Relevant bibliographies by topics / Digital Forensic investigations

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers
  6. Reports

Academic literature on the topic 'Digital Forensic investigations'

Author: Grafiati
Published: 4 June 2021
Last updated: 1 February 2022

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'Digital Forensic investigations.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "Digital Forensic investigations"

1

Aziz, Benjamin, Clive Blackwell, and Shareeful Islam. "A Framework for Digital Forensics and Investigations." International Journal of Digital Crime and Forensics 5, no. 2 (April 2013): 1–22. http://dx.doi.org/10.4018/jdcf.2013040101.

Full text
Abstract:
Digital forensics investigations are an important task for collecting evidence based on the artifacts left in computer systems for computer related crimes. The requirements of such investigations are often a neglected aspect in most of the existing models of digital investigations. Therefore, a formal and systematic approach is needed to provide a framework for modeling and reasoning about the requirements of digital investigations. In addition, anti-forensics situations make the forensic investigation process challenging by contaminating any stage of the investigation process, its requirements, or by destroying the evidence. Therefore, successful forensic investigations require understanding the possible anti-forensic issues during the investigation. In this paper, the authors present a new method for guiding digital forensics investigations considering the anti-forensics based on goal-driven requirements engineering methodologies, in particular KAOS. Methodologies like KAOS facilitate modeling and reasoning about goals, requirements and obstacles, as well as their operationalization and responsibility assignments. The authors believe that this new method will lead in the future to better management and organization of the various steps of forensics investigations in cyberspace as well as provide more robust grounds for reasoning about forensic evidence.
APA, Harvard, Vancouver, ISO, and other styles
2

Sabillon, Regner, Jordi Serra-Ruiz, Victor Cavaller, and Jeimy J. Cano. "Digital Forensic Analysis of Cybercrimes." International Journal of Information Security and Privacy 11, no. 2 (April 2017): 25–37. http://dx.doi.org/10.4018/ijisp.2017040103.

Full text
Abstract:
This paper reviews the existing methodologies and best practices for digital investigations phases like collecting, evaluating and preserving digital forensic evidence and chain of custody of cybercrimes. Cybercriminals are adopting new strategies to launch cyberattacks within modified and ever changing digital ecosystems, this article proposes that digital investigations must continually readapt to tackle cybercrimes and prosecute cybercriminals, working in international collaboration networks, sharing prevention knowledge and lessons learned. The authors also introduce a compact cyber forensics model for diverse technological ecosystems called Cyber Forensics Model in Digital Ecosystems (CFMDE). Transferring the knowledge, international collaboration, best practices and adopting new digital forensic tools, methodologies and techniques will be hereinafter paramount to obtain digital evidence, enforce organizational cybersecurity policies, mitigate security threats, fight anti-forensics practices and indict cybercriminals. The global Digital Forensics community ought to constantly update current practices to deal with cybercriminality and foreseeing how to prepare to new technological environments where change is always constant.
APA, Harvard, Vancouver, ISO, and other styles
3

Ferguson, R. I., Karen Renaud, Sara Wilford, and Alastair Irons. "PRECEPT: a framework for ethical digital forensics investigations." Journal of Intellectual Capital 21, no. 2 (March 9, 2020): 257–90. http://dx.doi.org/10.1108/jic-05-2019-0097.

Full text
Abstract:
PurposeCyber-enabled crimes are on the increase, and law enforcement has had to expand many of their detecting activities into the digital domain. As such, the field of digital forensics has become far more sophisticated over the years and is now able to uncover even more evidence that can be used to support prosecution of cyber criminals in a court of law. Governments, too, have embraced the ability to track suspicious individuals in the online world. Forensics investigators are driven to gather data exhaustively, being under pressure to provide law enforcement with sufficient evidence to secure a conviction.Yet, there are concerns about the ethics and justice of untrammeled investigations on a number of levels. On an organizational level, unconstrained investigations could interfere with, and damage, the organization's right to control the disclosure of their intellectual capital. On an individual level, those being investigated could easily have their legal privacy rights violated by forensics investigations. On a societal level, there might be a sense of injustice at the perceived inequality of current practice in this domain.This paper argues the need for a practical, ethically grounded approach to digital forensic investigations, one that acknowledges and respects the privacy rights of individuals and the intellectual capital disclosure rights of organizations, as well as acknowledging the needs of law enforcement. The paper derives a set of ethical guidelines, and then maps these onto a forensics investigation framework. The framework to expert review in two stages is subjected, refining the framework after each stage. The paper concludes by proposing the refined ethically grounded digital forensics investigation framework. The treatise is primarily UK based, but the concepts presented here have international relevance and applicability.Design/methodology/approachIn this paper, the lens of justice theory is used to explore the tension that exists between the needs of digital forensic investigations into cybercrimes on the one hand, and, on the other, individuals' rights to privacy and organizations' rights to control intellectual capital disclosure.FindingsThe investigation revealed a potential inequality between the practices of digital forensics investigators and the rights of other stakeholders. That being so, the need for a more ethically informed approach to digital forensics investigations, as a remedy, is highlighted and a framework proposed to provide this.Research limitations/implicationsThe proposed ethically informed framework for guiding digital forensics investigations suggests a way of re-establishing the equality of the stakeholders in this arena, and ensuring that the potential for a sense of injustice is reduced.Originality/valueJustice theory is used to highlight the difficulties in squaring the circle between the rights and expectations of all stakeholders in the digital forensics arena. The outcome is the forensics investigation guideline, PRECEpt: Privacy-Respecting EthiCal framEwork, which provides the basis for a re-aligning of the balance between the requirements and expectations of digital forensic investigators on the one hand, and individual and organizational expectations and rights, on the other.
APA, Harvard, Vancouver, ISO, and other styles
4

