies when investigation into cybercrime on these new platforms are required. However, there has been no formal study to document actual challenges faced by investigators and whether existing tools help them in their work. Prior issues such as the correlation and consistency problem in digital forensic evidence have also become a pressing concern in light of numerous evidence sources from IoT devices. Motivated by these observations, we conduct a user study with 39 digital forensic investigators from both public and private sectors to document the challenges they faced in traditional and IoT digital forensics. We also created a tool, STITCHER, that addresses the technical challenges faced by investigators when handling IoT digital forensics investigation. We simulated an IoT crime that mimics sophisticated cybercriminals and invited our user study participants to utilize STITCHER to investigate the crime. The efficacy of STITCHER is confirmed by our study results where 96.2% of users indicated that STITCHER assisted them in handling the crime, and 61.5% of users who used STITCHER with its full features solved the crime completely.",,,,,Internet privacy; Private sector; Work (electrical); Cybercrime; Law enforcement; Computer science; Internet of Things; Digital forensics,,,,,https://arxiv.org/pdf/2003.07242.pdf https://arxiv.org/abs/2003.07242 https://ui.adsabs.harvard.edu/abs/2020arXiv200307242T/abstract,https://arxiv.org/abs/2003.07242,,,3011357687,,0,001-507-239-208-313; 019-360-393-097-72X; 019-831-293-743-518; 022-056-178-362-107; 035-031-257-128-045; 037-435-312-083-42X; 044-046-807-728-773; 073-194-524-558-213; 097-939-114-561-254; 098-748-261-333-651; 142-388-561-082-054; 150-249-549-372-358; 162-374-469-230-059,0,true,,
126-916-171-092-739,Chapter 23 – Digital Evidence∗,,2015,book chapter,Fundamentals of Forensic Science,,Elsevier,,Max M. Houck,,,,599,618,Steganography; Spoofing attack; Body of knowledge; Data science; Phone; Digital evidence; Subscriber identity module; Computer science; Phishing; Metadata,,,,,http://www.sciencedirect.com/science/article/pii/B9780128000373000236 https://www.sciencedirect.com/science/article/pii/B9780128000373000236,http://dx.doi.org/10.1016/b978-0-12-800037-3.00023-6,,10.1016/b978-0-12-800037-3.00023-6,2890274105,,0,,0,false,,
126-996-381-341-302,Analysis of Steganographic on Digital Evidence using General Computer Forensic Investigation Model Framework,,2020,journal article,International Journal of Advanced Computer Science and Applications,21565570; 2158107x,The Science and Information Organization,,Muh. Hajar Akbar; null Sunardi;  Riadi,"Steganography is one of the anti-forensic techniques used by criminals to hide information in other messages which can cause problems in the investigation process and difficulties in obtaining original information evidence on the digital crime. Digital forensic analysts are required ability to find and extract the messages that have been inserted by using proper tools. The purpose of this research is to analyze the hidden digital evidence using steganography techniques. This research uses the static forensics method by applying five stages in the Generic Forensics Investigation Model framework, namely pre-process, acquisition & preservation, analysis, presentation, and post-process as well as extracting files that have been infiltrated based on case scenarios involving digital crime. The tools used are FTK Imager, Autopsy, WinHex, Hiderman, and StegSpy. The results on the steganographic file insertion experiment of 20 files indicate that StegSpy and Hiderman are effective on the steganographic analysis of digital evidence. StegSpy can detect the presence of secret messages with 85% success rate. The extraction process using Hiderman for 18 files with containing steganographic messages had 100% successful.",11,11,,,Steganography; Forensic science; Information retrieval; Digital evidence; Computer science; Process (engineering); Digital forensics,,,,,https://thesai.org/Downloads/Volume11No11/Paper_41-Analysis_of_Steganographic_on_Digital_Evidence.pdf https://thesai.org/Publications/ViewPaper?Volume=11&Issue=11&Code=IJACSA&SerialNo=41,http://dx.doi.org/10.14569/ijacsa.2020.0111141,,10.14569/ijacsa.2020.0111141,3113162624,,0,,0,true,cc-by,gold
127-041-847-665-267,TrustBus - Cloud Separation: Stuck Inside the Cloud,,2012,book chapter,"Trust, Privacy and Security in Digital Business",03029743; 16113349,Springer Berlin Heidelberg,Germany,Waldo Delport; Martin S. Olivier,"When something erroneous happens happens in digital environment, a Digital Forensic Investigations (DFIs) can be used to gather information about the event. When conducting a DFI, Digital Forensic Procedures (DFPs) are followed. DFPs provide steps to follow to ensure the successful completion of the DFI. One of the steps in a DFP is to isolate possible evidence in order to protect the evidence from contamination and tampering. The introduction of Cloud computing complicated the isolation process because there is a shared layer between users. This means that the methods used to isolate evidence must be adapted and reworked to work in the Cloud environment. In some cases new procedures need to be introduced to address the isolation problem.",,,36,49,Isolation (database systems); Separation (aeronautics); Successful completion; Computer security; Computer science; Event (computing); Cloud computing; Digital forensics; Process (computing),,,,,https://link.springer.com/chapter/10.1007/978-3-642-32287-7_4 https://link.springer.com/content/pdf/10.1007%2F978-3-642-32287-7_4.pdf http://dx.doi.org/10.1007/978-3-642-32287-7_4 https://rd.springer.com/chapter/10.1007/978-3-642-32287-7_4 https://dx.doi.org/10.1007/978-3-642-32287-7_4,http://dx.doi.org/10.1007/978-3-642-32287-7_4,,10.1007/978-3-642-32287-7_4,112145782,,0,002-288-358-355-198; 019-311-072-352-899; 031-840-576-754-304; 037-874-857-662-637; 040-155-905-622-611; 047-600-704-780-223; 052-152-063-024-042; 053-613-448-204-883; 059-697-278-686-056; 075-976-616-114-109; 101-642-745-156-410; 116-056-471-784-278; 120-697-354-224-33X; 123-830-244-984-847; 133-508-126-407-763,5,false,,
127-207-908-207-727,Digital Evidence In Appeals Of Criminal Cases Before The U.S. Courts Of Appeal: A Review Of Decisions And Examination Of The Legal Landscape From 2016 – 2020,,2022,journal article,"Journal of Digital Forensics, Security and Law",15587223,Embry-Riddle Aeronautical University/Hunt Library,,Martin Novak,"This study is a follow-up to Digital Evidence in Criminal Cases before the U.S. Courts of Appeal: Trends and Issues for Consideration – 2010 to 2015. The current study examines appeals of criminal cases before the United States Courts of Appeal from January 2016 through August 2020, where one or more appeal claims were related to digital evidence. The purpose of this research was to determine if the legal landscape has changed since 2015; examine the most relevant legal issues related to digital evidence; and analyze how precedential cases may have affected digital forensics as evidence.",,,,,Appeal; Law; Political science; Digital evidence; Digital forensics; Criminal procedure; Criminology,,,,,,http://dx.doi.org/10.15394/jdfsl.2022.1734,,10.15394/jdfsl.2022.1734,,,0,,0,true,cc-by-nc,gold
127-807-671-619-414,Guideline for forensic analysis on windows XP and vista registry,2008-10-01,2008,dissertation,,,,,Somayeh Aghanvesi,"On the age of digitalization world and dependencies of people to digital system having a schedule to protect their assets is obvious. Digital hacking is always one of hot subject in information security field. So many organizations need special training to be covered and protected against hackers. Also like every crime which is being investigated the hacking and digital crimes also are being surveyed and the related evidences are being collected through digital investigators who are forensic specialist. Forensic is a science to collect the evidence against hackers in digital world. The Focused issue on this project is collecting the evidences from a limited scope of Microsoft windows Vista and XP versions which is their Registry platform which is one the areas that has valuable information but is not being considered by specialist as well as other areas because of its complexity. The registry platform is the place windows stores all the configurations and this place potentially have evidences inside which need to be found in sake of forensic examination. The number of keys is a lot and searching the keys by each investigator is a tedious work. The keys need to be searched, analyzed, evaluated from forensic value, be considered in evidence management process and being sorted in a referable manner for investigators. That is why we decided to prepare a guideline for investigators interested to have a look to the evidentiary keys and their values. Also as second part of this guideline we have prepared the investigation steps on registry area with Encase tool which is chosen among many tools available currently and have been surveyed so far.",,,,,Management process; Schedule (computer science); Engineering; World Wide Web; Subject (documents); Guideline; Scope (project management); Information security; Windows Vista; Hacker,,,,,http://eprints.utm.my/id/eprint/9517/,http://eprints.utm.my/id/eprint/9517/,,,2283699037,,0,093-640-643-964-890; 118-347-856-286-336; 162-608-258-617-295; 195-890-910-225-92X,0,false,,
128-539-959-390-178,Role of Blockchain Technology in Digital Forensics,2022-02-24,2022,book chapter,Blockchain Technology,,CRC Press,,Keshav Kaushik; Susheela Dahiya; Rewa Sharma,"Blockchain is a progression of associated information structures called blocks, which contain or track all that occurs in disseminated frameworks in a distributed organization. Each block is connected to the previous block with an uncommon pointer called a hash pointer, forming a chain and resulting in a framework consisting of annexes: A perpetual and irreversible history that can be utilized as a constant review trail by any member to check the precision of the records by essentially surveying information itself. The chapter will discuss the role of blockchain in digital forensics with an introduction to blockchain technology and its applications and challenges. It also explores the architecture and protocols related to blockchain technology. The chapter also highlights the managing of digital evidence by maintaining the chain of custody with the help of Ethereum and Hyperledger. It will also enlighten readers about the application of blockchain for distributed cloud storage in digital forensics. It will reveal the role of blockchain in digital forensics, which will be helpful for cybercrime investigation, blockchain technology, and digital forensics enthusiasts, students, PhD scholars and researchers.",,,235,246,Blockchain; Digital forensics; Computer science; Hash function; Computer security; Digital evidence; Computer forensics; Network forensics; Cryptocurrency; Block (permutation group theory); Cybercrime; Pointer (user interface); Data science; World Wide Web; The Internet; Computer hardware; Geometry; Mathematics,,,,,,http://dx.doi.org/10.1201/9781003138082-14,,10.1201/9781003138082-14,,,0,,1,false,,
128-632-444-828-026,Collection and Analysis of Digital Forensic Data from Devices in the Internet of Things,,2019,conference proceedings article,2019 SoutheastCon,,IEEE,,Raed Alharbi; William H. Allen,"Despite the abundance of articles that have been written about the Internet of Things (IoT), little attention has been given to how digital forensic approaches can be utilized to direct advanced investigations in IoT-based frameworks. Current digital forensic tools and functions are not generally prepared to tackle the complexity of IoT frameworks for the purpose of collecting, analyzing, and testing potential evidence from IoT environments that might be utilized as permissible evidence in a courtroom. Hence, the issue to be addressed is that; currently, there is no generally-accepted digital forensic framework that can be used to conduct digital forensic investigations in IoT-based environments. In addition, at the time of this writing, there has been little focus on how to gather and save network and server logs from IoT-based environments for investigative purposes. Based on this premise, we propose a digital forensic framework called Radlen, a lightweight digital forensic investigation model to enhance and support future IoT investigative capabilities. Radlen is also able to coordinate and manage IoT devices within a smart home environment using a smart watch or smart phone to satisfy the user’s needs, preserve security, and make decisions automatically. The authors simulate the Radlen system using a Java application that learns user’s needs and security preferences during installation and uses a MySQL server to log all data communications.",,,1,6,World Wide Web; Intelligent sensor; Premise; Smartwatch; Focus (computing); Computer science; Home automation; Java; Digital forensics; Server,,,,,https://ieeexplore.ieee.org/document/9020349/ https://repository.lib.fit.edu/handle/11141/2657,http://dx.doi.org/10.1109/southeastcon42311.2019.9020349,,10.1109/southeastcon42311.2019.9020349,3011963709,,0,004-275-936-316-116; 005-630-640-664-939; 018-552-581-098-658; 025-105-879-016-159; 029-510-167-570-754; 055-811-656-615-740; 060-294-953-084-788; 061-038-963-203-81X; 072-306-664-351-844; 081-159-375-174-238; 089-638-379-171-949; 141-048-806-854-108; 145-501-944-463-55X,3,false,,
128-730-554-766-558,ICDF2C - Digital evidence retrieval and forensic analysis on gambling machine,,2010,book chapter,"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering",18678211; 1867822x,Springer Berlin Heidelberg,Germany,Pritheega Magalingam; Azizah Abdul Manaf; Rabiah Ahmad; Zuraimi Yahya,"Hardware forensic analysis involves the process of analyzing digital evidence derived from digital sources. The analysis is done to facilitate and prove either the device is used to commit crime, whether it contains evidence of a crime or is the target of a crime. Gambling machines serve as the main source by which illegal games are conducted. This paper presents a method for retrieving information from a seized gaming machine, along with an analysis of the interpreted information to prove that the gaming machine was used illegally. The proposed procedures for the gambling machine forensic process will be important for forensic investigators (e.g., the police or private investigators), as they will assist these individuals in the digital forensic evidence analysis necessary to produce evidence relevant to illegal gambling.",,,111,121,Forensic science; Commit; Data science; Digital evidence; Evidence analysis; Computer security; Computer science; Process (engineering); Computer forensics; Digital forensics,,,,,https://eudl.eu/pdf/10.1007/978-3-642-11534-9_11 https://eudl.eu/doi/10.1007/978-3-642-11534-9_11 https://link.springer.com/10.1007/978-3-642-11534-9_11 https://dblp.uni-trier.de/db/conf/icdf2c/icdf2c2009.html#MagalingamMAY09 https://www.researchgate.net/profile/Pritheega_Magalingam/publication/221511099_Digital_Evidence_Retrieval_and_Forensic_Analysis_on_Gambling_Machine/links/557a3db008ae752158717fee.pdf?disableCoverPage=true https://rd.springer.com/chapter/10.1007/978-3-642-11534-9_11 https://link.springer.com/chapter/10.1007%2F978-3-642-11534-9_11 http://eprints.utm.my/id/eprint/22765/ https://core.ac.uk/download/11797037.pdf,http://dx.doi.org/10.1007/978-3-642-11534-9_11,,10.1007/978-3-642-11534-9_11,2162318034,,0,026-810-683-474-561; 074-933-143-629-826; 087-705-894-476-40X; 105-427-271-392-801; 107-096-001-312-874; 126-338-081-626-731,0,true,,
128-840-927-006-269,The Digital Forensics and Security Challenge of QR Codes,2013-06-30,2013,journal article,"The Journal of Digital Forensics, Security and Law",15587215,,,Nik Thompson; Kevin Lee,"The disciplines of digital forensics and IT security must adapt to new technologies and methods of interaction with those technologies.  New technologies present both challenges and opportunities for providing evidence for digital forensics investigations.  These may be in the form of new devices such as smartphones or new methods of sharing information, such as social networks.  One such rapidly emerging interaction technology is the use of Quick Response (QR) codes.  These offer a physical mechanism for quick access to web sites for advertising and social interaction.  This paper argues that the common implementation of QR codes potentially presents security issues which must be considered.  It analyzes potential privacy problems with QR codes and studies a range of devices as they may have implications for the process of evidence collection and analysis.",8,2,41,72,Emerging technologies; Interaction technology; Evidence collection; Computer security; Computer science; Process (engineering); Digital forensics,,,,,https://dblp.uni-trier.de/db/journals/jdfsl/jdfsl8.html#ThompsonL13,https://dblp.uni-trier.de/db/journals/jdfsl/jdfsl8.html#ThompsonL13,,,2991927012,,0,,0,true,cc-by-nc,gold
129-080-110-367-50X,Digital Evidence Bag Selection for P2P Network Investigation,,2014,book chapter,Lecture Notes in Electrical Engineering,18761100; 18761119,Springer Berlin Heidelberg,Germany,Mark Scanlon; M. Tahar Kechadi,"The collection and handling of court admissible evidence is a fundamental component of any digital forensic investigation. While the procedures for handling digital evidence take much of their influence from the established policies for the collection of physical evidence, due to the obvious differences in dealing with non-physical evidence, a number of extra policies and procedures are required. This paper compares and contrasts some of the existing digital evidence formats or “bags” and analyses them for their compatibility with evidence gathered from a network source. A new digital extended evidence bag is proposed to specifically deal with evidence gathered from P2P networks, incorporating the network byte stream and on-the-fly metadata generation to aid in expedited identification and analysis.",11,,307,314,Data mining; Admissible evidence; Data science; Digital evidence; Digital forensic investigation; Computer science; Byte; Peer-to-peer; Digital forensics; Metadata,,,,,https://link.springer.com/10.1007/978-3-642-40861-8_44 https://core.ac.uk/display/25063000 https://link.springer.com/chapter/10.1007%2F978-3-642-40861-8_44 https://rd.springer.com/chapter/10.1007/978-3-642-40861-8_44 https://www.insight-centre.org/sites/default/files/publications/lnee-v276-2014.pdf https://forensicsandsecurity.com/papers/DigitalEvidenceBagSelectionForP2PNetworkInvestigation.php https://markscanlon.co/papers/DigitalEvidenceBagSelectionForP2PNetworkInvestigation.pdf https://markscanlon.co/papers/DigitalEvidenceBagSelectionForP2PNetworkInvestigation.php https://arxiv.org/abs/1409.8493 https://arxiv.org/pdf/1409.8493 https://dblp.uni-trier.de/db/journals/corr/corr1409.html#ScanlonK14a https://forensicsandsecurity.com/papers/DigitalEvidenceBagSelectionForP2PNetworkInvestigation.pdf http://arxiv.org/abs/1409.8493,http://dx.doi.org/10.1007/978-3-642-40861-8_44,,10.1007/978-3-642-40861-8_44,641732948,,0,004-441-167-148-170; 007-648-632-822-878; 024-216-399-693-64X; 055-090-334-937-061; 058-409-370-512-563; 059-203-126-238-972; 060-650-561-577-338; 078-275-236-083-731; 081-933-261-712-915; 093-460-202-714-548; 109-426-377-800-755; 130-750-724-951-650,7,true,,green
129-356-514-852-901,Digital Forensic Issues in Civil Proceedings,,2014,journal article,Journal of Civil & Legal Sciences,21690170,OMICS Publishing Group,,Greg Gogolin; James H. Jones,"Digital Forensics is an emerging field that has quickly become a key source of evidence in criminal and civil cases. While digital forensics has been challenging to incorporate into both criminal and civil cases, the environment of civil cases does not have the structure of the law enforcement processes to serve as a framework from which to conduct digital forensic examinations. Further, there is often a lack of understanding of digital forensic capabilities and evidence, which has the potential to influence legal judgments and misconstrue outcomes.",3,1,1,3,Sociology; Law; Criminal law; Forensic nursing; Law enforcement; Intellectual property; Computer forensics; Conflict of laws; Jurisprudence; Digital forensics,,,,,https://www.omicsonline.org/peer-reviewed/digital-forensic-issues-in-civil-proceedingsp-23638.html https://www.omicsonline.org/open-access/digital-forensic-issues-in-civil-proceedings-2169-0170.1000110.php?aid=23638,http://dx.doi.org/10.4172/2169-0170.1000110,,10.4172/2169-0170.1000110,2106572033,,0,005-646-077-565-566; 009-358-080-914-72X; 050-721-573-791-625; 073-847-291-567-156; 076-470-845-108-034; 082-061-692-717-698; 085-858-927-316-897; 094-549-705-844-333; 110-291-798-326-65X; 140-906-156-416-318; 192-869-837-381-364,2,false,,
129-360-320-775-188,Gap Analysis: Judicial Experience and Perception of Electronic Evidence,,2006,journal article,Journal of Digital Forensic Practice,15567281; 15567346,Informa UK Limited,United States,Michael Losavio; Julia Adams; Marc Rogers,"ABSTRACT A gap exists where digital forensics bridges computer science and judicial process. Whatever the results of digital forensics analysis, the analyst must be prepared to present and defend that analysis in court. A survey of state general jurisdiction judges found that most had little or no electronic evidence tendered in their cases, those that did saw few challenges to that electronic evidence and most expected to see the use of such evidence increase in the coming years. But most judges had little or minimal training in handling electronic evidence and most desired moderate or extensive training in this area. This gap in experience and training with digital forensics must be addressed to maintain the legitimacy and effectiveness of the discipline.",1,1,13,17,Perception; General jurisdiction; Gap analysis; Computer security; Public relations; Process (engineering); Legitimacy; Computer forensics; Digital forensics,,,,,https://dblp.uni-trier.de/db/journals/jdfp/jdfp1.html#LosavioAR06 https://www.tandfonline.com/doi/full/10.1080/15567280500541462,http://dx.doi.org/10.1080/15567280500541462,,10.1080/15567280500541462,2082222870,,0,,18,false,,
130-080-242-566-434,"Digital Forensic Investigation of Social Media, Acquisition and Analysis of Digital Evidence",,2019,journal article,International Journal of Strategic Engineering,25724959; 25724967,IGI Global,,Reza Montasari; Richard Hill; Victoria Carpenter; Farshad Montaseri,"<jats:p>Various social networking sites (SNSs), widely referred to as social media, provide services such as email, blogging, instant messaging and photo sharing for social and commercial interactions. SNSs are facilitating new forms of social interaction, dialogue, exchange and collaboration. They allow millions of users and organisations worldwide to exchange ideas, post updates and comments or participate in activities and events, while sharing their wider interests. At the same time, such a phenomenon has led to an upsurge in significant criminal activities by perpetrators who are becoming increasingly sophisticated in their attempts to deploy technology to circumvent detection. Digital forensic Examiners (DFEs) often face serious challenges in relation to data acquisition. Therefore, this article aims to analyse the significance of SNSs in DFIs and challenges that DFEs often encounter when acquiring evidence from SNSs. Furthermore, this article describes the steps of the digital forensic investigation process that must be taken to acquire digital evidence that is both authentic and forensically sound.</jats:p>",2,1,52,60,Psychology; Digital evidence; Digital forensic investigation; Multimedia; Social media; Computer forensics; Digital forensics,,,,,https://cronfa.swan.ac.uk/Record/cronfa54932 https://www.igi-global.com/article/digital-forensic-investigation-of-social-media-acquisition-and-analysis-of-digital-evidence/219324 https://pure.hud.ac.uk/en/publications/digital-forensic-investigation-of-social-media-acquisition-and-an,http://dx.doi.org/10.4018/ijose.2019010105,,10.4018/ijose.2019010105,2902802592,,0,000-294-596-965-264; 004-668-612-287-432; 020-774-682-563-067; 024-711-735-736-003; 034-008-964-356-002; 034-190-709-015-829; 035-718-168-907-750; 049-404-833-736-24X; 052-052-141-922-342; 065-482-476-781-264; 067-840-274-503-047; 077-963-490-848-763; 120-697-354-224-33X; 127-948-386-055-225; 134-115-618-621-757; 134-132-593-731-945; 150-729-802-745-094; 173-034-553-635-460; 178-493-652-351-054; 179-881-224-143-743; 180-327-460-336-608; 190-065-821-748-92X,8,false,,
130-217-725-914-477,Taxonomy of computer forensics methodologies and procedures for digital evidence seizure,,,,,,,,Krishnun Sansurooah,"The increase risk and incidence of computer misuse has raised awareness in public and private sectors of the need to develop defensive and offensives responses. Such increase in incidence of criminal, illegal and inappropriate computer behavior has resulted in organizations forming specialist teams to investigate these behaviors. There is now widespread recognition of the importance of specialised forensic computing investigation teams that are able to operate. Forensics analysis is the process of accurately documenting and interpreting information more precisely digital evidence for the presentation to an authoritative group and in most cases that group would be a court of law. At the level of practice these investigative skills extend beyond a methodological approach. The scope of this paper will compare the different methodologies and procedures in place for the gathering and acquisition of digital evidence and thus defining which model will be the most appropriate taxonomy for the electronic evidence in the computer forensics analysis phase.",,,,,Internet privacy; Private sector; Engineering; Phase (combat); Data science; Presentation; Scope (project management); Digital evidence; Process (engineering); Computer forensics; Taxonomy (general),,,,,https://ro.ecu.edu.au/adf/32/ https://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1031&context=adf,http://dx.doi.org/10.4225/75/57b13730c7056,,10.4225/75/57b13730c7056,1485679839,,0,005-864-457-096-322; 087-822-568-949-905; 105-125-160-669-974; 140-821-103-436-654; 156-187-680-956-399; 156-542-218-824-445,11,false,,
130-388-474-945-856,ISSA - Towards a Standardised Digital Forensic Process: E-mail Forensics.,,2010,conference proceedings,,,,,Himal Lalla; Stephen Flowerday,This paper discusses the challenges that face digital forensic investigators as well as process models currently employed. These models aid in the development of a methodology that is comprehensive and provides forensic investigators with a robust foundation in order to produce legally admissible evidence in a court of law.,,,,,Forensic science; Admissible evidence; Data science; Digital forensic process; Foundation (evidence); Computer science; Process modeling; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/issa/issa2010.html#LallaF10,https://dblp.uni-trier.de/db/conf/issa/issa2010.html#LallaF10,,,2403118822,,0,006-461-237-333-939; 007-768-465-953-956; 008-342-229-709-474; 015-236-298-864-739; 021-486-901-460-202; 021-850-998-857-676; 022-502-903-446-942; 030-359-893-882-572; 030-814-606-481-154; 032-697-093-668-898; 033-877-222-136-260; 036-384-272-299-395; 038-668-970-194-854; 050-220-032-222-117; 058-736-328-857-558; 060-149-707-883-049; 063-401-207-033-823; 070-154-636-157-531; 081-056-635-953-384; 096-101-114-422-283; 099-697-944-817-603; 103-591-877-930-020; 110-864-915-794-539; 111-090-978-711-139; 124-761-482-586-262; 138-232-752-906-225; 150-249-549-372-358; 152-151-643-392-280; 158-363-867-842-044; 167-354-016-650-855; 167-592-705-831-583; 190-065-821-748-92X; 199-745-676-923-766,8,false,,
130-478-049-760-198,"Introduction to HICCS-49 Digital Forensics -- Education, Research and Practice Minitrack",,2016,,,,,,Matt Bishop; Kara Nance,"Introduction to HICCS-49 Digital Forensics - Education, Research and Practice Minitrack Kara Nance Department of Computer Science University of Alaska Fairbanks klnance@alaska.edu Matt Bishop Department of Computer Science University of California Davis mabishop@ucdavis.edu The field of digital forensics has evolved to allow security professionals to examine evidence from the increasing plethora of digital devices to help determine what individuals might have done in the past. The evidence collected is used in a wide variety of settings: from corporate server farms to police raids on criminals’ houses to the modern battlefield, and now to international cloud environments. This year, we accepted three papers for presentation in the Digital Forensics — Education and Research Minitrack which should promote some interesting discussions in some emerging areas of digital forensics. The papers in this session represent much of the ongoing work in the forensics community and are an exciting representation of a larger body of work dedicated to ensuring that digital evidence remains available and useful for the good of the public. The papers this year are diverse in topic including Android, educating the judiciary, and file matching based on content similarity rather than hashing. The diversity in topics provides a well-rounded view of the current state of digital forensics and some focus areas that need additional attention. In Do Multimedia Presentation Enhance Judiciary’s Technical Understanding of Digital Forensic Concepts? An Indonesian Case Study, by Cahyani, Martini, and Choo of the University of South Australia, they discuss the challenges associated with using digital evidence in courts. It has long been observed that the members of the judiciary and law enforcement agencies need to understand digital evidence. This case study analyzes the effects of educating the participants to determine if their understanding of some technical concepts was improved through the utilization of multimedia-based training in the specific concepts. The methodology and results provide an excellent foundation for discussion on the potential expansion of this case study to other populations. In Text-based Document Similarity Matching Using sdtext, Shields of Georgetown University discusses an alternative to the traditional approach of hashing to identify duplicate files. He introduces a tool, sdtext, which has shown success in comparing files with similar content, despite differing file formats. This novel approach to determining file duplicate provides some interesting options for digital forensics investigators. Our final paper, An Android Social App Forensics Adversary Model, by Azfar, Choo, and Liu presents an adaptation of a popular adversary model from cryptography to the collection and analysis phases of mobile device forensics. The model is demonstrated using popular Android social applications including Twitter, POF Dating, Snapchat, Fling, and Pinterest. As digital forensics investigations increasingly involve mobile devices, the model is likely to stimulate further research and discussion about the recreation and analysis of social profiles.",,,,,Mobile device; Data science; Law enforcement; Digital evidence; Computer science; Engineering ethics; Android (operating system); Mobile device forensics; Adversary model; Digital forensics; File format,,,,,https://escholarship.org/content/qt02d774wf/qt02d774wf.pdf?t=onhygv https://escholarship.org/uc/item/02d774wf https://escholarship.org/uc/item/02d774wf.pdf,https://escholarship.org/uc/item/02d774wf,,,2767839159,,0,,0,false,,
131-090-900-073-259,AISC - Digital camcorder forensics,2013-01-29,2013,conference proceedings,,,,,Aswami Ariffin; Kim-Kwang Raymond Choo; Jill Slay,"Digital camcorders commonly have an in-built capability to export entire video files or a single image to storage media such as a digital versatile disc (DVD). In the event that a DVD is not properly finalised, its contents might not be easily readable. It is generally accepted that recovering video evidence from an unfinalised DVD in a forensically sound manner is an expensive and a challenging exercise. In this paper, we propose a digital camcorder forensics technique that allows digital forensics examiners to carve video files with timestamps without referring to a file system (file system independent technique). We then conduct a forensic analysis to validate our proposed technique.",,,39,47,Timestamp; Computer graphics (images); File system; Single image; Computer science; Event (computing); Digital forensics,,,,,https://crpit.scem.westernsydney.edu.au/abstracts/CRPITV138Ariffin.html,https://crpit.scem.westernsydney.edu.au/abstracts/CRPITV138Ariffin.html,,,2404184955,,0,000-834-604-587-705; 007-173-300-946-608; 019-698-064-288-240; 021-283-270-029-343; 028-068-176-077-456; 037-854-176-743-927; 041-177-651-830-165; 045-243-807-828-458; 045-511-188-688-22X; 095-691-114-276-825; 103-015-634-893-434; 135-567-652-645-895; 164-385-694-618-291,6,false,,
131-789-340-932-05X,Trusted computing and the digital crime scene,2014-01-28,2014,journal article,Digital Evidence and Electronic Signature Law Review,20548508; 17564611,School of Advanced Study,Spain,Yianna Danidou; Burkhard Schafer,"Yianna Danidou and Burkhard Schafer provide an analysis of the future of digital forensics in an environment where control is increasingly taken away from PC users and remotely managed by trusted third parties, typically to improve internet security by considering Trusted Computing to illustrate some of the possible legal issues that arise.",8,0,,,Internet privacy; Direct Anonymous Attestation; Crime scene; Trusted Network Connect; Internet security; Control (management); Trusted Computing; Computer security; Computer science; Digital forensics,,,,,https://sas-space.sas.ac.uk/5412/ https://journals.sas.ac.uk/deeslr/article/view/1960 http://www.research.ed.ac.uk/portal/files/13519397/Schafer_Trusted_Computing.pdf https://www.research.ed.ac.uk/portal/files/13519397/Schafer_Trusted_Computing.pdf https://core.ac.uk/download/28968734.pdf,http://dx.doi.org/10.14296/deeslr.v8i0.1960,,10.14296/deeslr.v8i0.1960,2066768986,,0,,0,true,cc-by-nc-nd,hybrid
131-796-930-292-035,A triage framework for digital forensics,,2015,journal article,Computer Fraud & Security,13613723,Mark Allen Group,United Kingdom,Muhammad Shamraiz Bashir; Muhammad Naeem Ahmed Khan,"A sharp increase in malware and cyber-attacks has been observed in recent years. Analysing cyber-attacks on the affected digital devices falls under the purview of digital forensics. The Internet is the main source of cyber and malware attacks, which sometimes result in serious damage to the digital assets. The motive behind digital crimes varies – such as online banking fraud, information stealing, denial of services, security breaches, deceptive output of running programs and data distortion. Digital forensics analysts use a variety of tools for data acquisition, evidence analysis and presentation of malicious activities. This leads to device diversity posing serious challenges for investigators. For this reason, some attack scenarios have to be examined repeatedly, which entails tremendous effort on the part of the examiners when analysing the evidence. To counter this problem, Muhammad Shamraiz Bashir and Muhammad Naeem Ahmed Khan at the Shaheed Zulfikar Ali Bhutto Institute of Science and Technology, Islamabad, Pakistan propose a novel triage framework for digital forensics.",2015,3,8,18,Internet privacy; The Internet; Variety (cybernetics); Bhutto; Triage; Denial; Computer security; Computer science; Malware; Computer forensics; Digital forensics,,,,,https://www.sciencedirect.com/science/article/abs/pii/S136137231530018X,http://dx.doi.org/10.1016/s1361-3723(15)30018-x,,10.1016/s1361-3723(15)30018-x,2030555322,,0,002-633-789-384-681; 003-871-070-011-964; 017-071-408-718-290; 020-626-957-505-364; 026-024-733-636-162; 030-351-009-711-953; 032-372-560-487-047; 035-269-627-388-435; 037-483-791-552-006; 040-105-187-457-272; 040-483-292-320-671; 042-251-875-510-426; 052-209-716-598-874; 062-325-585-829-185; 087-690-831-820-163; 093-448-702-012-591; 105-002-898-852-695; 127-286-301-080-684; 132-606-863-800-090,6,false,,
131-877-210-773-759,Development of Evidence Analysis Tool based on Active Data for Digital Forensics,,2012,journal article,Journal of Digital Convergence,17381916,,,Lee Jun Yeon,"The digital forensics are new kinds of security that investigate and verificate fact relation about activities based on digital data. In this paper, we implemented digital forensic tool that can be used in collecting, analyzing, and reporting evidences. This tool support intuitional GUI that everybody can analyze easily. And a simple operation can collect and analyze active data. Also, we can decrease much time and endeavor by using this forensic tool that support reliable data.",10,3,99,104,Engineering; World Wide Web; Data science; Relation (database); SIMPLE (military communications protocol); Digital data; Active data; Evidence analysis; Network forensics; Digital forensics,,,,,http://www.koreascience.or.kr:80/article/JAKO201219565295897.pdf https://www.kci.go.kr/kciportal/ci/sereArticleSearch/ciSereArtiView.kci?sereArticleSearchBean.artiId=ART001660385 http://www.koreascience.or.kr/article/ArticleFullRecord.jsp?cn=DJTJBT_2012_v10n3_99,http://www.koreascience.or.kr/article/ArticleFullRecord.jsp?cn=DJTJBT_2012_v10n3_99,,,2398398601,,0,,0,false,,
132-355-634-397-986,Systematic Digital Forensic Investigation Model,,2011,,,,,,Ankit Agarwal; Megha Gupta,"Law practitioners are in a uninterrupted battle with criminals in the application of digital/computer technologies, and require the development of a proper methodology to systematically search digital devices for significant evidence. Computer fraud and digital crimes are growing day by day and unfortunately less than two percent of the reported cases result in confidence. This paper explores the development of the digital forensics process model, compares digital forensic methodologies, and finally proposes a systematic model of the digital forensic procedure. This model attempts to address some of the shortcomings of previous methodologies, and provides the following advantages: a consistent, standardized and systematic framework for digital forensic investigation process; a framework which work systematically in team according the captured evidence; a mechanism for applying the framework to according the country digital forensic investigation technologies; a generalized methodology that judicial members can use to relate technology to non-technical observers. This paper present a brief overview of previous forensic models and propose a new model inspired from the DRFWS Digital Investigation Model, and finally compares it with other previous model to show relevant of this model. The proposed model in this paper explores the different processes involved in the investigation of cyber crime and cyber fraud in the form of an eleven-stage model. The Systematic digital forensic investigation model (SDFIM) has been developed with the aim of helping forensic practitioners and organizations for setting up appropriate policies and procedures in a systematic manner.",,,,,Engineering; Data science; Cyber crime; Digital forensic investigation; Computer security; Process (engineering); Computer fraud; Computer forensics; Digital forensics,,,,,,,,,2119431907,,0,028-103-684-022-268; 035-223-520-491-228; 038-668-970-194-854; 079-388-480-430-544; 082-183-269-232-269; 089-048-294-489-077; 110-079-538-894-548; 111-741-773-111-021; 140-821-103-436-654,108,false,,
132-376-463-591-364,A Framework for Digital Forensics Using Blockchain to Secure Digital Data,2022-06-17,2022,conference proceedings article,2022 IEEE World Conference on Applied Intelligence and Computing (AIC),,IEEE,,Jibin Jacob; Sandeep Kumar,"Digital forensics (DF) requires evidence integrity and provenance across boundaries of jurisdiction, and blockchain technology is ideal for ensuring that. As part of this paper, we discussed a digital forensic framework designed to help prevent duplication of data and secure digital data. In order to accomplish such forensic capabilities, we provide a block-based forensics framework. Using it, examinations are validated, irreversible, traceable, robust, and demonstrate high levels of confidence among examiners and evidence entities.",,,,,Digital forensics; Blockchain; Computer science; Digital evidence; Computer forensics; Data integrity; Computer security; Digital signature; Block (permutation group theory); Network forensics; Data recovery,,,,,,http://dx.doi.org/10.1109/aic55036.2022.9848860,,10.1109/aic55036.2022.9848860,,,0,,0,false,,
132-636-844-147-599,Validation of forensic images for assurance of digital evidence integrity,,2014,dissertation,,,,,James McCutcheon,"The reliability of digital evidence is an important consideration in legal cases requiring sound validation. To ensure its reliability, digital evidence requires the adoption of reliable processes for the acquisition, preservation, and analysis of digital data. To undertake these tasks, the courts expect digital forensic practitioners to possess specialised skills, experience, and use sound forensic tools and processes. The courts require that the reliability of digital evidence can be verified with supporting documentation; notably acquisition process logs and a chain of custody register, confirming that the process of recovering and protecting the evidence was based on sound scientific principles. ; ; In typical cases the digital evidence has been ‘preserved’ in a special file or ‘container’ that has been declared to be secure on the basis that it is not possible to tamper with the contents of the container or the information supporting the contents (metadata) without this act being discovered. However, through the use of a freely available open source library, libewf, it has been discovered that the most commonly used forensic container format, Encase Evidence File Format, also known by its file extension .E01, can be manipulated to circumvent validation by forensic tools. This digital forensic container contains an embedded forensic image of the acquired device and metadata fields containing information about the data that was acquired, the circumstances of the acquisition, and details about the device from which the forensic image was acquired. It has been found that both the forensic image and the metadata associated with that image can be freely altered using simple file editors and open source software. ; ; Exploiting these weaknesses within the Encase Evidence File format results in a forensic container that can be altered but fails to provide any evidence that this has occurred. In practice the original device is often unavailable, damaged, or otherwise unable to provide independent validation of the data held in the container. In such situations, it would be difficult, if not impossible, to determine which of two forensic containers held the original record of the evidence. ; ; As part of a proof of concept, existing libewf code was manipulated to allow for legitimate metadata to be attached to a compromised and altered forensic image with recalculated hashes and data integrity checksums. Without incontrovertible records of the original data’s hash value, this manipulation might only be detected by an independent third party holding a copy of the original forensic container’s metadata and hashes for comparison. While hashes and metadata held by an interested party could also potentially be altered or declared unreliable, an uninterested party would be able to provide a more reliable set of hashes that could be used to validate the unaltered container. ; ; In order to add to the body of knowledge supporting digital forensics as a scientific discipline this research has brought into question a fundamental assumption about the reliability of a fundamental method currently used to collect and validate digital evidence. Further research is required to determine the whether processes can be designed to enhance the detection of contaminated images.",,,,,Container (abstract data type); Checksum; Information retrieval; Digital evidence; Data integrity; Computer security; Computer science; Documentation; Digital forensics; Metadata; File format,,,,,https://researchrepository.murdoch.edu.au/24962/1/whole.pdf https://researchrepository.murdoch.edu.au/24962/,https://researchrepository.murdoch.edu.au/24962/,,,1584130572,,0,001-170-920-458-777; 001-341-383-690-418; 002-633-789-384-681; 004-652-388-189-304; 008-215-658-916-277; 008-368-457-009-66X; 017-840-378-634-021; 018-378-468-608-90X; 018-512-957-426-941; 019-831-293-743-518; 021-039-461-635-181; 021-486-901-460-202; 025-421-213-608-128; 027-265-141-482-204; 032-949-282-040-096; 042-699-638-178-461; 047-414-117-046-463; 054-331-725-373-265; 054-507-171-824-189; 054-536-916-991-487; 055-090-334-937-061; 056-590-277-527-716; 070-663-231-417-230; 071-345-315-077-336; 083-312-117-071-763; 085-214-277-668-01X; 085-379-403-609-164; 090-792-295-657-205; 091-658-616-593-740; 109-598-947-309-943; 111-741-773-111-021; 117-239-595-156-183; 120-916-795-553-371; 124-466-422-768-986; 129-842-013-619-240; 133-752-203-150-119; 134-927-490-231-285; 140-402-089-386-286; 141-182-449-198-823; 145-002-823-706-838; 160-290-566-078-246; 172-214-329-616-03X; 172-965-192-520-527; 178-883-713-153-793; 187-849-196-324-650; 188-762-236-378-448; 191-324-551-329-724; 192-753-900-194-904; 199-745-676-923-766,0,false,,
133-397-275-695-990,Mapping Process of Digital Forensic Investigation Framework,2008-10-01,2008,,,,,,Siti Rahayu Selamat; Robiah Yusof; Shahrin Sahib,"Summary Digital forensics is essential for the successful prosecution of digital criminals which involve diverse digital devices such as computer system devices, network devices, mobile devices and storage devices. The digital forensic investigation must be retrieved to obtain the evidence that will be accepted in the court of law. Therefore, for digital forensic investigation to be performed successfully, there are a number of important steps that have to be taken into consideration. The aim of this paper is to produce the mapping process between the processes/activities and output for each phase in Digital Forensic Investigation Framework (DFIF). Existing digital forensic frameworks will be reviewed and then the mapping is constructed. The result from the mapping process will provide a new framework to optimize the whole investigation process.",,,,,Engineering; Networking hardware; Mobile device; Data science; Digital forensic investigation; Computer security; Process (engineering); Digital forensics,,,,,http://eprints.utem.edu.my/id/eprint/185 http://paper.ijcsns.org/07_book/200810/20081025.pdf,http://eprints.utem.edu.my/id/eprint/185,,,2170873916,,0,010-086-703-646-194; 020-944-423-224-895; 032-697-093-668-898; 035-448-415-847-226; 038-668-970-194-854; 040-823-216-153-224; 047-630-600-014-492; 050-612-532-454-179; 062-032-128-092-406; 184-948-841-629-735; 190-065-821-748-92X; 199-745-676-923-766,98,false,,
133-508-126-407-763,Digital Forensic Evidence Examination,2009-03-20,2009,book,,,,,Fred Cohen,"This book is about the examination of digital forensic evidence in legal settings. When a legal action involving the formalisms of a court system are involved, and that action involves evidence consisting of 1s and 0s (the binary digits), there are specific concerns that have to be addressed in order to provide accurate facts to those who have to make judgements based on facts. This book provides the scientific basis for examination of digital forensic evidence in a legal context.",,,,,Psychology; Rotation formalisms in three dimensions; Law; Action (philosophy); Context (language use); Legal action; Questioned document examination; Engineering ethics; Digital forensics,,,,,https://www.amazon.com/Digital-Forensic-Evidence-Examination-2nd/dp/1878109456,https://www.amazon.com/Digital-Forensic-Evidence-Examination-2nd/dp/1878109456,,,2462042108,,0,,47,false,,
133-532-326-238-319,CURRENT EVIDENCE ON BIOINFORMATICS ROLE AND DIGITAL FORENSICS THAT CONTRIBUTE TO FORENSIC SCIENCE: UPCOMING THREAT,2022-04-22,2022,journal article,JURNAL RISET RUMPUN MATEMATIKA DAN ILMU PENGETAHUAN ALAM,28289390; 28289382,Politeknik Pratama Purwokerto,,Rosyid Al Hakim; Esa Putri; Hexa Hidayah; Agung Pangestu; Sri Riani,"<jats:p>Forensics has become an essential part of the disclosure of criminal evidence. A bioinformatics approach in the form of DNA forensics and digital forensics can be a good combination in disclosing digital-based criminal evidence. This study explains how the role of bioinformatics through the digital approach can be a means of forming new approaches in integration with digital forensics, called cyber-bioinformatics. Despite many hopes and challenges ahead, it does not rule out the possibility of criminal cases related to the privacy of human genomic data, so it proposes a new hypothesis, “cyber-bioinformatics.” The role of cyber-bioinformatics is very central in this regard.</jats:p>",1,1,25,32,,,,,,,http://dx.doi.org/10.55606/jurrimipa.v1i1.157,,10.55606/jurrimipa.v1i1.157,,,0,,0,false,,
133-721-111-242-890,Factors influencing Digital Evidence transfer across international borders: a case study,,2010,dissertation,,,,,Michael Edward Spence,"Digital Forensics has grown out of the necessity to extract, analyse and present evidence from digital devices in support of an investigation or court case. In its early stages in the 1970' and 80's this would often relate to a computer that was not connected to any networks. The issues were therefore local and dealt with by local law enforcement agencies and prosecuted under local (national) laws. The explosive growth of Internet usage and e-commerce has resulted in a corresponding growth in international e-crime. The perpetrator of this international e-crime can be based in one country with the victim in a second country and the data in a third country. This raises the question regarding in which country the offence has occurred and under which jurisdiction it should be investigated and prosecuted. This new paradigm now means that the digital forensic practitioner may have to deal with the acquisition and presentation of digital evidence in a foreign country. This raises a whole new level of complexity regarding both the integrity of the evidence that has moved between countries and acceptance of the digital forensics practitioner as an expert witness in a foreign court. The differences in the laws of the countries involved in the investigation and prosecution of the offenders can also have a substantial impact on the digital evidence process. The purpose of this research is to identify the main factors that influence the successful presentation of digital evidence across international borders. The test of the success of the presentation of digital evidence is usually considered to be that the evidence and the digital forensic practitioner presenting the evidence are accepted by a court of law. The research commences with a review of the current literature in this area. From the review of the literature a set of 16 hypothesised main factors influencing the transfer of digital evidence across international borders is",,,,,Internet privacy; The Internet; Engineering; Presentation; Jurisdiction; Expert witness; Law enforcement; Digital evidence; Public relations; Computer forensics; Digital forensics,,,,,https://aut.researchgateway.ac.nz/bitstream/handle/10292/1187/SpenceME.pdf?sequence=3 https://openrepository.aut.ac.nz/handle/10292/1187 https://aut.researchgateway.ac.nz/handle/10292/1187,https://openrepository.aut.ac.nz/handle/10292/1187,,,1503953041,,0,002-534-435-127-422; 014-075-012-606-654; 019-311-072-352-899; 022-455-280-454-911; 025-855-247-579-351; 029-365-434-938-480; 035-867-964-955-437; 037-550-015-414-716; 043-376-680-900-614; 067-847-511-873-36X; 104-687-739-050-263; 106-730-832-251-987; 110-079-538-894-548; 120-697-354-224-33X; 123-695-113-513-413; 125-763-750-561-914; 129-143-350-106-785; 130-032-085-193-497; 147-186-168-647-633; 158-262-072-312-063; 169-425-503-349-507; 171-803-389-787-120; 178-883-713-153-793; 182-962-922-039-081; 184-632-354-694-897; 194-446-491-409-443; 199-172-967-270-034; 199-815-082-330-665,0,false,,
