Forensic Science International-Digital Investigation最新文献_第3页

Do You “Relay” Want to Give Me Away? – Forensic Cues of Smart Relays and Their IoT Companion Apps 你的 "继电器 "想把我送走吗？- 智能继电器及其物联网配套应用程序的取证线索

IF 2 4区医学

Forensic Science International-Digital Investigation Pub Date : 2024-10-01 DOI: 10.1016/j.fsidi.2024.301810

Maximilian Eichhorn, Gaston Pugliese

引用次数: 0

Forensically analyzing IoT smart camera using MAoIDFF-IoT framework 利用 MAoIDFF-IoT 框架对物联网智能摄像头进行取证分析

IF 2 4区医学

Forensic Science International-Digital Investigation Pub Date : 2024-09-17 DOI: 10.1016/j.fsidi.2024.301829

Yaman Salem, Mohammad M.N. Hamarsheh

引用次数: 0

Examining and detecting academic misconduct in written documents using revision save identifier numbers in MS Word as exemplified by multiple scenarios 使用 MS Word 中的修订保存标识符编号检查和检测书面文件中的学术不端行为，并通过多种情景加以说明

IF 2 4区医学

Forensic Science International-Digital Investigation Pub Date : 2024-09-10 DOI: 10.1016/j.fsidi.2024.301821

Dirk HR. Spennemann , Rudolf J. Spennemann , Clare L. Singh

{"title":"Examining and detecting academic misconduct in written documents using revision save identifier numbers in MS Word as exemplified by multiple scenarios","authors":"Dirk HR. Spennemann , Rudolf J. Spennemann , Clare L. Singh","doi":"10.1016/j.fsidi.2024.301821","DOIUrl":"10.1016/j.fsidi.2024.301821","url":null,"abstract":"<div><p>Deliberate academic misconduct by students often relies on the use of segments of externally authored text, generated either by commercial contract authoring services or by generative Artificial intelligence language models. While revision save identifier (rsid) numbers in Microsoft Word files are associated with edit and save actions of a document, MS Word does not adhere to the ECMA specifications for the Office Open XML. Existing literature shows that digital forensics using rsid requires access to multiple document versions or the user's machine. In cases of academic misconduct allegations usually only the submitted files are available for digital forensic examination, coupled with assertions by the alleged perpetrators about the document generation and editing process This paper represents a detailed exploratory study that provides educators and digital forensic scientists with tools to examine a single document for the veracity of various commonly asserted scenarios of document generation and editing. It is based on a series of experiments that ascertained whether and how common edit and document generation actions such as copy, paste, insertion of blocks of texts from other documents, leave tell-tale traces in the rsid encoding that is embedded in all MS Word documents. While digital forensics can illuminate document generation processes, the actions that led to these may have innocuous explanations. In consequence, this paper also provides academic misconduct investigators with a set of prompts to guide the interview with alleged perpetrators to glean the information required for cross-correlation with observations based on the rsid data.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":null,"pages":null},"PeriodicalIF":2.0,"publicationDate":"2024-09-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2666281724001458/pdfft?md5=1c46f6d9d5928150f3f10e0b2c0b28f0&pid=1-s2.0-S2666281724001458-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142164106","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Forensic analysis and data decryption of tencent meeting in windows environment Windows 环境下腾讯会议的取证分析和数据解密

IF 2 4区医学

Forensic Science International-Digital Investigation Pub Date : 2024-08-28 DOI: 10.1016/j.fsidi.2024.301818

Soojin Kang , Uk Hur , Giyoon Kim , Jongsung Kim

引用次数: 0

Navigating the digital labyrinth: Forensics in the age of AI 驾驭数字迷宫：人工智能时代的取证

IF 2 4区医学

Forensic Science International-Digital Investigation Pub Date : 2024-08-28 DOI: 10.1016/j.fsidi.2024.301820

引用次数: 0

SFormer: An end-to-end spatio-temporal transformer architecture for deepfake detection SFormer：用于深度伪造检测的端到端时空变换器架构

