Relevant bibliographies by topics / Computer forensic investigation

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers

Academic literature on the topic 'Computer forensic investigation'

Author: Grafiati
Published: 9 March 2023

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Computer forensic investigation.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Computer forensic investigation"

1

Kovalev, Sergey Aleksandroviсh. "Allpying the Method of Criminalistc Computer Modeling in Crime Investigation." Webology 18, SI05 (October 30, 2021): 871–78. http://dx.doi.org/10.14704/web/v18si05/web18268.

Full text
Abstract:
The authors of this article reviewed certain issues, application features and development perspectives of criminalistic computer modeling in crime investigation. The article gives a more precise definition to the term “criminalistic computer modeling” and the strategy of automized crime investigation, reviews the existing programmed hardware-software complexes and forensic equipment, which use criminalistic computer modeling. Moreover, it outlines the possibility of using certain AI elements for building automized strategies to investigate particular types of crimes. Nowadays, forensics as a science needs to develop new tactics, methods and recommendations, as well as forensic equipment and software, based on modern computer technologies and the method of forensic computer modeling, including the use of AI elements, to make crime investigation more effective. This becomes particularly important during the pre-trial investigation stage, closely connected to the development of new forensic equipment and methods. In this regard, the issues of using criminalistic computer modeling in crime investigation demand special attention. The results of this research lead the authors to believe that the possibility of applying criminalistic computer modeling opens new prospects for using it in forensics, including the criminalistic methodology, which will increase the effectiveness of crime investigation and optimize the work of the investigator.
APA, Harvard, Vancouver, ISO, and other styles
2

Aziz, Benjamin, Clive Blackwell, and Shareeful Islam. "A Framework for Digital Forensics and Investigations." International Journal of Digital Crime and Forensics 5, no. 2 (April 2013): 1–22. http://dx.doi.org/10.4018/jdcf.2013040101.

Full text
Abstract:
Digital forensics investigations are an important task for collecting evidence based on the artifacts left in computer systems for computer related crimes. The requirements of such investigations are often a neglected aspect in most of the existing models of digital investigations. Therefore, a formal and systematic approach is needed to provide a framework for modeling and reasoning about the requirements of digital investigations. In addition, anti-forensics situations make the forensic investigation process challenging by contaminating any stage of the investigation process, its requirements, or by destroying the evidence. Therefore, successful forensic investigations require understanding the possible anti-forensic issues during the investigation. In this paper, the authors present a new method for guiding digital forensics investigations considering the anti-forensics based on goal-driven requirements engineering methodologies, in particular KAOS. Methodologies like KAOS facilitate modeling and reasoning about goals, requirements and obstacles, as well as their operationalization and responsibility assignments. The authors believe that this new method will lead in the future to better management and organization of the various steps of forensics investigations in cyberspace as well as provide more robust grounds for reasoning about forensic evidence.
APA, Harvard, Vancouver, ISO, and other styles
3

Brown, Emmanuel Kpakpo. "Digital Forensic and Distributed Evidence." Advances in Multidisciplinary and scientific Research Journal Publication 1, no. 1 (July 26, 2022): 357–62. http://dx.doi.org/10.22624/aims/crp-bk3-p57.

Full text
Abstract:
Digital Forensics investigation is the science and legal process of investigating computer/cybercrimes and digital media or objects to gather evidence. This new and fast evolving field encompasses computer forensics, network forensics, mobile forensics, cloud computing forensics, and IoT forensics; and for this reason have digital evidence distributed widely when the need arises for crime prosecution. Digital evidence must be authentic, accurate, complete, and convincing to the jury for legal admissibility at the court of law. In many instances due to the distributed nature of digital forensic evidence and the legal procedures to be adhered to in evidence gathering at a digital crime scene, presenting at the law courts have proven to be challenging and in some instances inadmissible. Following legal procedures in evidence gathering at a digital crime scene is critical for admissibility and prosecution. This paper aims to discuss digital forensics investigations jurisprudence in relation to distributed digital evidence. For the study to be relevant to policy and practice, forensic tools and frameworks, legal and ethical obligations, and digital evidence handling and admissibility are highlighted. This paper does not follow any forensic investigations process; but rather discusses the need for development and implementation of unique frameworks that could be utilised to gather distributed digital evidence required for admissibility in court. Keywords - Digital forensics investigations; Digital evidence; Jurisprudence BOOK Chapter ǀ Research Nexus in IT, Law, Cyber Security & Forensics. Open Access. Distributed Free Citation: Emmanuel Kpakpo Brown (2022): Digital Forensic and Distributed Evidence Book Chapter Series on Research Nexus in IT, Law, Cyber Security & Forensics. Pp 357-362 www.isteams.net/ITlawbookchapter2022. dx.doi.org/10.22624/AIMS/CRP-BK3-P57
APA, Harvard, Vancouver, ISO, and other styles
4

Rehman, Danish, and Er Jasdeep Singh. "A Study of Minimization of Cybercrimes by the Implementation of Cyber Forensics Tool Kit." International Journal for Research in Applied Science and Engineering Technology 10, no. 3 (March 31, 2022): 1335–45. http://dx.doi.org/10.22214/ijraset.2022.40867.