133-839-073-755-612,"Computer Forensics: An Essential Guide for Accountants, Lawyers, and Managers",2007-05-25,2007,book,,,,,Michael Sheetz,"Introduction. Acknowledgments. 1 A Definition of Computer Forensics. Introduction. Forensic Science. History of Computer Forensics. World Wide Web. Hacker Community. Conclusion. Notes. Suggested Reading. 2 Basics of Computer Forensic Concepts. Introduction. Understanding Digital Evidence. Input. Storage. Processing. What Computer Data Is. Output. Conclusion. Notes. Suggested Reading. 3 Preservation and Collection of Digital Evidence. Introduction. Rules of Evidence. Preservation. Collection. Conclusion. Note. Suggested Reading. 4 Analysis of Digital Evidence. Introduction. Forensic Analysis. Conclusion. Notes. Suggested Reading. 5 Reporting and Rendering the Opinion. Introduction. Preparing the Report. Presentation. Trial Process. Conclusion. Suggested Reading. 6 Computer Attacks. Hackers and Phreakz Oh My. Hackers: Unauthorized Use and Trespassing. Wireless Hacking. Malware. Attacks from the Inside. Conclusion. Notes. Suggested Reading. 7 Computers as Tools for Evil. Introduction. Computers and Crime. Identity Theft. Concealment. Auction Fraud and Retail Cons. Counterfeiting and Forgery. Prostitution. Securities Fraud. Conclusion. Notes. 8 Computer Tools and the Forensic Examination. Introduction. Assuming Control of the Case. Understanding the Case. Evaluating the Evidence. Examining the ""Live"" System. Collecting Data from a Dead System. Imaging the Drive. Data Extraction. Data Analysis. Conclusion. Notes. 9 Presenting Digital Evidence in Court. Introduction. Evidence. Types of Evidence. Expert Witnesses. Legal Requirements of Evidence. Search and Seizure. Conclusion. Notes. Index.",,,,,Internet privacy; Data; Attack; Securities fraud; Digital evidence; Computer security; Computer science; Identity theft; Malware; Computer forensics; Hacker,,,,,https://core.ac.uk/display/41819724,https://core.ac.uk/display/41819724,,,607155924,,0,,14,false,,
134-129-771-651-554,An Implementation of Audit System Applying Forensic Analysis Technology over Network Nodes,,2009,journal article,The e-Business Studies,12299936,,,Yoon-Ho Kim,"As the situations that important evidences or clues are found in digital information devices increase, digital forensic technology is widely applied. In this paper, forensic based audit system is implemented by associating forensic analysis system with agent system which monitors and collects data for analysis in storage devices over distributed network nodes. Forensic audit system implemented in this paper can prevent, audit and trace the computer related crimes in IT infrastructure by real time monitoring and evidence seizure.",14,3,169,181,Information technology management; Forensic science; Audit; Audit system; Computer security; Computer science; TRACE (psycholinguistics); Digital forensics,,,,,http://www.koreascience.or.kr/article/ArticleFullRecord.jsp?cn=KJGRBH_2009_v14n3_169 http://ocean.kisti.re.kr/downfile/volume/calsec/KJGRBH/2009/v14n3/KJGRBH_2009_v14n3_169.pdf https://www.kci.go.kr/kciportal/ci/sereArticleSearch/ciSereArtiView.kci?sereArticleSearchBean.artiId=ART001371271,http://www.koreascience.or.kr/article/ArticleFullRecord.jsp?cn=KJGRBH_2009_v14n3_169,,,243872851,,0,038-668-970-194-854,0,false,,
134-264-047-754-183,The Role of “Digital Forensic Photography”- In the Indian Criminal Justice System,2021-05-01,2021,journal article,Journal of emerging technologies and innovative research,23495162,,,Rakesh Mia; Vijay R. Panchal; Yukta Guglot,"Photography is one of the most critical factors in any crime scene solving cases. Crime Scene photography or forensic photography is an important role depending on the crime scene as well as its a photo in the criminal justice system as a scene of crime evidence. In the 21st century all over the world, all respective forensic science authorities used high-resolution camera, lens and modern instrumentation technology to capture crime scene occur photos. Evidence collection and preservation using digital forensic photography is a crucial aspect of a future legal proceeding. In this paper, we summarize the modern aspects of digital forensic photography in the Indian criminal justice system",8,5,,,Criminal justice; Photography; Visual arts; Crime scene; Forensic photography; Legal proceeding; Critical factors; Evidence collection; Digital forensics; History,,,,,https://www.jetir.org/view?paper=JETIR2105285 https://www.jetir.org/papers/JETIR2105285.pdf,https://www.jetir.org/view?paper=JETIR2105285,,,3160362477,,0,,1,false,,
134-496-236-872-528,Overview of Digital Business Security Issues,2015-11-10,2015,book chapter,Emerging Forensic Tools for Locating and Analyzing Digital Evidence,,IGI Global,,Richard Boddington,,,,317,958,Computer security; Business; Computer science,,,,,,http://dx.doi.org/10.4018/978-1-4666-9591-7.les1,,10.4018/978-1-4666-9591-7.les1,,,0,,0,true,,green
134-922-913-220-324,전자정보의 압수·수색 절차 개선방안 연구,2013-12-01,2013,,,,,,null 윤신자; null 이상진,"As the electronic information is being regarded to be more and more important in the process of criminal investigation, we can find that national security breach cases are affecting korean judicial system to produce new supreme court cases about the search and seizure against the digital media and to create new article in Criminal Procedure Act(Clause 106, Article 3) afterwards, following through “Daegu Council Enemy Beneficiary Group” case, “Il-Sim-Hoe Spy Group” case and “The declaration of Korean Teachers and Educational Workers Union” case.; In the recent “Wang-Jae-San” criminal investigation case, investigators found the cyber commandment report from North Korea and the process and techniques of digital evidence collection including electronic evidence manipulation issue, has been brought out to be hot debating topic in Korea. Thereafter law enforcement offices including national security police and national security institution should provide necessary measurements to assure defense right of the accused and to ensure justice and confidentiality in each process of seeking and performing the search and seizure warrant, and analyzing the result of the warrant through appropriate allocation of digital investigation experts and introducing external digital forensics experts participation system. They also need to analyze the digital evidence throughly with the digital forensics experts perspective by confiscating the original digital media against anti-forensic activities.",13,4,227,252,Criminal investigation; Digital media; Political science; Law; Digital evidence; Public relations; Criminal procedure; National security; Computer forensics; Search and seizure; Digital forensics,,,,,http://www.dbpia.co.kr/Journal/ArticleDetail/NODE07019282?q=%5B%EA%B5%AD%EA%B0%80%EC%95%88%EB%B3%B4%C2%A7coldb%C2%A72%C2%A751%C2%A73%5D&Multimedia=0&SearchAll=%EA%B5%AD%EA%B0%80%EC%95%88%EB%B3%B4&isFullText=0&specificParam=0&SearchMethod=0&Sort=1&SortType=desc,http://www.dbpia.co.kr/Journal/ArticleDetail/NODE07019282?q=%5B%EA%B5%AD%EA%B0%80%EC%95%88%EB%B3%B4%C2%A7coldb%C2%A72%C2%A751%C2%A73%5D&Multimedia=0&SearchAll=%EA%B5%AD%EA%B0%80%EC%95%88%EB%B3%B4&isFullText=0&specificParam=0&SearchMethod=0&Sort=1&SortType=desc,,,2613263670,,0,,0,false,,
135-177-042-837-845,CCTV quality assessment for forensics facial recognition analysis,,2017,conference proceedings article,"2017 7th International Conference on Cloud Computing, Data Science & Engineering - Confluence",,IEEE,,Mohamad Firham Efendy Md Senan; Siti Norul Huda Sheikh Abdullah; Wafa Mohd Kharudin; Nur Afifah Mohd Saupi,"Closed-circuit television (CCTV) is used to perform surveillance recordings, and it is one of the most common digital devices that provide digital evidence for the purpose of forensic analysis. In video forensic analysis, the footage with the target subject or object is extracted out from the CCTV recordings for further analysis. However, the quality of these recordings are often poor due to several factors, such as the type of the camera, the configuration, and also the position of the camera. The results of forensic face recognition depend highly on the quality of the CCTV recordings. Poor quality of CCTV recordings would reduce the confidence level of the face recognition result, thus would not make a strong evidence to be presented in a court of law. The objective of this research is to conceptualise a framework for quality assessment in CCTV evidence to be used in forensic face recognition analysis. The method of this research was divided into two phases. Initial phase covered CCTV evidence testing phase where the experiment was done based on different types of CCTV camera with different resolutions, and distances between the subject and the camera. In the second phase, the face of the subjects were compared to the face taken during the enrolment phase. The score obtained from the forensic face recognition system would be based on the camera resolutions, types of camera, distances, and also the changes of ranking score after applying the enhancement process such as Bicubic to the facial images. The results were analyzed for quality assessment towards these parameters. In general, the evaluation of scoring and ranking decreased as the distance increased. The face also could not be detected by the system when they were taken more than 5 meters distance from the camera. The highest score of 5.95 was obtained by using resolution 1280 × 720 at distance of 3 meters taken by camera model ACTI E62. The Bicubic enhancement method improved the scoring and ranking especially with the camera model that have low resolution modes.",,,649,655,Artificial intelligence; Face (geometry); Quality (business); Digital evidence; Quality assessment; Facial recognition system; Computer vision; Computer science; Bicubic interpolation; Process (computing),,,,,http://ieeexplore.ieee.org/document/7943232/ https://ieeexplore.ieee.org/document/7943232/,http://dx.doi.org/10.1109/confluence.2017.7943232,,10.1109/confluence.2017.7943232,2622436344,,0,001-877-822-734-271; 005-540-618-248-657; 010-037-102-410-599; 038-889-274-248-993; 047-946-266-789-962; 114-505-614-270-943; 140-406-774-863-691,4,false,,
135-446-297-600-105,Training and Education in Digital Evidence,,,book chapter,Handbook of Digital and Multimedia Forensic Evidence,,Humana Press,,Philip Craiger,"Digital forensics is a relatively new science that is becoming increasingly important as tech-savvy criminals use computers and networks in their illegal activities. Demonstrated competency in digital forensics requires a varied knowledge and skill set that includes an in-depth understanding of computer hardware and software, computer networks, forensic science, applicable local, state, and national laws, as well as the ability to communicate in both verbal and written forms. The purpose of this chapter is to provide the reader with an overview of education and training in digital forensics. Issues specifically addressed include differences between education and training; the “core competencies” of the digital forensics examiner; guidelines on the knowledge and skills students should expect to learn in a college/university educational program; a description of various types of training programs; as well as pointers to Web resources for current information on available educational and training programs.",,,11,22,Core competency; Set (psychology); Educational program; Software; Digital evidence; Computer science; State (computer science); Multimedia; Medical education; Web resource; Digital forensics,,,,,https://works.bepress.com/john_craiger/5/ https://link.springer.com/chapter/10.1007/978-1-59745-577-0_2 https://rd.springer.com/chapter/10.1007/978-1-59745-577-0_2 https://link.springer.com/content/pdf/10.1007%2F978-1-59745-577-0_2.pdf,http://dx.doi.org/10.1007/978-1-59745-577-0_2,,10.1007/978-1-59745-577-0_2,2187258877,,0,085-214-277-668-01X; 140-821-103-436-654; 153-153-144-072-106; 165-770-474-971-736; 167-592-705-831-583,4,false,,
135-450-096-173-997,Detection of relevant digital evidence in the forensic timelines,2022-06-30,2022,conference proceedings article,"2022 14th International Conference on Electronics, Computers and Artificial Intelligence (ECAI)",,IEEE,,Eva Markova; Pavol Sokol; Kristina Kovacova,"Security incident handling and response are essen-tial parts of every organization&#x0027;s information and cyber security. Security incident handling consists of several phases, among which digital forensic analysis has an irreplaceable place. Due to particular digital evidence being recorded at a specific time, timelines play an essential role in analyzing this digital evidence. One of the vital tasks of the digital forensic investigator is finding relevant records in this timeline. This operation is performed manually in most cases. This paper focuses on the possibilities of automatically identifying digital evidence pertinent to the case and proposes a model that identifies this digital evidence. For this purpose, we focus on Windows operating system and the NTFS file system and use outlier detection (Local Outlier Factor method). Collected digital evidence is preprocessed, transformed to binary values, and aggregated by file system inodes and names. Subsequently, we identify digital records (file inodes, file names) relevant to the case. This paper analyzes the combinations of attributes, aggregation functions, local outlier factor parameters, and their impact on the resulting selection of relevant file inodes and file names.",,,,,Timeline; Digital forensics; Digital evidence; Computer science; Computer forensics; Local outlier factor; Outlier; Anomaly detection; File system; Focus (optics); Data mining; Information retrieval; Computer security; World Wide Web; Data science; Database; Operating system; Artificial intelligence; Physics; Archaeology; Optics; History,,,,Slovak Research and development agency,,http://dx.doi.org/10.1109/ecai54874.2022.9847438,,10.1109/ecai54874.2022.9847438,,,0,006-193-950-198-199; 007-579-380-265-043; 026-129-197-578-229; 031-958-669-420-972; 034-861-501-907-339; 050-236-249-484-085; 065-271-578-399-058; 066-043-539-758-670; 068-147-459-781-01X; 083-490-612-361-225; 119-171-211-394-460; 184-428-240-098-87X,0,false,,
135-644-852-278-088,Effectiveness of OSForensic in Digital Forensic Investigation to Curb cybercrime,2021-05-12,2021,journal article,Indian Journal of Forensic Medicine & Toxicology,09739122; 09739130,Institute of Medico-legal Publications Private Limited,India,Bandr Siraj Fakiha,"With the rapid development and higher level of dependence on new information and technology by various organizations across the world, cybercrime issues are increasing, and there are no technologies that seem flawless in combatting the issue. The use of concepts relating to digital forensic investigation of criminal activities and digital forensics will, therefore, tackle the problem with finding digital evidence in cybercrimes. OSForensics is one of the various digital forensic investigation tools that allows the use of Hash Sets for identifying known safe files in program and operating system files. The tool is essential for identifying suspected files like Trojans, viruses, and hacker scripts. The problem presented in this paper, therefore, entails utilizing combinations of digital forensic investigation of criminal activities and investigation concepts. The paper seeks to establish the effectiveness of OSForensic in Digital Forensic Investigation to curb cybercrime. That is, the capabilities of OSForensics and the accuracy of OSForensics with regards to retrieving and analyzing data from a hard drive in order to investigate and curb cybercrime at the workplace. The researcher investigated a case in which a company security had been threatened by an employee whose contract had recently been terminated. The company suspected that this employee had some serious pictures, locations, and employee details belong to company. The image of the employee’s personal flash was sent to the researcher to help initiate the investigation using OSForensicssoftware so as to establish any evidence that the employee still had pictures, locations, and employee details belong to company. In overall, OSForensic was able to identify company details that the employee was having. The research was able to identify sensitive information about the company that the suspect was having, including the names of the employees, images, company system structure and what seemed to be their respective identification numbers.",15,3,2149,2153,Internet privacy; Information sensitivity; Suspect; Cybercrime; Digital evidence; Computer science; Scripting language; Identification (information); Digital forensics; Hacker,,,,,https://medicopublication.com/index.php/ijfmt/article/view/15633,http://dx.doi.org/10.37506/ijfmt.v15i3.15633,,10.37506/ijfmt.v15i3.15633,3195510639,,0,,0,false,,
135-651-910-743-60X,IT : DIGITAL FORENSIC,2017-06-01,2017,,,,,,Pratomo Djati Nigroho; MUhammad Nuh Al-Azhar,"Pratomo Djati Nugroho, S.Pi., M.Kom., CHFI Dosen STMIK Insan Pembangunan, Bitung. Tangerang. Data Members Registration of Indonesia Forensic Digital Association (AFDI) Komisaris Besar Polisi Muhammad Nuh Al-Azhar, M.Sc., CHFI., CEI., ECIH Chairman of Indonesia Forensic Digital Association (AFDI) Digital Forensic Analysis Team (DFAT) PUSLABFOR MABES POLRI ABSTRAK The increasing of information technology in fact followed by issues around cybercrime and computer security. Nowadays, many cases of law has opened our mind and shows us the critical of digital forensic as the method in proofing crimes beside the law and role of regulation that happening. As more criminals utilize technology to achieve their goals and avoid apprehension, there is a developing need for individuals who can analyze and utilize evidence stored on and transmitted using computers . By applying science methods in investigating digital evidence, made digital forensic as the answer of law standing effort in digital era. Kata kunci : Digital Forensic, Evidence, Cybercrime.",5,1,,,Internet privacy; Information technology; Political science; Cybercrime; Apprehension; Digital evidence; Digital era; Digital forensics,,,,,https://ojs.ipem.ecampus.id/ojs_ipem/index.php/stmik-ipem/article/view/31 http://ojs.ipem.ecampus.id/ojs_ipem/index.php/stmik-ipem/article/download/31/30,https://ojs.ipem.ecampus.id/ojs_ipem/index.php/stmik-ipem/article/view/31,,,3199469367,,0,,0,false,,
136-091-120-487-713,A Study of Digital Forensic: Process and Tools,2012-10-03,2012,,,,,,Sandhya Dahake; Shubhangi Daware,"This paper deals with the study of digital tools and techniques used in the field of digital forensic and evidences handled. Today’s major problem is about the reliability and in field of computer science it is focused on information assurance. In this paper we focused on on an emerging subspecialty within information assurance that is largely driven by software technology -that of Digital Forensics. Digital forensics is a combination of the use of software, computer science, software engineering, and criminal justice procedures to explore and or investigate digital media with the objective of finding evidence to support a criminal or administrative case. It involves the preservation, identification, extraction, and documentation of computer or network evidence. Digital forensic is part of forensic science that implicitly covers crime that is related to computer technology. In a cyber crime, digital evidence investigation requires a special procedures and techniques in order to be used and be accepted in court of law.",,10,,,Human–computer interaction; Digital media; Data science; Digital forensic process; Software; Information assurance; Digital evidence; Computer technology; Computer science; Documentation; Digital forensics,,,,,https://www.ijcaonline.org/proceedings/ncipet/number10/5267-1079?format=pdf https://www.ijcaonline.org/proceedings/ncipet/number10/5267-1079 https://research.ijcaonline.org/ncipet/number10/ncipet1079.pdf,https://www.ijcaonline.org/proceedings/ncipet/number10/5267-1079,,,2100593343,,0,030-258-766-754-647; 057-848-164-795-839; 089-897-532-399-365; 102-475-675-632-290; 115-759-134-698-883; 175-659-856-766-348; 190-788-427-963-911,0,false,,
136-311-660-981-909,Challenges to Digital Forensic Evidence,2005-09-19,2005,book chapter,Forensic Computer Crime Investigation,21547246,CRC Press,,Fred Cohen,,,,,,,,,,,,http://dx.doi.org/10.1201/9781420028379.ch7,,10.1201/9781420028379.ch7,,,0,,0,false,,
136-785-985-011-040,Impediments in Mobile Forensics,,2021,book chapter,"Advances in Digital Crime, Forensics, and Cyber Terrorism",23270381; 23270373,IGI Global,,Vani Thangapandian,"<jats:p>In this digital era, the usage of mobile phones in daily life has become inextricable due to the facilities and the level of sophistication it offers. Proportionately, the crimes and offenses involving the mobile devices are growing in rapid speed. Whenever a crime occurs in a spot, the forensic team will arrive there to identify and locate the evidence of the criminals. If the crime involves digital equipment like computers and laptop, then digital forensic team will investigate and analyze the devices for digital evidence collection. These days, mobile phones have the capability to offer any kind of information and services digitally on top of the palm of the user. Anything is available on the hands with a single touch on the screen of the mobile devices. It also offers to the adversaries many digital services which are harmful to the societies. The fast-paced advancement in the digital front paves the way for many digital crimes. Hence, a new field, mobile forensics, emerges out to trace the evidence, but it faces many challenges due to the dynamic nature of the digital technologies. </jats:p>",,,134,144,Political science; Computer security; Mobile device forensics,,,,,https://www.igi-global.com/chapter/impediments-in-mobile-forensics/267485,http://dx.doi.org/10.4018/978-1-7998-4900-1.ch008,,10.4018/978-1-7998-4900-1.ch008,3110643379,,0,000-490-412-762-138; 014-261-775-435-338; 016-249-712-217-983,0,false,,
137-169-298-997-386,Non-Technical Manipulation of Digital Data,,,book chapter,Advances in Digital Forensics,,Kluwer Academic Publishers,,Michael Losavio,"This paper investigates basic issues related to the use of digital evidence in courts. In particular, it analyzes the basic legal test of authenticity of evidence with respect to an e-mail tool that can be used to manipulate evidence. The paper also examines the experiences and perceptions of U.S. state judicial officers regarding digital evidence, and reviews case law on how such evidence might be tested in the courts. Finally, it considers ethical and social issues raised by digital evidence and the mitigation of problems related to digital evidence.",,,51,63,Common law; Perception; Test (assessment); Digital data; Digital evidence; Public relations; Computer science; State (computer science); Social issues,,,,,https://link.springer.com/content/pdf/10.1007/0-387-31163-7_5.pdf https://rd.springer.com/chapter/10.1007/0-387-31163-7_5 https://link.springer.com/chapter/10.1007/0-387-31163-7_5 https://link.springer.com/10.1007/0-387-31163-7_5,http://dx.doi.org/10.1007/0-387-31163-7_5,,10.1007/0-387-31163-7_5,82524396,,0,010-501-064-578-919; 021-674-370-255-725; 057-756-766-800-780; 059-577-872-928-63X; 065-616-911-667-484; 094-266-623-383-166; 094-274-159-814-689; 140-469-055-509-379; 143-851-955-290-065; 150-825-939-406-35X,4,true,,bronze
137-402-861-825-929,Professionalism in digital forensics,2014-01-21,2014,journal article,Digital Evidence and Electronic Signature Law Review,20548508; 17564611,School of Advanced Study,Spain,Alistair Irons; Anastasia Konstadopoulou,Alastair Irons and Anastasia Konstadopoulou explore some of the issues that affect the emergence of a new breed of expert: the digital forensic specialist.,4,0,,,Computer science; Multimedia; Computer forensics; Digital forensics,,,,,https://journals.sas.ac.uk/deeslr/article/view/1798 https://sas-space.sas.ac.uk/5584/ https://sure.sunderland.ac.uk/id/eprint/1661/,http://dx.doi.org/10.14296/deeslr.v4i0.1798,,10.14296/deeslr.v4i0.1798,2074474473,,0,,0,true,cc-by-nc-nd,hybrid
137-617-097-405-934,Exploring Big Haystacks,,2006,book chapter,IFIP Advances in Information and Communication Technology,18684238; 1868422x,Springer New York,Germany,Mark Pollitt; Anthony Whitledge,"The proliferation of computer-generated evidence in court proceedings during the last fifteen years has given rise to the new science of digital forensics and a new breed of law enforcement officials, “computer forensic examiners,” who apply the rules of evidence, investigative methods and sophisticated technical skills to analyze digital data for use in court proceedings. This paper explores the technical challenges facing the law enforcement community and discusses the application of data mining and knowledge management techniques to cope with the increasingly massive data sets involved in digital forensic investigations.",222,,67,76,Internet privacy; Data science; Digital forensic process; Digital data; Rules of evidence; Law enforcement; Technical skills; Computer science; Computer forensics; Digital forensics,,,,,https://rd.springer.com/chapter/10.1007/0-387-36891-4_6 http://ui.adsabs.harvard.edu/abs/2006adf..book...67P/abstract https://link.springer.com/chapter/10.1007%2F0-387-36891-4_6,http://dx.doi.org/10.1007/0-387-36891-4_6,,10.1007/0-387-36891-4_6,54587564,,0,000-455-132-604-844; 001-009-008-665-240; 013-246-076-655-612; 020-944-423-224-895; 047-387-833-962-090; 120-652-544-549-072; 134-181-885-341-288; 138-904-934-956-767,10,true,,bronze
137-755-137-054-864,Current Challenges and Future Research Areas for Digital Forensic Investigation,2016-04-13,2016,,arXiv: Cryptography and Security,,,,David Lillis; Brett A. Becker; Tadhg O'Sullivan; Mark Scanlon,"Given the ever-increasing prevalence of technology in modern life, there is a corresponding increase in the likelihood of digital devices being pertinent to a criminal investigation or civil litigation. As a direct consequence, the number of investigations requiring digital forensic expertise is resulting in huge digital evidence backlogs being encountered by law enforcement agencies throughout the world. It can be anticipated that the number of cases requiring digital forensic analysis will greatly increase in the future. It is also likely that each case will require the analysis of an increasing number of devices including computers, smartphones, tablets, cloud-based services, Internet of Things devices, wearables, etc. The variety of new digital evidence sources pose new and challenging problems for the digital investigator from an identification, acquisition, storage and analysis perspective. This paper explores the current challenges contributing to the backlog in digital forensics from a technical standpoint and outlines a number of future research topics that could greatly contribute to a more efficient digital forensic process.",,,,,Criminal investigation; Variety (cybernetics); Data science; Digital forensic process; Law enforcement; Digital evidence; Digital forensic investigation; Computer science; Operations research; Identification (information); Cloud computing; Digital forensics,,,,,https://128.84.21.199/abs/1604.03850 http://export.arxiv.org/pdf/1604.03850 https://arxiv.org/pdf/1604.03850.pdf https://arxiv.org/abs/1604.03850,https://128.84.21.199/abs/1604.03850,,,2739334709,,0,000-360-120-513-679; 002-927-911-483-709; 004-343-329-602-307; 016-536-694-167-514; 016-817-717-158-92X; 022-766-026-073-29X; 027-158-847-348-062; 028-377-551-687-707; 028-821-728-710-895; 044-353-273-186-518; 049-570-763-365-976; 050-513-243-638-138; 051-558-525-539-694; 055-614-100-530-52X; 060-313-281-512-110; 066-235-037-082-291; 069-142-686-443-428; 079-070-981-899-105; 098-748-261-333-651; 102-602-192-826-532; 117-228-671-518-737; 118-838-969-146-870; 121-830-676-400-128; 124-912-663-881-389; 126-916-335-288-384; 129-080-110-367-50X; 131-516-331-360-906; 134-927-490-231-285; 137-228-565-856-56X; 163-330-758-807-944,52,true,,
137-975-590-903-232,A Robust Copy Move Tamper Detection and LocalizationMethod for Image Forensics,2020-07-12,2020,,,,,,P.Raja Mani;  Kumar; P.Surya Chandra; G.Santoshi Kumari,"In today’s digital world cyber crimes and unethical practices are becoming extensive day by day.; The fast growth of technology and easy access to Internet has created a large amount of digital data among which; multimedia data is the key to various cyber crimes. Images are a trustworthy media of expression which are; considered as digital evidence in fields of Image forensics. The technological advancements in digital image; processing has brought many sophisticated tools driving to photo hoaxes in crime detection, digital forensic; investigations, medical imaging, copyright protection, media, legal proceedings, political campaigns, fashion; industry, etc. Digital images are being created and modified very easily eroding the trust in the truthfulness of; the images which is a major concern in law during evidence submission. Though different image tampering; mechanisms were developed, each of it has its own limitation which has driven towards the proposed method in; this paper. This paper describes an image authentication mechanism that can be incorporated into existing image; acquisition model addressing the issue of image tamper detection and copy move tamper localization for verifying; the integrity of the image that acts as evidence in the court of law.",7,17,1522,1530,Digital image processing; The Internet; Authentication (law); Key (cryptography); Digital data; Digital evidence; Computer security; Computer science; Digital image; Digital forensics,,,,,http://www.jcreview.com/index.php?mno=4392,http://www.jcreview.com/index.php?mno=4392,,,3042025051,,0,,0,false,,
138-108-003-954-715,An Abstract Digital Forensic Model,,2006,journal article,Computer Engineering,10003428,,,Zhang Jin,"This article introduces the concept of digital forensics and digital forensic model,compares the difference between the usage of digitalforensic in criminal investigating and in enterprise environment.Then,considering the usage of digital forensic in non-digital criminal fields,itprovides an abstract digital forensic model that is based on the former work of other experts.The new abstract model,which describes the process ofdigital forensic as a forensic cycle,focuses on the actor of forensic instead of the evidence itself.It is general enough to describe the character ofdigital forensic in both digital criminal and non-digital criminal fields,and abstract enough to fit not only law enforcement users,but also forenterprise users.",,,,,Forensic profiling; Criminal investigation; Forensic science; Law enforcement; Computer security; Computer science; Process (engineering); Computer forensics; Digital forensics,,,,,http://en.cnki.com.cn/Article_en/CJFDTotal-JSJC200601056.htm,http://en.cnki.com.cn/Article_en/CJFDTotal-JSJC200601056.htm,,,2363098188,,0,,0,false,,
138-443-620-719-241,Chapter 6 Investigating digital crime,,2016,book chapter,,,,,Robin Bryant; Ian Kennedy,"This is a chapter from 'Policing Digital Crime' that explores the nature of investigating digital crime, covering intelligence-led policing, models of criminal and digital crime investigation, along with cooperation practices with ISPs and ICANN. There is also coverage of the use of covert techniques, working with encrypted data and the different types of digital evidence, along with the associated digital forensic standards and accreditation that must be followed.",,,,,Internet privacy; Encryption; Covert; Digital evidence; Crime investigation; Computer science; Accreditation; Digital forensics,,,,,http://oro.open.ac.uk/73733/,http://oro.open.ac.uk/73733/,,,3125390142,,0,,0,false,,
139-472-153-252-310,Increasing digital investigator availability through efficient workflow management and automation,,2016,conference proceedings article,2016 4th International Symposium on Digital Forensic and Security (ISDFS),,IEEE,,Ronald In de Braekt; N-A. Le-Khac; Jason Farina; Mark Scanlon; Tahar Kechadi,"The growth of digital storage capacities and diversity devices has had a significant time impact on digital forensic laboratories in law enforcement. Backlogs have become commonplace and increasingly more time is spent in the acquisition and preparation steps of an investigation as opposed to detailed evidence analysis and reporting. There is generally little room for increasing digital investigation capacity in law enforcement digital forensic units and the allocated budgets for these units are often decreasing. In the context of developing an efficient investigation process, one of the key challenges amounts to how to achieve more with less. This paper proposes a workflow management automation framework for handling common digital forensic tools. The objective is to streamline the digital investigation workflow — enabling more efficient use of limited hardware and software. The proposed automation framework reduces the time digital forensic experts waste conducting time-consuming, though necessary, tasks. The evidence processing time is decreased through server-side automation resulting in 24/7 evidence preparation. The proposed framework increases efficiency of use of forensic software and hardware, reduces the infrastructure costs and license fees, and simplifies the preparation steps for the digital investigator. The proposed approach is evaluated in a real-world scenario to evaluate its robustness and highlight its benefits.",,,68,73,Automation; Software engineering; Engineering; Workflow management system; Workflow; Digital asset management; Workflow engine; Workflow technology; Software; Computer security; Digital forensics,,,,,https://markscanlon.co/papers/IncreasingDigitalInvestigatorAvailability.pdf https://researchrepository.ucd.ie/bitstream/10197/7620/1/40_ISDFS16_WF.pdf https://forensicsandsecurity.com/papers/IncreasingDigitalInvestigatorAvailability.php https://markscanlon.co/papers/IncreasingDigitalInvestigatorAvailability.php https://ieeexplore.ieee.org/document/7473520/ https://arxiv.org/abs/1708.09053 http://ieeexplore.ieee.org/document/7473520/ https://forensicsandsecurity.com/papers/IncreasingDigitalInvestigatorAvailability.pdf https://researchrepository.ucd.ie/handle/10197/7620 https://ui.adsabs.harvard.edu/abs/2017arXiv170809053I/abstract https://dblp.uni-trier.de/db/journals/corr/corr1708.html#abs-1708-09053,http://dx.doi.org/10.1109/isdfs.2016.7473520,,10.1109/isdfs.2016.7473520,2402957437,,0,005-116-312-278-527; 017-815-064-018-299; 019-698-064-288-240; 037-789-654-228-885; 038-668-970-194-854; 066-235-037-082-291; 078-598-867-814-365; 086-091-202-010-191; 101-128-114-600-974; 110-592-244-494-263; 112-271-248-774-110; 120-361-603-676-195; 124-204-861-400-331; 137-292-579-653-532; 137-755-137-054-864; 153-813-507-607-845; 162-110-149-751-921; 188-694-164-903-482,8,true,cc-by-nc-nd,green
139-924-660-355-079,"Digital Forensics AI: Evaluating, Standardizing and Optimizing Digital Evidence Mining Techniques",2022-05-12,2022,journal article,KI - Künstliche Intelligenz,09331875; 16101987,Springer Science and Business Media LLC,,Abiodun A. Solanke; Maria Angela Biasiotti,"<jats:title>Abstract</jats:title><jats:p>The impact of AI on numerous sectors of our society and its successes over the years indicate that it can assist in resolving a variety of complex digital forensics investigative problems. Forensics analysis can make use of machine learning models’ pattern detection and recognition capabilities to uncover hidden evidence in digital artifacts that would have been missed if conducted manually. Numerous works have proposed ways for applying AI to digital forensics; nevertheless, scepticism regarding the opacity of AI has impeded the domain’s adequate formalization and standardization. We present three critical instruments necessary for the development of sound machine-driven digital forensics methodologies in this paper. We cover various methods for evaluating, standardizing, and optimizing techniques applicable to artificial intelligence models used in digital forensics. Additionally, we describe several applications of these instruments in digital forensics, emphasizing their strengths and weaknesses that may be critical to the methods’ admissibility in a judicial process.</jats:p>",,,,,Digital forensics; Computer science; Standardization; Process (computing); Computer forensics; Digital evidence; Strengths and weaknesses; Data science; Domain (mathematical analysis); Variety (cybernetics); Artificial intelligence,,,,Alma Mater Studiorum - Università  di Bologna,,http://dx.doi.org/10.1007/s13218-022-00763-9,,10.1007/s13218-022-00763-9,,,0,000-452-908-115-500; 003-137-879-936-770; 003-360-732-233-044; 005-465-138-684-882; 006-110-132-701-331; 006-915-702-173-584; 007-017-884-126-763; 007-123-902-810-016; 007-514-616-400-882; 008-758-179-867-86X; 009-803-691-567-926; 010-591-271-586-999; 010-963-610-208-920; 011-869-845-196-579; 011-973-615-168-206; 013-193-200-485-010; 017-866-764-672-013; 018-339-128-070-611; 021-122-712-929-959; 021-152-929-670-076; 021-495-249-615-203; 021-709-633-408-146; 021-716-208-836-655; 022-001-306-594-001; 022-890-782-823-074; 023-113-470-652-173; 024-470-739-770-394; 025-218-336-182-063; 025-949-648-968-582; 026-637-070-870-880; 026-706-598-228-85X; 026-716-755-237-573; 027-879-891-266-259; 029-011-000-053-812; 030-025-798-038-613; 030-244-355-954-065; 033-225-943-167-901; 036-112-898-081-145; 036-384-272-299-395; 038-851-975-868-307; 040-024-171-977-455; 041-131-516-156-274; 041-351-456-338-328; 042-975-716-732-789; 045-287-244-826-938; 045-591-020-022-945; 048-011-673-789-33X; 048-689-227-588-57X; 048-802-610-388-273; 054-208-541-333-61X; 055-284-632-827-86X; 056-966-379-476-801; 058-717-000-287-105; 059-149-073-001-124; 059-878-189-173-964; 063-034-594-210-284; 064-549-392-650-90X; 065-574-846-834-06X; 067-253-447-599-854; 069-812-790-278-688; 071-925-887-884-193; 072-231-013-731-09X; 072-900-763-568-602; 073-427-478-125-189; 074-182-263-979-316; 075-431-891-877-59X; 075-859-615-742-549; 076-668-645-822-018; 077-902-632-083-884; 080-245-103-101-902; 083-012-787-425-351; 085-332-269-532-11X; 086-653-920-850-621; 088-142-137-151-413; 094-159-592-916-885; 095-263-442-186-414; 096-185-757-909-037; 096-838-446-149-582; 098-340-878-853-594; 098-669-156-394-924; 099-538-623-020-689; 101-549-415-202-81X; 102-940-527-584-734; 103-760-328-285-801; 106-604-221-665-323; 106-820-019-891-26X; 107-362-112-311-662; 108-877-455-100-938; 110-366-692-800-871; 112-744-755-472-229; 113-460-781-457-18X; 113-743-452-135-075; 117-555-147-368-574; 119-357-929-624-478; 120-806-014-141-917; 129-758-715-381-618; 131-559-179-609-745; 137-320-213-389-496; 139-320-230-645-968; 142-790-196-752-819; 143-176-456-443-067; 146-785-925-828-561; 154-735-209-819-28X; 156-905-641-435-682; 162-183-378-458-523; 168-213-788-701-998; 172-928-027-348-61X; 176-679-069-400-341; 176-882-505-758-504; 182-614-300-667-701,1,true,,hybrid
139-974-404-211-645,Enabling the remote acquisition of digital forensic evidence through secure data transmission and verification,2009-09-01,2009,dissertation,,,,,Mark Scanlon,"Providing the ability to any law enforcement officer to remotely transfer an image from any suspect computer directly to a forensic laboratory for analysis, can only help to greatly reduce the time wasted by forensic investigators in conducting on-site collection of computer equipment. RAFT (Remote Acquisition Forensic Tool) is a system designed to facilitate forensic investigators by remotely gathering digital evidence. This is achieved through the implementation of a secure, verifiable client/server imaging architecture. The RAFT system is designed to be relatively easy to use, requiring minimal technical knowledge on behalf of the user. One of the key focuses of RAFT is to ensure that the evidence it gathers remotely is court admissible. This is achieved by ensuring that the image taken using RAFT is verified to be identical to the original evidence on a suspect computer.",,,,,Key (cryptography); Suspect; Digital evidence; Law enforcement officer; Computer equipment; Computer security; Computer science; Data transmission; Digital forensics; Verifiable secret sharing,,,,,https://researchrepository.ucd.ie/bitstream/10197/9276/1/Scanlon_ucd_5090N_10187.pdf https://dblp.uni-trier.de/db/journals/corr/corr1712.html#abs-1712-02529 https://markscanlon.co/papers/EnablingRemoteEvidenceAcquisition.php https://arxiv.org/abs/1712.02529 https://markscanlon.co/papers/EnablingRemoteEvidenceAcquisition.pdf https://researchrepository.ucd.ie/handle/10197/9276,https://dblp.uni-trier.de/db/journals/corr/corr1712.html#abs-1712-02529,,,2963345939,,0,,0,true,,
140-305-780-687-652,ACISP (1) - Exploring the Space of Digital Evidence --- Position Paper,2016-06-30,2016,book chapter,Information Security and Privacy,03029743; 16113349,Springer International Publishing,Germany,Carsten Rudolph,"Digital evidence is much more than what is acquired during forensic investigations. In particular when building systems that are supposed to provide secure digital evidence it is necessary to clearly define requirements. Various work on forensic evidence provides different sets of such requirements. Also ISO standardization work is concerned with forensic evidence. However, currently there is no full overview of the different relevant areas for digital evidence that can be used for guidance in the requirement phase of system engineering. Furthermore, a rigorous specification of requirements for digital evidence is missing. Formal methods have been applied to security protocols and other types of requirements, but not to describe the various requirements of digital evidence.; ; One approach towards defining the available space for digital evidence suggests three dimensions. First, and most obviously, is the time when data is collected, processed, retained and correlated for potential forensic use. This dimension includes data collected at run-time, data collected for particular transactions, in case of deviations, for incidents, ""post-mortem"" forensic investigations, and the digitization of evidence for court procedures. The second dimension describes the goal for which digital evidence is produced. This can be either for showing compliance, i.e. for proving that somebody was not responsible for some incident or for showing malicious events that happened and to find who did what. Finally, the third dimension consists of the actual information to be documented. Examples are the documentation of the normal system behaviour, compliance information, accidents, safety issues, malicious behaviour, identity information and various relevant parameters. A formal framework for security requirements that was developed for security requirements engineering is one promising candidate to derive a precise characterization of requirements for digital evidence in the different areas of the available evidence space.; ; This paper is a position paper to drive the discussion and development in forensic readiness and security of digital evidence.",,,249,262,Security engineering; Dimension (data warehouse); Digitization; Digital evidence; Cryptographic protocol; Computer security; Computer science; Documentation; Requirements engineering; Formal methods,,,,,https://link.springer.com/chapter/10.1007/978-3-319-40253-6_15/fulltext.html https://link.springer.com/10.1007/978-3-319-40253-6_15 https://link.springer.com/chapter/10.1007/978-3-319-40253-6_15 https://rd.springer.com/chapter/10.1007/978-3-319-40253-6_15 https://dblp.uni-trier.de/db/conf/acisp/acisp2016-1.html#Rudolph16 https://research.monash.edu/en/publications/exploring-the-space-of-digital-evidence-position-paper,http://dx.doi.org/10.1007/978-3-319-40253-6_15,,10.1007/978-3-319-40253-6_15,2501575478,,0,006-839-535-410-076; 012-084-405-303-445; 020-329-030-871-632; 020-633-325-161-845; 025-178-552-649-015; 039-654-772-201-039; 039-920-599-434-857; 046-143-775-958-052; 069-754-697-292-909; 070-208-702-021-941; 072-685-361-373-117; 091-540-399-535-662; 103-834-991-801-672; 126-101-628-029-477; 126-244-032-752-857; 144-924-692-716-271,0,false,,
140-402-089-386-286,IFIP Int. Conf. Digital Forensics - Survey of Law Enforcement Perceptions Regarding Digital Evidence,,,book chapter,Advances in Digital Forensics III,,Springer New York,,Marcus K. Rogers; K. Scarborough; K. Frakes; C. San Martin,"This paper analyzes state and local law enforcement agents’ perceptions about prosecutors’ knowledge of digital evidence and their willingness to prosecute cases involving digital evidence, and agents’ perceptions about judges’ knowledge of digital evidence and their willingness to admit digital evidence in legal proceedings, Statistical analysis indicates that a significant negative correlation exists between the size of the population served by law enforcement agents and their perceptions about judges’ knowledge of digital evidence and willingness to admit digital evidence. Also, positive relationships exist between the size of the population served and law enforcement perceptions of prosecutors’ knowledge of digital evidence and willingness to prosecute digital evidence cases, and perceptions about judges’ willingness to admit digital evidence. The implications of these findings are discussed along with suggestions for future research.",,,41,52,Perception; Law enforcement; Digital evidence; Population; Statistical analysis; Significant negative correlation; Computer security; Public relations; Computer science,,,,,https://doi.org/10.1007/978-0-387-73742-3_3 https://rd.springer.com/chapter/10.1007/978-0-387-73742-3_3 https://link.springer.com/content/pdf/10.1007%2F978-0-387-73742-3_3.pdf https://link.springer.com/chapter/10.1007/978-0-387-73742-3_3 https://dblp.uni-trier.de/db/conf/ifip11-9/df2007.html#RogersSFM07,http://dx.doi.org/10.1007/978-0-387-73742-3_3,,10.1007/978-0-387-73742-3_3,1482195127,,0,007-790-059-029-953; 054-461-258-150-016; 062-788-502-964-113; 108-837-763-480-251; 127-425-208-989-970; 129-360-320-775-188; 138-097-495-143-351; 172-965-192-520-527; 182-674-830-288-332; 182-962-922-039-081,13,true,,bronze
140-478-194-625-69X,Process Model of Digital Evidence Information Processing,,2005,journal article,Journal of Military Communications Technology,,,,Dai Jiang-shan,"Based on the analysis of the digital evidence characteristics, the new digital evidence information processing process model in network forensics was proposed. The key questions including the integrity, storage and analysis of the digital evidence information in the model were discussed and the new corresponding solutions were proposed. After data structure conversion and integrity processing, the evidence information coming from multi-sources was stored in the data depository. The evidence information in the data depository was analyzed by the combination of forward inference and backward inference.",,,,,Data mining; Data structure; Network security; Key (cryptography); Inference; Digital evidence; Computer science; Process (engineering); Network forensics; Information processing,,,,,http://en.cnki.com.cn/Article_en/CJFDTOTAL-JSTY200501001.htm,http://en.cnki.com.cn/Article_en/CJFDTOTAL-JSTY200501001.htm,,,2388121702,,0,,0,false,,
140-482-350-158-395,Windows 10 Memory Compression in Digital Forensics - Uncovering Digital Evidence in Compressed Swap,,2018,dissertation,,,,,Aleksander Østerud,,,,,,Swap (computer programming); Digital evidence; Computer science; Digital forensics; Computer hardware,,,,,https://ntnuopen.ntnu.no/ntnu-xmlui/handle/11250/2626390,https://ntnuopen.ntnu.no/ntnu-xmlui/handle/11250/2626390,,,3048054343,,0,,0,false,,
140-493-410-443-379,"From Computer Forensics to Forensic Computing: Investigators Investigate, Scientists Associate",,2014,,,,,,Andreas Dewald; Felix C. Freiling,"This paper draws a comparison of fundamental theories in traditional forensic science and the state of the art in current computer forensics, thereby identifying a certain disproportion between the perception of central aspects in common theory and the digital forensics reality. We propose a separation of what is currently demanded of practitioners in digital forensics into a rigorous scientific part on the one hand, and a more general methodology of searching and seizing digital evidence and conducting digital investigations on the other. We thereby mark out the route for computer forensics to turn into a true forensic science. To illustrate the feasibility of the proposed path, we supply a couple of practical examples, as well as a list of exemplary questions that should be answered by digital forensic scientists.",,,,,Data science; Digital evidence; Forensic computing; Computer science; State (computer science); Computer forensics; Digital forensics,,,,,https://opus4.kobv.de/opus4-fau/files/4750/computer_forensics_is_not_forensic_science.pdf https://opus4.kobv.de/opus4-fau/frontdoor/index/index/docId/4750,https://opus4.kobv.de/opus4-fau/frontdoor/index/index/docId/4750,,,3157628289,,0,,0,false,,
