Comparative analysis of digital artifact persistence between file format

As we know digital forensics is a scientific examination and analysis of data that when it held on, or where it is retrieved from so that the information collected can be used as evidence in a court of law. Nowadays, digital evidence are very useful to provide when case in court. The deleted file of document, audio or image can be recover back as digital artifact [1]. Therefore, it is very clear from the experience that digital artifact are important witnesses to care

Comparitive gait analysis for criminal investigation using leave bag behind technique

Biometrics has become a very important field of science because of several factors, the growing demand for security in various situations. Some types of biometric identification systems, such as the use of the retina is very accurate. But generally, in order for such a system to identify features that are available on the subject, the subject must enrol voluntarily in a central database to store data to confirm their identity. To identify selected a small group of people with special access privileges, the subject cannot positively identify anyone who is not registered in the system, they can also tell that they are, but not who they are

Comparisons of seam carving detection techniques for digital images

Nowadays, there are many mobile devices that come with a lot of sizes. The fast spread of technology allows users to experience using smartphones with different size of visual display screen. The different size of display screen of smartphones also gives a great challenge in resizing the image size to fit according to the display screen. As for that, there is a great technique called seam carving to modify an image’s proportions or sections in a way that respected to its content. Seam carving is an algorithm that is used for content aware image resizing

A review of digital forensics methods for JPEG file carving

Digital forensics is an important field of cybersecurity and digital crimes investigation. It entails applying file recovery methods to analyze data from storage media and extract hidden, deleted or overwritten files. The recovery process might have accompanied with cases of unallocated partitions of blocks or clusters and the absence of file system metadata. These cases entail advance recovery methods that have carving abilities. The file carving methods include different types of techniques to identify, validate and reassemble the file. This paper presents a comprehensive study of data recovery, file carving, and file reassembling. It focuses on identifying and recovering JPEG Images as it is a wildly covered in the literature. It classifies the carving techniques into three types: signature-, structure-, and content-based carvers. Subsequently, the paper reviews seven advanced carving methods in the literature. Finally, the paper presents a number of research gaps and conclude a number of possible improvements. Generally, both the gaps and possible improvements are associated with the fragmentation problem of data files

Comparative analysis of data wiping technique for android using EXT4 file system

Data wiping is a useful technique which can prevent possible data recovery in a file system [1]. All the data in the file system will be permanently deleted by using this technique. In a forensics field, data wiping is so important because it can avoid risking sensitive data falling into the wrong hands [2]. The key of data wiping is to overwrite original data with garbage data. Once the garbage data replaced the original data, all the information will lose forever. Mobile devices such as cellphone or smartphone have become a part of people’s daily lives. They are exposed to facilitating criminal activity or otherwise being involved when crimes occur [3]. Although, these mobile devices can contain personal information including call history, text messages, e-mails, images memos, contacts, and many more. These devices can be used to communicate, exchange image, connect to social networks, blog, take notes, record video and audio and much more .So, many information that we have in our mobile devices. Sometimes, certain important information we want to delete to avoid other people read it. But, most of the people that use smartphone did not know that the data still keep in the phone. By using data wiping the data or information will permanently delete. In July 2014, Avast (a famous security software vendor) claimed that they recovered an abundance of personal data from 20 used smartphones [1]. In order to prevent the possible recovery of sensitive data, it is necessary to clean files by a data wiping

Extreme learning machine classification of file clusters for evaluating content-based feature vectors

In the digital forensic investigation and missing data files retrieval in general, there is a challenge of recovering files that have missing system information. The recovery process entails applying a number of methods to determine the type, the contents and the structure of each data file clusters such as JPEG, DOC, ZIP or TXT. This paper studies the effects of three content-based features extraction methods in improving the classification of JPEG File clusters. The methods are Byte Frequency Distribution, Entropy, and Rate of Change. Consequently, an Extreme Learning Machine (ELM) neural network algorithm is used to evaluate the performance of the three methods in which it classifies the class label of the feature vectors to JPEG and Non-JPEG images for files in different file formats. The files are allocated in a continuous series of clusters. The ELM algorithm is applied to the DFRWS (2006) dataset and the results show that the combination of the three methods produces 93.46% classification accuracy

