发布求助
文献互助 智能选刊 最新文献

Forensic Science International-Digital Investigation最新文献

筛选
英文 中文
Forensically analyzing IoT smart camera using MAoIDFF-IoT framework 利用 MAoIDFF-IoT 框架对物联网智能摄像头进行取证分析
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-09-17 DOI: 10.1016/j.fsidi.2024.301829
{"title":"Forensically analyzing IoT smart camera using MAoIDFF-IoT framework","authors":"","doi":"10.1016/j.fsidi.2024.301829","DOIUrl":"10.1016/j.fsidi.2024.301829","url":null,"abstract":"<div><p>IoT devices spread over a wide range of applications these days, and their vast amount of data generated becomes a target for intruders. IoT digital forensics, which involves extracting the digital evidence from the IoT device itself and/or its network traffic using a framework is important and challenging. The challenges include the diversity of types of IoT devices, resource constraints, and users’ privacy. In this article, we focus on network forensics investigations of smart camera traffic as a case study. The investigation process followed the MAoIDFF-IoT framework, a comprehensive and effective framework for IoT devices, and focusing on the locations of potential Artifacts of Interest (AoI). In addition, a few scenarios in using the camera are investigated to obtain a valuable artifact. The results show that it is possible to extract a few artifacts from the network captured traffic even though the traffic is encrypted. Moreover, this research offers guidelines for digital investigators to conduct network forensics on smart camera devices, with detailed results provided.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":null,"pages":null},"PeriodicalIF":2.0,"publicationDate":"2024-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142239585","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Examining and detecting academic misconduct in written documents using revision save identifier numbers in MS Word as exemplified by multiple scenarios 使用 MS Word 中的修订保存标识符编号检查和检测书面文件中的学术不端行为,并通过多种情景加以说明
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-09-10 DOI: 10.1016/j.fsidi.2024.301821
{"title":"Examining and detecting academic misconduct in written documents using revision save identifier numbers in MS Word as exemplified by multiple scenarios","authors":"","doi":"10.1016/j.fsidi.2024.301821","DOIUrl":"10.1016/j.fsidi.2024.301821","url":null,"abstract":"<div><p>Deliberate academic misconduct by students often relies on the use of segments of externally authored text, generated either by commercial contract authoring services or by generative Artificial intelligence language models. While revision save identifier (rsid) numbers in Microsoft Word files are associated with edit and save actions of a document, MS Word does not adhere to the ECMA specifications for the Office Open XML. Existing literature shows that digital forensics using rsid requires access to multiple document versions or the user's machine. In cases of academic misconduct allegations usually only the submitted files are available for digital forensic examination, coupled with assertions by the alleged perpetrators about the document generation and editing process This paper represents a detailed exploratory study that provides educators and digital forensic scientists with tools to examine a single document for the veracity of various commonly asserted scenarios of document generation and editing. It is based on a series of experiments that ascertained whether and how common edit and document generation actions such as copy, paste, insertion of blocks of texts from other documents, leave tell-tale traces in the rsid encoding that is embedded in all MS Word documents. While digital forensics can illuminate document generation processes, the actions that led to these may have innocuous explanations. In consequence, this paper also provides academic misconduct investigators with a set of prompts to guide the interview with alleged perpetrators to glean the information required for cross-correlation with observations based on the rsid data.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":null,"pages":null},"PeriodicalIF":2.0,"publicationDate":"2024-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2666281724001458/pdfft?md5=1c46f6d9d5928150f3f10e0b2c0b28f0&pid=1-s2.0-S2666281724001458-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142164106","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Forensic analysis and data decryption of tencent meeting in windows environment Windows 环境下腾讯会议的取证分析和数据解密
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-08-28 DOI: 10.1016/j.fsidi.2024.301818
{"title":"Forensic analysis and data decryption of tencent meeting in windows environment","authors":"","doi":"10.1016/j.fsidi.2024.301818","DOIUrl":"10.1016/j.fsidi.2024.301818","url":null,"abstract":"<div><p>Video conferencing applications have become ubiquitous in the post-COVID-19 era. Remote meetings, briefing sessions, and lectures are gradually becoming part of our culture. Thus, the amount of user data that video conferencing applications collect and manage has increased, and such data can be used as digital evidence. In this study, we analyzed Tencent Meeting, the most widely used video conferencing application in China, to identify the data stored on the user's disk by the application. Tencent Meeting stores user information and the chat history during a video conference on local storage. We found that Tencent Meeting suffers from a vulnerability in the process of encrypting and storing the user data, which can be exploited by anyone who can access and decrypt the user's data. We expect that our findings to help digital forensics investigators conduct efficient investigations when applications are used for malicious purposes.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":null,"pages":null},"PeriodicalIF":2.0,"publicationDate":"2024-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142086964","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Navigating the digital labyrinth: Forensics in the age of AI 驾驭数字迷宫:人工智能时代的取证
