Forensic Science International-Digital Investigation最新文献

Thumb: A forensic automation framework leveraging MLLMs and OCR on Android device Thumb：在Android设备上利用mlm和OCR的取证自动化框架

IF 2 4区医学

Forensic Science International-Digital Investigation Pub Date : 2025-06-17 DOI: 10.1016/j.fsidi.2025.301949

Dingjie Shang, Amin Sakzad, Stuart W. Hall

引用次数: 0

DrIfTeR: A Drone Identification Technique using RF signals 一种使用射频信号的无人机识别技术

IF 2 4区医学

Forensic Science International-Digital Investigation Pub Date : 2025-06-16 DOI: 10.1016/j.fsidi.2025.301948

Pankaj Choudhary , Vikas Sihag , Gaurav Choudhary , Nicola Dragoni

{"title":"DrIfTeR: A Drone Identification Technique using RF signals","authors":"Pankaj Choudhary , Vikas Sihag , Gaurav Choudhary , Nicola Dragoni","doi":"10.1016/j.fsidi.2025.301948","DOIUrl":"10.1016/j.fsidi.2025.301948","url":null,"abstract":"<div><div>The civilian drone market is experiencing explosive growth, with projections estimating it will hit USD 54.81 billion by 2030. This surge in drone numbers brings with it significant privacy and security challenges. To defend critical infrastructure and safeguard personal privacy from misuse, an effective drone detection system has become essential. There is a demand for detection solution that is not only efficient and accurate but also robust, cost-effective, and scalable to meet the evolving needs of this rapidly expanding field. In this paper, we present DrIfTeR, a drone detection, identification and classification model based on the radio frequency signals. Firstly we employ wavelet domain extraction and 3-stage wavelet decomposition during RF signal preprocessing. Secondly, we employ traditional machine learning, deep learning and ensemble learning models to evaluate effectiveness. Thirdly, we evaluate performance of DrIfTeR against drone detection, drone manufacturer identification and drone model identification. The performance of the approach is evaluated against benchmark dataset and is found to be effective and accurate.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"54 ","pages":"Article 301948"},"PeriodicalIF":2.0,"publicationDate":"2025-06-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144290613","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Decrypting messages: Extracting digital evidence from signal desktop for windows 解密消息：从windows的信号桌面中提取数字证据

IF 2 4区医学

Forensic Science International-Digital Investigation Pub Date : 2025-06-10 DOI: 10.1016/j.fsidi.2025.301941

Gonçalo Paulino , Miguel Negrão , Miguel Frade , Patrício Domingues

引用次数: 0

Autocrime - open multimodal platform for combating organized crime 自动犯罪-打击有组织犯罪的开放式多模式平台

IF 2 4区医学

Forensic Science International-Digital Investigation Pub Date : 2025-06-03 DOI: 10.1016/j.fsidi.2025.301937

Srikanth Madikeri , Petr Motlicek , Dairazalia Sanchez-Cortes , Pradeep Rangappa , Joshua Hughes , Jakub Tkaczuk , Alejandra Sanchez Lara , Driss Khalil , Johan Rohdin , Dawei Zhu , Aravind Krishnan , Dietrich Klakow , Zahra Ahmadi , Marek Kováč , Dominik Boboš , Costas Kalogiros , Andreas Alexopoulos , Denis Marraud

{"title":"Autocrime - open multimodal platform for combating organized crime","authors":"Srikanth Madikeri , Petr Motlicek , Dairazalia Sanchez-Cortes , Pradeep Rangappa , Joshua Hughes , Jakub Tkaczuk , Alejandra Sanchez Lara , Driss Khalil , Johan Rohdin , Dawei Zhu , Aravind Krishnan , Dietrich Klakow , Zahra Ahmadi , Marek Kováč , Dominik Boboš , Costas Kalogiros , Andreas Alexopoulos , Denis Marraud","doi":"10.1016/j.fsidi.2025.301937","DOIUrl":"10.1016/j.fsidi.2025.301937","url":null,"abstract":"<div><div>A criminal investigation is a labor-intensive work requiring expert knowledge from several disciplines. Due to a large amount of heterogeneous data available from several modalities (i.e., audio/speech, text, video, non-content data), its processing raises many challenges. It may become impossible for law enforcement agents to deal with large amounts of highly-diverse data, especially for cross-border investigations focused on organized crime. ROXANNE EC H2020 project developed an all-in-one investigation platform for processing such diverse data. The platform mainly focuses on analyzing lawfully intercepted telephone conversations extended by non-content data (e.g., metadata related to the calls, time/spatial positions, and data collected from social media). Several state-of-the-art components are integrated into the pipeline, including speaker identification, automatic speech recognition, and named entity detection. With information extracted from this pipeline, the platform builds multiple knowledge graphs that capture phone and speaker criminal network interactions, including the central network and their clans. After hands-on sessions, law enforcement agents found the Autocrime platform easy to understand and highlighted its innovative, multi-technology functionalities that streamline forensic investigations, reducing manual effort. The AI-powered platform marks a significant first step toward creating an open investigative tool that combines advanced speech, text, and video processing algorithms with criminal network analysis, aimed at mitigating organized crime.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"54 ","pages":"Article 301937"},"PeriodicalIF":2.0,"publicationDate":"2025-06-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144205090","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Navigating the digital frontier – Key themes in digital forensics 导航数字前沿-数字取证的关键主题

IF 2 4区医学

Forensic Science International-Digital Investigation Pub Date : 2025-06-01 DOI: 10.1016/j.fsidi.2025.301940

Zeno Geradts

引用次数: 0

Digital forensics in law enforcement: A case study of LLM-driven evidence analysis 执法中的数字取证：法学硕士驱动的证据分析案例研究

IF 2 4区医学

Forensic Science International-Digital Investigation Pub Date : 2025-05-28 DOI: 10.1016/j.fsidi.2025.301939

Kyung-Jong Kim , Chan-Hwi Lee , So-Eun Bae , Ju-Hyun Choi , Wook Kang

引用次数: 0

Argus: A new approach for forensic analysis of apps on mobile devices Argus：对移动设备上的应用程序进行取证分析的新方法

IF 2 4区医学

Forensic Science International-Digital Investigation Pub Date : 2025-05-27 DOI: 10.1016/j.fsidi.2025.301938

Abdul Boztas, Jeroen De Jong, Christos Hadjigeorghiou

{"title":"Argus: A new approach for forensic analysis of apps on mobile devices","authors":"Abdul Boztas, Jeroen De Jong, Christos Hadjigeorghiou","doi":"10.1016/j.fsidi.2025.301938","DOIUrl":"10.1016/j.fsidi.2025.301938","url":null,"abstract":"<div><div>The availability of a multitude of apps on mobile devices offers many investigative opportunities due to the large amount of information on all kinds of activities stored by these apps. On the other hand, it also creates problems because it can be difficult to identify the location of relevant information and to properly interpret the great number of digital traces stored by apps. This is especially true for apps currently not supported by commercial forensic tools. This calls for the development of new tools that can quickly analyse specific applications and identify all files containing important information.</div><div>In this paper, we introduce the Argus tool for dynamically analysing apps on mobile devices. Argus monitors the file system on mobile devices to quickly identify which files have been modified, deleted, or created as a result of actions performed on the device, such as using an app. The Argus tool supports physical iOS and Android devices, as well as Android and iOS emulators.</div><div>The results of Argus experiments are stored locally on the computer conducting the experiment, but Argus also offers the option to publish and share these results in a forensic artifacts reference database called Aardwolf, accessible at https://www.aardwolfproject.eu.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"53 ","pages":"Article 301938"},"PeriodicalIF":2.0,"publicationDate":"2025-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144147941","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Unearthing the hidden path of MANET's nodes with signal strength measurements: Forensics challenges, survey and a novel approach for data collection, preservation and examination 通过信号强度测量揭示MANET节点的隐藏路径：取证挑战、调查和数据收集、保存和检查的新方法

IF 2 4区医学

Forensic Science International-Digital Investigation Pub Date : 2025-05-16 DOI: 10.1016/j.fsidi.2025.301916

Omar Ragheb , Mena Safwat , Marianne A. Azer

{"title":"Unearthing the hidden path of MANET's nodes with signal strength measurements: Forensics challenges, survey and a novel approach for data collection, preservation and examination","authors":"Omar Ragheb , Mena Safwat , Marianne A. Azer","doi":"10.1016/j.fsidi.2025.301916","DOIUrl":"10.1016/j.fsidi.2025.301916","url":null,"abstract":"<div><div>Mobile Ad hoc Networks (MANETs) are self-configuring networks of mobile devices that communicate with each other without the need for infrastructure. This makes them highly flexible and adaptable to changing environments, making them ideal for applications such as transportation and tactical domains. However, the mobility feature of the network poses new challenges for digital forensics investigators due to their specific characteristics. One challenge is how the investigator can prove the Chain of Custody (COC) in court in this highly volatile network to ensure the integrity of the evidence. This paper studies the forensic challenges in several wireless technologies, including the Internet of Things (IoT), Vehicular Ad-hoc Networks (VANETs), and, especially in Mobile Ad-hoc Networks (MANETs), critically reviews several approaches to cover the challenges, and also proposes a novel digital forensics framework that is built on Fog Computing (FC). Using regular communication signal strength measurements, the proposed framework enables investigators to learn details about nodes' locations over time and mobility characteristics without requiring changes to communication protocols or overwhelming nodes with additional tasks. This can help to ensure the availability and integrity of the digital evidence and its admissibility in court. Additionally, the paper suggests a novel automated detection technique for Hello Flood attacks in ad-hoc networks. The viability of the approach has been demonstrated on a network simulator.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"53 ","pages":"Article 301916"},"PeriodicalIF":2.0,"publicationDate":"2025-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144071062","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Infotainment system Forensics: Ford SYNC 3 gen 2 infotainment system as a use case 信息娱乐系统取证：以福特SYNC 3代信息娱乐系统为例

IF 2 4区医学

Forensic Science International-Digital Investigation Pub Date : 2025-05-15 DOI: 10.1016/j.fsidi.2025.301917

Nils Antonson , Darren Quick , Kim-Kwang Raymond Choo

{"title":"Infotainment system Forensics: Ford SYNC 3 gen 2 infotainment system as a use case","authors":"Nils Antonson , Darren Quick , Kim-Kwang Raymond Choo","doi":"10.1016/j.fsidi.2025.301917","DOIUrl":"10.1016/j.fsidi.2025.301917","url":null,"abstract":"<div><div>The digital era is ushering in the next generation of motor vehicles supported by dozens of dispersed electronic control units (ECUs) communicating with each other over controller area networks (e.g., CAN bus). Each ECU is responsible for a specific set of functions. For example, built-in cellular modems, typically part of the telecommunication control unit (TCU), are used to call first responders when a crash is detected, but also surreptitiously send back vehicle telematics, and enable convenient features such as remote unlock/lock, remote start, and log the GPS position of the automobile into the cloud. Potentially, every input by the driver is logged and recorded within these ECUs. Indeed, modern automobiles are inadvertently equipped with proverbial black boxes. As a result, a new subdivision of digital forensics to extract and analyze this black box data is emerging. Smart vehicle forensics, also known as digital vehicle forensics (DVF), enables investigators to examine data produced by and stored inside automobiles. The infotainment system typically holds the most valuable data because it contains GPS tracklogs, artifacts left behind from paired mobile devices, and receives data from many other modules within the automobile. Therefore, DVF primarily focuses on the automobiles infotainment system, and specializes in extracting and analyzing stored electronic data. Law enforcement is increasingly becoming aware and making use of this new source of data. It is only a matter of time and budget before DVF investigations become routine and common practice.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"53 ","pages":"Article 301917"},"PeriodicalIF":2.0,"publicationDate":"2025-05-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143947549","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Leveraging self-supervised learning for scene classification in child sexual abuse imagery 利用自监督学习对儿童性虐待图像进行场景分类

IF 2 4区医学

Forensic Science International-Digital Investigation Pub Date : 2025-05-15 DOI: 10.1016/j.fsidi.2025.301918

Pedro H.V. Valois , João Macedo , Leo S.F. Ribeiro , Jefersson A. dos Santos , Sandra Avila

{"title":"Leveraging self-supervised learning for scene classification in child sexual abuse imagery","authors":"Pedro H.V. Valois , João Macedo , Leo S.F. Ribeiro , Jefersson A. dos Santos , Sandra Avila","doi":"10.1016/j.fsidi.2025.301918","DOIUrl":"10.1016/j.fsidi.2025.301918","url":null,"abstract":"<div><div>Crime in the 21st century is split into a virtual and real world. However, the former has become a global menace to people's well-being and security in the latter. The challenges it presents must be faced with unified global cooperation, and we must rely more than ever on automated yet trustworthy tools to combat the ever-growing nature of online offenses. Over 10 million child sexual abuse reports are submitted to the US National Center for Missing & Exploited Children every year, and over 80% originate from online sources. Therefore, investigation centers cannot manually process and correctly investigate all imagery. In light of that, reliable automated tools that can securely and efficiently deal with this data are paramount. In this sense, the scene classification task looks for contextual cues in the environment, being able to group and classify child sexual abuse data without requiring to be trained on sensitive material. The scarcity and limitations of working with child sexual abuse images lead to self-supervised learning, a machine-learning methodology that leverages unlabeled data to produce powerful representations that can be more easily transferred to downstream tasks. This work shows that self-supervised deep learning models pre-trained on scene-centric data can reach 71.6% balanced accuracy on our indoor scene classification task and, on average, 2.2 percentage points better performance than a fully supervised version. We cooperate with Brazilian Federal Police experts to evaluate our indoor classification model on actual child abuse material. The results demonstrate a notable discrepancy between the features observed in widely used scene datasets and those depicted on sensitive materials.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"53 ","pages":"Article 301918"},"PeriodicalIF":2.0,"publicationDate":"2025-05-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143947548","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0