140-825-093-817-83X,"Special Issue: Eminence in Applied Computing and Management Conference Held in DBACER Nagpur, India Tracebility in Digital Forensic Investigation Process",,2012,,,,,,Tabassum Khan,"Digital forensic is part of forensic science that implicitly covers crime that is related to computer technology. In a cyber crime, digital evidence investigation requires a special procedures and techniques in order to be used and be accepted in court of law. Generally, the goals of these special processes are to identify the origin of the incident reported as well as maintaining the chain of custody so that the legal process can take its option. Subsequently, the traceability process has become a key or an important element of the digital investigation process, as it is capable to map the events of an incident from difference sources in obtaining evidence of an incident to be used for other auxiliary investigation aspects.",,,,,Chain of custody; Engineering; Traceability; Element (criminal law); Data science; Legal process; Digital evidence; Computer technology; Computer security; Process (engineering); Digital forensics,,,,,,,,,2303864029,,0,006-188-040-575-112; 049-725-727-285-251; 071-292-048-830-963; 083-748-184-402-072; 084-559-361-318-175; 089-888-017-780-685,0,false,,
140-913-287-796-360,Applications and Trends of Digital/Electronic Evidence in Chinese Litigation,2012-06-14,2012,book chapter,Electronic Technology and Civil Procedure,,Springer Netherlands,,Baosheng Zhang; Huangxun Chen,"This paper analyzes several recent cases and introduces general regulations governing the collection and the presentation of digital evidence in China. To ensure the integrity, authenticity, and originality of the obtained digital evidence, the collection and examination of digital evidence requires strict compliance of technical protocols. In any litigation related to digital evidence, forensic experts can play a role in cross-examine the forensic expertise. In judging the reliability of digital evidence, however, in addition to the reliability of scientific principles, should we put more emphasis on the reliability of scientific inference? In conclusion, in order to provide for greater application of digital evidence in fact-finding, the following considerations are important: stricter technical protocols and standards should be written into the law in China; general rules in the evidence law should not be ignored but applied to digital evidence with the emphasis of uniqueness and technicality of digital evidence; and, the judge’s discretion carries a very special meaning.",,,305,323,Order (exchange); Presentation; Originality; Discretion; Judicial interpretation; Meaning (existential); Digital evidence; Media studies; Computer science; Reliability (statistics); Engineering ethics,,,,,https://link.springer.com/chapter/10.1007%2F978-94-007-4072-3_17 https://rd.springer.com/chapter/10.1007/978-94-007-4072-3_17 https://link.springer.com/chapter/10.1007/978-94-007-4072-3_17/fulltext.html,http://dx.doi.org/10.1007/978-94-007-4072-3_17,,10.1007/978-94-007-4072-3_17,23160792,,0,,1,false,,
140-934-952-926-851,Digital Evidence And Computer Crime Forensic Science Computers And The Internet,,2016,,,,,,Katharina Wagner,,,,,,Internet privacy; The Internet; Forensic science; Digital evidence; Computer science; Computer forensics; Digital forensics,,,,,,,,,2494592986,,0,125-061-428-492-440,0,false,,
141-182-449-198-823,Challenges To Digital Forensic Evidence,,2008,book,,,,,F Cohen,,,,,,Data science; Computer science; Digital forensics,,,,,https://openlibrary.org/books/OL26139379M/Challenges_To_Digital_Forensic_Evidence https://www.amazon.com/Challenges-Digital-Forensic-Evidence-Cohen/dp/1878109413,https://openlibrary.org/books/OL26139379M/Challenges_To_Digital_Forensic_Evidence,,,2478929913,,0,,23,false,,
142-007-449-034-886,Digital Forensics In Multimedia,2022-07-26,2022,journal article,Advances in Multidisciplinary and scientific Research Journal Publication,24888699,Creative Research Publishers,,Frey John Wisdom,"<jats:p>Digital forensics and multimedia forensics are rapidly growing disciplines where electronic information is extracted and interpreted using scientifically accepted and validated processes, to be used in and outside of a court of law. As personal computing and the internet becomes more widespread, these two fields are becoming increasingly important in law enforcement and cybercrime investigation.Digital forensics involves investigating computer systems and digital artefacts in general, while multimedia forensics is a sub-topic of digital forensics which focuses on extracting and analyzing contents such as images, videos, and audio to produce forensic evidence from both regular computer systems and special multimedia devices, such as digital cameras, voice recorders etc.  This paper seeks to shed some light on digital forensics in multimedia, methods of authentication and challenges.  Keywords: Forensics, Multimedia, Scrutiny, Analysis, Video, Voice, Data, Camera, Authentication  BOOK Chapter ǀ Research Nexus in IT, Law, Cyber Security &amp; Forensics. Open Access. Distributed Free  Citation: Frey John Wisdom (2022): Digital Forensics In Multimedia Book Chapter Series on Research Nexus in IT, Law, Cyber Security &amp; Forensics. Pp 239-250 www.isteams.net/ITlawbookchapter2022. dx.doi.org/10.22624/AIMS/CRP-BK3-P39</jats:p>",1,1,239,250,Computer forensics; Computer science; Digital forensics; Digital evidence; Law enforcement; Multimedia; Authentication (law); Cybercrime; The Internet; Nexus (standard); Computer security; World Wide Web,,,,,,http://dx.doi.org/10.22624/aims/crp-bk3-p39,,10.22624/aims/crp-bk3-p39,,,0,,0,false,,
142-414-230-751-379,A New Network Forensic Investigation Process Model,2021-07-23,2021,book chapter,Mobile Computing and Sustainable Informatics,23674512; 23674520,Springer Singapore,,Rachana Yogesh Patil; Manjiri Arun Ranjanikar,"The procedure of the identification and analysis of electronic data is the digital forensics framework. The purpose of the procedure is to retain evidence in its primordial form by gathering, identifying and validating digital information in order to recreate events of the past. For the use of data in a court of law, the context is most appropriate. The evidence aspect of digital forensics requires strict requirements to be followed in court for cross-examination. One major pitfall in the digital forensic analysis is the possible admissibility of collected evidence in the court of law. Digital forensic analysis must comply with the quality of evidence and its admissibility to trial successfully. In this work, we proposed a new network forensic investigation process model. We precisely establish a methodology of investigation for the computer network.",,,139,146,Forensic science; Data science; Cybercrime; Context (language use); Electronic data; Computer science; Process (engineering); Network forensics; Identification (information); Digital forensics,,,,,https://link.springer.com/chapter/10.1007/978-981-16-1866-6_9,http://dx.doi.org/10.1007/978-981-16-1866-6_9,,10.1007/978-981-16-1866-6_9,3186279996,,0,006-352-188-170-383; 007-321-225-339-593; 021-599-175-979-800; 024-846-790-183-200; 026-774-296-742-022; 031-867-800-419-253; 038-212-881-292-334; 059-035-073-799-871; 098-748-261-333-651; 114-090-829-194-843; 140-125-003-352-892,1,false,,
142-682-709-033-759,Stitcher: Correlating digital forensic evidence on internet-of-things devices,,2020,journal article,Forensic Science International: Digital Investigation,26662817,Elsevier BV,,Yee Ching Tok; Chundong Wang; Sudipta Chattopadhyay,"Abstract The increasing adoption of Internet-of-Things (IoT) devices present new challenges to digital forensic investigators and law enforcement agencies when investigation into cybercrime on these new platforms are required. However, there has been no formal study to document actual challenges faced by investigators and whether existing tools help them in their work. Prior issues such as the correlation and consistency problem in digital forensic evidence have also become a pressing concern in light of numerous evidence sources from IoT devices. Motivated by these observations, we conduct a user study with 39 digital forensic investigators from both public and private sectors to document the challenges they faced in traditional and IoT digital forensics. We also created a tool, Stitcher , that addresses the technical challenges faced by investigators when handling IoT digital forensics investigation. We simulated an IoT crime that mimics sophisticated cybercriminals and invited our user study participants to utilize Stitcher to investigate the crime. The efficacy of Stitcher is confirmed by our study results where 96.2% of users indicated that Stitcher assisted them in handling the crime, and 61.5% of users who used Stitcher with its full features solved the crime completely.",35,,301071,,Internet privacy; Private sector; Work (electrical); Cybercrime; Law enforcement; Consistency problem; Computer science; Internet of Things; Digital forensics,,,,Ministry of Education - Singapore,https://www.sciencedirect.com/science/article/abs/pii/S2666281720303681 http://dblp.uni-trier.de/db/journals/corr/corr2003.html#abs-2003-07242 http://www.sciencedirect.com/science/article/pii/S2666281720303681 https://doi.org/10.1016/j.fsidi.2020.301071 https://dblp.uni-trier.de/db/journals/corr/corr2003.html#abs-2003-07242,http://dx.doi.org/10.1016/j.fsidi.2020.301071,,10.1016/j.fsidi.2020.301071,3093759093,,0,001-507-239-208-313; 019-360-393-097-72X; 019-831-293-743-518; 022-056-178-362-107; 035-031-257-128-045; 037-435-312-083-42X; 044-046-807-728-773; 073-194-524-558-213; 097-939-114-561-254; 098-748-261-333-651; 142-388-561-082-054; 150-249-549-372-358; 162-374-469-230-059; 173-034-553-635-460; 177-638-047-045-946,2,true,,green
142-855-067-627-071,IFIP Int. Conf. Digital Forensics - Sensitivity Analysis of Bayesian Networks Used in Forensic Investigations,,2011,book chapter,Advances in Digital Forensics VII,18684238; 18612288; 1868422x; 15715736,Springer Berlin Heidelberg,Germany,Michael Y. K. Kwan; Richard E. Overill; Kam-Pui Chow; Hayson Tse; Frank Y. W. Law; Pierre K. Y. Lai,Research on using Bayesian networks to enhance digital forensic investigations has yet to evaluate the quality of the output of a Bayesian network. The evaluation can be performed by assessing the sensitivity of the posterior output of a forensic hypothesis to the input likelihood values of the digital evidence. This paper applies Bayesian sensitivity analysis techniques to a Bayesian network model for the well-known Yahoo! case. The analysis demonstrates that the conclusions drawn from Bayesian network models are statistically reliable and stable for small changes in evidence likelihood values.,,,231,243,Bayesian probability; Data mining; Bayes factor; Bayesian hierarchical modeling; Sensitivity (control systems); Digital evidence; Bayesian network; Computer science; Variable-order Bayesian network; Digital forensics,,,,,https://rd.springer.com/chapter/10.1007/978-3-642-24212-0_18 https://link.springer.com/content/pdf/10.1007%2F978-3-642-24212-0_18.pdf https://dblp.uni-trier.de/db/conf/ifip11-9/df2011.html#KwanOCTLL11 https://hal.inria.fr/IFIP-AICT-361/hal-01569550 https://link.springer.com/chapter/10.1007/978-3-642-24212-0_18 https://core.ac.uk/display/29915218 https://hal.inria.fr/hal-01569550/document,http://dx.doi.org/10.1007/978-3-642-24212-0_18,,10.1007/978-3-642-24212-0_18,132432527,,0,000-504-450-869-635; 001-829-135-644-040; 010-408-812-989-291; 030-763-851-934-420; 040-308-111-464-679; 043-402-554-537-590; 043-998-602-713-991; 056-037-162-962-984; 058-535-327-639-099; 061-012-225-907-692; 061-090-278-431-919; 064-988-327-019-067; 065-470-964-398-338; 069-345-160-655-24X; 086-021-802-583-184; 100-096-392-613-337; 106-381-155-579-746; 106-964-315-836-68X; 110-967-116-302-536; 118-106-324-643-008; 128-689-131-417-389; 141-229-056-071-851; 160-290-557-977-688; 178-497-763-229-033; 193-236-480-355-230,20,true,cc-by,green
142-896-592-678-249,디지털 포렌식(Digital Forensics) 기술동향,2014-06-01,2014,,,,,,null 박세환; null 최용수; null 박종규,"Computing technology advances storage devices for digital data was stored in the form of cyber-crime also advanced. These social damage caused by the examining digital evidence is very important. In the field of digital forensics and accounting on this evidence to investigate the means by which digital forensics techniques have been developed. This is evidence collection, evidence recovery, through a process of analysis and evidence of legal effect is very important. This study uses file carving related key technologies and anticipated effects and in addition, has been since the early 2000s, research and technological development based on domestic technology development trends and practices, and this technology competitive analysis results. Domestic digital forensics-related skill level has led to global technology hardware, algorithm design for file carving software and related technology development is very vulnerable. In the future, the signature piece of the image based on the file contents with a short piece can calculate correlations between file carving techniques, it is necessary to focus on research. In addition, image file carving technique is a very big country with a global technology market preemption can benefit from domestic industry and economic environment, it is necessary to develop early core skills. In the future, Cyber Forensics and crime prevention, as well as build a verifiable monitoring system for residential life private market demand is expected to increase significantly..",,,1428,1431,Engineering; Key (cryptography); Crime prevention; File carving; Carving; Domestic technology; Digital evidence; Computer security; Image file formats; Digital forensics,,,,,http://www.dbpia.co.kr/Journal/ArticleDetail/NODE02438875?q=%5B%ED%8F%AC%EB%A0%8C%EC%8B%9D%20%EA%B8%B0%EC%88%A0%C2%A7coldb%C2%A72%C2%A751%C2%A73%5D&Multimedia=0&SearchAll=%ED%8F%AC%EB%A0%8C%EC%8B%9D%20%EA%B8%B0%EC%88%A0&isFullText=0&specificParam=0&SearchMethod=0&Sort=1&SortType=desc,http://www.dbpia.co.kr/Journal/ArticleDetail/NODE02438875?q=%5B%ED%8F%AC%EB%A0%8C%EC%8B%9D%20%EA%B8%B0%EC%88%A0%C2%A7coldb%C2%A72%C2%A751%C2%A73%5D&Multimedia=0&SearchAll=%ED%8F%AC%EB%A0%8C%EC%8B%9D%20%EA%B8%B0%EC%88%A0&isFullText=0&specificParam=0&SearchMethod=0&Sort=1&SortType=desc,,,2288111949,,0,,0,false,,
142-929-929-521-000,"Providing Cryptographic Security and Evidentiary Chain-of-Custody with the Advanced Forensic Format, Library, and Tools",2011-05-25,2011,book chapter,New Technologies for Digital Crime and Forensics,,IGI Global,,Simson L. Garfinkel,"<jats:p>This article presents improvements in the Advanced Forensics Format Library version 3 that provide for digital signatures and other cryptographic protections for digital evidence, allowing an investigator to establish a reliable chain-of-custody for electronic evidence from the crime scene to the court room. No other system for handling and storing electronic evidence currently provides such capabilities. This article discusses implementation details, user level commands, and the AFFLIB programmer’s API.</jats:p>",,,1,28,Programmer; Computer science; Computer forensics; Cryptography; Digital forensics; Computer security; Digital evidence; Digital signature; Cryptographic protocol; Operating system; Hash function,,,,,,http://dx.doi.org/10.4018/978-1-60960-515-5.ch001,,10.4018/978-1-60960-515-5.ch001,,,0,015-868-814-003-691; 167-217-419-350-805,0,true,,green
143-065-930-744-958,Analyzing Digital Evidence,2019-02-26,2019,book chapter,Digital Forensics Basics,,Apress,,Nihad A. Hassan,"In the previous chapter, we’ve covered how to capture/create a forensic image of both RAM and hard drive memories. Now, we are ready to move on to the next part of forensic work, which is analyzing acquired images for interesting leads.",,,141,177,Work (electrical); Data science; Digital evidence; Computer science,,,,,https://link.springer.com/chapter/10.1007%2F978-1-4842-3838-7_6,http://dx.doi.org/10.1007/978-1-4842-3838-7_6,,10.1007/978-1-4842-3838-7_6,2918124196,,0,,2,false,,
143-081-093-447-920,Collecting Evidence in Forensic Events and Comparison of the Digital Evidence Practices of Kosovo and Turkey,2021-09-05,2021,journal article,Academic Journal of Interdisciplinary Studies,22814612; 22813993,Richtmann Publishing,,Mensur Morina; Endri Papajorgji; Muhammet Ali Eren,"Evidence is an important concept in order to reveal whether a crime really exists or not and integrate it with all its elements. There are numerous methods of crime scene investigation in forensic cases. During the judgment phase, the most important factor that will help understand and decide the manner in which the incident took place is the evidence that will provide proof with regard to the incident. Therefore, evidence helps prosecutors and judges correctly understand and establish the relationship between the crime and the criminals and prove the committed crime and ensure correct, fair and rapid execution of the trial with the aim of reaching the material truth. Evidence obtained in the crime scene provides information with regard to the manner in which the crime was committed, the time of the crime, thebehaviour of the perpetrator, the suspect, the victim and the crime scene ensuring the establishment of the relationship between them. On the other hand, with the digital systems gaining more placein the life of the society, the crime scene has shifted from a physical environment to a digital one. Consequently, new types of crimes are committed digitally and as a result, the concept of digital evidence has arisen. There are no specific laws on the collection of digital evidence under Kosovo's legislation. On the other hand, there are legal regulations regarding digital evidence in exemplary countries such as Turkey. This study will comprise of the methods of gathering evidence in forensic cases and the comparison of the legal legislation on digital evidence in Kosovo and Turkey.;  ; Received: 5 June 2021 / Accepted: 15 July 2021 / Published: 5 September 2021",10,5,45,45,Forensic science; Crime scene; Political science; Phase (combat); Order (exchange); Legislation; Suspect; Digital evidence; Criminal procedure; Criminology,,,,,https://www.richtmann.org/journal/index.php/ajis/article/view/12638,http://dx.doi.org/10.36941/ajis-2021-0122,,10.36941/ajis-2021-0122,3196444859,,0,,0,true,cc-by-nc,hybrid
143-467-824-641-527,Windows registry harnesser for incident response and digital forensic analysis,2018-12-18,2018,journal article,Australian Journal of Forensic Sciences,00450618; 1834562x,Informa UK Limited,United Kingdom,Avinash Singh; Hein S. Venter; Adeyemi Richard Ikuesan,"The extraction of digital evidence from storage media is a growing concern in digital forensics, due to the time and space complexity in acquiring, preserving and analysing digital evidence. Micros...",52,3,337,353,Information retrieval; Windows Registry; Digital evidence; Incident response; Digital forensic investigation; Computer science; Digital forensics,,,,,https://repository.up.ac.za/handle/2263/68290 https://www.tandfonline.com/doi/full/10.1080/00450618.2018.1551421,http://dx.doi.org/10.1080/00450618.2018.1551421,,10.1080/00450618.2018.1551421,2904398394,,0,001-960-134-177-077; 010-400-879-519-423; 040-393-580-637-973; 043-112-794-493-421; 046-527-367-793-765; 052-859-404-222-610; 055-416-156-661-003; 059-176-636-138-196; 071-953-659-705-163; 074-030-202-389-635; 080-585-092-668-778; 091-011-436-489-252; 118-347-856-286-336; 139-495-561-188-858,10,false,,
143-546-413-886-429,Reconstructing digital evidence,,2011,book chapter,Crime Reconstruction,,Elsevier,,Eoghan Casey,"Digital evidence is defined as any data stored or transmitted using a computer that support or refute a theory of how an offense occurred or that address critical elements of the offense, such as intent or alibi. Homicide, sexual assault, and other violent crimes can involve digital evidence from a wide range of sources, including personal computers, handheld devices, servers, and the Internet, helping investigators reconstruct events and gain insight into the state of mind of individuals. A basic knowledge of these, and how they operate, is required for a complete investigation and reconstruction. Computers and networks should be considered an extension of the crime scene, even when they are not involved directly in facilitating the crime. Information stored and created on computers can be used to answer fundamental questions relating to a crime, including what happened when (sequencing), who was responsible (attribution), and origination of a particular item (evaluation of source).",,,531,548,Internet privacy; The Internet; Psychology; Crime scene; Mobile device; Alibi; Digital evidence; State (computer science); Homicide; Server,,,,,https://www.sciencedirect.com/science/article/pii/B9780123864604000175 https://core.ac.uk/download/226971462.pdf,http://dx.doi.org/10.1016/b978-0-12-386460-4.00017-5,,10.1016/b978-0-12-386460-4.00017-5,1601594371,,0,004-023-060-478-098; 013-522-624-076-098; 019-831-293-743-518; 038-622-207-031-37X; 049-975-399-636-068; 054-047-379-857-436,4,true,,green
143-562-788-834-457,Two-Dimensional Evidence Reliability Amplification Process Model for Digital Forensics,,2008,conference proceedings article,2008 Third International Annual Workshop on Digital Forensics and Incident Analysis,,IEEE,,M. Khatir; S.M. Hejazi; Eriks Sneiders,"Being related to law and state-of-the-art technology, digital forensics needs more discipline than traditional forensics. The variety of types of crimes, distribution of networks and complexity of information and communication technology, add to the complexity of the process of digital investigations. A rigorous and flexible process model is needed to overcome challenges and obstacles in this area. In this paper we propose a digital forensics process, called ""two-dimensional evidence reliability amplification process model"", which presents a detailed digital forensic process model in five main phases and different roles to perform it. At the same time, this iterative process addresses four essential tasks as the umbrella activities that are applicable across all phases and sub-phases. We have also developed a hypothetical solution based on intersection of events and exploit mathematical operations and symbols for making an algorithm to increase the reliability of evidence. This process model is detailed enough to describe the investigation process so that it could possibly provide a guideline that investigators can take advantage of it during a forensics investigation process.",,,21,29,Data mining; Variety (cybernetics); Iterative and incremental development; Business Process Model and Notation; Data science; Digital forensic process; Digital evidence; Computer science; Process (engineering); Reliability (statistics); Digital forensics,,,,,http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000004651704 http://www.diva-portal.org/smash/record.jsf?pid=diva2:185002 http://ieeexplore.ieee.org/document/4651704/ http://su.diva-portal.org/smash/record.jsf?pid=diva2:185002 https://www.computer.org/csdl/proceedings-article/wdfia/2008/3362a021/12OmNzG4gAK https://ieeexplore.ieee.org/document/4651704/,http://dx.doi.org/10.1109/wdfia.2008.11,,10.1109/wdfia.2008.11,2118042228,,0,025-413-390-011-47X; 038-668-970-194-854; 069-126-655-805-537; 172-425-036-894-271; 178-883-713-153-793; 184-948-841-629-735; 199-745-676-923-766,23,false,,
143-631-192-828-386,IFIP Int. Conf. Digital Forensics - The Mitnick Case: How Bayes Could Have Helped,,,book chapter,Advances in Digital Forensics,,Kluwer Academic Publishers,,Thomas Duval; Bernard Jouga; Laurent Roger,"Digital forensics seeks to explain how an attack occurred and who perpetrated the attack. The process relies primarily on the investigator’s knowledge, skill and experience, and is not easily automated. This paper uses Bayesian networks to model the investigative process, with the goal of automating forensic investigations. The methodology engages digital evidence acquired from compromised systems, knowledge about their configurations and vulnerabilities, and the results of previous investigations. All this information is stored in a database that provides a context for an investigation. The utility of the methodology is illustrated by applying it to the well-known Kevin Mitnick case.",,,91,104,Bayes' theorem; Data science; Context (language use); Digital evidence; Bayesian network; Computer security; Computer science; Process (engineering); Digital forensics,,,,,https://link.springer.com/content/pdf/10.1007%252F0-387-31163-7_8.pdf https://link.springer.com/chapter/10.1007/0-387-31163-7_8 https://rd.springer.com/chapter/10.1007/0-387-31163-7_8 https://dblp.uni-trier.de/db/conf/ifip11-9/df2005.html#DuvalJR05,http://dx.doi.org/10.1007/0-387-31163-7_8,,10.1007/0-387-31163-7_8,1786352065,,0,017-191-289-901-83X; 031-441-286-552-722; 086-616-620-831-987; 157-543-791-864-475; 167-920-654-131-455; 180-352-675-042-601,5,true,,bronze
143-720-732-064-351,RESEARCH AREAS FOR D IGITAL FORENSIC INVESTIGATION,,2016,,,,,,David Lillis; Brett A. Becker; Tadhg O'Sullivan; Mark Scanlon,"Given the ever-increasing prevalence of technology in modern life, there is a corresponding increase in the likelihood of digital devices being pertinent to a criminal investigation or civil litigation. As a direct consequence, the number of investigations requiring digital forensic expertise is resulting in huge digital evidence backlogs being encountered by law enforcement agencies throughout the world. It can be anticipated that the number of cases requiring digital forensic analysis will greatly increase in the future. It is also likely that each case will require the analysis of an increasing number of devices including computers, smartphones, tablets, cloud-based services, Internet of Things devices, wearables, etc. The variety of new digital evidence sources poses new and challenging problems for the digital investigator from an identification, acquisition, storage, and analysis perspective. This paper explores the current challenges contributing to the backlog in digital forensics from a technical standpoint and outlines a number of future research topics that could greatly contribute to a more efficient digital forensic process.",,,,,Criminal investigation; Engineering; Variety (cybernetics); Data science; Digital forensic process; Law enforcement; Digital evidence; Computer security; Identification (information); Cloud computing; Digital forensics,,,,,,,,,2479575061,,0,010-271-298-074-19X; 117-228-671-518-737; 137-228-565-856-56X,0,false,,
143-769-642-106-738,"DIGITAL FORENSIC INVESTIGATION, COLLECTION AND PRESERVATION OFDIGITAL EVIDENCE",2014-05-15,2014,,,,,,Vahidin Đaltur; Kemal Hajdarevic,"With computers, and other electronic devices being involved in an increasing number, and; type, of crimes the electronic trace left on electronic media can be a vital part of the legal; process. To ensure acceptance by courts, accepted processes and procedures need to be; acquired and demonstrated which are not dissimilar to the issues surrounding traditional; forensic investigations. Forensic technology makes it possible to: identify privacy issues;; establish a chain of custody for provenance; employ write protection for capture and transfer;; and detect forgery or manipulation. It can extract and mine relevant metadata and content;; enable efficient indexing and searching by curators; and facilitate audit control and granular; access privileges. In recent years, digital forensics has emerged as an essential source of tools; and approaches for facilitating digital preservation and curation, specifically for protecting; and investigating evidence from the past. Institutional repositories and professionals with; responsibilities for personal archives can benefit from forensics in addressing digital; authenticity, accountability and accessibility. Digital personal information must be handled; with due sensitivity and security respecting available standards while demonstrably protecting; its evidential value. A digital forensic investigation is a special case of a digital investigation; where the procedures and techniques that are used will allow the results to be entered into a; court of law. Computer forensics is a new and fast growing field that involves carefully; collecting and examining electronic evidence that not only assesses the damage to a computer; as a result of an electronic attack, but also to recover lost information from such systems to; prosecute criminals. With the growing importance of computer security today and the; seriousness of cyber-crime, it is important for computer professionals to understand the; technology used in computer forensics.; Keywords: Computer forensics, image acquisition, digital preservation, data recovery",,,,,Internet privacy; Electronic media; Engineering; Personally identifiable information; Audit; Write protection; Digital preservation; Computer forensics; Digital forensics; Metadata,,,,,http://eprints.ibu.edu.ba/2534/1/30%20D%20Vahidin.pdf https://eprints.ibu.edu.ba/2534/,https://eprints.ibu.edu.ba/2534/,,,1731903901,,0,057-248-775-735-756; 133-508-126-407-763; 191-841-415-620-862,1,false,,
143-876-200-160-490,IFIP Int. Conf. Digital Forensics - Extracting Evidence Related to VoIP Calls,,2011,book chapter,Advances in Digital Forensics VII,18684238; 18612288; 1868422x; 15715736,Springer Berlin Heidelberg,Germany,David Irwin; Jill Slay,"The Voice over Internet Protocol (VoIP) is designed for voice communications over IP networks. To use a VoIP service, an individual only needs a user name for identification. In comparison, the public switched telephone network requires detailed information from a user before creating an account. The limited identity information requirement makes VoIP calls appealing to criminals. In addition, due to VoIP call encryption, conventional eavesdropping and wiretapping methods are ineffective. Forensic investigators thus require alternative methods for recovering evidence related to VoIP calls. This paper describes a digital forensic tool that extracts and analyzes VoIP packets from computers used to make VoIP calls.",,,221,228,Encryption; Network packet; Voice over IP; Eavesdropping; Public switched telephone network; Computer security; Computer science; Identification (information); Digital forensics; Packet analyzer,,,,,https://link.springer.com/chapter/10.1007%2F978-3-642-24212-0_17 https://link.springer.com/content/pdf/10.1007%2F978-3-642-24212-0_17.pdf https://hal.inria.fr/hal-01569552/document https://dblp.uni-trier.de/db/conf/ifip11-9/df2011.html#IrwinS11 https://rd.springer.com/chapter/10.1007/978-3-642-24212-0_17 https://hal.inria.fr/IFIP-AICT-361/hal-01569552,http://dx.doi.org/10.1007/978-3-642-24212-0_17,,10.1007/978-3-642-24212-0_17,256737674,,0,002-117-942-525-428; 035-448-415-847-226; 049-958-322-737-528; 073-385-512-166-177; 073-842-466-970-527; 118-300-398-355-438,4,true,cc-by,green
143-889-821-467-332,"Advances in digital forensics : IFIP International Conference on Digital Forensics, National Center for Forensic Science, Orlando, Florida",,2005,book,,,,,John Krogstie; Sujeet Shenoi; Martin S. Olivier; Philip Craiger,Calibration Testing of Network Tap Devices.- On the Legality of Analyzing Telephone Call Records.- Survey of Law Enforcement Perceptions Regarding Digital Evidence.- Insider Threat Analysis Using Information-Centric Modeling.- An Integrated System for Insider Threat Detection.- Analysis of Tools for Detecting Rootkits and Hidden Processes.- A Method for Detecting Linux Kernel Module Rootkits.- Future Trends in Authorship Attribution.- The Keyboard Dilemma and Authorship Identification.- Factors Affecting One-Way Hashing of CD-R Media.- Disk Drive I/O Commands and Write Blocking.- A New Process Model for Text String Searching.- Detecting Steganography Using Multi-Class Classification.- Redacting Digital Information from Electronic Devices.- In-Place File Carving.- File System Journal Forensics.- Using Search Engines to Acquire Network Forensic Evidence.- A Framework for Investigating Railroad Accidents.- Forensic Analysis of Xbox Consoles.- Super-Resolution Video Analysis for Forensic Investigations.- Specializing CRISP-DM for Evidence Mining.- Applying the Biba Integrity Model to Evidence Management.- Investigating Computer Attacks Using Attack Trees.- Attack Patterns: A New Forensic and Design Tool.,,,,,Rootkit; Engineering; World Wide Web; Attack; Insider threat; File carving; File system; Digital evidence; Computer security; Computer forensics; Digital forensics,,,,,http://ci.nii.ac.jp/ncid/BA74638951,http://ci.nii.ac.jp/ncid/BA74638951,,,609587869,,0,,0,false,,
144-010-585-607-992,"Duties, Support Functions, and Competencies: Digital Forensics Investigators",,,book chapter,Handbook of Digital and Multimedia Forensic Evidence,,Humana Press,,Larry R. Leibrock,"If the digital forensics profession is to successfully meet both the current and emerging needs and duties inherent in our profession, we need to collaboratively develop, rigorously define, and collectively debate the tasks, practices, and competencies inherent in our investigative activities. The needs discussed in this chapter will serve to represent a consensus of the standards, emerging levels of professional practices, potential adversarial challenges, and development of acceptable levels of digital forensics investigation performance. As we work through this discussion, centering on the tasks, practices, and competencies, transparency of professional practice and better methodological rigor to our investigative work should also be included.",,,91,102,Psychology; Work (electrical); Transparency (behavior); Professional practice; Adversarial system; Public relations; Digital forensics,,,,,https://link.springer.com/chapter/10.1007%2F978-1-59745-577-0_7 https://link.springer.com/content/pdf/10.1007%2F978-1-59745-577-0_7.pdf https://rd.springer.com/chapter/10.1007/978-1-59745-577-0_7,http://dx.doi.org/10.1007/978-1-59745-577-0_7,,10.1007/978-1-59745-577-0_7,2184830914,,0,,1,false,,
144-037-757-292-393,Νομικό πλαίσιο εργαστηρίου ψηφιακής εγκληματολογίας σε στρατιωτικό περιβάλλον,,2017,dissertation,,,,,Αθανασία Κούρμπαση,"In this paper, we examine the science of digital forensic, which is the science that deals with the recognition, preservation, analysis and presentation of digital evidence in a legally acceptable manner, which aims to discover the culprit of an accomplished offense. The research was based on bibliographic references. The first chapter will define the concept of digital forensics. Nowadays, the evidence of an offense is in a digital environment and it becomes quite difficult not only to identify the evidence but also to present it in a legally acceptable manner in court. As a result this science has been developed and is even shared in computer forensics, network forensic, mobile forensics and now in cloud forensics. Subsequently, the second chapter presents the methodologies applied in the digital forensic and the third chapter presents the legal framework that covers these methodologies in general and especially in the military environment.",,,,,Data science; Presentation; Digital evidence; Cloud forensics; Computer science; Computer forensics; Mobile device forensics; Digital forensics,,,,,,,,,2953194841,,0,,0,false,,
144-091-530-168-90X,IWDW - First Digit Law and Its Application to Digital Forensics,,2009,book chapter,Digital Watermarking,03029743; 16113349,Springer Berlin Heidelberg,Germany,Yun Q. Shi,"Digital data forensics, which gathers evidence of data composition, origin, and history, is crucial in our digital world. Although this new research field is still in its infancy stage, it has started to attract increasing attention from the multimedia-security research community. This lecture addresses the first digit law and its applications to digital forensics. First, the Benford and generalized Benford laws, referred to as first digit law, are introduced. Then, the application of first digit law to detection of JPEG compression history for a given BMP image and detection of double JPEG compressions are presented. Finally, applying first digit law to detection of double MPEG video compressions is discussed. It is expected that the first digit law may play an active role in other task of digital forensics. The lesson learned is that statistical models play an important role in digital forensics and for a specific forensic task different models may provide different performance.",5450,,448,453,Statistical model; Forensic science; Benford's law; JPEG; Law; Task (project management); Field (computer science); Computer science; Digital forensics; Numerical digit,,,,,https://doi.org/10.1007/978-3-642-04438-0_37 https://rd.springer.com/chapter/10.1007/978-3-642-04438-0_37 http://doi.org/10.1007/978-3-642-04438-0_37 https://link.springer.com/content/pdf/10.1007/978-3-642-04438-0_37 https://link.springer.com/chapter/10.1007/978-3-642-04438-0_37 https://researchwith.njit.edu/en/publications/first-digit-law-and-its-application-to-digital-forensics http://ui.adsabs.harvard.edu/abs/2009LNCS.5450..448S/abstract https://dblp.uni-trier.de/db/conf/iwdw/iwdw2008.html#Shi08,http://dx.doi.org/10.1007/978-3-642-04438-0_37,,10.1007/978-3-642-04438-0_37,2260605421,,0,004-530-492-547-92X; 027-524-182-531-723; 028-004-296-701-118; 031-540-369-206-706; 063-404-242-915-884; 128-283-873-734-308; 135-262-782-091-897; 136-713-989-335-402; 140-408-113-219-371; 143-695-756-474-732; 158-544-687-139-653; 172-112-498-122-981,2,false,,
144-763-618-319-855,Digital evidence experts in the law enforcement community: understanding the use of forensics examiners by police agencies,2021-01-07,2021,journal article,Security Journal,09551662; 17434645,Palgrave Macmillan Ltd.,United States,Scott H. Belshaw; Brooke Nodeland,"Mobile phones are often used in criminal enterprises as well as by individual offenders. In criminal cases, almost 80–90% of the cases criminal computer forensic examiners work on are related to child pornography (Nodeland et al. J Crim Justice Educ 30:71–90, 2018). In an effort to fight electronic crime and to collect digital evidence for criminal acts, law enforcement agencies are incorporating the collection of tools for analysis of digital evidence, also known as computer forensics, into their law enforcement infrastructure. Police agencies are challenged with the need to train officers to collect digital evidence and keep up with large and evolving technologies such as computer operating systems and cell phone technologies. Digital evidence is now being used to prosecute all types of crimes. Skilled officers and examiners are needed to examine this critical need in the criminal justice system. This research surveyed 59 (N = 59) Texas police agencies in their use of digital forensic examiners. The findings reflect that numerous agencies often use a part-time police officer/examiner to investigate the digital evidence that comes into the agency that can limit the expertise in the agency. Implications for this research are discussed.",,,1,15,Criminal justice; Agency (sociology); Political science; Justice (ethics); Child pornography; Law enforcement; Digital evidence; Public relations; Computer forensics; Digital forensics,,,,,https://link.springer.com/article/10.1057/s41284-020-00276-w,https://link.springer.com/article/10.1057/s41284-020-00276-w,,,3120397426,,0,004-260-804-798-107; 006-638-571-383-289; 012-314-515-683-048; 013-568-618-083-770; 015-875-327-892-861; 026-918-579-601-799; 036-754-354-530-672; 037-793-667-167-120; 044-274-107-809-614; 049-223-763-769-747; 064-150-889-060-337; 067-844-385-207-96X; 073-313-808-035-835; 074-971-049-279-863; 078-327-902-374-330; 085-222-802-372-082; 096-867-891-629-069; 106-215-046-097-04X; 108-837-763-480-251; 112-518-746-315-963; 114-955-439-966-393; 119-531-502-608-218; 164-392-011-156-848; 165-956-283-954-04X,0,false,,
145-084-283-504-363,Digital Forensic and Machine Learning,,2020,book chapter,Cyber Warfare and Terrorism,,IGI Global,,Poonkodi Mariappan; Padhmavathi B.; Talluri Srinivasa Teja,"<jats:p>Digital Forensic as it sounds coerce human mind primarily with exploration of crime. However in the contemporary world, digital forensic has evolved as an essential source of tools from data acquisition to legal action. Basically three stages are involved in digital forensic namely acquisition, analysis and reporting. Digital Forensic Research Workshop (DFRW) defined digital forensic as “Use of Scientifically derived and proven method towards the identification, collection, analysis, interpretation, documentation and presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of event to be criminal”. The hard problem in digital forensic is such that the acquired data need to be cleaned and is required to be intelligible for reading by human. As a solution to this complexity problem a number of tools are present which may be repeated until relevant data is obtained. </jats:p>",,,576,592,Digital forensics; Documentation; Digital evidence; Computer science; Identification (biology); Forensic science; Presentation (obstetrics); Crime scene; Interpretation (philosophy); Event (particle physics); Computer forensics; Data science; Reading (process); Digital recording,,,,,,http://dx.doi.org/10.4018/978-1-7998-2466-4.ch035,,10.4018/978-1-7998-2466-4.ch035,,,0,015-893-932-355-393; 017-358-994-049-12X; 030-351-009-711-953; 038-955-150-444-274; 041-561-245-686-942; 047-630-600-014-492; 087-950-081-760-226; 099-698-112-763-870; 106-164-360-101-150,0,false,,
145-190-693-096-808,Digital Forensic and Machine Learning,,2020,book chapter,Cognitive Analytics,,IGI Global,,Poonkodi Mariappan; Padhmavathi B.; Talluri Srinivasa Teja,"<jats:p>Digital Forensic as it sounds coerce human mind primarily with exploration of crime. However in the contemporary world, digital forensic has evolved as an essential source of tools from data acquisition to legal action. Basically three stages are involved in digital forensic namely acquisition, analysis and reporting. Digital Forensic Research Workshop (DFRW) defined digital forensic as “Use of Scientifically derived and proven method towards the identification, collection, analysis, interpretation, documentation and presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of event to be criminal”. The hard problem in digital forensic is such that the acquired data need to be cleaned and is required to be intelligible for reading by human. As a solution to this complexity problem a number of tools are present which may be repeated until relevant data is obtained. </jats:p>",,,655,672,Digital forensics; Documentation; Digital evidence; Computer science; Identification (biology); Presentation (obstetrics); Forensic science; Computer forensics; Interpretation (philosophy); Crime scene; Event (particle physics); Data science; Reading (process); Digital recording; Digital data,,,,,,http://dx.doi.org/10.4018/978-1-7998-2460-2.ch034,,10.4018/978-1-7998-2460-2.ch034,,,0,015-893-932-355-393; 017-358-994-049-12X; 030-351-009-711-953; 038-955-150-444-274; 041-561-245-686-942; 047-630-600-014-492; 087-950-081-760-226; 099-698-112-763-870; 106-164-360-101-150,0,false,,
146-351-183-180-613,Analysis of Digital Forensic Evidence on Email Delivery Crime,2017-02-25,2017,journal article,Applied Science and Technology,25794086,,,Evans Fuad; null Hasanuddin; Ardi Nugraha,"Digital forensics is the application of science and computer technology to carry out the examination and analysis of electronic evidence and digital evidence in its association with crime. Technically, tech crimes can be divided into off-line crime, semi on-line crime, and cyber crime. Each has its own characteristics, but the main difference between them is the connectedness of public information network (internet). One of the example is defamation via e-mail, to solve these cases the need for an information that can give clues and needed some software for acquisitions or analysis of the evidence in order to get a trace or information that can be used as evidence and accountable in the court. software used is FTK (forensic toolkit), Autopsy, USBwrite Blocker, Hashcalc.",1,1,53,58,Internet privacy; The Internet; Engineering; Social connectedness; Trace (semiology); Software; Digital evidence; Computer technology; Computer forensics; Digital forensics,,,,,https://www.estech.org/index.php/IJSAT/article/view/10 http://www.estech.org/index.php/IJSAT/article/download/10/pdf_1,https://www.estech.org/index.php/IJSAT/article/view/10,,,2625026711,,0,,0,false,,
146-445-848-381-661,SADFE - The law of possession of digital objects: dominion and control issues for digital forensics investigations and prosecutions,,,book,First International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'05),,IEEE Comput. Soc,,Michael Losavio,"The possession of digital objects defines rights and liabilities of the possessor. The nature of digital data, networked systems and data security suggest review of the fundamental concept as applied to digital objects. Possession of digital objects may be separate and distinct from physical possession of storage media and systems. Failure to address this risks error based on misleading evidence as to possession.",,,177,186,Data security; Internet privacy; Possession (law); The Internet; Legislation; Digital data; Computer security; Computer science; Network forensics; Computer forensics; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/sadfe/sadfe2005.html#Losavio05 https://ieeexplore.ieee.org/document/1592531/ https://www.computer.org/csdl/proceedings-article/sadfe/2005/24780177/12OmNyGbIcf https://doi.ieeecomputersociety.org/10.1109/SADFE.2005.25,http://dx.doi.org/10.1109/sadfe.2005.25,,10.1109/sadfe.2005.25,2541348921,,0,011-212-632-773-778; 012-363-528-040-675; 065-616-911-667-484; 067-940-858-920-272; 083-366-581-383-158; 085-214-277-668-01X; 095-634-146-634-286; 176-276-644-762-650; 184-948-841-629-735,7,false,,
146-648-164-865-913,An exploratory forensic acquisition and analysis of digital evidence on the Amazon Kindle,2014-11-24,2014,,,,,,Marcus A. Thompson,,,,,,World Wide Web; Forensic science; Art; Library science; Digital evidence; Amazon rainforest,,,,,https://docs.lib.purdue.edu/dissertations/AAI1565358 https://docs.lib.purdue.edu/cgi/viewcontent.cgi?article=15044&context=dissertations,https://docs.lib.purdue.edu/dissertations/AAI1565358,,,198924737,,0,,1,false,,
146-651-722-674-271,Digital Forensic and Distributed Evidence,2022-07-26,2022,journal article,Advances in Multidisciplinary and scientific Research Journal Publication,24888699,Creative Research Publishers,,Emmanuel Kpakpo Brown,"<jats:p>Digital Forensics investigation is the science and legal process of investigating computer/cybercrimes and digital media or objects to gather evidence. This new and fast evolving field encompasses computer forensics, network forensics, mobile forensics, cloud computing forensics, and IoT forensics; and for this reason have digital evidence distributed widely when the need arises for crime prosecution. Digital evidence must be authentic, accurate, complete, and convincing to the jury for legal admissibility at the court of law. In many instances due to the distributed nature of digital forensic evidence and the legal procedures to be adhered to in evidence gathering at a digital crime scene, presenting at the law courts have proven to be challenging and in some instances inadmissible. Following legal procedures in evidence gathering at a digital crime scene is critical for admissibility and prosecution. This paper aims to discuss digital forensics investigations jurisprudence in relation to distributed digital evidence. For the study to be relevant to policy and practice, forensic tools and frameworks, legal and ethical obligations, and digital evidence handling and admissibility are highlighted. This paper does not follow any forensic investigations process; but rather discusses the need for development and implementation of unique frameworks that could be utilised to gather distributed digital evidence required for admissibility in court.   Keywords - Digital forensics investigations; Digital evidence; Jurisprudence  BOOK Chapter ǀ Research Nexus in IT, Law, Cyber Security &amp; Forensics. Open Access. Distributed Free  Citation: Emmanuel Kpakpo Brown (2022): Digital Forensic and Distributed Evidence Book Chapter Series on Research Nexus in IT, Law, Cyber Security &amp; Forensics. Pp 357-362 www.isteams.net/ITlawbookchapter2022. dx.doi.org/10.22624/AIMS/CRP-BK3-P57</jats:p>",1,1,357,362,Digital evidence; Digital forensics; Computer forensics; Nexus (standard); Computer science; Computer security; Network forensics; Process (computing); Jurisprudence; Data science; Law; Internet privacy; Political science; Embedded system; Operating system,,,,,,http://dx.doi.org/10.22624/aims/crp-bk3-p57,,10.22624/aims/crp-bk3-p57,,,0,,0,true,,bronze
146-746-002-143-845,"Multimedia Forensics and Security: Foundations, Innovations, and Applications",2016-11-18,2016,book,,,,,Aboul Ella Hassanien; Mohamed Mostafa M. Fouad; Azizah Abdul Manaf; Mazdak Zamani; Rabiah Ahmad; Janusz Kacprzyk,"This book presents recent applications and approaches as well as challenges in digital forensic science. One of the evolving challenges that is covered in the book is the cloud forensic analysis which applies the digital forensic science over the cloud computing paradigm for conducting either live or static investigations within the cloud environment. The book also covers the theme of multimedia forensics and watermarking in the area of information security. That includes highlights on intelligence techniques designed for detecting significant changes in image and video sequences. Moreover, the theme proposes recent robust and computationally efficient digital watermarking techniques. The last part of the book provides several digital forensics related applications, including areas such as evidence acquisition enhancement, evidence evaluation, cryptography, and finally, live investigation through the importance of reconstructing the botnet attack scenario to show the malicious activities and files as evidences to be presented in a court.",,,,,Engineering; Digital watermarking; Cryptography; Botnet; Computer security; Network forensics; Information security; Computer forensics; Cloud computing; Digital forensics,,,,,http://dl.acm.org/citation.cfm?id=3029328,http://dl.acm.org/citation.cfm?id=3029328,,,2729253875,,0,,0,false,,
