Forensic Science and Legal Medicine

Even if the terms “forensic sciences” and “legal medicine” seem to be synonymous, they could be defined as two sides of the same coin. It has been demonstrated that they are different components of the application of medical knowledge upon the legal system. Legal medicine has greater relevance to civil and tort law, impacting upon patient care, whereas forensic medicine relates to criminal law and damage to (or by) patients. This Special Issue, entitled “Forensic Science and Legal Medicine: A Multidisciplinary Puzzle!”, collected accurate and up-to-date scientific information on all aspects of this theme, publishing original investigations, case series and case reports, and reviews in all forensic and medico-legal branches

Acquisition and Forensic Analysis of Volatile Data Stores

The advent of more witted threats against typical computer systems demonstrates a need for forensic analysis of memory-resident data in addition to the conventional static analysis common today. Some tools are starting to become available to duplicate various types of volatile data stores. Once the data store has been duplicated, current forensic procedures have no vector for extrapolating further information from the duplicate. This thesis is focused on providing the groundwork for performing forensic investigations on the data that is typically stored in a volatile data store, such as system RAM, while creating as small an impact as possible to the state of a system. It is intended that this thesis will give insight to obtaining more post incident response information along with a smaller impact to potential evidence when compared to typical incident response procedures

A structured approach to malware detection and analysis in digital forensics investigation

A thesis submitted to the University of Bedfordshire in partial fulfilment of the requirement for the degree of PhDWithin the World Wide Web (WWW), malware is considered one of the most serious threats to system security with complex system issues caused by malware and spam. Networks and systems can be accessed and compromised by various types of malware, such as viruses, worms, Trojans, botnet and rootkits, which compromise systems through coordinated attacks. Malware often uses anti-forensic techniques to avoid detection and investigation. Moreover, the results of investigating such attacks are often ineffective and can create barriers for obtaining clear evidence due to the lack of sufficient tools and the immaturity of forensics methodology. This research addressed various complexities faced by investigators in the detection and analysis of malware. In this thesis, the author identified the need for a new approach towards malware detection that focuses on a robust framework, and proposed a solution based on an extensive literature review and market research analysis. The literature review focussed on the different trials and techniques in malware detection to identify the parameters for developing a solution design, while market research was carried out to understand the precise nature of the current problem. The author termed the new approaches and development of the new framework the triple-tier centralised online real-time environment (tri-CORE) malware analysis (TCMA). The tiers come from three distinctive phases of detection and analysis where the entire research pattern is divided into three different domains. The tiers are the malware acquisition function, detection and analysis, and the database operational function. This framework design will contribute to the field of computer forensics by making the investigative process more effective and efficient. By integrating a hybrid method for malware detection, associated limitations with both static and dynamic methods are eliminated. This aids forensics experts with carrying out quick, investigatory processes to detect the behaviour of the malware and its related elements. The proposed framework will help to ensure system confidentiality, integrity, availability and accountability. The current research also focussed on a prototype (artefact) that was developed in favour of a different approach in digital forensics and malware detection methods. As such, a new Toolkit was designed and implemented, which is based on a simple architectural structure and built from open source software that can help investigators develop the skills to critically respond to current cyber incidents and analyses

Educating the effective digital forensics practitioner: academic, professional, graduate and student perspectives

Over the years, digital forensics has become an important and sought-after profession where the gateway of training and education has developed vastly over the past decade. Many UK higher education (HE) institutions now deliver courses that prepare students for careers in digital forensics and, in most recent advances, cyber security. Skills shortages and external influences attributed within the field of cyber security, and its relationship as a discipline with digital forensics, has shifted the dynamic of UK higher education provisions. The implications of this now sees the route to becoming a digital forensic practitioner, be it in law enforcement or business, transform from on-the-job training to university educated, trained analysts. This thesis examined courses within HE and discovered that the delivery of these courses often overlooked areas such as mobile forensics, live data forensics, Linux and Mac knowledge. This research also considered current standards available across HE to understand whether educational programmes are delivering what is documented as relevant curriculum. Cyber security was found to be the central focus of these standards within inclusion of digital forensics, adding further to the debate and lack of distinctive nature of digital forensics as its own discipline. Few standards demonstrated how the topics, knowledge, skills and competences drawn were identified as relevant and effective for producing digital forensic practitioners. Additionally, this thesis analyses and discusses results from 201 participants across five stakeholder groups: graduates, professionals, academics, students and the public. These areas were selected due to being underdeveloped in existing literature and the crucial role they play in the cycle of producing effective practitioners. Analysis on stakeholder views, experiences and thoughts surrounding education and training offer unique insight, theoretical underpinnings and original contributions not seen in existing literature. For example, challenges, costs and initial issues with introducing graduates to employment for the employers and/or supervising practitioners, the lack of awareness and contextualisation on behalf of students and graduates towards what knowledge and skills they have learned and acquired on a course and its practical application on-the-job which often lead to suggestions of a lack of fundamental knowledge and skills. This is evidenced throughout the thesis, but examples include graduates: for their reflections on education based on their new on-the-job experiences and practices; professionals: for their job experiences and requirements, academics: for their educational practices and challenges; students: their initial expectations and views; and, the public: for their general understanding. This research uniquely captures these perspectives, bolstering the development of digital forensics as an academic discipline, along with the importance these diverse views play in the overall approach to delivering skilled practitioners. While the main contribution to knowledge within this thesis is its narrative focusing on the education of effective digital forensic practitioners and its major stakeholders, this thesis also makes additional contributions both academically and professionally; including the discussion, analysis and reflection of: - improvements for education and digital forensics topics for research and curriculum development; - where course offerings can be improved for institutions offering digital forensic degree programmes; - the need for further collaboration between industry and academia to provide students and graduates with greater understanding of the real-life role of a digital forensic practitioner and the expectations in employment; - continuous and unique challenges within both academia and the industry which digital forensics possess and the need for improved facilities and tool development to curate and share problem and scenario-based learning studies

ACUTA Journal of Telecommunications in Higher Education

In This Issue Disasters, Emergencies, and Residence Hall Communications GWU\u27s Safety Systems Built Around Telecommunications ln the Face of Disaster Advertorial: Contact 101 : Strategies for Emergency Notification University Approaches to Emergencies and Emergency Communication A Reasoned Response to Crisis Digital Forensics: What ls lt and Why Should I Care? Exploits, Guidelines, and Vulnerabilities: Protecting Digital Resources Classifying Events, lncidents and Disasters President\u27s Message From the Executive Director Here\u27s My Advic

ACUTA Journal of Telecommunications in Higher Education

In This Issue Disasters, Emergencies, and Residence Hall Communications GWU\u27s Safety Systems Built Around Telecommunications ln the Face of Disaster Advertorial: Contact 101 : Strategies for Emergency Notification University Approaches to Emergencies and Emergency Communication A Reasoned Response to Crisis Digital Forensics: What ls lt and Why Should I Care? Exploits, Guidelines, and Vulnerabilities: Protecting Digital Resources Classifying Events, lncidents and Disasters President\u27s Message From the Executive Director Here\u27s My Advic

Examining the interrelationship between the opioid epidemic, public health, and forensic science

The United States (U.S.) government has been attempting to combat the growing opioid epidemic ravaging the nation. The opioid epidemic has had a significant impact on public health and forensic science laboratories. Moreover, this epidemic has moderate to fatal health consequences for expectant mothers with substance use disorder and their child who may develop Neonatal Abstinence Syndrome (NAS), otherwise known as Neonatal Opioid Withdrawal Syndrome (NOWS). The objective of this thesis is to emphasize that further research is needed for the identification and quantification of opioids in human breast milk. This topic has public health implications such as discussing the information gaps as it relates to a highly vulnerable group, women, and infants, affected by the opioid epidemic. Furthermore, there are implications in forensic science connected to postmortem toxicology and pathology when determining the cause of death and contributing factors in pediatric cases. This emphasis on the need for greater research will be accomplished by highlighting the opioid epidemic, its impact and further understanding of the addictive drug class known as opioids. The history of the crisis, effects on society as well as pharmaceutical knowledge of opioids will assist in development of plans to suppress growth and provide care for the afflicted. Furthermore, this thesis will attempt to demonstrate the need for further research involving opioids will be of significant value for public health and forensic science. As the forensic laboratories and various medical facilities are at the forefront of the opioid epidemic, there is a need for more robust, validated, inexpensive, and fast drug detection methodologies. Increasing rates of new designer drugs, addiction, and opioid-related deaths has caused a backlog in the forensic laboratories due to the great number of cases. While, the higher instances of maternal substance use disorder (SUD)/ opioid use disorder (OUD) with parallel increases in cases of NAS incidences are a few of the issues that need to be managed by public health leaders. Additionally, this thesis will examine current methodologies for drug quantification of opioids in human breast milk. The valid methodologies developed as well as the findings by the few available studies allowed for the current recommendations related to the acceptability of mothers in MAT programs, using methadone and buprenorphine during pregnancy and postpartum, being able to breastfeed their infant. By examining these studies and the findings, standardization criteria for the development of study designs for new methodologies relating to drug determination in human breast milk could be developed. The establishment of standardization criteria and acknowledging information gaps in current knowledge will be significant as these findings could influence policies, guidelines and procedures relating to maternal SUD/OUD, NAS/NOWS, and pediatric death determination as well as postmortem toxicology

Compound-Specific Isotope Analysis of Amino Acids in Biological Tissues: Applications in Forensic Entomology, Food Authentication and Soft-Biometrics in Humans

In this work we demonstrate the power of compound-specific isotope analysis (CSIA) to analyze proteinaceous biological materials in three distinct forensic applications, including: 1) linking necrophagous blow flies in different life stages to their primary carrion diet; 2) identifying the harvesting area of oysters for food authentication purposes; and 3) the ability to predict biometric traits about humans from their hair. In the first application, we measured the amino-acid-level fractionation that occurs at each major life stage of Calliphora vicina (Robineau-Desvoidy) (Diptera: Calliphoridae) blow flies. Adult blow flies oviposited on raw pork muscle, beef muscle, or chicken liver. Larvae, pupae and adult blow flies from each carrion were selected for amino acid CSIA. Canonical discriminant analysis showed that flies were correctly classified to specific carrion types in 100% (original rules) and 96.8% (leave-one-out cross-validation [LOOCV]) of cases. Regarding life stages, we obtained 100% and 71% of correct classification in original rules and LOOCV, respectively. Most of the essential amino acids did not significantly change between life stages (at 95% CI). However, some non-essential (Ala, Ser, and Glu) and conditionally essential amino acids (Gly and Pro) were isotopically depleted in the adult stage. Except for the essential amino acids, the amino acids in larvae and pupae were enriched in 13C and adult blow flies were depleted in 13C relative to the carrion on which they fed. These results make it possible to exclude potential sources of carrion as larval food. In addition, amino-acid-specific IRMS could help inform entomologists whether a fly has just arrived from another location to feed on a corpse or has emerged from a pupa whose feedstock was the corpse. Regarding the source inference of oysters, we investigated the bulk, amino-acid compound-specific stable isotopes, cadmium and lead concentrations of the popular Eastern oyster, Crassostrea virginica. This species has been one of the most popular species for the oyster harvesting business in the United States, despite its claimed reduced availability due to excessive harvesting and some parasitic diseases. The results from specimens collected from different Gulf of Mexico bays were subjected to multivariate statistical analysis to assess whether we could predict the oysters’ harvest area. Our results indicate that the combination of trace elements and isotope ratios can predict geographic provenance of oysters with greater than 70% correct classification using LOOCV, which is superior to using only CSIA or only trace elements. The δ13C values of serine and glycine could also discriminate between two adjacent harvest areas within the same Apalachicola bay. One of these areas is fishable in the winter season and the other is fishable in the summer season, so the ability to differentiate oysters from these two areas is a valuable capability for the Florida Department of Agriculture, which is responsible for enforcement. The use of chemical signatures to identify harvest areas is a valuable tool to protect consumers from food fraud, food-borne diseases and to help regulatory agencies enforce harvesting regulations. Finally, we describe the use of amino-acid CSIA and amino acid quantitation of scalp hair of American individuals to predict soft biometrics in humans. We measured the isotope ratios and respective quantities of 13 amino acid peaks. Correlation analysis of the multivariate data provided the degree of correlation between essential and non-essential amino acids with factors such sex and age of the hair donors. The isotope ratios of each amino acid were first corrected for the extent of C4-based carbon in the diet to reveal relationships between metabolic or phenotypic factors and the isotope ratios of 13C in the amino acids in the hair shafts. Multivariate analysis revealed that the sex of a donor could be correctly predicted with cross-validated accuracies of 80% and 89% using the isotope ratios or quantities of amino acids, respectively. The continuous dependent variables of donor age and body mass index (BMI) were also predicted using the amino acid isotope ratios or quantities, but the predictions were not as reliable as for sex determination. Unexpectedly, the δ13C values of hair reflected the frequency of alcohol consumption in two groups of subjects