发布求助
文献互助 智能选刊 最新文献

Forensic Science International-Digital Investigation最新文献

筛选
英文 中文
Commentary:- Can I use that tool? 评论:- 我能使用那个工具吗?
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-11-17 DOI: 10.1016/j.fsidi.2024.301843
Graeme Horsman
{"title":"Commentary:- Can I use that tool?","authors":"Graeme Horsman","doi":"10.1016/j.fsidi.2024.301843","DOIUrl":"10.1016/j.fsidi.2024.301843","url":null,"abstract":"<div><div>The decision as to whether a given tool can be used for the purposes of conducting a digital forensic examination of a device and its data may seem straightforward, but it is not. As part of their work, practitioners must always seek to identify and use tools that are appropriate for their investigative tasks, deploy them reliably within an applicable scenario, and be able to trust and understand the results that they provide. Before they can begin to do this, they must first ask themselves the question - ‘<em>can I use that tool?</em>‘, where this work considers how a practitioner may begin to formulate an answer. By unpacking the hidden complexity of this question, it is suggested that five sub-questions must be explored by any practitioner when seeking to use a tool, namely - (1) ‘<em>what does that tool do?</em>‘; (2) ‘<em>how do I use that tool?</em>‘; (3) ‘<em>how does the tool do it?</em>‘; (4) ‘<em>does the tool do it properly?</em>’ and (5) ‘<em>should I use the tool?</em>‘. This work discusses each in turn and the risks they pose to a practitioner.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"51 ","pages":"Article 301843"},"PeriodicalIF":2.0,"publicationDate":"2024-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142661146","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Temporal metadata analysis: A learning classifier system approach 时态元数据分析:学习分类系统方法
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-10-30 DOI: 10.1016/j.fsidi.2024.301842
Michael C. Todd, Gilbert L. Peterson
{"title":"Temporal metadata analysis: A learning classifier system approach","authors":"Michael C. Todd,&nbsp;Gilbert L. Peterson","doi":"10.1016/j.fsidi.2024.301842","DOIUrl":"10.1016/j.fsidi.2024.301842","url":null,"abstract":"<div><div>Digital forensics is a complex field that requires expert knowledge (EK) and specialized tools to collect, analyze, and report on digital evidence. Temporal metadata analysis is particularly challenging, requiring expert knowledge to understand and interpret underlying traces and associate them with their source. This paper introduces Digital Trace Inspector (DTI), a Learning Classifier System (LCS)-based decision support tool for temporal metadata analysis. DTI leverages a binary Michigan-style LCS to locate and group corroborating temporal digital traces of targeted user activity. Rules are built from expert-created atomics encoded as feature vectors using patterns defined in a structured EK rule framework. The system is evaluated on 10 scenarios of typical user behavior on a Windows 10 workstation. Results show that all models achieved perfect recall, had an average F1 score of 0.98, and required little training data.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"51 ","pages":"Article 301842"},"PeriodicalIF":2.0,"publicationDate":"2024-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142539540","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Uncertainty and error in location traces 定位跟踪的不确定性和误差
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-10-16 DOI: 10.1016/j.fsidi.2024.301841
Cléo Berger, Benoît Meylan, Thomas R. Souvignet
{"title":"Uncertainty and error in location traces","authors":"Cléo Berger,&nbsp;Benoît Meylan,&nbsp;Thomas R. Souvignet","doi":"10.1016/j.fsidi.2024.301841","DOIUrl":"10.1016/j.fsidi.2024.301841","url":null,"abstract":"<div><div>Location traces are highly informative because of their potential to infer physical activity or presence. Their prevalence has increased largely due to the rise of digital devices, their encompassed location-based services and other positioning technologies (<span><span>Raubal et al., 2004</span></span>). However, there is little research that explores and supports their exploitation, which hampers the confidence that can be placed in it. Location traces are indeed subject to uncertainty and errors, notably in their production and exploitation processes. This article aims to shed some light on the uncertainty and errors associated with smartphone location traces and calls for research to be developed on that topic. Several empirical examples are developed throughout the article to better illustrate these issues.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"51 ","pages":"Article 301841"},"PeriodicalIF":2.0,"publicationDate":"2024-10-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142442388","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Competence in digital forensics 数字取证能力
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-10-11 DOI: 10.1016/j.fsidi.2024.301840
Graeme Horsman , Andrew Dodd
