Data anonymization using pseudonym system to preserve data privacy

Data collection and storage in a large size is done on a routine basis in any company or organization. To this end, wireless network infrastructure and cloud computing are two widely-used tools. With the use of such services, less time is needed to attain the required output, and also managing the jobs will be simpler for users. General services employ a unique identifier for the aim of storing data in a digital database. However, it may be associated with some limitations and challenges. There is a link between the unique identifier and the data holder, e.g., name, address, Identity card number, etc. Attackers can manipulate a unique identifier for stealing the whole data. To get the data needed, attackers may even eavesdrop or guess. It results in lack of data privacy protection. As a result, it is necessary to take into consideration the data privacy issues in any data digital data storage. With the use of current services, there is a high possibility of exposure and leak of data/information to an unauthorized party during their transfer process. In addition, attacks may take place against services; for instance spoofing attacks, forgery attacks, etc. in the course of information transaction. To address such risks, this paper suggests the use of a biometric authentication method by means of a palm vein during the authentication process. Furthermore, a pseudonym creation technique is adopted to make the database record anonymous, which can make sure the data is properly protected. This way, any unauthorized party cannot gain access to data/information. The proposed system can resolve the information leaked, the user true identity is never revealed to others

Database forensic investigation process models: a review

Database Forensic Investigation (DBFI) involves the identification, collection, preservation, reconstruction, analysis, and reporting of database incidents. However, it is a heterogeneous, complex, and ambiguous field due to the variety and multidimensional nature of database systems. A small number of DBFI process models have been proposed to solve specific database scenarios using different investigation processes, concepts, activities, and tasks as surveyed in this paper. Specifically, we reviewed 40 proposed DBFI process models for RDBMS in the literature to offer up- to-date and comprehensive background knowledge on existing DBFI process model research, their associated challenges, issues for newcomers, and potential solutions for addressing such issues. This paper highlights three common limitations of the DBFI domain, which are: 1) redundant and irrelevant investigation processes; 2) redundant and irrelevant investigation concepts and terminologies; and 3) a lack of unified models to manage, share, and reuse DBFI knowledge. Also, this paper suggests three solutions for the discovered limitations, which are: 1) propose generic DBFI process/model for the DBFI field; 2) develop a semantic metamodeling language to structure, manage, organize, share, and reuse DBFI knowledge; and 3) develop a repository to store and retrieve DBFI field knowledge

Quantifying the need for supervised machine learning in conducting live forensic analysis of emergent configurations (ECO) in IoT environments

© 2020 The Author(s) Machine learning has been shown as a promising approach to mine larger datasets, such as those that comprise data from a broad range of Internet of Things devices, across complex environment(s) to solve different problems. This paper surveys existing literature on the potential of using supervised classical machine learning techniques, such as K-Nearest Neigbour, Support Vector Machines, Naive Bayes and Random Forest algorithms, in performing live digital forensics for different IoT configurations. There are also a number of challenges associated with the use of machine learning techniques, as discussed in this paper

CDBFIP: Common Database Forensic Investigation Processes for Internet of Things

Database forensics is a domain that uses database content and metadata to reveal malicious activities on database systems in an Internet of Things environment. Although the concept of database forensics has been around for a while, the investigation of cybercrime activities and cyber breaches in an Internet of Things environment would benefit from the development of a common investigative standard that unifies the knowledge in the domain. Therefore, this paper proposes common database forensic investigation processes using a design science research approach. The proposed process comprises four phases, namely: 1) identification; 2) artefact collection; 3) artefact analysis; and 4) the documentation and presentation process. It allows the reconciliation of the concepts and terminologies of all common database forensic investigation processes; hence, it facilitates the sharing of knowledge on database forensic investigation among domain newcomers, users, and practitioners

Towards adapting metamodelling technique for database forensics investigation domain

Threats which come from database insiders or database outsiders have formed a big challenge to the protection of integrity and confidentiality in many database systems. To overcome this situation a new domain called a Database Forensic (DBF) has been introduced to specifically investigate these dynamic threats which have posed many problems in Database Management Systems (DBMS) of many organizations. DBF is a process to identify, collect, preserve, analyse, reconstruct and document all digital evidences caused by this challenge. However, until today, this domain is still lacks having a standard and generic knowledge base for its forensic investigation methods / tools due to many issues and challenges in its complex processes. Therefore, this paper will reveal an approach adapted from a software engineering domain called metamodelling which will unify these DBF complex knowledge processes into an artifact, a metamodel (DBF Metamodel). In future, the DBF Metamodel could benefit many DBF investigation users such as database investigators, stockholders, and other forensic teams in offering various possible solutions for their problem domain

