Digital Forensics, A Need for Credentials and Standards

The purpose of the conducted study was to explore the credentialing of digital forensic investigators, drawing from applicable literature. A qualitative, descriptive research design was adopted which entailed searching across Google Scholar and ProQuest databases for peer reviewed articles on the subject matter. The resulting scholarship was vetted for timeliness and relevance prior to identification of key ideas on credentialing. The findings of the study indicated that though credentialing was a major issue in digital forensics with an attentive audience of stakeholders, it had been largely overshadowed by the fundamental curricula problems in the discipline. A large portion of research and efforts were directed towards designing a clear and standardized framework for teaching digital forensics. While contending with an apparent scarcity of literature, it was apparent that state and federal governments were relatively passive in offering credentials to digital forensic investigators. This had been mostly left to private companies such as Mile2, EC-Council and ISC2, with the government providing some guidelines through the Department of Justice (DoJ) and affiliates like NIST, OSAC and NAS. The involvement of private credentialing in some cases had led to mis-trials and thus there has been a need to have a unified framework for collection, reporting, and submission of digital forensic evidence. It would be recommended that more efforts be directed towards credentialing including advocacy, funding and research and a national framework for teaching digital forensics to be developed together with a standard credentialing system. Additionally, the state and federal governments would need to step up and take active roles in the credentialing process

A Comparative Analysis of Forensic Methods Used on a Microsoft Surface Book

The research question being asked by this project is which tool is the most effective at dead forensics and which is the most effective at live forensics when working on time-sensitive cases that involve a Microsoft Surface Book? The Microsoft Surface series of products is an example of one of the new products containing a non-removable solid-state storage drive. These laptop computers are becoming very popular and offer something that most other tablets do not, a full size USB port capable of transferring data on and off the device. This port can allow connectivity of many different device and most simultaneously with the help of a hub. This port can finally allow investigators access to the internal storage of the device. Many techniques were attempted in order to recover data, however due to time constraints this project only tested a few open source techniques along with some commercially developed software. This project examined multiple tools, along with the knowledge and resources needed to perform data recovery. It was found that the Microsoft Surface Book has some form of encryption being utilized at all times even if the user has not enabled BitLocker. The only way this project was able to successfully recover data from the computer was by utilizing FTK Imager on a live system while logged into a profile. This new knowledge will help digital investigators to more effectively gather data both on-scene and in a lab environment

Digital Forensics and Cyber Crime: Fifth International Conference, ICDF2C 2013, Moscow, Russia, September 26-27, 2013, Revised Selected Papers

This book constitutes the thoroughly refereed post-conference proceedings of the 5th International ICST Conference on Digital Forensics and Cyber Crime, ICDF2C 2013, held in September 2013 in Moscow, Russia. The 16 revised full papers presented together with 2 extended abstracts and 1 poster paper were carefully reviewed and selected from 38 submissions. The papers cover diverse topics in the field of digital forensics and cybercrime, ranging from regulation of social networks to file carving, as well as technical issues, information warfare, cyber terrorism, critical infrastructure protection, standards, certification, accreditation, automation and digital forensics in the cloud.https://digitalcommons.newhaven.edu/electricalcomputerengineering-books/1002/thumbnail.jp

Cyber Humanitarian Interventions: The viability and ethics of using cyber-operations to disrupt perpetrators’ means and motivations for atrocities in the digital age

In the contemporary digital age, mass atrocity crimes are increasingly promoted and organised online. Yet, little attention has been afforded to the question of whether proactive cyberspace operations might be used for human protection purposes. Beginning with the framework of the Responsibility to Protect (R2P), this thesis asks: How might cyber-operations be used ethically to protect populations from mass atrocity crimes? To answer this question, I introduce the concept of ‘cyber humanitarian interventions’, and argue that such measures can be used to disrupt potential perpetrators’ means and motivations for atrocities. Specifically, I contend that cyber humanitarian interventions can be used to frustrate potential perpetrators’ communication channels, logistical supply chains, and funding, as well as to stymie potential perpetrators’ desire for violence via online, targeted, tailor-made campaigns based on their big data. These capabilities can be used in an ethically acceptable manner, and thus ought to be pursued prior to the resort to other more forceful measures to protect. Moreover, and perhaps more controversially, I argue that, in some circumstances, there is a qualified responsibility to deceive potential perpetrators – via online disinformation – in order to fulfil responsibilities to protect. This thesis seeks to make three key contributions. First, it contributes to extant literatures on R2P, atrocity prevention, and cyberspace by offering cyber humanitarian interventions as a hitherto neglected tool for human protection. Second, it furthers ethical debates on atrocity prevention by providing an in-depth analysis of how cyber humanitarian interventions can be deployed ethically. Third, it challenges prevailing conceptions of disinformation by arguing that that there is, in fact, a qualified responsibility to deceive potential perpetrators into not committing atrocities via online disinformation. In sum, this thesis aims to bring 21st century capabilities to bear on centuries-old crimes, and highlights cyber humanitarian interventions as a more peaceful, cost-effective, and politically palatable tool to protect vulnerable populations from mass atrocity crimes