147-053-530-794-048,An Aid to Forensic by prerserving Skype evidences to present it in front of court of law,,2016,journal article,International Journal of Advance Research and Innovative Ideas in Education,23954396,,,Vijay Chauhan; Dinesh Katre,"In the era of 21 st century there has been a huge revolution in the world’s history especially in the digital world. As; ; per the perspective of Information Technology Act 2000/2008, to safeguard the legal admissibility of the digital; ; records, it is mandatory to capture and preserve the digital evidences of digital data and electronic records. Almost; ; every data nowadays is started being stored electronically. At present cell phones are dominating all over the world.; ; Communications through Internet has been increased to a great extent which in return has raised the popularity of; ; VoIP. Skype is a very common example of technology using VoIP service. Skype uses peer-to- peer and Client-Server; ; system. Digital Forensics and data preservation in case of Skype is a challenging task.; ; This Paper includes the glimpse about the Skype, its related work, study of existing mechanism. Through this paper; ; we will propose a forensic tool for Skype that will help investigator to collect the strong data evidence.",2,3,401,406,Internet privacy; The Internet; Information technology; Engineering; Voice over IP; Digital data; Task (project management); Popularity; Service (systems architecture); Computer security; Digital forensics,,,,,http://ijariie.com/FormDetails.aspx?MenuScriptId=1042,http://ijariie.com/FormDetails.aspx?MenuScriptId=1042,,,2385812161,,0,016-926-540-950-809; 018-690-814-058-848; 023-709-114-205-69X; 050-565-369-137-982; 058-563-435-718-593; 070-249-872-696-440; 101-192-959-769-76X; 196-787-983-201-436,1,false,,
147-359-901-763-884,Applying the Methods of Evidence Photography to Archaeological Collections,,2014,,,,,,Patrick S. Rivera,"Forensic photography techniques used to document material criminal evidence can also be applied to the digital documentation and curation of archaeological collections. Combining a computer-operated, drop-out lighting system with standardized principles of composition makes it possible to generate a digital record of historical artifacts that is accurate and consistent across collections. Individuals with minimal background in archaeology or photography can quickly be trained to create publication quality images of historical artifacts. This article explains how to set up a digital photography system for archaeological collections that draws on the methods of forensic evidence photography, as used by the Veterans Curation Program.",,,,,Photography; Digital photography; Archaeology; Geography; Forensic photography; Lighting system; Digital documentation,,,,,http://sha.org/assets/documents/technical_briefs_articles/article02-proof.pdf https://sha.org/assets/documents/technical_briefs_articles/article02-proof.pdf,https://sha.org/assets/documents/technical_briefs_articles/article02-proof.pdf,,,2186630663,,0,,2,false,,
147-432-078-838-699,Defining a Standard for Reporting Digital Evidence Items in Computer Forensic Tools,2012-05-28,2012,,,,,,Hamda Bariki; Mariam Hashmi; Ibrahim Baggili,"Due to the lack of standards in reporting digital evidence items, investigators are facing difficulties in efficiently presenting their findings. This paper proposes a standard for digital evidence to be used in reports that are generated using computer forensic software tools. The authors focused on developing a standard digital evidence items by surveying various digital forensic tools while keeping in mind the legal integrity of digital evidence items. Additionally, an online questionnaire was used to gain the opinion of knowledgeable and experienced stakeholders in the digital forensics domain. Based on the findings, the authors propose a standard for digital evidence items that includes data about the case, the evidence source, evidence item, and the chain of custody. Research results enabled the authors in creating a defined XML schema for digital evidence items.",,,,,Chain of custody; World Wide Web; XML schema; Domain (software engineering); Software; Digital evidence; Computer science; Computer-assisted web interviewing; Digital forensics,,,,,,,,,2470632987,,0,,1,false,,
147-434-307-975-304,Mobile Digital Forensics Framework for Smartphone User Analysis,2022-01-20,2022,journal article,Webology,1735188x,NeuroQuantology Journal,"Iran, Islamic Republic of",Sang Young Lee,"<jats:p>Blockchain-based digital forensics technology is an efficient way to prevent forgery/modulation of evidence including collecting and analyzing evidential data using the technology in compliance with smartphone forensics procedures after a smartphone is seized. Moreover, the use of large-capacity storage devices and various digital devices have become a realistic solution for its development of IT in situations where the existing digital forensics analysis methods are regarded as limitations. This paper analyzed user’s status on smartphone application and implemented a smartphone user analysis framework that may extract significant digital evidence in a digital forensic way based on a blockchain perspective. In this paper researched a system that may provide important information to digital forensic analysts through these frameworks. It is expected that the proposed system will be expanded by much more structured data and online unstructured data such as SNS reports.</jats:p>",19,1,4335,4351,Digital forensics; Computer science; Digital evidence; Perspective (graphical); Network forensics; Computer security; Mobile device; Computer forensics; Smartphone application; World Wide Web; Multimedia; Data science,,,,,,http://dx.doi.org/10.14704/web/v19i1/web19285,,10.14704/web/v19i1/web19285,,,0,,0,true,cc-by-nc-nd,gold
147-601-885-622-119,Emerging Forensic Tools for Locating and Analyzing Digital Evidence - Validating Digital Evidence,,,book chapter,Emerging Forensic Tools for Locating and Analyzing Digital Evidence,,IGI Global,,Richard Boddington,,,,7781,8468,Data science; Digital evidence; Computer science,,,,,,http://dx.doi.org/10.4018/978-1-4666-9591-7.les12,,10.4018/978-1-4666-9591-7.les12,2497189557,,0,,0,false,,
147-631-422-817-38X,Comparison of Attribute Based Access Control (ABAC) Model and Rule Based Access (RBAC) to Digital Evidence Storage (DES),,2018,journal article,International Journal of Cyber-Security and Digital Forensics,23050012,The Society of Digital Information and Wireless Communications (SDIWC),,Moh Fadly Panende; Riadi Yudi Prayudi,,7,3,275,282,Rule-based system; Attribute-based access control; Digital evidence; Computer network; Computer science; Role-based access control; Wireless,,,,,http://sdiwc.net/digital-library/comparison-of-attribute-based-access-control-abac-model-and-rule-based-access-rbac-to-digital-evidence-storage-des,http://dx.doi.org/10.17781/p002451,,10.17781/p002451,2809991139,,0,,3,false,,
147-988-605-182-606,Basic aspects concerning the evidence aquisition in digital forensic analysis,2015-07-10,2015,journal article,Forum Criminalistic / Forensic Science Forum,18442641,European Association of Scientific Research,,Cezara Craciunescu,,8,17 (1/2015),,,Digital evidence; Digital forensics; Forensic science; Computer science; Psychology; Data science; Computer security; History; Archaeology,,,,,,http://dx.doi.org/10.18283/forum.viii.17.12015.315,,10.18283/forum.viii.17.12015.315,,,0,,0,false,,
148-134-948-726-262,The Research and Implementation of Digital Forensic Flow Custody System,,2007,journal article,Computer Knowledge and Technology,,,,Ling Yan,"Being a new form of evidence,electronic evidence has been one of the new litigant evidence.The researches of digital forensic technologies are focus on evidence searching,evidence recovery and evidence analysis without monitoring the validity,authenticity and integrity of forensic mechanisms themselves.Based on the research of forensic steps and process,Digital forensic flow custody system simulating society audit work is designed to assure chain of custody in the process of evidence acquiring,transmission,storage and analysis.",,,,,Chain of custody; Forensic science; Audit; Data science; Computer security; Computer science; Process (engineering); Digital forensics,,,,,https://en.cnki.com.cn/Article_en/CJFDTOTAL-DNZS200713048.htm,https://en.cnki.com.cn/Article_en/CJFDTOTAL-DNZS200713048.htm,,,2380151912,,0,,0,false,,
148-472-707-688-068,Modeling Digital Evidence Management and Dynamics Using Petri Nets,,2011,,,,,,Jasmin Ćosić; Zoran Ćosić; Miroslav Bača,"In all phases of forensic investigation, digital evidence is exposed to external influences and coming into contact with many factors. Legal admissibility of digital evidence is the ability of that evidence being accepted as evidence in a court of law. Life cycle of digital evidence is very complex. In each stage there is more impact that can violate a chain of custody and its integrity. Contact with different variables occurs through a life cycle of digital evidence and can disrupt its integrity. In order for the evidence to be accepted by the court as valid, chain of custody for digital evidence must be kept, or it must be known who exactly came into contact with evidence in each stage of the investigation. This paper presents a dynamics and life cycle of digital evidence. The Petri nets will be proposed and used for modeling and simulation of this process",2,7,545,549,Chain of custody; Risk analysis (engineering); Dynamics (music); Order (exchange); Digital evidence; Petri net; Computer science; Process (engineering); Real-time computing; Digital forensics,,,,,https://www.bib.irb.hr/526974,https://www.bib.irb.hr/526974,,,920534611,,0,,0,false,,
148-690-306-678-163,Engineering Adaptive Digital Investigations using Forensics Requirements,2014-02-05,2014,,arXiv: Software Engineering,,,,Liliana Pasquale; Yijun Yu; Luca Cavallaro; Mazeiar Salehie; Thein Than Tun; Bashar Nuseibeh,"A digital forensic investigation aims to collect and analyse the evidence necessary to demonstrate a potential hypothesis of a digital crime. Despite the availability of several digital forensics tools, investigators still approach each crime case from scratch, postulating potential hypotheses and analysing large volumes of data. This paper proposes to explicitly model forensic requirements in order to engineer software systems that are forensic-ready and guide the activities of a digital investigation. Forensic requirements relate some speculative hypotheses of a crime to the evidence that should be collected and analysed in a crime scene. In contrast to existing approaches, we propose to perform proactive activities to preserve important - potentially ephemeral - evidence, depending on the risk of a crime to take place. Once an investigation starts, the evidence collected proactively is analysed to assess if some of the speculative hypotheses of a crime hold and what further evidence is necessary to support them. For each hypothesis that is satisfied, a structured argument is generated to demonstrate how the evidence collected supports that hypothesis. Our evaluation results suggest that the approach provides correct investigative findings and reduces significantly the amount of evidence to be collected and the hypotheses to be analysed.",,,,,Forensic science; Software system; Crime scene; Order (exchange); Data science; Digital forensic investigation; Computer security; Argument; Computer science; Contrast (statistics); Digital forensics,,,,,http://ui.adsabs.harvard.edu/abs/2014arXiv1402.0997P/abstract https://arxiv.org/abs/1402.0997 https://dblp.uni-trier.de/db/journals/corr/corr1402.html#PasqualeYCSTN14 https://arxiv.org/pdf/1402.0997.pdf,http://ui.adsabs.harvard.edu/abs/2014arXiv1402.0997P/abstract,,,1515900497,,0,001-009-008-665-240; 004-652-388-189-304; 005-859-821-142-158; 012-963-790-474-478; 015-704-923-542-386; 020-944-423-224-895; 021-486-901-460-202; 035-565-993-122-262; 039-756-277-761-714; 040-292-148-821-357; 051-460-340-870-289; 072-285-844-061-406; 075-907-852-957-192; 077-931-197-141-965; 100-250-267-613-648; 109-789-664-632-419; 111-471-986-310-852; 112-321-663-201-881; 115-998-286-756-411; 153-852-808-629-003; 155-001-690-534-419; 157-259-386-623-952; 165-949-202-490-39X; 183-000-233-873-221; 184-948-841-629-735,0,true,,
148-817-047-357-757,What is a Cell Phone,,2017,book chapter,Cell Phone Location Evidence for Legal Professionals,,Elsevier,,Larry Daniel,,,,1,6,Internet privacy; Cellular network; Telephone network; GSM services; Phone; Computer science; Multimedia; Wireless,,,,,https://www.sciencedirect.com/science/article/pii/B9780128093979000018,http://dx.doi.org/10.1016/b978-0-12-809397-9.00001-8,,10.1016/b978-0-12-809397-9.00001-8,2632043587,,0,,0,false,,
148-933-856-219-766,An Assurance Mechanism of Intrusion Data for Making Digital Evidence in Digital Computing Environment,2010-08-01,2010,,,,,,Eun-Gyeom Jang,"In digital computing environment, for the mal functions in appliances and system errors, the unaccepted intrusion should be occurred. The evidence collecting technology uses the system which was damaged by intruders and that system is used as evidence materials in the court of justice. However the collected evidences are easily modified and damaged in the gathering evidence process, the evidence analysis process and in the court. That’s why we have to prove the evidence’s integrity to be valuably used in the court. In this paper, we propose a mechanism for securing the reliability and the integrity of digital evidence that can properly support the Computer Forensics. The proposed mechanism shares and manages the digital evidence through mutual authenticating the damaged system, evidence collecting system, evidence managing system and the court(TTP: Trusted Third Party) and provides a secure access control model to establish the secure evidence management policy which assures that the collected evidence has the corresponded legal effect.",11,4,129,141,Internet privacy; Computer security model; Engineering; Trusted third party; Reliability (computer networking); Authentication; Digital evidence; Computer security; Process (engineering); Access control; Computer forensics,,,,,http://www.jics.or.kr/journals/jics/digital-library/788 http://www.koreascience.or.kr/article/ArticleFullRecord.jsp?cn=OTJBCD_2010_v11n4_129,http://www.jics.or.kr/journals/jics/digital-library/788,,,760906217,,0,138-097-495-143-351; 140-821-103-436-654; 178-883-713-153-793,0,false,,
149-140-130-496-269,Applying data visualization techniques to support the analysis of digital forensic data,,2013,,,,,,Charles Nicholas; Timothy R. Leschke,"The Modern Age of digital forensics is characterized by a proliferation of artifacts, increased data complexity, larger and cheaper data storage, and the emergence of the need for tools that support timeline analysis, anomaly detection, and triage. Traditional text-based digital forensic tools can no longer keep pace with the demands of the modern digital forensic examiner. A new approach for developing digital forensic tools is required if digital forensics is going to avoid becoming stagnant. ; We apply the power of data visualization to support the needs of the modern digital forensic examiner. We design and develop a tool called Change-Link; a coordinated and multiple view tool which uses semantic zooming in the form of an overview, treeview, directory content view, and a metadata view to provide an understanding of digital forensic data that changes over time. By using this tool to examine a mock evidence hard drive containing shadow volume data provided by the Microsoft Volume Shadow Copy Service, we demonstrate a way to reduce data complexity and provide better forensic data analysis while supporting timeline analysis, anomaly detection, and a triage of the dataset. ; We demonstrate a proof for our broader hypothesis which is data visualization techniques can be developed to support better analysis of digital forensic data.",,,,,Volume (computing); Zoom; Shadow volume; Data visualization; Data science; Computer science; Timeline; Anomaly detection; Digital forensics; Metadata,,,,,http://dl.acm.org/citation.cfm?id=2604575,http://dl.acm.org/citation.cfm?id=2604575,,,2222546764,,0,,0,false,,
149-798-016-481-910,A framework for identifying associations in digital evidence using metadata,,2014,dissertation,,,,,Sriram Raghavan,"Digital forensics concerns the analysis of electronic artifacts to reconstruct events such as cyber crimes. This research produced a framework to support forensic analyses by identifying associations in digital evidence using metadata. It showed that metadata based associations can help uncover the inherent relationships between heterogeneous digital artifacts thereby aiding reconstruction of past events by identifying artifact dependencies and time sequencing. It also showed that metadata association based analysis is amenable to automation by virtue of the ubiquitous nature of metadata across forensic disk images, files, system and application logs and network packet captures. The results prove that metadata based associations can be used to extract meaningful relationships between digital artifacts, thus potentially benefiting real-life forensics investigations.",,,,,Automation; Digital artifact; Metadata repository; Information retrieval; Artifact (software development); Digital evidence; Data element; Computer science; Digital forensics; Metadata,,,,,http://eprints.qut.edu.au/72659/1/Sriram_Raghavan_Thesis.pdf https://eprints.qut.edu.au/72659/,https://eprints.qut.edu.au/72659/,,,133738467,,0,000-004-275-385-957; 001-170-920-458-777; 001-255-768-346-633; 002-255-931-431-413; 003-126-053-087-131; 003-182-041-034-40X; 003-412-732-826-511; 004-441-167-148-170; 004-723-592-537-121; 005-194-306-366-516; 007-455-522-527-690; 007-579-380-265-043; 007-832-595-971-443; 011-569-292-128-546; 013-610-410-193-416; 014-595-195-942-667; 015-056-577-655-683; 017-840-378-634-021; 017-890-768-257-247; 018-625-482-431-173; 019-831-293-743-518; 020-944-423-224-895; 023-341-419-324-638; 024-216-399-693-64X; 024-735-069-822-749; 025-811-569-298-195; 026-810-683-474-561; 027-678-595-672-200; 030-121-862-351-330; 030-359-893-882-572; 031-542-664-705-080; 031-635-166-961-287; 032-192-641-675-455; 032-512-289-321-120; 033-241-817-699-448; 033-820-436-580-458; 035-223-520-491-228; 035-748-805-312-328; 038-668-970-194-854; 040-092-459-357-823; 040-664-674-930-857; 041-327-075-056-562; 042-384-115-599-121; 042-450-851-467-680; 042-547-136-803-738; 046-505-599-865-150; 047-937-309-229-62X; 048-267-025-540-842; 051-165-387-606-715; 053-376-195-646-045; 055-090-334-937-061; 056-689-263-355-386; 056-766-410-127-532; 058-409-370-512-563; 060-650-561-577-338; 061-326-248-978-030; 061-549-181-856-861; 064-170-716-528-26X; 064-250-557-824-159; 065-268-807-515-343; 068-247-722-587-280; 069-847-568-544-420; 071-303-820-692-940; 074-503-617-334-537; 077-438-967-698-163; 080-018-383-947-573; 080-288-823-874-989; 081-409-892-060-81X; 081-437-161-307-223; 085-214-277-668-01X; 085-547-032-022-62X; 085-669-579-012-375; 087-690-831-820-163; 088-568-925-253-101; 089-589-226-346-156; 093-378-923-246-489; 093-668-583-258-461; 093-924-528-715-586; 094-213-099-107-472; 095-701-116-223-192; 096-169-714-378-299; 097-567-011-227-46X; 102-602-192-826-532; 108-086-708-688-274; 108-829-139-722-229; 109-598-947-309-943; 111-471-986-310-852; 112-642-164-834-390; 117-239-595-156-183; 118-095-530-189-407; 119-247-023-377-741; 120-697-354-224-33X; 123-830-244-984-847; 125-082-012-062-802; 127-444-480-388-473; 128-450-652-988-596; 129-842-013-619-240; 132-761-794-941-171; 133-752-203-150-119; 135-262-782-091-897; 135-717-892-795-412; 140-488-876-117-392; 142-226-580-142-17X; 142-729-737-144-734; 142-884-607-464-932; 147-855-964-291-004; 149-010-267-691-537; 150-249-549-372-358; 150-280-000-852-253; 152-771-716-159-330; 153-153-144-072-106; 156-571-272-274-491; 156-991-897-001-400; 157-954-859-648-506; 161-171-671-691-645; 162-864-397-044-696; 165-548-393-440-709; 172-965-192-520-527; 178-883-713-153-793; 184-948-841-629-735; 189-726-704-382-172; 190-065-821-748-92X; 191-787-431-475-170; 195-393-139-218-445; 196-123-893-303-752; 199-745-676-923-766,5,false,,
150-042-119-479-43X,Forensic Tool Comparison on Instagram Digital Evidence Based on Android with The NIST Method,2018-11-29,2018,journal article,Scientific Journal of Informatics,24600040; 24077658,Universitas Negeri Semarang,," Riadi; Anton Yudhana; Muhamad Caesar Febriansyah Putra","The growth of Android-based smartphone users to access media in communicating using Instagram social media is very fast. Activities are carried out when using Instagram social media in communicating to share information such as sending chat texts and pictures. A large number of Instagram users make this application vulnerable to abuse of Instagram such as pornography crimes from Instagram users. This case can be forensic to get digital evidence in the form of chat text and pictures from Instagram messenger is a feature of Instagram. The investigation in this study uses the National Institute of Standards and Technology (NIST) method which provides several stages of collecting, examining, analyzing, reporting while forensic tools use forensic oxygen and axiom magnets. The results of the recovery and comparison of data result using Oxygen forensics and Axiom Magnets obtained digital evidence in the form of data in the form of images and chat. The data obtained by Magnet Axiom is 100% while forensic oxygen is 84%. These data are the results of the performance of both forensic applications in obtaining digital evidence that has been deleted from the Instagram messenger.",5,2,235,247,NIST; World Wide Web; Pornography; Digital evidence; Computer science; Social media; Android (operating system),,,,,https://journal.unnes.ac.id/nju/index.php/sji/article/view/16545 https://journal.unnes.ac.id/nju/index.php/sji/article/download/16545/pdf,http://dx.doi.org/10.15294/sji.v5i2.16545,,10.15294/sji.v5i2.16545,2907516871,,0,006-700-167-776-341; 016-039-721-963-229; 039-626-669-719-288; 055-473-899-043-485; 070-740-822-724-693; 087-287-435-836-200; 131-874-028-513-738; 162-814-268-960-713; 177-580-843-965-429; 187-108-280-798-543; 188-509-533-602-208,8,true,cc-by,gold
150-104-705-163-922,WDFIA - Towards Solving the Identity Challenge faced by Digital Forensics.,,2012,book,,,,,Aleksandar Valjarevic; Hein S. Venter,"The importance of digital forensics is on a steady rise. One of the biggest challenges posed to digital forensics is the identity challenge. The authors define the identity challenge as the difficulty to prove beyond reasonable doubt in a court of law that a specific person was using a specific identity of a digital subject at a certain time. In order to meet or at least decrease this challenge, organised action within the digital forensics field is needed. The authors propose a set of requirements to be introduced within digital forensics in order to help solve this issue. These requirements include the following: defining the principles of digital identity within digital forensics; introducing strong authentication methods for all information systems and electronic devices; introducing digital signatures for all transactions within information systems and electronic devices; constant interaction with other relevant fields and last but not least, putting an end to internet anonymity. The authors believe that, if implemented, the proposed requirements would not only bring about the higher admissibility of digital evidence related to digital identity in a court of law, but also increase the efficiency of digital forensic investigations.",,,129,138,Digital signature; Engineering; Information system; Reasonable doubt; Strong authentication; Identity (object-oriented programming); Digital identity; Digital evidence; Computer security; Digital forensics,,,,,http://www.cscan.org/openaccess/?paperid=91 https://dblp.uni-trier.de/db/conf/wdfia/wdfia2012.html#ValjarevicV12,http://www.cscan.org/openaccess/?paperid=91,,,2403271931,,0,009-337-490-708-053; 013-211-351-846-713,0,false,,
150-681-841-306-967,Digital forensics: you can run but you can't hide: conference tutorial,2015-04-01,2015,journal article,Journal of Computing Sciences in Colleges,19374763,,,Bilal Shebaro,"Digital crimes, such as identity theft, child pornography, denial of service attacks, insider threats, phishing, and other cyber-crimes are now a fact of life. As computers and digital devices are becoming a valuable resource of evidence in many physical and digital crimes, proper handling of forensic investigations become a key in fighting back against such crimes. Therefore, understanding digital forensics and how digital forensic investigations should be carried out is an essential process to learn by IT and other law enforcement personnel in every organization, as they will eventually deal with cyber-crimes. Such learning essentials are necessary for detection and prevention of crime and in any dispute where evidence is stored digitally. This tutorial will explain and discuss the major phases of digital investigation; the practice of gathering digital evidence (Acquisition), examining data and extracting evidence (Analysis), and documenting evidence and key information (Reporting). In addition, it will include a hands-on and practical exercise on how digital investigation is carried; mainly focusing on the practice of memory forensics, as it is the most fruitful and interesting part of digital forensics. By learning how to capture computer memory and profile its contents, the audience will gain an invaluable resource on how to examine data and extract evidence from tested machines, and in our case, machines infected with malware. Tools used in digital investigations need to be forensically sound so they can obtain reliable data as evidence. This tutorial will explain how a tool can qualify to be forensically sound and will discuss some of the forensic tools offered in BackTrack and CAINE as an example of forensics-based operating systems. In addition, we will apply our digital investigation and memory forensics on the SANS Investigative Forensic Toolkit (SIFT), mainly using the Volatility framework. SIFT, written by an international team of forensics experts, is a free toolkit that matches any modern forensic tool suite with cutting-edge open-source tools. All of our tool examinations and experiments will be performed on virtual machines. This tutorial will provide an overview of digital forensics and give the audience a taste of how digital investigations run. Therefore, the intended audience for this tutorial is people curious to know about the digital forensics process. Even though this tutorial serves as an overview of the digital forensics science, it can also serve as a good start for faculty interested in integrating such topic in their Computer Security classes or as its own Digital Forensics course.",30,4,46,46,Forensic science; Data science; Memory forensics; Law enforcement; Digital evidence; Computer science; Identity theft; Malware; Resource (project management); Phishing; Digital forensics,,,,,http://dl.acm.org/citation.cfm?id=2752628.2752637,http://dl.acm.org/citation.cfm?id=2752628.2752637,,,2992792080,,0,,0,false,,
150-728-402-608-467,"Development, Delivery and Dynamics of a Digital Forensics Subject",,,,,,,,Tanveer A. Zia,"Digital forensics is a newly developed subject offered at Charles Sturt University (CSU). This subject serves as one of the core subjects for Master of Information Systems Security (Digital Forensics stream) course. The subject covers the legislative, regulatory, and technical aspects of digital forensics. The modules provide students detailed knowledge on digital forensics legislations, digital crime, forensics processes and procedures, data acquisition and validation, e-discovery tools, e-evidence collection and preservation, investigating operating systems and file systems, network forensics, email and web forensics, presenting reports and testimony as an expert witness. This paper summarises the process of subject development, delivery, assessments, teaching critique, and provides results from online subject evaluation survey. The dynamics and reflection on subject delivery is particularly important to determine if the subject has met its objectives. Results from the subject critique and student evaluation survey are presented and a reflection on how to improve the subject is provided.",,,,,Engineering; World Wide Web; Dynamics (music); Data science; Subject (documents); Expert witness; Process (engineering); Network forensics; Computer forensics; Reflection (computer programming); Digital forensics,,,,,https://ro.ecu.edu.au/adf/89/ https://ro.ecu.edu.au/cgi/viewcontent.cgi?article=1088&context=adf,http://dx.doi.org/10.4225/75/57b2b78240ce6,,10.4225/75/57b2b78240ce6,1483899494,,0,078-064-703-342-860,0,false,,
151-798-189-363-682,A Case Study of the Challenges of Cyber Forensics Analysis of Digital Evidence in a Child Pornography Trial,2012-05-30,2012,,,,,,Richard Boddington,"Perfunctory case analysis, lack of evidence validation, and an inability or unwillingness to present understandable analysis reports adversely affect the outcome course of legal trials reliant on digital evidence. These issues have serious consequences for defendants facing heavy penalties or imprisonment yet expect their defence counsel to have clear understanding of the evidence. Poorly reasoned, validated and presented digital evidence can result in conviction of the innocent as well as acquittal of the guilty. A possession of child pornography Case Study highlights the issues that appear to plague case analysis and presentation of digital evidence relied on in these odious crimes; crimes increasingly consuming the time, resources and expertise of law enforcement and the legal fraternity. The necessity to raise the standard and formalise examinations of digital evidence used in child pornography seems timely. The case study shows how structured analysis and presentation processes can enhance examinations. The case study emphasises the urgency to integrate vigorous validation processes into cyber forensics examinations to meet acceptable standard of cyber forensics examinations. The processes proposed in this Case Study enhance clarity in case management and ensure digital evidence is correctly analysed, contextualised and validated. This will benefit the examiner preparing the case evidence and help legal teams better understand the technical complexities involved.",,,155,172,Internet privacy; Political science; Law; Presentation; CLARITY; Child pornography; Conviction; Acquittal; Imprisonment; Law enforcement; Digital evidence,,,,,https://researchrepository.murdoch.edu.au/id/eprint/26407/ https://commons.erau.edu/adfsl/2012/thursday/6/ https://commons.erau.edu/cgi/viewcontent.cgi?article=1207&context=adfsl https://researchrepository.murdoch.edu.au/26407/1/pornography_trial.pdf,https://researchrepository.murdoch.edu.au/id/eprint/26407/,,,1921058994,,0,021-679-525-849-353; 021-840-800-359-200; 031-309-466-858-480; 036-038-545-953-304; 047-859-979-695-194; 054-536-916-991-487; 057-276-332-934-746; 062-296-798-056-016; 063-195-309-093-275; 074-737-218-688-006; 077-931-197-141-965; 084-910-509-998-37X; 087-634-902-634-071; 104-801-598-134-733; 122-208-506-618-200; 141-182-449-198-823; 145-743-906-992-348,2,false,,
152-543-650-985-634,Computer Forensics Digital Evidence with Emphasis on Time,,2008,,,,,,Jens Olsson,,,,,,Emphasis (typography); Digital evidence; Computer science; Multimedia; Computer forensics,,,,,https://www.bth.se/tek/aps/mbo.nsf/bilagor/Digital_Evidence_with_Emphasis_on_Time_pdf/$file/Digital_Evidence_with_Emphasis_on_Time.pdf,https://www.bth.se/tek/aps/mbo.nsf/bilagor/Digital_Evidence_with_Emphasis_on_Time_pdf/$file/Digital_Evidence_with_Emphasis_on_Time.pdf,,,2341517529,,0,016-603-574-900-950; 040-393-580-637-973; 065-302-661-316-398; 085-214-277-668-01X; 128-301-609-429-087; 142-226-580-142-17X; 188-844-991-210-832,1,false,,
152-634-216-234-620,A Study on the Chain of Custody for Securing the Faultlessness of Forensic Data,,2006,journal article,Journal of the Korea Society of Computer and Information,1598849x,,,Gyu-An Lee; Young-Tae Shin; Dea-Woo Park,"Computer Forensics functions by defending the effects and extracting the evidence of the side effects for production at the court. Has the faultlessness of the digital evidence been compromised during the investigation, a critical evidence may be denied or not even be presented at the trial. The presented monograph will deliberate the faultlessness-establishing chain procedures in disk forensics, system forensics, network forensics, mobile forensics and database forensics. Once the faultlessness is established by the methods proposed, the products of investigation will be adopted as a leading evidence. Moreover, the issues and alternatives in the reality of digital investigation are presented along with the actual computer forensics cases, hopefully contributing to the advances in computer digital forensics and the field research of information security.",11,6,175,184,Chain of custody; Engineering; Database forensics; Digital evidence; Computer security; Network forensics; Information security; Computer forensics; Mobile device forensics; Digital forensics,,,,,http://www.koreascience.or.kr/article/ArticleFullRecord.jsp?cn=CPTSCQ_2006_v11n6s44_175,http://www.koreascience.or.kr/article/ArticleFullRecord.jsp?cn=CPTSCQ_2006_v11n6s44_175,,,872258296,,0,,3,false,,
153-094-395-472-019,"Digital forensics and cyber crime : first international ICST conference, ICDF2C 2009 Albany, NY, USA, September 30-October 2, 2009 : revised selected papers",,2010,book,,,,,Sanjay Goel; Icdf C,Full and Short Papers.- Digital Evidence Composition in Fraud Detection.- iForensics: Forensic Analysis of Instant Messaging on Smart Phones.- A Survey of Forensic Localization and Tracking Mechanisms in Short-Range and Cellular Networks.- SMIRK: SMS Management and Information Retrieval Kit.- Localization and Detection of Vector Logo Image Plagiarism.- Analysis of Free Download Manager for Forensic Artefacts.- On the Reliability of Cell Phone Camera Fingerprint Recognition.- Towards a New Data Mining-Based Approach for Anti-Money Laundering in an International Investment Bank.- Analysis of Evidence Using Formal Event Reconstruction.- Data Mining Instant Messaging Communications to Perform Author Identification for Cybercrime Investigations.- Digital Evidence Retrieval and Forensic Analysis on Gambling Machine.- Online Acquisition of Digital Forensic Evidence.- Criminal Defense Challenges in Computer Forensics.- Detecting and Preventing the Electronic Transmission of Illicit Images and Its Network Performance.- A Discretionary Access Control Method for Preventing Data Exfiltration (DE) via Removable Devices.- A Host-Based Approach to BotNet Investigation?.,,,,,Engineering; World Wide Web; Camera phone; Botnet; Cybercrime; Digital evidence; Computer security; Discretionary access control; Computer forensics; Identification (information); Digital forensics,,,,,http://ci.nii.ac.jp/ncid/BB04478654,http://ci.nii.ac.jp/ncid/BB04478654,,,602960726,,0,,0,false,,
153-185-768-708-340,Structuring the Evaluation of Location-Related Mobile Device Evidence,,2020,journal article,Forensic Science International: Digital Investigation,26662817,Elsevier BV,,Eoghan Casey; David-Olivier Jaquet-Chiffelle; Hannes Spichiger; Elénore Ryser; Thomas Souvignet,"Abstract Location-related mobile device evidence is increasingly used to address forensic questions in criminal investigations. Evaluating this form of evidence, and expressing evaluative conclusions in this forensic discipline, are challenging because of the broad range of technological subtleties that can interact with circumstantial features of cases in complex ways. These challenges make this type of digital evidence prone to misinterpretations by both forensic practitioners and legal decision-makers. To mitigate the risk of misleading digital forensic findings, it is crucial to follow a structured approach to evaluation of location-related mobile device evidence. This work presents an evaluation framework widely used in forensic science that employs scientific reasoning within a logical Bayesian framework to clearly distinguish between, on the one hand, what has been observed (i.e., what data are available) and, on the other hand, how those data shed light on uncertain target propositions. This paper provides case examples to illustrate the advantages and difficulties of applying this approach to location-based mobile device evidence. This work helps digital forensic practitioners follow the principles of balanced evaluation and convey location-related mobile device evidence in a way that allows decision-makers to properly understand the relative strength of, and limitations in, digital forensic results.",32,,300928,,Criminal investigation; Mobile device; Data science; Structuring; Digital evidence; Scientific reasoning; Bayesian framework; Computer science; Circumstantial evidence; Digital forensics,,,,,https://serval.unil.ch/en/notice/serval:BIB_99D09A242835 https://www.sciencedirect.com/science/article/pii/S2666281720300238,http://dx.doi.org/10.1016/j.fsidi.2020.300928,,10.1016/j.fsidi.2020.300928,3029496844,,0,001-872-507-889-182; 006-106-790-585-940; 008-321-492-596-021; 009-512-003-529-193; 015-238-949-406-002; 019-831-293-743-518; 020-932-340-092-358; 024-131-573-638-521; 024-793-920-484-727; 025-273-020-668-018; 026-943-588-349-358; 027-669-021-337-265; 035-457-870-364-976; 036-017-937-159-609; 040-997-734-554-028; 050-296-813-523-597; 068-721-919-773-533; 069-906-125-551-995; 070-427-732-319-159; 075-518-198-327-92X; 082-676-890-491-344; 085-370-444-410-812; 099-407-105-258-080; 113-310-395-905-331; 123-400-070-960-457; 170-831-892-006-047; 172-357-540-521-552; 175-578-826-231-866; 181-826-022-794-521,3,true,cc-by-nc-nd,hybrid
153-705-882-254-449,"Digital Forensic Science: Issues, Methods, and Challenges",2016-12-28,2016,book,,,,,Vassil Roussev; Elisa Bertino; Ravi Sandhu,"Digital forensic science, or digital forensics, is the application of scientific tools and methods to identify, collect, and analyze digital (data) artifacts in support of legal proceedings. From a more technical perspective, it is the process of reconstructing the relevant sequence of events that have led to the currently observable state of a target IT system or (digital) artifacts. Over the last three decades, the importance of digital evidence has grown in lockstep with the fast societal adoption of information technology, which has resulted in the continuous accumulation of data at an exponential rate. Simultaneously, there has been a rapid growth in network connectivity and the complexity of IT systems, leading to more complex behavior that needs to be investigated. The goal of this book is to provide a systematic technical overview of digital forensic techniques, primarily from the point of view of computer science. This allows us to put the field in the broader perspective of a host of related areas and gain better insight into the computational challenges facing forensics, as well as draw inspiration for addressing them. This is needed as some of the challenges faced by digital forensics, such as cloud computing, require qualitatively different approaches; the sheer volume of data to be examined also requires new means of processing it.",,,,,Lockstep; Information technology; Scientific instrument; Data science; Digital evidence; Computer security; Computer science; State (computer science); Computer forensics; Cloud computing; Digital forensics,,,,,https://xplqa30.ieee.org/document/7809443/ https://www.amazon.com/Digital-Forensic-Science-Challenges-Information/dp/1627059598 https://www.morganclaypool.com/doi/abs/10.2200/S00738ED1V01Y201610SPT019 https://ieeexplore.ieee.org/document/7809443,https://xplqa30.ieee.org/document/7809443/,,,2563372811,,0,000-360-120-513-679; 001-599-061-358-509; 002-449-146-256-491; 002-768-711-065-857; 004-706-447-836-905; 005-635-895-973-760; 007-025-689-053-079; 007-213-544-126-482; 007-901-016-367-02X; 008-452-605-628-991; 009-832-452-035-773; 010-936-709-614-896; 011-580-010-761-19X; 013-374-077-204-422; 015-654-094-120-991; 016-287-960-279-064; 017-152-528-840-957; 019-698-064-288-240; 020-102-151-624-738; 020-131-672-839-462; 020-569-163-258-930; 020-810-785-474-935; 022-530-184-398-582; 023-338-081-058-709; 023-767-546-806-478; 024-385-303-080-230; 024-894-908-869-686; 025-638-340-324-782; 025-723-055-730-999; 025-811-569-298-195; 027-265-141-482-204; 030-121-862-351-330; 030-618-213-827-734; 030-872-799-958-443; 033-241-817-699-448; 033-361-255-406-653; 034-095-325-733-017; 034-147-846-372-079; 036-093-518-856-770; 036-662-510-200-483; 041-879-975-858-398; 042-880-741-738-793; 043-093-846-816-675; 043-998-602-713-991; 045-701-748-075-614; 045-702-359-549-884; 047-600-704-780-223; 051-165-387-606-715; 052-152-063-024-042; 055-716-583-314-000; 056-205-328-777-528; 056-689-263-355-386; 057-267-487-235-777; 058-631-300-195-90X; 063-112-146-359-502; 068-889-285-101-522; 072-072-328-028-440; 073-925-766-797-600; 074-836-151-308-77X; 078-519-401-333-983; 080-037-699-095-630; 080-351-281-760-491; 083-867-056-056-058; 085-225-986-700-637; 086-388-908-356-52X; 088-755-576-872-898; 092-608-028-729-42X; 094-459-995-813-279; 097-567-011-227-46X; 099-520-470-483-918; 101-641-022-077-458; 101-855-686-629-984; 105-427-271-392-801; 105-503-410-804-207; 105-597-507-360-817; 108-192-812-569-418; 113-226-729-402-581; 113-801-918-269-079; 116-317-110-770-148; 117-065-920-586-287; 117-228-671-518-737; 124-912-663-881-389; 128-940-875-499-986; 131-516-331-360-906; 134-927-490-231-285; 139-495-561-188-858; 142-527-659-716-593; 142-816-347-811-541; 142-884-607-464-932; 144-124-797-675-052; 146-548-188-554-839; 150-709-845-991-991; 152-771-716-159-330; 152-943-382-263-119; 153-123-241-458-492; 157-954-859-648-506,6,false,,
153-813-507-607-845,Digital Forensics: Digital Evidence in Criminal Investigations,2008-12-31,2008,book,,,,,Angus M. Marshall,"The vast majority of modern criminal investigations involve some element of digital evidence, from mobile phones, computers, CCTV and other devices. Digital Forensics: Digital Evidence in Criminal Investigations provides the reader with a better understanding of how digital evidence complements traditional scientific evidence and examines how it can be used more effectively and efficiently in a range of investigations. Taking a new approach to the topic, this book presents digital evidence as an adjunct to other types of evidence and discusses how it can be deployed effectively in support of investigations. The book provides investigators/SSMs/other managers with sufficient contextual and technical information to be able to make more effective use of digital evidence sources in support of a range of investigations. In particular, it considers the roles played by digital devices in society and hence in criminal activities. From this, it examines the role and nature of evidential data which may be recoverable from a range of devices, considering issues relating to reliability and usefulness of those data. Includes worked case examples, test questions and review quizzes to enhance student understanding Solutions provided in an accompanying website Includes numerous case studies throughout to highlight how digital evidence is handled at the crime scene and what can happen when procedures are carried out incorrectly Considers digital evidence in a broader context alongside other scientific evidence Discusses the role of digital devices in criminal activities and provides methods for the evaluation and prioritizing of evidence sources Includes discussion of the issues surrounding modern digital evidence examinations, for example; volume of material and its complexity Clear overview of all types of digital evidence Digital Forensics: Digital Evidence in Criminal Investigations is an invaluable text for undergraduate students taking either general forensic science courses where digital forensics may be a module or a dedicated computer/digital forensics degree course. The book is also a useful overview of the subject for postgraduate students and forensic practitioners.",,,,,Criminal investigation; Scientific evidence; Engineering; World Wide Web; Crime scene; Element (criminal law); Context (language use); Digital evidence; Computer forensics; Digital forensics,,,,,https://openlibrary.org/books/OL29028459M/Digital_Forensics https://www.goodreads.com/work/editions/13211652-digital-forensics-digital-evidence-in-criminal-investigations https://www.amazon.com/Digital-Forensics-Evidence-Criminal-Investigations/dp/0470517751,https://openlibrary.org/books/OL29028459M/Digital_Forensics,,,2009550757,,0,,17,false,,
153-871-393-376-764,Essential Technical Concepts,2019-02-26,2019,book chapter,Digital Forensics Basics,,Apress,,Nihad A. Hassan,"Conducting a digital forensics investigation requires a thorough understanding of some of the main technical concepts of computing. Knowing how data is stored in computers, number theory, how digital files are structured, and the types of storage units and the difference between them are essential areas to know how to locate and handle digital evidence. While this book is intended for those with working knowledge of using computers in general (especially Windows OS), there are some technical theories that first must be discussed because of their importance in conducting digital forensics examinations. This chapter will cover those basic concepts.",,,35,67,Computer data storage; Data science; Cover (telecommunications); Know-how; Digital evidence; Computer science; Microsoft Windows; Digital forensics,,,,,https://link.springer.com/chapter/10.1007%2F978-1-4842-3838-7_2,http://dx.doi.org/10.1007/978-1-4842-3838-7_2,,10.1007/978-1-4842-3838-7_2,2916407696,,0,,1,false,,
154-076-720-609-283,Analysis of Digital Forensic Tools,2020-06-01,2020,journal article,Journal of Computational and Theoretical Nanoscience,15461955; 15461963,American Scientific Publishers,United States,Shaweta Sachdeva; B. L. Raina; Avinash Sharma,"<jats:p>This paper aims to analyze different tools for Forensic Data Analysis comes under the branch of Digital Forensics. Forensic data analysis is done with digital techniques. Digital forensics becomes more important in law enforcement, due to the large use of computers and mobile devices.;  The pattern recognition system most appropriately fits into the Analysis Phase of the Digital Forensics. Pattern Recognition involves two processes. One Process is an analysis and the second process is recognition. The result of the analysis is taken out of the attributes from the patterns;  to be recognized i.e., a pattern of different faces and fingerprints. These attributes are then utilized for the further process in the analysis phase which provides attention on various techniques of pattern recognition that are applied to digital forensic examinations and is proposed to;  develop different forensic tools to collect evidence that would be helpful to solve specific types of crimes. This evidence further helps the examiner in the analysis phase of the digital forensic process by identifying the applicable data.</jats:p>",17,6,2459,2467,Data science; Digital forensics,,,,,https://www.ingentaconnect.com/content/asp/jctn/2020/00000017/00000006/art00007 https://ui.adsabs.harvard.edu/abs/2020JCTN...17.2459S/abstract,http://dx.doi.org/10.1166/jctn.2020.8916,,10.1166/jctn.2020.8916,3094127989,,0,005-974-814-807-485; 037-105-622-240-257; 064-531-736-566-934; 091-619-263-117-914,2,false,,
154-191-465-535-558,Organizational Handling of Digital Evidence,2010-05-19,2010,,,,,,Sheona Anne Hoolachan; William Bradley Glisson,"There are a number of factors that impact a digital forensics investigation. These factors include: the digital media in question, implemented processes and methodologies, the legal aspects, and the individuals involved in the investigation. This paper presents the initial idea that Digital Forensic Practice (DFP) recommendations can potentially improve how organizations handle digital evidence. The recommendations are derived from an in-depth survey conducted with practitioners in both commercial organizations and law enforcement along with supporting literature. The recommendations presented in this paper can be used to assess an organization’s existing digital forensics practices and a guide to Digital Forensics Improvement Initiatives.",,,33,44,Engineering; Digital media; Data science; First responder; Law enforcement; Digital evidence; Computer security; Computer forensics; Digital forensics,,,,,https://commons.erau.edu/adfsl/2010/wednesday/7/ http://eprints.gla.ac.uk/33688/ https://commons.erau.edu/cgi/viewcontent.cgi?article=1108&context=adfsl,https://commons.erau.edu/adfsl/2010/wednesday/7/,,,116253143,,0,006-933-312-344-623; 021-486-901-460-202; 024-711-735-736-003; 029-956-698-780-087; 039-778-235-568-50X; 049-012-213-939-932; 115-460-431-212-281; 120-697-354-224-33X; 129-047-937-765-077; 186-572-144-284-217,13,false,,
154-372-788-011-735,Collecting Evidence,2018-08-01,2018,book chapter,Fundamentals of Digital Forensics,,Springer International Publishing,,Joakim Kävrestad,,,,47,55,Computer science,,,,,,http://dx.doi.org/10.1007/978-3-319-96319-8_6,,10.1007/978-3-319-96319-8_6,,,0,067-489-748-584-577,0,false,,
154-416-938-594-158,A Comprehensive Digital Forensic Investigation Model and Guidelines for Establishing Admissible Digital Evidence,,2013,dissertation,,,,,Inikpi Onechojo Ademu,"Information technology systems are attacked by offenders using digital devices and networks to facilitate their crimes and hide their identities, creating new challenges for digital investigators. Malicious programs that exploit vulnerabilities also serve as threats to digital investigators. Since digital devices such as computers and networks are used by organisations and digital investigators, malicious programs and risky practices that may contaminate the integrity of digital evidence can lead to loss of evidence. For some reasons, digital investigators face a major challenge in preserving the integrity of digital evidence. Not only is there no definitive comprehensive model of digital forensic investigation for ensuring the reliability of digital evidence, but there has to date been no intensive research into methods of doing so.; To address the issue of preserving the integrity of digital evidence, this research improves upon other digital forensic investigation model by creating a Comprehensive Digital Forensic Investigation Model (CDFIM), a model that results in an improvement in the investigation process, as well as security mechanism and guidelines during investigation. The improvement is also effected by implementing Proxy Mobile Internet Protocol version 6 (PMIPv6) with improved buffering based on Open Air Interface PIMIPv6 (OAI PMIPv6) implementation to provide reliable services during handover in Mobile Node (MN) and improve performance measures to minimize loss of data which this research identified as a factor affecting the integrity of digital evidence. The advantage of this is to present that the integrity of digital evidence can be preserved if loss of data is prevented.; This research supports the integration of security mechanism and intelligent software in digital forensic investigation which assist in preserving the integrity of digital evidence by conducting experiments which carried out two different attack experiment to test CDFIM. It found that when CDFIM used security mechanism and guidelines with the investigation process, it was able to identify the attack and also ensured that the integrity of the digital evidence was preserved. It was also found that the security mechanism and guidelines incorporated in the digital investigative process are useless when the security guidelines are ignored by digital investigators, thus posing a threat to the integrity of digital evidence.",,,,,Interface (computing); Information technology; Engineering; Exploit; Reliability (computer networking); Protocol (science); Digital evidence; Computer security; Process (engineering); Node (networking),,,,,http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.633811 https://repository.uel.ac.uk/item/85xwz http://roar.uel.ac.uk/4982/,http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.633811,,,117977300,,0,,1,false,,
