Forensics of Software Copyright Infringement Crimes: The Modern POSAR Test Juxtaposed With The Dated AFC Test

This paper presents a new development in the forensics of software copyright through a juxtaposed comparison between the proven AFC test and the recent POSAR test, the two forensic procedures for establishing software copyright infringement cases. First, the paper separately overviews the 3-stage, linear sequential AFC test and then the 5-phase, cyclic POSAR test (as AFC’s logical extension). The paper then compares the processes involved in each of the 5 phases of the POSAR test with the processes involved in the 3 stages in the AFC test, for the benefit of forensic practitioners and researchers. Finally, the paper discusses some common areas where both the tests will need careful handling while implementing them in the judiciaries across the world

A Cyber Forensics Needs Analysis Survey: Revisiting the Domain\u27s Needs a Decade Later

The number of successful cyber attacks continues to increase, threatening financial and personal security worldwide. Cyber/digital forensics is undergoing a paradigm shift in which evidence is frequently massive in size, demands live acquisition, and may be insufficient to convict a criminal residing in another legal jurisdiction. This paper presents the findings of the first broad needs analysis survey in cyber forensics in nearly a decade, aimed at obtaining an updated consensus of professional attitudes in order to optimize resource allocation and to prioritize problems and possible solutions more efficiently. Results from the 99 respondents gave compelling testimony that the following will be necessary in the future: 1) better education/training/certification (opportunities, standardization, and skill-sets); 2) support for cloud and mobile forensics; 3) backing for and improvement of open-source tools 3) research on encryption, malware, and trail obfuscation; 4) revised laws (specific, up-to-date, and which protect user privacy); 5) better communication, especially between/with law enforcement (including establishing new frameworks to mitigate problematic communication); 6) more personnel and funding

Defining a Standard for Reporting Digital Evidence Items in Computer Forensic Tools

Due to the lack of standards in reporting digital evidence items, investigators are facing difficulties in efficiently presenting their findings. This paper proposes a standard for digital evidence to be used in reports that are generated using computer forensic software tools. The authors focused on developing a standard digital evidence items by surveying various digital forensic tools while keeping in mind the legal integrity of digital evidence items. Additionally, an online questionnaire was used to gain the opinion of knowledgeable and experienced stakeholders in the digital forensics domain. Based on the findings, the authors propose a standard for digital evidence items that includes data about the case, the evidence source, evidence item, and the chain of custody. Research results enabled the authors in creating a defined XML schema for digital evidence items

Digital Forensics Practices: A Road Map for Building Digital Forensics Capability

Identifying the needs for building and managing Digital Forensics Capability (DFC) are important because these can help organisations to stay abreast of criminal’s activities and challenging pace of technological advancement. The field of Digital Forensics (DF) is witnessing rapid development in investigation procedures, tools used, and the types of digital evidence. However, several research publications confirm that a unified standard for building and managing DF capability does not exit. Therefore, this thesis identifies, documents, and analyses existing DF frameworks and the attitudes of organisations for establishing the DF team, staffing and training, acquiring and employing effective tools in practice and establishing effective procedures. First, this thesis looks into the existing practices in the DF community for carrying out digital investigations and more importantly the precise steps taken for setting up the laboratories. Second, the thesis focuses on research data collected from organisations in the United Kingdom and the United Arab Emirates and based on this collection a framework has been developed to understand better the building and managing the capabilities of the DFOs (DFOs). This framework has been developed by applying Grounded Theory as a systematic and comprehensive qualitative methodology in the emerging field of DF research. This thesis, furthermore, provides a systematic guideline to describe the procedures and techniques of using grounded theory in DF research by applying three Grounded Theory coding methods (open, axial, and selective coding) which have been used in this thesis. Also the techniques presented in this thesis provide a thorough critique, making it a valuable contribution to the discussion of methods of analysis in the field of DF. Finally, the thesis proposes a framework in the form of an equation for analysing the capability of DFOs. The proposed framework, called the Digital Forensics Organisation Core Capability Framework, offers an explanation of the factors involved in establishing the capability for a digital forensics organisation. Also software was developed for applying the framework in real lif