5,848 research outputs found
Boosting Image Forgery Detection using Resampling Features and Copy-move analysis
Realistic image forgeries involve a combination of splicing, resampling,
cloning, region removal and other methods. While resampling detection
algorithms are effective in detecting splicing and resampling, copy-move
detection algorithms excel in detecting cloning and region removal. In this
paper, we combine these complementary approaches in a way that boosts the
overall accuracy of image manipulation detection. We use the copy-move
detection method as a pre-filtering step and pass those images that are
classified as untampered to a deep learning based resampling detection
framework. Experimental results on various datasets including the 2017 NIST
Nimble Challenge Evaluation dataset comprising nearly 10,000 pristine and
tampered images shows that there is a consistent increase of 8%-10% in
detection rates, when copy-move algorithm is combined with different resampling
detection algorithms
On the complexity of collaborative cyber crime investigations
This article considers the challenges faced by digital evidence specialists when collaborating with other specialists and agencies in other jurisdictions when investigating cyber crime. The opportunities, operational environment and modus operandi of a cyber criminal are considered, with a view to developing the skills and procedural support that investigators might usefully consider in order to respond more effectively to the investigation of cyber crimes across State boundaries
A semantic methodology for (un)structured digital evidences analysis
Nowadays, more than ever, digital forensics activities are involved in any criminal, civil or military investigation and represent a fundamental tool to support cyber-security.
Investigators use a variety of techniques and proprietary software forensic applications to examine the copy of digital devices, searching hidden, deleted, encrypted, or damaged files or folders. Any evidence found is carefully analysed and documented in a "finding report" in preparation for legal proceedings that involve discovery, depositions, or actual litigation.
The aim is to discover and analyse patterns of fraudulent activities.
In this work, a new methodology is proposed to support investigators during the analysis process, correlating evidences found through different forensic tools.
The methodology was implemented through a system able to add semantic assertion to data generated by forensics tools during extraction processes. These assertions enable more effective access to relevant information and enhanced retrieval and reasoning capabilities
Using a Goal-Driven Approach in the Investigation of a Questioned Contract
Part 3: FORENSIC TECHNIQUESInternational audienceThis paper presents a systematic process for describing digital forensic investigations. It focuses on forensic goals and anti-forensic obstacles and their operationalization in terms of human and software actions. The paper also demonstrates how the process can be used to capture the various forensic and anti-forensic aspects of a real-world case involving document forgery
A Forensically Sound Adversary Model for Mobile Devices
In this paper, we propose an adversary model to facilitate forensic
investigations of mobile devices (e.g. Android, iOS and Windows smartphones)
that can be readily adapted to the latest mobile device technologies. This is
essential given the ongoing and rapidly changing nature of mobile device
technologies. An integral principle and significant constraint upon forensic
practitioners is that of forensic soundness. Our adversary model specifically
considers and integrates the constraints of forensic soundness on the
adversary, in our case, a forensic practitioner. One construction of the
adversary model is an evidence collection and analysis methodology for Android
devices. Using the methodology with six popular cloud apps, we were successful
in extracting various information of forensic interest in both the external and
internal storage of the mobile device
Information-theoretic Physical Layer Security for Satellite Channels
Shannon introduced the classic model of a cryptosystem in 1949, where Eve has
access to an identical copy of the cyphertext that Alice sends to Bob. Shannon
defined perfect secrecy to be the case when the mutual information between the
plaintext and the cyphertext is zero. Perfect secrecy is motivated by
error-free transmission and requires that Bob and Alice share a secret key.
Wyner in 1975 and later I.~Csisz\'ar and J.~K\"orner in 1978 modified the
Shannon model assuming that the channels are noisy and proved that secrecy can
be achieved without sharing a secret key. This model is called wiretap channel
model and secrecy capacity is known when Eve's channel is noisier than Bob's
channel.
In this paper we review the concept of wiretap coding from the satellite
channel viewpoint. We also review subsequently introduced stronger secrecy
levels which can be numerically quantified and are keyless unconditionally
secure under certain assumptions. We introduce the general construction of
wiretap coding and analyse its applicability for a typical satellite channel.
From our analysis we discuss the potential of keyless information theoretic
physical layer security for satellite channels based on wiretap coding. We also
identify system design implications for enabling simultaneous operation with
additional information theoretic security protocols
An Ontology-Based Forensic Analysis Tool
The analysis of forensic investigation results has generally been identified as the most complex phase of a digital forensic investigation. This phase becomes more complicated and time consuming as the storage capacity of digital devices is increasing, while at the same time the prices of those devices are decreasing. Although there are some tools and techniques that assist the investigator in the analysis of digital evidence, they do not adequately address some of the serious challenges, particularly with the time and effort required to conduct such tasks. In this paper, we consider the use of semantic web technologies and in particular the ontologies, to assist the investigator in analyzing digital evidence. A novel ontology-based framework is proposed for forensic analysis tools, which we believe has the potential to influence the development of such tools. The framework utilizes a set of ontologies to model the environment under investigation. The evidence extracted from the environment is initially annotated using the Resource Description Framework (RDF). The evidence is then merged from various sources to identify new and implicit information with the help of inference engines and classification mechanisms. In addition, we present the ongoing development of a forensic analysis tool to analyze content retrieved from Android smart phones. For this purpose, several ontologies have been created to model some concepts of the smart phone environment.
Keywords: digital forensic investigation, digital forensic analysis tool, semantic web, ontology, androi
- …