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-08-28 DOI: 10.1016/j.fsidi.2024.301820
{"title":"Navigating the digital labyrinth: Forensics in the age of AI","authors":"","doi":"10.1016/j.fsidi.2024.301820","DOIUrl":"10.1016/j.fsidi.2024.301820","url":null,"abstract":"","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":null,"pages":null},"PeriodicalIF":2.0,"publicationDate":"2024-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142086871","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
SFormer: An end-to-end spatio-temporal transformer architecture for deepfake detection SFormer:用于深度伪造检测的端到端时空变换器架构
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-08-27 DOI: 10.1016/j.fsidi.2024.301817
{"title":"SFormer: An end-to-end spatio-temporal transformer architecture for deepfake detection","authors":"","doi":"10.1016/j.fsidi.2024.301817","DOIUrl":"10.1016/j.fsidi.2024.301817","url":null,"abstract":"<div><p>Growing AI advancements are continuously pacing GAN enhancement that eventually facilitates the generation of deepfake media. Manipulated media poses serious risks pertaining court proceedings, journalism, politics, and many more where digital media have a substantial impact on society. State-of-the-art techniques for deepfake detection rely on convolutional networks for spatial analysis, and recurrent networks for temporal analysis. Since transformers are capable of recognizing wide-range dependencies with a global spatial view and along temporal sequence too, a novel approach called “SFormer” is proposed in this paper, utilizing a transformer architecture for both spatial and temporal analysis to detect deepfakes. Further, state-of-the-art techniques suffer from high computational complexity and overfitting which causes loss in generalizability. The proposed model utilized a Swin Transformer for spatial analysis that resulted in low complexity, thereby enhancing its generalization ability and robustness against the different manipulation types. Proposed end-to-end transformer based model, SFormer, is proven to be effective for numerous deepfake datasets, including FF++, DFD, Celeb-DF, DFDC and Deeper-Forensics, and achieved an accuracy of 100%, 97.81%, 99.1%, 93.67% and 100% respectively. Moreover, SFormer has demonstrated superior performance compared to existing spatio-temporal and transformer-based approaches for deepfake detection.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":null,"pages":null},"PeriodicalIF":2.0,"publicationDate":"2024-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142083968","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Response from author 提交人的答复
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-07-16 DOI: 10.1016/j.fsidi.2024.301803
{"title":"Response from author","authors":"","doi":"10.1016/j.fsidi.2024.301803","DOIUrl":"10.1016/j.fsidi.2024.301803","url":null,"abstract":"","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":null,"pages":null},"PeriodicalIF":2.0,"publicationDate":"2024-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2666281724001276/pdfft?md5=fd9a796dc7013d1eb9653db105c2a547&pid=1-s2.0-S2666281724001276-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141630148","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Towards a practical usage for the Sleuth Kit supporting file system add-ons 实现支持文件系统附加组件的 Sleuth Kit 的实际用途
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-07-13 DOI: 10.1016/j.fsidi.2024.301799
Yeonghun Shin , Taeshik Shon
{"title":"Towards a practical usage for the Sleuth Kit supporting file system add-ons","authors":"Yeonghun Shin ,&nbsp;Taeshik Shon","doi":"10.1016/j.fsidi.2024.301799","DOIUrl":"https://doi.org/10.1016/j.fsidi.2024.301799","url":null,"abstract":"<div><p>Most modern digital devices with storage utilize a file system to manage files and directories. Consequently, when digital forensic investigators derive evidence from such devices, they collect and analyze data stored on them through file system analysis. However, there are numerous types of file systems, with new ones continually being developed. Each file system possesses a distinct metadata structure and file management system. Therefore, investigators must possess prior knowledge of the specific file system being examined. Nevertheless, it is challenging for practitioners to be knowledgeable about all existing file systems. To address this issue, forensic software such as The Sleuth Kit (TSK), an open-source forensic tool, is employed for investigations. However, even these tools may not offer complete support for relatively recent file systems.</p><p>Hence, we propose a structure for integrating a new file system into the open-source forensic tool TSK. Additionally, to validate this proposed structure, we demonstrate that support for five file systems (Ext4, XFS, Btrfs, F2FS, and Hikvision) can be added following this framework. To achieve this, we conducted an analysis of the metadata and file management scheme for these five file systems. Furthermore, we examined the operational procedures of the TSK framework. Based on these analyses, investigation capabilities for the five file systems have been incorporated into TSK. Moreover, reliability verification experiments were conducted on the developed tools; and performance evaluation was carried out in comparison with other commercial digital forensic tools. The findings of this study can serve as a foundation for future forensic studies based on file systems. Additionally, the TSK developed based on the proposed structure can assist investigators in conducting digital forensics effectively.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":null,"pages":null},"PeriodicalIF":2.0,"publicationDate":"2024-07-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141606950","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Money laundering through video games, a criminals' playground 通过电子游戏洗钱,犯罪分子的乐园
