发布求助
文献互助 智能选刊 最新文献

Forensic Science International-Digital Investigation最新文献

筛选
英文 中文
Towards a joint semantic analysis in mobile forensics environments 迈向移动取证环境下的联合语义分析
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-12-12 DOI: 10.1016/j.fsidi.2024.301846
Jian Xi , Melanie Siegel , Dirk Labudde , Michael Spranger
{"title":"Towards a joint semantic analysis in mobile forensics environments","authors":"Jian Xi ,&nbsp;Melanie Siegel ,&nbsp;Dirk Labudde ,&nbsp;Michael Spranger","doi":"10.1016/j.fsidi.2024.301846","DOIUrl":"10.1016/j.fsidi.2024.301846","url":null,"abstract":"<div><div>In recent years, mobile devices have become the dominant communication medium in our daily lives. This trend is also evident in the planning, arranging, and committing of criminal activities, particularly in organized crime. Accordingly, mobile devices have become an essential source of evidence for data analysts or investigators, especially in Law Enforcement Agencies (LEAs). However, communication via mobile devices generates vast amounts of data, rendering manual analysis impractical and resulting in growing backlogs of evidence awaiting analysis process, which can take months to years, thereby hindering investigations and trials. The automatic analysis of textual chat messages falls short because communication is not limited to the single modality, such as text, but instead spans multiple modalities, including voice messages, pictures, videos, and sometimes various messengers (channels). These modalities frequently overlap or interchange within the same communication, further complicating the analysis process. To achieve a correct and comprehensive understanding of such communication, it is essential to consider all modalities and channels through a consistent joint semantic analysis. This paper introduces a novel mobile forensics approach that enables efficient assessment of mobile data without losing semantic consistency by unifying <em>semantic concepts</em> across different modalities and channels. Additionally, a <em>knowledge-guided</em> topic modeling approach is proposed, integrating expertise into the investigation process to effectively examine large volumes of noisy mobile data. In this way, investigators can quickly identify evidentiary parts of the communication and completely facilitate reconstructing the course of events.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"52 ","pages":"Article 301846"},"PeriodicalIF":2.0,"publicationDate":"2024-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143141114","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An ontology for promoting controlled experimentation in digital forensics 促进数字取证控制实验的本体
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-12-06 DOI: 10.1016/j.fsidi.2024.301845
Thiago J. Silva , Ana H.B. Mazur , Edson OliveiraJr , Avelino F. Zorzo , Monalessa P. Barcellos
{"title":"An ontology for promoting controlled experimentation in digital forensics","authors":"Thiago J. Silva ,&nbsp;Ana H.B. Mazur ,&nbsp;Edson OliveiraJr ,&nbsp;Avelino F. Zorzo ,&nbsp;Monalessa P. Barcellos","doi":"10.1016/j.fsidi.2024.301845","DOIUrl":"10.1016/j.fsidi.2024.301845","url":null,"abstract":"<div><div>Experimentation is a crucial method in empirical inquiry and is widely applied in Computer Science. Controlled experimentation ensures reproducibility, transparency, and reliability of findings, making the process more formal. Digital forensics (DF) lacks formalization of controlled experimental processes, leading to inadequate and informal research, making findings less transparent, reproducible, and reliable. Furthermore, existing works in this area often lack detailed descriptions of the controlled experimental decision-making procedures. To address these issues, we developed an ontology to formalize the concepts and terms used in DF-controlled experiments. The ontology was constructed based on an existing conceptual model for DF-controlled experiments. The ontology's conceptual model is represented by UML class diagrams, and the OWL language was employed to code it. Moreover, the ontology underwent evaluation by researchers and experts in DF experimentation, with the results indicating the capability of the ontology to formalize DF experimental concepts. The contribution of this ontology is to assist DF researchers and practitioners in properly documenting their controlled experiments. This will enhance the formality of the experimental process and promote the findings' reproducibility, transparency, and reliability. For researchers, the ontology's main contribution lies in influencing how these experiments are conducted, potentially impacting their transfer to industry. Practitioners stand to benefit by adopting formal experimental procedures for testing, assessing, and acquiring DF-related technology.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"52 ","pages":"Article 301845"},"PeriodicalIF":2.0,"publicationDate":"2024-12-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143141116","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
DFPulse: The 2024 digital forensic practitioner survey DFPulse: 2024年数字法医从业者调查
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-12-01 DOI: 10.1016/j.fsidi.2024.301844
Christopher Hargreaves , Frank Breitinger , Liz Dowthwaite , Helena Webb , Mark Scanlon
{"title":"DFPulse: The 2024 digital forensic practitioner survey","authors":"Christopher Hargreaves ,&nbsp;Frank Breitinger ,&nbsp;Liz Dowthwaite ,&nbsp;Helena Webb ,&nbsp;Mark Scanlon","doi":"10.1016/j.fsidi.2024.301844","DOIUrl":"10.1016/j.fsidi.2024.301844","url":null,"abstract":"<div><div>This paper reports on the largest survey of digital forensic practitioners to date (DFPulse) conducted from March to May 2024 resulting in 122 responses. The survey collected information about practitioners' operating environments, the technologies they encounter, investigative techniques they use, the challenges they face, the degree to which academic research is accessed and useful to the practitioner community, and their suggested future research directions. The paper includes quantitative and qualitative results from the survey and a discussion of the implications for academia, the improvements that can be made, and future research directions.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"51 ","pages":"Article 301844"},"PeriodicalIF":2.0,"publicationDate":"2024-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142745261","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Commentary:- Can I use that tool? 评论:- 我能使用那个工具吗?
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-11-17 DOI: 10.1016/j.fsidi.2024.301843
Graeme Horsman
{"title":"Commentary:- Can I use that tool?","authors":"Graeme Horsman","doi":"10.1016/j.fsidi.2024.301843","DOIUrl":"10.1016/j.fsidi.2024.301843","url":null,"abstract":"<div><div>The decision as to whether a given tool can be used for the purposes of conducting a digital forensic examination of a device and its data may seem straightforward, but it is not. As part of their work, practitioners must always seek to identify and use tools that are appropriate for their investigative tasks, deploy them reliably within an applicable scenario, and be able to trust and understand the results that they provide. Before they can begin to do this, they must first ask themselves the question - ‘<em>can I use that tool?</em>‘, where this work considers how a practitioner may begin to formulate an answer. By unpacking the hidden complexity of this question, it is suggested that five sub-questions must be explored by any practitioner when seeking to use a tool, namely - (1) ‘<em>what does that tool do?</em>‘; (2) ‘<em>how do I use that tool?</em>‘; (3) ‘<em>how does the tool do it?</em>‘; (4) ‘<em>does the tool do it properly?</em>’ and (5) ‘<em>should I use the tool?</em>‘. This work discusses each in turn and the risks they pose to a practitioner.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"51 ","pages":"Article 301843"},"PeriodicalIF":2.0,"publicationDate":"2024-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142661146","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Temporal metadata analysis: A learning classifier system approach 时态元数据分析:学习分类系统方法
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-10-30 DOI: 10.1016/j.fsidi.2024.301842
Michael C. Todd, Gilbert L. Peterson
{"title":"Temporal metadata analysis: A learning classifier system approach","authors":"Michael C. Todd,&nbsp;Gilbert L. Peterson","doi":"10.1016/j.fsidi.2024.301842","DOIUrl":"10.1016/j.fsidi.2024.301842","url":null,"abstract":"<div><div>Digital forensics is a complex field that requires expert knowledge (EK) and specialized tools to collect, analyze, and report on digital evidence. Temporal metadata analysis is particularly challenging, requiring expert knowledge to understand and interpret underlying traces and associate them with their source. This paper introduces Digital Trace Inspector (DTI), a Learning Classifier System (LCS)-based decision support tool for temporal metadata analysis. DTI leverages a binary Michigan-style LCS to locate and group corroborating temporal digital traces of targeted user activity. Rules are built from expert-created atomics encoded as feature vectors using patterns defined in a structured EK rule framework. The system is evaluated on 10 scenarios of typical user behavior on a Windows 10 workstation. Results show that all models achieved perfect recall, had an average F1 score of 0.98, and required little training data.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"51 ","pages":"Article 301842"},"PeriodicalIF":2.0,"publicationDate":"2024-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142539540","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Uncertainty and error in location traces 定位跟踪的不确定性和误差
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-10-16 DOI: 10.1016/j.fsidi.2024.301841
Cléo Berger, Benoît Meylan, Thomas R. Souvignet
{"title":"Uncertainty and error in location traces","authors":"Cléo Berger,&nbsp;Benoît Meylan,&nbsp;Thomas R. Souvignet","doi":"10.1016/j.fsidi.2024.301841","DOIUrl":"10.1016/j.fsidi.2024.301841","url":null,"abstract":"<div><div>Location traces are highly informative because of their potential to infer physical activity or presence. Their prevalence has increased largely due to the rise of digital devices, their encompassed location-based services and other positioning technologies (<span><span>Raubal et al., 2004</span></span>). However, there is little research that explores and supports their exploitation, which hampers the confidence that can be placed in it. Location traces are indeed subject to uncertainty and errors, notably in their production and exploitation processes. This article aims to shed some light on the uncertainty and errors associated with smartphone location traces and calls for research to be developed on that topic. Several empirical examples are developed throughout the article to better illustrate these issues.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"51 ","pages":"Article 301841"},"PeriodicalIF":2.0,"publicationDate":"2024-10-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142442388","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Competence in digital forensics 数字取证能力
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-10-11 DOI: 10.1016/j.fsidi.2024.301840
Graeme Horsman , Andrew Dodd
{"title":"Competence in digital forensics","authors":"Graeme Horsman ,&nbsp;Andrew Dodd","doi":"10.1016/j.fsidi.2024.301840","DOIUrl":"10.1016/j.fsidi.2024.301840","url":null,"abstract":"<div><div>Those practising in the field of digital forensics must be competent to conduct the work they carry out, and such competence must also be evidenced and assessed. Those seeking to demonstrate staff competence must consider what tasks and roles it is being sought for, how it is achieved, what is an acceptable level of performance for a task, and how to evidence and assess any claimed competence. This work intends to explore the multifaceted nature of competence within the field of digital forensics, examining how it is developed, assessed, and maintained in an era characterised by continuous technological advancement. Discussions are also linked to the requirements defined in the accreditation framework ISO/IEC 17025:2017 which governs the digital forensic landscape in England and Wales. We hope to contribute to the ongoing discourse on elevating standards and fostering excellence in the science of digital forensics.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"51 ","pages":"Article 301840"},"PeriodicalIF":2.0,"publicationDate":"2024-10-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142419961","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
“What you say in the lab, stays in the lab”: A reflexive thematic analysis of current challenges and future directions of digital forensic investigations in the UK "实验室里说的话,就留在实验室里":对英国数字取证调查当前挑战和未来方向的反思性专题分析
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-10-09 DOI: 10.1016/j.fsidi.2024.301839
Magdalene Ng , Jade James , Ray Bull
{"title":"“What you say in the lab, stays in the lab”: A reflexive thematic analysis of current challenges and future directions of digital forensic investigations in the UK","authors":"Magdalene Ng ,&nbsp;Jade James ,&nbsp;Ray Bull","doi":"10.1016/j.fsidi.2024.301839","DOIUrl":"10.1016/j.fsidi.2024.301839","url":null,"abstract":"<div><div>Despite digital evidence nowadays playing a major role in criminal investigations and being intrinsic to almost every criminal trial, research in digital forensics (DF) and national approaches to digital evidence in relation to investigating officers and court personnel remain almost non-existent. This research seeks to remedy this issue by qualitatively examining the accounts and experiences of 16 digital forensic investigators (DFIs) in England and Wales who took part in semi-structured interviews. We analyzed the data using a reflexive thematic analysis and identified four overarching themes: (i) Navigating tensions with investigating officers (that has a subtheme of ‘Tensions with legal professionals and challenges navigating court theatrics’) (ii) The psychological, emotional, and existential challenges confronted by DFIs; (iii) Identifying the potential and pitfalls of automation and AI in DF and (iv) The centrality of academia in the advancement of DF (that has a subtheme of ‘Validation of tools as a crucial step in digital forensics’). These new findings reveal that DFIs encounter significant demands to perform well and are continuously overburdened while juggling many roles. This research serves as a pivotal starting point for broader discussions.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"51 ","pages":"Article 301839"},"PeriodicalIF":2.0,"publicationDate":"2024-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142419960","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Decoding digital interactions: An extensive study of TeamViewer's Forensic Artifacts across Windows and android platforms 解码数字互动:跨 Windows 和安卓平台的 TeamViewer 取证工件的广泛研究
