Science topic

Computer Forensics - Science topic

Explore the latest questions and answers in Computer Forensics, and find Computer Forensics experts.
Questions related to Computer Forensics
  • asked a question related to Computer Forensics
Question
12 answers
Hello I am looking for ideas for my final year project in the cyber security field. I am mostly interested in something in Networking, computer forensics, or blockchain technologies.
Relevant answer
Answer
I propose a topic: Analysis of the possibility of using Blockchain technology to improve the level of cybersecurity of online banking and reduce the risk of cybercrime developing thanks to the use of ransomware viruses.
Best wishes,
Dariusz Prokopowicz
  • asked a question related to Computer Forensics
Question
11 answers
recent hot area of research in the field of cyber forensics
Relevant answer
Answer
Below I briefly described the issues related to cybercrime and cybersecurity, which I researched and described in scientific publications that are available on the Research Gate portal. Over the past few years, the scale of cybercrime attacks on the IT systems of various institutions, including government institutions, on the databases of social media portals, on the ICT systems of banks, on electronic banking systems has been growing. Cybercriminals are increasingly attacking mobile online banking systems made available to Internet users and bank customers through mobile devices, mainly via smartphones. Research shows that the scale of cybercrime attacks on the IT systems of banks, institutions, etc. using social engineering combined with perfidiously created malicious software such as ransomware, i.e. encrypting access to data on disks or redirecting users to fake websites of banks and institutions on the Internet to phishing personal data, access passwords to electronic banking accounts and, as a result, to steal money. For several years, many mailbox users have appeared strange emails of unknown origin, which are sent as spam from private other email accounts or others with false information. Attachments containing false information are attached to many of these suspicious emails, usually sent by cybercriminals and hackers. Attachments are usually of the WORD * .doc document type, the Acrobat Reader * .pdf format, image files or other formats, and often contain Ransomware-type viruses. These are very dangerous viruses that encrypt access to a computer's disk. In addition, cyber criminals are increasingly using mailboxes set up on the e-mail portal to send infected e-mails to subsequent Internet users by generating fake emails so that they look like a specific user of the mailbox would send e-mails prepared by cybercriminals to their friends. These types of cybercrime techniques are becoming more common. Why are Internet technology companies that dominate the market and offer e-mail services do not improve the security of e-mail communication systems using e-mail boxes to significantly reduce cybercriminals' activity harmful to citizens? This question is still valid. On the other hand, internet banks and technology internet companies, technology fintechs are constantly improving cyber security techniques. The development of Business Intelligence business intelligence, Blockchain technology, data analysis in Big Data database systems, artificial intelligence to track movements and attacks made by cybercriminals, for prognostic analyzes, etc. can be helpful in the process of improving IT systems risk management. Therefore, the skilful and efficient use of data science technology can be helpful in combating cybercrime, but it all depends on how these technologies will be used and, as a consequence, who will win in the following years in this IT, information "arms race". I conduct research in this area. Conclusions from the research I published in scientific publications that are available on the Research Gate website. I invite you to scientific cooperation.
Greetings,
Dariusz Prokopowicz
  • asked a question related to Computer Forensics
Question
5 answers
Smartphones are fast becoming an ubiquitous device used throughout the day to undertake a variety of activities which may have been traditionally completed using a PC. What are the implications in the rise of smartphones for forensic practitioners?
Relevant answer
Answer
Hi Osama, I am also working on this topic as you did before. I just want to know that what can be implications with the rise of smartphones
  • asked a question related to Computer Forensics
Question
8 answers
Im looking to base my research on OSINT and building a suspect profile. Any leads about current research or researchers would help.
Thanks
Relevant answer
Answer
Within the legal systems of developed countries that have adversarial legal systems (based on Common Law as opposed to Napoleonic inquisitorial legal systems), it is very unlikely that any intelligence information which has not been independently and reliably corroborated with other types of evidence could be used to achieve a criminal conviction because of the high burden of proof required i.e. "beyond reasonable doubt" evidence is required in line with Blackstone's formulation (https://en.wikipedia.org/wiki/Blackstone%27s_formulation).
On page 20 (PDF page 35) of my 2014 Masters thesis (https://www.royalholloway.ac.uk/isg/documents/pdf/technicalreports/2015/rhul-isg-2015-3.pdf) you will find a number of references to ISO and National standards for electronic records including ISO/IEC 27037:2012, DoD 5015.2-STD, BS 10008:2014 and Australian Standard HB 171-2003.