Mualfah, Desti, and Rizdqi Akbar Ramadhan. "Analisis Forensik Metadata Kamera CCTV Sebagai Alat Bukti Digital." Digital Zone: Jurnal Teknologi Informasi dan Komunikasi 11, no. 2 (November 7, 2020): 257–67. http://dx.doi.org/10.31849/digitalzone.v11i2.5174.

Full text
Abstract:
Kejahatan konvensial yang terekam kamera CCTV (Closed Circuit Televison) semakin banyak ditemukan di masyarakat, setiap pelaku kejahatan yang terbukti melakukan tindak pidana tertentu akan dihukum sesuai dengan peraturan perundang-undangan. Kamera CCTV memiliki peran penting dalam keamanan, banyak diantaranya hasil tangkapan rekaman kamera CCTV dijadikan sebagai alat bukti digital. Tantangannya adalah bagaimana teknik yang diperlukan untuk penanganan khusus investigasi digital forensik dalam mencari bukti ditgital rekaman kamera CCTV menggunakan metode live forensik, yaitu ketika barang bukti dalam keadan aktif berdasarkan pedoman SNI 27037:2014 sesuai acuan kerangka kerja Common Phases of Computer Forensics Investigation Models untuk di implementasikan ke dalam dokumen Chain of Custody. Hasil penelitian ini berupa hasil analisis video rekaman kamera CCTV tentang karakteristik bukti digital dan informasi metadata yang digunakan untuk memberikan penjelasan komprehensif secara terstruktur serta acuan pengelolaan informasi data yang didapat dari hasil investigasi digital forensik yang dapat dipertanggungjawabkan dalam persidangan. Kata kunci: Bukti Digital, Live Forensik, Metadata, Kamera CCTV, Chain of Custody. Abstract Conventional crimes that are recorded on CCTV (Closed Circuit Television) cameras are increasingly being found in society, every crime that commits certain crimes will be in accordance with statutory regulations. CCTV cameras have an important role in security, many of which are recorded by CCTV cameras used as digital evidence. The challenge is how the techniques required for special handling, digital forensics in searching for digital evidence of CCTV camera footage using the live forensic method, namely when the evidence is in an active state based on the latest SNI 27037: 2014 according to the framework reference Common Phases of Computer Forensics Investigation Models for in implement it into the Chain of Custody document. These results of this research are in the form of analysis of CCTV camera video recordings about the characteristics of digital evidence and metadata information used to provide a structured comprehensive explanation and reference data management information obtained from the results of digital forensic investigations that can be accounted for in court. Keywords: Digital Evidence, Live Forensic, Metadata, CCTV Camera, Chain of Custady.
APA, Harvard, Vancouver, ISO, and other styles
5

Jiang, Jian Guo, Bo Yang, Sen Lin, Ming Xing Zhang, and Kun Ying Liu. "A Practical Approach for Digital Forensic Triage." Applied Mechanics and Materials 742 (March 2015): 437–44. http://dx.doi.org/10.4028/www.scientific.net/amm.742.437.

Full text
Abstract:
In order to uncover truths to serve justice, case-related data collected from a digital investigation requires substantial resources to analyze, especially in time-critical situations. At present, however, digital forensics has not evolved to meet this ever-increasing demand. Digital forensic triage is a promising solution, as it is designed to maximize the use of resources according to a system of priorities, and hence the efficiency and effectiveness of forensic examinations can be increased. Nevertheless, the lack of concrete methods limits efforts to implement triage. This paper presents a practical approach that is designed to build a prioritizing solution. In this work a new process model is derived based on the presented approach, and it is particularly suited to scenarios where forensic examiners do not have enough time and resources to conduct a full examination and analysis. An example is described to demonstrate how this approach can be used to meet the requirements of network forensic investigations.
APA, Harvard, Vancouver, ISO, and other styles
6

Zav’yalova, D. V. "Current Capacities of Digital Forensics for Investigations of Different Types of Crimes." Theory and Practice of Forensic Science 15, no. 3 (October 23, 2020): 89–97. http://dx.doi.org/10.30764/1819-2785-2020-3-89-97.