154-678-828-225-351,A digital forensics class for students with visual impairments,2009-05-01,2009,journal article,Journal of Computing Sciences in Colleges,19374763,,,Sean J. Geoghegan; Lis D. Geoghegan; Stephanie D. Smith,"The increased use of digital data in all aspects of society, leads to the increased use of digital data as evidence in criminal and civil proceedings. Collection of digital evidence must be performed by individuals with the skills to acquire, preserve, and present digital evidence. Because the tasks are performed almost entirely using computer software, recent advances in adaptive technology increases the viability of digital forensics as a career choice for individuals with visual impairments. This paper describes a digital forensics summer class designed to provide students with visual impairments an opportunity to experience some of the tools and techniques used in the digital forensics profession. Additionally, observations were made regarding the accessibility of the digital forensics tools when used in conjunction with adaptive software and assistive technology. The observations were used to identify potential improvements to the forensics tools to increase the accessibility to users with visual impairments.",24,5,77,84,Forensic science; Class (computer programming); Digital evidence; Computer science; Multimedia; Digital forensics,,,,,https://dl.acm.org/doi/10.5555/1516595.1516611,https://dl.acm.org/doi/10.5555/1516595.1516611,,,2472649202,,0,090-253-323-978-91X,0,false,,
154-704-063-862-848,ISDFS - A Conceptual Framework for Database Anti-forensics Impact Mitigation,,2020,book,2020 8th International Symposium on Digital Forensics and Security (ISDFS),,IEEE,,Bashir Zak Adamu; Murat Karabatak; Fatih Ertam,"The emergence of databases has become one of the most important achievements in the field of software. Databases are at the core of information systems (Online and Offline), and this has fundamentally made them a target for malicious intents because they contain sensitive information. Digital forensics tends to outwit such malicious activities by providing provable evidence for prosecution. On the other hand, criminals develop and promote counter forensic measures to reduce the quality and quantity of forensic data known as “Anti-forensics”. Such counter measures tend to jeopardize forensics efforts at all stages to ensure that court admissible evidences are not acquired. The aim of this paper is to explore database anti-forensics agents, highlight the challenges and or negative effects they pose at various stages of the database forensics processes, present a taxonomy for database anti-forensics impacts, provide recommendations on how these impacts can be mitigated, and directions for future research opportunities.",,,1,6,Information sensitivity; Conceptual framework; Information system; Database forensics; Quality (business); Online and offline; Field (computer science); Computer science; Database; Digital forensics,,,,,https://ieeexplore.ieee.org/document/9116375 https://dblp.uni-trier.de/db/conf/isdfs/isdfs2020.html#AdamuKE20,http://dx.doi.org/10.1109/isdfs49300.2020.9116375,,10.1109/isdfs49300.2020.9116375,3036854345,,0,005-102-962-333-180; 008-485-318-135-79X; 015-781-228-553-576; 018-648-349-943-059; 026-510-318-976-518; 034-643-583-457-718; 067-906-191-524-044; 074-409-427-389-536; 078-817-460-650-140; 100-370-775-625-860; 134-708-607-487-525; 148-027-471-685-868; 157-067-567-418-679,0,false,,
154-729-674-764-578,Integrating Digital Forensics Techniques into Curatorial Tasks: A Case Study,2014-09-09,2014,journal article,International Journal of Digital Curation,17468256,Edinburgh University Library,,Sam Meister; Alexandra Chassanoff,"In this paper, we investigate how digital forensics tools can support digital curation tasks around the acquisition, processing, management and analysis of born-digital materials. Using a real world born-digital collection as our use case, we describe how BitCurator, a digital forensics open source software environment, supports fundamental curatorial activities such as secure data transfer, assurance of authenticity and integrity, and the identification and elimination of private and/or sensitive information. We also introduce a workflow diagram that articulates the processing steps for institutions processing born-digital materials. Finally, we review possibilities for further integration, development and use of digital forensic tools.",9,2,6,16,World Wide Web; Information sensitivity; Workflow; Data science; Digital curation; Open source software; Computer science; Data transmission; Identification (information); Digital forensics,,,,,https://www.mendeley.com/catalogue/32be5481-980d-35c2-b198-fca72f89ff55/ http://www.ijdc.net/index.php/ijdc/article/download/9.2.6/364 https://doaj.org/article/a444a368c1f54b6085aa5e20b1e23253 https://core.ac.uk/display/91790644 https://dx.doi.org/10.2218/ijdc.v9i2.325 http://www.ijdc.net/index.php/ijdc/article/view/9.2.6 https://core.ac.uk/download/pdf/162675816.pdf,http://dx.doi.org/10.2218/ijdc.v9i2.325,,10.2218/ijdc.v9i2.325,2058634680,,0,,2,true,cc-by,gold
154-857-421-851-098,An Analysis of Using Blockchains for Processing and Storing Digital Evidence,2018-01-01,2018,,,,,,Tobias Svenblad,"A review of digital forensics today shows that it could be exposed to threats jeopardizing the digital evidence integrity. There are several techniques to countermeasure this risk, one of which is ...",,,,,Countermeasure; Digital evidence; Computer security; Computer science; Digital forensics,,,,,http://www.diva-portal.org/smash/record.jsf?pid=diva2:1218121,http://www.diva-portal.org/smash/record.jsf?pid=diva2:1218121,,,2977317384,,0,,0,false,,
154-982-278-740-231,Digital Evidence Management,2018-05-16,2018,book chapter,Digital Forensics and Investigations,,CRC Press,,Jason Sachowski,,,,175,202,Digital evidence; Business; Computer science; Computer security; Digital forensics,,,,,,http://dx.doi.org/10.4324/9781315194820-12,,10.4324/9781315194820-12,,,0,,0,false,,
154-986-196-836-73X,Research and Implementation of the Protection Mechanism for Digital Evidence Collecting System,,2004,,,,,,Liang Bin,"Research regarding Digital Forensic Technologies has become more active with the recent increases in illegal accesses to computer system.Many researchers focus only on the techniques or mechanisms for evidence detecting and evidence analyzing,without considering the security of forensic mechanisms themselves,and the digital evidence can't be protected completely.Based on the analysis of relative researches,secure area is proposed to protect forensic mechanisms from attacking.A mechanism called I-LOMAC has been designed and implemented to evaluate this method.The results demonstrate the advantage in protecting the forensic mechanisms.",,,,,Fidelity; Protection mechanism; Digital evidence; Collection system; Computer security; Computer science; Access control; Digital forensics; Mechanism (biology),,,,,http://en.cnki.com.cn/Article_en/CJFDTOTAL-DZXU200408034.htm,http://en.cnki.com.cn/Article_en/CJFDTOTAL-DZXU200408034.htm,,,2977393914,,0,,0,false,,
155-020-894-850-599,ICDF2C - Defining a Standard for Reporting Digital Evidence Items in Computer Forensic Tools,,2011,book chapter,"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering",18678211; 1867822x,Springer Berlin Heidelberg,Germany,Hamda Bariki; Mariam Hashmi; Ibrahim Baggili,"Due to the lack of standards in reporting digital evidence items, investigators are facing difficulties in efficiently presenting their findings. This paper proposes a standard for digital evidence to be used in reports that are generated using computer forensic software tools. The authors focused on developing a standard digital evidence items by surveying various digital forensic tools while keeping in mind the legal integrity of digital evidence items. Additionally, an online questionnaire was used to gain the opinion of knowledgeable and experienced stakeholders in the digital forensics domain. Based on the findings, the authors propose a standard for digital evidence items that includes data about the case, the evidence source, evidence item, and the chain of custody. Research results enabled the authors in creating a defined XML schema for digital evidence items.",53,,78,95,Chain of custody; World Wide Web; XML schema; Domain (software engineering); Software; Digital evidence; Computer science; Computer forensics; Computer-assisted web interviewing; Digital forensics,,,,,https://www.researchgate.net/profile/Ibrahim_Baggili/publication/221511089_Defining_a_Standard_for_Reporting_Digital_Evidence_Items_in_Computer_Forensic_Tools/links/53e140100cf24f90ff619667.pdf https://eudl.eu/doi/10.1007/978-3-642-19513-6_7 https://eudl.eu/pdf/10.1007/978-3-642-19513-6_7 https://digitalcommons.newhaven.edu/electricalcomputerengineering-facpubs/21/ https://ui.adsabs.harvard.edu/abs/2011dfcc.conf...78B/abstract https://rd.springer.com/chapter/10.1007%2F978-3-642-19513-6_7 https://link.springer.com/chapter/10.1007/978-3-642-19513-6_7,http://dx.doi.org/10.1007/978-3-642-19513-6_7,,10.1007/978-3-642-19513-6_7,1604717907,,0,046-392-586-979-126; 081-933-261-712-915; 104-758-205-558-797; 165-770-474-971-736; 182-962-922-039-081; 186-179-663-828-545,8,false,,
155-298-486-497-278,Survey : video forensic tools,2013-01-10,2013,journal article,Journal of theoretical and applied information technology,18173195,,,Ahmad Salehi Shahraki; Hamed Sayyadi; Mohamad Hussein Amri; Mehrnaz Nikmaram,"Due to extension of using CCTVs and the other video security systems in all areas, these sorts of devices have been introduced as the most important digital evidences to search and seizure crimes. Video forensics tools are developed as a part of digital forensics tools to analyze digital evidences and clear vague points of them for presenting in the courts Existing video forensics tools have been facilitated the investigation process by providing different features based on various video editing techniques. In this paper, some of the most popular video forensics tools are discussed and the strengths and shortages of them are compared and consequently, an alternative framework which includes the strengths of existing popular tools is introduced.",,,,,Economic shortage; Video editing; Analysis tools; Computer science; Process (engineering); Multimedia; Computer forensics; Digital forensics,,,,,https://eprints.qut.edu.au/74465/,https://eprints.qut.edu.au/74465/,,,758581677,,0,,3,false,,
155-405-402-030-111,Ψηφιακή εγκληματολογία : μελέτη πραγματικών σεναρίων,2013-07-01,2013,dissertation,,,,,Δημήτριος Αποστολόπουλος,"Digital Forensics is a branch of forensic science concerned with the use of digital information produced,; stored and transmitted by computers as source of evidence in investigations and legal proceedings.; Computer fraud and digital crimes are growing day by day. Fortunately though, the vast majority of; computer activities leave definite traces, allowing investigators to obtain essential evidence, solve; criminal cases and prevent crimes. Digital forensics has existed for as long as computers have stored data; that could be used as evidence. For many years, forensics investigation was performed primarily by; government agencies, but has become common in the commercial sector over the past several years.; The first chapter of this thesis provides a brief overview of digital and mobile forensics. The second; chapter refers to computer crime and the third chapter is about legislation concerning digital forensics.; The fourth chapter is about Computer Security Incident Response Team. The chapters five and six refer to; forensic methodologies and available tools. Finally, the chapter seven contains actual case scenarios using; digital forensics methodologies and tools.",,,,,Engineering; Government; Legislation; Incident response; Computer security; Computer fraud; Computer forensics; Mobile device forensics; Digital forensics,,,,,http://dione.lib.unipi.gr/xmlui/handle/unipi/8302,http://dione.lib.unipi.gr/xmlui/handle/unipi/8302,,,2529642291,,0,,0,false,,
155-577-565-509-750,A Knowledge Model of Digital Evidence Review Elements Based on Ontology,,2020,book chapter,Digital Forensics and Forensic Investigations,,IGI Global,,Ning Wang,"<jats:p>As existing methods cannot express, share, and reuse the digital evidence review information in a unified manner, a solution of digital evidence review elements knowledge base model based on ontology is presented. Firstly, combing with the multi-source heterogeneous characteristic of digital evidence review knowledge, classification and extraction are accomplished. Secondly, according to the principles of ontology construction, the digital evidence review elements knowledge base model which includes domain ontology, application ontology, and atomic ontology is established. Finally, model can effectively acquire digital evidence review knowledge by analyzing review scenario. </jats:p>",,,281,290,Ontology; Computer science; Knowledge base; Process ontology; Domain (mathematical analysis); Reuse; Information retrieval; Upper ontology; Open Knowledge Base Connectivity; Ontology-based data integration; Domain knowledge; Data science; Knowledge management,,,,,,http://dx.doi.org/10.4018/978-1-7998-3025-2.ch019,,10.4018/978-1-7998-3025-2.ch019,,,0,006-608-623-688-096; 014-674-876-390-218; 047-937-309-229-62X; 061-070-340-163-25X; 094-177-617-833-47X; 095-437-078-101-003; 128-190-997-064-091; 181-072-396-769-365,0,false,,
155-653-832-911-392,Digital Forensic Analysis of Cybercrimes,,2018,book chapter,Digital Multimedia,,IGI Global,,Regner Sabillon; Jordi Serra-Ruiz; Victor Cavaller; Jeimy J. Cano,"<jats:p>This paper reviews the existing methodologies and best practices for digital investigations phases like collecting, evaluating and preserving digital forensic evidence and chain of custody of cybercrimes. Cybercriminals are adopting new strategies to launch cyberattacks within modified and ever changing digital ecosystems, this article proposes that digital investigations must continually readapt to tackle cybercrimes and prosecute cybercriminals, working in international collaboration networks, sharing prevention knowledge and lessons learned. The authors also introduce a compact cyber forensics model for diverse technological ecosystems called Cyber Forensics Model in Digital Ecosystems (CFMDE). Transferring the knowledge, international collaboration, best practices and adopting new digital forensic tools, methodologies and techniques will be hereinafter paramount to obtain digital evidence, enforce organizational cybersecurity policies, mitigate security threats, fight anti-forensics practices and indict cybercriminals. The global Digital Forensics community ought to constantly update current practices to deal with cybercriminality and foreseeing how to prepare to new technological environments where change is always constant. </jats:p>",,,588,600,Digital forensics; Digital evidence; Computer security; Computer science; Best practice; Computer forensics; Digital ecosystem; Data science; Knowledge management; Political science; Law,,,,,,http://dx.doi.org/10.4018/978-1-5225-3822-6.ch029,,10.4018/978-1-5225-3822-6.ch029,,,0,012-459-130-312-50X; 020-944-423-224-895; 021-850-998-857-676; 024-381-049-056-789; 028-180-038-189-484; 028-828-573-289-865; 028-874-299-732-939; 045-645-917-018-028; 057-705-375-581-007; 067-950-012-629-210; 092-506-898-894-624; 143-562-788-834-457,0,false,,
156-032-480-821-258,A Survey on Digital Forensics in Cloud and Usage of VM Snap Shots,,2016,,,,,,B R Sahithya; K Parmesha,"ABSTRACT In a recent years cloud computing is a type of internet based computing that provides shared computer processing resources and data to computers and others devices on Demand. Cloud Computing Exhibit Dynamic Nature this nature leads to more possibilities of malicious activities in cloud hence there is a existence of digital forensics and need For Digital investigation, Digital investigation in cloud varies with the Deployment models. Here we are discussing about fundamental concept of Challenges of digital forensics and approach of using VM Snap Shots as Evidence with single VM.",,,,,Software deployment; On demand; Computer processing; Internet based; Computer security; Computer science; Network forensics; Cloud computing; Digital forensics,,,,,,,,,2593793435,,0,,0,false,,
156-176-797-086-637,"The Current State of Digital Forensic Practitioners in South Africa Examining the Qualifications, Certifications, Training and Experience of South African Digital Forensic Practitioners",,2015,,,,,,Jason Jordaan; Karen Bradshaw,"Recent high profile court trials around the world, including South Africa, have highlighted the importance of forensic science evidence in court. They have also show what can happen when forensic science is handled poorly in court leading to incorrect convictions or acquittals. Most often the problems have been linked to the qualifications, training, competency and experience of the forensic practitioners who examined and analysed the evidence. With digital forensics being recognised as a forensics science and criminal trials such as Casey Anthony and Julia Amero dominated by errors in the digital forensics process attributed to the examiners, it is crucial to understand what the current situation is in South Africa with regards local digital forensic practitioners, so as to identify any strengths or shortcomings which could impact on digital evidence in a court of law. The research focused on understanding the academic qualifications, digital forensics training, competency, and experience of South African digital forensic practitioners. General trends were identified through the research showing that South African digital forensic practitioners often lacked the necessary academic qualifications, training, competency and experience required of a digital forensics practitioner, raising concerns about the quality of digital forensics practice in South Africa. When contrasted against international standards, the research identified areas of improvement, and suggested potential remedial actions to address the situation. Keywords-digital forensics, digital forensic practitioners, digital forensic standards",,,,,Forensic science; Pedagogy; State (polity); Training (civil); Quality (business); Digital evidence; Certification; Engineering ethics; Medicine; Digital forensics,,,,,,,,,2242416794,,0,012-906-104-142-908; 014-261-775-435-338; 015-619-207-022-72X; 017-167-454-912-226; 023-418-828-545-549; 027-596-318-311-424; 052-550-640-264-796; 075-171-904-217-913; 081-321-738-203-441; 106-885-306-836-498; 142-108-488-120-966; 154-778-607-714-379; 168-476-681-195-292; 191-624-512-482-739,0,false,,
156-262-409-359-228,Digital evidence: The end of the golden age,2012-12-01,2012,,,,,,Bradley Schatz,"The 'golden age' of computer forensics is drawing to an end, as digital evidence diffuses away from single devices under the control of an individual, to diverse devices in disparate locations. Dr Bradley Schatz discusses the challenges of accessing and using digital evidence in a world where individuals no longer have custody of their digital information.",,226,10,,World Wide Web; Publishing; Project commissioning; Control (management); Digital evidence; Computer science; Computer forensics,,,,,http://search.informit.com.au/fullText;dn=049584892532946;res=IELHSS,http://search.informit.com.au/fullText;dn=049584892532946;res=IELHSS,,,2300873926,,0,,0,false,,
156-374-578-445-529,THE ROLE OF DIGITAL FORENSIC IN REVEALING CRIMINAL ACTS OF ONLINE PROSTITUTION AT KEPOLISIAN DAERAH JAWA TIMUR,2020-07-31,2020,journal article,LIGAHUKUM,2085577x,University of Pembangunan Nasional Veteran Jawa Timur,,Valdha Regytha Gana Atthoriq,"<jats:p>This thesis talks about the role of digital forensic in revealing criminal acts of online prostitution. Digital forensic itself is not specifically regulated in the Indonesian Criminal Code Act, but digital forensic is very important in its role in the process of analyzing an item of evidence obtained from a criminal offence. The subject matter that the author discusses is, how the digital forensic role in exposing the criminal acts of online prostitution and whether the barriers in the application of digital forensic in exposing the criminal acts of online prostitution. The research methods that the author uses are juridical empirical. The author also conducted an analysis on the role of digital forensic in exposing the criminal acts of online prostitution associated with the Information and Electronic Transaction Law which is then presented by the author's thought. The results of this study can be seen through several digital forensic roles at the level of investigation, prosecution and also the courts, in addition, there are also some obstacles that faced by the experts of Digital Forensic Examiner and the efforts that can be done in overcoming those obstacles.&#x0D;;  &#x0D;; Keyword : Digital Forensic, Online Prostitution, Information and Electronic Transaction Law</jats:p>",1,1,,,,,,,,,http://dx.doi.org/10.33005/ligahukum.v1i1.21,,10.33005/ligahukum.v1i1.21,,,0,,0,false,,
156-972-666-676-888,"Data Reduction and Data Mining Framework for Digital Forensic Evidence: Storage, Intelligence, Review and Archive",2014-09-17,2014,,Social Science Research Network,,,,Darren Quick; Kim-Kwang Raymond Choo,"The volume of digital forensic evidence is rapidly increasing, leading to large backlogs. In this paper, a Digital Forensic Data Reduction and Data Mining Framework is proposed. Initial research with sample data from South Australia Police Electronic Crime Section and Digital Corpora Forensic Images using the proposed framework resulted in significant reduction in the storage requirements — the reduced subset is only 0.196 percent and 0.75 percent respectively of the original data volume. The framework outlined is not suggested to replace full analysis, but serves to provide a rapid triage, collection, intelligence analysis, review and storage methodology to support the various stages of digital forensic examinations. Agencies that can undertake rapid assessment of seized data can more effectively target specific criminal matters. The framework may also provide a greater potential intelligence gain from analysis of current and historical data in a timely manner, and the ability to undertake research of trends over time.",,,,,Volume (computing); Data mining; Engineering; Data reduction; Data science; Triage; Digital evidence; Original data; Sample (statistics); Intelligence analysis; Digital forensics,,,,,https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2497796 https://papers.ssrn.com/sol3/Delivery.cfm/SSRN_ID2500076_code2138273.pdf?abstractid=2497796&mirid=1,https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2497796,,,2096723158,,0,,6,false,,
157-446-493-707-952,FUNGSI DIGITAL FORENSIK BAGI SATRESKRIM POLRES AGAM DALAM PENYIDIKAN TINDAK PIDANA JUDI ONLINE,2021-02-20,2021,journal article,UNES Law Review,26227045; 26543605,LPPM Universitas EKASAKTI,,Algino Ganaro,"<jats:p>The function of Digital Forensics in Online Gambling Crime Investigation by the Agam Police Criminal Investigation Unit is to obtain evidence of an online gambling crime by knowing who did it, what was done, what software was used, what process results were used and when to do it . In online gambling crimes that occur in the jurisdiction of the Agam Police, evidence collected through digital forensics is in the form of information on gambling crimes carried out by examining sites that are used as a means or place for gambling. Constraints in Using Digital Forensics in Online Gambling Crime Investigation By Satreskrim Agam Police is the address of most online gambling websites located abroad and made by foreign countries, bank accounts are always changing. The application data for opening a bank account that is used to accept online gambling transactions is fictitious, evidence is easy to change and is lost, the high level of knowledge of the actors about information technology and the lack of public awareness and concern for online gambling.</jats:p>",3,2,194,200,,,,,,https://review-unes.com/index.php/law/article/download/166/100 https://review-unes.com/index.php/law/article/view/166,http://dx.doi.org/10.31933/unesrev.v3i2.166,,10.31933/unesrev.v3i2.166,3155465008,,0,,0,true,cc-by,gold
157-972-357-227-989,Image/Video Forensics,2020-12-02,2020,,,,,,Fausto Galvan,"Images and videos, which have always had a huge impact upon the way people perceive the world and form their convictions, are pervasive in today’s reality more than ever. Even in the forensics scenario, evidences are more and more often composed by multimedia in general and visual data in particular. Since the new meaning of “original data” in this digital world requires new approaches to ensure the admissibility of these elements as evidence in a trial, starting from the first years of this century the need to prove the authenticity of a digital evidence became crucial. This work introduces the sub area of Digital Forensics, which has the aim to define and develop the procedures devoted to help operators in this challenging research area. After an introductory part, the topic of this paper was introduced, starting from the meaning of digital evidence, and following with the definition of Image / Video Forensics as a branch of the forensic sciences. Then some methods allowing the extraction of significant information from the images when it is not readily available are examined in detail. Finally, a list of free and non-free software devoted to face the daily challenges coming from processing images and videos for forensic purposes is provided. The work ends with a list of publications containing the Best Practices in the field.",,20,105,123,Image (mathematics); Best practice; Data science; Software; Face (sociological concept); Meaning (existential); Digital evidence; Field (computer science); Computer science; Digital forensics,,,,,https://bulletin.cepol.europa.eu/index.php/bulletin/article/download/399/331 https://bulletin.cepol.europa.eu/index.php/bulletin/article/view/399 http://91.82.159.234/index.php/bulletin/article/view/399,https://bulletin.cepol.europa.eu/index.php/bulletin/article/view/399,,,3107414457,,0,,1,false,,
158-361-243-387-611,XBOX 360 Forensics: A Digital Forensics Guide to Examining Artifacts,2011-01-20,2011,book,,,,,Steven Bolt,"Game consoles have evolved to become complex computer systems that may contain evidence to assist in a criminal investigation. From networking capabilities to chat, voicemail, streaming video and email, the game consoles of today are unrecognizable from complex computer systems. With over 10 million XBOX 360s sold in the United States the likelihood that a criminal investigator encounters an XBOX 360 is a certainty. The digital forensics community has already begun to receive game consoles for examination, but there is no map for them to follow as there may be with other digital media. XBOX 360 Forensics provides that map and present the information for the examiners in an easy to read, easy to read format. Game consoles are routinely seized and contain evidence of criminal activity Author Steve Bolt wrote the first whitepaper on XBOX investigations",,,,,Internet privacy; Criminal investigation; Engineering; World Wide Web; Digital media; Voicemail; Certainty; Digital forensics,,,,,https://www.amazon.com/XBOX-360-Forensics-Examining-Artifacts/dp/1597496235 https://openlibrary.org/books/OL25565650M/Xbox_360_forensics,https://www.amazon.com/XBOX-360-Forensics-Examining-Artifacts/dp/1597496235,,,2264592276,,0,,7,false,,
158-400-818-820-033,"Digital Forensic Investigations: Issues of Intangibility, Complications and Inconsistencies in Cyber-Crimes",,2016,journal article,Journal of Cyber Security and Mobility,22451439; 22454578,River Publishers,Denmark,Ezer Osei Yeboah-Boateng; Elvis Akwa-Bonsu,"The use of the Internet and computing resources as vital business tools continue to gain prominence day-by-day. Computing resources are utilized to create innovative and value-added products and services. Associated with this trend is the extent of cyber-crimes committed against or using computers. Experts anticipate that the extent and severity of cyber-attacks have increased in recent times and are likely to explode, unless some mitigation measures are instituted to curb the menace. As a response to the growth of cyber-crimes, the field of digital forensics has emerged. Digital forensic investigations have evolved with the passage of time and it’s impacted by many externalities. A number of key challenges ought to be addressed, such as the intangibility, complications and inconsistencies associated with the investigations and presentation of prosecutorial artefacts. The digital evidence is usually intangible in nature, such as an electronic pulse or magnetic charge. The question is how can the intangibility of computer crime complicate the digital forensic investigations? To what extent can inconsistencies during the investigation mar the permissibility or admissibility of the evidence? This study is an experimentally exploratory set-up with virtual systems subjected to some malware exploits. Using live response tools, we collected data and analyzed the payloads and the infected systems. Utilizing triage information, memory and disk images were collected for analysis. We also carried out reverse engineering to decompose the payload. The study unearthed the digital truth about malwares and cyber-criminal activities, whilst benchmarking with standard procedures for presenting court admissible digital evidence. The timelines of activities on infected systems were reconstructed. The study demonstrated that externalities of intangibility, complications and inconsistencies can easily mar digital forensic investigations or even bring the entire process to an abrupt end. Further studies would be carried out to demonstrate other ways perpetrators use in concealing valuable digital evidence in a cyber-crime.",4,2,87,104,The Internet; Engineering; Exploit; Intangibility; Digital evidence; Computer security; Process (engineering); Malware; Digital forensics; Benchmarking,,,,,https://journals.riverpublishers.com/index.php/JCSANDM/article/view/5157 https://riverpublishers.com/journal/journal_articles/RP_Journal_2245-1439_425.pdf https://www.riverpublishers.com/journal_read_html_article.php?j=JCSM/4/2/5,http://dx.doi.org/10.13052/jcsm2245-1439.425,,10.13052/jcsm2245-1439.425,2563195391,,0,009-358-080-914-72X; 036-093-518-856-770; 140-188-263-902-537,4,true,,gold
159-094-605-033-945,Mobile Phone Forensics Tool Testing: A Database Driven Approach.,,2007,journal article,International Journal of Digital Evidence,,,,Ibrahim Baggili; Richard Mislan; Marcus K. Rogers,"The Daubert process used in the admissibility of evidence contains major guidelines applied in assessing forensic procedures, two of which are testing and error rates. The Digital Forensic Science (DFS) community is growing and the error rates for the forensic tools need to be continuously re-evaluated as the technology changes. This becomes more difficult in the case of mobile phone forensics, because they are proprietary. This paper discusses a database driven approach that could be used to store data about the mobile phone evidence acquisition testing process. This data can then be used to calculate tool error rates, which can be published and used to validate or invalidate the mobile phone acquisition tools.",6,,,,GSM services; Mobile station; Mobile phone; Computer science; Process (engineering); Network forensics; Mobile technology; Mobile device forensics; Database; Digital forensics,,,,,https://www.utica.edu/academic/institutes/ecii/publications/articles/1C33DF76-D8D3-EFF5-47AE3681FD948D68.pdf https://digitalcommons.newhaven.edu/electricalcomputerengineering-facpubs/27/ https://dblp.uni-trier.de/db/journals/ijde/ijde6.html#BaggiliMR07,https://digitalcommons.newhaven.edu/electricalcomputerengineering-facpubs/27/,,,8407447,,0,007-648-632-822-878; 109-435-258-852-67X; 179-503-171-644-756; 192-810-463-153-431,22,false,,
159-460-967-936-444,Gathering evidence: Model-driven software engineering in automated digital forensics,,2014,,,,,,J. van den Bos,"Digital forensics concerns the acquisition, recovery and analysis of information on digital devices to answer legal questions. Exponential increases in available storage, as well as growing device adoption by the public, have made manual inspection of all information infeasible. A solution is automated digital forensics, which is the use of software to perform tasks in digital forensics automatically, reducing the time required. Software engineering techniques exist to construct high performance solutions. However, one requirement complicates the application of standard techniques: handling the high variability in how investigated information is stored. The number of different devices and applications is huge and constantly changing. This leads to a constant stream of required changes to digital forensics software in order to recover as much information as possible. Factoring out commonality so that the changing aspects of a solution can evolve separately is a supposed strength of model-driven software engineering (MDSE). This separation of concerns is achieved through the use of a domain-specific language (DSL). Changes expressed in this DSL are then automatically applied through the use of transformation tools, which handle fixed requirements such as high performance. The research in this thesis forms an extensive case study in the application of MDSE in the domain of automated digital forensics, using the Rascal metaprogramming language. It provides concrete evidence for the successful application of MDSE in automated digital forensics, and contributes to knowledge about the application of MDSE in general. The implementations illustrate the usefulness of Rascal in DSL engineering.",,,,,Software engineering; Data mining; Domain (software engineering); Digital subscriber line; Implementation; Software; Construct (python library); Metaprogramming; Computer science; Separation of concerns; Digital forensics,,,,,https://ir.cwi.nl/pub/22342/22342B.pdf https://www.narcis.nl/publication/RecordID/oai%3Acwi.nl%3A22342 https://pure.uva.nl/ws/files/1739225/132135_thesis.pdf https://dare.uva.nl/personal/pure/en/publications/gathering-evidence-modeldriven-software-engineering-in-automated-digital-forensics(2dad00ff-d6be-46e3-9833-22ddd89b1e26).html,https://www.narcis.nl/publication/RecordID/oai%3Acwi.nl%3A22342,,,2110265121,,0,,14,false,,
160-624-462-765-065,The survey on cross-border collection of digital evidence by representatives from Polish prosecutors’ offices and judicial authorities,2021-09-30,2021,journal article,"The Journal of Digital Forensics, Security and Law",15587215,,,Paweł Olber,,16,2,3,,Business; Law; Jurisdiction; Cybercrime; Digital evidence; Computer forensics,,,,,https://commons.erau.edu/cgi/viewcontent.cgi?article=1700&context=jdfsl https://commons.erau.edu/jdfsl/vol16/iss2/3/,https://commons.erau.edu/jdfsl/vol16/iss2/3/,,,3212570151,,0,000-566-000-503-971; 012-155-430-901-071; 016-545-450-234-850; 020-233-315-826-687; 029-638-263-419-336; 056-254-180-340-08X; 063-572-994-319-332; 094-800-645-372-553; 098-194-155-526-060; 130-080-242-566-434; 196-758-971-020-221,0,true,cc-by-nc,gold
160-862-926-635-36X,"Current Challenges and Future Research Areas for Digital Forensic
  Investigation",2016-04-13,2016,,,,,,David Lillis; Brett Becker; Tadhg O'Sullivan; Mark Scanlon,"Given the ever-increasing prevalence of technology in modern life, there is a corresponding increase in the likelihood of digital devices being pertinent to a criminal investigation or civil litigation. As a direct consequence, the number of investigations requiring digital forensic expertise is resulting in huge digital evidence backlogs being encountered by law enforcement agencies throughout the world. It can be anticipated that the number of cases requiring digital forensic analysis will greatly increase in the future. It is also likely that each case will require the analysis of an increasing number of devices including computers, smartphones, tablets, cloud-based services, Internet of Things devices, wearables, etc. The variety of new digital evidence sources pose new and challenging problems for the digital investigator from an identification, acquisition, storage and analysis perspective. This paper explores the current challenges contributing to the backlog in digital forensics from a technical standpoint and outlines a number of future research topics that could greatly contribute to a more efficient digital forensic process.",,,,,Digital forensics; Digital evidence; Law enforcement; Computer science; Cloud computing; Data science; Variety (cybernetics); Identification (biology); Process (computing); Computer security; The Internet; Computer forensics; Perspective (graphical); Internet privacy; Internet of Things; World Wide Web; Political science; Law; Artificial intelligence; Botany; Biology; Operating system,,,,,,http://dx.doi.org/10.48550/arxiv.1604.03850,,10.48550/arxiv.1604.03850,,,0,,0,true,,green
160-872-960-221-135,Emerging Forensic Tools for Locating and Analyzing Digital Evidence - Giving Voice to the Silent Witness: : Understanding the Evidence,,,book chapter,Emerging Forensic Tools for Locating and Analyzing Digital Evidence,,IGI Global,,Richard Boddington,,,,8468,9007,Aesthetics; Psychology; Witness; Social psychology,,,,,,http://dx.doi.org/10.4018/978-1-4666-9591-7.les13,,10.4018/978-1-4666-9591-7.les13,2499368177,,0,,0,false,,
161-135-504-333-527,Design and Implementation of a Digital Evidence Management Model Based on Hyperledger Fabric,2020-08-01,2020,journal article,Journal of Information Processing Systems,1976913x,,,Junho Jeong; Donghyo Kim; Byungdo Lee; Yunsik Son,"When a crime occurs, the information necessary for solving the case, and various pieces of the evidence needed to prove the crime are collected from the crime scene. The tangible residues collected through scientific methods at the crime scene become evidence at trial and a clue to prove the facts directly against the offense of the suspect. Therefore, the scientific investigation and forensic handling for securing objective forensic in crime investigation is increasingly important. Today, digital systems, such as smartphones, CCTVs, black boxes, etc. are increasingly used as criminal information investigation clues, and digital forensic is becoming a decisive factor in investigation and trial. However, the systems have the risk that digital forensic may be damaged or manipulated by malicious insiders in the existing centralized management systems based on client/server structure. In this paper, we design and implement a blockchain based digital forensic management model using Hyperledger Fabric and Docker to guarantee the reliability and integrity of digital forensic. The proposed digital evidence management model allows only authorized participants in a distributed environment without a central management agency access the network to share and manage potential crime data. Therefore, it could be relatively safe from malicious internal attackers compared to the existing client/server model.",16,4,760,773,Agency (sociology); Crime scene; Structure (mathematical logic); Suspect; Smart contract; Digital evidence; Distributed Computing Environment; Computer security; Computer science; Digital forensics,,,,,http://jips-k.org/digital-library/2020/16/4/760,http://jips-k.org/digital-library/2020/16/4/760,,,3084378120,,0,,3,false,,
161-921-610-463-171,Secure and Trusted Environment as a Strategy to Maintain the Integrity and Authenticity of Digital Evidence,2015-06-30,2015,journal article,International Journal of Security and Its Applications,17389976,NADIA,South Korea,Yudi Prayudi; Tri Kuntoro Priyambodo,"The authenticity and the integrity of digital evidence are critical issues in digital forensics activities. Both aspects are directly related to the application of The Locard Exchange Principle (LEP), which is a basic principle of the existence of evidence in an event. This principle, not only applies before and at the time the event occurs, but also applies to the investigation process. In the handling of digital evidence, all activities to access the digital evidence are not likely to occur without the mediation of a set of instruments or applications, whereas every application is made possible for the existence of bugs. In addition, the presence of illegal access to the system, malicious software as well as vulnerabilities of a computer system are a number of potential problems that can have an impact on the change in the authenticity and the integrity of digital evidence. If this is the case, secure and trust characteristics that should appear in the activity of digital forensics may be reduced. This paper tries to discuss how the concept of a secure and trusted environment can be applied to maintain the authenticity and integrity of digital evidence. The proposed concept includes the unity of five components, namely standard and forensics policy, security policy, model and trusted management system, trusted computing, secure channel communication, and human factor. The ultimate purpose of this paper is to provide an overview of how the recommendation can be applied to meet the requirements of a secure and trusted environment in digital forensics for keeping the authenticity and the integrity of digital evidence. In general, this paper tends to explain a high-level concept and does not discuss low-level implementation of a secure and trusted environment.",9,6,299,314,Internet privacy; Locard's exchange principle; Engineering; Security policy; Secure channel; Trusted Computing; Digital evidence; Computer security; Event (computing); Malware; Digital forensics,,,,,https://www.earticle.net/Article/A251453,http://dx.doi.org/10.14257/ijsia.2015.9.6.28,,10.14257/ijsia.2015.9.6.28,2556333987,,0,001-576-026-446-552; 002-383-410-319-043; 014-886-222-930-515; 017-793-641-645-475; 025-697-732-683-864; 026-144-692-799-50X; 028-359-027-680-438; 030-266-326-999-894; 031-234-153-523-379; 032-246-414-391-330; 033-075-569-155-300; 040-173-986-975-775; 041-017-598-844-767; 043-589-904-668-295; 044-424-086-644-152; 045-553-653-288-228; 047-491-706-271-238; 049-570-763-365-976; 055-416-156-661-003; 060-139-253-208-292; 066-219-211-495-201; 073-582-404-994-103; 081-366-851-480-757; 082-188-923-827-797; 091-580-195-401-036; 098-748-261-333-651; 099-610-658-392-435; 100-952-909-965-132; 118-181-746-710-581; 124-066-378-359-073; 132-355-634-397-986; 133-508-126-407-763; 134-927-490-231-285; 138-735-529-589-081; 143-114-367-163-473; 151-883-793-490-174; 183-471-286-339-242; 191-920-670-388-656; 192-243-367-271-931; 192-955-966-543-738; 199-172-967-270-034,4,true,,bronze
162-110-149-751-921,The Advanced Data Acquisition Model (ADAM): A Process Model for Digital Forensic Practice,,2013,journal article,"Journal of Digital Forensics, Security and Law",15587223,Embry-Riddle Aeronautical University/Hunt Library,,Richard Adams; Valerie Hobbs; Graham Mann,"As with other types of evidence, the courts make no presumption that digital evidence is reliable without some evidence of empirical testing in relation to the theories and techniques associated with its production. The issue of reliability means that courts pay close attention to the manner in which electronic evidence has been obtained and in particular the process in which the data is captured and stored. Previous process models have tended to focus on one particular area of digital forensic practice, such as law enforcement, and have not incorporated a formal description. We contend that this approach has prevented the establishment of generally accepted standards and processes that are urgently needed in the domain of digital forensics. This paper presents a generic process model as a step towards developing such a generally-accepted standard for a fundamental digital forensic activity-the acquisition of digital evidence.",8,4,25,48,Empirical research; Data science; Presumption; Law enforcement; Digital evidence; Computer security; Computer science; Process (engineering); Computer forensics; Process modeling; Digital forensics,,,,,https://doaj.org/article/7abfdd6ed4c4408987cce9d292cb156d https://researchrepository.murdoch.edu.au/id/eprint/26688/ https://oaji.net/articles/2014/1095-1408891264.pdf https://research-repository.uwa.edu.au/en/publications/the-advanced-data-acquisition-model-adam-a-process-model-for-digi https://researchrepository.murdoch.edu.au/26688/1/advanced_data_acquisition.pdf https://research-repository.uwa.edu.au/en/publications/the-advanced-data-acquisition-model-adam-a-process-model-for-digital-forensic-practice(11eb6e68-4886-4b1b-a4a9-013e44274c3f)/export.html https://dblp.uni-trier.de/db/journals/jdfsl/jdfsl8.html#AdamsHM13 https://commons.erau.edu/jdfsl/vol8/iss4/2/ https://commons.erau.edu/cgi/viewcontent.cgi?article=1154&context=jdfsl https://doi.org/10.15394/jdfsl.2013.1154 https://core.ac.uk/display/77134060,http://dx.doi.org/10.15394/jdfsl.2013.1154,,10.15394/jdfsl.2013.1154,1525847438,,0,000-557-324-827-169; 010-086-703-646-194; 019-698-064-288-240; 020-944-423-224-895; 021-850-998-857-676; 022-502-903-446-942; 030-634-360-648-226; 032-697-093-668-898; 038-668-970-194-854; 067-726-260-424-525; 132-355-634-397-986; 133-397-275-695-990; 142-244-092-034-937; 143-562-788-834-457; 190-065-821-748-92X; 199-745-676-923-766,28,true,cc-by-nc,gold
162-814-268-960-713,Examination of Digital Evidence on Android-based LINE Messenger,,2018,journal article,International Journal of Cyber-Security and Digital Forensics,23050012,The Society of Digital Information and Wireless Communications (SDIWC),," Riadi; Ammar Fauzan Sunardi",,7,3,336,343,Operating system; Digital evidence; Computer science; Wireless; Android (operating system),,,,,https://sdiwc.net/digital-library/examination-of-digital-evidence-on-androidbased-line-messenger.html,http://dx.doi.org/10.17781/p002472,,10.17781/p002472,2891077758,,0,000-225-165-729-99X; 006-700-167-776-341; 053-394-227-052-76X; 152-458-317-042-249; 185-798-265-234-254,3,false,,
162-864-397-044-696,e-Forensics - FIA: An open forensic integration architecture for composing digital evidence,,2009,book chapter,"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering",18678211; 1867822x,Springer Berlin Heidelberg,Germany,Sriram Raghavan; Andrew Clark; George M. Mohay,"The analysis and value of digital evidence in an investigation has been the domain of discourse in the digital forensic community for several years. While many works have considered different approaches to model digital evidence, a comprehensive understanding of the process of merging different evidence items recovered during a forensic analysis is still a distant dream. With the advent of modern technologies, pro-active measures are integral to keeping abreast of all forms of cyber crimes and attacks. This paper motivates the need to formalize the process of analyzing digital evidence from multiple sources simultaneously. In this paper, we present the forensic integration architecture (FIA) which provides a framework for abstracting the evidence source and storage format information from digital evidence and explores the concept of integrating evidence information from multiple sources. The FIA architecture identifies evidence information from multiple sources that enables an investigator to build theories to reconstruct the past. FIA is hierarchically composed of multiple layers and adopts a technology independent approach. FIA is also open and extensible making it simple to adapt to technological changes. We present a case study using a hypothetical car theft case to demonstrate the concepts and illustrate the value it brings into the field.",8,,83,94,Architecture; World Wide Web; Technological change; Domain of discourse; Data science; SIMPLE (military communications protocol); Digital evidence; Field (computer science); Computer science; Process (engineering); Digital forensics,,,,,https://eudl.eu/doi/10.1007/978-3-642-02312-5_10 http://securecyberspace.org/yahoo_site_admin/assets/docs/fia.334154721.pdf https://rd.springer.com/chapter/10.1007/978-3-642-02312-5_10 https://doi.org/10.1007/978-3-642-02312-5_10 https://link.springer.com/content/pdf/10.1007%2F978-3-642-02312-5_10.pdf https://ui.adsabs.harvard.edu/abs/2009ftim.book...83R/abstract http://eprints.qut.edu.au/28073/1/c28073.pdf https://link.springer.com/chapter/10.1007%2F978-3-642-02312-5_10 https://dblp.uni-trier.de/db/conf/eforensics/eforensics2009.html#RaghavanCM09 https://securecyberspace.org/yahoo_site_admin/assets/docs/fia.334154721.pdf https://core.ac.uk/display/101253910 https://eudl.eu/pdf/10.1007/978-3-642-02312-5_10 https://eprints.qut.edu.au/28073/ https://core.ac.uk/download/10894228.pdf,http://dx.doi.org/10.1007/978-3-642-02312-5_10,,10.1007/978-3-642-02312-5_10,2191313340,,0,017-840-378-634-021; 020-944-423-224-895; 024-216-399-693-64X; 024-735-069-822-749; 026-810-683-474-561; 051-165-387-606-715; 058-409-370-512-563; 060-650-561-577-338; 081-437-161-307-223; 081-933-261-712-915; 102-602-192-826-532; 105-427-271-392-801; 111-471-986-310-852; 117-239-595-156-183; 133-752-203-150-119; 142-226-580-142-17X; 142-816-347-811-541; 149-010-267-691-537; 150-249-549-372-358; 166-842-256-824-283,27,true,,green