Full text
Abstract:
Abstract: To identify whether the victim has committed a crime, both criminal and forensic investigators need the help of digital forensics. As a result, an investigator must use an adequate, accurate, affordable, and trustworthy cyber forensic tool for forensics investigations related to crimes. Digital forensics, also known as computer forensic analysis, computer analysis, and computer inspection, is the practise of painstakingly evaluating computer media (hard discs, diskettes, cassettes, and so on) for evidence. A comprehensive inspection by a qualified examiner may result in the reorganisation of a computer's operations. It's a step-by-step technique for investigating crimes utilising digital evidence employing scientific methodologies and processes. While many amazing solutions have been developed to protect our information communication networks, these devices require much more frequent updating. Individuals with both research abilities and a professional grasp of how the internet works, as well as those who know how to examine PC network security problems, are in great demand. This gives an attack-resistant investigative framework, as well as understanding of how the internet operates and the skills to assess cybercrime apparatus to discover who, what, when, why, and how. The study's findings led to the development of Digital Forensic tool solutions for investigators looking to expand their capabilities in using these tools. Keywords: Forensic, Cybercrime, investigation, toolkit
APA, Harvard, Vancouver, ISO, and other styles
5

Altheyabi, Jasir Adel. "The Digital Forensic Tools Accuracy and Specifications." Academic Journal of Research and Scientific Publishing 3, no. 35 (March 5, 2022): 58–65. http://dx.doi.org/10.52132/ajrsp.e.2022.35.3.

Full text
Abstract:
The research aims to provide an overview of computer forensics, the history of computer forensics tools, and the accuracy and specifications of these tools. With the great and accelerating technological development, the reliance on the Internet has become greater and stronger than before. The world has become dependent on technology in all production and economic operations. And we talked in the second axis of the search for The Computer Forensic Legal Requirement, and Presentation of the tools used in the criminal investigation and an explanation of each tool. The digital forensic investigation tools that we will explain in this research are FTK. Forensic Toolkit, Prodiscovery, Autopsy, p2commander, OSForensics. We conclude that digital investigation tools have outstanding performance on different mediums. It has high accuracy and efficiency in digital investigation, and no single tool is superior to some other tools in all media. With more than one tool on a range of devices, it improves the investigation and testimony capabilities of examinees during exploration.
APA, Harvard, Vancouver, ISO, and other styles
6

Guo, Yinghua, and Jill Slay. "Testing Forensic Copy Function of Computer Forensics Investigation Tools." Journal of Digital Forensic Practice 3, no. 1 (March 18, 2010): 46–61. http://dx.doi.org/10.1080/15567280903521392.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Mualfah, Desti, and Rizdqi Akbar Ramadhan. "Analisis Forensik Metadata Kamera CCTV Sebagai Alat Bukti Digital." Digital Zone: Jurnal Teknologi Informasi dan Komunikasi 11, no. 2 (November 7, 2020): 257–67. http://dx.doi.org/10.31849/digitalzone.v11i2.5174.