Full text
Abstract:
The article focuses on the present state of digital forensics and its potential when investigating different types of crimes with a “digital” element. It also presents a brief historical overview of the development of digital forensics as an independent type of forensic examination, its theoretical framework.The paper presents a summary of the practice of the Laboratory of Digital Forensics of the Russian Federal Centre of Forensic Science of the Russian Ministry of Justice over 2017–2019. In the course of the summary, the author analyses typical questions to experts, the percentage of cases’ categories, the most common objects of the expertise, and experts’ opinions, their form, and completeness. Following the summary’s results, the most frequent investigators’ requests for this kind of examination have been highlighted. Also, typical errors at appointing the expertise have been revealed.The author presents a prognosis for the further development of digital forensics and proposes strategies and measures to minimize the errors at the appointment of the examinations and unsustainable expenditure of resources in appointment and conduct of this type of research.
APA, Harvard, Vancouver, ISO, and other styles
7

Karabiyik, Umit, and Tugba Karabiyik. "A Game Theoretic Approach for Digital Forensic Tool Selection †." Mathematics 8, no. 5 (May 12, 2020): 774. http://dx.doi.org/10.3390/math8050774.

Full text
Abstract:
Digital forensic investigations are getting harder and more time consuming everyday because of various problems including rapid advances in technology, wide variety of available devices in investigations, and large amount of data to be analyzed. In order to tackle with these issues, digital forensic tools are developed by open-source communities and software companies. These software products are released as a complete toolkit or standalone tools targeting specific tasks. In either case, digital forensic investigators use these tools based on their familiarity because of previous training experiences, available funding from their agencies/businesses, tool’s ease of use, etc. Moreover, using additional tools to verify the findings is a common practice in digital forensic investigations. This is particularly common when the previously selected tools do not generate an expected output. In this paper, we propose a game theoretic approach to the tool selection problem in order to help investigators to make a decision on which digital forensic tool to use. We particularly focused on file carving tool usage when building and analyzing our model because of the available data on these tools. Our results show how important it is to investigate the dynamics of strategy changes between the tools during an investigation to increase the efficiency of the investigation using game theoretic modeling.
APA, Harvard, Vancouver, ISO, and other styles
8

Montasari, Reza, Richard Hill, Simon Parkinson, Pekka Peltola, Amin Hosseinian-Far, and Alireza Daneshkhah. "Digital Forensics." International Journal of Organizational and Collective Intelligence 10, no. 2 (April 2020): 37–53. http://dx.doi.org/10.4018/ijoci.2020040103.

Full text
Abstract:
Considering the ever-growing ubiquity of technology, there is an associated growth in the possibility of digital devices related to a criminal investigation or civil litigation. As the variety of digital devices is increasing, the storage capacity of each is also rising exponentially. Due to the varied and large volumes of data produced, law enforcement agencies (LEAs) worldwide are facing a significant backlog of cases. This has culminated in significant delays in dealing with cases that urgently require digital forensic investigations (DFIs). It is of paramount importance that new research approaches be adopted to address such challenges. This article evaluates the existing set of circumstances surrounding the field of digital forensics (DF). The article provides two important contributions to the field of DF; it identifies and analyses the most important mid- and long-term challenges that need to be considered by LEAs. It also proposes important specific future research directions, the undertaking of which can assist LEAs in adopting a new approach to addressing these challenges.
APA, Harvard, Vancouver, ISO, and other styles
9

Li, Xiu Zhi, Bao Ling Qin, Huan Qiu, and Song Min Jia. "Sparse Lp-Norm Based ICP for 3D Registration." Applied Mechanics and Materials 742 (March 2015): 433–36. http://dx.doi.org/10.4028/www.scientific.net/amm.742.433.

Full text
Abstract:
In order to uncover truths to serve justice, case-related data collected from a digital investigation requires substantial resources to analyze, especially in time-critical situations. At present, however, digital forensics has not evolved to meet this ever-increasing demand. Digital forensic triage is a promising solution, as it is designed to maximize the use of resources according to a system of priorities, and hence the efficiency and effectiveness of forensic examinations can be increased. Nevertheless, the lack of concrete methods limits efforts to implement triage. This paper presents a practical approach that is designed to build a prioritizing solution. In this work a newprocess model is derived based on the presented approach, and it is particularly suited to scenarios where forensic examiners do not have enough time and resources to conduct a full examination and analysis. An example is described to demonstrate how this approach can be used to meet the requirements of network forensic investigations.
APA, Harvard, Vancouver, ISO, and other styles
10

Nortje, Jacobus Gerhardus, and Daniel Christoffel Myburgh. "The Search and Seizure of Digital Evidence by Forensic Investigators in South Africa." Potchefstroom Electronic Law Journal 22 (April 25, 2019): 1–42. http://dx.doi.org/10.17159/1727-3781/2019/v22i0a4886.