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-10-04 DOI: 10.1016/j.fsidi.2024.301838
Nishchal Soni , Manpreet Kaur , Khalid Aziz
{"title":"Decoding digital interactions: An extensive study of TeamViewer's Forensic Artifacts across Windows and android platforms","authors":"Nishchal Soni ,&nbsp;Manpreet Kaur ,&nbsp;Khalid Aziz","doi":"10.1016/j.fsidi.2024.301838","DOIUrl":"10.1016/j.fsidi.2024.301838","url":null,"abstract":"<div><div>The pervasive influence of digital technology has ushered in a new era of connectivity, reshaping the landscape of forensic science and challenging investigators to adapt to evolving methods of digital interaction. Remote access applications (RAAs) like TeamViewer have become integral tools for facilitating remote collaboration and support across various platforms. However, the widespread adoption of such applications has also led to an increase in cybercrimes, underscoring the critical need for meticulous forensic analysis. This study presents a comprehensive examination of TeamViewer's forensic artifacts across Windows and Android platforms, employing advanced forensic techniques such as registry analysis, disk forensics, memory forensics, and Android forensics. By meticulously dissecting digital evidence and uncovering valuable insights into user interactions, configuration settings, and session dynamics, this research aims to enhance understanding of remote access activities and empower forensic investigators with the tools needed to combat cybercrimes effectively. The findings highlight the forensic significance of each investigative approach and underscore the importance of continuous innovation in the field of digital forensics.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"51 ","pages":"Article 301838"},"PeriodicalIF":2.0,"publicationDate":"2024-10-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142419962","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Exploring the potential of large language models for author profiling tasks in digital text forensics 探索大型语言模型在数字文本取证中用于作者特征描述任务的潜力
IF 2 4区 医学
Forensic Science International-Digital Investigation Pub Date : 2024-10-01 DOI: 10.1016/j.fsidi.2024.301814
Sang-Hyun Cho , Dohyun Kim , Hyuk-Chul Kwon , Minho Kim
{"title":"Exploring the potential of large language models for author profiling tasks in digital text forensics","authors":"Sang-Hyun Cho ,&nbsp;Dohyun Kim ,&nbsp;Hyuk-Chul Kwon ,&nbsp;Minho Kim","doi":"10.1016/j.fsidi.2024.301814","DOIUrl":"10.1016/j.fsidi.2024.301814","url":null,"abstract":"<div><div>The rapid advancement of large language models (LLMs) has opened up new possibilities for various natural language processing tasks. This study explores the potential of LLMs for author profiling in digital text forensics, which involves identifying characteristics such as age and gender from writing style—a crucial task in forensic investigations of anonymous or pseudonymous communications. Experiments were conducted using state-of-the-art LLMs, including Polyglot, EEVE, and Bllossom, to evaluate their performance in author profiling. Different fine-tuning strategies, such as full fine-tuning, Low-Rank Adaptation (LoRA), and Quantized LoRA (QLoRA), were compared to determine the most effective methods for adapting LLMs to the specific needs of this task. The results show that fine-tuned LLMs can effectively predict authors’ age and gender based on their writing styles, with Polyglot-based models generally outperforming EEVE and Bllossom models. Additionally, LoRA and QLoRA strategies significantly reduce computational costs and memory requirements while maintaining performance comparable to full fine-tuning. However, error analysis reveals limitations in the current LLM-based approach, including difficulty in capturing subtle linguistic variations across age groups and potential biases from pre-training data. These challenges are discussed and future research directions to address them are proposed. This study underscores the potential of LLMs in author profiling for digital text forensics, suggesting promising avenues for further exploration and refinement.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"50 ","pages":"Article 301814"},"PeriodicalIF":2.0,"publicationDate":"2024-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142530440","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信