Digital Forensics and Cyber Crime: Second International ICST Conference ICDF2C 2010 Abu Dhabi, United Arab Emirates, October 4-6, 2010 Revised Selected Papers

This book contains a selection of thoroughly refereed and revised papers from the Second International ICST Conference on Digital Forensics and Cyber Crime, ICDF2C 2010, held October 4-6, 2010 in Abu Dhabi, United Arab Emirates. The field of digital forensics is becoming increasingly important for law enforcement, network security, and information assurance. It is a multidisciplinary area that encompasses a number of fields, including law, computer science, finance, networking, data mining, and criminal justice. The 14 papers in this volume descibe the various applications of this technology and cover a wide range of topics including law enforcement, disaster recovery, accounting frauds, homeland security, and information warfare.https://digitalcommons.newhaven.edu/electricalcomputerengineering-books/1004/thumbnail.jp

A comparison of forensic toolkits and mass market data recovery applications

Digital forensic application suites are large, expensive, complex software products, offering a range of functions to assist in the investigation of digital artifacts. Several authors have raised concerns as to the reliability of evidence derived from these products. This is of particular concern, given that many forensic suites are closed source and therefore can only be subject to black box evaluation. In addition, many of the individual functions integrated into forensic suites are available as commercial stand-alone products, typically at a much lower cost, or even free. This paper reports research which compared (rather than individually evaluated) the data recovery function of two forensic suites and three stand alone `non-forensic' commercial applications. The research demonstrates that, for this function at least, the commercial data recovery tools provide comparable performance to that of the forensic software suites. In addition, the research demonstrates that there is some variation in results presented by all of the data recovery tools

Strengthening e-crime legislation in the UAE: learning lessons from the UK and the EU

The electronic revolution brought with it technological innovations that are now integral to communication, business, commerce and the workings of governments all over the world. It also significantly changed the criminal landscape. Globally it has been estimated that crime conducted via the internet (e-crime) costs more than €290 billion annually. Formulating a robust response to cybercrime in law is a top priority for many countries that presents ongoing challenges. New cybercrime trends and behaviours are constantly emerging, and debates surrounding legal provisions to deal with them by increasing online tracking and surveillance are frequently accompanied by concerns of the rights of citizens to freedom, privacy and confidentiality. This research compares the ways that three different legislative frameworks have been navigating these challenges. Specifically, it examines the legal strategies of the United Arab Emirates (UAE), the United Kingdom (UK) and the European Union (EU). The UAE is comparatively inexperienced in this area, its first law to address e-crime was adopted in 2006, sixteen years after the UK, and so the express purpose of this study is to investigate how e-crime legislation in the UAE can be strengthened. Drawing on a range of theoretical resources supplemented with empirical data, this research seeks to provide a comprehensive account of how key e-crime legislation has evolved in the UAE, the UK and the EU, and to evaluate how effective it has been in tackling cybercrime. Integral to this project is an analysis of some of the past and present controversies related to surveillance, data retention, data protection, privacy, non-disclosure and the public interest. An important corollary of this research is how e-crime legislation is not only aligned with political and economic aims, but when looking at the UAE, the discrete ways that legislation can be circumscribed by cultural, social and religious norms comes into focus

PRIORITISATION IN DIGITAL FORENSICS: A CASE STUDY OF ABU DHABI POLICE

The main goal of this research is to investigate prioritization process in digital forensics departments in law enforcement organizations. This research is motivated by the fact that case prioritisation plays crucial role to achieve efficient operations in digital forensics departments. Recent years have witnessed the widespread use of digital devices in every aspect of human life, around the globe. One of these aspects is crime. These devices have became an essential part of every investigation in almost all cases handled by police. The reason behind their importance lies in their ability to store huge amounts of data that can be utilized by investigators to solve cases under consideration. Thus, involving Digital Forensics departments, though often over-burdened and under-resourced, is becoming a compulsory to achieve successful investigations. Increasing the effectiveness of these departments requires improving their processes including case prioritisation. Existing literature focuses on prioritisation process within the context of crime scene triage. The main research problem in literature is prioritising existing digital devices found in crime scene in a way that leads to successful digital forensics. On the other hand, the research problem in this thesis focuses on prioritisation of cases rather than digital devices belonging to a specific case. Normally, Digital Forensics cases are prioritised based on several factors where influence of officers handling the case play one of the most important roles. Therefore, this research investigates how perception of different individuals in law enforcement organization may affect case prioritisation for the Digital Forensics department. To address this prioritisation problem, the research proposes the use of maturity models and machine learning. A questionnaire was developed and distributed among officers in Abu Dhabi Police. The main goal of this questionnaire is to measure perception regarding digital forensics among employees in Abu Dhabi police. Response of the subjects were divided into two sets. The first set represents responses of subjects who are experts in DF; while the other set includes the remaining subjects. Responses in the first set were averaged to produce a benchmark of the optimal questionnaire answers. Then, a reliability measure is proposed to summarize each subject’s perception. Data obtained from the reliability measurement were used in machine learning models, so that the process is automated. Results of data analysis confirmed the severity of problem where the proposed prioritisation process can be a very effective solution as seen in the results provided in this thesis