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-07-13 DOI: 10.1016/j.fsidi.2024.301802
Dan Cooke , Angus Marshall
{"title":"Money laundering through video games, a criminals' playground","authors":"Dan Cooke ,&nbsp;Angus Marshall","doi":"10.1016/j.fsidi.2024.301802","DOIUrl":"https://doi.org/10.1016/j.fsidi.2024.301802","url":null,"abstract":"<div><p>Money laundering and video games provide opportunities to criminals for easier and less detectable methods of performing money laundering. These actions may be used as part of a system of transactions, by these criminals, to further disguise the origins of their funds. The use of videogames as a tool to launder money is something that has been only briefly explored. This work identifies the ways that money laundering through video game secondary marketplaces can offer benefits to criminals looking to launder money, versus the use of traditional money laundering methods.</p><p>We explore the potential for using publicly accessible data, such as that available from the Steam Marketplace, to identify suspicious transactions that may indicate the existence of money laundering within these platforms. This research focused on identifying irregularities in the frequency and quantity of trades on the Steam Marketplace.</p><p>The results of this investigation show that identifying, using very simple money laundering detection methods, possible cases of money laundering within transactional data from the Steam Marketplace is possible. The data used shows that there were several suspicious transactions and accounts which could warrant further investigation, and may be involved in activity which represents money laundering. As a result of this, there is scope for further investigations using larger data sets and examination of other publicly accessible data using a greater range of methods to identify suspicious transactions including, but not limited to, value of transactions and location.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":null,"pages":null},"PeriodicalIF":2.0,"publicationDate":"2024-07-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2666281724001264/pdfft?md5=843f79ae7978a79c885020e2a44ce53d&pid=1-s2.0-S2666281724001264-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141606951","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Forensic analysis of OpenAI's ChatGPT mobile application 对 OpenAI 的 ChatGPT 移动应用程序的取证分析
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-07-10 DOI: 10.1016/j.fsidi.2024.301801
Evangelos Dragonas , Costas Lambrinoudakis , Panagiotis Nakoutis
{"title":"Forensic analysis of OpenAI's ChatGPT mobile application","authors":"Evangelos Dragonas ,&nbsp;Costas Lambrinoudakis ,&nbsp;Panagiotis Nakoutis","doi":"10.1016/j.fsidi.2024.301801","DOIUrl":"https://doi.org/10.1016/j.fsidi.2024.301801","url":null,"abstract":"<div><p>Since its public launch, OpenAI's ChatGPT has achieved significant success, attracting millions of users within the first few months of its release. Although numerous similar applications have emerged, none have yet matched the success of OpenAI's ChatGPT. Last year, OpenAI released the ChatGPT mobile app. This application serves a broad range of uses, some of which may be malicious and, unfortunately, it has not yet been parsed by either commercial or open-source tools. Nevertheless, the data stored by this application, such as JSON files that store a user's conversations with ChatGPT, can be instrumental in attributing user actions, discerning perpetrators' knowledge and motivations, and resolving practical investigations. In this paper, OpenAI's ChatGPT mobile application is examined on both Android and iOS operating systems, focusing on potential evidentiary data within. The cloud-native data associated with the app, which can be retrieved through user data export requests are also investigated. The primary objective of this study is to discover artifacts that investigators can use in real-world cases involving this mobile app. Additionally, the authors have contributed to FOSS to support professionals in this field.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":null,"pages":null},"PeriodicalIF":2.0,"publicationDate":"2024-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141596810","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Leveraging metadata in social media forensic investigations: Unravelling digital clues- A survey study 在社交媒体取证调查中利用元数据:揭开数字线索--一项调查研究
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-07-08 DOI: 10.1016/j.fsidi.2024.301798
Akarshan Suryal
{"title":"Leveraging metadata in social media forensic investigations: Unravelling digital clues- A survey study","authors":"Akarshan Suryal","doi":"10.1016/j.fsidi.2024.301798","DOIUrl":"https://doi.org/10.1016/j.fsidi.2024.301798","url":null,"abstract":"<div><p>Survey study explores the pivotal role of metadata in forensic investigations within the realm of social media. Investigating digital clues embedded in metadata unveils a wealth of information crucial for understanding the authenticity and origin of online content. This study delves into the technical intricacies of metadata extraction, shedding light on its potential in verifying the chronology, geolocation, and user interactions on social platforms. By leveraging metadata, forensic experts can unravel the intricate web of digital footprints, enhancing the accuracy and efficiency of social media investigations. The findings of this study contribute to the evolving landscape of digital forensic techniques, addressing contemporary challenges in online information scrutiny.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":null,"pages":null},"PeriodicalIF":2.0,"publicationDate":"2024-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141594840","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信