Full text
Abstract:
Kejahatan konvensial yang terekam kamera CCTV (Closed Circuit Televison) semakin banyak ditemukan di masyarakat, setiap pelaku kejahatan yang terbukti melakukan tindak pidana tertentu akan dihukum sesuai dengan peraturan perundang-undangan. Kamera CCTV memiliki peran penting dalam keamanan, banyak diantaranya hasil tangkapan rekaman kamera CCTV dijadikan sebagai alat bukti digital. Tantangannya adalah bagaimana teknik yang diperlukan untuk penanganan khusus investigasi digital forensik dalam mencari bukti ditgital rekaman kamera CCTV menggunakan metode live forensik, yaitu ketika barang bukti dalam keadan aktif berdasarkan pedoman SNI 27037:2014 sesuai acuan kerangka kerja Common Phases of Computer Forensics Investigation Models untuk di implementasikan ke dalam dokumen Chain of Custody. Hasil penelitian ini berupa hasil analisis video rekaman kamera CCTV tentang karakteristik bukti digital dan informasi metadata yang digunakan untuk memberikan penjelasan komprehensif secara terstruktur serta acuan pengelolaan informasi data yang didapat dari hasil investigasi digital forensik yang dapat dipertanggungjawabkan dalam persidangan. Kata kunci: Bukti Digital, Live Forensik, Metadata, Kamera CCTV, Chain of Custody. Abstract Conventional crimes that are recorded on CCTV (Closed Circuit Television) cameras are increasingly being found in society, every crime that commits certain crimes will be in accordance with statutory regulations. CCTV cameras have an important role in security, many of which are recorded by CCTV cameras used as digital evidence. The challenge is how the techniques required for special handling, digital forensics in searching for digital evidence of CCTV camera footage using the live forensic method, namely when the evidence is in an active state based on the latest SNI 27037: 2014 according to the framework reference Common Phases of Computer Forensics Investigation Models for in implement it into the Chain of Custody document. These results of this research are in the form of analysis of CCTV camera video recordings about the characteristics of digital evidence and metadata information used to provide a structured comprehensive explanation and reference data management information obtained from the results of digital forensic investigations that can be accounted for in court. Keywords: Digital Evidence, Live Forensic, Metadata, CCTV Camera, Chain of Custady.
APA, Harvard, Vancouver, ISO, and other styles
8

Widodo, Tri, and Adam Sekti Aji. "Pemanfaatan Network Forensic Investigation Framework untuk Mengidentifikasi Serangan Jaringan Melalui Intrusion Detection System (IDS)." JISKA (Jurnal Informatika Sunan Kalijaga) 7, no. 1 (January 25, 2022): 46–55. http://dx.doi.org/10.14421/jiska.2022.7.1.46-55.

Full text
Abstract:
Intrusion Detection System (IDS) is one of the technology to ensure the security of computers. IDS is an early detection system in the event of a computer network attack. The IDS will alert the computer network administrator in the event of a computer network attack. IDS also records all attempts and activities aimed at disrupting computer networks and other computer network attacks. The purpose of this study is to implement IDS on network systems and analyze IDS logs to determine the different types of computer network attacks. Logs on the IDS will be analyzed and will be used as leverage to improve computer network security. The research was carried out using the Network Forensic Investigation Framework proposed by Pilli, Joshi, and Niyogi. The stages of the Network Forensic Investigation Framework are used to perform network simulations, analysis, and investigations to determine the types of computer network attacks. The results show that the Network Forensic Investigation Framework facilitates the investigation process when a network attack occurs. The Network Forensic Investigation Framework is effectively used when the computer network has network security support applications such as IDS or others. IDS is effective in detecting network scanning activities and DOS attacks. IDS gives alerts to administrators because there are activities that violate the rules on the IDS.
APA, Harvard, Vancouver, ISO, and other styles
9

Hikmatyar, Firmansyah Gustav, and Bambang Sugiantoro. "Digital Forensic Analysis on Android Smartphones for Handling Cybercrime Cases." IJID (International Journal on Informatics for Development) 7, no. 2 (January 7, 2019): 19. http://dx.doi.org/10.14421/ijid.2018.07204.

Full text
Abstract:
As the times progressed, forensic science has developed rapidly. The science of forensics extends to new areas of technology ranging from digital forensics, computer forensics and mobile forensics. Mobile forensics in analyzing and collecting data is obtained from various resources, such as operating systems, communication lines and also various storage media. The most popular mobile operating system of the day is a smartphone based on android operating system. With android technology, criminals can use that technology as a crime medium ranging from overriding crime ideas, crime targets and crime scenarios. In this Final Project use forensic mobile application to get data residing in cell phone actors, in the form of text, sound, picture and video that have or not yet deleted in smartphone. In this study, a model for investigating the crime scene is the author using the Generic Computer Forensic Investigation Model (GCFIM). On the GCFIM model the investigator may be able to return to the previous stage because of the possibility of a changeable situation (both physical and digital), the investigation tools used, the crime tools used, and the level of investigative expertise. In this research also added weighting method of word TF-IDF, where this method can help to find keyword in digital evidence in the form of word / text.
APA, Harvard, Vancouver, ISO, and other styles
10

Baafi, Peter Oppong. "Tools For Cyber Forensics." Advances in Multidisciplinary and scientific Research Journal Publication 1, no. 1 (July 2022): 285–90. http://dx.doi.org/10.22624/aims/crp-bk3-p46.