Full text
Abstract:
The discipline of digital forensics requires a combination of skills, qualifications and knowledge in the area of forensic investigation, legal aspects and information technology. The uniqueness of digital evidence makes the adoption of traditional legal approaches problematic. Information technology terminology is currently used interchangeably without any regard to being unambiguous and consistent in relation to legal texts. Many of the information technology terms or concepts have not yet achieved legal recognition. The recognition and standardisation of terminology within a legal context are of the utmost importance to ensure that miscommunication does not occur. To provide clarity or guidance on some of the terms and concepts applicable to digital forensics and for the search and seizure of digital evidence, some of the concepts and terms are reviewed and discussed, using the Criminal Procedure Act 51 of 1977 as a point of departure. Digital evidence is often collected incorrectly and analysed ineffectively or simply overlooked due to the complexities that digital evidence poses to forensic investigators. As with any forensic science, specific regulations, guidelines, principles or procedures should be followed to meet the objectives of investigations and to ensure the accuracy and acceptance of findings. These regulations, guidelines, principles or procedures are discussed within the context of digital forensics: what processes should be followed and how these processes ensure the acceptability of digital evidence. These processes include international principles and standards such as those of the Association of Chiefs of Police Officers and the International Organisation of Standardisation. A summary is also provided of the most influential or best-recognised international (IOS) standards on digital forensics. It is concluded that the originality, reliability, integrity and admissibility of digital evidence should be maintained as follows: Data should not be changed or altered. Original evidence should not be directly examined. Forensically sound duplicates should be created. Digital forensic analyses should be performed by competent persons. Digital forensic analyses should adhere to relevant local legal requirements. Audit trails should exist consisting of all required documents and actions. The chain of custody should be protected. Processes and procedures should be proper, while recognised and accepted by the industry. If the ACPO (1997) principles and ISO/IEC 27043 and 27037 Standards are followed as a forensic framework, then digital forensic investigators should follow these standards as a legal framework.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "Digital Forensic investigations"

1

Marziale, Lodovico. "Advanced Techniques for Improving the Efficacy of Digital Forensics Investigations." ScholarWorks@UNO, 2009. http://scholarworks.uno.edu/td/1027.

Full text
Abstract:
Digital forensics is the science concerned with discovering, preserving, and analyzing evidence on digital devices. The intent is to be able to determine what events have taken place, when they occurred, who performed them, and how they were performed. In order for an investigation to be effective, it must exhibit several characteristics. The results produced must be reliable, or else the theory of events based on the results will be flawed. The investigation must be comprehensive, meaning that it must analyze all targets which may contain evidence of forensic interest. Since any investigation must be performed within the constraints of available time, storage, manpower, and computation, investigative techniques must be efficient. Finally, an investigation must provide a coherent view of the events under question using the evidence gathered. Unfortunately the set of currently available tools and techniques used in digital forensic investigations does a poor job of supporting these characteristics. Many tools used contain bugs which generate inaccurate results; there are many types of devices and data for which no analysis techniques exist; most existing tools are woefully inefficient, failing to take advantage of modern hardware; and the task of aggregating data into a coherent picture of events is largely left to the investigator to perform manually. To remedy this situation, we developed a set of techniques to facilitate more effective investigations. To improve reliability, we developed the Forensic Discovery Auditing Module, a mechanism for auditing and enforcing controls on accesses to evidence. To improve comprehensiveness, we developed ramparser, a tool for deep parsing of Linux RAM images, which provides previously inaccessible data on the live state of a machine. To improve efficiency, we developed a set of performance optimizations, and applied them to the Scalpel file carver, creating order of magnitude improvements to processing speed and storage requirements. Last, to facilitate more coherent investigations, we developed the Forensic Automated Coherence Engine, which generates a high-level view of a system from the data generated by low-level forensics tools. Together, these techniques significantly improve the effectiveness of digital forensic investigations conducted using them.
APA, Harvard, Vancouver, ISO, and other styles
2

De, Souza Pedro. "A Chain of findings for digital investigations." Diss., University of Pretoria, 2013. http://hdl.handle.net/2263/40842.

Full text
Abstract:
Digital Forensic investigations play a vital role in our technologically enhanced world, and it may incorporate a number of different types of evidence — ranging from digital to physical. During a Digital Forensics investigation an investigator may formulate a number of hypotheses, and in order to reason objectively about them, an investigator must take into account such evidence in its entirety, relying on multiple sources. When formulating such objective reasoning an investigator must take into account not only inculpatory evidence but also exculpatory evidence and evidence of tampering. In addition, the investigator must factor in the reliability of the evidence used, the potential for error (tool and human based) and they must factor in the certainty with which they can make various claims. By doing so and creating a detailed audit trail of all actions performed by the investigator they can be better prepared against challenges against their work when it is presented. An investigator must also take into account the dynamic aspects of an investigation, such as certain evidence no longer being admissible, and they must continuously factor these aspects into their reasoning, to ensure that their conclusions still hold. Investigations may draw over a large period of time, and should the relevant information not be captured in detail, it may be lost or forgotten, affecting the reliability of an investigator’s findings and affecting future investigators’ capability to build on and continue an investigator’s work. In this dissertation we investigate whether it is possible to provide a formalised means for capturing and encoding an investigator’s reasoning process, in a detailed and structured manner. By this we mean we would like to capture and encode an investigator’s hypotheses, their arguments, their conclusions and the certainty with which they can make such claims, as well as the various pieces of evidence (digital and physical) that they use as a foundation for their arguments. We also want to capture the steps an investigator took when formulating these arguments and the steps an investigator took in order to get evidence into its intended form. The capturing of such a detailed reasoning process helps to allow for a more thorough reconstruction of an investigator’s finding, further improving the reliability that can be placed in them. By encoding the investigator’s reasoning process, an investigator can more easily receive feedback on the impacts that the various dynamic aspects of an investigation have upon their reasoning. In order to achieve these goals, our dissertation presents a model, called the Chain of Findings, allowing investigators to formulate and capture their reasoning process throughout the investigation, using a combination of goal-driven and data-driven approaches. When formulating their reasoning, the model allows investigators to treat evidence, digital and physical, uniformly as building blocks for their arguments and capture detailed information of how and why they serve their role in an investigator’s reasoning process. In addition, the Chain of Findings offers a number of other uses and benefits including the training of investigators and Digital Forensic Readiness.
Dissertation (MSc)--University of Pretoria, 2013.
gm2014
Computer Science
unrestricted
APA, Harvard, Vancouver, ISO, and other styles
3

Hansen, Tone. "A Digital Tool to Improve the Efficiency of IT Forensic Investigations." Thesis, Högskolan i Halmstad, Akademin för informationsteknologi, 2019. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-40232.

