Um die anderen Arten von Veröffentlichungen zu diesem Thema anzuzeigen, folgen Sie diesem Link: Network forensic tools.
Zeitschriftenartikel zum Thema „Network forensic tools“
Geben Sie eine Quelle nach APA, MLA, Chicago, Harvard und anderen Zitierweisen an
Machen Sie sich mit Top-50 Zeitschriftenartikel für die Forschung zum Thema "Network forensic tools" bekannt.
Neben jedem Werk im Literaturverzeichnis ist die Option "Zur Bibliographie hinzufügen" verfügbar. Nutzen Sie sie, wird Ihre bibliographische Angabe des gewählten Werkes nach der nötigen Zitierweise (APA, MLA, Harvard, Chicago, Vancouver usw.) automatisch gestaltet.
Sie können auch den vollen Text der wissenschaftlichen Publikation im PDF-Format herunterladen und eine Online-Annotation der Arbeit lesen, wenn die relevanten Parameter in den Metadaten verfügbar sind.
Sehen Sie die Zeitschriftenartikel für verschiedene Spezialgebieten durch und erstellen Sie Ihre Bibliographie auf korrekte Weise.
1
Adeyemi, Ikuesan R., Shukor Abd Razak und Nor Amira Nor Azhan. „A Review of Current Research in Network Forensic Analysis“. International Journal of Digital Crime and Forensics 5, Nr. 1 (Januar 2013): 1–26. http://dx.doi.org/10.4018/jdcf.2013010101.
Der volle Inhalt der QuelleAnnotation:
Establishing facts on cyber crime is gradually gaining wider relevance in prosecuting cyber criminals. The branch of cyber policing saddled with this responsibility is the network forensic community (researchers, developer, and investigator). However, the recurring rate of advances in cybercrime poses greater challenge to the available improvements in network forensics analysis tools (NFAT) as well as to investigators, and ultimately, researchers. The need for an efficient cutting-edge research finding in curbing network crimes therefore is undeniably critical. This paper describes the distinction between network security and network forensics. In addition, the authors identify factors that militate against most network forensic techniques as well as the research challenges in network forensics. Furthermore, the paper discusses on the current research works on network forensics analysis. This research is useful to the research community of network forensics, for knowledge on existing research techniques, and direction on further research in network forensics.
2
Qureshi, Sirajuddin, Jianqiang Li, Faheem Akhtar, Saima Tunio, Zahid Hussain Khand und Ahsan Wajahat. „Analysis of Challenges in Modern Network Forensic Framework“. Security and Communication Networks 2021 (28.08.2021): 1–13. http://dx.doi.org/10.1155/2021/8871230.
Der volle Inhalt der QuelleAnnotation:
Network forensics can be an expansion associated with network security design which typically emphasizes avoidance and detection of community assaults. It covers the necessity for dedicated investigative abilities. When you look at the design, this indeed currently allows investigating harmful behavior in communities. It will help organizations to examine external and community this is undoubtedly around. It is also important for police force investigations. Network forensic techniques can be used to identify the source of the intrusion and the intruder’s location. Forensics can resolve many cybercrime cases using the methods of network forensics. These methods can extract intruder’s information, the nature of the intrusion, and how it can be prevented in the future. These techniques can also be used to avoid attacks in near future. Modern network forensic techniques face several challenges that must be resolved to improve the forensic methods. Some of the key challenges include high storage speed, the requirement of ample storage space, data integrity, data privacy, access to IP address, and location of data extraction. The details concerning these challenges are provided with potential solutions to these challenges. In general, the network forensic tools and techniques cannot be improved without addressing these challenges of the forensic network. This paper proposed a thematic taxonomy of classifications of network forensic techniques based on extensive. The classification has been carried out based on the target datasets and implementation techniques while performing forensic investigations. For this purpose, qualitative methods have been used to develop thematic taxonomy. The distinct objectives of this study include accessibility to the network infrastructure and artifacts and collection of evidence against the intruder using network forensic techniques to communicate the information related to network attacks with minimum false-negative results. It will help organizations to investigate external and internal causes of network security attacks.
3
Haggerty, John, Alexander J. Karran, David J. Lamb und Mark Taylor. „A Framework for the Forensic Investigation of Unstructured Email Relationship Data“. International Journal of Digital Crime and Forensics 3, Nr. 3 (Juli 2011): 1–18. http://dx.doi.org/10.4018/jdcf.2011070101.
Der volle Inhalt der QuelleAnnotation:
The continued reliance on email communications ensures that it remains a major source of evidence during a digital investigation. Emails comprise both structured and unstructured data. Structured data provides qualitative information to the forensics examiner and is typically viewed through existing tools. Unstructured data is more complex as it comprises information associated with social networks, such as relationships within the network, identification of key actors and power relations, and there are currently no standardised tools for its forensic analysis. This paper posits a framework for the forensic investigation of email data. In particular, it focuses on the triage and analysis of unstructured data to identify key actors and relationships within an email network. This paper demonstrates the applicability of the approach by applying relevant stages of the framework to the Enron email corpus. The paper illustrates the advantage of triaging this data to identify (and discount) actors and potential sources of further evidence. It then applies social network analysis techniques to key actors within the data set. This paper posits that visualisation of unstructured data can greatly aid the examiner in their analysis of evidence discovered during an investigation.
4
Montgomery, Jacob M., Santiago Olivella, Joshua D. Potter und Brian F. Crisp. „An Informed Forensics Approach to Detecting Vote Irregularities“. Political Analysis 23, Nr. 4 (2015): 488–505. http://dx.doi.org/10.1093/pan/mpv023.
Der volle Inhalt der QuelleAnnotation:
Electoral forensics involves examining election results for anomalies to efficiently identify patterns indicative of electoral irregularities. However, there is disagreement about which, if any, forensics tool is most effective at identifying fraud, and there is no method for integrating multiple tools. Moreover, forensic efforts have failed to systematically take advantage of country-specific details that might aid in diagnosing fraud. We deploy a Bayesian additive regression trees (BART) model–a machine-learning technique–on a large cross-national data set to explore the dense network of potential relationships between various forensic indicators of anomalies and electoral fraud risk factors, on the one hand, and the likelihood of fraud, on the other. This approach allows us to arbitrate between the relative importance of different forensic and contextual features for identifying electoral fraud and results in a diagnostic tool that can be relatively easily implemented in cross-national research.
5
Arévalo Ortega, Yamir Alexander, Sonia Rocio Corredor Vargas und Gustavo Adolfo Higuera Castro. „Forensic analysis with hacking tools on android devices“. Visión electrónica 13, Nr. 1 (31.01.2019): 162–77. http://dx.doi.org/10.14483/22484728.14405.
Der volle Inhalt der QuelleAnnotation:
Currently, the use of mobile terminals is becoming a necessity for a high number of people around the world which has driven the development of devices with Android operating system; In addition to this, the same indiscriminate access to resources of internet and weak local and international regulations on the use, they have become vulnerable to attacks on the network - injection of malware, ransomware-, among many others. Therefore, this article reviews the hacking tools for the forensic investigation of mobile terminals, proposing from the documentary research a forensic information acquisition model to determine tangible and significant evidences as a probative material.
6
Bintang, Rauhulloh Noor, Rusydi Umar und Anton Yudhana. „Assess of Forensic Tools on Android Based Facebook Lite with the NIST Method“. Scientific Journal of Informatics 8, Nr. 1 (10.05.2021): 1–9. http://dx.doi.org/10.15294/sji.v8i1.26744.
Der volle Inhalt der QuelleAnnotation:
The increase in social media use of Facebook lite by using Android-based smartphones is quite high. Activities when communicating through the social media network Facebook Lite Facebook lite can send a text message, image, or Video. Not a few users of Facebook lite social media abusing this app to commit fraud crimes, pornographic acts, or defamation actions from social media users Facebook lite. In such cases, it can be a digital forensic benchmark to get results from digital evidence from the Facebook lite application. In this investigation, National Institute of Standards and Technology NIST research methods with various stages, namely Collection, Examination, Analysis, and Reporting. While the forensic tools to be used are Magnet Axiom Forensic and MOBILedit Forensic Express Pro. Comparison and results of data conducted with forensic tools Magnet Axiom Forensic and MOBILedit Forensic Express Pro in the form of parameter data specified. Axiom Forensic Magnet data is 57.14% while MOBILedit Forensic Express Pro data is 85.71%. This data is the data of the performance results of both forensic tool applications in obtaining digital evidence on Facebook lite application.