Full text
Abstract:
Digital Forensics & Cyber Security Graduate Programme Department Of Information Systems & Innovations Ghana Institute of Management & Public Administration Greenhill, Accra, Ghana E-mails: peeuncle3@gmail.com Phone: +233242776968 ABSTRACT Digital forensics, or Cyber security, has become a vital part of almost every research, and digital forensics tools' users are becoming more diverse in their backgrounds and interests. As a result, usability is an important section of these tools. This paper investigates the usability aspect of forensics tools. The study results highlight several usability issues that need to be considered when designing and implementing digital forensics tools. Cyber-attacks are fast-moving and surging in number and severity. When the attacks occur, the attacked enterprise responds with predetermined actions. Applying digital forensics helps in recovering and investigating material on digital media and networks is one of these actions. Cyber Forensic Investigation includes the Capture and Analysis of digital data either to prove or disprove whether the internet-related theft has been committed or not. Earlier, Computers were used only to store large volumes of data and perform many operations on them, but nowadays, it has expanded and occupied a prior role in Crime Investigation. To solve these cyber-related problems, the selection and usage of Forensic tools are essential. The developers have created many cyber forensic tools for better research and quick investigation. Cop departments and investigation agencies select the tools based on various factors, including budget and available experts on the team. This paper describes the different types of existing computer forensic tools and their usage. The article gives detailed information on all related works by other scholars in the area of this paper. Keywords: Digital Forensics; Forensics, GUI, User Interface, Digital Forensics, and its framework, Cyber forensics tools. BOOK Chapter ǀ Research Nexus in IT, Law, Cyber Security & Forensics. Open Access. Distributed Free Citation: Peter Oppong Baafi (2022): Toosl For Cyber Forensics Book Chapter Series on Research Nexus in IT, Law, Cyber Security & Forensics. Pp 285-290 www.isteams.net/ITlawbookchapter2022. dx.doi.org/10.22624/AIMS/CRP-BK3-P46
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Computer forensic investigation"

1

Law, Yuet-wing, and 羅越榮. "Investigation models for emerging computer forensic challenges." Thesis, The University of Hong Kong (Pokfulam, Hong Kong), 2011. http://hub.hku.hk/bib/B46971324.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Sanyamahwe, Tendai. "Digital forensic model for computer networks." Thesis, University of Fort Hare, 2011. http://hdl.handle.net/10353/d1000968.

Full text
Abstract:
The Internet has become important since information is now stored in digital form and is transported both within and between organisations in large amounts through computer networks. Nevertheless, there are those individuals or groups of people who utilise the Internet to harm other businesses because they can remain relatively anonymous. To prosecute such criminals, forensic practitioners have to follow a well-defined procedure to convict responsible cyber-criminals in a court of law. Log files provide significant digital evidence in computer networks when tracing cyber-criminals. Network log mining is an evolution of typical digital forensics utilising evidence from network devices such as firewalls, switches and routers. Network log mining is a process supported by presiding South African laws such as the Computer Evidence Act, 57 of 1983; the Electronic Communications and Transactions (ECT) Act, 25 of 2002; and the Electronic Communications Act, 36 of 2005. Nevertheless, international laws and regulations supporting network log mining include the Sarbanes-Oxley Act; the Foreign Corrupt Practices Act (FCPA) and the Bribery Act of the USA. A digital forensic model for computer networks focusing on network log mining has been developed based on the literature reviewed and critical thought. The development of the model followed the Design Science methodology. However, this research project argues that there are some important aspects which are not fully addressed by South African presiding legislation supporting digital forensic investigations. With that in mind, this research project proposes some Forensic Investigation Precautions. These precautions were developed as part of the proposed model. The Diffusion of Innovations (DOI) Theory is the framework underpinning the development of the model and how it can be assimilated into the community. The model was sent to IT experts for validation and this provided the qualitative element and the primary data of this research project. From these experts, this study found out that the proposed model is very unique, very comprehensive and has added new knowledge into the field of Information Technology. Also, a paper was written out of this research project.
APA, Harvard, Vancouver, ISO, and other styles
3

Montasari, Reza. "The Comprehensive Digital Forensic Investigation Process Model (CDFIPM) for digital forensic practice." Thesis, University of Derby, 2016. http://hdl.handle.net/10545/620799.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Etow, Tambue Ramine. "IMPACT OF ANTI-FORENSICS TECHNIQUES ON DIGITAL FORENSICS INVESTIGATION." Thesis, Linnéuniversitetet, Institutionen för datavetenskap och medieteknik (DM), 2020. http://urn.kb.se/resolve?urn=urn:nbn:se:lnu:diva-97116.