163-308-959-548-845,"Forensic and Digital Evidence be used as Substantial Evidence in Criminal Cases, an Effective Alternative of Ocular Account: Evaluation in the Light of New Amendments. What are the Requirements of Admissibility and Reliability of Digital and Forensic Evidence?",2022-01-01,2022,journal article,SSRN Electronic Journal,15565068,Elsevier BV,,Dr. Muhammad Ramzan,,,,,,Digital evidence; Admissible evidence; Criminology; Psychology; Law; Computer science; Political science; Computer security; Digital forensics,,,,,,http://dx.doi.org/10.2139/ssrn.4021315,,10.2139/ssrn.4021315,,,0,,0,false,,
163-556-689-642-905,Visualizing and Reasoning about Presentable Digital Forensic Evidence with Knowledge Graphs,2022-08-22,2022,conference proceedings article,"2022 19th Annual International Conference on Privacy, Security & Trust (PST)",,IEEE,,Weifeng Xu; Dianxiang Xu,"Making digital evidence presentable is hard due to the intangible and complex nature of digital evidence and the variety of targeted audiences. In this paper, we present Digital Forensic Knowledge Graph (DFKG) for visualizing and reasoning about digital forensic evidence. We first describe the criteria of presentable evidence to ensure authenticity, integrity, validity, credibility, and relevance of evidence. Then we specify DFKG to capture presentable forensic evidence from three perspectives: (1) the background of a criminal case, (2) the reconstructed timeline of a criminal case, and (3) the verifiable digital evidence related to the criminal activity timeline. We also present a case study to illustrate the DFKG-based approach.",,,,,Digital evidence; Timeline; Digital forensics; Credibility; Computer science; Computer forensics; Variety (cybernetics); Haystack; Data science; Relevance (law); Heuristics; Verifiable secret sharing; Criminal investigation,,,,National Science Foundation,,http://dx.doi.org/10.1109/pst55820.2022.9851972,,10.1109/pst55820.2022.9851972,,,0,,0,false,,
163-570-571-702-061,Conceptual Model for Crowd-Sourcing Digital Forensic Evidence,2022-03-03,2022,book chapter,Innovations in Smart Cities Applications Volume 5,23673370; 23673389,Springer International Publishing,,Stacey O. Baror; H. S. Venter; Victor R. Kebande,"AbstractCOVID-19 scourge has made it challenging to combat digital crimes due to the complexity of attributing potential security incidents to perpetrators. Existing literature does not accurately pinpoint relevant models/frameworks that can be leveraged for crowd-sourcing digital forensic evidence. This paper suggests using feature engineering approaches for crowd-sourcing digital evidence to profile potential security incidents, for example, in a COVID-19 scenario. The authors have proposed a conceptual Crowd-sourcing (CRWD) model with three main components: Forensic data collection, feature engineering and the application of machine learning approaches, and also assessment with standardized reporting. This contribution is significantly poised to solve future investigative capabilities for forensic practitioners and computer security researchers.KeywordsCrowd-sourcingCitizen-mediaDigital forensicsDigital evidenceCOVID-19",,,1085,1099,Digital forensics; Crowd sourcing; Feature (linguistics); Computer science; Digital evidence; Data science; Computer forensics; Computer security; Conceptual model; Philosophy; Linguistics; Database,,,,,,http://dx.doi.org/10.1007/978-3-030-94191-8_88,,10.1007/978-3-030-94191-8_88,,,0,009-602-962-569-229; 018-948-094-812-86X; 022-564-463-934-451; 025-178-552-649-015; 039-305-256-681-624; 043-826-131-546-638; 059-259-197-397-244; 060-363-174-947-595; 069-238-855-724-324; 069-650-616-212-510; 078-995-601-408-182; 080-645-761-843-943; 087-140-850-591-101; 106-763-893-692-621; 113-505-359-772-367; 115-036-799-197-654; 119-787-245-358-965; 132-203-833-801-854; 140-171-846-622-421; 162-498-144-800-150,0,false,,
164-385-694-618-291,Digital forensics in Malaysia,2014-01-23,2014,journal article,Digital Evidence and Electronic Signature Law Review,20548508; 17564611,School of Advanced Study,Spain,Aswami Ariffin; Izwan Iskandar Ishak,"Conference paper on Digital forensics in Malaysia by Aswami Fadillah Mohd Ariffin and Izwan Iskandar Ishak. Aswami Fadillah Mohd Ariffin is the Head of Digital Forensic, CyberSecurity Malaysia and Izwan Iskandar Ishak is a Senior Executive, Strategic Policy & Legal Research of CyberSecurity (Malaysia).",5,0,,,Engineering; Strategic policy; Computer security; Public relations; Legal research; Digital forensics,,,,,https://journals.sas.ac.uk/deeslr/article/view/1849 https://sas-space.sas.ac.uk/5441/,http://dx.doi.org/10.14296/deeslr.v5i0.1849,,10.14296/deeslr.v5i0.1849,2053558031,,0,,2,true,cc-by-nc-nd,hybrid
164-826-910-354-405,IFIP Int. Conf. Digital Forensics - Uncertainty in Live Forensics,,2010,book chapter,Advances in Digital Forensics VI,18684238; 18612288; 1868422x; 15715736,Springer Berlin Heidelberg,Germany,Antonio Savoldi; Paolo Gubian; Isao Echizen,The goal of live digital forensics is to collect crucial evidence that cannot be acquired under the well-known paradigm of post-mortem analysis. Volatile information in computer memory is ephemeral by definition and can be altered as a consequence of the live forensic approach. Every running tool on an investigated system leaves artifacts and changes the system state. This paper focuses on the understanding and measurement of the uncertainty related to the important and emerging paradigm of live forensic investigations. It also presents some practical examples related to the evaluation of uncertainty.,,,171,184,Measurement uncertainty; Live forensics; Computer security; Computer science; State (computer science); Digital forensics; Computer memory,,,,,https://rd.springer.com/chapter/10.1007/978-3-642-15506-2_12 https://dblp.uni-trier.de/db/conf/ifip11-9/df2010.html#SavoldiGE10 https://hal.inria.fr/hal-01060617 https://doi.org/10.1007/978-3-642-15506-2_12 https://link.springer.com/content/pdf/10.1007%2F978-3-642-15506-2_12.pdf https://hal.inria.fr/hal-01060617/document https://link.springer.com/chapter/10.1007/978-3-642-15506-2_12,http://dx.doi.org/10.1007/978-3-642-15506-2_12,,10.1007/978-3-642-15506-2_12,110453803,,0,002-633-789-384-681; 004-747-131-290-88X; 010-406-375-514-722; 018-182-926-340-45X; 024-314-616-027-58X; 043-376-680-900-614; 093-648-400-539-933; 100-129-584-714-237; 102-822-532-339-461; 112-976-577-460-323,8,true,cc-by,green
165-167-398-973-185,Jailbroken iPhone Forensics for the Investigations and Controversy to Digital Evidence,2015-07-01,2015,,,,,,Ya-Ting Chang; Ke-Chun Teng; Yu-Cheng Tso; Shiuh-Jeng Wang,"The smartphone has gradually become an indispensable assistant in our daily life. Apple's iPhone is one of the most popular smartphones. However, once the iPhone has become a criminal tool for assisting the offender, the electromagnetic record in the iPhone will become the key digital evidence to reconstruct the scene of the crime. There is a high probability that offenders perform the Jailbreak procedure in order to gain more powerful functions on iPhones. When the Jailbreak work has processed, this will make the implementation of digital forensic extraction smoother. Otherwise, there is controversy surrounding iPhone evidencehandling if the forensic investigators perform the Jailbreak procedure for the non-Jailbroken iPhone just to make the implementation of digital forensic extraction easier. Therefore, this paper observes the diversification of iPhone evidence via the comparison between before and after performing Jailbreak procedure by using XRY forensic commercial tool kit and Apple iTunes logical extraction. We not only clarify the controversy of whether the key-evidence on the iPhone after its Jailbroken will be varied or not, but also provide a summary report about iPhone evidence and digital forensics as a court reference.",26,2,19,33,Engineering; World Wide Web; Key (cryptography); Digital evidence; Digital forensics,,,,,http://csroc.org.tw/journal/JOC26-2/JOC26-2-4.pdf,http://csroc.org.tw/journal/JOC26-2/JOC26-2-4.pdf,,,2413801835,,0,043-401-794-966-947; 071-429-454-876-38X; 075-268-039-596-63X; 102-511-394-465-006; 107-065-661-568-240,6,false,,
165-220-305-640-964,"Critical factors influencing decision to adopt digital forensic by Malaysian law enforcement agencies: a review of PRISMA / Siti Nuur-Ila Mat Kamal, Othman Ibrahim and Mehrbakhsh Nilashi",,2019,,,,,,Siti Nuur-Ila Mat Kamal; Othman Ibrahim; Mehrbakhsh Nilashi,"The technological advancement in today’s era has been characterized by a proliferation of digital devices and system. This scenario is seen significant in bringing a great impact to the increasing needs of digital forensic to be recognized as a crucial tool and yet an investigative procedures in facilitating; today’s organizations especially the law enforcement agencies to react into the cybercrime cases that fall under their respective jurisdiction. However, in a context of a developing country, the adoption nature towards digital forensic by Malaysian law enforcement agencies is unfavorable which ultimately affects an efficient, timeliness, cost-effective, and less-impact of digital evidence investigation. The purpose of; this paper is to examine the factors affecting the decision of Malaysian law enforcement agencies to adopt digital forensic. The study employed PRISMA as a reference methodology to identify the factors and developing the initial adoption model. The methodology has revealed 12 factors that influence the; adoption decision of digital forensic. These factors are organized into three dimensions under the premise of TOE framework namely technological, organizational and environmental. The study is contributing by addressing the key driving factors that delineate an understanding towards the context of digital forensic as an innovation adoption at the organizational level in which further will be exploited; to formulate the adoption model.",,,,,Business; Jurisdiction; Kamal; Premise; Cybercrime; Context (language use); Law enforcement; Digital evidence; Knowledge management; Digital forensics,,,,,https://ir.uitm.edu.my/id/eprint/41878/,https://ir.uitm.edu.my/id/eprint/41878/,,,3194758061,,0,,0,false,,
165-354-182-797-278,ARES - Automated construction of a false digital alibi,,2011,book chapter,Lecture Notes in Computer Science,03029743; 16113349,Springer Berlin Heidelberg,Germany,Alfredo De Santis; Aniello Castiglione; Giuseppe Cattaneo; Giancarlo De Maio; Mario Ianulardo,"Recent legal cases have shown that digital evidence is becoming more widely used in court proceedings (by defense, accusation, public prosecutor, etc.). Digital tracks can be left on computers, phones, digital cameras as well as third party servers belonging to Internet Service Providers (ISPs), telephone providers and companies that provide services via Internet such as YouTube, Facebook and Gmail.; ; This work highlights the possibility to set up a false digital alibi in a fully automatic way without any human intervention. A forensic investigation on the digital evidence produced cannot establish whether such traces have been produced through either human activity or by an automated tool. These considerations stress the difference between digital and physical - namely traditional - evidence. Essentially, digital evidence should be considered relevant only if supported by evidence collected using traditional investigation techniques. The results of this work should be considered by anyone involved in a Digital Forensics investigation, due to it demonstrating that court rulings should not be based only on digital evidence, with it always being correlated to additional information provided by the various disciplines of Forensics Sciences.",,,359,373,Internet privacy; The Internet; Alibi; Digital evidence; Computer security; Computer science; Computer forensics; False accusation; Intervention (law); Digital forensics; Server,,,,,https://core.ac.uk/display/53781440 https://hal.inria.fr/hal-01590408/document https://link.springer.com/chapter/10.1007%2F978-3-642-23300-5_28 https://hal.inria.fr/IFIP-LNCS-6908/hal-01590408 https://dblp.uni-trier.de/db/conf/IEEEares/ares2011.html#SantisCCMI11 https://www.iris.unisa.it/handle/11386/3032027 https://hal.archives-ouvertes.fr/hal-01590408 https://rd.springer.com/chapter/10.1007/978-3-642-23300-5_28,http://dx.doi.org/10.1007/978-3-642-23300-5_28,,10.1007/978-3-642-23300-5_28,2258895775,,0,009-452-389-564-781; 016-983-559-523-04X; 022-361-033-778-516; 022-462-631-389-054; 041-030-338-346-880; 048-872-745-961-421; 070-899-271-694-460; 089-357-800-512-647; 101-055-750-233-541; 103-063-111-601-822; 118-616-296-088-480; 142-226-580-142-17X,21,true,cc-by,green
165-408-203-311-152,Proposal for a digital forensic investigation model in accordance with the legislation in Mexico,2019-12-31,2019,journal article,ECORFAN Journal Spain,24443204,ECORFAN,,Carlos Ortega-Laurel; Jacobo Sandoval-Gutierrez; Juan López-Sauceda; Adan Fernando Serrano-Orozco,"<jats:p>In this paper we collect and observes the existing digital forensic investigation models, which are essentially the application of information systems and communications engineering for forensic purposes. In addition, a review of the federal criminal situation in Mexico is presented (through the revision of the regulations in the Federal Criminal Code), because the Code indirectly describes the reality of what can be prosecuted and admitted as evidence, criminally speaking, with the application of digital forensic investigation models in Mexico. This is due to the significant deficiency in the proposal of digital forensic investigation models, in which there is not enough emphasis on the potential admissibility of the evidence gathered through the models, to give attention to the need to provide “evidence” to Institutions responsible for the impartation of justice, as if doing digital forensic investigation to be a technological issue and not as it really is: a socio-legal-technological issue. Therefore, considering the criminal reality in Mexico, locating the practices of existing models that make sense in accordance with the norm, an abbreviated model is proposed that really helps successful prosecutions.</jats:p>",,,1,9,Law; Legislation; Digital forensic investigation; Computer science,,,,,http://dx.doi.org/10.35429/ejs.2019.11.6.1.9,http://dx.doi.org/10.35429/ejs.2019.11.6.1.9,,10.35429/ejs.2019.11.6.1.9,3144221687,,0,004-706-447-836-905; 004-872-169-627-620; 010-086-703-646-194; 020-944-423-224-895; 022-502-201-281-354; 032-697-093-668-898; 038-668-970-194-854; 047-630-600-014-492; 055-628-715-083-217; 067-950-012-629-210; 072-603-853-459-193; 087-665-408-966-240; 132-355-634-397-986; 133-397-275-695-990; 140-821-103-436-654; 159-477-048-665-066; 170-299-458-679-224; 190-065-821-748-92X; 199-745-676-923-766,0,false,,
165-507-258-776-217,Review of Evidence Collection and Protection Phases in Digital Forensics Process,2017-12-30,2017,,,,,,Yesim Ulgen Sonmez; Asaf Varol,"This study reviews crime scene investigation, collection of evidence, and protecting evidence phases of digital forensic process based on the research in the literature. Using appropriate methods for collecting and protecting electronic evidence would contribute to digital forensics and information technology law. In order to have effective evidence analysis, the first phases of the digital forensic process need to be completed through appropriate methods. In this study, the main emphasis will be on digital forensics process as well as hardware and software utilized during this procedure.   Keywords- Digital forensic process; collecting evidence; protecting evidence.",6,4,39,45,Crime scene; Data science; Digital forensic process; Software; Evidence collection; Evidence analysis; Computer science; Process (engineering); Legal aspects of computing; Digital forensics,,,,,https://ijiss.org/ijiss/index.php/ijiss/article/download/267/pdf_49 https://www.ijiss.org/ijiss/index.php/ijiss/article/view/267,https://www.ijiss.org/ijiss/index.php/ijiss/article/view/267,,,2805885704,,0,,1,false,,
165-553-984-556-355,Increasing digital investigator availability through efficient workflow management and automation,2017-08-29,2017,,arXiv: Cryptography and Security,,,,Ronald In de Braekt; Nhien-An Le-Khac; Jason Farina; Mark Scanlon; M-Tahar Kechadi,"The growth of digital storage capacities and diversity devices has had a significant time impact on digital forensic laboratories in law enforcement. Backlogs have become commonplace and increasingly more time is spent in the acquisition and preparation steps of an investigation as opposed to detailed evidence analysis and reporting. There is generally little room for increasing digital investigation capacity in law enforcement digital forensic units and the allocated budgets for these units are often decreasing. In the context of developing an efficient investigation process, one of the key challenges amounts to how to achieve more with less. This paper proposes a workflow management automation framework for handling common digital forensic tools. The objective is to streamline the digital investigation workflow - enabling more efficient use of limited hardware and software. The proposed automation framework reduces the time digital forensic experts waste conducting time-consuming, though necessary, tasks. The evidence processing time is decreased through server-side automation resulting in 24/7 evidence preparation. The proposed framework increases efficiency of use of forensic software and hardware, reduces the infrastructure costs and license fees, and simplifies the preparation steps for the digital investigator. The proposed approach is evaluated in a real-world scenario to evaluate its robustness and highlight its benefits.",,,,,Automation; Software engineering; Forensic science; Workflow; Software; Law enforcement; License; Computer science; Digital forensics,,,,,https://arxiv.org/abs/1708.09053 https://arxiv.org/pdf/1708.09053,https://arxiv.org/abs/1708.09053,,,2949480918,,0,,0,true,,
165-816-196-349-20X,Developing Trends and Challenges of Digital Forensics,2021-10-22,2021,conference proceedings article,2021 5th International Conference on Information Systems and Computer Networks (ISCON),,IEEE,,Asheesh Tiwari; Vibhu Mehrotra; Shubh Goel; Kumar Naman; Shashank Maurya; Ritik Agarwal,"Digital forensics is concerned with identifying, reporting and responding to security breaches. It is about how to acquire, analyze and report digital evidence and using the technical skills, discovering the traces of Cyber Crime. The field of digital forensics is in high demand due to the constant threats of data breaches and information hacks. Digital Forensics is utilized in the identification and elimination of crimes in any controversy where evidence is preserved in online space. This is the use of specialized techniques for retrieval, authentication and electronic data analysis. Computer forensics deals with the identification, preservation, analysis, documentation and presentation of digital evidence. The paper has analyzed the present-day trends that includes IoT forensics, cloud forensics, network forensics and social media forensics. Recent researches have shown a wide range of threats and cyber-attacks, which requires forensic investigators and forensics scientists to simplify the digital world. Hence, all our research gives a clear view of digital forensics which could be of a great help in forensic investigation. In this research paper we have discussed about the need and way to preserve the digital evidence, so that it is not compromised at any point in time and an unalter evidence can be presented before the court of law.",,,,,Digital forensics; Computer forensics; Network forensics; Computer science; Digital evidence; Computer security; Authentication (law); Identification (biology); Documentation; Cloud computing; Data science; Internet privacy,,,,,,http://dx.doi.org/10.1109/iscon52037.2021.9702301,,10.1109/iscon52037.2021.9702301,,,0,,0,false,,
165-956-283-954-04X,Digital evidence and digital forensic education,2016-11-05,2016,journal article,Digital Evidence and Electronic Signature Law Review,20548508; 17564611,School of Advanced Study,Spain,Goran Oparnica,"Introduction by editor: I invited Goran to write about the need for education in digital evidence from his perspective: that is, somebody that moved into digital forensics in Croatia some years ago because of a need by his then employers. Goran is well aware of some of the excellent books on digital forensics, as well as the books written by lawyers on the topic. This is a polemic and a personal view from a person providing a digital forensics service in a country that does not have the luxury of resources that other, better off, countries have. This article has been written in an attempt to convince the people responsible for the curricula that it is not possible to respond against organized crime without a substantial shift in approach towards digital evidence. Index words: digital evidence; digital forensics; education; lawyers; judges; legal academics",13,0,143,147,Political science; Digital native; Law; Organised crime; Index (publishing); Digital evidence; Göran; Media studies; Curriculum; Computer forensics; Digital forensics,,,,,https://journals.sas.ac.uk/deeslr/article/view/2305,http://dx.doi.org/10.14296/deeslr.v13i0.2305,,10.14296/deeslr.v13i0.2305,2555146856,,0,,6,true,cc-by-nc-nd,gold
166-520-343-699-837,Cloud Foren：A Novel Framework for Digital Forensics in Cloud Computing,,2014,,,,,,null Mathew; null Nyamagwa; null Jigang; null Liu; null Anyi; null Tetsutaro; null Uehara,"Since its birth in the early 90 ’s,digital forensics has been mainly focused on collecting and examining digital evidence from computers and networks that are controlled and owned by individuals or organizations.As cloud computing has recently emerged as a dominant platform for running applications and storing data,digital forensics faces well-known challenges in the cloud,such as data inaccessibility,data and service volatility,and law enforcement lacks control over the cloud.To date,very little research has been done to develop efficient theory and practice for digital forensics in the cloud.In this paper,we present a novel framework,Cloud Foren,which systematically addresses the challenges of forensics in cloud computing.Cloud Foren covers the entire process of digital forensics,from the initial point of complaint to the final point where the evidence is confirmed.The key components of Cloud Foren address some challenges,which are unique to the cloud.The proposed forensic process allows cloud forensic examiner,cloud provider,and cloud customer collaborate naturally.We use two case studies to demonstrate the applicability of Cloud Foren.We believe Cloud Foren holds great promise for more precise and automatic digital forensics in a cloud computing environment.",21,6,39,45,Engineering; Point (typography); Key (cryptography); Law enforcement; Digital evidence; Service (systems architecture); Computer security; Process (engineering); Cloud computing; Digital forensics,,,,,http://www.cqvip.com/QK/86045X/201406/663564900.html,http://www.cqvip.com/QK/86045X/201406/663564900.html,,,1178256208,,0,,0,false,,
167-471-478-567-661,Development of Digital Evidence Collector and File Classification System with K-Means Algorithm,,2019,conference proceedings article,2019 IEEE Asia Pacific Conference on Wireless and Mobile (APWiMob),,IEEE,,Muhammad Faris Ruriawan; Bintaran Anggono; Isaac Anugerah Siahaan; Yudha Purwanto,"Digital forensic is a branch of forensic science that focuses on research on the usual storage media that electronic users use such as hard disks, flash drives or other devices used on computers. The output is called digital evidence. The purpose of doing digital forensics is to find an evidence that can be used in the investigation of a case, until the evidence becomes valid and could be used as evidence in court. In this research, we implement a system of digital evidence collection, recovery, and file classification application. The classification was done by K-Means clustering algorithm. The system could detect the storage media, duplicate the content, and classify the output using K-Means algorithm. It can help a forensic examiner in the collection, examination, analysis, and reporting phase in accordance with NIST SP 800–86. The application also can assist investigators in managing files in the storage media as digital evidence so that outputs are obtained in accordance with applicable law.",,,,,NIST; k-means clustering; Information retrieval; Development (topology); Flash (photography); Digital evidence; Computer science; Cluster analysis; Digital forensics,,,,,http://xplorestaging.ieee.org/ielx7/8952088/8964122/08964232.pdf?arnumber=8964232 http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=8964232,http://dx.doi.org/10.1109/apwimob48441.2019.8964232,,10.1109/apwimob48441.2019.8964232,3002578153,,0,015-078-227-274-896; 018-332-230-662-937; 026-510-318-976-518; 029-211-923-145-009; 051-885-225-497-160; 098-669-156-394-924; 106-540-610-193-788; 108-466-376-737-387,3,false,,
168-154-234-490-116,A Scheme for Improvement of Tenseless Digital Evidence in Computer Forensics,,2008,journal article,Communications Technology,08842272,,,LI Xiao-sheng,"Data in the hard disk,as digital evidence,because of its tenselessness,can not reflect and prove the time or the state of a case in computer forensics.Thus it makes the evidence poor in range and force.This paper discusses the tense of digital evidence,and proposes a scheme for improvement of tenseless digital evidence based on the new object and procedure in forensics.And it is effective to make the evidence powerful in range and force on a certain level.",,,,,Range (mathematics); Information retrieval; Scheme (programming language); Digital evidence; Computer security; Computer science; State (computer science); Network forensics; Computer forensics; Object (computer science),,,,,http://en.cnki.com.cn/Article_en/CJFDTOTAL-TXJS200804046.htm,http://en.cnki.com.cn/Article_en/CJFDTOTAL-TXJS200804046.htm,,,2361296930,,0,,0,false,,
170-231-591-893-990,A SSL-based Security Solution for Digital Evidence Protection Mechanism,,2008,journal article,Journal of Mianyang Normal University,1672612x,,,You Jun-chen,"With the development of information technology,the problem of computer crime comes to be more and more severe,it directly endangers the normal order of politics,economy and culture.Under the situation that ways of computer crime and safeguard techniques of network security are continually upgraded,computer forensics appears and develops rapidly.The main purpose of computer forensics is to collect digital evidence,reconstruct the alibi and provide valid evidences for law case.This paper presents the SSL-based Digital-evidence Protection Mechanism and conducts a detailed analysis of its security.It Introduces the shortcomings of SSL protocol and the theory of digital certificates.These improvements ensure the confidentiality and integrity of information in the digital evidence,fastening an important part of the chain of evidence for preservation.",,,,,Digital signature; Information technology; Engineering; Transport Layer Security; Network security; Protection mechanism; Digital evidence; Computer security; Network forensics; Computer forensics,,,,,https://en.cnki.com.cn/Article_en/CJFDTotal-MYSF200805023.htm,https://en.cnki.com.cn/Article_en/CJFDTotal-MYSF200805023.htm,,,2390944675,,0,,0,false,,
170-301-530-918-542,Id entification and Analysis of hard disk drive in digital forensic,2011-09-01,2011,,,,,,KM Kumar; Sanjeev Sofat; Naveen Aggarwal;  Stract,"The dramatic increase in crime relating to the Internet and computers has caused a growing need for computer forensics. Computer forensic tools have been developed to assist computer forensic investigators in conducting a proper investigation into digital crimes. Digital forensics is a growing and important fields of research for current intelligence, law enforcement, and military organizations today. As more information is stored in digital form, the need and ability to analyze and process this information for relevant evidence has grown in complexity. Digital Forensics helps this information for analyzing and evaluating digital data as evidence. The practice of digital forensics is new. When computers became common in homes and businesses, the police more and more often came across computers which contained forensic evidence. This paper focuses on the identification and analysis of hard disk drive in digital forensics examination.",02,05,1674,1678,The Internet; Digital data; Law enforcement; Computer security; Computer science; Process (engineering); Computer forensics; Identification (information); Digital forensics,,,,,https://doaj.org/article/844051e8a62d4689969eee3a2d8972ae,https://doaj.org/article/844051e8a62d4689969eee3a2d8972ae,,,2181728705,,0,005-573-416-928-102; 038-668-970-194-854,2,false,,
170-323-767-747-961,"Cyber Forensics: From Data to Digital Evidence - Forensic Investigations, ABC Inc.",2015-10-02,2015,book chapter,Cyber Forensics,,"John Wiley & Sons, Inc.",,Albert J. Marcella; Frederic Guillossou,,,,297,302,,,,,,,http://dx.doi.org/10.1002/9781119203452.app1,,10.1002/9781119203452.app1,2503274091,,0,,1,true,,bronze
170-329-612-162-94X,Discovery of Digital Evidence in Criminal Cases,,2012,book chapter,Digital Forensics for Legal Professionals,,Elsevier,,Larry E. Daniel; Lars E. Daniel,,,,107,111,Engineering; Data science; Order (business); Cover (telecommunications); Law enforcement; Federal Rules of Civil Procedure; Digital evidence; Computer security; Civil procedure; Ask price; Business process discovery,,,,,http://www.sciencedirect.com/science/article/pii/B978159749643800016X https://www.sciencedirect.com/science/article/pii/B978159749643800016X,http://dx.doi.org/10.1016/b978-1-59749-643-8.00015-8,,10.1016/b978-1-59749-643-8.00015-8,2023400533,,0,,0,false,,
170-457-078-268-117,Transforming Forensics Digital: What works in digital forensics? (Effectiveness of digital forensics techniques),2019-04-30,2019,,,,,,Asma Patel; Rob Shaw; Behnam Bazli,"The Transforming Forensics Digital project commissioned this Rapid Evidence Assessment (REA) to answer the following research question: What works in digital forensics? (Effectiveness of digital forensics techniques) The review of the evidence serves multiple goals. First, it explores what are the existing digital forensic techniques in use by practitioners? It was carried out rapidly in order to provide the Digital project and the wider Transforming Forensics programme with the necessary information about the effectiveness of digital forensics techniques that are in use by practitioners. Second, it provides a taxonomy of digital forensics techniques. Third, it identifies research challenges, gaps, and opportunities to assist the ongoing the Digital project to understand where the future investment may be most effectively targeted to improve digital service provision. This review thus generates valuable methodological lessons for similar exercises going forward. The review examines academic articles and evaluation published in English between 2014 and 2019. It adopts a systematic approach to the literature search and quality assessment to maximise transparency, replicability and the potential to update.",,,,,Data science; Research question; Transparency (behavior); Service provision; Quality assessment; Computer science; Digital forensics,,,,,http://eprints.staffs.ac.uk/5757/,http://eprints.staffs.ac.uk/5757/,,,2971695255,,0,,0,false,,
171-292-165-415-510,ANALISIS REKAMAN SUARA BARANG BUKTI DIGITAL MENGGUNAKAN METODE AUDIO FORENSIK,2018-08-14,2018,dissertation,,,,,Nurul Hasnah,"Audio Forensic is a part of digital forensics, where audio forensics itself focuses on examining digital evidence relating to sound recordings. Which digital evidence itself is often submitted in court. The evidence submitted to the trial must be valid evidence which has been analyzed by an expert related to the evidence.; The method used to analyze sound recordings is audio forensic method consisting of Pitch analysis, Formant and Bandwidth, Graphical Distribution and Spectogram. To analyze the voice recording is also in accordance with the Standard Operating Procedure (SOP) 12 on Analysis Audio Forensic from the Digital Forensic Analyst Team (DFAT).; The results of the analysis of the sound recordings of the evidence will be compared with comparative sound recordings that have been analyzed using the audio forensic method and proven whether the sound recordings of the evidence come from the same person or not.",,,,,Formant; Audio forensics; Digital evidence; Speech recognition; Computer science; Digital forensics,,,,,https://digilib.uin-suka.ac.id/34025/,https://digilib.uin-suka.ac.id/34025/,,,2936406067,,0,,0,false,,
171-464-767-472-377,A concept mapping case domain modeling approach for digital forensic investigations,,2010,dissertation,,,,,David A. Dampier; April Tanner,"Over the decades, computer forensics has expanded from primarily examining computer evidence found on hard drives into the examination of digital devices with increasing storage capacity, to the identification of crimes and illegal activities involving the use of computers, to addressing standards and practices deficiencies, and to addressing the need to educate and train law enforcement, computer forensic technicians, and investigators.; This dissertation presents the concept mapping case domain modeling approach to aid examiners/investigators in searching and identifying digital evidence and analyzing the case domain during the examination and analysis phase of the computer forensic investigation. The examination and analysis phases of a computer forensic process are two of the most important phases of the investigative process because the search for and identification of evidence data is crucial to a case; any data uncovered will help determine the guilt or innocence of a suspect. In addition, these phases can become very time consuming and cumbersome. Therefore, finding a method to reduce the amount of time spent searching and identifying potential evidence and analyzing the case domain would greatly enhance the efficiency of the computer forensic process.; The hypothesis of this dissertation is that the concept mapping case domain modeling approach can serve as a method for organizing, examining, and analyzing digital forensic evidence and can enhance the quality of forensic examinations without increasing the time required to examine and analyze forensic evidence by more than 5%. Four experiments were conducted to evaluate the effectiveness of the concept mapping case domain modeling approach. Analysis of the experiments supports the hypothesis that the concept mapping case domain modeling approach can be used to organize, search, identify, and analyze digital evidence in an examination.",,,,,Engineering; Domain (software engineering); Concept map; Data science; Digital evidence; Operations research; Process (engineering); Computer forensics; Identification (information); Digital forensics; Domain model,,,,,https://dl.acm.org/citation.cfm?id=2048975,https://dl.acm.org/citation.cfm?id=2048975,,,2276719877,,0,,1,false,,
171-802-698-777-626,Study on the Dynamic Computer Forensics System Based on IDS,,2005,journal article,Journal of Hunan Public Security College,,,,Duan Dan-qing,"The computer forensic is an important tool in battling with the computer crime. In tradition,the static forensic is mainly employed to collect digital evidences after the intrusion has happened,so it's difficult to collect the evidences entirely in time,and the recovered files may has been modified,so the collected digital evidences are not so available in law.The paper provide a dynamic computer forensics system combined with computer forensic technology and intrusion detection system,the system collects and recognizes the digital evidences by intrusion detection,analyzes and extracts the evidences to evidences database.It employs the security methods like computer authentication,encryption and isolation to ensure the accuracy,validity,immutability of the digital evidences in the course of transfer and storage.The system makes the computer forensics intelligently and in time.",,,,,Engineering; Encryption; Authentication; Isolation (database systems); Immutability; Digital evidence; Intrusion detection system; Computer security; Network forensics; Computer forensics,,,,,http://en.cnki.com.cn/Article_en/CJFDTotal-HNGA200506015.htm,http://en.cnki.com.cn/Article_en/CJFDTotal-HNGA200506015.htm,,,2357383727,,0,,0,false,,
171-959-362-512-494,Development of National Digital Evidence Metadata,2019-09-06,2019,journal article,Jurnal Online Informatika,25279165; 25281682,Sunan Gunung Djati State Islamic University of Bandung,,Bambang Sugiantoro,"The industrial era 4.0 has caused tremendous disruption in many sectors of life. The rapid development of information and communication technology has made the global industrial world undergo a revolution. The act of cyber-crime in Indonesia that utilizes computer equipment, mobile phones are increasingly increasing. The information in a file whose contents are explained about files is called metadata. The evidence items for cyber cases are divided into two types, namely physical evidence, and digital evidence. Physical evidence and digital evidence have different characteristics, the concept will very likely cause problems when applied to digital evidence. The management of national digital evidence that is associated with continued metadata is mostly carried out by researchers. Considering the importance of national digital evidence management solutions in the cyber-crime investigation process the research focused on identifying and modeling correlations with the digital image metadata security approach. Correlation analysis reads metadata characteristics, namely document files, sounds and digital evidence correlation analysis using standard file maker parameters, size, file type and time combined with digital image metadata. nationally designed the highest level of security is needed. Security-enhancing solutions can be encrypted against digital image metadata (EXIF). Read EXIF Metadata in the original digital image based on the EXIF 2.3 Standard ID Tag, then encrypt and insert it into the last line. The description process will return EXIF decryption results in the header image. This can secure EXIF Metadata information without changing the image quality",4,1,24,27,Encryption; Information retrieval; Digital evidence; Computer science; Digital image; Header; Line (text file); Information and Communications Technology; Metadata; File format,,,,,http://join.if.uinsgd.ac.id/index.php/join/article/download/292/118 http://join.if.uinsgd.ac.id/index.php/join/article/view/292 https://core.ac.uk/download/pdf/295600543.pdf,http://dx.doi.org/10.15575/join.v4i1.292,,10.15575/join.v4i1.292,2970970599,,0,,0,true,cc-by-nc-nd,gold
172-425-036-894-271,How to Find Exculpatory and Inculpatory Evidence Using a Circular Digital Forensics Process Model,,2008,book chapter,Communications in Computer and Information Science,18650929; 18650937,Springer Berlin Heidelberg,Germany,Marjan Khatir; Seyed Mahmood Hejazi,"With raising the number of cyber crimes, the need of having a proper digital forensic process also increases. Although digital forensics is practiced in recent years, there is still a big gap between previously suggested digital forensics processes and what is really needed to be done in real cases. Some problems with current processes are lack of flexible transition between phases, not having a clear method or a complete scenario for addressing reliable evidence, and not paying enough attention to management aspects and team roles. This paper provides a process model by paying special attention to the team roles and management aspects as well as both exculpatory and inculpatory evidence.KeywordsDigital ForensicsDigital Forensics ProcessCyber CrimeProcess ModelDigital EvidenceInculpatoryExculpatory",,,10,17,Digital forensics; Digital evidence; Process (computing); Computer forensics; Computer science; Data science; Computer security; Network forensics; Internet privacy,,,,,,http://dx.doi.org/10.1007/978-3-540-69403-8_2,,10.1007/978-3-540-69403-8_2,,,0,,2,false,,
172-453-362-846-118,A Proposed Model of Digital Forensic on Cloud Computing Security Infrastructure,2018-07-31,2018,journal article,International Journal of Innovation in Enterprise System,25803050,Telkom University,,Mohammad Hafiz Hersyah,"<jats:p>Over the past decades, practitioners and researchers have made remarkable achievements in digital forensic. The abilities to conquer major technical obstacles are bestowing practitioners greater access to digital evidence. Sophisticated forensic techniques and tools are being developed to assist forensic acquisition and extraction of volatile data, inspection of remote repositories system and analysis of network traffic. Computer forensic is a comprehensive work that based on several attributes that are : objectivity, relevance and legitimacy to compose a system model that projected to be an electronic evidence forensic system. Latest studies show that the rapid growing of cloud computing facilities usage that has enable various improvements as part of the innovation process at organisations. Information systems are in frequently exposed to various types of threats which able to trigger different types of bad consequences as more and more information stored, problems arise especially about security information technology risk aspects.</jats:p>",2,1,,,Digital forensics; Cloud computing; Computer science; Digital evidence; Computer security; Data science; Process (computing); Relevance (law); Objectivity (philosophy); Information security,,,,,,http://dx.doi.org/10.25124/ijies.v2i01.49,,10.25124/ijies.v2i01.49,,,0,,0,true,,gold
173-080-183-794-495,Ontology based model of digital forensic virtual lab and curriculum design,,2014,journal article,International Journal of Engineering Education,0949149x,,,Igor Franc; Ivan Stanković; Irina Branovic; Ranko Popovic,"Digital forensics (DF) is a discipline that uses investigative methods to find digital evidence and prepare it for legal proceedings incomputer crime cases. Since this is a relatively new teaching subject in higher education institutions, syllabi and curricula are notyet standardized. In this paper we present an ontological approach to DF curriculum design, and discuss its implementation in avirtual digital forensic laboratory. The virtual educational environment is designed for the generic study of digital forensics, and isbased on ontology and a composite-component approach. Basic components of our virtual DF are objects to be related, put intonew compositions and placed in a library; relationships between all of the components are defined in ontology. Based on gatheredexperience, we designed and described DF curricula for undergraduate, graduate and Ph.D. studies that are tailored to our needs,but at the same time can be used as the starting point for introducing digital forensics courses at universities.",30,4,964,976,Higher education; Point (typography); Ontology; Subject (documents); Digital evidence; Computer science; Syllabus; Curriculum; Multimedia; Digital forensics,,,,,https://dialnet.unirioja.es/servlet/articulo?codigo=7360948,https://dialnet.unirioja.es/servlet/articulo?codigo=7360948,,,3027993264,,0,,1,false,,
173-414-196-979-672,A Review and Comparative Study of Digital Forensic Investigation Models,2013-10-08,2013,,,,,,Kwaku Kyei; Pavol Zavarsky; Dale Lindskog; Ron Ruhl,"In this paper we present a review and comparative study of existing digital forensic investigation models and propose an enhanced model based on Systematic Digital Forensic Investigation Model. One significant drawback in digital forensic investigation is that they often do not place enough emphasis on potential admissibility of gathered evidence. Digital forensic investigation must adhere to the standard of evidence and its admissibility for successful prosecution. Therefore, the techno-legal nature of this proposed model coupled with the incorporation of best practices of existing models makes it unique. The model is not a waterfall model, but iterative in nature helping in successful investigation and prosecution. The result of the study is expected to improve the whole investigation process including possible litigation.",,,,,Risk analysis (engineering); Best practice; Waterfall model; Drawback; Digital forensic investigation; Computer science; Process (engineering),,,,,https://eudl.eu/doi/10.1007/978-3-642-39891-9_20 https://eudl.eu/pdf/10.1007/978-3-642-39891-9_20,https://eudl.eu/doi/10.1007/978-3-642-39891-9_20,,,2463606009,,0,,2,false,,
173-952-459-161-812,IFIP Int. Conf. Digital Forensics - Impact of Cloud Computing on Digital Forensic Investigations,,2013,book chapter,Advances in Digital Forensics IX,18684238; 1868422x,Springer Berlin Heidelberg,Germany,Stephen O’Shaughnessy; Anthony Keane,"As cloud computing gains a firm foothold as an information technology (IT) business solution, an increasing number of enterprises are considering it as a possible migration route for their IT infrastructures and business operations. The centralization of data in the cloud has not gone unnoticed by criminal elements and, as such, data centers and cloud providers have become targets for attack. Traditional digital forensic methodologies are not well suited to cloud computing environments because of the use of remote storage and virtualization technologies. The task of imaging potential evidence is further complicated by evolving cloud environments and services such as infrastructure as a service (IaaS), software as a service (SaaS) and platform as a service (PaaS). The implementation of forensics as a service (FaaS) appears to be the only workable solution, but until standards are formulated and implemented by service providers, the only option will be to use traditional forensic tools and rely on service level agreements to facilitate the extraction of digital evidence on demand. This paper explores the effect that cloud computing has on traditional digital forensic investigations and proposes some approaches to help improve cloud forensic investigations.",,,291,303,Service provider; Software as a service; Service level; Service (business); Digital evidence; Computer security; Computer science; Virtualization; Cloud computing; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/ifip11-9/df2013.html#OShaughnessyK13 https://link.springer.com/chapter/10.1007/978-3-642-41148-9_20 https://link.springer.com/content/pdf/10.1007%2F978-3-642-41148-9_20.pdf https://rd.springer.com/chapter/10.1007/978-3-642-41148-9_20 https://hal.inria.fr/hal-01460613/document https://hal.inria.fr/hal-01460613,http://dx.doi.org/10.1007/978-3-642-41148-9_20,,10.1007/978-3-642-41148-9_20,1824047601,,0,020-311-734-615-623; 043-402-554-537-590; 047-600-704-780-223; 052-152-063-024-042; 059-697-278-686-056; 073-403-475-896-395; 078-321-628-189-695; 099-165-929-997-602; 136-745-511-009-321; 142-855-067-627-071; 170-108-067-251-840; 199-745-676-923-766,16,true,cc-by,green
174-186-817-525-708,A Cloud Forensic Readiness Model Using a Botnet as a Service,,2014,,,,,,Victor R. Kebande,"Cloud forensics has become an inexorable and a transformative discipline in the modern world. The need to share a pool of resources and to extract digital evidence from the same distributed resources to be presented in a court of law, has become a subject of focus. Forensic readiness is a pro-active process that entails digital preparedness that an organisation uses to gather, store and handle incident responsive data with the aim of reducing post-event response by digital forensics investigators. Forensic readiness in the cloud can be achieved by implementing a botnet with nonmalicious code as opposed to malicious code. The botnet still infects instances of virtual computers within the cloud, however, with good intentions as opposed to bad intentions. The botnet is, effectively, implemented as a service that harvests digital information that can be preserved as admissible and submissive potential digital evidence. In this paper, the authors‟ problem is that there are no techniques that exist for gathering information in the cloud for digital forensic readiness purposes as described in international standard for digital forensic investigations (ISO/IEC 27043). The authors proposed a model that allows digital forensic readiness to be achieved by implementing a Botnet as a service (BaaS) in a cloud environment.",,,23,32,Digital transformation; Engineering; Botnet; Virtual machine; Digital evidence; Service (systems architecture); Computer security; Computer forensics; Cloud computing; Digital forensics,,,,,http://sdiwc.net/digital-library/a-cloud-forensic-readiness-model-using-a-botnet-as-a-service,http://sdiwc.net/digital-library/a-cloud-forensic-readiness-model-using-a-botnet-as-a-service,,,2096712814,,0,003-556-992-169-311; 017-708-113-657-756; 019-698-064-288-240; 021-486-901-460-202; 028-190-387-643-103; 037-789-654-228-885; 042-417-058-634-055; 043-819-525-860-747; 052-152-063-024-042; 064-426-667-735-524; 064-566-639-411-615; 067-579-992-792-30X; 097-742-985-330-217; 106-422-795-460-354; 113-321-150-402-393; 115-036-799-197-654; 118-336-147-449-792; 132-864-409-642-282; 144-924-692-716-271; 147-307-101-286-405; 157-758-877-154-229,33,false,,