7
Ghannam, Hussein Abed. „Forensic Analysis of Artifacts of Giant Instant Messaging “WhatsApp” in Android Smartphone“. Journal of Applied Information, Communication and Technology 5, Nr. 2 (28.10.2018): 73–83. http://dx.doi.org/10.33555/ejaict.v5i2.55.
Der volle Inhalt der QuelleAnnotation:
WhatsApp is a giant mobile instant message IM application with over 1billion users. The huge usage of IM like WhatsApp through giant smart phone “Android” makes the digital forensic researchers to study deeply. The artefacts left behind in the smartphone play very important role in any electronic crime, or any terror attack. “WhatsApp” as a biggest IM in the globe is considered to be very important resource for information gathering about any digital crime. Recently, end-to-end encryption and many other important features were added and no device forensic analysis or network forensic analysis studies have been performed to the time of writing this paper. This paper explains how can we able to extract the Crypt Key of “WhatsApp” to decrypt the databases and extract precious artefacts resides in the android system without rooting the device. Artefacts that extracted from the last version of WhatsApp have been analysed and correlate to give new valuable evidentiary traces that help in investigating. Many hardware and software tools for mobile and forensics are used to collect as much digital evidence as possible from persistent storage on android device. Some of these tools are commercial like UFED Cellebrite and Andriller, and other are open source tools such as autopsy, adb, WhatCrypt. All of these tools that forensically sound accompanied this research to discover a lot of artefacts resides in android internal storage in WhatsApp application.
8
Raman, Jayakrishnan Anilakkad, und Vasanthi Varadharajan. „HoneyNetCloud Investigation Model, A Preventive Process Model for IoT Forensics“. Ingénierie des systèmes d information 26, Nr. 3 (30.06.2021): 319–27. http://dx.doi.org/10.18280/isi.260309.
Der volle Inhalt der QuelleAnnotation:
With the pervasive usage of sensing systems and IoT things, the importance of security has increased. Attempts towards breaching IoT security systems by attackers are on upsurge. Many intrusions in embedded systems, sensing equipment and IoT things have occurred in the past. Though there are cyber security tools like Antivirus, Intrusion detection and prevention systems available for securing the digital devices and its networks. However, a forensic methodology to be followed for the analysis and investigation to detect origin cause of network incidents is lacking. This paper derives a comprehensive preventive cyber forensic process model with honeypots for the digital IoT investigation process which is formal, that can assist in the court of law in defining the reliability of the investigative process. One year data of various attacks to the IoT network has been recorded by the honeypots for this study. The newly derived model HIM has been validated using various methods and instead of converging on a particular aspect of investigation, it details the entire lifecycle of IoT forensic investigation. The model is targeted to address the forensic analysts’ requirements and the need of legal fraternity for a forensic model. The process model follows a preventive method which reduce further attacks on network.
9
Yasin, Firmansyah, Abdul Fadlil und Rusydi Umar. „Identifikasi Bukti Forensik Jaringan Virtual Router Menggunakan Metode NIST“. Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) 5, Nr. 1 (20.02.2021): 91–98. http://dx.doi.org/10.29207/resti.v5i1.2784.
Der volle Inhalt der QuelleAnnotation:
The evolution information technology has led to the growth of virtualization technology. Router OS is the operating system of the Mikrotik Router, which supports virtualization. Router Os virtualization technique which is easy to run is a metarouter. Metarouter provides benefits such as, building virtual servers, virtual machines, network topology and savings cost. As an object of research, Metarouter introduces challenges to digital forensic investigations, both practitioners and academics. Investigators need to use methodology and tools in order to prove the perpetrators of crimes. This study uses the Windump forensic tool as a means of recording network traffic activity. Network Miner and Wireshark as an analytical tool for identifying digital evidence. The use of the National Institute of Standard and Technology (NIST) method which collection, examination, analysis and reporting, can be repeated and maintained with the same data. Based on experiments with virtual router network traffic testing, the system built has succeeded in obtaining digital evidence, either by direct or indirectly. The system scenario that has been planned succeeded recording 220494 packages, but by the Windump, it is automatically divided into 9 (nine) parts of the package which are Buktidigital0 to Buktidigital8. The inspection stage produces evidence that has been verified by Wireshark and Network Miner. The analysis stage proves that there were attacks carried out by addresses 192.168.10.10 and 192.168.234.10. Based on the results of forensic testing, the use of the NIST method on a forensic system that has been built with a virtual router object can be used by investigators to identify evidence of cyber-attacks.
10
Riadi, Imam, Sunardi Sunardi und Muhamad Ermansyah Rauli. „Identifikasi Bukti Digital WhatsApp pada Sistem Operasi Proprietary Menggunakan Live Forensics“. Jurnal Teknik Elektro 10, Nr. 1 (20.06.2018): 18–22. http://dx.doi.org/10.15294/jte.v10i1.14070.
Der volle Inhalt der QuelleAnnotation:
Rapid development of computer technology is also accompanied with increasing of cybercrime. One of the most common crimes is fraud case in the online shop. This crime abuses Whatapps, one of the most popular Instant Messenger (IM) applications. WhatsApp is one of the IM applications that can be used on computers, especially on windows 8.1 operating system. All applications running on the computer leave data and information on Random Access Memory (RAM). The data and information that exist in RAM can be obtained using digital forensic technique calledLive Forensics. Live forensics can be used when the computer is running and connected to the network. This research aims to find digital evidence related to online shop fraud case. The digital evidence can be obtained using one of the forensic tools FTK Imager. FTK Imager can retrieve and analyze data and information on RAM. The results obtained in this research is the content of WhatsApp conversations that can be used as digital evidence to reveala fraud in the online shop.
11
Haggerty, John, Sheryllynne Haggerty und Mark Taylor. „Forensic triage of email network narratives through visualisation“. Information Management & Computer Security 22, Nr. 4 (07.10.2014): 358–70. http://dx.doi.org/10.1108/imcs-11-2013-0080.
Der volle Inhalt der QuelleAnnotation:
Purpose – The purpose of this paper is to propose a novel approach that automates the visualisation of both quantitative data (the network) and qualitative data (the content) within emails to aid the triage of evidence during a forensics investigation. Email remains a key source of evidence during a digital investigation, and a forensics examiner may be required to triage and analyse large email data sets for evidence. Current practice utilises tools and techniques that require a manual trawl through such data, which is a time-consuming process. Design/methodology/approach – This paper applies the methodology to the Enron email corpus, and in particular one key suspect, to demonstrate the applicability of the approach. Resulting visualisations of network narratives are discussed to show how network narratives may be used to triage large evidence data sets. Findings – Using the network narrative approach enables a forensics examiner to quickly identify relevant evidence within large email data sets. Within the case study presented in this paper, the results identify key witnesses, other actors of interest to the investigation and potential sources of further evidence. Practical implications – The implications are for digital forensics examiners or for security investigations that involve email data. The approach posited in this paper demonstrates the triage and visualisation of email network narratives to aid an investigation and identify potential sources of electronic evidence. Originality/value – There are a number of network visualisation applications in use. However, none of these enable the combined visualisation of quantitative and qualitative data to provide a view of what the actors are discussing and how this shapes the network in email data sets.
12
Anton Yudhana, Abdul Fadlil und Muhammad Rizki Setyawan. „Analysis of Skype Digital Evidence Recovery based on Android Smartphones Using the NIST Framework“. Jurnal RESTI (Rekayasa Sistem dan Teknologi Informasi) 4, Nr. 4 (17.08.2020): 682–90. http://dx.doi.org/10.29207/resti.v4i4.2093.
Der volle Inhalt der QuelleAnnotation:
Cybercrime is an activity utilizing electronic devices and network technology as tools or media to commit crimes. One of them uses the Skype application that is installed on the smartphone. In finding evidence from a cybercrime case, a forensic activity known as digital forensic must be carried out. This study aims to recover digital evidence that has been erased using the NIST framework and forensic tools such as Oxygen and Belkasoft. The results of digital evidence recovery from smartphone Samsung J2 in the removal scenario via the application manager, the Oxygen tool cannot recover deleted data and the percentage of success using Belkasoft is 26%. While the results of data recovery with the manual removal method the percentage of success using Oxygen was 63% and Belkasoft was 44%. Digital evidence recovery results from smartphones Andromax A on the erase scenario through the application manager, Oxygen and Belkasoft tools cannot recover deleted data. While manual removal of Oxygen by 61% and Belkasoft cannot restore data. It can be concluded the results of data recovery from both smartphones that are used according to the erasure method through the application manager, Belkasoft has better performance than Oxygen, and data recovery according to the method of erasing manually, Oxygen has better performance than Belkasoft.
13
Oura, Petteri, Alina Junno und Juho-Antti Junno. „Deep learning in forensic gunshot wound interpretation—a proof-of-concept study“. International Journal of Legal Medicine 135, Nr. 5 (06.04.2021): 2101–6. http://dx.doi.org/10.1007/s00414-021-02566-3.
Der volle Inhalt der QuelleAnnotation:
AbstractWhile the applications of deep learning are considered revolutionary within several medical specialties, forensic applications have been scarce despite the visual nature of the field. For example, a forensic pathologist may benefit from deep learning-based tools in gunshot wound interpretation. This proof-of-concept study aimed to test the hypothesis that trained neural network architectures have potential to predict shooting distance class on the basis of a simple photograph of the gunshot wound. A dataset of 204 gunshot wound images (60 negative controls, 50 contact shots, 49 close-range shots, and 45 distant shots) was constructed on the basis of nineteen piglet carcasses fired with a .22 Long Rifle pistol. The dataset was used to train, validate, and test the ability of neural net architectures to correctly classify images on the basis of shooting distance. Deep learning was performed using the AIDeveloper open-source software. Of the explored neural network architectures, a trained multilayer perceptron based model (MLP_24_16_24) reached the highest testing accuracy of 98%. Of the testing set, the trained model was able to correctly classify all negative controls, contact shots, and close-range shots, whereas one distant shot was misclassified. Our study clearly demonstrated that in the future, forensic pathologists may benefit from deep learning-based tools in gunshot wound interpretation. With these data, we seek to provide an initial impetus for larger-scale research on deep learning approaches in forensic wound interpretation.
14
Charette, Yanick, Ilvy Goossens, Michael C. Seto, Tonia L. Nicholls und Anne G. Crocker. „Is Knowledge Contagious? Diffusion of Violence-Risk-Reporting Practices Across Clinicians’ Professional Networks“. Clinical Psychological Science 9, Nr. 2 (05.02.2021): 284–93. http://dx.doi.org/10.1177/2167702620954797.
Der volle Inhalt der QuelleAnnotation:
The knowledge–practice gap remains a challenge in many fields. Health research has shown that professional networks influence various aspects of patient care, including diffusion of innovative practices. In the current study, we examined the potential utility of professional networks to spread the use of violence-risk-assessment tools in forensic psychiatric settings. A total of 6,664 reports, written by 708 clinicians, were used to examine the effect of clinicians’ use of risk-assessment tools on subsequent reports by other clinicians with whom they share patients. Results show that professional networks serve as an important channel for the spread of assessment practices. Simulation of a continuing education program showed that targeting more influential clinicians in the network could be 3 times more efficient at disseminating best practices than randomly training clinicians. Decision-makers may consider using professional networks to identify and train influential clinicians to maximize diffusion of the use of risk-assessment instruments.
15
Hersyah, Mohammad Hafiz. „A Proposed Model of Digital Forensic on Cloud Computing Security Infrastructure“. International Journal of Innovation in Enterprise System 2, Nr. 02 (30.07.2018): 18–23. http://dx.doi.org/10.25124/ijies.v2i02.21.
Der volle Inhalt der QuelleAnnotation:
Over the past decades, practitioners and researchers have made remarkable achievements in digital forensic. The abilities to conquer major technical obstacles are bestowing practitioners greater access to digital evidence. Sophisticated forensic techniques and tools are being developed to assist forensic acquisition and extraction of volatile data, inspection of remote repositories system and analysis of network traffic. Computer forensic is a comprehensive work that based on several attributes that are : objectivity, relevance and legitimacy to compose a system model that projected to be an electronic evidence forensic system. Latest studies show that the rapid growing of cloud computing facilities usage that has enable various improvements as part of the innovation process at organisations. Information systems are in frequently exposed to various types of threats which able to trigger different types of bad consequences as more and more information stored, problems arise especially about security information technology risk aspects.
Keywords—computer forensic, cloud computing, electronic evidence forensic system, security, information technology risk, information system
16
Usov, A. I., O. B. Gradusova und S. A. Kuz’min. „The Use of Probabilistic and Statistical Methods to Test the Significance of Scientific Evidence: Comparative Analysis of Current Forensic Practices in Russia and Abroad“. Theory and Practice of Forensic Science 13, Nr. 4 (27.12.2018): 6–15. http://dx.doi.org/10.30764/1819-2785-2018-13-4-6-15.
Der volle Inhalt der QuelleAnnotation:
The article addresses the problem of developing scientifically sound approaches and quantitative criteria for assessing reliability of expert evidence that take into account the contextual information contained in case materials and are based on likelihood ratios. The evolution of the system of views on this problem in forensic science theory in Russia and abroad is considered, and the European Network of Forensic Science Institutes Guideline for Evaluative Reporting in Forensic Science is analyzed. The Guideline was published in 2015. This manual is a practical tool for experts assessing the evidentiary value of their conclusions resulting from specific types of forensic examination. It also sets out recommendations on how to present the results of such an assessment in the format of the so-called “evaluative report”. The starting point of the comparative analysis is the problem of how the legal system and its subjects interpret the results reported by an expert witness, as well as any other forensic evidence expressed in probabilistic terms. At present the probabilistic way of describing uncertainties, originating in the natural sciences, is firmly established in criminalistics and forensic science. A clear position that has formed in the context of the Russian legislation, theory and practice of forensic expertise is to interpret probability as synonymous with assumption. In the foreign forensic science community the fate of probabilities was different. The authors emphasize the practical value of further improving the tools for assessing the reliability of examination results in the forensic sciences and related areas.
17
Purnomo, Arif D., Charles Lim und Burman Noviansyah. „Threat Hunting Early Experiment through Event Correlation and Memory Forensic“. ACMIT Proceedings 6, Nr. 1 (06.07.2021): 56–63. http://dx.doi.org/10.33555/acmit.v6i1.98.
Der volle Inhalt der QuelleAnnotation:
The cyber threat landscapes nowadays are dynamically evolving over time, the cyber security practitioner in corporations need to adapt with more sophisticated way with the latest cyber threat attacks are launched. Cyber Threat Intelligence is one of the tools that can be utilized as a cyber threat detection. Generally, CTI operates by integrating its directory with events collected from Security Information and Event Management (SIEM) to correlates all of the appliances logs within corporation and providing summarized and meaningful information that can be reviewed to identify legitimate malicious cyber threat activity. However, relying only CTI subscription that only contains blacklist domain and ip addresses integrated with SIEM will only provide passive detection for known cyber threats. The needs for proactive cyber threat detection is required to compete with the modern threat landscape. This research work will try to explore the possibility of detecting unknown or undetected cyber threats using network event correlation and memory forensic to validate its existence. Throughout this research time span, we’re able to discover malicious network pattern that is proven to be undetected within internal organization endpoint protection. Therefore, this research will provide baseline for threat hunting activity based on network behavioural pattern.