Full text
Abstract:
Computer crimes have become very complex in terms of investigation and prosecution. This is mainly because forensic investigations are based on artifacts left oncomputers and other digital devices. In recent times, perpetrators of computer crimesare getting abreast of the digital forensics dynamics hence, capacitated to use someanti-forensics measures and techniques to obfuscate the investigation processes.Incases where such techniques are employed, it becomes extremely difficult, expensive and time consuming to carry out an effective investigation. This might causea digital forensics expert to abandon the investigation in a pessimistic manner.ThisProject work serves to practically demonstrate how numerous anti-forensics can bedeployed by the criminals to derail the smooth processes of digital forensic investigation with main focus on data hiding and encryption techniques, later a comparativestudy of the effectiveness of some selected digital forensics tools in analyzing andreporting shreds of evidence will be conducted.
APA, Harvard, Vancouver, ISO, and other styles
5

Fairbanks, Kevin D. "Forensic framework for honeypot analysis." Diss., Georgia Institute of Technology, 2010. http://hdl.handle.net/1853/33977.

Full text
Abstract:
The objective of this research is to evaluate and develop new forensic techniques for use in honeynet environments, in an effort to address areas where anti-forensic techniques defeat current forensic methods. The fields of Computer and Network Security have expanded with time to become inclusive of many complex ideas and algorithms. With ease, a student of these fields can fall into the thought pattern of preventive measures as the only major thrust of the topics. It is equally important to be able to determine the cause of a security breach. Thus, the field of Computer Forensics has grown. In this field, there exist toolkits and methods that are used to forensically analyze production and honeypot systems. To counter the toolkits, anti-forensic techniques have been developed. Honeypots and production systems have several intrinsic differences. These differences can be exploited to produce honeypot data sources that are not currently available from production systems. This research seeks to examine possible honeypot data sources and cultivate novel methods to combat anti-forensic techniques. In this document, three parts of a forensic framework are presented which were developed specifically for honeypot and honeynet environments. The first, TimeKeeper, is an inode preservation methodology which utilizes the Ext3 journal. This is followed with an examination of dentry logging which is primarily used to map inode numbers to filenames in Ext3. The final component presented is the initial research behind a toolkit for the examination of the recently deployed Ext4 file system. Each respective chapter includes the necessary background information and an examination of related work as well as the architecture, design, conceptual prototyping, and results from testing each major framework component.
APA, Harvard, Vancouver, ISO, and other styles
6

Bourg, Rachel. "Bloom Filters for Filesystem Forensics." ScholarWorks@UNO, 2006. http://scholarworks.uno.edu/td/1288.

Full text
Abstract:
Digital forensics investigations become more time consuming as the amount of data to be investigated grows. Secular growth trends between hard drive and memory capacity just exacerbate the problem. Bloom filters are space-efficient, probabilistic data structures that can represent data sets with quantifiable false positive rates that have the potential to alleviate the problem by reducing space requirements. We provide a framework using Bloom filters to allow fine-grained content identification to detect similarity, instead of equality. We also provide a method to compare filters directly and a statistical means of interpreting the results. We developed a tool--md5bloom--that uses Bloom filters for standard queries and direct comparisons. We provide a performance comparison with a commonly used tool, md5deep, and achieved a 50% performance gain that only increases with larger hash sets. We compared filters generated from different versions of KNOPPIX and detected similarities and relationships between the versions.
APA, Harvard, Vancouver, ISO, and other styles
7

Wang, Mengmeng, and 王萌萌. "Temporal analysis on HFS+ and across file systems in digital forensic investigation." Thesis, The University of Hong Kong (Pokfulam, Hong Kong), 2013. http://hub.hku.hk/bib/B50900122.

Full text
Abstract:
In computer forensics, digital evidence related to time is both important and complex. The rules of changes in time associated with digital evidence, such as files or folders, can be used to analyze certain user behaviors like data access, modification or transfer. However, the format and the rules in time information for user actions are quite different for different file systems, even for different versions of operating systems with the same file system. Some research on temporal analysis has already been done on NTFS and FAT file systems, while there are few resources that describe temporal analysis on the Hierarchical File System Plus (HFS+), the default file system in Apple computer. Moreover, removable devices like USB disks are used frequently; transferring files and folders between different devices with different file systems and operating systems happens more and more frequently, so the changes of times across different file systems are also crucial in digital forensics and investigations. In this research, the changes in time attributes of files and folders resulting from user actions on the HFS+ file system and across file systems are analyzed, and the rules of time are generated by inductive reasoning to help reconstruct crime scenes in the digital forensic investigation. Since inductive reasoning is not definitely true compared with deductive reasoning, experiments are performed to validate the rules. The usage of the rules is demonstrated by analyzing a case in details. The methods proposed here are efficient, practical and easy to put into practice in real scenarios.
published_or_final_version
Computer Science
Master
Master of Philosophy
APA, Harvard, Vancouver, ISO, and other styles
8

Sonnekus, Michael Hendrik. "A comparison of open source and proprietary digital forensic software." Thesis, Rhodes University, 2015. http://hdl.handle.net/10962/d1017939.

Full text
Abstract:
Scrutiny of the capabilities and accuracy of computer forensic tools is increasing as the number of incidents relying on digital evidence and the weight of that evidence increase. This thesis describes the capabilities of the leading proprietary and open source digital forensic tools. The capabilities of the tools were tested separately on digital media that had been formatted using Windows and Linux. Experiments were carried out with the intention of establishing whether the capabilities of open source computer forensics are similar to those of proprietary computer forensic tools, and whether these tools could complement one another. The tools were tested with regards to their capabilities to make and analyse digital forensic images in a forensically sound manner. The tests were carried out on each media type after deleting data from the media, and then repeated after formatting the media. The results of the experiments performed demonstrate that both proprietary and open source computer forensic tools have superior capabilities in different scenarios, and that the toolsets can be used to validate and complement one another. The implication of these findings is that investigators have an affordable means of validating their findings and are able to more effectively investigate digital media.
APA, Harvard, Vancouver, ISO, and other styles
9

Marziale, Lodovico. "Advanced Techniques for Improving the Efficacy of Digital Forensics Investigations." ScholarWorks@UNO, 2009. http://scholarworks.uno.edu/td/1027.

Full text
Abstract:
Digital forensics is the science concerned with discovering, preserving, and analyzing evidence on digital devices. The intent is to be able to determine what events have taken place, when they occurred, who performed them, and how they were performed. In order for an investigation to be effective, it must exhibit several characteristics. The results produced must be reliable, or else the theory of events based on the results will be flawed. The investigation must be comprehensive, meaning that it must analyze all targets which may contain evidence of forensic interest. Since any investigation must be performed within the constraints of available time, storage, manpower, and computation, investigative techniques must be efficient. Finally, an investigation must provide a coherent view of the events under question using the evidence gathered. Unfortunately the set of currently available tools and techniques used in digital forensic investigations does a poor job of supporting these characteristics. Many tools used contain bugs which generate inaccurate results; there are many types of devices and data for which no analysis techniques exist; most existing tools are woefully inefficient, failing to take advantage of modern hardware; and the task of aggregating data into a coherent picture of events is largely left to the investigator to perform manually. To remedy this situation, we developed a set of techniques to facilitate more effective investigations. To improve reliability, we developed the Forensic Discovery Auditing Module, a mechanism for auditing and enforcing controls on accesses to evidence. To improve comprehensiveness, we developed ramparser, a tool for deep parsing of Linux RAM images, which provides previously inaccessible data on the live state of a machine. To improve efficiency, we developed a set of performance optimizations, and applied them to the Scalpel file carver, creating order of magnitude improvements to processing speed and storage requirements. Last, to facilitate more coherent investigations, we developed the Forensic Automated Coherence Engine, which generates a high-level view of a system from the data generated by low-level forensics tools. Together, these techniques significantly improve the effectiveness of digital forensic investigations conducted using them.
APA, Harvard, Vancouver, ISO, and other styles
10

Hashim, Noor Hayati. "An architecture for the forensic analysis of Windows system generated artefacts." Thesis, University of South Wales, 2011. https://pure.southwales.ac.uk/en/studentthesis/forensic-analysis-of-windows-system-generated-artefacts(be571569-2afe-4d52-8c99-9dbc8388b1db).html.

Full text
Abstract:
Computer forensic tools have been developed to enable forensic investigators to analyse software artefacts to help reconstruct possible scenarios for activity on a particular computer system. A number of these tools allow the examination and analysis of system generated artefacts such as the Windows registry. Examination and analysis of these artefacts is focussed on recovering the data extracting information relevant to a digital investigation. This information is currently underused in most digital investigations. With this in mind, this thesis considers system generated artefacts that contain information concerning the activities that occur on a Windows system and will often contain evidence relevant to a digital investigation. The objective of this research is to develop an architecture that simplifies and automates the collection of forensic evidence from system generated files where the data structures may be either known or in a structured but poorly understood (unknown) format. The hypothesis is that it should be feasible to develop an architecture that will be to integrate forensic data extracted from a range of system generated files and to implement a proof of concept prototype tool, capable of visualising the Event logs and Swap files. This thesis presents an architecture to enable the forensic investigator to analyse and visualise a range of system generated artefacts for which the internal arrangement of data is either well structured and understood or those for which the internal arrangement of the data is unclear or less publicised (known and not known data structures). The architecture reveals methods to access, view and analyse system generated artefacts. The architecture is intended to facilitate the extraction and analysis of operating system generated artefacts while being extensible, flexible and reusable. The architectural concepts are tested using a prototype implementation focussed the Windows Event Logs and the Swap Files. Event logs reveal evidence regarding logons, authentication, account and privilege use and can address questions relating to which user accounts were being used and which machines were accessed. Swap file contains fragments of data, remnants or entire documents, e-mail messages or results of internet browsing which reveal past user activities. Issues relating to understanding and visualising artefacts data structure are discussed and possible solutions are explored. The architecture is developed by examining the requirements and methods with respect to the needs of computer forensic investigations and forensic process models with the intention to develop a new multiplatform tool to visualise the content of Event logs and Swap files. This tool is aimed at displaying data contained in event logs and swap files in a graphical manner. This should enable the detection of information which may support the investigation. Visualisation techniques can also aid the forensic investigators in identifying suspicious events and files, making such techniques more feasible for consideration in a wider range of cases and, in turn, improve standard procedures. The tool is developed to fill a gap between capabilities of certain other open source tools which visualise the Event logs and Swap files data in a text based format only.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Books on the topic "Computer forensic investigation"