IF 2 4区医学

Forensic Science International-Digital Investigation Pub Date : 2024-08-27 DOI: 10.1016/j.fsidi.2024.301817

Staffy Kingra , Naveen Aggarwal , Nirmal Kaur

{"title":"SFormer: An end-to-end spatio-temporal transformer architecture for deepfake detection","authors":"Staffy Kingra , Naveen Aggarwal , Nirmal Kaur","doi":"10.1016/j.fsidi.2024.301817","DOIUrl":"10.1016/j.fsidi.2024.301817","url":null,"abstract":"<div><p>Growing AI advancements are continuously pacing GAN enhancement that eventually facilitates the generation of deepfake media. Manipulated media poses serious risks pertaining court proceedings, journalism, politics, and many more where digital media have a substantial impact on society. State-of-the-art techniques for deepfake detection rely on convolutional networks for spatial analysis, and recurrent networks for temporal analysis. Since transformers are capable of recognizing wide-range dependencies with a global spatial view and along temporal sequence too, a novel approach called “SFormer” is proposed in this paper, utilizing a transformer architecture for both spatial and temporal analysis to detect deepfakes. Further, state-of-the-art techniques suffer from high computational complexity and overfitting which causes loss in generalizability. The proposed model utilized a Swin Transformer for spatial analysis that resulted in low complexity, thereby enhancing its generalization ability and robustness against the different manipulation types. Proposed end-to-end transformer based model, SFormer, is proven to be effective for numerous deepfake datasets, including FF++, DFD, Celeb-DF, DFDC and Deeper-Forensics, and achieved an accuracy of 100%, 97.81%, 99.1%, 93.67% and 100% respectively. Moreover, SFormer has demonstrated superior performance compared to existing spatio-temporal and transformer-based approaches for deepfake detection.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":null,"pages":null},"PeriodicalIF":2.0,"publicationDate":"2024-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142083968","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Response from author 提交人的答复

IF 2 4区医学

Forensic Science International-Digital Investigation Pub Date : 2024-07-16 DOI: 10.1016/j.fsidi.2024.301803

Simon Ebbers

引用次数: 0

Towards a practical usage for the Sleuth Kit supporting file system add-ons 实现支持文件系统附加组件的 Sleuth Kit 的实际用途

IF 2 4区医学

Forensic Science International-Digital Investigation Pub Date : 2024-07-13 DOI: 10.1016/j.fsidi.2024.301799

Yeonghun Shin , Taeshik Shon

{"title":"Towards a practical usage for the Sleuth Kit supporting file system add-ons","authors":"Yeonghun Shin , Taeshik Shon","doi":"10.1016/j.fsidi.2024.301799","DOIUrl":"https://doi.org/10.1016/j.fsidi.2024.301799","url":null,"abstract":"<div><p>Most modern digital devices with storage utilize a file system to manage files and directories. Consequently, when digital forensic investigators derive evidence from such devices, they collect and analyze data stored on them through file system analysis. However, there are numerous types of file systems, with new ones continually being developed. Each file system possesses a distinct metadata structure and file management system. Therefore, investigators must possess prior knowledge of the specific file system being examined. Nevertheless, it is challenging for practitioners to be knowledgeable about all existing file systems. To address this issue, forensic software such as The Sleuth Kit (TSK), an open-source forensic tool, is employed for investigations. However, even these tools may not offer complete support for relatively recent file systems.</p><p>Hence, we propose a structure for integrating a new file system into the open-source forensic tool TSK. Additionally, to validate this proposed structure, we demonstrate that support for five file systems (Ext4, XFS, Btrfs, F2FS, and Hikvision) can be added following this framework. To achieve this, we conducted an analysis of the metadata and file management scheme for these five file systems. Furthermore, we examined the operational procedures of the TSK framework. Based on these analyses, investigation capabilities for the five file systems have been incorporated into TSK. Moreover, reliability verification experiments were conducted on the developed tools; and performance evaluation was carried out in comparison with other commercial digital forensic tools. The findings of this study can serve as a foundation for future forensic studies based on file systems. Additionally, the TSK developed based on the proposed structure can assist investigators in conducting digital forensics effectively.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":null,"pages":null},"PeriodicalIF":2.0,"publicationDate":"2024-07-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141606950","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Money laundering through video games, a criminals' playground 通过电子游戏洗钱，犯罪分子的乐园

IF 2 4区医学

Forensic Science International-Digital Investigation Pub Date : 2024-07-13 DOI: 10.1016/j.fsidi.2024.301802

Dan Cooke , Angus Marshall

{"title":"Money laundering through video games, a criminals' playground","authors":"Dan Cooke , Angus Marshall","doi":"10.1016/j.fsidi.2024.301802","DOIUrl":"https://doi.org/10.1016/j.fsidi.2024.301802","url":null,"abstract":"<div><p>Money laundering and video games provide opportunities to criminals for easier and less detectable methods of performing money laundering. These actions may be used as part of a system of transactions, by these criminals, to further disguise the origins of their funds. The use of videogames as a tool to launder money is something that has been only briefly explored. This work identifies the ways that money laundering through video game secondary marketplaces can offer benefits to criminals looking to launder money, versus the use of traditional money laundering methods.</p><p>We explore the potential for using publicly accessible data, such as that available from the Steam Marketplace, to identify suspicious transactions that may indicate the existence of money laundering within these platforms. This research focused on identifying irregularities in the frequency and quantity of trades on the Steam Marketplace.</p><p>The results of this investigation show that identifying, using very simple money laundering detection methods, possible cases of money laundering within transactional data from the Steam Marketplace is possible. The data used shows that there were several suspicious transactions and accounts which could warrant further investigation, and may be involved in activity which represents money laundering. As a result of this, there is scope for further investigations using larger data sets and examination of other publicly accessible data using a greater range of methods to identify suspicious transactions including, but not limited to, value of transactions and location.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":null,"pages":null},"PeriodicalIF":2.0,"publicationDate":"2024-07-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2666281724001264/pdfft?md5=843f79ae7978a79c885020e2a44ce53d&pid=1-s2.0-S2666281724001264-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141606951","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Forensic analysis of OpenAI's ChatGPT mobile application 对 OpenAI 的 ChatGPT 移动应用程序的取证分析

IF 2 4区医学

Forensic Science International-Digital Investigation Pub Date : 2024-07-10 DOI: 10.1016/j.fsidi.2024.301801

Evangelos Dragonas , Costas Lambrinoudakis , Panagiotis Nakoutis

{"title":"Forensic analysis of OpenAI's ChatGPT mobile application","authors":"Evangelos Dragonas , Costas Lambrinoudakis , Panagiotis Nakoutis","doi":"10.1016/j.fsidi.2024.301801","DOIUrl":"https://doi.org/10.1016/j.fsidi.2024.301801","url":null,"abstract":"<div><p>Since its public launch, OpenAI's ChatGPT has achieved significant success, attracting millions of users within the first few months of its release. Although numerous similar applications have emerged, none have yet matched the success of OpenAI's ChatGPT. Last year, OpenAI released the ChatGPT mobile app. This application serves a broad range of uses, some of which may be malicious and, unfortunately, it has not yet been parsed by either commercial or open-source tools. Nevertheless, the data stored by this application, such as JSON files that store a user's conversations with ChatGPT, can be instrumental in attributing user actions, discerning perpetrators' knowledge and motivations, and resolving practical investigations. In this paper, OpenAI's ChatGPT mobile application is examined on both Android and iOS operating systems, focusing on potential evidentiary data within. The cloud-native data associated with the app, which can be retrieved through user data export requests are also investigated. The primary objective of this study is to discover artifacts that investigators can use in real-world cases involving this mobile app. Additionally, the authors have contributed to FOSS to support professionals in this field.</p></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":null,"pages":null},"PeriodicalIF":2.0,"publicationDate":"2024-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141596810","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0