18
Kotwal, Shallu, und Jatinder Manhas. „Investigation of Different Constraints in Cybercrime & Digital Forensics“. International Journal of Advanced Research in Computer Science and Software Engineering 7, Nr. 7 (30.07.2017): 222. http://dx.doi.org/10.23956/ijarcsse/v7i7/0209.
Der volle Inhalt der QuelleAnnotation:
With rapid changes in technology and its increased use in different organizations, the cybercrime and digital forensics methods are also making advancement in new ways to tackle the latest trends in cyber crime. Cybercrime refers to any crime that involves a computer network or any public or private system. Cyber crime is emerging as a serious threat worldwide. The government organizations, police departments and various intelligence units of different countries have started to act accordingly. To control and investigate cybercrime, the investigators use various Digital forensics methods and mechanisms. Digital forensics is the procedure of investigating computer crimes in cyber world. Many researchers have been done a lot in this area to help forensic investigators to resolve the existing challenges with different methodologies designed by them. Experts provided with different tools and technologies to resolve the threats related to cyber crime in a more efficient and speedy manner with minimum loss to the victim. Still the desired technologies and tools are not that much efficient that they can control the occurrence of different types of cyber crime activities. This paper reviews the complete details regarding the growth of cybercrime and its various modes of occurrence at different level. Authors in this paper tries to bring few facts and figures which would be an eye-opener for computer and internet users. Therefore, the current manuscript provides the understanding of various types of cyber crimes and its impact on different section of the society.
19
Ginanjar, Aseh, Nur Widiyasono und Rohmat Gunawan. „WEB PHISING ATTACK ANALYSIS ON E-COMMERCE SERVICE USING NETWORK FORENSIC PROCESS METHOD“. Jurnal Terapan Teknologi Informasi 2, Nr. 2 (27.02.2019): 59–69. http://dx.doi.org/10.21460/jutei.2018.22.111.
Der volle Inhalt der QuelleAnnotation:
The internet provides around the world facilities to reach customers without market restrictions, including e-commerce. As a result, the number of customers who depend on the Internet for purchases has increased dramatically. Potential cybercrime attacks such as phishing are criminal activities that attempt to obtain illegally sensitive information. The sensitive information can be in the form of a username, password, and credit card details. Then it is necessary to analyze the non-volatile data obtained in real and sourced from a Facebook forum. Data acquisition techniques use forensic live network data processing using Network Protocol Analyzer tools, namely Wireshark. The results of the investigation and analysis are summarized in the form of the table. The success of the investigation can be found in the source of the attack in the form of IP Address, URL phishing, DNS protocol, IMAP, username, password, FTP, SMTP, and HTTP. The analysis provides recommendations on how to avoid web phishing attacks.
20
Ali, Md Iman, und Sukhkirandeep Kaur. „Next-Generation Digital Forensic Readiness BYOD Framework“. Security and Communication Networks 2021 (20.03.2021): 1–19. http://dx.doi.org/10.1155/2021/6664426.
Der volle Inhalt der QuelleAnnotation:
Intel’s “Bring Your Own Device” (BYOD) adoption quickly became popular as an alternative workplace solution strategy. It enables employees to use their personally owned devices to perform business activities, leading to increased productivity and employee satisfaction. However, BYOD also brought associated risks because of exponential growth in the number of cybersecurity incidents due to which business ecosystem gets disrupted and fragmented. Although several methods and mechanisms have been developed and adopted to mitigate the risk associated with BYOD, they still represent a challenge as corporate network gets exposed to inherent threats caused by the BYOD threat landscape. This work demonstrates especially two key aspects: The first focuses on how to detect and protect BYOD environment from an advanced level attack which cannot be detected by traditional tools and techniques even though available tools are quite effective. Before the attack and damage to the critical infrastructure due to BYOD threat, a strategy was indeed the key requirement for detecting attacks and protecting the environment. The second part of the research focuses on conducting forensic investigation model and developing a new approach by providing a reliable forensic investigation infrastructure to find digital evidence and detect the source of attack. This research work concluded with two different novel strategic ideas. The first part contributes to a new method of detecting and protecting against malicious activities which cannot be otherwise detected and protected by traditional security technology like IPS, IDS, AntiBot, or AntiVirus. The proposed technique compared to the existing methods led to a significant contribution to the identification of threats before an attack takes place. The second part of the research contributes to the defining of a new approach of the next-generation digital forensic readiness (NG-DFR) model in order to build a cyber forensic ecosystem so that cyber secured BYOD environment can be enabled safely.
21
RENNA, L., und F. BRANDIZZI. „The mysterious life of the plant trans‐Golgi network: advances and tools to understand it better“. Journal of Microscopy 278, Nr. 3 (20.03.2020): 154–63. http://dx.doi.org/10.1111/jmi.12881.
Der volle Inhalt der Quelle
22
Riadi, Imam, Rusdy Umar und Dora Bernadisman. „Analisis Forensik Database Menggunakan Metode Forensik Statis“. JURNAL SISTEM INFORMASI BISNIS 9, Nr. 1 (03.05.2019): 9. http://dx.doi.org/10.21456/vol9iss1pp9-17.
Der volle Inhalt der QuelleAnnotation:
SIMDA (Regional Management Information System) is a system created by the BPKP (Financial and Development Supervisory Agency) to assist local governments in implementing regional financial management so that it complies with applicable, efficient, effective, transparent, accountable and auditable regulations. Management data is stored in the SIMDA database on a server connected to a computer network, it is possible that the database is always infiltrated and indicated by data manipulation by hackers. The purpose of this study is to monitor database activity and detect data manipulation done by hackers, then forensic processes are carried out using static forensic methods with stages, namely data collection, data checking, data analysis, and reporting so as to provide evidence and instructions to do analysis on the SIMDA Planning database. The results obtained using static forensic methods show that there has been manipulation or change in the budget ceiling of the activity that exceeds the program budget ceiling (mark-up in budget planning) carried out by hackers who enter through the SIMDA database. Output from forensic processes can prove manipulation data that is carried out by hackers can be detected using SQL Profiler and SQL Log Analyzer tools so that output can be used as digital evidence to assist law enforcement in revealing cybercrime crime cases and can be accounted for in court proceedings.
23
Nøkleberg, Martin. „Examining the how of Plural Policing: Moving from Normative Debate to Empirical Enquiry“. British Journal of Criminology 60, Nr. 3 (11.01.2020): 681–702. http://dx.doi.org/10.1093/bjc/azz080.
Der volle Inhalt der QuelleAnnotation:
Abstract The networked and plural nature of policing suggests that agencies are often involved in extensive exchanges of expertise, resources and knowledge. However, the network structure and distribution of power between various policing actors can vary considerably. This highlights the importance of developing sound analytical perspectives that can help unpack the complexities behind the linkages. Applying the network perspective, this article underlines the value of utilizing analytical tools and approaches drawn from social network analysis, such as brokerage and homophily, to empirically assess the roles of agencies and their contribution to plural policing. This, in turn, shows how, in the mixed economy of policing, as well as being understood in terms of the normative debates that often figure in the current literature, relational phenomena also require more sophisticated empirical approaches.
24
Thant, Yee Mon. „IoT Security: Simulation and Analysis of TCP SYN Flooded DDOS Attack using WireShark“. Transactions on Networks and Communications 8, Nr. 3 (30.06.2020): 16–25. http://dx.doi.org/10.14738/tnc.83.8389.
Der volle Inhalt der QuelleAnnotation:
Nowadays Internet of Things (IoTs) technology is significantly entering our daily lives because IoT have widely scope such as security systems, smart industrial environment, vehicles, electronic appliances, wearable devices, healthcare etc. Since these devices are interconnected with each other on the internet to give the various types of services to consumers with various technologies. The emergence of new technology in various fields it also brings up challenges in the area of the forensic investigation. The latest tools and the procedure stream did won't satisfy disseminated and current IoT infrastructure. In recent year, the huge improvement of DDoS assault in IoT network, IoT security has directly gotten to be one of the first concerned points inside the field of network security. SYN flood assault misuses the TCP’ three way handshake handle and all victim's assets are depleted and assist connection requests cannot be considered, so this can be denying the legitimate gets to. The outcomes produced are utilized as evidences to demonstrate that a machine is victimized and is confronting a DDOS attack. In this paper, we have done network analysis for detecting SYN flooded attack on IoT Smart Environment using WireShark.