1

Okedeji, Abioye. Computer forensic investigation. London: University of East London, 2003.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
2

Johnson, Thomas Alfred. Forensic computer crime investigation. Boca Raton: CRC, Taylor & Francis, 2006.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
3

Computer forensics: Computer crime scene investigation. 2nd ed. Hingham, Mass: Charles River Media, 2005.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
4

Vacca, John R. Computer forensics: Computer crime scene investigation. 3rd ed. Sudbury, Mass: Jones and Bartlett Publishers, 2010.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
5

Computer forensics: Computer crime scene investigation. Hingham, Mass: Charles River Media, 2002.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
6

Computer evidence: A forensic investigations handbook. London: Sweet & Maxwell, 1997.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
7

Wireless Crime and Forensic Investigation. London: Taylor and Francis, 2007.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
8

Gregory, Kipper, and ScienceDirect (Online service), eds. Virtualization and forensics: A digital forensic investigator's guide to virtual environments. Amsterdam: Syngress/Elsevier, 2010.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
9

Prosise, Chris. Incident response & computer forensics. 2nd ed. New York: McGraw-Hill/Osborne, 2003.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
10

K, Rudolph, ed. System forensics, investigation, and response. Sudbury, MA: Jones & Bartlett Learning, 2010.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
More sources

Book chapters on the topic "Computer forensic investigation"

1

Pajek, Przemyslaw, and Elias Pimenidis. "Computer Anti-forensics Methods and Their Impact on Computer Forensic Investigation." In Global Security, Safety, and Sustainability, 145–55. Berlin, Heidelberg: Springer Berlin Heidelberg, 2009. http://dx.doi.org/10.1007/978-3-642-04062-7_16.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Lim, Kyung-Soo, and Changhoon Lee. "Applying Forensic Approach to Live Investigation Using XeBag." In Computer Science and its Applications, 389–97. Dordrecht: Springer Netherlands, 2012. http://dx.doi.org/10.1007/978-94-007-5699-1_38.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Singh, Avinash, Adeyemi R. Ikuesan, and Hein S. Venter. "Digital Forensic Readiness Framework for Ransomware Investigation." In Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, 91–105. Cham: Springer International Publishing, 2018. http://dx.doi.org/10.1007/978-3-030-05487-8_5.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Patil, Vaibhav T., and Amrita A. Manjrekar. "A Novel Approach for Monitoring SQL Anti-Forensic Attacks Using Pattern Matching for Digital Forensic Investigation." In Communications in Computer and Information Science, 162–67. Berlin, Heidelberg: Springer Berlin Heidelberg, 2013. http://dx.doi.org/10.1007/978-3-642-40576-1_16.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Hou, Shuhui, Ryoichi Sasaki, Tetsutaro Uehara, and Siuming Yiu. "Verifying Data Authenticity and Integrity in Server-Aided Confidential Forensic Investigation." In Lecture Notes in Computer Science, 312–17. Berlin, Heidelberg: Springer Berlin Heidelberg, 2013. http://dx.doi.org/10.1007/978-3-642-36818-9_33.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Simou, Stavros, Christos Kalloniatis, Stefanos Gritzalis, and Vasilis Katos. "A Revised Forensic Process for Aligning the Investigation Process with the Design of Forensic-Enabled Cloud Services." In Communications in Computer and Information Science, 161–77. Cham: Springer International Publishing, 2019. http://dx.doi.org/10.1007/978-3-030-37545-4_11.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Zhou, Qin, and Nigel Poole. "Forensic Investigation of the Soft-Modded PlayStation Portable (PSP)." In Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, 50–56. Berlin, Heidelberg: Springer Berlin Heidelberg, 2010. http://dx.doi.org/10.1007/978-3-642-11530-1_6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Rekhis, Slim, and Noureddine Boudriga. "A Temporal Logic-Based Model for Forensic Investigation in Networked System Security." In Lecture Notes in Computer Science, 325–38. Berlin, Heidelberg: Springer Berlin Heidelberg, 2005. http://dx.doi.org/10.1007/11560326_25.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Johnson, Chris. "Forensic Software Engineering and the Need for New Approaches to Accident Investigation." In Computer Safety, Reliability and Security, 420–29. Berlin, Heidelberg: Springer Berlin Heidelberg, 2000. http://dx.doi.org/10.1007/3-540-40891-6_36.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Nissan, Ephraim. "The Forensic Disciplines: Some Areas of Actual or Potential Application." In Computer Applications for Handling Legal Evidence, Police Investigation and Case Argumentation, 841–989. Dordrecht: Springer Netherlands, 2011. http://dx.doi.org/10.1007/978-90-481-8990-8_8.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Computer forensic investigation"