{"title":"Competence in digital forensics","authors":"Graeme Horsman ,&nbsp;Andrew Dodd","doi":"10.1016/j.fsidi.2024.301840","DOIUrl":"10.1016/j.fsidi.2024.301840","url":null,"abstract":"<div><div>Those practising in the field of digital forensics must be competent to conduct the work they carry out, and such competence must also be evidenced and assessed. Those seeking to demonstrate staff competence must consider what tasks and roles it is being sought for, how it is achieved, what is an acceptable level of performance for a task, and how to evidence and assess any claimed competence. This work intends to explore the multifaceted nature of competence within the field of digital forensics, examining how it is developed, assessed, and maintained in an era characterised by continuous technological advancement. Discussions are also linked to the requirements defined in the accreditation framework ISO/IEC 17025:2017 which governs the digital forensic landscape in England and Wales. We hope to contribute to the ongoing discourse on elevating standards and fostering excellence in the science of digital forensics.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"51 ","pages":"Article 301840"},"PeriodicalIF":2.0,"publicationDate":"2024-10-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142419961","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
“What you say in the lab, stays in the lab”: A reflexive thematic analysis of current challenges and future directions of digital forensic investigations in the UK "实验室里说的话,就留在实验室里":对英国数字取证调查当前挑战和未来方向的反思性专题分析
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-10-09 DOI: 10.1016/j.fsidi.2024.301839
Magdalene Ng , Jade James , Ray Bull
{"title":"“What you say in the lab, stays in the lab”: A reflexive thematic analysis of current challenges and future directions of digital forensic investigations in the UK","authors":"Magdalene Ng ,&nbsp;Jade James ,&nbsp;Ray Bull","doi":"10.1016/j.fsidi.2024.301839","DOIUrl":"10.1016/j.fsidi.2024.301839","url":null,"abstract":"<div><div>Despite digital evidence nowadays playing a major role in criminal investigations and being intrinsic to almost every criminal trial, research in digital forensics (DF) and national approaches to digital evidence in relation to investigating officers and court personnel remain almost non-existent. This research seeks to remedy this issue by qualitatively examining the accounts and experiences of 16 digital forensic investigators (DFIs) in England and Wales who took part in semi-structured interviews. We analyzed the data using a reflexive thematic analysis and identified four overarching themes: (i) Navigating tensions with investigating officers (that has a subtheme of ‘Tensions with legal professionals and challenges navigating court theatrics’) (ii) The psychological, emotional, and existential challenges confronted by DFIs; (iii) Identifying the potential and pitfalls of automation and AI in DF and (iv) The centrality of academia in the advancement of DF (that has a subtheme of ‘Validation of tools as a crucial step in digital forensics’). These new findings reveal that DFIs encounter significant demands to perform well and are continuously overburdened while juggling many roles. This research serves as a pivotal starting point for broader discussions.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"51 ","pages":"Article 301839"},"PeriodicalIF":2.0,"publicationDate":"2024-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142419960","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Decoding digital interactions: An extensive study of TeamViewer's Forensic Artifacts across Windows and android platforms 解码数字互动:跨 Windows 和安卓平台的 TeamViewer 取证工件的广泛研究
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-10-04 DOI: 10.1016/j.fsidi.2024.301838
Nishchal Soni , Manpreet Kaur , Khalid Aziz
{"title":"Decoding digital interactions: An extensive study of TeamViewer's Forensic Artifacts across Windows and android platforms","authors":"Nishchal Soni ,&nbsp;Manpreet Kaur ,&nbsp;Khalid Aziz","doi":"10.1016/j.fsidi.2024.301838","DOIUrl":"10.1016/j.fsidi.2024.301838","url":null,"abstract":"<div><div>The pervasive influence of digital technology has ushered in a new era of connectivity, reshaping the landscape of forensic science and challenging investigators to adapt to evolving methods of digital interaction. Remote access applications (RAAs) like TeamViewer have become integral tools for facilitating remote collaboration and support across various platforms. However, the widespread adoption of such applications has also led to an increase in cybercrimes, underscoring the critical need for meticulous forensic analysis. This study presents a comprehensive examination of TeamViewer's forensic artifacts across Windows and Android platforms, employing advanced forensic techniques such as registry analysis, disk forensics, memory forensics, and Android forensics. By meticulously dissecting digital evidence and uncovering valuable insights into user interactions, configuration settings, and session dynamics, this research aims to enhance understanding of remote access activities and empower forensic investigators with the tools needed to combat cybercrimes effectively. The findings highlight the forensic significance of each investigative approach and underscore the importance of continuous innovation in the field of digital forensics.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"51 ","pages":"Article 301838"},"PeriodicalIF":2.0,"publicationDate":"2024-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142419962","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Exploring the potential of large language models for author profiling tasks in digital text forensics 探索大型语言模型在数字文本取证中用于作者特征描述任务的潜力
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-10-01 DOI: 10.1016/j.fsidi.2024.301814
Sang-Hyun Cho , Dohyun Kim , Hyuk-Chul Kwon , Minho Kim
{"title":"Exploring the potential of large language models for author profiling tasks in digital text forensics","authors":"Sang-Hyun Cho ,&nbsp;Dohyun Kim ,&nbsp;Hyuk-Chul Kwon ,&nbsp;Minho Kim","doi":"10.1016/j.fsidi.2024.301814","DOIUrl":"10.1016/j.fsidi.2024.301814","url":null,"abstract":"<div><div>The rapid advancement of large language models (LLMs) has opened up new possibilities for various natural language processing tasks. This study explores the potential of LLMs for author profiling in digital text forensics, which involves identifying characteristics such as age and gender from writing style—a crucial task in forensic investigations of anonymous or pseudonymous communications. Experiments were conducted using state-of-the-art LLMs, including Polyglot, EEVE, and Bllossom, to evaluate their performance in author profiling. Different fine-tuning strategies, such as full fine-tuning, Low-Rank Adaptation (LoRA), and Quantized LoRA (QLoRA), were compared to determine the most effective methods for adapting LLMs to the specific needs of this task. The results show that fine-tuned LLMs can effectively predict authors’ age and gender based on their writing styles, with Polyglot-based models generally outperforming EEVE and Bllossom models. Additionally, LoRA and QLoRA strategies significantly reduce computational costs and memory requirements while maintaining performance comparable to full fine-tuning. However, error analysis reveals limitations in the current LLM-based approach, including difficulty in capturing subtle linguistic variations across age groups and potential biases from pre-training data. These challenges are discussed and future research directions to address them are proposed. This study underscores the potential of LLMs in author profiling for digital text forensics, suggesting promising avenues for further exploration and refinement.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"50 ","pages":"Article 301814"},"PeriodicalIF":2.0,"publicationDate":"2024-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142530440","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
DFRWS EURO 2025 Brno DFRWS 2025 年布尔诺欧洲杯
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-10-01 DOI: 10.1016/S2666-2817(24)00160-4
{"title":"DFRWS EURO 2025 Brno","authors":"","doi":"10.1016/S2666-2817(24)00160-4","DOIUrl":"10.1016/S2666-2817(24)00160-4","url":null,"abstract":"","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"50 ","pages":"Article 301834"},"PeriodicalIF":2.0,"publicationDate":"2024-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142530443","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Nintendo 3DS forensics: A secondhand case study 任天堂 3DS 取证:二手案例研究
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-10-01 DOI: 10.1016/j.fsidi.2024.301815
Huw O.L. Read , Konstantinos Xynos , Iain Sutherland , Matthew Bovee , Clyde Tamburro
{"title":"Nintendo 3DS forensics: A secondhand case study","authors":"Huw O.L. Read ,&nbsp;Konstantinos Xynos ,&nbsp;Iain Sutherland ,&nbsp;Matthew Bovee ,&nbsp;Clyde Tamburro","doi":"10.1016/j.fsidi.2024.301815","DOIUrl":"10.1016/j.fsidi.2024.301815","url":null,"abstract":"<div><div>Computer and console-based video games are an important part of the entertainment industry. Such devices may be found in evidence lockers as part of investigations, or overlooked as their intrinsic value to an investigation may not be well-understood. Modern games consoles provide network connectivity and functionality that allows a significant degree of interaction via peer-to-peer connections and/or the Internet. These gaming consoles store settings, user preferences, user information, and can capture photos, audio and video, all of which potentially contain forensic artifacts about a person of interest. Games consoles have a fixed lifespan, eventually superseded by newer models with an expanded range of capabilities. As there are significant numbers of consoles available on the secondhand market, there is clear evidence that older consoles remain in circulation even after production has ceased. What is unclear, however, is the actual extent of forensic data available within these consoles. This paper shares the results of a digital forensic case-study undertaken to assess what artifacts are retrievable based on ‘real-world’ dataset, particularly the aging, but popular Nintendo 3DS series. A total of 47 Nintendo 3DS/2DS handheld systems were purchased secondhand. They were forensically imaged then examined to identify what artifacts are commonly found ‘in the wild’ on these often overlooked systems. Results presented in this paper provide guidance to digital forensic investigators of what may be realistically obtained from these non-traditional devices.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"50 ","pages":"Article 301815"},"PeriodicalIF":2.0,"publicationDate":"2024-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142530441","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
DFRWS USA 2025 Chicago 美国 2025 芝加哥
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-10-01 DOI: 10.1016/S2666-2817(24)00161-6
{"title":"DFRWS USA 2025 Chicago","authors":"","doi":"10.1016/S2666-2817(24)00161-6","DOIUrl":"10.1016/S2666-2817(24)00161-6","url":null,"abstract":"","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"50 ","pages":"Article 301835"},"PeriodicalIF":2.0,"publicationDate":"2024-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142530444","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信