{"title":"Viability of Consumer Grade Hardware for Learning Computer Forensics Principles","authors":"Lazaro A. Herrera","doi":"10.15394/jdfsl.2022.1683","DOIUrl":"https://doi.org/10.15394/jdfsl.2022.1683","url":null,"abstract":"We propose utilizing budget consumer hardware and software to teach computer forensics principles and for non-case work, research and developing new techniques. Consumer grade hardware and free/open source software is more easily accessible in most developing markets and can be used as a first purchase for education, technique development and even when developing new techniques. These techniques should allow for small forensics laboratories or classroom settings to have the tooling and framework for trying existing forensics techniques or creating new forensics techniques on consumer grade hardware. We’ll be testing how viable each individual piece of hardware is as well as combinations along with seeing at which point utilizing forensics-grade hardware becomes necessary in order to proceed.","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":"1 1","pages":""},"PeriodicalIF":0.3,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"67058920","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"The Digital Detective's Discourse - A toolset for forensically sound collaborative dark web content annotation and collection","authors":"J. Bergman, O. Popov","doi":"10.15394/jdfsl.2022.1740","DOIUrl":"https://doi.org/10.15394/jdfsl.2022.1740","url":null,"abstract":"In the last decade, the proliferation of machine learning (ML) algorithms and their application on big data sets have benefited many researchers and practitioners in different scientific areas. Consequently, the research in cybercrime and digital forensics has relied on ML techniques and methods for analyzing large quantities of data such as text, graphics, images, videos, and network traffic scans to support criminal investigations. Complete and accurate training data sets are indispensable for efficient and effective machine learning models. An essential part of creating complete and accurate data sets is annotating or labelling data. We present a method for law enforcement agency investigators to annotate and store specific dark web content. Using a design science strategy, we design and develop tools to enable and extend web content annotation. The annotation tool was implemented as a plugin for the Tor browser. It can store web content, thus automatically creating a dataset of dark web data pertinent to criminal investigations. Combined with a central storage management server, enabling annotation sharing and collaboration, and a web scraping program, the dataset becomes multifold, dynamic, and extensive while maintaining the forensic soundness of the data saved and transmitted. To manifest our toolset’s fitness of purpose, we used our dataset as training data for ML based classification models. A five cross-fold validation technique was used to evaluate the classifiers, which reported an accuracy score of 85 96%. In the concluding sections, we discuss the possible use-cases of the proposed method in real-life cybercrime investigations, along with ethical concerns and future extensions.","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":"1 1","pages":""},"PeriodicalIF":0.3,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"67059019","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Chad M. S. Steel, Emily Newman, S. O'Rourke, E. Quayle
{"title":"TECHNICAL BEHAVIOURS OF CHILD SEXUAL EXPLOITATION MATERIAL OFFENDERS","authors":"Chad M. S. Steel, Emily Newman, S. O'Rourke, E. Quayle","doi":"10.15394/jdfsl.2022.1794","DOIUrl":"https://doi.org/10.15394/jdfsl.2022.1794","url":null,"abstract":"An exploration of the technological behaviours of previously convicted child sexual exploitation material (CSEM) offenders provides a foundation for future applied research into deterrence, investigation, and treatment efforts. This study evaluates choices and transitions of individuals previously convicted of CSEM offenses. Based on their inclusion in two sex offender registries, anonymous survey results (n=78) were collected from English-speaking adults within the United States. CSEM offenders chose technologies based on both utility and perceived risk; peer-to-peer and web-browsers were the most common gateway technologies and showed substantial sustained usage; a substantial minority of users never stored CSEM and only viewed it; most respondents used more than one technology to view CSEM; CSEM offenders used more countermeasures than the public but did not use encryption at higher rates; almost all CSEM consumers started viewing adult SEM first; and countermeasures were used primarily to reduce psychological strain (anxiety).","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":"1 1","pages":""},"PeriodicalIF":0.3,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"67058786","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Digital Evidence In Appeals Of Criminal Cases Before The U.S. Courts Of Appeal: A Review Of Decisions And Examination Of The Legal Landscape From 2016 – 2020","authors":"M. Novák","doi":"10.15394/jdfsl.2022.1734","DOIUrl":"https://doi.org/10.15394/jdfsl.2022.1734","url":null,"abstract":"This