Full text
Abstract:
The IT forensic process causing bottlenecks in investigations is an identified issue, with multiple underlying causes – one of the main causes being the lack of expertise among those responsible for ordering IT forensic investigations. The focus of the study is to create and evaluate a potential solution for this problem, aiming to answer research questions related to a suitable architecture, structure and design of a digital tool that would assist individuals in creating IT forensic orders. This work evaluates concepts of such a digital tool. This is done using a grounded theory approach, where a series of test sessions together with the answers from a survey have been examined and analyzed in an iterative process. A low-fidelity prototype is used in the process. The resulting conclusion of the study is a set of concepts, ideas and principles for a digital tool that would aid in the IT forensic ordering process, as well improving the efficiency of the IT forensic process itself. Future work could involve developing the concept further to eventually become a finished product, or using it for improving already existing systems and tools, improving the efficiency and quality of the IT forensic process.
APA, Harvard, Vancouver, ISO, and other styles
4

Patterson, Farrah M. "The implications of virtual environments in digital forensic investigations." Master's thesis, University of Central Florida, 2011. http://digital.library.ucf.edu/cdm/ref/collection/ETD/id/4819.

Full text
Abstract:
This research paper discusses the role of virtual environments in digital forensic investigations. With virtual environments becoming more prevalent as an analysis tool in digital forensic investigations, it's becoming more important for digital forensic investigators to understand the limitation and strengths of virtual machines. The study aims to expose limitations within commercial closed source virtual machines and open source virtual machines. The study provides a brief overview of history digital forensic investigations and virtual environments, and concludes with an experiment with four common open and closed source virtual machines; the effects of the virtual machines on the host machine as well as the performance of the virtual machine itself. My findings discovered that while the open source tools provided more control and freedom to the operator, the closed source tools were more stable and consistent in their operation. The significance of these findings can be further researched by applying them in the context of exemplifying reliability of forensic techniques when presented as analysis tool used in litigation.
ID: 030646240; System requirements: World Wide Web browser and PDF reader.; Mode of access: World Wide Web.; Thesis (M.S.)--University of Central Florida, 2011.; Includes bibliographical references (p. 46).
M.S.
Masters
Computer Science
Engineering and Computer Science
Digital Forensics; Science/Computing Track
APA, Harvard, Vancouver, ISO, and other styles
5

Liljekvist, Erika, and Oscar Hedlund. "Uncovering Signal : Simplifying Forensic Investigations of the Signal Application." Thesis, Högskolan i Halmstad, Akademin för informationsteknologi, 2021. http://urn.kb.se/resolve?urn=urn:nbn:se:hh:diva-44835.

Full text
Abstract:
The increasing availability of easy-to-use end-to-end encrypted messaging applications has made it possible for more people to conduct their conversations privately. This is something that criminals have taken advantage of and it has proven to make digital forensic investigations more difficult as methods of decrypting the data are needed. In this thesis, data from iOS and Windows devices is extracted and analysed, with focus on the application Signal. Even though other operating systems are compatible with the Signal application, such as Android, it is outside the scope of this thesis. The results of this thesis provide access to data stored in the encrypted application Signalwithout the need for expensive analysis tools. This is done by developing and publishing the first open-source script for decryption and parsing of the Signal database. The script is available for anyone at https://github.com/decryptSignal/decryptSignal.
APA, Harvard, Vancouver, ISO, and other styles
6

Hargreaves, C. J. "Assessing the Reliability of Digital Evidence from Live Investigations Involving Encryption." Thesis, Department of Informatics and Sensors, 2009. http://hdl.handle.net/1826/4007.

Full text
Abstract:
The traditional approach to a digital investigation when a computer system is encountered in a running state is to remove the power, image the machine using a write blocker and then analyse the acquired image. This has the advantage of preserving the contents of the computer’s hard disk at that point in time. However, the disadvantage of this approach is that the preservation of the disk is at the expense of volatile data such as that stored in memory, which does not remain once the power is disconnected. There are an increasing number of situations where this traditional approach of ‘pulling the plug’ is not ideal since volatile data is relevant to the investigation; one of these situations is when the machine under investigation is using encryption. If encrypted data is encountered on a live machine, a live investigation can be performed to preserve this evidence in a form that can be later analysed. However, there are a number of difficulties with using evidence obtained from live investigations that may cause the reliability of such evidence to be questioned. This research investigates whether digital evidence obtained from live investigations involving encryption can be considered to be reliable. To determine this, a means of assessing reliability is established, which involves evaluating digital evidence against a set of criteria; evidence should be authentic, accurate and complete. This research considers how traditional digital investigations satisfy these requirements and then determines the extent to which evidence from live investigations involving encryption can satisfy the same criteria. This research concludes that it is possible for live digital evidence to be considered to be reliable, but that reliability of digital evidence ultimately depends on the specific investigation and the importance of the decision being made. However, the research provides structured criteria that allow the reliability of digital evidence to be assessed, demonstrates the use of these criteria in the context of live digital investigations involving encryption, and shows the extent to which each can currently be met.
APA, Harvard, Vancouver, ISO, and other styles
7

Hargreaves, Christopher James. "Assessing the reliability of digital evidence from live investigations involving encryption." Thesis, Cranfield University, 2009. http://dspace.lib.cranfield.ac.uk/handle/1826/4007.

