Utilization of Digital Forensics in Proving the Crime of Disseminating Indecent Videos Through Facebook Social Media in the Legal Area of West Kalimantan Police

The research entitled: "Utilization of Digital Forensics in Proving the Crime of Disseminating Indecent Videos Through Facebook Social Media in the KALBAR Police Legal Area" aims to find out and describe the implementation of information and research results in Pontianak city and to find out and analyze the utilization of digital forensics in proving the crime of spreading indecent videos through Facebook social media in the KALBAR police jurisdiction. This research was conducted using a sociological juridical approach method, namely examining and processing data from field research by starting from normative legal aspects supported by documents related to the problem in the form of regulations and cases related to the subject matter Based on research and data analysis, information can be obtained that the implementation of Digital Forensics related to the criminal act of spreading immoral videos through Facebook social media is a process of investigating and analyzing digital evidence related to the crime. In this case, the digital evidence that is the focus is an immoral video that spreads through the Facebook social media platform. Discussed in several important topics, namely; 1. The Role of Digital Forensics Related to the Crime of Dissemination of Indecent Video Through Facebook Social Media, 2. What Factors Become Obstacles in Proof Through Digital Forensics Related to the Crime of Dissemination of Indecent Video Through Facebook Social Media, 3. What Efforts Have Been Made in Optimizing Digital Forensic Evidence Related to the Crime of Immoral Video Dissemination Through Facebook. The conclusion that can be conveyed in this research is that the application of digital forensics involves several important stages, including the identification of digital evidence, storage of digital evidence, analysis of digital evidence, and presentation of findings. Digital forensics has a crucial role in proving legal cases. In Indonesia, the evidentiary system requires a minimum of two valid pieces of evidence and the conviction of the Judge to determine the guilt of the defendant. In the case of cyber crime, electronic evidence must meet both formal and material requirements to be considered valid and admissible in court. Therefore, the application of digital forensics in the investigation of cyber crime, especially the distribution of immoral videos, has an important role in finding relevant electronic evidence and evidence for the judicial process

Software Engineering Challenges for Investigating Cyber-Physical Incidents

Cyber-Physical Systems (CPS) are characterized by the interplay between digital and physical spaces. This characteristic has extended the attack surface that could be exploited by an offender to cause harm. An increasing number of cyber-physical incidents may occur depending on the configuration of the physical and digital spaces and their interplay. Traditional investigation processes are not adequate to investigate these incidents, as they may overlook the extended attack surface resulting from such interplay, leading to relevant evidence being missed and testing flawed hypotheses explaining the incidents. The software engineering research community can contribute to addressing this problem, by deploying existing formalisms to model digital and physical spaces, and using analysis techniques to reason about their interplay and evolution. In this paper, supported by a motivating example, we describe some emerging software engineering challenges to support investigations of cyber-physical incidents. We review and critique existing research proposed to address these challenges, and sketch an initial solution based on a meta-model to represent cyber-physical incidents and a representation of the topology of digital and physical spaces that supports reasoning about their interplay

Medical Cyber-Physical Systems Development: A Forensics-Driven Approach

The synthesis of technology and the medical industry has partly contributed to the increasing interest in Medical Cyber-Physical Systems (MCPS). While these systems provide benefits to patients and professionals, they also introduce new attack vectors for malicious actors (e.g. financially-and/or criminally-motivated actors). A successful breach involving a MCPS can impact patient data and system availability. The complexity and operating requirements of a MCPS complicates digital investigations. Coupling this information with the potentially vast amounts of information that a MCPS produces and/or has access to is generating discussions on, not only, how to compromise these systems but, more importantly, how to investigate these systems. The paper proposes the integration of forensics principles and concepts into the design and development of a MCPS to strengthen an organization's investigative posture. The framework sets the foundation for future research in the refinement of specific solutions for MCPS investigations.Comment: This is the pre-print version of a paper presented at the 2nd International Workshop on Security, Privacy, and Trustworthiness in Medical Cyber-Physical Systems (MedSPT 2017

An Argumentation-Based Reasoner to Assist Digital Investigation and Attribution of Cyber-Attacks

We expect an increase in the frequency and severity of cyber-attacks that comes along with the need for efficient security countermeasures. The process of attributing a cyber-attack helps to construct efficient and targeted mitigating and preventive security measures. In this work, we propose an argumentation-based reasoner (ABR) as a proof-of-concept tool that can help a forensics analyst during the analysis of forensic evidence and the attribution process. Given the evidence collected from a cyber-attack, our reasoner can assist the analyst during the investigation process, by helping him/her to analyze the evidence and identify who performed the attack. Furthermore, it suggests to the analyst where to focus further analyses by giving hints of the missing evidence or new investigation paths to follow. ABR is the first automatic reasoner that can combine both technical and social evidence in the analysis of a cyber-attack, and that can also cope with incomplete and conflicting information. To illustrate how ABR can assist in the analysis and attribution of cyber-attacks we have used examples of cyber-attacks and their analyses as reported in publicly available reports and online literature. We do not mean to either agree or disagree with the analyses presented therein or reach attribution conclusions

Security Incident Response Criteria: A Practitioner's Perspective

Industrial reports indicate that security incidents continue to inflict large financial losses on organizations. Researchers and industrial analysts contend that there are fundamental problems with existing security incident response process solutions. This paper presents the Security Incident Response Criteria (SIRC) which can be applied to a variety of security incident response approaches. The criteria are derived from empirical data based on in-depth interviews conducted within a Global Fortune 500 organization and supporting literature. The research contribution of this paper is twofold. First, the criteria presented in this paper can be used to evaluate existing security incident response solutions and second, as a guide, to support future security incident response improvement initiatives