Mapping content management system features with knowledge sharing elements for creating online knowledge sharing model

The emerging of knowledge management promises a great impact towards organization’s productivity.The main idea is to enable knowledge sharing between knowledgeable staff while bringing the tacit knowledge into surface.However, the most challenging part in creating any portal is to design and develop the portal from sketch.Moreover, it acquires high expertise and cost; thus making it far from success.The arising of Content Management System (CMS) especially Open Source Software (OSS) provides alternative solution to cater with the mentioned drawbacks.The purpose of this paper is to propose a knowledge sharing model using CMS. The key activity in this research is to map the CMS features with knowledge sharing elements, by reviewing particular models.Significantly, the adoption of the proposed model in developing knowledge portal will decrease the design and development time, while using OSS can reduce the cost

Key generation technique based on triangular coordinate extraction for hybrid cubes

Cryptographic algorithms play an important role in information security where it ensures the security of data across the network or storage. The generation of Hybrid Cubes (HC) based on permutation and combination of integer numbers are utilized in the construction of encryption and decryption key in the non-binary block cipher. In this study, we extend the hybrid cube encryption algorithm (HiSea) and our earlier Triangular Coordinate Extraction (TCE) technique for HC by increasing the complexity in the mathematical approaches. We proposed a new key generation technique based on TCE for the security of data. In this regard, the Hybrid Cube surface (HCs) is divided into four quarters by the intersection of primary and secondary diagonal and each quarter is rotated by using the rotation points. The overall security of HC is improved by the rotation of HCs and enhanced the complexity in the design of key schedule algorithm. The brute force and entropy test are applied in experimental results which proved that the proposed technique is suitable for implementing a key generation technique and free from any predicted keys pattern

Key Generation Technique based on Triangular Coordinate Extraction for Hybrid Cubes

Cryptographic algorithms play an important role in information security where it ensures the security of data across the network or storage. The generation of Hybrid Cubes (HC) based on permutation and combination of integer numbers are utilized in the construction of encryption and decryption key in the non-binary block cipher. In this study, we extend the hybrid cube encryption algorithm (HiSea) and our earlier Triangular Coordinate Extraction (TCE) technique for HC by increasing the complexity in the mathematical approaches. We proposed a new key generation technique based on TCE for the security of data. In this regard, the Hybrid Cube surface (HCs) is divided into four quarters by the intersection of primary and secondary diagonal and each quarter is rotated by using the rotation points. The overall security of HC is improved by the rotation of HCs and enhanced the complexity in the design of key schedule algorithm. The brute force and entropy test are applied in experimental results which proved that the proposed technique is suitable for implementing a key generation technique and free from any predicted keys pattern

A Key Scheduling Algorithm Based on Dynamic Quasigroup String Transformation and All-Or-Nothing Key Derivation Function

Cryptographic ciphers depend on how quickly the key affects the output of the ciphers (ciphertext). Keys are traditionally generated from small size input (Seed) to a bigger size random key. Key scheduling algorithm (KSA) is the mechanism that generates and schedules all sub-keys for each round of encryption. Researches have suggested that sub-keys should be generated separately to avoid related-key attack. Similarly, the key space should be disproportionately large to resist any attack meant for secret keys. To archive that, some algorithms adopt the use of matrixes such as quasigroup, Hybrid cubes and substitution box (S-box) to generate the encryption keys. Quasigroup has other algebraic property called “Isotopism”, which literally means Different quasigroups that has the same order of elements but different arrangements. This paper proposed a Dynamic Key Scheduling Algorithm (KSA) using Isotope of a quasigroup as the dynamic substitution table. The proposed algorithm is a modification and upgrade to Allor-nothing Key Derivation Function (AKDF). To minimize the complexity of the algorithm, a method of generating Isotope from a non-associative quasigroup using one permutation is achieved. To validate the findings, non-associativity of the generated isotopes has been tested and the generated isotopes appeared to be non-associative. Furthermore, the proposed KSA algorithm will be validated using the Randomness test proposed and recommended by NIST, Avalanche and Correlation Assessment test