Full text
Abstract:
The traditional approach to a digital investigation when a computer system is encountered in a running state is to remove the power, image the machine using a write blocker and then analyse the acquired image. This has the advantage of preserving the contents of the computer’s hard disk at that point in time. However, the disadvantage of this approach is that the preservation of the disk is at the expense of volatile data such as that stored in memory, which does not remain once the power is disconnected. There are an increasing number of situations where this traditional approach of ‘pulling the plug’ is not ideal since volatile data is relevant to the investigation; one of these situations is when the machine under investigation is using encryption. If encrypted data is encountered on a live machine, a live investigation can be performed to preserve this evidence in a form that can be later analysed. However, there are a number of difficulties with using evidence obtained from live investigations that may cause the reliability of such evidence to be questioned. This research investigates whether digital evidence obtained from live investigations involving encryption can be considered to be reliable. To determine this, a means of assessing reliability is established, which involves evaluating digital evidence against a set of criteria; evidence should be authentic, accurate and complete. This research considers how traditional digital investigations satisfy these requirements and then determines the extent to which evidence from live investigations involving encryption can satisfy the same criteria. This research concludes that it is possible for live digital evidence to be considered to be reliable, but that reliability of digital evidence ultimately depends on the specific investigation and the importance of the decision being made. However, the research provides structured criteria that allow the reliability of digital evidence to be assessed, demonstrates the use of these criteria in the context of live digital investigations involving encryption, and shows the extent to which each can currently be met.
APA, Harvard, Vancouver, ISO, and other styles
8

Roussel, Bruno. "Les investigations numériques en procédure pénale." Thesis, Bordeaux, 2020. http://www.theses.fr/2020BORD0075.

Full text
Abstract:
Dans le contexte de numérisation que connaît notre société, l’enquête pénale doit s’adapter à la dématérialisation des investigations qui doivent permettre d’accéder, de collecter et de générer des données informatiques. En l’état actuel de la procédure pénale, les informations numériques manipulées lors des actes d’enquête sont éparpillées et cloisonnées, ce qui nuit à l’efficacité de leur exploitation ainsi qu’à la protection des droits des personnes concernées par les données ainsi collectées ou générées. La présente étude propose une analyse de toutes les informations numériques regroupées, qui sont recueillies au cours d’une procédure. Les nombreux traitements de données à caractère personnel mis en œuvre par l’Etat et pour lesquels un accès est directement prévu lors de l’enquête pénale sont également éparpillés et physiquement séparés. Loin de garantir une protection des droits des personnes fichées, cette séparation nuit à la qualité des données enregistrées et neutralise les possibilités de contrôles efficaces sur ces traitements. Une mise en commun mesurée de certaines données identiques est présentée ici : elle serait une source d’amélioration importante
Digitalization has more effects on our society. So, the criminal inquiry must be adapted in order to include digital investigations. Those investigations allow accessing, gathering and creating data. In the current state of criminal proceedings in France, the digital information manipulated during investigative acts is separated, which undermines the efficiency of their exploitation as well as the protection of data subjects ' rights. This study proposes an approach that allows the analysis of all the digital information collected during a procedure, grouped, for better exploitation. Moreover, a lot of legal processing of personal data exist in France. Data recorded in those files are divided, and the same data is stored in many judicial files. Our work studies the possibility to aggregate some of the identical data, like identification or address in order to improve criminal proceedings
APA, Harvard, Vancouver, ISO, and other styles
9

Montasari, Reza. "The Comprehensive Digital Forensic Investigation Process Model (CDFIPM) for digital forensic practice." Thesis, University of Derby, 2016. http://hdl.handle.net/10545/620799.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Sanyamahwe, Tendai. "Digital forensic model for computer networks." Thesis, University of Fort Hare, 2011. http://hdl.handle.net/10353/d1000968.