174-933-407-016-624,Technical and legal perspectives on forensics scenario,2014-05-23,2014,,,,,,Fabrizio Solinas,"The dissertation concerns digital forensic. The expression digital forensic (sometimes called digital forensic science); is the science that studies the identification, storage, protection, retrieval, documentation, use, and every; other form of computer data processing in order to be evaluated in a legal trial. Digital forensic is a branch of; forensic science. First of all, digital forensic represents the extension of theories, principles and procedures that; are typical and important elements of the forensic science, computer science and new technologies. From this; conceptual viewpoint, the logical consideration concerns the fact that the forensic science studies the legal value; of specific events in order to contrive possible sources of evidence. The branches of forensic science are: physiological; sciences, social sciences, forensic criminalistics and digital forensics. Moreover, digital forensic includes; few categories relating to the investigation of various types of devices, media or artefacts. These categories are:; - computer forensic: the aim is to explain the current state of a digital artefact; such as a computer system,; storage medium or electronic document;; - mobile device forensic: the aim is to recover digital evidence or data from mobile device, such as image, log; call, log sms and so on;; - network forensic: the aim is related to the monitoring and analysis of network traffic (local, WAN/Internet,; UMTS, etc.) to detect intrusion more in general to find network evidence;; - forensic data analysis: the aim is examine structured data to discover evidence usually related to financial; crime;; - database forensic: the aim is related to databases and their metadata.; The origin and historical development of the discipline of study and research of digital forensic are closely; related to progress in information and communication technology in the modern era. In parallel with the changes; in society due to new technologies and, in particular, the advent of the computer and electronic networks, there; has been a change in the mode of collection, management and analysis of evidence. Indeed, in addition to; the more traditional, natural and physical elements, the procedures have included further evidence that although; equally capable of identifying an occurrence, they are inextricably related to a computer or a computer network; or electronic means. The birth of computer forensics can be traced back to 1984, when the FBI and other; American investigative agencies have began to use software for the extraction and analysis of data on a personal; computer. At the beginning of the 80s, the CART(Computer Analysis and Response Team) was created within; the FBI, with the express purpose of seeking the so-called digital evidence. This term is used to denote all the; information stored or transmitted in digital form that may have some probative value. While the term evidence,; more precisely, constitutes the judicial nature of digital data, the term forensic emphasizes the procedural nature; of matter, literally, ""to be presented to the Court"". Digital forensic have a huge variety of applications. The; most common applications are related to crime or cybercrime. Cybercrime is a growing problem for government,; business and private.; - Government: security of the country (terrorism, espionage, etc.) or social problems (child pornography,; child trafficking and so on).; - Business: purely economic problems, for example industrial espionage.; - Private: personal safety and possessions, for example phishing, identity theft.; Often many techniques, used in digital forensics, are not formally defined and the relation between the technical; procedure and the law is not frequently taken into consideration. From this conceptual perspective, the research; work intends to define and optimize the procedures and methodologies of digital forensic in relation to Italian; regulation, testing, analysing and defining the best practice, if they are not defined, concerning common software.; The research questions are:; 1. The problem of cybercrime is becoming increasingly significant for governments, businesses and citizens.; - In relation to governments, cybercrime involves problems concerning national security, such as terrorism; and espionage, and social questions, such as trafficking in children and child pornography.; - In relation to businesses, cybercrime entails problems concerning mainly economic issues, such as; industrial espionage.; - In relation to citizens, cybercrime involves problems concerning personal security, such as identity; thefts and fraud.; 2. Many techniques, used within the digital forensic, are not formally defined.; 3. The relation between procedures and legislation are not always applied and taken into consideration",,,,,Internet privacy; Engineering; Cybercrime; Digital evidence; Personal computer; Identity theft; Computer forensics; Documentation; Digital forensics; Industrial espionage,,,,,,,,,590857020,,0,001-255-768-346-633; 003-741-821-824-144; 005-952-026-229-883; 010-086-703-646-194; 019-831-293-743-518; 020-944-423-224-895; 021-803-769-323-628; 023-789-485-678-544; 026-810-683-474-561; 030-252-249-391-836; 031-234-153-523-379; 035-223-520-491-228; 039-774-603-243-832; 040-823-216-153-224; 041-537-537-743-240; 041-716-251-423-181; 055-716-583-314-000; 065-514-386-181-728; 085-214-277-668-01X; 102-822-532-339-461; 111-090-978-711-139; 120-462-880-448-150; 121-234-261-402-315; 124-466-422-768-986; 142-816-347-811-541; 146-991-652-523-750; 150-249-549-372-358; 167-592-705-831-583; 184-948-841-629-735; 190-571-870-134-934,0,false,,
175-028-061-000-663,Digital Evidence Bag Selection for P2P Network Investigation,2014-09-30,2014,,arXiv: Networking and Internet Architecture,,,,Mark Scanlon; M-Tahar Kechadi,"The collection and handling of court admissible evidence is a fundamental component of any digital forensic investigation. While the procedures for handling digital evidence take much of their influence from the established policies for the collection of physical evidence, due to the obvious differences in dealing with non-physical evidence, a number of extra policies and procedures are required. This paper compares and contrasts some of the existing digital evidence formats or ""bags"" and analyses them for their compatibility with evidence gathered from a network source. A new digital extended evidence bag is proposed to specifically deal with evidence gathered from P2P networks, incorporating the network byte stream and on-the-fly metadata generation to aid in expedited identification and analysis.",,,,,Admissible evidence; Data science; Digital evidence; Digital forensic investigation; Computer science; Metadata,,,,,https://arxiv.org/abs/1409.8493 https://ui.adsabs.harvard.edu/abs/2014arXiv1409.8493S/abstract https://arxiv.org/pdf/1409.8493.pdf,https://arxiv.org/abs/1409.8493,,,2950000902,,0,004-441-167-148-170; 007-648-632-822-878; 055-090-334-937-061; 058-409-370-512-563; 078-275-236-083-731,0,true,,
175-197-446-436-959,Forensic Computing (Dagstuhl Seminar 11401),,,,,,,,Felix C. Freiling; Dirk Heckmann; Radim Polcák; Joachim Posegga,"Forensic computing (sometimes also called digital forensics, computer forensics or IT forensics) is a branch of forensic science pertaining to digital evidence, i.e., any legal evidence that is processed by digital computer systems or stored on digital storage media. Forensic computing; is a new discipline evolving within the intersection of several established research areas such as computer science, computer engineering and law.; Forensic computing is rapidly gaining importance since the amount of crime involving digital systems is steadily increasing. Furthermore, the area is still underdeveloped and poses many technical and legal challenges.; This Dagstuhl seminar brought together researchers and practitioners from computer science and law covering the diverse areas of forensic computing. The goal of the seminar was to further establish forensic computing as a scientific research discipline, to identify the strengths and weaknesses of the research field, and to discuss the foundations of its methodology. The seminar was jointly organized by Prof. Dr. Felix Freiling (Friedrich-Alexander University; Erlangen-Nuremberg, Germany), Prof. Dr. Dirk Heckmann (University of Passau, Germany), Prof. Dr. Radim Polcak (Masaryk University, Czech Republic), Prof. Dr. Joachim Posegga (University of Passau, Germany), and Dr. Roland Vogl (Stanford University, USA). It was attended by 27 participants.",1,10,13,,Engineering; Library science; Digital evidence; Legal evidence; Digital storage; Research areas; Field (computer science); Computer forensics; Strengths and weaknesses; Digital forensics,,,,,https://drops.dagstuhl.de/opus/volltexte/2012/3369/pdf/dagrep_v001_i010_p001_s11401.pdf/ https://dblp.uni-trier.de/db/journals/dagstuhl-reports/dagstuhl-reports1.html#FreilingHPP11 https://drops.dagstuhl.de/opus/volltexte/2012/3369/,http://dx.doi.org/10.4230/dagrep.1.10.1,,10.4230/dagrep.1.10.1,1557299058,,0,,0,false,,
175-840-536-452-987,Comparative Study of Digital Forensic Tools,2019-04-24,2019,book chapter,"Data, Engineering and Applications",,Springer Singapore,,Mayank Lovanshi; Pratosh Bansal,"Digital forensics is a branch of forensics where investigator extracts, analyzes digital evidences, and produces into the court. Digital forensics is a scientific investigation to find data evidences from digital devices with the help of forensic tools or software. There is a variety of forensic tools available today. Choosing and using the best one can be a deciding factor in the court of law. Hence, need comes to give a sort of ranking and comparing forensic tools. Need is to test different forensic tools on certain parameters by preparing test cases. Testing and categorization or mapping may help investigating officers and forensic experts to choose the best tool among all available for better crime examination and identification of evidences. Categorization of different forensic tools can result in saving of time while choosing a tool.",,,195,204,Test case; Variety (cybernetics); Ranking (information retrieval); Data science; Test (assessment); Digital evidence; Computer science; Identification (information); Digital forensics; Categorization,,,,,https://link.springer.com/content/pdf/10.1007%2F978-981-13-6351-1_15.pdf https://link.springer.com/chapter/10.1007/978-981-13-6351-1_15,http://dx.doi.org/10.1007/978-981-13-6351-1_15,,10.1007/978-981-13-6351-1_15,2940828040,,0,016-661-251-213-668; 021-998-933-410-065; 032-697-093-668-898; 053-359-699-662-079; 111-269-436-984-386; 168-476-681-195-292,4,false,,
175-957-040-612-907,Strategic Leadership in Digital Evidence - The forensic model is dead,,2021,book chapter,Strategic Leadership in Digital Evidence,,Elsevier,,Paul Reedy,,,,7,12,,,,,,https://api.elsevier.com/content/article/PII:B9780128196182000024?httpAccept=text/xml,http://dx.doi.org/10.1016/b978-0-12-819618-2.00002-4,,10.1016/b978-0-12-819618-2.00002-4,3109621364,,0,,0,false,,
175-989-649-308-40X,Image forensics on exchangeable image file format header,,,dissertation,,,Nanyang Technological University,,Jiayuan Fan,"In recent years, technologies related to digital photography including both hardware and software have gained rapid progress. As a result of these technologies’ wide application in digital still camera (DSC) system, many researchers become increasingly interested in using the digital cameras to record the real happenings for supporting evidences and historical events, such as news reporting in journal and magazine, police investigation and law enforcement, etc. The digital images as the outputs of digital cameras, can record these events. However, accompanied with these emerging digital photography technologies, various kinds of image editing tools have also been developed. With these tools, digital images can be easily altered without any visual clues left. As a result, the credibility of digital images becomes questionable. For example, when a forged photo is adopted as the court judgment evidence, incorrect verdict may happen. In view of this, this thesis focuses on passive image forensics research which uses both the Exchangeable Image File Format (EXIF) information and the image captured by a camera to verify the authenticity and integrity of the digital image.DOCTOR OF PHILOSOPHY (EEE",,,,,,,,,,,http://dx.doi.org/10.32657/10356/61970,,10.32657/10356/61970,,,0,,0,true,,green
176-304-954-831-493,Application of multiple criteria decision making in the selection of digital forensics software,,2016,journal article,Vojnotehnicki glasnik,00428469,Centre for Evaluation in Education and Science (CEON/CEES),,Dejan Stanivukovic; Dragan Randjelovic,"Nowadays there is almost no criminal offense in the investigation of which digital evidence does not play a key role. Constant increase of the capacity of media that store digital data leads to continuous increase of the time necessary to identify and copy (acquire) digital evidence. Selection of appropriate digital forensics software is gaining in importance. Selection of adequate software includes a previous comparative analysis of two or more digital forensics software tools and an optimization process. The objective of the comparative analysis of these software tools is to determine and compare each of their realistic and comparable performances. Optimization aims to determine which of digital forensics software tools has better performances. This paper shows one of possible variants of selecting digital forensics software, using the latest scientific achievements in support of decision making based on the analytic hierarchy process (AHP) method and the Expert Choice computer program.",64,4,1083,1101,Software engineering; Data mining; Key (cryptography); Computer program; Software; Digital data; Digital evidence; Computer science; Process (engineering); Digital forensics; Analytic hierarchy process,,,,,https://scindeks-clanci.ceon.rs/data/pdf/0042-8469/2016/0042-84691604083S.pdf https://scindeks.ceon.rs/Article.aspx?artid=0042-84691604083S https://cyberleninka.ru/article/n/application-of-multiple-criteria-decision-making-in-the-selection-of-digital-forensics-software,http://dx.doi.org/10.5937/vojtehg64-8938,,10.5937/vojtehg64-8938,2516568482,,0,,0,true,cc-by,gold
176-777-857-831-803,CYBER FORENSIC TOOLS AND ITS APPLICATION IN THE INVESTIGATION OF DIGITAL CRIMES: PREVENTIVE MEASURES WITH CASE STUDIES,2022-02-01,2022,journal article,INTERNATIONAL JOURNAL OF SCIENTIFIC RESEARCH,,World Wide Journals,,Yerriswamy K; G. S. Venumadhava,"<jats:p>Forensics, the science of using physical evidence to crack crime, has taken on a new avatar. The cyber forensic process is also advancing in new; ways. Digital forensics is the science of identifying, extracting, analyzing, and presenting the digital evidence that has been stored in digital; devices. Various digital tools and techniques are being used to achieve this. Here, the new cyber sleuths step in, armed with cyber forensics tools.; According to Section 65 of the Indian IT Act, a person who intentionally conceals or destroys or alters or intentionally or knowingly causes another; to conceal, destroy or alter any computer source code used for a computer, computer program, computer system, or network. To primary objective; of this study is to nd the role of Cyber Forensic Tools in Cyber investigation. It is better to sue security programmers by the body corporate to; control information on sites. Strict statutory laws need to be passed by the legislatures keeping in mind the interest of citizens. Working on this; paper helped me understand the primary aim of the cyber lab in solving the cases by analyzing the evidence given to them. Using cyber forensic; tools allows us to extract the data from the targeted devices, which plays a signicant role in detecting and collecting information regarding; cybercrimes.</jats:p>",,,71,73,Computer forensics; Digital evidence; Digital forensics; Computer science; Cyber crime; Computer security; Process (computing); Hacker; Data science; World Wide Web; The Internet; Operating system,,,,,,http://dx.doi.org/10.36106/ijsr/9633529,,10.36106/ijsr/9633529,,,0,007-362-065-583-626; 009-671-935-335-418; 014-065-195-857-333; 015-264-924-343-905; 021-563-550-669-43X; 023-252-810-319-853; 030-269-579-295-629; 032-810-109-985-524; 040-097-713-526-921; 042-972-111-603-681; 044-688-819-027-098; 046-527-367-793-765; 047-221-550-114-462; 055-590-023-850-939; 092-733-362-703-818; 095-437-078-101-003; 097-291-912-559-74X; 114-586-389-130-502; 133-332-986-537-019; 151-978-817-476-177; 192-212-429-382-054,0,false,,
176-972-068-131-664,Evaluating the Harmonized Digital Forensic Investigation Process Based on Call Detail Records,2020-09-02,2020,,,,,,Khaweris Khaula; Imran Touqir; Muhammad Faisal Amjad; Muhammad Riaz Mughal,"Digital forensics gained significant importance over the past decade, due to the increase in the number of information security incidents over this time period. Further that our society is becoming more dependent on information technology. Digital forensics is the process of employing scientific principles and processes to analyze electronically stored information and determine the sequence of events which lead to an incident. Mobile forensics recovers digital evidences from a mobile device under forensically sound conditions based on accredited methods. The biggest challenges faced by the discipline are the ever-changing technology of mobile devices and the lack of a customary digital forensic investigation models. HDFI (Harmonized Digital Forensic Investigation) Process Model is currently premature; however, it is expected to qualify for ISO/IEC-27043 (International Standard Organization/International Electrotechnical Commission). This demands thorough testing of this model, by taking different types of the digital evidences plus various types of digital forensic investigations into account. CDRs (Call Detail Records) are very significant digital evidence that can contribute a towards a successful investigation and in achieving concrete results.  In this paper, HDFI Model has been evaluated using CDRs. The aim is to validate the said model in mobile forensic investigations using CDRs, as the basic digital evidence. An anonymous real-life case scenario is taken for the testing purpose and the CDRs analysis is successfully accommodated in the model. It is established that the model is reasonable enough to ensure the admissibility of the digital evidence in the court.",102,1,35,40,Information technology; Electronically stored information; Mobile device; Data science; Digital evidence; Computer science; Process (engineering); Information security; Mobile device forensics; Digital forensics,,,,,https://ieeepnhrj.org/index.php/ieeep/article/view/50,https://ieeepnhrj.org/index.php/ieeep/article/view/50,,,3092691867,,0,,0,false,,
177-356-399-936-317,ISSA - IT Forensics: the collection of and presentation of digital evidence.,,2005,conference proceedings,,,,,Johann Hershensohn,"This paper deals with the following concepts: Digital evidence, IT forensics, the nature of digital evidence, the relevance of digital evidence, the digital audit trail, digital evidence and forensic science, the hearsay nature of digital evidence, documentary evidence and digital evidence, the best evidence rule, the role of digital evidence, the investigative framework, authorization to collect digital evidence, the acquisition of digital evidence, the analysis of digital evidence, reporting on digital evidence, the presentation of testimony relating to digital evidence.",,,1,14,Internet privacy; Relevance (law); Presentation; Hearsay; Digital evidence; Computer science; Computer forensics; Audit trail; Best evidence rule; Documentary evidence,,,,,https://dblp.uni-trier.de/db/conf/issa/issa2005.html#Hershensohn05,https://dblp.uni-trier.de/db/conf/issa/issa2005.html#Hershensohn05,,,5341801,,0,,6,false,,
177-544-338-589-33X,The Watermark Based Anti-counterfeiting Information System for Forensic Digital Imaging,,2011,journal article,Chinese Journal of Forensic Sciences,16712072,,,LU Hong-tao,"There are some disputes on digital imaging as evidence.This article proposes and establishes an anti-counterfeiting information system for forensic digital imaging based on watermarking techniques.The system,which can ensure the evidence effectiveness of digital images,consists of encrypting and anti-counterfeiting subsystem,information management subsystem and verification subsystem for encrypting information.",,,,,Digital imaging; Engineering; Information management; Encryption; Digital watermarking; Watermark; Information system; Computer security; Digital image,,,,,http://en.cnki.com.cn/Article_en/CJFDTotal-SFJD201105020.htm,http://en.cnki.com.cn/Article_en/CJFDTotal-SFJD201105020.htm,,,2354053463,,0,,0,false,,
177-886-630-508-584,Accrediting a Digital Evidence Laboratory,,2019,journal article,Forensic Science International: Synergy,2589871x,Elsevier BV,,Tracy Walraven,,1,,S7,,Engineering; Digital evidence; Medical education,,,,,https://api.elsevier.com/content/article/PII:S2589871X19301056?httpAccept=text/xml,http://dx.doi.org/10.1016/j.fsisyn.2019.06.022,,10.1016/j.fsisyn.2019.06.022,2969145815,,0,,0,true,"CC BY, CC BY-NC-ND",gold
178-083-319-545-064,Digital Forensics: Smart Aid for Digital Evidences,2018-04-24,2018,journal article,International journal of engineering research and technology,22780181,,,Mukul Kumar Srivastava; Devansh Chopra; null Vaishali,,5,10,,,Computer science; Multimedia; Digital forensics,,,,,https://www.ijert.org/research/digital-forensics-smart-aid-for-digital-evidences-IJERTCONV5IS10048.pdf https://www.ijert.org/digital-forensics-smart-aid-for-digital-evidences,https://www.ijert.org/digital-forensics-smart-aid-for-digital-evidences,,,2940971534,,0,,0,false,,
178-347-639-026-294,"Mobile device forensics: guidelines, analysis and tools",,2018,dissertation,,,,,Κωνσταντίνος Γεωργοκίτσος,"Mobile device forensics is the science of recovering digital evidence from mobile device; under forensically sound conditions using accepted methods. Mobile device forensics is an; evolving specialty in the field of digital forensics and there is an increase in the number of; mobile device forensics (MoDeFo) tools for proper recovery and speedy analysis of data present; on mobile devices. Scope of this thesis is to provide an in-depth look into the technologies; involved and their relationship to mobile device forensic procedures, the challenges associated; while carrying forensic analysis and to elaborate various forensic analysis techniques and tools.; This document also discusses procedures for the preservation, acquisition, examination, analysis,; and reporting of digital information on mobile devices as part of forensic analysis procedures.",,,,,Data analysis; Mobile device; Scope (project management); Digital evidence; Field (computer science); Computer science; Multimedia; Mobile device forensics; Digital forensics,,,,,,,,,2884478420,,0,,0,false,,
178-883-713-153-793,Defining Digital Forensic Examination and Analysis Tool Using Abstraction Layers.,,2003,journal article,International Journal of Digital Evidence,,,,Brian D. Carrier,"This paper uses the theory of abstraction layers to describe the purpose and goals of digital forensic analysis tools. Using abstraction layers, we identify where tools can introduce errors and provide requirements that the tools must follow. Categories of forensic analysis types are also defined based on the abstraction layers. Abstraction layers are not a new concept, but their usage in digital forensic analysis is not well documented. What does it mean to be a Digital Forensic Analysis Tool? How do we categorize the different types of analysis tools? For example, an investigator can view the files and directories of a suspect system by using either specialized forensic software or by using the operating system (OS) of an analysis system and viewing the files by mounting the drive. Both methods allow the investigator to view evidence in allocated files, but only the specialized forensic software allows him to easily view unallocated files. Additional tools are required if he is relying on the OS. Clearly both allow the investigator to find evidence and therefore should be considered forensic tools, but it is unclear how we should compare and categorize them. The high-level process of digital forensics includes the acquisition of data from a source, analysis of the data and extraction of evidence, and preservation and presentation of the evidence. Previous work has been done on the theory and requirements of data acquisition [7] and the preservation of evidence [4]. This paper addresses the tools that are used for the analysis of data and extraction of evidence. This paper examines the nature of tools in digital forensics and proposes definitions and requirements. Current digital forensic tools produce results that have been successfully used in prosecutions, but lack designs that were created with forensic science needs. They provide the investigator with access to evidence, but typically do not provide access to methods for verifying that the evidence is reliable. This is necessary when approaching digital forensics from a scientific point of view and could be a legal requirement in the future. The core concept of this paper is the basic notion of abstraction layers. Abstraction layers exist in all forms of digital data and therefore in the tools used to analyze them. The idea of using tools for layers of abstraction is not new, but a discussion of the definitions, properties, and error types of abstraction layers when used with digital",1,,,,Software engineering; World Wide Web; Abstraction layer; Data acquisition; Data analysis; Software; Digital data; Computer science; Process (engineering); Abstraction (linguistics); Digital forensics,,,,,https://dblp.uni-trier.de/db/journals/ijde/ijde1.html#Carrier03 https://www.utica.edu/academic/institutes/ecii/publications/articles/A04C3F91-AFBB-FC13-4A2E0F13203BA980.pdf,https://dblp.uni-trier.de/db/journals/ijde/ijde1.html#Carrier03,,,2116666322,,0,018-182-926-340-45X; 041-030-338-346-880; 072-245-054-212-971; 188-762-236-378-448,168,false,,
179-642-576-699-827,A Review of Forensic Artifacts in a Windows 8 Environment,2015-07-25,2015,,,,,,Mohit Soni; Seema R. Pathak,"Forensic artifacts refer to bits of information that an operating system records, when a user is using his computer system. These bits of data are user/session specific and provide all information regarding the use of a particular application or program along with the necessary time stamps. A digital forensic investigator needs to be aware of such artifacts in order to perform a legally acceptable, accurate and toolindependent analysis of a questioned system. This paper provides a comprehensive review guide for all forensic artifacts available in a Windows 8 environment. These artifacts supply both conclusive and probative evidence to an investigator and form vital preliminaries of incident response in a digital crime scenario. General Terms Digital Forensics",,4,25,28,Human–computer interaction; Information retrieval; Session (web analytics); Incident response; Computer science; Digital forensics,,,,,https://research.ijcaonline.org/cognition2015/number4/cog2174.pdf https://www.ijcaonline.org/proceedings/cognition2015/number4/21910-2174,https://www.ijcaonline.org/proceedings/cognition2015/number4/21910-2174,,,2247110085,,0,064-062-472-395-879,1,false,,
179-762-953-856-987,A Block-chain based Enforcement to Reduce Cybercrimes in Digital Forensics,2021-07-01,2021,journal article,Journal of emerging technologies and innovative research,23495162,,,Susheel George Joseph; Tincy Thomas; Sahal P Najeeb; Sangeetha Sathyapal,"The fundamental aim of digital forensics is to discover, investigate, and protect an evidence, increasing cybercrime enforces, digital forensics team have to more accurate evidence handling. It makes digital evidence as an important factor to link persons with criminal activities. A chain of custody refers to a process of recording and preserving in court of law. It forms the forensic link of evidence sequence of control, transfer, analysis to preserve integrity, and to prevent its contamination. Thus it is of utmost importance to guarantee integrity, authenticity, of digital evidences in cyber-crime investigation. So guaranteeing the authenticity and legality of processes and procedures used to gather and transfer the evidence in a digital society is a real challenge. Block-chain technologies of enabling view of transaction back to origination provide enormous promise for the coming era.it is also used for securing IoT devices through efficient authentication and data transfer mechanisms. Block-chain based digital forensics chain of custody, influence forensic applications in bringing integrity to digital forensics.",8,7,,,Chain of custody; Authentication (law); Cybercrime; Enforcement; Digital evidence; Computer security; Computer science; Process (engineering); Database transaction; Digital forensics,,,,,https://www.jetir.org/papers/JETIR2107536.pdf https://www.jetir.org/view?paper=JETIR2107536,https://www.jetir.org/view?paper=JETIR2107536,,,3186463163,,0,,0,false,,
179-881-224-143-743,IFIP Int. Conf. Digital Forensics - Applying Machine Trust Models to Forensic Investigations,,2006,book chapter,IFIP Advances in Information and Communication Technology,18684238; 1868422x,Springer New York,Germany,Marika Wojcik; Hein S. Venter; Jan H. P. Eloff; Martin S. Olivier,"Digital forensics involves the identification, preservation, analysis and presentation of electronic evidence for use in legal proceedings. In the presence of contradictory evidence, forensic investigators need a means to determine which evidence can be trusted. This is particularly true in a trust model environment where computerised agents may make trust-based decisions that influence interactions within the system. This paper focuses on the analysis of evidence in trust-based environments and the determination of the degree to which evidence can be trusted. The trust model proposed in this work may be implemented in a tool for conducting trust-based forensic investigations. The model takes into account the trust environment and parameters that influence interactions in a computer network being investigated. Also, it allows for crimes to be reenacted to create more substantial evidentiary proof.",222,,55,65,Data science; Presentation; Digital evidence; Computer security; Computer science; Computer forensics; Identification (information); Digital forensics,,,,,https://link.springer.com/content/pdf/10.1007%2F0-387-36891-4_5.pdf https://ui.adsabs.harvard.edu/abs/2006adf..book...55W/abstract https://link.springer.com/chapter/10.1007%2F0-387-36891-4_5 https://dblp.uni-trier.de/db/conf/ifip11-9/df2006.html#WojcikVEO06 https://rd.springer.com/chapter/10.1007/0-387-36891-4_5,http://dx.doi.org/10.1007/0-387-36891-4_5,,10.1007/0-387-36891-4_5,1506790772,,0,006-769-824-183-69X; 024-456-295-238-67X; 030-296-385-344-529; 032-130-977-628-325; 032-697-093-668-898; 032-764-996-412-399; 060-373-895-416-750; 074-166-255-568-955; 076-382-473-815-140; 093-326-707-803-207; 156-547-249-813-709; 173-170-285-098-625,9,true,,bronze
180-327-460-336-608,Improving Chain of Custody in Forensic Investigation of Electronic Digital Systems,,2011,,,,,,Giuliano Giova; Escola Politécnica,"Summary Forensic investigators should acquire and analyze large amount of digital evidence and submit to the court the technical truth about facts in virtual worlds. Since digital evidence is complex, diffuse, volatile and can be accidentally or improperly modified after acquired, the chain of custody must ensure that collected evidence can be accepted as truthful by the court. In this scenario, traditional paper-based chain of custody is inefficient and cannot guarantee that the forensic processes follow legal and technical principles in an electronic society. Computer forensics practitioners use forensic software to acquire copies or images from electronic devices and register associated metadata, like computer hard disk serial number and practitioner name. Usually, chain of custody software and data are insufficient to guarantee to the court the quality of forensic images, or guarantee that only the right person had access to the evidence or even guarantee that copies and analysis only were made by authorized manipulations and in the acceptable addresses. Recent developments in forensic software make possible to collect in multiple locations and analysis in distributed environments. In this work we propose the use of the new network facilities existing in Advanced Forensic Format (AFF), an open and extensible format designed for forensic tolls, to increase the quality of electronic chain of custody.",,,,,Chain of custody; Engineering; Forensic science; Software; Quality (business); Digital evidence; Computer security; Metaverse; Computer forensics; Metadata,,,,,http://paper.ijcsns.org/07_book/201101/20110101.pdf,http://paper.ijcsns.org/07_book/201101/20110101.pdf,,,2290476777,,0,001-009-008-665-240; 019-698-064-288-240; 020-944-423-224-895; 021-039-461-635-181; 032-697-093-668-898; 033-241-817-699-448; 035-223-520-491-228; 038-668-970-194-854; 049-544-188-172-297; 060-650-561-577-338; 065-452-675-566-99X; 090-792-295-657-205; 094-058-992-093-766; 110-079-538-894-548; 111-741-773-111-021; 134-927-490-231-285; 142-884-607-464-932; 168-720-899-296-354; 178-883-713-153-793; 184-948-841-629-735; 199-745-676-923-766,43,false,,
180-484-107-375-007,ICDF2C - Protecting Digital Evidence Integrity by Using Smart Cards,,2011,book chapter,"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering",18678211; 1867822x,Springer Berlin Heidelberg,Germany,Shahzad Saleem; Oliver Popov,"RFC 3227 provides general guidelines for digital evidence collection and archiving, while the International Organization on Computer Evidence offers guidelines for best practice in the digital forensic examination. In the light of these guidelines we will analyze integrity protection mechanism provided by EnCase and FTK which is mainly based on Message Digest Codes (MDCs). MDCs for integrity protection are not tamper proof, hence they can be forged. With the proposed model for protecting digital evidence integrity by using smart cards (PIDESC) that establishes a secure platform for digitally signing the MDC (in general for a whole range of cryptographic services) in combination with Public Key Cryptography (PKC), one can show that this weakness might be overcome.",53,,110,119,Smart card; Digital signature; Cryptography; Tamper resistance; Public-key cryptography; Digital evidence; Computer security; Computer science; Cryptographic hash function; Digital forensics,,,,,https://eudl.eu/pdf/10.1007/978-3-642-19513-6_9 https://link.springer.com/content/pdf/10.1007%2F978-3-642-19513-6_9.pdf http://ui.adsabs.harvard.edu/abs/2011dfcc.conf..110S/abstract https://rd.springer.com/chapter/10.1007%2F978-3-642-19513-6_9 https://doi.org/10.1007/978-3-642-19513-6_9 http://su.diva-portal.org/smash/record.jsf?pid=diva2:386459 http://swepub.kb.se/bib/swepub:oai:DiVA.org:su-51978?language=en https://eudl.eu/doi/10.1007/978-3-642-19513-6_9 http://www.diva-portal.org/smash/record.jsf?pid=diva2:386459 https://www.researchgate.net/profile/Shahzad_Saleem3/publication/221511100_Protecting_Digital_Evidence_Integrity_by_Using_Smart_Cards/links/556a632a08aec22683035ee9.pdf https://link.springer.com/chapter/10.1007/978-3-642-19513-6_9,http://dx.doi.org/10.1007/978-3-642-19513-6_9,,10.1007/978-3-642-19513-6_9,2288121549,,0,007-532-413-242-967; 023-401-197-989-280; 040-725-252-545-808; 118-722-872-870-470; 122-880-373-616-302; 124-466-422-768-986; 159-570-627-467-749,2,false,,
180-670-755-584-359,Forensic and Analysis Model of Document Fragment,,2007,journal article,Journal of Zhengzhou University,,,,Zhou Qing-lei,"An extended forensic is presented and analysis model of document fragment is analysed for efficiently investigating document data based on digital system.The model has extended the existing forensic process of document fragment,and document fragment data in abstract layer is introduced into the model.The trusted computing and distributed technologies are applied to extend forensic services in the model.So the chain of custody about digital evidence is enhanced. Forensic case shows the model has the ability to investigate document fragment in digital system,and to carry out the distributed forensic analysis.",,,,,Chain of custody; World Wide Web; Forensic science; Information retrieval; Fragment (logic); Trusted Computing; Digital evidence; Computer science; Process (engineering); Digital forensics,,,,,http://en.cnki.com.cn/Article_en/CJFDTOTAL-ZZDZ200703013.htm,http://en.cnki.com.cn/Article_en/CJFDTOTAL-ZZDZ200703013.htm,,,2379561393,,0,,1,false,,
180-706-989-021-884,Digital Evidence for Database Tamper Detection,,2012,journal article,Journal of Information Security,21531234; 21531242,"Scientific Research Publishing, Inc.",,Shweta Tripathi; Bandu B. Meshram,"Most secure database is the one you know the most. Tamper detection compares the past and present status of the system and produces digital evidence for forensic analysis. Our focus is on different methods or identification of different locations in an oracle database for collecting the digital evidence for database tamper detection. Starting with the basics of oracle architecture, continuing with the basic steps of forensic analysis the paper elaborates the extraction of suspicious locations in oracle. As a forensic examiner, collecting digital evidence in a database is a key factor. Planned and a modelled way of examination will lead to a valid detection. Based on the literature survey conducted on different aspects of collecting digital evidence for database tamper detection, the paper proposes a block diagram which may guide a database forensic examiner to obtain the evidences.",3,2,113,121,Block diagram; Key (cryptography); Digital evidence; Oracle database; Literature survey; Focus (computing); Computer science; Oracle; Database; Identification (information),,,,,https://dblp.uni-trier.de/db/journals/jisec/jisec3.html#TripathiM12 https://www.scirp.org/html/7-7800072_18796.htm https://file.scirp.org/pdf/JIS20120200006_49093321.pdf https://file.scirp.org/Html/7-7800072_18796.htm https://www.scirp.org/journal/PaperDownload.aspx?paperID=18796 https://dx.doi.org/10.4236/jis.2012.32014 http://dx.doi.org/10.4236/jis.2012.32014,http://dx.doi.org/10.4236/jis.2012.32014,,10.4236/jis.2012.32014,2135960911,,0,043-328-161-679-384; 043-742-356-311-540; 129-415-196-725-196; 138-851-840-986-301; 193-611-410-267-544; 193-668-588-183-329,21,true,,gold
180-750-337-060-181,Rise of Digital Forensics and its impact on criminal justice: A study of tools and techniques involved,2021-10-01,2021,journal article,Technoarete Transactions on Advances in Social Sciences and Humanities,25831127,Technoarete Research and Development Association,,Askar Mohammed Ali Garad,"<jats:p>With the technological advancement in various fields, the digital forensics technology has also been revolutionized and as a result, criminal justice system has been substantially changed. However, various information technologies has not just enabled the researchers to find out the criminals but also helped them to identify the root cause for crimes. Along with that, there has been a growth in justice system as a result of the technological advancements. In the study, various aspects of digital forensics have been identified and described effectively.  In India, the numbers of crimes are growing faster and their techniques are changing as well. That is creating challenges to make justice against it without adequate evidence. In that case, which kinds of evidence can be collected and from which resources, have been discussed here with clear information. How the technological changes are impacting the criminal investigation procedures and bringing more efficiency, have been discussed as well.  Keyword : Digital forensic technologies, Criminal activities, Criminal justice, Justice System, Evidence.</jats:p>",1,1,16,20,,,,,,,http://dx.doi.org/10.36647/ttassh/01.01.a005,,10.36647/ttassh/01.01.a005,,,0,,0,false,,
180-993-756-700-805,An Analysis of the Totally Digitalized Process of Photo-taking on a Forensic Purpose,,2006,journal article,Journal of Yunnan Police Officer Academy,,,,Zhang Yan-hua,"Digitalizing the photo-taking on a forensic purpose throughout the whole process has been gradually achieved by the forensic science and technology departments of all public security organs nationwide nowadays in China.The digital cameras with generally recognized advantages are extensively used to take site photos on the crime scenes and photos of material evidences as well as identifying photos.Moreover,the picture processing software like Photoshop can post-edit and process photos taken by the digital cameras to acquire the needed examination photos of material evidences in right proportion.The digital camera techniques can also be linked with the automatic fingerprint identification and signature system to examine and compare so as to ""nail"" the fingerprints of an offender.",,,,,Engineering; Crime scene; Software; Digital camera; Picture processing; Public security; Computer security; Multimedia; Process (computing),,,,,https://en.cnki.com.cn/Article_en/CJFDTOTAL-YNGZ200604024.htm,https://en.cnki.com.cn/Article_en/CJFDTOTAL-YNGZ200604024.htm,,,2379558659,,0,,0,false,,
182-745-606-249-406,Gunshot Recordings from Digital Voice Recorders,2014-06-12,2014,,,,,,Robert C. Maher; Steven R. Shaw,"Audio forensic gunshot recordings may come from telephone conversations and land mobile radio traffic recorded at an emergency call center, electronic news gathering activities, surveillance recordings, etc. As an increasing number of law enforcement officers carry digital voice recorders to help document their interactions with citizens and suspects, it has become common for audio forensic examiners to encounter gunshot evidence from voice recorders. Because these offthe-shelf devices incorporate microphones, electronics, and digital coding algorithms intended to capture intelligible human speech and not gunfire, the examiner must consider the strengths and weaknesses of the portable digital voice recorder when interpreting forensic audio gunshot evidence.",,,,,Law enforcement; Mobile radio; Help document; Electronic news gathering; Digital coding; Computer science; Multimedia; Strengths and weaknesses,,,,,http://www.coe.montana.edu/ee/rmaher/publications/maher_aesconf_0614_1-7.pdf https://www.aes.org/e-lib/browse.cfm?elib=17318,http://www.coe.montana.edu/ee/rmaher/publications/maher_aesconf_0614_1-7.pdf,,,2110556887,,0,005-437-129-267-720; 008-165-518-918-577; 010-662-163-060-960; 013-632-061-541-693; 019-071-170-813-302; 028-051-843-161-969; 032-776-566-466-483; 097-295-649-063-242; 123-692-914-681-608,2,false,,
182-757-173-672-636,Smart Digital Forensic Readiness Model for Shadow IoT Devices,2022-01-12,2022,journal article,Applied Sciences,20763417,MDPI AG,,Funmilola Ikeolu Fagbola; Hein S. Venter,"<jats:p>Internet of Things (IoT) is the network of physical objects for communication and data sharing. However, these devices can become shadow IoT devices when they connect to an existing network without the knowledge of the organization’s Information Technology team. More often than not, when shadow devices connect to a network, their inherent vulnerabilities are easily exploited by an adversary and all traces are removed after the attack or criminal activity. Hence, shadow connections pose a challenge for both security and forensic investigations. In this respect, a forensic readiness model for shadow device-inclusive networks is sorely needed for the purposes of forensic evidence gathering and preparedness, should a security or privacy breach occur. However, the hidden nature of shadow IoT devices does not facilitate the effective adoption of the most conventional digital and IoT forensic methods for capturing and preserving potential forensic evidence that might emanate from shadow devices in a network. Therefore, this paper aims to develop a conceptual model for smart digital forensic readiness of organizations with shadow IoT devices. This model will serve as a prototype for IoT device identification, IoT device monitoring, as well as digital potential evidence capturing and preservation for forensic readiness.</jats:p>",12,2,730,730,Shadow (psychology); Digital forensics; Computer science; Computer security; Internet of Things; Digital evidence; Identification (biology); Adversary; Network forensics; Data science,,,,,,http://dx.doi.org/10.3390/app12020730,,10.3390/app12020730,,,0,007-394-596-774-68X; 008-782-115-725-766; 010-056-989-204-596; 016-526-859-340-786; 018-203-874-457-567; 025-484-846-284-184; 030-049-554-857-766; 030-467-408-846-630; 033-988-523-544-139; 034-940-557-037-083; 045-098-715-794-977; 069-321-740-091-392; 071-286-450-911-218; 098-597-156-681-069; 099-237-242-218-916; 114-116-684-871-032; 144-332-771-355-17X; 166-496-298-791-206,5,true,cc-by,gold
183-265-947-110-107,The Need for Digital Evidence Standardisation,2013-03-21,2013,book chapter,"Emerging Digital Forensics Applications for Crime Detection, Prevention, and Security",,IGI Global,,Marthie Grobler,"<jats:p>Continuous developments in forensic processes and tools have aided in elevating the positioning of digital forensics within the legal system. The equally continuous developments in technology and electronic advances, however, are making it more difficult to match forensic processes and tools with the advanced technology. Therefore, it is necessary to create and maintain internationally accepted standards to control the use and application of digital forensic processes. This article addresses this need and touches on the motivation for such internationally recognised standards on digital evidence. It also looks at current work in and progress towards the establishment of digital evidence related documents addressing all phases of the digital forensic process.</jats:p>",,,234,245,Digital forensics; Digital evidence; Process (computing); Computer forensics; Computer science; Control (management); Engineering; Computer security; Data science; Artificial intelligence; Operating system,,,,,,http://dx.doi.org/10.4018/978-1-4666-4006-1.ch016,,10.4018/978-1-4666-4006-1.ch016,,,0,002-383-410-319-043; 134-927-490-231-285,0,false,,
184-069-302-229-82X,Methods and Tools of Digital Triage in Forensic Context: Survey and Future Directions,2017-03-28,2017,journal article,Symmetry,20738994,MDPI AG,Switzerland,Vacius Jusas; Darius Birvinskas; Elvar Gahramanov,"Digital triage is the first investigative step of the forensic examination. The digital triage comes in two forms, live triage and post-mortem triage. The primary goal of the live triage is a rapid extraction of an intelligence from the potential sources. The live triage raises legitimate concerns. The post-mortem triage is conducted in the laboratory and its main goal is ranking of the seized devices for the possible existence of the relevant evidence. The digital triage has the potential to quickly identify items that are likely to contain the evidential data. Therefore, it is a solution to the problem of case backlogs. However, existing methods and tools of the digital triage have limitations, especially, in the forensic context. Nevertheless, we have no better solution for the time being. In this paper, we critically review published research works and the proposed solutions for digital triage. The review is divided into four sections as follows: live triage, post-mortem triage, mobile device triage, and triage tools. We conclude that many challenges are awaiting for the developers in creating methods and tools of digital triage in order to keep pace with the development of new technologies.",9,4,49,,Mobile device; Ranking; Emerging technologies; Data science; Triage; Pace; Context (language use); Forensic examination; Computer security; Computer science; Digital forensics,,,,,https://dblp.uni-trier.de/db/journals/symmetry/symmetry9.html#JusasBG17 https://doi.org/10.3390/sym9040049 https://www.mdpi.com/2073-8994/9/4/49 https://www.mdpi.com/2073-8994/9/4/49/pdf https://core.ac.uk/download/80047889.pdf,http://dx.doi.org/10.3390/sym9040049,,10.3390/sym9040049,2604064983,,0,000-750-047-594-348; 003-982-227-180-136; 004-962-084-085-761; 005-169-707-018-083; 009-885-874-541-907; 010-985-077-415-59X; 011-006-176-487-462; 012-089-942-653-099; 014-514-641-367-15X; 016-731-888-079-073; 016-873-099-383-893; 018-447-058-666-847; 025-290-159-757-335; 027-658-395-615-692; 030-351-009-711-953; 031-522-316-310-252; 032-451-540-235-796; 034-008-964-356-002; 042-409-013-562-238; 042-767-661-429-064; 047-630-600-014-492; 049-896-268-388-337; 056-715-378-869-201; 058-052-081-943-595; 061-869-577-104-546; 066-078-012-998-723; 066-235-037-082-291; 075-148-096-695-582; 076-020-683-409-265; 078-995-601-408-182; 081-447-017-308-327; 087-950-081-760-226; 089-115-596-397-298; 089-212-328-523-934; 090-752-043-508-733; 092-237-744-940-330; 094-295-279-676-447; 096-685-107-801-738; 109-749-496-799-933; 125-939-677-745-616; 126-591-597-706-715; 128-940-875-499-986; 130-778-270-601-465; 131-516-331-360-906; 131-796-930-292-035; 136-224-445-947-796; 142-884-607-464-932; 150-305-598-712-279; 155-063-496-030-974; 155-226-042-989-551; 166-178-398-716-39X; 168-211-791-741-422; 170-238-670-627-975,17,true,cc-by,gold
184-251-947-430-476,Cyber CSI: The challenges of digital forensics,,2015,,,,,,Richard Boddington,"Forensics is changing in the digital age, and the legal system is still catching up when it comes to properly employing digital evidence.; ; Broadly speaking, digital evidence is information found on a wide range of electronic devices that is useful in court because of its probative value. It’s like the digital equivalent of a fingerprint or a muddy boot.; ; However, digital evidence tendered in court often fails to meet the same high standards expected of more established forensics practices, particularly in ensuring the evidence is what it purports to be.",,,,,Internet privacy; Engineering; Fingerprint (computing); Digital evidence; Computer security; Computer forensics; Digital forensics,,,,,https://researchrepository.murdoch.edu.au/id/eprint/29702/,https://researchrepository.murdoch.edu.au/id/eprint/29702/,,,2339752156,,0,,0,false,,
184-298-619-472-94X,Research and Development of Digital Forensics Platforms,,2012,journal article,Journal of Shanghai Jiaotong University,0411972x,,,Yang Chung-huang,"Number of cyber crime increases dramatically these days and there are rapid progress on computer and smartphone systems,therefore,forensic investigators have been facing the difficulty of admissibility of digital evidence.To solve this problem,this paper developed forensic techniques and tools to collect digital evidence for computer systems and Android mobile devices.Forensics were carried out on both Windows and Linux systems to ensure judicial review of the evidence on the effectiveness of digital evidence with credibility.",,,,,Engineering; Credibility; Digital evidence; Cyber crime; Computer security; Judicial review; Network forensics; Computer forensics; Android (operating system); Digital forensics,,,,,http://en.cnki.com.cn/Article_en/CJFDTOTAL-SHJT201202019.htm,http://en.cnki.com.cn/Article_en/CJFDTOTAL-SHJT201202019.htm,,,2377639714,,0,,2,false,,
184-837-077-197-057,Digital Evidence Retrieval and Forensic Analysis on Gambling Machine,2012-05-28,2012,,,,,,Pritheega Magalingam; Azizah Abdul Manaf; Rabiah Ahmad; Zuraimi Yahya,"Hardware forensic analysis involves the process of analyzing digital evidence derived from digital sources. The analysis is done to facilitate and prove either the device is used to commit crime, whether it contains evidence of a crime or is the target of a crime. Gambling machines serve as the main source by which illegal games are conducted. This paper presents a method for retrieving information from a seized gaming machine, along with an analysis of the interpreted information to prove that the gaming machine was used illegally. The proposed procedures for the gambling machine forensic process will be important for forensic investigators (e.g., the police or private investigators), as they will assist these individuals in the digital forensic evidence analysis necessary to produce evidence relevant to illegal gambling.",,,,,Forensic science; Commit; Psychology; Data science; Digital evidence; Evidence analysis; Computer security; Process (engineering); Digital forensics,,,,,https://eudl.eu/doi/10.1007/978-3-642-11534-9_11,https://eudl.eu/doi/10.1007/978-3-642-11534-9_11,,,2735212748,,0,,0,false,,
184-846-052-026-31X,LOCARD: Lawful evidence cOllecting and Continuity plAtfoRm Development,,,,,,,,Pablo López-Aguilar Beltrán,"Digital evidence is currently an integral part of criminal investiga-tions, and not confined to pure cybercrime cases. Criminal behaviours like fi-nancial frauds, intellectual property theft, industrial espionage, and terrorist networks leverage the Internet and cyberspace. The very ubiquity of digital de-vices in modern society makes digital evidence extremely relevant for investi-gations about all kinds of criminal behaviour like murder, contraband activities, and people smuggling, to name a few. Due to its nature, the use of digital evidence in a court of law has always been challenging. It is critical that it should be accompanied by a proper chain of cus-tody, guaranteeing its source and integrity. LOCARD aims to provide a holistic platform for chain of custody assurance along the forensic workflow, a trusted distributed platform allowing the storage of digital evidence metadata in a blockchain. Each node of LOCARD will be able to independently set its own permission policies and to selectively share access to digital evidence with other nodes when deemed necessary and upon proper authorization through fine-grained policies. LOCARD's modularity will also allow diverse actors to tailor the platform to their specific needs and role in the digital forensic workflow, from preparation and readiness, to collection, to analysis and reporting.",1,1,51,55,Chain of custody; The Internet; Cybercrime; Cyberspace; Digital evidence; Intellectual property; Computer security; Computer science; Digital forensics; Industrial espionage,,,,,https://pasithee.library.upatras.gr/iisa/article/download/3319/3546 https://ejupunescochair.lis.upatras.gr/iisa/article/download/3319/3546 https://ejupunescochair.lis.upatras.gr/iisa/article/view/3319 https://pasithee.library.upatras.gr/iisa/article/view/3319,http://dx.doi.org/10.26220/iisa.3319,,10.26220/iisa.3319,3129984065,,0,,0,false,,
184-948-841-629-735,An Event-Based Digital Forensic Investigation Framework,2004-08-11,2004,journal article,Digital Investigation,17422876,,,Brian D. Carrier; Eugene H. Spafford,"In this paper, we present a framework for digital forensics that includes an investigation process model based on physical crime scene procedures. In this model, each digital device is considered a digital crime scene, which is included in the physical crime scene where it is located. The investigation includes the preservation of the system, the search for digital evidence, and the reconstruction of digital events. The focus of the investigation is on the reconstruction of events using evidence so that hypotheses can be developed and tested. This paper also includes definitions and descriptions of the basic and core concepts that the framework uses.",,,,,World Wide Web; Crime scene; Information retrieval; Digital forensic process; Digital evidence; Digital forensic investigation; Event based; Focus (computing); Computer science; Process (engineering); Digital forensics,,,,,https://dfrws.org/presentation/an-event-based-digital-forensic-investigation-framework/ https://dfrws.org/wp-content/uploads/2019/06/2004_USA_paper-an_event-based_digital_forensic_investigation_framework.pdf http://www.digital-evidence.org/papers/dfrws_event.pdf http://www.dfrws.org/2004/day1/Carrier-event.pdf https://www.digital-evidence.org/papers/dfrws_event.pdf https://cerias.purdue.edu/assets/pdf/bibtex_archive/2004-53.pdf,https://dfrws.org/presentation/an-event-based-digital-forensic-investigation-framework/,,,2096127821,,0,001-009-008-665-240; 034-916-306-834-918; 038-668-970-194-854; 064-461-905-099-548; 085-379-403-609-164; 087-665-408-966-240; 114-791-371-428-899; 176-279-989-411-85X; 178-883-713-153-793; 199-745-676-923-766,194,false,,
185-154-793-474-477,정보기술 아키텍쳐 기반의 디지털 포렉식 체계 도입에 대한 연구,2007-08-01,2007,,,,,,null 장윤식,"There are many models for digital forensic procedure based on processes or architectures. Because of insufficiency of previous models, some practical examples show that they can not be covered by traditional explanations. One example is the brand new online evidence collecting system implemented by Korean Police, which enables the Internet users directly transfer their mobile phone video clips captured by themselves. No model found to explain this kind of digital evidence handling. I ascertained that it is because many models followed physical forensic system without concerning virtual nature and the development of digital forensic methodologies. To solve this problem, I proposed to adopt the concept of Enterprise Architecture(EA) into digital forensic system. Most of all, modern digital forensic system could not be mentioned without information system. Even though there could be many other consideration which should be taken into, information system is conducting main role in digital forensics and it is being extended day by day. Automated and network based forensics are typical examples which do need minimal role of human during collecting evidence. The second reason that requires implementation of EA is because we need broader architecture which can include more exemptions. The last but not least, recently proposed security architecture for enterprises is found to be more compatible with digital forensics. These two share many major concepts including not only security itself, but integrity and others as well. Designing enterprise level architecture is not easy work. Prior to propose concrete architecture model, I proposed several presumptions. These are standardization, considering legal aspects, compliance with the regimes which dominate current forensic system involving accreditation of crime labs, and dividing from ordinary information system architecture.",7,2,65,84,Engineering; Enterprise architecture framework; Digital evidence; Enterprise information security architecture; Computer security; Network forensics; Computer forensics; View model; Digital forensics; Data architecture,,,,,https://www.dbpia.co.kr/Article/NODE07019090,https://www.dbpia.co.kr/Article/NODE07019090,,,2612211125,,0,,0,false,,
185-500-339-223-298,Digital Evidence Management,2019-05-29,2019,book chapter,Implementing Digital Forensic Readiness,,CRC Press,,Jason Sachowski,,,,24,52,Digital evidence; Business; Computer science; Computer security; Digital forensics,,,,,,http://dx.doi.org/10.4324/9780429441363-3,,10.4324/9780429441363-3,,,0,,0,false,,
185-861-974-193-933,Collaborative Integrity Verification for Blockchain-Based Cloud Forensic Readiness Data Protection,2022-01-23,2022,book chapter,Informatics and Intelligent Applications,18650929; 18650937,Springer International Publishing,Germany,Omoniyi Wale Salami; Muhammad Bashir Abdulrazaq; Emmanuel Adewale Adedokun; Basira Yahaya,"A conceptual intelligent framework for securing Cloud Forensic Readiness framework for a proactive collection of potential digital evidence from the Cloud and enhancing trust in chain-of-custody is presented in this paper. The complexities of Cloud technology including multitenancy and inter-jurisdictional spanning are making forensic investigation on Cloud storage difficult. The immensity of the Cloud data makes it difficult to be thoroughly searched as required for forensic investigation. Securing the integrity of digital evidence in the hands of its custodians is also important. These problems and other challenges peculiar to the Cloud call for effective solutions. Forensic readiness is used to maximize the ability to collect digital evidence and minimize the cost of forensic during an incident response investigation. Researchers have proposed different solutions to improve forensic readiness systems and make them suitable for their purposes. Preventing digital evidence in a forensic readiness system from being corrupted by its custodians is found to be open to research. A blockchain solution with crypto hash security for collaborative mutual authentication of the proactively collected data is proposed in this work. It uses the elliptic curve cryptography algorithms for verification of the custodians of data and authentication of the digital evidence integrity. The solution will adequately mitigate sharp practices from the digital evidence custodian who may want to compromise it, and also enhance the admissibility of the digital evidence in court by ensuring an acceptable standard for its collection.",,,138,152,Custodians; Digital evidence; Computer science; Cloud computing; Digital forensics; Computer security; Authentication (law); Data integrity; Cloud storage; Digital signature; Data science,,,,,,http://dx.doi.org/10.1007/978-3-030-95630-1_10,,10.1007/978-3-030-95630-1_10,,,0,003-904-457-475-817; 006-845-594-028-441; 019-119-495-482-994; 019-360-393-097-72X; 023-804-850-114-45X; 024-462-843-796-80X; 032-285-341-236-533; 033-015-374-657-154; 043-961-624-437-482; 045-783-901-971-215; 054-703-618-719-229; 056-205-328-777-528; 066-252-019-370-905; 072-011-257-348-244; 072-275-930-270-061; 077-603-385-952-05X; 078-599-698-376-230; 078-804-952-653-425; 084-546-403-745-974; 096-091-715-269-337; 096-899-831-703-200; 127-364-049-570-112; 184-546-625-187-133,0,false,,
186-940-557-741-427,Forensics chain for evidence preservation system: An evidence preservation forensics framework for internet of things‐based smart city security using blockchain,2022-05-20,2022,journal article,Concurrency and Computation: Practice and Experience,15320626; 15320634,Wiley,United States,Randa Kamal; Ezz El‐Din Hemdan; Nawal El‐Fishway,"In recent times, the new revolution of IoT facilitates communication and information sharing among people in different domains like a smart city. This revolution came with a risk of cyber-attacks that target devices and shared data. The digital evidence resulting from the digital forensics process applied to IoT devices must be kept safe for later analysis. Preserving digital evidence on a centralized server raises the risk of a single point of failure. Evidence preserving on cloud servers raises the tampering risk with the evidence or even sharing them with malicious third parties. Therefore, this paper presents a novel framework called Forensics Chain for Evidence Preservation System for IoT-based smart city security. The proposed framework aims to integrate blockchain with digital forensics to overcome the problems faced by forensic investigators; single point of failure and/or evidence modifications and enhance the security of preserving digital evidence via applying blockchain. Applying blockchain guarantees the immutability and data integrity of the preserved evidence. Furthermore, preserving the digital evidence among the forensic participant nodes eliminates the possibility of the single-point failure of a centralized storage server. The results provided a Proof of Concept for forensic evidence preservation based on blockchain and evaluated its performance.",34,21,,,Blockchain; Internet of Things; Network forensics; Computer security; Computer science; The Internet; Internet privacy; Digital forensics; World Wide Web,,,,,,http://dx.doi.org/10.1002/cpe.7062,,10.1002/cpe.7062,,,0,010-284-227-477-250; 012-199-054-127-602; 014-448-058-704-128; 015-973-222-946-009; 017-843-938-494-981; 026-698-451-512-277; 029-610-096-288-863; 032-169-069-596-979; 041-749-004-943-703; 044-247-442-262-35X; 050-244-001-533-04X; 054-079-583-763-10X; 055-498-537-115-235; 082-403-932-515-639; 083-888-956-568-609; 089-419-984-563-123; 101-258-932-366-249; 131-581-925-248-197; 132-746-973-839-652; 132-810-780-767-932; 154-393-793-915-985,0,false,,
186-989-428-380-116,Exploring Lack of Due Diligence as a Threat to Forensic Analysis Preparation and Readiness,2022-07-26,2022,journal article,Advances in Multidisciplinary and scientific Research Journal Publication,24888699,Creative Research Publishers,,Jonas Takyi Asamoah,"<jats:p>The usage of digital technology in the digital forensic investigation has grown in tandem with the rising importance of technology today. Too many incidences of digital and physical crime which is the focus of the world nowadays. To gather the finest evidence and investigative outcomes, a digital forensic model must be established. This study included a review of the literature on digital forensics and models established in digital forensics. According to the findings, the majority of research involves broad inquiries and procedures that overlap. Furthermore, no model has been developed to design a systemic inquiry. In this study, we propose a methodology for digital forensic examination to address this issue. This model combines several of the previous models and adds some new variables that are relevant to the study.  Keywords: Due Diligence, Threats, Forensic Analysis, Preparation, Readiness, Cyber Security,   BOOK Chapter ǀ Research Nexus in IT, Law, Cyber Security &amp; Forensics. Open Access. Distributed Free  Citation: Jonas Takyi Asamoah (2022): Exploring Lack of Due Diligence as a Threat to Forensic Analysis Preparation and Readiness Book Chapter Series on Research Nexus in IT, Law, Cyber Security &amp; Forensics. Pp 307-314 www.isteams.net/ITlawbookchapter2022. dx.doi.org/10.22624/AIMS/CRP-BK3-P49</jats:p>",1,,307,314,Digital forensics; Digital evidence; Nexus (standard); Due diligence; Computer forensics; Computer security; Computer science; Data science; Internet privacy,,,,,,http://dx.doi.org/10.22624/aims/crp-bk3-p49,,10.22624/aims/crp-bk3-p49,,,0,,0,true,,bronze
187-464-067-072-63X,Role of Cyber Security and Cyber Forensics in India,,2019,book chapter,"Cyber Law, Privacy, and Security",,IGI Global,,Gulshan Shrivastava; Kavita Sharma; Manju Khari; Syeda Erfana Zohora,"<jats:p>This chapter describes cyber forensics, also known as computer forensics, which is a subdivision of digital forensic science, relating to evidence detection in computers and digital storage media. The purpose of cyber forensics is the forensically-sound investigation of digital media with the intent to: identify, preserve, recover, analyze, present facts, and opinions; concerning the digital information. Even though it is generally allied with the analysis of cyber-based crimes, computer forensics may also be used in civil proceedings. Evidence composed from cyber forensic analysis is typically subjected to similar procedures and performs as supplementary digital evidence. With these advancements, it was desired that cyber forensics be to protect users and remain citizen-centric. This chapter shows that there is additional research needed to understand the implications of cyber forensic research to improve detection of cyber crimes. </jats:p>",,,1349,1368,Computer forensics; Digital forensics; Cyber crime; Digital evidence; Computer security; Computer science; Network forensics; Data science; Internet privacy; World Wide Web; The Internet,,,,,,http://dx.doi.org/10.4018/978-1-5225-8897-9.ch067,,10.4018/978-1-5225-8897-9.ch067,,,0,007-169-482-467-12X; 033-740-867-472-387; 034-742-644-592-168; 090-251-279-522-579; 116-008-751-288-053; 149-711-351-282-957; 186-605-882-654-433,0,false,,
187-762-907-549-695,Digital Forensics for Legal Professionals: Understanding Digital Evidence from the Warrant to the Courtroom,2011-09-16,2011,book,,,,,Larry E. Daniel; Lars E. Daniel,,,,,,Internet privacy; Legal profession; Political science; Warrant; Digital evidence; Computer forensics; Digital forensics,,,,,https://www.amazon.com/Digital-Forensics-Legal-Professionals-Understanding/dp/159749643X,https://www.amazon.com/Digital-Forensics-Legal-Professionals-Understanding/dp/159749643X,,,2477006094,,0,,21,false,,
188-139-001-545-729,Protecting the Integrity of Digital Evidence and Basic Human Rights During the Process of Digital Forensics,2015-01-01,2015,,,,,,Shahzad Saleem,"Scientific development and progress in the fields of computer science, information technology and their related disciplines, have transformed our world into a “digital world”. Omnipresent digital d ...",,,,,Human–computer interaction; Information technology; Human rights; Data science; Digital evidence; Scientific development; Computer science; Process (engineering); Information and Computer Science; Digital forensics; Information science,,,,,https://diva-portal.org/smash/get/diva2:806849/FULLTEXT02 http://swepub.kb.se/bib/swepub:oai:DiVA.org:su-116581 http://su.diva-portal.org/smash/get/diva2:806849/FULLTEXT02.pdf http://www.diva-portal.org/smash/record.jsf?pid=diva2:806849,http://swepub.kb.se/bib/swepub:oai:DiVA.org:su-116581,,,284634067,,0,001-009-008-665-240; 001-135-038-170-705; 001-387-890-830-976; 002-633-335-300-244; 007-532-413-242-967; 009-701-742-236-493; 017-840-378-634-021; 019-505-819-376-748; 019-698-064-288-240; 019-831-293-743-518; 020-944-423-224-895; 021-850-998-857-676; 022-058-307-695-864; 023-190-406-712-070; 023-401-197-989-280; 030-266-326-999-894; 031-562-742-238-720; 032-697-093-668-898; 035-877-258-121-493; 038-395-829-222-050; 038-668-970-194-854; 039-457-160-438-34X; 040-725-252-545-808; 041-227-773-004-745; 043-557-221-344-121; 045-581-544-307-619; 057-267-597-523-585; 062-416-200-051-805; 065-452-675-566-99X; 080-145-245-150-605; 087-033-309-941-253; 089-695-854-791-989; 093-779-978-973-429; 094-587-727-381-031; 097-723-876-253-714; 111-741-773-111-021; 120-697-354-224-33X; 122-880-373-616-302; 123-468-327-110-468; 124-466-422-768-986; 132-355-634-397-986; 138-232-752-906-225; 139-524-002-008-769; 141-145-576-773-920; 151-378-930-836-964; 178-883-713-153-793; 181-095-475-426-346; 184-948-841-629-735; 188-762-236-378-448; 191-040-676-222-205; 199-745-676-923-766,2,false,,
188-659-384-239-209,IFIP Int. Conf. Digital Forensics - Visualizing Information in Digital Forensics,,2012,book chapter,IFIP Advances in Information and Communication Technology,18684238; 18612288; 1868422x; 15715736,Springer Berlin Heidelberg,Germany,Grant Osborne; Hannah Thinyane; Jill Slay,"The evolution of modern electronic devices is outpacing the scalability and effectiveness of the tools used to analyze digital evidence recovered from them. Indeed, current digital forensic techniques and tools are unable to handle large datasets in an efficient manner. As a result, the time and effort required to conduct digital forensic investigations are increasing. This paper describes a promising digital forensic visualization framework that displays digital evidence in a simple and intuitive manner, enhancing decision making and facilitating the explanation of phenomena in evidentiary data.",,,35,47,World Wide Web; Electronics; Data science; Digital evidence; Visualization; Computer science; Scalability; Digital forensics,,,,,https://hal.inria.fr/hal-01523711/document https://link.springer.com/content/pdf/10.1007%2F978-3-642-33962-2_3.pdf https://hal.inria.fr/hal-01523711 https://rd.springer.com/chapter/10.1007/978-3-642-33962-2_3 https://link.springer.com/chapter/10.1007/978-3-642-33962-2_3 https://dblp.uni-trier.de/db/conf/ifip11-9/df2012.html#OsborneTS12,http://dx.doi.org/10.1007/978-3-642-33962-2_3,,10.1007/978-3-642-33962-2_3,176724177,,0,006-019-193-374-154; 011-305-212-011-315; 031-294-750-698-550; 075-056-106-679-562; 082-183-269-232-269; 085-891-192-348-20X; 132-603-268-158-204,4,true,cc-by,green
188-906-319-580-22X,Analysis of Digital Evidence,2015-10-09,2015,book chapter,Computer Forensics,,"John Wiley & Sons, Inc.",,,,,,38,51,Digital evidence; Computer science; Digital forensics; Computer security,,,,,,http://dx.doi.org/10.1002/9781119202011.ch4,,10.1002/9781119202011.ch4,,,0,,0,false,,
189-064-913-996-787,Technology and digital forensics,2017-02-24,2017,book chapter,"The Routledge Handbook of Technology, Crime and Justice",,Routledge,,Marcus K. Rogers,"This chapter focuses on the discipline of digital forensics. It examines the history of how criminals have been early adopters of technology to further their criminal trade craft. The chapter examines specific technologies that have either been used or targeted by cyber criminals. It also focuses on the main technologies that seem to have had the biggest impact. The chapter also looks at what impact the use of tools has on those investigating computer crimes, as various automated tools are now becoming a standard part of this forensic discipline. The Internet of Things (IoT) is the near future target for cyber criminals. Digital forensics is defined as ""A sub-discipline of Digital & Multimedia Evidence, which involves the scientific examination, analysis, and/or evaluation of digital evidence in legal matters"". Society has greatly benefitted from the advances in technology. The Internet has arguably changed the very fabric of the people society.",,,406,416,Internet privacy; The Internet; Early adopter; Engineering; Craft; Digital evidence; Internet of Things; Digital forensics,,,,,https://www.routledgehandbooks.com/doi/10.4324/9781315743981-24 https://www.taylorfrancis.com/chapters/edit/10.4324/9781315743981-24/technology-digital-forensics-marcus-rogers,http://dx.doi.org/10.4324/9781315743981-24,,10.4324/9781315743981-24,2891426595,,0,,2,false,,
189-541-862-329-202,Generating System Requirements for a Mobile Digital Evidence Collection System: A Preliminary Step Towards Enhancing the Forensic Collection of Digital Devices,,2010,,,,,,Ibrahim Baggili,,,,,,Engineering; Mobile computing; Information system; Mobile device; Digital evidence; Collection system; Computer security; System requirements; Mobile device forensics,,,,,https://digitalcommons.newhaven.edu/cgi/viewcontent.cgi?article=1048&context=electricalcomputerengineering-facpubs https://digitalcommons.newhaven.edu/electricalcomputerengineering-facpubs/48/,https://digitalcommons.newhaven.edu/electricalcomputerengineering-facpubs/48/,,,2581639833,,0,,0,false,,
189-946-818-419-927,ICITST - Forensic memory evidence of windows application,2012-12-01,2012,conference proceedings,,,,,Funminiyi Olajide; Nick Savage; Galyna Akmayeva; Richard Trafford,"In modern digital investigations, forensic sensitive information can be gathered from the physical memory of computer systems. Digital forensic community feels the urge towards accurate data collection, preservation, examination, validation, data analysis and presentation. This investigative process has become an essential part of digital investigation. The extraction of forensically relevant evidence from the physical memory can reveals users' actions. This research will report the amount of evidence that can be extracted and how the evidence changes with the length of time that the system is switched on and the application is still opened. In this experiment, the quantitative assessment of user input on the most commonly used applications will be presented.",,,715,718,Data collection; World Wide Web; Information sensitivity; Data science; Presentation; Computer science; Network forensics; Computer forensics; Digital forensics; User interface; Process (computing),,,,,https://ieeexplore.ieee.org/document/6470910/ https://dblp.uni-trier.de/db/conf/icitst/icitst2012.html#OlajideSAT12,https://ieeexplore.ieee.org/document/6470910/,,,2533232930,,0,076-095-910-918-008; 141-182-449-198-823; 146-991-652-523-750; 161-183-838-006-143,5,false,,
190-464-860-102-45X,Literature Survey on Digital Forensics and Anti - Forensics,2016-02-29,2016,,,,,,S Niveadhitha,"Forensics or Forensic science is an arena of science that deals with investigation of any unlawful activity and to present it as evidence in court of law. Increased use of digital devices, especially computers, makes man's life easy but also vulnerable. Modern forms of crime, with either computer as an instrument or computer as the target, broadly called the computer crimes or cyber crimes are increasing in number and severity. To combat cyber crime, an active topic of research called Digital forensics came into play. The goal of digital forensics is to answer the five questions - Why? Who? Where? When? and How? related to the crime committed. This emerging field focuses on the tools and techniques that deal with identifying, preserving, extracting and documenting the evidence. With the growth in knowledge of collecting evidence, knowledge of destroying data and metadata required to create evidence also grew. Anti-forensic or counter forensic study deals with the study of techniques and tools to confound an investigator. The proponents for privacy measure support anti-forensics. It talks about hiding or destroying the data and the metadata. On the whole it makes the process of acquiring evidence as complex as possible. Tools that help users perform anti-forensics are called anti-forensic tools. Yet, there could be files and track evidences, accessed by hackers which could bring the activities of the user to limelight. Hence, analysis of these anti forensic tools comes with greater importance. Hence, the analysis of the tools is proposed.",2,,28,35,Internet privacy; Limelight; Forensic study; Literature survey; Field (computer science); Computer science; Process (engineering); Digital forensics; Hacker; Metadata,,,,,https://technology.adrpublications.in/index.php/JofInformation-Technology-Mgt/article/view/330,https://technology.adrpublications.in/index.php/JofInformation-Technology-Mgt/article/view/330,,,2972694196,,0,,0,false,,
190-597-436-230-873,Digital forensic models: A comparative analysis,,2018,journal article,"International Journal of Management, IT, and Engineering",,,,Sudesh Rani,"With increase in new and ever evolving technologies like internet and information technology in the 21st century, the digital crimes are also increasing. the evidence of such crimes which are technology driven are in digital form and need to employ technology inclined techniques to uncover evidence that are admissible in court. Digital forensics applies digital investigation and analysis techniques to help in detection of digital crimes. Digital forensics provide the investigation techniques identification, preservation, collection, validation, analysis documentation and presentation of digital evidences. Different models have been presented to study the basics of digital forensics. Methods used for digital forensic investigation play an important role because inappropriate model choice may result in incomplete of missing evidence. In this paper we study different models. Their strengths and weaknesses and finally make a comparative study that which model is best among them.",8,6,432,443,The Internet; Information technology; Data science; Presentation; Analysis Documentation; Model choice; Computer science; Strengths and weaknesses; Identification (information); Digital forensics,,,,,https://www.indianjournals.com/ijor.aspx?target=ijor:ijmie&volume=8&issue=6&article=034,https://www.indianjournals.com/ijor.aspx?target=ijor:ijmie&volume=8&issue=6&article=034,,,3202151067,,0,000-938-884-410-192; 004-872-169-627-620; 008-047-275-222-577; 020-944-423-224-895; 032-697-093-668-898; 038-668-970-194-854; 132-355-634-397-986; 163-581-541-690-876; 190-065-821-748-92X; 199-745-676-923-766,0,false,,
190-702-439-604-676,"Digital Evidence, Computer Forensics and Investigation *",2021-05-25,2021,book chapter,Forensic Science,,CRC Press,,Jay A. Siegel; Kathy Mirakovits,,,,189,209,Computer forensics; Digital evidence; Digital forensics; Computer science,,,,,,http://dx.doi.org/10.4324/9780429318757-10,,10.4324/9780429318757-10,,,0,,0,false,,
190-754-967-593-450,Researches on Some Problems in Digital Forensics,,2008,journal article,Journal of Tianjin Administrative Cadre College of Politics and Law,,,,Hao Wen-jiang,"Along with the universality and development of the calculator science,especially the all-round acceleration of our national economy and social informationization progress,the foundation and global role of calculator information system have been progressively strengthened.But in the meantime,the cases involving the calculator system also increase steadily,so the correctness of digital forensics has a bearing on how to decide the nature of the case and conviction and punishment.The author,based on the comprehension toward concept and characteristics of the electronic evidence,explained the principle of digital forensics and put forward existing problems in the current digital forensics and corresponding countermeasures.",,,,,Information system; Law; Countermeasure; Calculator; Conviction; National economy; Computer security; Computer science; Correctness; Digital forensics,,,,,https://en.cnki.com.cn/Article_en/CJFDTOTAL-TZFG200803006.htm,https://en.cnki.com.cn/Article_en/CJFDTOTAL-TZFG200803006.htm,,,2372141527,,0,,0,false,,
190-795-233-892-655,"Digital Forensics and Investigations: People, Process, and Technologies to Defend the Enterprise",2018-05-16,2018,book,,,,,Jason Sachowski,"Digital forensics has been a discipline of Information Security for decades now. Its principles, methodologies, and techniques have remained consistent despite the evolution of technology, and, ultimately, it and can be applied to any form of digital data. However, within a corporate environment, digital forensic professionals are particularly challenged. They must maintain the legal admissibility and forensic viability of digital evidence in support of a broad range of different business functions that include incident response, electronic discovery (ediscovery), and ensuring the controls and accountability of such information across networks. ; ; Digital Forensics and Investigations: People, Process, and Technologies to Defend the Enterprise provides the methodologies and strategies necessary for these key business functions to seamlessly integrate digital forensic capabilities to guarantee the admissibility and integrity of digital evidence. In many books, the focus on digital evidence is primarily in the technical, software, and investigative elements, of which there are numerous publications. What tends to get overlooked are the people and process elements within the organization. ; ; Taking a step back, the book outlines the importance of integrating and accounting for the people, process, and technology components of digital forensics. In essence, to establish a holistic paradigm—and best-practice procedure and policy approach—to defending the enterprise. This book serves as a roadmap for professionals to successfully integrate an organization’s people, process, and technology with other key business functions in an enterprise’s digital forensic capabilities.",,,,,Technological evolution; Data science; Accountability; Electronic discovery; Digital data; Digital evidence; Computer science; Process (engineering); Information security; Digital forensics,,,,,https://www.taylorfrancis.com/books/9781315194820 https://www.taylorfrancis.com/books/mono/10.4324/9781315194820/digital-forensics-investigations-jason-sachowski https://www.amazon.com/Digital-Forensics-Investigations-Technologies-Enterprise/dp/1138720933,https://www.taylorfrancis.com/books/mono/10.4324/9781315194820/digital-forensics-investigations-jason-sachowski,,,2884535165,,0,,2,false,,
191-920-670-388-656,Validating digital forensic evidence,,2011,dissertation,,,,,Karthikeyan Shanmugam,,,,,,Internet privacy; Engineering; Virus attack; Computer security; Digital forensics; Hacker,,,,,https://bura.brunel.ac.uk/bitstream/2438/7651/1/FulltextThesis.pdf https://bura.brunel.ac.uk/handle/2438/7651 http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.582883,https://bura.brunel.ac.uk/handle/2438/7651,,,1864875567,,0,001-009-008-665-240; 004-968-449-376-682; 034-183-561-604-364; 041-245-796-716-648; 047-101-175-100-694; 050-044-888-092-612; 062-049-901-374-904; 062-199-186-620-603; 062-421-316-909-478; 065-452-675-566-99X; 066-257-794-875-237; 077-760-644-626-582; 078-598-867-814-365; 105-126-222-909-334; 111-471-986-310-852; 111-741-773-111-021; 118-969-096-928-979; 119-897-036-916-673; 131-161-724-039-419; 133-016-965-533-196; 135-667-336-473-575; 136-745-511-009-321; 145-002-823-706-838; 161-074-241-095-611; 182-962-922-039-081; 184-948-841-629-735; 192-741-199-953-58X; 198-269-756-261-175,1,false,,
192-582-294-537-810,디지털 포렌식 업무의 법ㆍ제도적인 개선방향,2008-12-01,2008,,,,,,null 이상복,"As information society is developing, it is well-known that cybercrime(especially computer crime) is increasing. So digital evidence is increasing both cybercrime and general crime. Therefore, digital evidence plays an important role in investigation and judgment. Digital forensics has emerged regarding the procedures of searching and identifying evidence. The purpose of digital forensics is to make digital evidence accept in court according to reasonable process in cybercrime investigation. It is difficult for us to treat digital evidence, because digital information is easy to forge, alter, delete and modify. Therefore some digital evidence collection tools and forensics tools are developed. Due to new technical developments, prosecutors, courts and corporations have began to recognize the importance of digital evidence. But digital evidence gives rises to lots of challenge in criminal evidence law especially, because existing law and legal system does not support present circumstances. Until the legislative and judicial approval come into force, there should be a discussion and research new scientific evidence. In order to develope the digital forensics in Korea, legal and institutional improvement are necessary to be arranged. Both public sector and private sector(especially corporations) need to have digital forensics skills. Because public sector can investigate or judge fairly and by due process, and corporations are able to prevent corporation crimes. Digital forensics can be good methods as internal controls to corporations. But existing legal and institutional system have some problems in view of refinement. This article describes and analyzes the current problems, and proposes some improvements. To admit digital data criminal evidence, criminal procedural law must be amended on accordance with the development of technology. And government is necessary to improve institutional system and formulate the policy about digital forensics collectively.",10,2,139,178,Private sector; Scientific evidence; Political science; Procedural law; Cybercrime; Information society; Digital evidence; Public relations; Computer forensics; Digital forensics,,,,,http://www.dbpia.co.kr/Article/NODE01198416,http://www.dbpia.co.kr/Article/NODE01198416,,,1957675128,,0,,0,false,,
193-126-277-842-378,Cyberstalking Issues,2017-11-01,2017,conference proceedings,,,,,Xiaohua Feng; Audrey Asante; Emma Short; Iroshan Abeykoon,"Cyberstalking is closely related to Digital forensics. Digital forensics is an investigation and analysis technique to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law. The goal of computer forensics is to perform a structured investigation while maintaining a documented chain of evidence to find out exactly what happened on a computing device and who was responsible for it. We can extract evidences from digital devices. The cutting edge technology is to track down the Cyber-stalking evidence with the aid of AI technology, report to law enforcement, and pin down the identity of the stalker. A key focus at this moment is how to proactively detect and prevent this kind of crime.",,,,,Chain of custody; Key (cryptography); Cyberstalking; Law enforcement; Electronic mail; Computer security; Focus (computing); Computer science; Computer forensics; Digital forensics,,,,,http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=8328421,http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=8328421,,,2794843502,,0,000-075-864-097-847; 017-551-642-940-87X; 020-944-423-224-895; 029-638-263-419-336; 072-811-052-394-365; 078-419-383-699-78X; 094-336-360-386-20X; 094-829-899-672-416; 139-278-085-132-667; 140-730-540-277-926; 157-845-315-267-809; 157-954-859-648-506,0,false,,
193-815-688-276-212,Cyber Crime Forensics,2022-05-30,2022,journal article,International Journal of Emerging Multidisciplinaries: Computer Science & Artificial Intelligence,27910164,Publishing House International Enterprise,,Saad Subair; Derar Yosif; Abdelgader Ahmed; Christopher Thron,"<jats:p>Cyber crime is becoming more frequent in our daily life since computers are everywhere now and hence the term cyberspace is becoming our ordinary life. Digital forensics or computer forensics which the process of securing digital evidence against the crime is becoming inevitable. Digital evidence is the foundation for any digital forensic investigation that can be collected by several means using technologies and scientific crime scene investigation. Modifications with crime scene data may possibly change the evidences that may lead to different  investigation results. Several models and frameworks to help investigating cybercrimes have been proposed. In this paper we are proposing a frame work that to suit the Sudanese judiciary system. The framework suggested studied several models and frameworks in the globe to come out with a suitable framework model that can help the Sudanese courts taking their decisions concerning cybercrime. The conventional chain of custody is our main platform to construct our framework. That is due to fact that computer crime is different from conventional crime in that it may have no definite place or space. Although The share of people in computer crime is more crucial than the technology itself, achieving evidence integrity is more challenging than normal crimes. This work aims to study and evaluate the applicability of existing digital forensic process models to the Sudanese environment,  analyze each of these frameworks might and then construct a framework to Sudan courts.</jats:p>",1,1,41,49,Cyberspace; Construct (python library); Digital forensics; Computer forensics; Cybercrime; Computer science; Process (computing); Computer security; Globe; Digital evidence; Cyber crime; Crime scene; Frame (networking); Work (physics); Data science; Internet privacy,,,,,,http://dx.doi.org/10.54938/ijemdcsai.2022.01.1.37,,10.54938/ijemdcsai.2022.01.1.37,,,0,,0,true,,hybrid
194-338-386-317-100,Digital Forensic and Machine Learning,,2020,book chapter,Digital Forensics and Forensic Investigations,,IGI Global,,Poonkodi Mariappan; Padhmavathi B.; Talluri Srinivasa Teja,"<jats:p>Digital Forensic as it sounds coerce human mind primarily with exploration of crime. However in the contemporary world, digital forensic has evolved as an essential source of tools from data acquisition to legal action. Basically three stages are involved in digital forensic namely acquisition, analysis and reporting. Digital Forensic Research Workshop (DFRW) defined digital forensic as “Use of Scientifically derived and proven method towards the identification, collection, analysis, interpretation, documentation and presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of event to be criminal”. The hard problem in digital forensic is such that the acquired data need to be cleaned and is required to be intelligible for reading by human. As a solution to this complexity problem a number of tools are present which may be repeated until relevant data is obtained. </jats:p>",,,427,444,Digital forensics; Documentation; Digital evidence; Computer science; Forensic science; Presentation (obstetrics); Identification (biology); Interpretation (philosophy); Computer forensics; Crime scene; Event (particle physics); Digital recording; Data science; Reading (process),,,,,,http://dx.doi.org/10.4018/978-1-7998-3025-2.ch029,,10.4018/978-1-7998-3025-2.ch029,,,0,015-893-932-355-393; 017-358-994-049-12X; 030-351-009-711-953; 038-955-150-444-274; 041-561-245-686-942; 047-630-600-014-492; 087-950-081-760-226; 099-698-112-763-870; 106-164-360-101-150,0,false,,
195-467-432-479-803,A digital forensic readiness components for operational unit,2013-06-01,2013,dissertation,,,,,Mohammed Saleh; Abdulalem Ali,"The growing threats of fraud and security incidents present numerous of challenges to law enforcement and organizations widespread the world. This has given rise to the need for organizations to make effective incident management strategies, that will improve the company's ability to react to security incidents. Most of organizations underestimate the demand for digital evidence. A forensic investigation of digital evidence is commonly employed as a post-event response to a serious information security incident. In fact, there are many circumstances where an organization may benefit from an ability to gather and preserve digital evidence before an incident occurs. Digital forensic readiness enables an organization to maximize its potential to use digital evidence whilst minimizing the costs of an investigation. In order to ensure organizations ready for incidents must implement the digital forensics readiness in workplace environment. This research aims to identify from existing studies, the concept of digital forensic readiness and how they apply to operational unit. This study focus on previous frameworks and analysis, compare among them to combining and integrating their major components to propose appropriate components of digital forensic readiness for operational unit. These components will help managers and staff to comply with digital forensic discipline in their organization.",,,,,Risk analysis (engineering); Engineering; Order (exchange); Law enforcement; Incident management; Digital evidence; Computer security; Unit (housing); Information security; Digital forensics,,,,,http://eprints.utm.my/id/eprint/37851/,http://eprints.utm.my/id/eprint/37851/,,,97341962,,0,002-383-410-319-043; 007-394-596-774-68X; 010-086-703-646-194; 022-822-071-884-642; 074-014-335-505-388; 135-193-618-945-495; 138-097-495-143-351,0,false,,
196-029-600-635-227,E-commerce in the Digital Forensic Technology,,2011,journal article,Netinfo Security,,,,Zhu Xiao-long,"For E-commerce transaction,the paper analyzed the security requirements and security threats of the ""three flows"" based on the C2C E-commerce model.After given the framework of E-commerce's digital forensics,the paper researched the digital evidence with the investigation technologies such as discovery,fixing,collection,analysis,expression,and so on.Lastly,the key technologies in E-commerce's digital forensics were introduced.",,,,,Key (cryptography); Digital evidence; Computer security; Computer science; Network forensics; Computer forensics; Database transaction; E-commerce; Digital forensics,,,,,http://en.cnki.com.cn/Article_en/CJFDTOTAL-XXAQ201104008.htm,http://en.cnki.com.cn/Article_en/CJFDTOTAL-XXAQ201104008.htm,,,2355458971,,0,,0,false,,
196-258-723-285-705,A Database Forensics Model based on Classification by Analysis Purposes,,2009,journal article,Journal of KIISE:Databases,12297739,,,null 김성혜; Jangwon Gim; Eun-Ae Cho; null BAIKDooKwon,"Digital forensics refers to finding electronic evidences related to crimes. As cyber crimes are increasing daily, digital forensics for finding electronic evidences is also becoming important. At present, various aspects of digital forensics have being researched including the overall process model and analysis techniques such as network forensics, system forensics and database forensics for digital forensics. Regarding database forensics, only analysis techniques dependent on specific vendors have been suggested. And general process models and analysis techniques which can be used in various databases have not been studied. This paper proposes an integrated process model and analysis technique for database forensics. The proposed database forensics model (DFM) allows us to solve problems and analyze databases according to the situation and purpose, and to use a standard model and techniques for various database analyses. In order to test our model(DFM), we applied it to various database analyses. And we confirmed the results of our experiment that it can be applicable to acquisition in the scene as well as analysis of data relationships.",36,2,63,72,Data mining; Data analysis; Database security; Database forensics; Computer science; Process (engineering); Network forensics; Computer forensics; Process modeling; Digital forensics,,,,,http://www.koreascience.or.kr/article/ArticleFullRecord.jsp?cn=JBGHEH_2009_v36n2_63,http://www.koreascience.or.kr/article/ArticleFullRecord.jsp?cn=JBGHEH_2009_v36n2_63,,,2395376238,,0,,0,false,,
196-787-983-201-436,ARES - Proposal for Efficient Searching and Presentation in Digital Forensics,,2008,conference proceedings article,"2008 Third International Conference on Availability, Reliability and Security",,IEEE,,Jooyoung Lee,"Digital forensics is a scientific, logical technique and procedure to collect, keep, and analyze digital data and to report the evidence discovered from them. And purposely, we can define it as an investigative technique to examine any kind of behavior using a computer and to prove the fact relation of it based on the data stored in the computer. Therefore, for digital forensics, it is required to obtain an image copy of original digital data without damage and to prove that the computer evidence existed in the specific time. After the evidence is analyzed, it needs to do with documentation in order to adopt it as legally effective evidence in the law court. As to the digital forensic, it is one of the important requisites of the search tool to present all matched results from the given query keyword. However, because existing forensic search tools just present the results without a kind of grouping or inappropriate filtering, a criminal investigator has to spend a lot of time in order to find documents related to the investigation among the searched results. In this paper, to solve this kind of problem, we propose a method that we find all desired results in a search procedure and thereafter evaluate and rank the results according to their fitness. As a result, meaningful information in investigative perspective is to be presented in the front part of the search result list and it is expected to minimize the time for the criminal investigator to perform filtering unnecessary data and it can contribute to improve the task efficiency.",,,1377,1381,Rank (computer programming); Criminal investigation; Data mining; Relation (database); Digital data; Task (project management); Computer science; Computer forensics; Documentation; Digital forensics,,,,,https://dblp.uni-trier.de/db/conf/IEEEares/ares2008.html#Lee08 https://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=4529505 http://ieeexplore.ieee.org/document/4529505/ https://www.computer.org/csdl/proceedings-article/ares/2008/3102b377/12OmNzFv4i2 http://yadda.icm.edu.pl/yadda/element/bwmeta1.element.ieee-000004529505 https://dx.doi.org/10.1109/ARES.2008.192 https://ieeexplore.ieee.org/document/4529505/,http://dx.doi.org/10.1109/ares.2008.192,,10.1109/ares.2008.192,2145711321,,0,013-246-076-655-612; 069-142-686-443-428; 102-418-572-187-306; 102-602-192-826-532; 149-204-308-279-123; 153-153-144-072-106,12,false,,
197-091-849-217-50X,Forensic analysis of digital evidence from Palm Personal Digital Assistants,2019-10-02,2019,dissertation,,,West Virginia University Libraries,,Christopher M. McNemar,,,,,,Palm; Digital evidence; Palm print; Digital forensics; Computer science; Artificial intelligence; Computer security; Biometrics; Physics; Quantum mechanics,,,,,,http://dx.doi.org/10.33915/etd.1550,,10.33915/etd.1550,,,0,,0,true,,bronze
197-872-262-830-083,"Digital Forensics Processing and Procedures: Meeting the Requirements of ISO 17020, ISO 17025, ISO 27001 and Best Practice Requirements",2013-08-30,2013,book,,,,,David Watson; Andrew Jones,"This is the first digital forensics book that covers the complete lifecycle of digital evidence and the chain of custody. This comprehensive handbook includes international procedures, best practices, compliance, and a companion web site with downloadable forms. Written by world-renowned digital forensics experts, this book is a must for any digital forensics lab. It provides anyone who handles digital evidence with a guide to proper procedure throughout the chain of custody--from incident response through analysis in the lab.A step-by-step guide to designing, building and using a digital forensics labA comprehensive guide for all roles in a digital forensics laboratoryBased on international standards and certifications",,,,,Chain of custody; Engineering management; Engineering; World Wide Web; Best practice; Digital evidence; Web site; Incident response; Certification; Digital forensics,,,,,https://uhra.herts.ac.uk/handle/2299/18829?show=full https://www.amazon.com/Digital-Forensics-Processing-Procedures-Requirements/dp/1597497428 https://openlibrary.org/books/OL28076945M/Digital_Forensics_Processing_and_Procedures https://www.scholartext.com/book/88817640?_locale=fr,https://uhra.herts.ac.uk/handle/2299/18829?show=full,,,2515071886,,0,,11,false,,
198-033-623-455-32X,New Federal Rules and Digital Evidence,2007-04-18,2007,,,,,,Gavin W. Manes; Elizabeth Downing; Lance Watson; Christopher Thrutchley,"The newly revised Federal Rules of Civil Procedure and developments under the Federal Rules of Evidence have a significant impact on the use, collection, and treatment of digital evidence for legal proceedings. The Rules now formally grant electronic documents and digital evidence the same status as paper and other forms of tangible evidence. As a result, the availability and proper preservation of potentially relevant electronic evidence must be considered, at the very latest, in the preliminary stages of litigation and, at the earliest, as soon as litigation is reasonably anticipated. It is important for professionals to be familiar with the specific rules and developing laws pertaining to the preservation and production of digital evidence prior to an incident or the initial stages of litigation and discovery.",,,31,40,Political science; Law and economics; Production (economics); Electronic discovery; Federal Rules of Evidence; Privilege (computing); Federal Rules of Civil Procedure; Digital evidence; Public relations; Civil procedure; Digital forensics,,,,,https://commons.erau.edu/adfsl/2007/session-6/3/ https://commons.erau.edu/cgi/viewcontent.cgi?article=1026&context=adfsl,https://commons.erau.edu/adfsl/2007/session-6/3/,,,1921760969,,0,007-648-632-822-878; 010-649-881-473-026; 108-557-778-816-866; 161-308-750-377-595; 188-762-236-378-448; 192-158-565-472-826,5,false,,