In my opinion it would not only be very expensive and slow to attempt to apply these standards in the fast-moving field of OSINT.
It is more typical for OSINT to be collected, analysed and exploited within less rigorous standards of electronic record keeping. This means that OSINT is not itself generally admissible as evidence.
However OSINT may be used as an input to identifying potential targets for forensic investigations which are conducted to the high standards necessary for use in criminal cases.
If you were to limit the scope of your study to the use of OSINT in civil cases where the standard of evidence required is lower (balance of probabilities) then I would imagine that you would have more scope for exploring the use of OSINT in direct support of legal cases.
  • asked a question related to Computer Forensics
Question
5 answers
Talking about a multi-platform digital forensic software that supports computer and smartphones, including tablets.
Relevant answer
Answer
It depends on what are you looking for, commercial or open source. However, here is a wiki list that contains both categories with a brief description for each software/tool.
  • asked a question related to Computer Forensics
Question
3 answers
I need the database of digital crimes committed especially for cases already established may be in a court of law.
Relevant answer
Answer
You might be also interested in the IoT Forensics Challenge provided by DFRWS. Have a look here.
  • asked a question related to Computer Forensics
Question
3 answers
In the case of file digital evidence resulting from the acquisition and imaging of electronic device, is there any metadata standard used to be applied to digital evidence. Are there any similar research that discusses about metadata (standard / specification / schema / element)  for digital evidence ?
Relevant answer
Answer
ACPO guidline. ISO, NIST etc guidelines shows metadata forensic is important but it depends upon case requirements...
  • asked a question related to Computer Forensics
Question
5 answers
What are significant forensic parameters of cloud storage forensics.
Relevant answer
Answer
Check 65 challenges published by NIST in July 2014 that are based on the following :
1. Stakeholders
2. Action
3. Object
4. Reason
  • asked a question related to Computer Forensics
Question
5 answers
Recently I have visited one the website published a data in row and column in pdf file format.  I have noticed that after two days later on the data has been changed in one of the cells but file name is remain same.
My question is that
1.       Can we check the date of medication of the file and any track record of the changes sequence with valid proof?  
2.       Is there any computer forensic tool or software to check the modification or overwrite the file details of the website?
Relevant answer
Answer
On a website the last-modified information should appear when you make a HEAD http request on the resource. In linux you can do
Type (replacing both "grussell.org" with the name of the server and "/" with the file details):
telnet grussell.org 80
HEAD / HTTP1/1
(then type 2 returns)
HTTP/1.1 200 OK
...
Last-Modified: Fri, 13 Jan 2012 10:36:12 GMT
ETag: "a5f-4b6666eff7f00"
Content-Length: 2655
The last-modified data should reflect the last modified of the file. Additionally if the file changes the ETag should change along with the length of the file. Sometimes some of the information may not be present, but at least the content-length is almost always there and will likely change, and usually the last-modified is present in a well-written system.
Simple enough to write a little program to do that.
I hope that helps.
Gordon.
  • asked a question related to Computer Forensics
Question
9 answers
Not to be confused with the path when we recieve the email, but like when we send it.
I'm working on a scenario where an email with an attachment was sent using Thunderbird. I'm using Free MBOX File Viewer for the info of the email, yet only the filename is mentioned and not the full path.
Besides searching the computer to find the file using the filename, is there any way to find the original path of the attachment?
From what I searched till now, there's nothing mentioned about the full path, only the filename.
Relevant answer
Answer
From one side you confuse me, from the other side I confuse you, so we are ok :p.
Well, I think I understand what you mean. That the email clients, when you add an attachment at email, they don't keep the fullpath, only the filename, due to security reasons.
Ok, thanks for the extended info.
  • asked a question related to Computer Forensics
Question
2 answers
Hi everyone
Consider that we have a communication system using spreading sequence, what parameter(s) does measure the robustness of system against the attack on the spreading codes?
Relevant answer
Answer
Hi Mahdiyar,
CDMA spreading sequences will spread out the spectrum of narrowband interference while crosscorrelating the local sequence with the received sequence.
The "measure of goodness" or robustness in CDMA is called the "Jamming Margin"
In approximate terms, it is the ration of the effective RF bandwidth of the spreading sequence when applied to an RF carrier to the effective information bandwith of the unspread signal. If you have an unspread signal bandwidth of 10KHz and a spreading bandwith of 1000KHz, the jamming margin is 100 or 20 dB.
Good luck
  • asked a question related to Computer Forensics
Question
6 answers
for example there is a file(may be a word, pdf or any other) in a server, when ever a user read or write that file, user id and operation should be recorded.
Relevant answer
Answer
Peter, I agree. I deem that each contemporary filesystem should proffer logs to unambiguously trace access on its files.
  • asked a question related to Computer Forensics
Question
5 answers
I have been trying to extract meta data from various types of files. I am looking for attributes that are available for any type of file format so that I can use them for clustering. I need suggestions for selecting attributes. Please suggest me some meta data that is available for all kinds of files. If the data are numeric that would be better. Thanks. 
Relevant answer
Answer
There are also the so called extended file attributes,
like album, title, duration...
They seem to be added in various file systems.
What also could be done is to compute statistical data
and assign the files to clusters. I faintly remember
that it was possible to recognize componists by the
zipped version of their recorded music.
Regards,
Joachim
  • asked a question related to Computer Forensics
Question
7 answers
I want to know some latest issues in terms of privacy due to data publishing or data mining in real example that happened after 2013. I have some example like
Google bypass safari browser privacy bypass issue
Max Schrems against Facebook.
Please share if you know some more example
Relevant answer
Answer
Could you shade more light on what you mean by "Real time issues of privacy..."? I am assuming you are taking about Privacy in Temporal Information Retrieval. If that is the case, there is a good beginning resource that lists a number of research articles on the subject -http://en.wikipedia.org/wiki/Temporal_information_retrieval 
The challenge would be incorporating various privacy algorithms in temporal information retrieval systems.
  • asked a question related to Computer Forensics
Question
4 answers
It seems that not much work has been done regarding proposing frameworks on forensic investigations in cloud computing.
So far what I found is:
1- McKemmish suggestion on 1999
2- NIST suggestion 2006
3- Integrated conceptual digital forensic framework for cloud computing Ben and Kim 2012
Does anyone here know any other related frameworks? Kindly include them (title/URL) in your reply .
Relevant answer
Answer
Dear Mohammad, please refer to my article namely Security of Cloud Computing Environment by Huda Karajeh, Mahmoud Maqableh, Ra'ed (Moh'd Taisir) Masa'deh
it might help. Yours
  • asked a question related to Computer Forensics
Question
3 answers
CSP knows which VM is created by which user. It also knows how and where evidence is stored. If CSP is providing the total information then cloud forensics is the same as computer forensics. What is challenging in cloud forensics? Will cloud forensics be the same as computer forensics?
Relevant answer
Answer
basically IMHO there are some other issues other than the identification of the VMs considering the distribution concept of we have in cloud data of that customer may have scattered all over the globe,
You may find this helpful
This too looks at the case from variety of aspects
  • asked a question related to Computer Forensics
Question
7 answers
I am interested in buying forensic softwares, please suggest along with vendors and prices. Thank you.
Relevant answer
Answer
We use AssecData FTK 5, Encase 7, and X-Ways. Additionally OS Forensics is also a good and cheap tool. For Smartphone forensics we use Oxygen Forensic Suite.
  • asked a question related to Computer Forensics
Question
2 answers
Recent technological advances in mobile phones and the development of smart phones has led to increased use and dependence on the mobile phone.
Relevant answer
Answer
Smart devices are complex devices for forensic investigations. Different Operating System, Various Hardware combinations, No standard tools which support whole smart device base. So Mobile Forensic is a big challenge to us. Technically said each phone separate investigation tool is needed. No standard procedure to follow for evidence analysis.
  • asked a question related to Computer Forensics
Question
7 answers
The duration of the programme could be one year (Two semesters).
Relevant answer
Answer
In short:
Must: 1. Some Degree in Computers or Electronics
2. Excellent Admin Skills on Windows and Linux
3. Attitude towards unleashing hidden facts
Desirable: Programming or scripting language
contents:
1. Acquistion
2. Malware analysis
3. Memory analysis
4. Mobile Forensics
5. Analyzing PCAP and rewrite what happened!