Full text
Abstract:
The Internet has become important since information is now stored in digital form and is transported both within and between organisations in large amounts through computer networks. Nevertheless, there are those individuals or groups of people who utilise the Internet to harm other businesses because they can remain relatively anonymous. To prosecute such criminals, forensic practitioners have to follow a well-defined procedure to convict responsible cyber-criminals in a court of law. Log files provide significant digital evidence in computer networks when tracing cyber-criminals. Network log mining is an evolution of typical digital forensics utilising evidence from network devices such as firewalls, switches and routers. Network log mining is a process supported by presiding South African laws such as the Computer Evidence Act, 57 of 1983; the Electronic Communications and Transactions (ECT) Act, 25 of 2002; and the Electronic Communications Act, 36 of 2005. Nevertheless, international laws and regulations supporting network log mining include the Sarbanes-Oxley Act; the Foreign Corrupt Practices Act (FCPA) and the Bribery Act of the USA. A digital forensic model for computer networks focusing on network log mining has been developed based on the literature reviewed and critical thought. The development of the model followed the Design Science methodology. However, this research project argues that there are some important aspects which are not fully addressed by South African presiding legislation supporting digital forensic investigations. With that in mind, this research project proposes some Forensic Investigation Precautions. These precautions were developed as part of the proposed model. The Diffusion of Innovations (DOI) Theory is the framework underpinning the development of the model and how it can be assimilated into the community. The model was sent to IT experts for validation and this provided the qualitative element and the primary data of this research project. From these experts, this study found out that the proposed model is very unique, very comprehensive and has added new knowledge into the field of Information Technology. Also, a paper was written out of this research project.
APA, Harvard, Vancouver, ISO, and other styles
More sources

Books on the topic "Digital Forensic investigations"

1

Le-Khac, Nhien-An, and Kim-Kwang Raymond Choo, eds. Cyber and Digital Forensic Investigations. Cham: Springer International Publishing, 2020. http://dx.doi.org/10.1007/978-3-030-47131-6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Computer crimes and digital investigations. New York: Oxford University Press, 2007.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
3

Muda, Azah Kamilah, Yun-Huoy Choo, Ajith Abraham, and Sargur N. Srihari, eds. Computational Intelligence in Digital Forensics: Forensic Investigation and Applications. Cham: Springer International Publishing, 2014. http://dx.doi.org/10.1007/978-3-319-05885-6.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Bodden, Valerie. Digital forensics. Mankato, MN: Creative Education, 2016.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
5

Digital forensics: Digital evidence in criminal investigation. Chichester: Wiley-Blackwell, 2008.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
6

Gregory, Kipper, and ScienceDirect (Online service), eds. Virtualization and forensics: A digital forensic investigator's guide to virtual environments. Amsterdam: Syngress/Elsevier, 2010.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
7

Mark, Pollitt, and Shenoi Sujeet, eds. Advances in digital forensics: IFIP International Conference on Digital Forensics, National Center for Forensic Science, Orlando, Florida, February 13-16, 2006. New York: Springer, 2005.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
8

service), ScienceDirect (Online, ed. Handbook of digital forensics and investigation. London: Academic, 2010.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
9

Advances in digital forensics II: IFIP International Conference on Digital Forensics, National Center for Forensic Science, Orlando, Florida, January 29-February 1, 2006. New York: Springer, 2006.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
10

Philip, Craiger, and Shenoi Sujeet, eds. Advances in digital forensics III: IFIP International Conference on Digital Forensics, National Center for Forensic Science, Orlando, Florida, January 28-January 31, 2007. New York, NY: Springer, 2007.

Find full text
APA, Harvard, Vancouver, ISO, and other styles
More sources

Book chapters on the topic "Digital Forensic investigations"

1

Holt, Thomas J., Adam M. Bossler, and Kathryn C. Seigfried-Spellar. "Legal Challenges in Digital Forensic Investigations." In Cybercrime and Digital Forensics, 571–621. Second edition. | Abingdon, Oxon ; New York, NY : Routledge, 2018.: Routledge, 2017. http://dx.doi.org/10.4324/9781315296975-14.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Tanner, April, and David Dampier. "Concept Mapping for Digital Forensic Investigations." In Advances in Digital Forensics V, 291–300. Berlin, Heidelberg: Springer Berlin Heidelberg, 2009. http://dx.doi.org/10.1007/978-3-642-04155-6_22.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Overill, Richard, and Kam-Pui Chow. "Measuring Evidential Weight in Digital Forensic Investigations." In Advances in Digital Forensics XIV, 3–10. Cham: Springer International Publishing, 2018. http://dx.doi.org/10.1007/978-3-319-99277-8_1.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

O’Shaughnessy, Stephen, and Anthony Keane. "Impact of Cloud Computing on Digital Forensic Investigations." In Advances in Digital Forensics IX, 291–303. Berlin, Heidelberg: Springer Berlin Heidelberg, 2013. http://dx.doi.org/10.1007/978-3-642-41148-9_20.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

