This article deals with the provisions in arab convention on combating information technology offences, and pertaining to measures for the collection of digital evidences of offences committed by ...means of information technology. Through analyzing the related convention articles, and comparing with the similar articles in Budabest convention on cybercrime. Therefore, the study is devided un two parts, the first part discourse about the procedures of stored information, the second talk about the procedures of non-stored information. Finally, it concluded with several conclusions and recommendations.
It is well-known that transnational data flows are rising simultaneously with the increasing use of social media, webmail, messaging services, and apps to communicate, work, socialize and gain ...information, unfortunately, including also unlawful purposes. Criminal procedural measures for gathering evidence as part of a criminal investigation are usually national in scope, but obtaining electronic evidence often has cross-border implications. Courts and legislatures have often failed to keep pace with rapid advances in digital technology and computer software capabilities. This paper analyzes the European legal framework for the transnational gathering of electronic evidence in Europe. Initially, it argues the challenges of the cross-border gathering of electronic evidence in criminal investigations
The prevalence of computer and the internet has brought forth the increasing spate of cybercrime activities; hence the need for evidence to attribute a crime to a suspect. The research therefore, ...centres on evidence, the legal standards applied to digital evidence presented in court and the main sources of evidence in the Windows OS, such as the Registry, slack space and the Windows event log. In order to achieve the main aim of this research, cybercrime activities such as automated password guessing attack and hacking was emulated on to a Windows OS within a virtual network environment set up using VMware workstation. After the attack the event logs on the victim system was analysed and assessed for its admissibility (evidence must conform to certain legal rules), and weight (evidence must convince the court that the accused committed the crime).
In the computer era, various digital devices are used along with networking technology for data communication in secured manner. But sometimes these systems are misused by the attackers. Information ...security with the high efficiency devices, tools are utilized for protecting the communication media and valuable data. In case of any unwanted incidents and security breaches, digital forensics methods and measures are well utilized for detecting the type of attacks, sources of attacks, their purposes. By utilizing information related to security measures, digital forensics evidences with suitable methodologies, digital forensics investigators detect the cyber-crimes. It is also necessary to prove the cyber-crimes before the law enforcement department. During this process investigators type to collect different types of information from the digital devices concerned to the cyber-attack. One of the major tasks of the digital investigator is collecting and managing the seizure records from the crime-scene. The present paper discusses the seizure record framework for digital forensics investigations.
The adoption of Internet of Things (IoT) devices in numerous industries is rising rapidly these days, particularly in health care industry. The volume of data transmitted by these devices is ...enormous, and it will be in variety of formats. Furthermore, there is no guarantee that the data and gadgets are secure. If the equipment malfunctions as a result of one of the attacks, it may endanger human life if there is a direct connection. Therefore, it is required to have extensive investigation if any IoT-related cybercrime is discovered. This entails gathering adequate evidence from these IoT devices in order to undertake a thorough inquiry and obtained evidentiary data has to be protected. The primary purpose of this work is to extract evidences from Raspberry Pi and record it in the public digital ledger. This work also focuses on gathering data from wide range of IoT devices, that are in different data formats. After precisely examining the relationships between evidence, provenance, traceability, and auditability, artefacts from IoT devices are extracted and published in the IoT Forensics Network ledger.
During a criminal investigation, the evidence collection process produces an enormous amount of data. These data are present in many medias and IoT devices that are extracted as crime evidences (USB ...flash drives, smartphones, hard drives, computers, drones, smartwatches, AI speakers, sensors etc). Due to this data volume, the manual analysis is slow and costly. This work fulfills this gap by presenting a data extraction and processing platform for crime evidence analysis. Our proposed platform leverages a lambda architecture and uses a set of tools and frameworks such as Hadoop HDFS, Kafka, Spark and Docker to analyze a big volume of data at an acceptable time. We also present an example of the proposed platform in use by the State Attorney Office of Rio Grande do Norte (Brazil), where some evaluative tests have been carried out.
Big Data Platform for Analysing Crime Evidences do Valle, Joao Marcos; Souza, Gabriel; Fidelis, Samuel ...
2020 IEEE Sixth International Conference on Big Data Computing Service and Applications (BigDataService)
Conference Proceeding
During a criminal investigation, the evidence collection process produces an enormous amount of data. These data are present in many medias that are extracted as crime evidences (USB flash drives, ...smartphones, hard drives, computers, etc). Due to this data volume, the manual analysis is slow and costly. This work fulfills this gap by presenting a data extraction and processing platform for crime evidence analysis, named INSIDE. Our proposed platform leverages a lambda architecture and uses a set of tools and frameworks such as Hadoop HDFS, Kafka, Spark and Docker to analyze a big volume of data at an acceptable time. We also present an example of the proposed platform in use by the Public Ministry of Rio Grande do Norte(Brazil), where some evaluative tests have been carried out.
We have heard of Cyber Espionage where a spy was able to hide data and go unnoticed virtually. Using some forensics frameworks we can able to hide and retrieve data in any format both in Windows and ...Linux operating systems. Whatever the data are made to be hidden in the disk, some frameworks are very good at its carving technique which it analyze and give all the parts of the disk or any other memory devices. In this paper I have clearly explained how memory forensics frameworks analyze the memory of the hard disk drives. Some specific utilities are capable and designed specifically only for windows Operating system and at the same way some forensics frameworks are designed specifically for Linux based distributions. Here I have analyzed few frameworks that are currently good in conducting a digital forensic investigation. These frameworks are for a human resources internal investigation where unauthorized investigation into the server, or to select frameworks to conduct new investigation and these frameworks and suits will assist to conduct analysis of memory forensic, forensic analysis of hard drive, forensic imaging, forensic image exploration, forensic imaging and mobile forensics. Such that, they all designed in such a way that it has the features to bring back in whole depth analyzed report of its merits in its technique flow and about what's under the system hood.
An insight into digital forensics branches and tools Kumari, Noble; Mohapatra, A. K.
2016 International Conference on Computational Techniques in Information and Communication Technologies (ICCTICT),
03/2016
Conference Proceeding
As the adoption of the Ubiquitous Computing is growing with accelerated pace, cyber crime is also expanding and crime investigation is maturing into a more challenging issue which needs to be ...confronted. Many advanced digital forensic tools have been developed but investigation of most of the cyber crimes is difficult due to the lack of effective forensic processes and specialized tools. Cyber crime investigation requires effective forensic plan and efficient tools for forensic analysis. In this paper, various digital forensics branches along with the available forensics tools have been discussed. The efficiency and effectiveness of the various tools have been compared based on their features. This work is very much useful for security practitioners, Forensic researchers and law enforcement agencies in exploring the various available forensic tools and their capabilities to deal with the issues in cyber forensics.
Electronic devices can be seen everywhere in our lives along with the popularization and application of computer technology, meanwhile more and more digital traces are found in criminal activities, ...so we can take these digital evidences to prove case. But digital evidences usually have been questioned in the courts because of their reliability. There is no valid method to prove the reliability of digital evidences. In this paper, we put forward a framework to analyze reliability of digital evidences in computer system, using expert system to access related digital evidences and estimate the consistency among evidences with rules.