study is a follow-up to Digital Evidence in Criminal Cases before the U.S. Courts of Appeal: Trends and Issues for Consideration – 2010 to 2015. The current study examines appeals of criminal cases before the United States Courts of Appeal from January 2016 through August 2020, where one or more appeal claims were related to digital evidence. The purpose of this research was to determine if the legal landscape has changed since 2015; examine the most relevant legal issues related to digital evidence; and analyze how precedential cases may have affected digital forensics as evidence.","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":"1 1","pages":""},"PeriodicalIF":0.3,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"67058978","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A Combined Approach For Private Indexing Mechanism","authors":"Pranita Desai, V. Shelake","doi":"10.15394/jdfsl.2022.1790","DOIUrl":"https://doi.org/10.15394/jdfsl.2022.1790","url":null,"abstract":"Private indexing is a set of approaches for analyzing research data that are similar or resemble similar ones. This is used in the database to keep track of the keys and their values. The main subject of this research is private indexing in record linkage to secure the data. Because unique personal identification numbers or social security numbers are not accessible in most countries or databases, data linkage is limited to attributes such as date of birth and names to distinguish between the number of records and the real-life entities they represent. For security reasons, the encryption of these identifiers is required. Privacy-preserving record linkage, frequently used to link private data within several databases from different companies, prevents sensitive information from being exposed to other companies. This research used a combined method to evaluate the data, using classic and new indexing methods. A combined approach is more secure than typical standard indexing in terms of privacy. Multibit tree indexing, which groups comparable data in many ways, creates a scalable tree-like structure that is both space and time flexible, as it avoids the need for redundant block structures. Because the record pair numbers to compare are the Cartesian product of both the file record numbers, the work required grows with the number of records to compare in the files. The evaluation findings of this research showed that combined method is scalable in terms of the number of databases to be linked, the database size, and the time required.","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":"1 1","pages":""},"PeriodicalIF":0.3,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"67058775","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"A CRITICAL COMPARISON OF BRAVE BROWSER AND GOOGLE CHROME FORENSIC ARTEFACTS","authors":"Stuart Berham, Sarah Morris","doi":"10.15394/jdfsl.2022.1752","DOIUrl":"https://doi.org/10.15394/jdfsl.2022.1752","url":null,"abstract":"Digital forensic practitioners are tasked with the identification, recovery, and analysis of Internet browser artefacts which may have been used in the pursuit of committing a civil or criminal offence. This research paper critically compares the most downloaded browser, Google Chrome, against an increasingly popular Chromium browser known as Brave, said to offer privacy-by-default. With increasing forensic caseloads, data complexity, and requirements for method validation to satisfy ISO 17025 accreditation, recognising the similarities and differences between the browsers, developed on the same underlying technology is essential. The paper describes a series of conducted experiments and subsequent analysis to identify artefacts created as part of normal user browsing activity. Analysis of the artefacts found that Brave and Chrome share almost identical data structures, with on-disk artefact recovery successful, even for deleted data. The outcome of this research, based upon the results, serves to enrich understanding and provide best practice for practitioners and software developers, respectively responsible for examining Chromium artefacts for use in evidence production and developing new forensic tools and techniques.","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":"1 1","pages":""},"PeriodicalIF":0.3,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"67058666","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Proposed L-Shape Pattern on UFS ACM For Risk Analysis","authors":"A. Asthana, P. Pradhan","doi":"10.15394/jdfsl.2022.1728","DOIUrl":"https://doi.org/10.15394/jdfsl.2022.1728","url":null,"abstract":"At this cloud age, there is tremendous growth in business, services, resources, and cloud technology. This growth comes with risk of unsafe, unordered, and uncertainty due to unauthorized access and theft of confidential propriety data. Our objective is to model around Read, Write and Execute to resolve these unordered, unsafe, and uncertain issues. We will develop a L-Shape pattern model matching UFS ACM to minimize the accessibilities based on RIGHT & ROLE of the resources and maximize the quality of services for safety and high availability. The preventive, detective, corrective (PDC) services are the major roles for all levels of management to coordinate, control the multiple technologies and resources which are working simultaneously. It will be more ordered, accountable, and actionable on real-time access control mechanism for scalabilities, reliability, performance, and high availability of computational services. We have to make safer, certain, unified, and step-by-step normalization by applying this UFS ACM mechanism on UNIX operating system. This proposed research paper covers a wide range of areas covering optimization, normalization, Fuzzy Low, and Risk assessment.","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":"1 1","pages":""},"PeriodicalIF":0.3,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"67058958","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"To License or Not to License Reexamined: An Updated Report on Licensing of Digital Examiners Under State Private Investigator Statutes","authors":"T. Lonardo, Alan I. Rea, D. White","doi":"10.15394/jdfsl.2022.1770","DOIUrl":"https://doi.org/10.15394/jdfsl.2022.1770","url":null,"abstract":"In this update to the 2015 study, the authors examine US state statutes and regulations relating to licensing and enforcement of Digital Examiner functions under each State’s private investigator/detective statute. As with the prior studies, the authors find that very few state statutes explicitly distinguish between Private Investigators (PI) and Digital Examiners (DE), and when they do, they either explicitly require a license or exempt them from the licensing statute. As noted in the previous 2015 study, there is a minor trend in which some states are moving to exempt DE from PI licensing requirements. We examine this trend and look at some additional information in terms of exemptions, including those relating to practicing attorneys, employer/employee relationships, expert testimony, and penalties for violation of the PI statutes where it is believed a PI license is required. As with the previous studies (Lonardo et al., 2008, 2009, 2012, 2015), we reviewed all state statutes relating to PI licensing. Where statutory language did not explicitly address exemption or inclusion of Digital Examiners, we contacted the relevant state regulatory body (i.e., Secretary of State’s office, State Police, regulatory agency) to assess the applicability of Digital Examiners under the respective state statutes. Based on this statutory review and regulatory feedback, we present the various state approaches to professional Digital Examiner licensing. Our recommendation remains the same: states must differentiate between Private Investigator and Digital Examiner licensing requirements and oversight.","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":"1 1","pages":""},"PeriodicalIF":0.3,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"67058724","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Assessment of 3D mesh watermarking techniques","authors":"Neha Sharma, J. Panda","doi":"10.15394/jdfsl.2022.1745","DOIUrl":"https://doi.org/10.15394/jdfsl.2022.1745","url":null,"abstract":"With the increasing usage of three-dimensional meshes in Computer-Aided Design (CAD), medical imaging, and entertainment fields like virtual reality, etc., the authentication problems and awareness of intellectual property protection have risen over the last decade. Numerous watermarking schemes have been suggested to protect ownership and prevent the threat of data piracy. This paper begins with the potential difficulties that arose when dealing with three-dimension entities in comparison to two-dimensional entities and also lists possible algorithms suggested hitherto and their comprehensive analysis. Attacks, also play a crucial role in deciding on a watermarking algorithm so an attack based analysis is also presented to analyze the resilience of watermarking algorithms under several attacks. In the end, some evaluation measures and potential solutions are brooded over to design robust and oblivious watermarking schemes in the future.","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":"1 1","pages":""},"PeriodicalIF":0.3,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"67059102","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Forensic Discoverability of iOS Vault Applications","authors":"A. Gilbert, Kathryn C. Seigfried-Spellar","doi":"10.15394/jdfsl.2022.1773","DOIUrl":"https://doi.org/10.15394/jdfsl.2022.1773","url":null,"abstract":"Vault Applications store potentially sensitive information on a smartphone; and are available on Android and iOS. Using these applications could be used to hide potential evidence or illicit photos. After comparing five iOS photo vaults, each vault left evidence and photos behind. However, of the three forensic toolkits used, each produced different results in their scans of the phone. The media left behind was due to the photo vaults not protecting their information as claimed and using basic obfuscation techniques in place of security controls. Future research will look at how newer security controls are implemented and if they are easily discoverable.","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":"1 1","pages":""},"PeriodicalIF":0.3,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"67058734","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}