van Staden, Wynand. "Protecting Third Party Privacy in Digital Forensic Investigations." In Advances in Digital Forensics IX, 19–31. Berlin, Heidelberg: Springer Berlin Heidelberg, 2013. http://dx.doi.org/10.1007/978-3-642-41148-9_2.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Overill, Richard, Michael Kwan, Kam-Pui Chow, Pierre Lai, and Frank Law. "A Cost-Effective Model for Digital Forensic Investigations." In Advances in Digital Forensics V, 231–40. Berlin, Heidelberg: Springer Berlin Heidelberg, 2009. http://dx.doi.org/10.1007/978-3-642-04155-6_17.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Yang, Min, and Kam-Pui Chow. "AN INFORMATION EXTRACTION FRAMEWORK FOR DIGITAL FORENSIC INVESTIGATIONS." In IFIP Advances in Information and Communication Technology, 61–76. Cham: Springer International Publishing, 2015. http://dx.doi.org/10.1007/978-3-319-24123-4_4.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Kwan, Michael, Richard Overill, Kam-Pui Chow, Hayson Tse, Frank Law, and Pierre Lai. "Sensitivity Analysis of Bayesian Networks Used in Forensic Investigations." In Advances in Digital Forensics VII, 231–43. Berlin, Heidelberg: Springer Berlin Heidelberg, 2011. http://dx.doi.org/10.1007/978-3-642-24212-0_18.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Bednar, P. M., and V. Katos. "Digital Forensic Investigations: A New Frontier for Informing Systems." In Information Systems: People, Organizations, Institutions, and Technologies, 361–71. Heidelberg: Physica-Verlag HD, 2009. http://dx.doi.org/10.1007/978-3-7908-2148-2_42.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Verma, Robin, Jayaprakash Govindaraj, and Gaurav Gupta. "Data Privacy Perceptions About Digital Forensic Investigations in India." In IFIP Advances in Information and Communication Technology, 25–45. Cham: Springer International Publishing, 2016. http://dx.doi.org/10.1007/978-3-319-46279-0_2.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "Digital Forensic investigations"

1

Bakhshi, Taimur. "Forensic of Things: Revisiting Digital Forensic Investigations in Internet of Things." In 2019 4th International Conference on Emerging Trends in Engineering, Sciences and Technology (ICEEST). IEEE, 2019. http://dx.doi.org/10.1109/iceest48626.2019.8981675.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Biggs, S., and S. Vidalis. "Cloud Computing: The impact on digital forensic investigations." In 2009 4th International Conference for Internet Technology and Secured Transactions (ICITST 2009). IEEE, 2009. http://dx.doi.org/10.1109/icitst.2009.5402561.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Charles, T., and M. Pollock. "Digital forensic investigations at universities in South Africa." In 2015 Second International Conference on Information Security and Cyber Forensics (InfoSec). IEEE, 2015. http://dx.doi.org/10.1109/infosec.2015.7435506.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Horsman, Graeme, Christopher Laing, and Paul Vickers. "User-Contributory Case-Based Reasoning for Digital Forensic Investigations." In 2012 Third International Conference on Emerging Security Technologies (EST). IEEE, 2012. http://dx.doi.org/10.1109/est.2012.35.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

McDonald, Jeffrey Todd, Ramya Manikyam, William Bradley Glisson, Todd R. Andel, and Yuan Xiang Gu. "Enhanced Operating System Protection to Support Digital Forensic Investigations." In 2017 IEEE Trustcom/BigDataSE/ICESS. IEEE, 2017. http://dx.doi.org/10.1109/trustcom/bigdatase/icess.2017.296.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Birk, Dominik, and Christoph Wegener. "Technical Issues of Forensic Investigations in Cloud Computing Environments." In 2011 IEEE Sixth International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE). IEEE, 2011. http://dx.doi.org/10.1109/sadfe.2011.17.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Tanner, April, David Dampier, and Jim Thompson. "On developing a conceptual modeling report management tool for digital forensic investigations." In 2012 IEEE International Conference on Technologies for Homeland Security (HST). IEEE, 2012. http://dx.doi.org/10.1109/ths.2012.6459890.

Full text
APA, Harvard, Vancouver, ISO, and other styles
8

Milagre, José, and Marcelo Caiado. "Cloud Computing Forensics. Best Practice and Challenges for Process Efficiency of Investigations and Digital Forensics." In The Eighth International Conference on Forensic Computer Science. Abeat, 2013. http://dx.doi.org/10.5769/c2013003.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Horsman, Graeme, Christopher Laing, and Paul Vickers. "A Case Based Reasoning Framework for Improving the Trustworthiness of Digital Forensic Investigations." In 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). IEEE, 2012. http://dx.doi.org/10.1109/trustcom.2012.18.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

maheswari, K. Uma, and G. Shobana. "The State of the art tools and techniques for remote digital forensic investigations." In 2021 3rd International Conference on Signal Processing and Communication (ICPSC). IEEE, 2021. http://dx.doi.org/10.1109/icspc51351.2021.9451718.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "Digital Forensic investigations"

1

Nic Daeid, Niamh, Heather Doran, Lucina Hackman, and Pauline Mack. The Curse of the Burial Dagger Teacher Materials. University of Dundee, September 2021. http://dx.doi.org/10.20933/100001220.

Full text
Abstract:
The Curse of the Burial Dagger is an interactive graphic novel murder mystery, created by the Leverhulme Research Centre for Forensic Science and digital story studio Fast Familiar. Players use maths, logic and critical reasoning skills to assist Susie uncover different types of forensic evidence and weigh up contrasting hypotheses. Can they uncover the events leading up to Lord Hamilton’s death and deduce how he died…before the curse strikes again? These documents are the Teacher/Group lead pack which contain additional resources including: • The Teacher/Group Lead Pack – Teacher walk through – Factsheet – What is Forensic Science? – Factsheet – What is a hypothesis? – Marzipan Calculation – Factsheet and activity – Fingerprint Analysis – Activity – Chromatography investigation • Printable completion certificate • Printable Note paper and fact-sheet
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'Digital Forensic investigations' for particular source types:
Journal articles Dissertations / Theses Books
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography