Amniotic fluid embolism pathophysiology suggests the new diagnostic armamentarium: β-tryptase and complement fractions C3-C4 are the indispensable working tools

Amniotic fluid embolism (AFE) is an uncommon obstetric condition involving pregnant women during labor or in the initial stages after delivery. Its incidence is estimated to be around 5.5 cases per 100,000 deliveries. Therefore, this paper investigated the pathophysiological mechanism, which underlies AFE, in order to evaluate the role of immune response in the development of this still enigmatic clinical entity. The following databases (from 1956 to September 2014) Medline, Cochrane Central, Scopus, Web of Science and Science Direct were used, searching the following key words: AFE, pathophysiology, immune/inflammatory response, complement and anaphylaxis. The main key word "AFE" was searched singularly and associated individually to each of the other keywords. Of the 146 sources found, only 19 were considered appropriate for the purpose of this paper. The clinical course is characterized by a rapid onset of symptoms, which include: acute hypotension and/or cardiac arrest, acute hypoxia (with dyspnoea, cyanosis and/or respiratory arrest), coagulopathies (disseminated intravascular coagulation and/or severe hemorrhage), coma and seizures. The pathology still determines a significant morbidity and mortality and potential permanent neurological sequelae for surviving patients. At this moment, numerous aspects involving the pathophysiology and clinical development are still not understood and several hypotheses have been formulated, in particular the possible role of anaphylaxis and complement. Moreover, the detection of serum tryptase and complement components and the evaluation of fetal antigens can explain several aspects of immune response

Forensic attribution challenges during forensic examinations of databases

An aspect of database forensics that has not yet received much attention in the academic research community is the attribution of actions performed in a database. When forensic attribution is performed for actions executed in computer systems, it is necessary to avoid incorrectly attributing actions to processes or actors. This is because the outcome of forensic attribution may be used to determine civil or criminal liability. Therefore, correctness is extremely important when attributing actions in computer systems, also when performing forensic attribution in databases. Any circumstances that can compromise the correctness of the attribution results need to be identified and addressed. This dissertation explores possible challenges when performing forensic attribution in databases. What can prevent the correct attribution of actions performed in a database? Thirst identified challenge is the database trigger, which has not yet been studied in the context of forensic examinations. Therefore, the dissertation investigates the impact of database triggers on forensic examinations by examining two sub questions. Firstly, could triggers due to their nature, combined with the way databases are forensically acquired and analysed, lead to the contamination of the data that is being analysed? Secondly, can the current attribution process correctly identify which party is responsible for which changes in a database where triggers are used to create and maintain data? The second identified challenge is the lack of access and audit information in NoSQL databases. The dissertation thus investigates how the availability of access control and logging features in databases impacts forensic attribution. The database triggers, as dened in the SQL standard, are studied together with a number of database trigger implementations. This is done in order to establish, which aspects of a database trigger may have an impact on digital forensic acquisition, analysis and interpretation. Forensic examinations of relational and NoSQL databases are evaluated to determine what challenges the presence of database triggers pose. A number of NoSQL databases are then studied to determine the availability of access control and logging features. This is done because these features leave valuable traces for the forensic attribution process. An algorithm is devised, which provides a simple test to determine if database triggers played any part in the generation or manipulation of data in a specific database object. If the test result is positive, the actions performed by the implicated triggers will have to be considered in a forensic examination. This dissertation identified a group of database triggers, classified as non-data triggers, which have the potential to contaminate the data in popular relational databases by inconspicuous operations, such as connection or shutdown. It also established that database triggers can influence the normal ow of data operations. This means what the original operation intended to do, and what actually happened, are not necessarily the same. Therefore, the attribution of these operations becomes problematic and incorrect deductions can be made. Accordingly, forensic processes need to be extended to include the handling and analysis of all database triggers. This enables safer acquisition and analysis of databases and more accurate attribution of actions performed in databases. This dissertation also established that popular NoSQL databases either lack sufficient access control and logging capabilities or do not enable them by default to support attribution to the same level as in relational databases.Dissertation (MSc)--University of Pretoria, 2018.Computer ScienceMScUnrestricte

The impact of triggers on forensic acquisition and analysis of databases

An aspect of database forensics that has not received much attention in the academic research community yet is the presence of database triggers. Database triggers and their implementations have not yet been thoroughly analysed to establish what possible impact they could have on digital forensic analysis methods and processes. This paper firstly attempts to establish if triggers could be used as an anti-forensic mechanism in databases to potentially disrupt or even thwart forensic investigations. Secondly, it explores if triggers could be used to manipulate ordinary database actions for nefarious purposes and at the same time implicate innocent parties. The database triggers as defined in the SQL standard were studied together with a number of database trigger implementations. This was done in order to establish what aspects of a trigger might have an impact on digital forensic analysis. It is demonstrated in this paper that certain database forensic acquisition and analysis methods are impacted by the possible presence of non-data triggers. This is specific to databases that provide non-data trigger implementations. Furthermore, it finds that the forensic interpretation and attribution processes should be extended to include the handling and analysis of all database triggers. This is necessary to enable a more accurate attribution of actions in all databases that provide any form of trigger implementations.“The Role of Triggers in Database Forensics”, by Werner Hauger and Martin Olivier which appeared in the Proceedings of Information Security South African (ISSA) 2014, Johannesburg, 13 & 14 August 2014.http://www.saiee.org.za/DirectoryDisplay/DirectoryCMSPages.aspx?name=Publications#id=1588&dirname=ARJ&dirid=337am2016Computer Scienc

Idiographic Digital Profiling: Behavioral Analysis Based On Digital Forensics

Idiographic digital profiling (IDP) is the application of behavioral analysis to the field of digital forensics. Previous work in this field takes a nomothetic approach to behavioral analysis by attempting to understand the aggregate behaviors of cybercriminals. This work is the first to take an idiographic approach by examining a particular subject\u27s digital footprints for immediate use in an ongoing investigation. IDP provides a framework for investigators to analyze digital behavioral evidence for the purposes of case planning, subject identification, lead generation, obtaining and executing warrants, and prosecuting offenders

Recent Changes in Drug Abuse Scenario: The Novel Psychoactive Substances (NPS) Phenomenon

copyright 2019 by the authors. Articles in this book are Open Access and distributed under the Creative Commons Attribution (CC BY) license, which allows users to download, copy and build upon published articles, as long as the author and publisher are properly credited, which ensures maximum dissemination and a wider impact of our publications. The book as a whole is distributed by MDPI under the terms and conditions of the Creative Commons license CC BY-NC-ND.Final Published versio

Auditing database systems through forensic analysis

The majority of sensitive and personal data is stored in a number of different Database Management Systems (DBMS). For example, Oracle is frequently used to store corporate data, MySQL serves as the back-end storage for many webstores, and SQLite stores personal data such as SMS messages or browser bookmarks. Consequently, the pervasive use of DBMSes has led to an increase in the rate at which they are exploited in cybercrimes. After a cybercrime occurs, investigators need forensic tools and methods to recreate a timeline of events and determine the extent of the security breach. When a breach involves a compromised system, these tools must make few assumptions about the system (e.g., corrupt storage, poorly configured logging, data tampering). Since DBMSes manage storage independent of the operating system, they require their own set of forensic tools. This dissertation presents 1) our database-agnostic forensic methods to examine DBMS contents from any evidence source (e.g., disk images or RAM snapshots) without using a live system and 2) applications of our forensic analysis methods to secure data. The foundation of this analysis is page carving, our novel database forensic method that we implemented as the tool DBCarver. We demonstrate that DBCarver is capable of reconstructing DBMS contents, including metadata and deleted data, from various types of digital evidence. Since DBMS storage is managed independently of the operating system, DBCarver can be used for new methods to securely delete data (i.e., data sanitization). In the event of suspected log tampering or direct modification to DBMS storage, DBCarver can be used to verify log integrity and discover storage inconsistencies