25
Kazemi, Seyyed Sajjad, und Sajjad Heidari. „Digital forensics and its role in promoting criminal prosecution“. Revista Eletrônica em Gestão, Educação e Tecnologia Ambiental 25 (22.03.2021): e5. http://dx.doi.org/10.5902/2236117063798.
Der volle Inhalt der QuelleAnnotation:
Digital forensics is essentially synonymous with computer forensics, but the term "digital forensics" is generally used for the technical review of all devices that have the ability to store data. Today, digital criminology is challenged in cloud computing. The first problem is to understand why and how criminal and social actions are so unique and complex. The second problem is the lack of accurate scientific tools for forensic medicine in cyberspace. So far, no complete tools or explanations for criminology have been provided in the virtual infrastructure, and no training for security researchers has been provided in detail. Therefore, the author of the present descriptive-analytical research is based on library resources and using fish taking tools. To investigate suspicious cases related to cyberspace, criminologists must be well-equipped with technical and legal issues to deal with. In this article, we analyze digital criminology and its role in judicial law. The benefit of computer forensic knowledge is not only an indispensable necessity for security and judicial institutions, but also professional users and owners of computer systems, systems and networks must be fully aware of and properly comply with its legal and technical requirements.
26
Sabillon, Regner, Jordi Serra-Ruiz, Victor Cavaller und Jeimy J. Cano. „Digital Forensic Analysis of Cybercrimes“. International Journal of Information Security and Privacy 11, Nr. 2 (April 2017): 25–37. http://dx.doi.org/10.4018/ijisp.2017040103.
Der volle Inhalt der QuelleAnnotation:
This paper reviews the existing methodologies and best practices for digital investigations phases like collecting, evaluating and preserving digital forensic evidence and chain of custody of cybercrimes. Cybercriminals are adopting new strategies to launch cyberattacks within modified and ever changing digital ecosystems, this article proposes that digital investigations must continually readapt to tackle cybercrimes and prosecute cybercriminals, working in international collaboration networks, sharing prevention knowledge and lessons learned. The authors also introduce a compact cyber forensics model for diverse technological ecosystems called Cyber Forensics Model in Digital Ecosystems (CFMDE). Transferring the knowledge, international collaboration, best practices and adopting new digital forensic tools, methodologies and techniques will be hereinafter paramount to obtain digital evidence, enforce organizational cybersecurity policies, mitigate security threats, fight anti-forensics practices and indict cybercriminals. The global Digital Forensics community ought to constantly update current practices to deal with cybercriminality and foreseeing how to prepare to new technological environments where change is always constant.
27
Nadim, Mohammad, Wonjun Lee und David Akopian. „Characteristic Features of the Kernel-level Rootkit for Learning-based Detection Model Training“. Electronic Imaging 2021, Nr. 3 (18.06.2021): 34–1. http://dx.doi.org/10.2352/issn.2470-1173.2021.3.mobmu-034.
Der volle Inhalt der QuelleAnnotation:
The core part of the operating system is the kernel, and it plays an important role in managing critical data structure resources for correct operations. The kernel-level rootkits are the most elusive type of malware that can modify the running OS kernel in order to hide its presence and perform many malicious activities such as process hiding, module hiding, network communication hiding, and many more. In the past years, many approaches have been proposed to detect kernel-level rootkit. Still, it is challenging to detect new attacks and properly categorize the kernel-level rootkits. Memory forensic approaches showed efficient results with the limitation against transient attacks. Cross-view-based and integrity monitoring-based approaches have their own weaknesses. A learning-based detection approach is an excellent way to solve these problems. In this paper, we give an insight into the kernel-level rootkit characteristic features and how the features can be represented to train learning-based models in order to detect known and unknown attacks. Our feature set combined the memory forensic, cross-view, and integrity features to train learning-based detection models. We also suggest useful tools that can be used to collect the characteristics features of the kernel-level rootkit.
28
He, Tuo, João Marco, Richard Soares, Yafang Yin und Alex Wiedenhoeft. „Machine Learning Models with Quantitative Wood Anatomy Data Can Discriminate between Swietenia macrophylla and Swietenia mahagoni“. Forests 11, Nr. 1 (25.12.2019): 36. http://dx.doi.org/10.3390/f11010036.
Der volle Inhalt der QuelleAnnotation:
Illegal logging and associated trade aggravate the over-exploitation of Swietenia species, of which S. macrophylla King, S. mahagoni (L.) Jacq, and S. humilis Zucc. have been listed in Convention on International Trade in Endangered Species of Wild Fauna and Flora (CITES) Appendix Ⅱ. Implementation of CITES necessitates the development of efficient forensic tools to identify wood species accurately, and ideally ones readily deployable in wood anatomy laboratories across the world. Herein, a method using quantitative wood anatomy data in combination with machine learning models to discriminate between three Swietenia species is presented, in addition to a second model focusing only on the two historically more important species S. mahagoni and S. macrophylla. The intra- and inter-specific variations in nine quantitative wood anatomical characters were measured and calculated based on 278 wood specimens, and four machine learning classifiers—Decision Tree C5.0, Naïve Bayes (NB), Support Vector Machine (SVM), and Artificial Neural Network (ANN)—were used to discriminate between the species. Among these species, S. macrophylla exhibited the largest intraspecific variation, and all three species showed at least partly overlapping values for all nine characters. SVM performed the best of all the classifiers, with an overall accuracy of 91.4% and a per-species correct identification rate of 66.7%, 95.0%, and 80.0% for S. humilis, S. macrophylla, and S. mahagoni, respectively. The two-species model discriminated between S. macrophylla and S. mahagoni with accuracies of over 90.0% using SVM. These accuracies are lower than perfect forensic certainty but nonetheless demonstrate that quantitative wood anatomy data in combination with machine learning models can be applied as an efficient tool to discriminate anatomically between similar species in the wood anatomy laboratory. It is probable that a range of previously anatomically inseparable species may become identifiable by incorporating in-depth analysis of quantitative characters and appropriate statistical classifiers.
29
Retamero, Juan Antonio, Jose Aneiros-Fernandez und Raimundo G. del Moral. „Complete Digital Pathology for Routine Histopathology Diagnosis in a Multicenter Hospital Network“. Archives of Pathology & Laboratory Medicine 144, Nr. 2 (11.07.2019): 221–28. http://dx.doi.org/10.5858/arpa.2018-0541-oa.
Der volle Inhalt der QuelleAnnotation:
Context.— Complete digital pathology and whole slide imaging for routine histopathology diagnosis is currently in use in few laboratories worldwide. Granada University Hospitals, Spain, which comprises 4 hospitals, adopted full digital pathology for primary histopathology diagnosis in 2016. Objective.— To describe the methodology adopted and the resulting experience at Granada University Hospitals in transitioning to full digital diagnosis. Design.— All histopathology glass slides generated for routine diagnosis were digitized at ×40 using the Philips IntelliSite Pathology Solution, which includes an ultrafast scanner and an image management system. All hematoxylin-eosin–stained preparations and immunohistochemistry and histochemistry slides were digitized. The existing sample-tracking software and image management system were integrated to allow data interchange through the Health Level 7 protocol. Results.— Circa 160 000 specimens have been signed out using digital pathology for primary diagnosis. This comprises more than 800 000 digitized glass slides. The scanning error rate during the implementation phase was below 1.5%, and subsequent workflow optimization rendered this rate negligible. Since implementation, Granada University Hospitals pathologists have signed out 21% more cases per year on average. Conclusions.— Digital pathology is an adequate medium for primary histopathology diagnosis. Successful digitization relies on existing sample tracking and integration of the information technology infrastructure. Rapid and reliable scanning at ×40 equivalent was key to the transition to a fully digital workflow. Digital pathology resulted in efficiency gains in the preanalytical and analytical phases, and created the basis for computational pathology: the use of computer-assisted tools to aid diagnosis.