1

Anani-Manyo, Nina, and Rui Liu. "Computer Vision and Forensic Investigation." In Ninth Congress on Forensic Engineering. Reston, VA: American Society of Civil Engineers, 2022. http://dx.doi.org/10.1061/9780784484548.061.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Stander, Adrie, and Kevin Johnston. "The Need for and Contents of a Course in Forensic Information Systems & Computer Science at the University of Cape Town." In InSITE 2007: Informing Science + IT Education Conference. Informing Science Institute, 2007. http://dx.doi.org/10.28945/3058.

Full text
Abstract:
This paper aims to investigate the need for and contents of a course in forensic Information Systems and Computer Science at UCT. In order to do this, the reader is introduced to computer crime and shown how the forensic process of identifying, preserving, recovering, analyzing, and documenting computer data supposedly used in crimes committed using computers is helping in investigating and solving these types of crime. An actual forensic approach known as the End-to-End Digital Investigation is also discussed.
APA, Harvard, Vancouver, ISO, and other styles
3

Singh, Nanhay. "Digital Image Steganalysis for Computer Forensic Investigation." In The Second International Conference on Computer Science, Engineering and Applications. Academy & Industry Research Collaboration Center (AIRCC), 2012. http://dx.doi.org/10.5121/csit.2012.2217.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Singh, Kumar Shanu, Annie Irfan, and Neelam Dayal. "Cyber Forensics and Comparative Analysis of Digital Forensic Investigation Frameworks." In 2019 4th International Conference on Information Systems and Computer Networks (ISCON). IEEE, 2019. http://dx.doi.org/10.1109/iscon47742.2019.9036214.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Powar, Varsha, Amruta Kulkami, Renuka Lokare, and Aishwarya Lonkar. "Skin detection for forensic investigation." In 2013 International Conference on Computer Communication and Informatics (ICCCI). IEEE, 2013. http://dx.doi.org/10.1109/iccci.2013.6466122.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Saidi, Raihana Md, Siti Arpah Ahmad, Noorhayati Mohamed Noor, and Rozita Yunos. "Windows registry analysis for forensic investigation." In 2013 International Conference on Technological Advances in Electrical, Electronics and Computer Engineering (TAEECE). IEEE, 2013. http://dx.doi.org/10.1109/taeece.2013.6557209.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Studiawan, Hudan, Ferdous Sohel, and Christian Payne. "Automatic Event Log Abstraction to Support Forensic Investigation." In ACSW '20: Australasian Computer Science Week 2020. New York, NY, USA: ACM, 2020. http://dx.doi.org/10.1145/3373017.3373018.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Bhatt, Parth, and Edgar Yano. "Analyzing Targeted Attacks using Hadoop applied to Forensic Investigation." In The Eighth International Conference on Forensic Computer Science. Abeat, 2013. http://dx.doi.org/10.5769/c2013004.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Qu, Chengchao, Jurgen Metzler, and Eduardo Monari. "ivisX: An Integrated Video Investigation Suite for Forensic Applications." In 2018 IEEE Winter Applications of Computer Vision Workshops (WACVW). IEEE, 2018. http://dx.doi.org/10.1109/wacvw.2018.00007.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Alalwan, Nasser, Ahmed Alzahran, and Mohamed Sarrab. "Cybercrime Investigation Challenges for Gulf Cooperation Council Governments: A Survey." In The Eighth International Conference on Forensic Computer Science. Abeat, 2013. http://dx.doi.org/10.5769/c2013005.

Full text
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Computer forensic investigation' for particular source types:
Journal articles Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography