Analysis of digital forensics live system acquisition methods to achieve optimal evidence preservation

Jones, Josh; Etzkorn, Letha H.

doi:10.1109/secon.2016.7506709

Cited by 6 publications

(5 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…For instance, emails, sheets saved on the computer, or pictures. In addition, there are other sources to find non-volatile data such as local evidence drives, cloud storage, shared folder on a local network, smart phones, PDAs, and USB thumb drives [8]. Often, during the examination process of forensic investigation, investigators collect all information from non-volatile data to use them a credible evidence of the incident.…”

Section: Non-volatile Evidence Preservationmentioning

confidence: 99%

“…Control system domain will create key information resources in order to handle the data in the direction that to be applied of data retention which is not a requirement and not cost-effective. Volatility of is the other challenge that forensic investigators face and his makes the process of collecting data inviable because the data within the collection process is removed, deleted, or overwritten, and this can make it impossible to be detected in its original state [8]. Furthermore, most examiners are facing another problem in retrieving data forensically, which known as "Data Mingling" [3].…”

Section: Forensic Challenge With Collectionmentioning

confidence: 99%

“…Other reason for performing a formal digital forensic investigation is recovering lost, deleted, or corrupted critical data. The recovered data is a great assist to prosecute the criminals [8].…”

Section: Digital Forensics Gap Analysismentioning

confidence: 99%

See 2 more Smart Citations

Role of Multimedia Information Retrieval in Providing a Credible Evidence for Digital Forensic Investigations: Open Source Intelligence Investigation Analysis

Adel¹,

Cusack²

2020

Computer Science &Amp; Information Technology

View full text Add to dashboard Cite

Enhancements in technologies and shifting trends in customer behaviour have resulted in an increase in the variety, volume, veracity and velocity of available data for conducting digital forensic analysis. In order to conduct intelligent forensic investigation, open source information and entity identification must be collected. Challenge of organised crimes are now involved in drug trafficking, murder, fraud, human trafficking, and high-tech crimes. Criminal Intelligence using Open Source Intelligence Forensic (OSINT) is established to perform data mining and link analysis to trace terrorist activities in critical. In this paper, we will investigate the activities done by a suspect employee. Data mining is to be performed and link analysis as well to confirm all participating parties and contacted persons used in the communications. The proposed solution was to identify the scope of the investigation to limit the results, ensure that expertise and correct tools are ready to be implemented for identifying and collecting potential evidences. This enhanced information and knowledge achieved are of advantage in research. This form of intelligence building can significantly support real world investigations with efficient tools. The major advantage of analysing data links in digital forensics is that there may be case-related information included within unrelated databases.

show abstract

Section: Non-volatile Evidence Preservationmentioning

confidence: 99%

Section: Forensic Challenge With Collectionmentioning

confidence: 99%

See 1 more Smart Citation

Role of Multimedia Information Retrieval in Providing a Credible Evidence for Digital Forensic Investigations: Open Source Intelligence Investigation Analysis

Adel¹,

Cusack²

2020

Computer Science &Amp; Information Technology

View full text Add to dashboard Cite

show abstract

“…In this research we designed and tested an investigation framework for multimedia data types to address the challenges of evidence collection in CIs. The volume and complexity issues influence the evidence collection phase but also each environment has unique features from organizational cultures, administration designs, recovery tools, record structures, logging systems, and general usage patterns that all impact the scope and success of an investigation [8]. In addition, there are further challenges such as automation, volatility of data, and data mingling.…”

Section: Introductionmentioning

confidence: 99%

The Role of Penetration Testing in Forensic Multimedia Retrieval Process

Adel¹,

Cusack²

2021

Multimedia Information Retrieval

View full text Add to dashboard Cite

Digital forensic investigators are faced with multimedia retrieval and discovery challenges that require innovation and application of evolving methodologies. This work is made more difficult in critical infra-structure environments where the acquired evidence is in many formats, types and presentations. Penetration testing is one of the techniques used to focus an investigation and to target the potential case information from the vulnerability identification phase, through to the media identification phase. In this chapter a review of these processes is made and a framework example developed to show how the investigator discovers relevant evidence. The problem for the digital investigator is the vast array of media in which evidence is stored or transmitted. Some work is from live retrieval and others static. A framework of methods that is flexible and adaptable to the context of investigation is proposed and the discovery methods for multimedia environments elaborated.

show abstract

“…Internet menjadi sangat penting dalam kehidupan sehari-hari, aplikasi yang digunakan untuk melakukan internet biasa disebut dengan browser. Jenis browser saat ini semakin banyak dan berkembang dengan pesat diantaranya Google Chrome, Mozilla Firefox, Microsoft Edge, Internet Explore, Safari, Opera dan lainnya (Bickford & Giura, 2015) (Jones & Etzkorn, 2016).…”

unclassified

Implementasi Live Forensics untuk Perbandingan Browser pada Keamanan Email

Faiz

Umar

Yudhana

2017

JISKa

View full text Add to dashboard Cite

Digital Forensics become one popular term because Currently many violations of cyber crime. Digital techniques Computer Forensics performed or with analyze digital device, whether the device is a media Actors or as a media victim. Digital Forensic Analysis Being divided into two, traditional / dead and alive. Forensic analysis traditionally involves digital data Deposited permanent Operates in Irish, while live forensic analysis involves analysis of data Namely temporary in Random Access Memory or Deposited hearts transport equipment in the Network. Singer proposes journal Forensic analysis of life in the latest operation system windows 10. That study focused IN case several email security browsers Sales Operations manager of Google Chrome, Mozilla Firefox, and Microsoft Internet Explorer Edge. In addition, although many digital forensics type software applications not free, goal on research objectives compares browser security information so it will be more minimize abuse email.

show abstract

Analysis of digital forensics live system acquisition methods to achieve optimal evidence preservation

Cited by 6 publications

References 5 publications

Role of Multimedia Information Retrieval in Providing a Credible Evidence for Digital Forensic Investigations: Open Source Intelligence Investigation Analysis

Role of Multimedia Information Retrieval in Providing a Credible Evidence for Digital Forensic Investigations: Open Source Intelligence Investigation Analysis

The Role of Penetration Testing in Forensic Multimedia Retrieval Process

Implementasi Live Forensics untuk Perbandingan Browser pada Keamanan Email

Contact Info

Product

Resources

About