30
Akremi, Aymen, Hassen Sallay, Mohsen Rouached und Rafik Bouaziz. „Applying Digital Forensics to Service Oriented Architecture“. International Journal of Web Services Research 17, Nr. 1 (Januar 2020): 17–42. http://dx.doi.org/10.4018/ijwsr.2020010102.
Der volle Inhalt der QuelleAnnotation:
Digital forensics is an emerging research field involving critical technologies for obtaining evidence in digital crime investigations. Several methodologies, tools, and techniques have been developed to deal with the acquisition, preservation, examination, analysis, and presentation of digital evidence from different sources. However, new emerging infrastructures such as service-oriented architecture has brought new serious challenges for digital forensic research to ensure that evidence will be neutral, comprehensive, and reliable in such complex environment is a challenging research task. To address this issue, the authors propose in this article a generic conceptual model for digital forensics methodologies to enable their application in a service-oriented architecture. Challenges and requirements to construct a forensically sound evidence management framework for these environments are also discussed. Finally, the authors show how digital forensics standards and recommendations can be mapped to service-oriented architecture.
31
Białczak, Piotr, und Wojciech Mazurczyk. „Characterizing Anomalies in Malware-Generated HTTP Traffic“. Security and Communication Networks 2020 (01.09.2020): 1–26. http://dx.doi.org/10.1155/2020/8848863.
Der volle Inhalt der QuelleAnnotation:
Currently, we are witnessing a significant rise in various types of malware, which has an impact not only on companies, institutions, and individuals, but also on entire countries and societies. Malicious software developers try to devise increasingly sophisticated ways to perform nefarious actions. In consequence, the security community is under pressure to develop more effective defensive solutions and to continuously improve them. To accomplish this, the defenders must understand and be able to recognize the threat when it appears. That is why, in this paper, a large dataset of recent real-life malware samples was used to identify anomalies in the HTTP traffic produced by the malicious software. The authors analyzed malware-generated HTTP requests, as well as benign traffic of the popular web browsers, using 3 groups of features related to the structure of requests, header field values, and payload characteristics. It was observed that certain attributes of the HTTP traffic can serve as an indicator of malicious actions, including lack of some popular HTTP headers and their values or usage of the protocol features in an uncommon way. The findings of this paper can be conveniently incorporated into the existing detection systems and network traffic forensic tools, making it easier to spot and eliminate potential threats.
32
Prakash, Vijay, Alex Williams, Lalit Garg, Claudio Savaglio und Seema Bawa. „Cloud and Edge Computing-Based Computer Forensics: Challenges and Open Problems“. Electronics 10, Nr. 11 (21.05.2021): 1229. http://dx.doi.org/10.3390/electronics10111229.
Der volle Inhalt der QuelleAnnotation:
In recent years, there has been a dramatic change in attitude towards computers and the use of computer resources in general. Cloud and Edge computing have emerged as the most widely used technologies, including fog computing and the Internet of Things (IoT). There are several benefits in exploiting Cloud and Edge computing paradigms, such as lower costs and higher efficiency. It provides data computation and storage where data are processed, enables better data control, faster understanding and actions, and continuous operation. However, though these benefits seem to be appealing, their effects on computer forensics are somewhat undesirable. The complexity of the Cloud and Edge environments and their key features present many technical challenges from multiple stakeholders. This paper seeks to establish an in-depth understanding of the impact of Cloud and Edge computing-based environmental factors. Software and hardware tools used in the digital forensic process, forensic methods for handling tampered sound files, hidden files, image files, or images with steganography, etc. The technical/legal challenges and the open design problems (such as distributed maintenance, multitasking and practicality) highlight the various challenges for the digital forensics process.
33
Zeng, Gang. „Data Handling of Digital Forensics Cloud Computing“. Advanced Materials Research 756-759 (September 2013): 1739–43. http://dx.doi.org/10.4028/www.scientific.net/amr.756-759.1739.
Der volle Inhalt der QuelleAnnotation:
With development of network and digital devices, traditional digital forensics tools show their drawbacks, and investigators need new forensics tools to deal with enormous digital evidences. Therefore, this paper introduces digital forensics and cloud computing, then lists the advantages of private forensics cloud computing, proposes a model of Data Handling of Digital Forensics Cloud Computing.
34
Lopez-Araiza, Christopher, und Ebru Celikel Cankaya. „A Comprehensive Analysis of Security Tools for Network Forensics“. Journal of Medical - Clinical Research & Reviews 1, Nr. 3 (30.12.2017): 1–9. http://dx.doi.org/10.33425/2639-944x.1021.
Der volle Inhalt der Quelle
35
Hunt, Ray, und Sherali Zeadally. „Network Forensics: An Analysis of Techniques, Tools, and Trends“. Computer 45, Nr. 12 (Dezember 2012): 36–43. http://dx.doi.org/10.1109/mc.2012.252.
Der volle Inhalt der Quelle
36
Demertzis, Konstantinos, Konstantinos Tsiknas, Dimitrios Takezis, Charalabos Skianis und Lazaros Iliadis. „Darknet Traffic Big-Data Analysis and Network Management for Real-Time Automating of the Malicious Intent Detection Process by a Weight Agnostic Neural Networks Framework“. Electronics 10, Nr. 7 (25.03.2021): 781. http://dx.doi.org/10.3390/electronics10070781.
Der volle Inhalt der QuelleAnnotation:
Attackers are perpetually modifying their tactics to avoid detection and frequently leverage legitimate credentials with trusted tools already deployed in a network environment, making it difficult for organizations to proactively identify critical security risks. Network traffic analysis products have emerged in response to attackers’ relentless innovation, offering organizations a realistic path forward for combatting creative attackers. Additionally, thanks to the widespread adoption of cloud computing, Device Operators (DevOps) processes, and the Internet of Things (IoT), maintaining effective network visibility has become a highly complex and overwhelming process. What makes network traffic analysis technology particularly meaningful is its ability to combine its core capabilities to deliver malicious intent detection. In this paper, we propose a novel darknet traffic analysis and network management framework to real-time automating the malicious intent detection process, using a weight agnostic neural networks architecture. It is an effective and accurate computational intelligent forensics tool for network traffic analysis, the demystification of malware traffic, and encrypted traffic identification in real time. Based on a weight agnostic neural networks (WANNs) methodology, we propose an automated searching neural net architecture strategy that can perform various tasks such as identifying zero-day attacks. By automating the malicious intent detection process from the darknet, the advanced proposed solution is reducing the skills and effort barrier that prevents many organizations from effectively protecting their most critical assets.
37
Jahankhani, Hamid. „Criminal investigation and forensic tools for smartphones“. International Journal of Electronic Security and Digital Forensics 2, Nr. 4 (2009): 387. http://dx.doi.org/10.1504/ijesdf.2009.027671.
Der volle Inhalt der Quelle
38
Demertzis, Konstantinos, Panayiotis Kikiras, Nikos Tziritas, Salvador Sanchez und Lazaros Iliadis. „The Next Generation Cognitive Security Operations Center: Network Flow Forensics Using Cybersecurity Intelligence“. Big Data and Cognitive Computing 2, Nr. 4 (22.11.2018): 35. http://dx.doi.org/10.3390/bdcc2040035.
Der volle Inhalt der QuelleAnnotation:
A Security Operations Center (SOC) can be defined as an organized and highly skilled team that uses advanced computer forensics tools to prevent, detect and respond to cybersecurity incidents of an organization. The fundamental aspects of an effective SOC is related to the ability to examine and analyze the vast number of data flows and to correlate several other types of events from a cybersecurity perception. The supervision and categorization of network flow is an essential process not only for the scheduling, management, and regulation of the network’s services, but also for attacks identification and for the consequent forensics’ investigations. A serious potential disadvantage of the traditional software solutions used today for computer network monitoring, and specifically for the instances of effective categorization of the encrypted or obfuscated network flow, which enforces the rebuilding of messages packets in sophisticated underlying protocols, is the requirements of computational resources. In addition, an additional significant inability of these software packages is they create high false positive rates because they are deprived of accurate predicting mechanisms. For all the reasons above, in most cases, the traditional software fails completely to recognize unidentified vulnerabilities and zero-day exploitations. This paper proposes a novel intelligence driven Network Flow Forensics Framework (NF3) which uses low utilization of computing power and resources, for the Next Generation Cognitive Computing SOC (NGC2SOC) that rely solely on advanced fully automated intelligence methods. It is an effective and accurate Ensemble Machine Learning forensics tool to Network Traffic Analysis, Demystification of Malware Traffic and Encrypted Traffic Identification.
39
Hollomotz, Andrea, und Seraina Caviezel Schmitz. „Forio: a Swiss treatment program for young sex offenders with intellectual disabilities“. Journal of Intellectual Disabilities and Offending Behaviour 9, Nr. 3 (10.09.2018): 117–27. http://dx.doi.org/10.1108/jidob-05-2018-0007.
Der volle Inhalt der QuelleAnnotation:
Purpose The purpose of this paper is to provide a description of a Swiss outpatient group therapy for adolescent and young men with intellectual disabilities who have sexually offended. Design/methodology/approach The findings from two studies that examined the treatment independently from one another are brought together. These combine the qualitative methods of document analysis of programme tools, overt participant observations of treatment sessions and semi-structured interviews with programme designers. Findings At the heart of Forio treatment is a seven-step programme that aims to enable participants to increase their risk management capacities and foster pro-social behaviours. Responsivity issues are a key consideration, and the use of a traffic light system to distinguish acceptable, borderline and unacceptable behaviours provides a central reference point throughout treatment and beyond. Treatment relies on individuals practising newly learned pro-social behaviours in their daily life. To facilitate this, risks are managed, and support is provided via close networking between therapists and the supervision and social care network. Practical implications This paper offers detailed descriptions of the programme setting, structure and tools, which will allow international readers to adapt the techniques discussed to suit their specific treatment context. Particularly, the close networking between treatment providers and those managing risks in the community is commendable. Originality/value The Forio programme has not previously been described in English language papers. Even though it arises from the same evidence base as the internationally more widely known programmes, this paper offers unique insights into ways in which known concepts have been adapted to suit local circumstances.
40
Ferreira, Sara, Mário Antunes und Manuel E. Correia. „A Dataset of Photos and Videos for Digital Forensics Analysis Using Machine Learning Processing“. Data 6, Nr. 8 (05.08.2021): 87. http://dx.doi.org/10.3390/data6080087.
Der volle Inhalt der QuelleAnnotation:
Deepfake and manipulated digital photos and videos are being increasingly used in a myriad of cybercrimes. Ransomware, the dissemination of fake news, and digital kidnapping-related crimes are the most recurrent, in which tampered multimedia content has been the primordial disseminating vehicle. Digital forensic analysis tools are being widely used by criminal investigations to automate the identification of digital evidence in seized electronic equipment. The number of files to be processed and the complexity of the crimes under analysis have highlighted the need to employ efficient digital forensics techniques grounded on state-of-the-art technologies. Machine Learning (ML) researchers have been challenged to apply techniques and methods to improve the automatic detection of manipulated multimedia content. However, the implementation of such methods have not yet been massively incorporated into digital forensic tools, mostly due to the lack of realistic and well-structured datasets of photos and videos. The diversity and richness of the datasets are crucial to benchmark the ML models and to evaluate their appropriateness to be applied in real-world digital forensics applications. An example is the development of third-party modules for the widely used Autopsy digital forensic application. This paper presents a dataset obtained by extracting a set of simple features from genuine and manipulated photos and videos, which are part of state-of-the-art existing datasets. The resulting dataset is balanced, and each entry comprises a label and a vector of numeric values corresponding to the features extracted through a Discrete Fourier Transform (DFT). The dataset is available in a GitHub repository, and the total amount of photos and video frames is 40,588 and 12,400, respectively. The dataset was validated and benchmarked with deep learning Convolutional Neural Networks (CNN) and Support Vector Machines (SVM) methods; however, a plethora of other existing ones can be applied. Generically, the results show a better F1-score for CNN when comparing with SVM, both for photos and videos processing. CNN achieved an F1-score of 0.9968 and 0.8415 for photos and videos, respectively. Regarding SVM, the results obtained with 5-fold cross-validation are 0.9953 and 0.7955, respectively, for photos and videos processing. A set of methods written in Python is available for the researchers, namely to preprocess and extract the features from the original photos and videos files and to build the training and testing sets. Additional methods are also available to convert the original PKL files into CSV and TXT, which gives more flexibility for the ML researchers to use the dataset on existing ML frameworks and tools.
41
Monzon, Federico A., und Tracie J. Koen. „Diagnosis of Metastatic Neoplasms: Molecular Approaches for Identification of Tissue of Origin“. Archives of Pathology & Laboratory Medicine 134, Nr. 2 (01.02.2010): 216–24. http://dx.doi.org/10.5858/134.2.216.
Der volle Inhalt der QuelleAnnotation:
Abstract Context Tumors of uncertain or unknown origin are estimated to constitute 3% to 5% of all metastatic cancer cases. Patients with these types of tumors show worse outcomes when compared to patients in which a primary tumor is identified. New molecular tests that identify molecular signatures of a tissue of origin have become available. Objective To review the literature on existing molecular approaches to the diagnosis of metastatic tumors of uncertain origin and discuss the current status and future developments in this area. Data Sources Published peer-reviewed literature, available information from medical organizations (National Comprehensive Cancer Network), and other publicly available information from tissue-of-origin test providers and/or manufacturers. Conclusions Molecular tests for tissue-of-origin determination in metastatic tumors are available and have the potential to significantly impact patient management. However, available validation data indicate that not all tests have shown adequate performance characteristics for clinical use. Pathologists and oncologists should carefully evaluate claims for accuracy and clinical utility for tissue-of-origin tests before using test results in patient management. The personalized medicine revolution includes the use of molecular tools for identification/confirmation of the site of origin for metastatic tumors, and in the future, this strategy might also be used to determine specific therapeutic approaches.
42
Jones, Andrew, und Stilianos Vidalis. „Rethinking Digital Forensics“. Annals of Emerging Technologies in Computing 3, Nr. 2 (01.04.2019): 41–53. http://dx.doi.org/10.33166/aetic.2019.02.005.
Der volle Inhalt der QuelleAnnotation:
In the modern socially-driven, knowledge-based virtual computing environment in which organisations are operating, the current digital forensics tools and practices can no longer meet the need for scientific rigour. There has been an exponential increase in the complexity of the networks with the rise of the Internet of Things, cloud technologies and fog computing altering business operations and models. Adding to the problem are the increased capacity of storage devices and the increased diversity of devices that are attached to networks, operating autonomously. We argue that the laws and standards that have been written, the processes, procedures and tools that are in common use are increasingly not capable of ensuring the requirement for scientific integrity. This paper looks at a number of issues with current practice and discusses measures that can be taken to improve the potential of achieving scientific rigour for digital forensics in the current and developing landscape.
43
Seo, Jungtaek, Seokjun Lee und Taeshik Shon. „A study on memory dump analysis based on digital forensic tools“. Peer-to-Peer Networking and Applications 8, Nr. 4 (21.06.2013): 694–703. http://dx.doi.org/10.1007/s12083-013-0217-3.
Der volle Inhalt der Quelle
44
Pluskal, Jan, Frank Breitinger und Ondřej Ryšavý. „Netfox detective: A novel open-source network forensics analysis tool“. Forensic Science International: Digital Investigation 35 (Dezember 2020): 301019. http://dx.doi.org/10.1016/j.fsidi.2020.301019.
Der volle Inhalt der Quelle
45
Salamh, Fahad E., Mohammad Meraj Mirza und Umit Karabiyik. „UAV Forensic Analysis and Software Tools Assessment: DJI Phantom 4 and Matrice 210 as Case Studies“. Electronics 10, Nr. 6 (19.03.2021): 733. http://dx.doi.org/10.3390/electronics10060733.
Der volle Inhalt der QuelleAnnotation:
Unmanned Aerial Vehicles (UAVs) also known as drones have created many challenges to the digital forensic field. These challenges are introduced in all processes of the digital forensic investigation (i.e., identification, preservation, examination, documentation, and reporting). From identification of evidence to reporting, there are several challenges caused by the data type, source of evidence, and multiple components that operate UAVs. In this paper, we comprehensively reviewed the current UAV forensic investigative techniques from several perspectives. Moreover, the contributions of this paper are as follows: (1) discovery of personal identifiable information, (2) test and evaluation of currently available forensic software tools, (3) discussion on data storage mechanism and evidence structure in two DJI UAV models (e.g., Phantom 4 and Matrice 210), and (4) exploration of flight trajectories recovered from UAVs using a three-dimensional (3D) visualization software. The aforementioned contributions aim to aid digital investigators to encounter challenges posed by UAVs. In addition, we apply our testing, evaluation, and analysis on the two selected models including DJI Matrice 210, which have not been presented in previous works.
46
Geiger, M., und L. F. Cranor. „Scrubbing Stubborn Data: An Evaluation of Counter-Forensic Privacy Tools“. IEEE Security & Privacy Magazine 4, Nr. 5 (September 2006): 16–25. http://dx.doi.org/10.1109/msp.2006.132.
Der volle Inhalt der Quelle
47
Kim, Hyungchan, Sungbum Kim, Yeonghun Shin, Wooyeon Jo, Seokjun Lee und Taeshik Shon. „Ext4 and XFS File System Forensic Framework Based on TSK“. Electronics 10, Nr. 18 (20.09.2021): 2310. http://dx.doi.org/10.3390/electronics10182310.
Der volle Inhalt der QuelleAnnotation:
Recently, the number of Internet of Things (IoT) devices, such as artificial intelligence (AI) speakers and smartwatches, using a Linux-based file system has increased. Moreover, these devices are connected to the Internet and generate vast amounts of data. To efficiently manage these generated data and improve the processing speed, the function is improved by updating the file system version or using new file systems, such as an Extended File System (XFS), B-tree file system (Btrfs), or Flash-Friendly File System (F2FS). However, in the process of updating the existing file system, the metadata structure may be changed or the analysis of the newly released file system may be insufficient, making it impossible for existing commercial tools to extract and restore deleted files. In an actual forensic investigation, when deleted files become unrecoverable, important clues may be missed, making it difficult to identify the culprit. Accordingly, a framework for extracting and recovering files based on The Sleuth Kit (TSK) is proposed by deriving the metadata changed in Ext4 file system journal checksum v3 and XFS file system v5. Thereafter, by comparing the accuracy and recovery rate of the proposed framework with existing commercial tools using the experimental dataset, we conclude that sustained research on file systems should be conducted from the perspective of forensics.
48
Berte, Rosamaria, Fabio Dellutri, Antonio Grillo, Alessandro Lentini, Gianluigi Me und Vittorio Ottaviani. „Fast smartphones forensic analysis results through mobile internal acquisition tool and forensic farm“. International Journal of Electronic Security and Digital Forensics 2, Nr. 1 (2009): 18. http://dx.doi.org/10.1504/ijesdf.2009.023872.
Der volle Inhalt der Quelle
49
Borges, Bruno Carramaschi, Gustavo Macedo de Mello Baptista und Paulo Roberto Meneses. „Identificação de Áreas Hidromórficas, por meio de Análise Espectral de Dados de Sensoriamento Remoto, como Subsídio para a Elaboração de Laudos Periciais de Avaliação de Imóveis Rurais (Identification of Hydromorphic Areas by Means of Spectral Analysis…)“. Revista Brasileira de Geografia Física 7, Nr. 6 (25.02.2015): 1062. http://dx.doi.org/10.26848/rbgf.v7.6.p1062-1077.
Der volle Inhalt der QuelleAnnotation:
Este trabalho teve como objetivo identificar áreas hidromórficas de duas fazendas, localizadas no Município de Flores de Goiás/GO, desapropriadas para o Programa de Reforma Agrária. Para tal, utilizou-se a análise integrada de índices espectrais, bem como algoritmos de classificação de dados de sensoriamento remoto, visando desenvolver metodologia que auxilie nas suas caracterizações físicas e subsidiar a elaboração de laudos periciais de avaliação de imóveis rurais. Utilizou-se uma imagem ASTER, de 02 de maio de 2013, do produto sob demanda AST_07XT, que já vem com as correções atmosférica e de crosstalk, além de ser um dado de reflectância de superfície. Para o processamento adotou-se a análise comparativa entre as ferramentas de PDI (Processamento Digital de Imagens) classificador hiperespectral SAM (Spectral Angle Mapper), e os índices espectrais EVI2 (Enhanced Vegetation Index-2) e IFe (Índice Férrico), bem como a utilização do modelo digital de elevação, com base em imagem SRTM, otimizada para 30 metros de resolução espacial. Foram analisados o relevo, solo, rede hidrográfica, clima e vegetação natural e exótica. Na sequência, quatro planos de informação temáticos foram produzidos, um para cada ferramenta de PDI, com o objetivo de identificar as terras úmidas, em face às variáveis apresentadas. Como resultado, a análise integrada demonstrou que, ainda que tenha sido possível separar as áreas úmidas das secas, individualmente, nenhum dos processamentos foi capaz de prover um resultado com precisão. Entende-se que trabalhos adicionais devem ser incentivados para que os laudos periciais relacionados à avaliação de imóveis rurais se tornem mais precisos e fundamentados tecnicamente. A B S T R A C TThe aim of this study is to identify hydromorphic areas in two farms located in the city of Flores de Goiás, GO and inappropriate for the Land Reform Programme. To this, we used the integrated analysis of spectral indices and supervised classification algorithms of remote sensing data, to develop a methodology to assist in their physical characterization, as well as subsidizing forensic reports of rural properties. We used an ASTER image of May 2nd, 2013 on demand product AST_07XT that comes with the atmospheric and crosstalk corrections, besides being a surface reflectance data. For processing adopted the comparative analysis DIP tools (Digital Image Processing) hyperspectral classifier SAM (Spectral Angle Mapper), and spectral indices EVI - 2 (Enhanced Vegetation Index - 2) and IFe (Ferric index) as well as the use of digital elevation model, based on SRTM image, optimized for 30-meter spatial resolution. We analyzed topography, soil, river network, climate and natural and exotic vegetation. Following four thematic information plans were produced, one for each DIP tool, to identifying wet areas, due to the variables presented. As a result, the integrated analysis demonstrated that, although it was possible to separate wet from dry areas individually, none of the processing was able to provide a result with precision. It is meant that additional work should be encouraged so that the forensic reports issued related to evaluation of rural properties become more technically accurate and justified.Keywords: Evaluation of rural properties, hydromorphic areas, SAM, EVI2, IFe, DEM.
50
Dahbur, Kamal, und Bassil Mohammad. „Toward Understanding the Challenges and Countermeasures in Computer Anti-Forensics“. International Journal of Cloud Applications and Computing 1, Nr. 3 (Juli 2011): 22–35. http://dx.doi.org/10.4018/ijcac.2011070103.
Der volle Inhalt der QuelleAnnotation:
The term computer anti-forensics (CAF) generally refers to a set of tactical and technical measures intended to circumvent the efforts and objectives of the field of computer and network forensics (CF). Many scientific techniques, procedures, and technological tools have evolved and effectively applied in the field of CF to assist scientists and investigators in acquiring and analyzing digital evidence for the purpose of solving cases that involve the use or misuse of computer systems. CAF has emerged as a CF counterpart that plants obstacles throughout the path of computer investigations. The purpose of this paper is to highlight the challenges introduced by anti-forensics, explore various CAF mechanisms, tools, and techniques, provide a coherent classification for them, and discuss their effectiveness. Moreover, the authors discuss the challenges in implementing effective countermeasures against these techniques. A set of recommendations are presented with future research opportunities.