Realising a Push Button Modality for Video-Based Forensics

Complexity and sophistication among multimedia-based tools have made it easy for perpetrators to conduct digital crimes such as counterfeiting, modification, and alteration without being detected. It may not be easy to verify the integrity of video content that, for example, has been manipulated digitally. To address this perennial investigative challenge, this paper proposes the integration of a forensically sound push button forensic modality (PBFM) model for the investigation of the MP4 video file format as a step towards automated video forensic investigation. An open-source multimedia forensic tool was developed based on the proposed PBFM model. A comprehensive evaluation of the efficiency of the tool against file alteration showed that the tool was capable of identifying falsified files, which satisfied the underlying assertion of the PBFM model. Furthermore, the outcome can be used as a complementary process for enhancing the evidence admissibility of MP4 video for forensic investigation.Validerad;2021;Nivå 2;2021-04-12 (alebob)</p

Research Challenges and Opportunities in Drone Forensics Models

The emergence of unmanned aerial vehicles (also referred to as drones) has transformed the digital landscape of surveillance and supply chain logistics, especially in terrains where such was previously deemed unattainable. Moreover, the adoption of drones has further led to the proliferation of diverse drone types and drone-related criminality, which has introduced a myriad of security and forensics-related concerns. As a step towards understanding the state-of-the-art research into these challenges and potential approaches to mitigation, this study provides a detailed review of existing digital forensic models using the Design Science Research method. The outcome of this study generated in-depth knowledge of the research challenges and opportunities through which an effective investigation can be carried out on drone-related incidents. Furthermore, a potential generic investigation model has been proposed. The findings presented in this study are essentially relevant to forensic researchers and practitioners towards a guided methodology for drone-related event investigation. Ultimately, it is important to mention that this study presents a background for the development of international standardization for drone forensics.Validerad;2021;Nivå 2;2021-06-28 (alebob)</p

Digital Forensics Subdomains : The State of the Art and Future Directions

For reliable digital evidence to be admitted in a court of law, it is important to apply scientifically proven digital forensic investigation techniques to corroborate a suspected security incident. Mainly, traditional digital forensics techniques focus on computer desktops and servers. However, recent advances in digital media and platforms have seen an increased need for the application of digital forensic investigation techniques to other subdomains. This includes mobile devices, databases, networks, cloud-based platforms, and the Internet of Things (IoT) at large. To assist forensic investigators to conduct investigations within these subdomains, academic researchers have attempted to develop several investigative processes. However, many of these processes are domain-specific or describe domain-specific investigative tools. Hence, in this paper, we hypothesize that the literature is saturated with ambiguities. To further synthesize this hypothesis, a digital forensic model-orientated Systematic Literature Review (SLR) within the digital forensic subdomains has been undertaken. The purpose of this SLR is to identify the different and heterogeneous practices that have emerged within the specific digital forensics subdomains. A key finding from this review is that there are process redundancies and a high degree of ambiguity among investigative processes in the various subdomains. As a way forward, this study proposes a high-level abstract metamodel, which combines the common investigation processes, activities, techniques, and tasks for digital forensics subdomains. Using the proposed solution, an investigator can effectively organize the knowledge process for digital investigation.open access</p

Categorization and organization of database forensic investigation processes

Database forensic investigation (DBFI) is an important area of research within digital forensics. It's importance is growing as digital data becomes more extensive and commonplace. The challenges associated with DBFI are numerous, and one of the challenges is the lack of a harmonized DBFI process for investigators to follow. In this paper, therefore, we conduct a survey of existing literature with the hope of understanding the body of work already accomplished. Furthermore, we build on the existing literature to present a harmonized DBFI process using design science research methodology. This harmonized DBFI process has been developed based on three key categories (i.e. planning, preparation and pre-response, acquisition and preservation, and analysis and reconstruction). Furthermore, the DBFI has been designed to avoid confusion or ambiguity, as well as providing practitioners with a systematic method of performing DBFI with a higher degree of certainty