Rishal Ravikesh Chand,Neeraj Anand Sharma,Muhammad Ashad Kabir

2024-10-16

Abstract:As the use of web browsers continues to grow, the potential for cybercrime and web-related criminal activities also increases. Digital forensic investigators must understand how different browsers function and the critical areas to consider during web forensic analysis. Web forensics, a subfield of digital forensics, involves collecting and analyzing browser artifacts, such as browser history, search keywords, and downloads, which serve as potential evidence. While existing research has provided valuable insights, many studies focus on individual browsing modes or limited forensic scenarios, leaving gaps in understanding the full scope of data retention and recovery across different modes and browsers. This paper addresses these gaps by defining four browsing scenarios and critically analyzing browser artifacts across normal, private, and portable modes using various forensic tools. We define four browsing scenarios to perform a comprehensive evaluation of popular browsers -- Google Chrome, Mozilla Firefox, Brave, Tor, and Microsoft Edge -- by monitoring changes in key data storage areas such as cache files, cookies, browsing history, and local storage across different browsing modes. Overall, this paper contributes to a deeper understanding of browser forensic analysis and identifies key areas for enhancing privacy protection and forensic methodologies.

Cryptography and Security

Ahmed MohanRaj Alenezi

DOI: https://doi.org/10.48550/arXiv.2305.03059

2023-05-03

Cryptography and Security

Abstract:Digital forensics and cloud forensics are increasingly important fields that face a range of challenges. This study aims to assess the general challenges faced in these fields. A literature review was conducted to identify the major challenges in digital and cloud forensics, including data acquisition, data analysis, data preservation, privacy concerns, and legal issues. The challenges were analyzed in detail, considering the reasons why they are challenges, the impact they have on digital and cloud forensics, and any potential solutions. The study concludes that the challenges faced in digital and cloud forensics are significant and varied, and that addressing these challenges is critical for the effective and efficient use of digital and cloud forensics in investigations. This study provides a valuable overview of the current state of digital and cloud forensic challenges and can help guide future research in this important field.

Shams Zawoad,Ragib Hasan

DOI: https://doi.org/10.48550/arXiv.1302.6312

2013-02-26

Abstract:In recent years, cloud computing has become popular as a cost-effective and efficient computing paradigm. Unfortunately, today's cloud computing architectures are not designed for security and forensics. To date, very little research has been done to develop the theory and practice of cloud forensics. Many factors complicate forensic investigations in a cloud environment. First, the storage system is no longer local. Therefore, even with a subpoena, law enforcement agents cannot confiscate the suspect's computer and get access to the suspect's files. Second, each cloud server contains files from many users. Hence, it is not feasible to seize servers from a data center without violating the privacy of many other users. Third, even if the data belonging to a particular suspect is identified, separating it from other users' data is difficult. Moreover, other than the cloud provider's word, there is usually no evidence that links a given data file to a particular suspect. For such challenges, clouds cannot be used to store healthcare, business, or national security related data, which require audit and regulatory compliance. In this paper, we systematically examine the cloud forensics problem and explore the challenges and issues in cloud forensics. We then discuss existing research projects and finally, we highlight the open problems and future directions in cloud forensics research area. We posit that our systematic approach towards understanding the nature and challenges of cloud forensics will allow us to examine possible secure solution approaches, leading to increased trust on and adoption of cloud computing, especially in business, healthcare, and national security. This in turn will lead to lower cost and long-term benefit to our society as a whole.

Distributed, Parallel, and Cluster Computing,Cryptography and Security

Moses Ashawa,Ali Mansour,Jackie Riley,Jude Osamor,Nsikak Pius Owoh

DOI: https://doi.org/10.37256/ccds.5120233845

2023-12-25

Cloud Computing and Data Science

Abstract:The significance of the cloud environment is growing in the current digital world. It provides several advantages, such as reduced expenses, the ability to adjust to different needs, adaptability and enhanced cooperation. The field of digital forensic investigations has encountered substantial difficulties in reconciling the requirement for efficient data analysis with the increasing apprehensions regarding privacy in recent times. As investigators analyse digital evidence to unearth crucial information, they must also traverse an intricate network of privacy rules and regulations. Given the increasing prevalence of remote work and the necessity for businesses to be adaptable and quick to react to shifting market circumstances, the cloud infrastructure has become a crucial asset for organisations of various scales. Although the cloud offers benefits such as scalability, flexibility and enhanced collaboration, it presents difficulties in digital forensic investigations regarding data protection, ownership and jurisdictional boundaries. These concerns are becoming increasingly significant as more data is kept in the cloud. In this paper, we present three major challenges that are faced during cloud-based forensics investigation. We analyse the extent to which different data formats increase complexity in forensics investigations in cyberspace. This paper analyses three core challenges facing digital forensics in the cloud environment: legitimacy, complexity and an increase in data volume, looking at the implications these have on data liable for legal issues in court. These challenges contribute to the backlog in digital forensics investigations due to a lack of modularisation of the procedures. To address these concerns, modularisation model is proposed to offer a way to integrate traditional processing functions while ensuring strict adherence to privacy protocols. To overcome these challenges, we propose modularisation as a strategy for improving the future of digital forensic research's operational efficiency, overcoming the identified challenges faced during cloud-based investigations and demonstrating how organisations can mitigate potential risks associated with storing sensitive information in the cloud.

Ahmed MohanRaj Alenezi

2023-05-13

Abstract:Digital forensics in smart environments is an emerging field that deals with the investigation and analysis of digital evidence in smart devices and environments. As smart environments continue to evolve, digital forensic investigators face new challenges in retrieving, preserving, and analyzing digital evidence. At the same time, recent advancements in digital forensic tools and techniques offer promising solutions to overcome these challenges. In this survey, we examine recent advancements and challenges in digital forensics within smart environments. Specifically, we review the current state-of-the-art techniques and tools for digital forensics in smart environments and discuss their strengths and limitations. We also identify the major challenges that digital forensic investigators face in smart environments and propose potential solutions to overcome these challenges. Our survey provides a comprehensive overview of recent advancements and challenges in digital forensics in the age of smart environments, and aims to inform future research in this area.

Cryptography and Security

George Grispos,Tim Storer,William Bradley Glisson

DOI: https://doi.org/10.48550/arXiv.1410.2123

2014-10-08

Cryptography and Security

Abstract:Cloud computing is a rapidly evolving information technology (IT) phenomenon. Rather than procure, deploy and manage a physical IT infrastructure to host their software applications, organizations are increasingly deploying their infrastructure into remote, virtualized environments, often hosted and managed by third parties. This development has significant implications for digital forensic investigators, equipment vendors, law enforcement, as well as corporate compliance and audit departments (among others). Much of digital forensic practice assumes careful control and management of IT assets (particularly data storage) during the conduct of an investigation. This paper summarises the key aspects of cloud computing and analyses how established digital forensic procedures will be invalidated in this new environment. Several new research challenges addressing this changing context are also identified and discussed.

Jianwei Hou,Yuewei Li,Jingyang Yu,Wenchang Shi

DOI: https://doi.org/10.1109/JIOT.2019.2940713

IF: 10.6

2020-01-01

IEEE Internet of Things Journal

Abstract:Internet of Things (IoT) is increasingly permeating peoples' lives, gradually revolutionizing our way of life. Due to the tight connection between people and IoT, now civil and criminal investigations or internal probes must take IoT into account. From the forensic perspective, the IoT environment contains a rich set of artifacts that could benefit investigations, while the forensic investigation in IoT paradigm may have to alter to accommodate characteristics of IoT. Therefore, in this article, we analyze the impact of IoT on digital forensics and systematize the research efforts made by previous researchers from 2010 to 2018. We sketch the landscape of IoT forensics and examine the state of IoT forensics under a 3-D framework. The 3-D framework consists of a temporal dimension, a spatial dimension, and a technical dimension. The temporal dimension walks through the standard digital forensic process while the spatial dimension explores where to identify sources of evidence in IoT environment. These two dimensions attempt to provide principles and guidelines for standardizing digital investigations in the context of IoT. The technical dimension guides a way to the exploration of tools and techniques to ensure the enforcement of digital forensics in the ever-evolving IoT environment. Put together, we present a holistic overview of digital forensics in IoT. We also highlight open issues and outline promising suggestions to inspire future study.

Junwei Huang,Zhen Ling,Tao Xiang,Jie Wang,Xinwen Fu

DOI: https://doi.org/10.1109/icdcsw.2012.45

2012-01-01

Abstract:Academic researchers in digital forensics often lack backgrounds in related laws. This ignorance could make their research and development legally invalid, or with less relevance in practice. To better assist academic researchers, we discuss related laws that regulate the government's investigation and summarize different requirements of acquiring data and evidence in different crime scene investigations. We show that certain strategies (including attacks against security systems) would violate relevant laws, and so law enforcement cannot use them to collect data. We recommend that researchers focus on crime scene investigations that do not need Warrant/Court Order/Subpoena for trace back related network forensics. This would help make their research and development accepted more easily by law enforcement with a larger impact.

Yadong,Qing Li,Donghui,Weihao Hu,Yuqi,Zhun Fan,Xindong,Kan Wu

2014-01-01

Abstract:Cyber-crimes are growing rapidly,so it is important to obtain the digital evidence on the web page.Usually,people can examine the browser history on the client side and data files on the server side,but both of them have shortcomings in real criminal investigation.To overcome the weakness,this paper designs a web page forensic scheme to snapshot the pages from web servers with the help of web spider.Also,it designs several steps to improve the trustworthiness of these pages.All the pages will be dumped in local database which can be presented as reliable evidence on the court.

Mariam Nouh,Jason R. C. Nurse,Helena Webb,Michael Goldsmith,Jason R.C. Nurse

DOI: https://doi.org/10.48550/arXiv.1902.06961

IF: 6.4588

2019-02-19

Human-Computer Interaction

Abstract:Cybercrime investigators face numerous challenges when policing online crimes. Firstly, the methods and processes they use when dealing with traditional crimes do not necessarily apply in the cyber-world. Additionally, cyber criminals are usually technologically-aware and constantly adapting and developing new tools that allow them to stay ahead of law enforcement investigations. In order to provide adequate support for cybercrime investigators, there needs to be a better understanding of the challenges they face at both technical and socio-technical levels. In this paper, we investigate this problem through an analysis of current practices and workflows of investigators. We use interviews with experts from government and private sectors who investigate cybercrimes as our main data gathering process. From an analysis of the collected data, we identify several outstanding challenges faced by investigators. These pertain to practical, technical, and social issues such as systems availability, usability, and in computer-supported collaborative work. Importantly, we use our findings to highlight research areas where user-centric workflows and tools are desirable. We also define a set of recommendations that can aid in providing a better foundation for future research in the field and allow more effective combating of cybercrimes.

George R. S. Weir,Andreas Aßmuth,Nicholas Jäger

2024-05-10

Abstract:As organisations move away from locally hosted computer services toward Cloud platforms, there is a corresponding need to ensure the forensic integrity of such instances. The primary reasons for concern are (i) the locus of responsibility, and (ii) the associated risk of legal sanction and financial penalty. Building upon previously proposed techniques for intrusion monitoring, we highlight the multi-level interpretation problem, propose enhanced monitoring of Cloud-based systems at diverse operational and data storage level as a basis for review of historical change across the hosted system and afford scope to identify any data impact from hostile action or 'friendly fire'.

Distributed, Parallel, and Cluster Computing

Prof. Mallika Dwivedi,Prof. Pankaj Pali,Jaya Choubey,Abhishek Mishra,Himani Hedau

DOI: https://doi.org/10.15680/ijirset.2023.1205495

2023-11-25

Abstract:Cloud computing forensics has emerged as a critical field due to the widespread adoption of cloud services in various sectors. This comprehensive review aims to investigate the challenges and future directions in cloud computing forensics. The paper identifies key obstacles such as data volatility, multi-tenancy, and jurisdictional issues that hinder effective forensic investigations in cloud environments. It also explores current methodologies, tools, and frameworks used in cloud forensics, evaluating their strengths and limitations. Furthermore, the review highlights emerging trends and proposes potential research directions to address existing gaps. By synthesizing current knowledge and identifying future prospects, this paper seeks to provide a robust foundation for advancing cloud computing forensics, ensuring improved security and reliability in cloud services.

David Lillis,Brett Becker,Tadhg O'Sullivan,Mark Scanlon

DOI: https://doi.org/10.48550/arXiv.1604.03850

2016-04-13

Cryptography and Security

Abstract:Given the ever-increasing prevalence of technology in modern life, there is a corresponding increase in the likelihood of digital devices being pertinent to a criminal investigation or civil litigation. As a direct consequence, the number of investigations requiring digital forensic expertise is resulting in huge digital evidence backlogs being encountered by law enforcement agencies throughout the world. It can be anticipated that the number of cases requiring digital forensic analysis will greatly increase in the future. It is also likely that each case will require the analysis of an increasing number of devices including computers, smartphones, tablets, cloud-based services, Internet of Things devices, wearables, etc. The variety of new digital evidence sources pose new and challenging problems for the digital investigator from an identification, acquisition, storage and analysis perspective. This paper explores the current challenges contributing to the backlog in digital forensics from a technical standpoint and outlines a number of future research topics that could greatly contribute to a more efficient digital forensic process.

Dr. Oghene Augustine Onome,

DOI: https://doi.org/10.35940/ijese.g2552.0611723

2023-06-30

International Journal of Emerging Science and Engineering

Abstract:The field of computer forensics emerged in response to the substantial increase in computer-related crimes occurring annually. This rise in criminal activity can be attributed to the rapid expansion of the internet, which has provided perpetrators with increased opportunities for illicit actions. When a computer system is compromised and an intrusion is detected, it becomes crucial for a specialized forensics team to investigate the incident with the objective of identifying and tracing the responsible party. The outcome of such forensic efforts often leads to legal action being taken against those accountable for the wrongdoing. The methodology employed in computer forensics continually evolves alongside advancements in crime approaches, particularly as attackers leverage emerging technologies. To ensure the accuracy of forensic investigations, it is imperative that the scientific knowledge underlying the forensic process be complemented by the integration of technological tools. A plethora of hardware and software options are available to facilitate the analysis and interpretation of forensic data, thereby enhancing the efficiency and effectiveness of investigations. While the fundamental objectives of computer forensics primarily involve the seamless preservation, identification, extraction, documentation, and analysis of data, the widespread adoption of this discipline is contingent upon the law enforcement community's ability to keep pace with advancements in computing technology. Furthermore, the prevalence of diverse computer devices resulting from the emergence of microcomputer technology also plays a crucial role in shaping the field of computer forensics. This research paper aims to provide a comprehensive overview of computer forensics, encompassing advanced methodologies and detailing various technology tools that facilitate the forensic process. Specific areas of focus include the analysis of encrypted drives, disk analysis techniques, analysis toolkits, investigations involving volatile memory, and the examination of captured network packets. By exploring these aspects, this paper aims to contribute to the existing body of knowledge in the field of computer forensics and support practitioners in their pursuit of effective investigative techniques.

Muhammad Faheem,M-Tahar Kechadi,Nhien-An Le-Khac

DOI: https://doi.org/10.48550/arXiv.1611.09566

2016-11-29

Cryptography and Security

Abstract:Smartphones have become popular in recent days due to the accessibility of a wide range of applications. These sophisticated applications demand more computing resources in a resource constraint smartphone. Cloud computing is the motivating factor for the progress of these applications. The emerging mobile cloud computing introduces a new architecture to offload smartphone and utilize cloud computing technology to solve resource requirements. The popularity of mobile cloud computing is an opportunity for misuse and unlawful activities. Therefore, it is a challenging platform for digital forensic investigations due to the non-availability of methodologies, tools and techniques. The aim of this work is to analyze the forensic tools and methodologies for crime investigation in a mobile cloud platform as it poses challenges in proving the evidence. The advancement of forensic tools and methodologies are much slower than the current technology development in mobile cloud computing. Thus, forces the available tools, and techniques become increasingly obsolete. Therefore, it opens up the door for the new forensic tools and techniques to cope up with recent developments. Hence, this work presents a detailed survey of forensic methodology and corresponding issues in a mobile device, cloud environment, and mobile cloud applications. It mainly focuses on digital forensic issues related to mobile cloud applications and also analyze the scope, challenges and opportunities. Finally, this work reviewed the forensic procedures of two cloud storage services used for mobile cloud applications such as Dropbox and SkyDrive.

Yun Gao,Xiao Fu,Bin Luo

DOI: https://doi.org/10.3969/j.issn.1001-3695.2016.01.001

2016-01-01

Abstract:Cloud users can get a lot of computer resources and storage space at low cost.However,the security risks,such as the spreading of illegal information,sensitive data leakage,data tampering,are still crucial problem in cloud computing envi-ronment.Hence,the forensics of cloud computing crime becomes particular important.Firstly,this paper introduced the con-cept of cloud forensics and listed the technical and legal challenges in could forensics.Then it introduced researches by now in cloud forensics and presented analysis summary on current researches.Finally,it put forward opportunities of cloud forensics.

Abdulghani Ali Ahmed,Khalid Farhan,Waheb A Jabbar,Abdulaleem Al-Othmani,Abdullahi Gara Abdulrahman

DOI: https://doi.org/10.3390/s24165210

2024-08-12

Abstract:The Internet of Things forensics is a specialised field within digital forensics that focuses on the identification of security incidents, as well as the collection and analysis of evidence with the aim of preventing future attacks on IoT networks. IoT forensics differs from other digital forensic fields due to the unique characteristics of IoT devices, such as limited processing power and connectivity. Although numerous studies are available on IoT forensics, the field is rapidly evolving, and comprehensive surveys are needed to keep up with new developments, emerging threats, and evolving best practices. In this respect, this paper aims to review the state of the art in IoT forensics and discuss the challenges in current investigation techniques. A qualitative analysis of related reviews in the field of IoT forensics has been conducted, identifying key issues and assessing primary obstacles. Despite the variety of topics and approaches, common issues emerge. The majority of these issues are related to the collection and pre-processing of evidence because of the counter-analysis techniques and challenges associated with gathering data from devices and the cloud. Our analysis extends beyond technological problems; it further identifies the procedural problems with preparedness, reporting, and presentation as well as ethical issues. In particular, it provides insights into emerging threats and challenges in IoT forensics, increases awareness and understanding of the importance of IoT forensics in preventing cybercrimes, and ensures the security and privacy of IoT devices and networks. Our findings make a substantial contribution to the field of IoT forensics, as they not only involve a critical analysis of the challenges presented in existing works but also identify numerous problems. These insights will greatly assist researchers in identifying appropriate directions for their future research.

Samuel Opuni Boateng,

DOI: https://doi.org/10.22624/aims/crp-bk3-p54

2022-07-26

Abstract:Cloud computing is a relatively new concept that offers the potential to deliver scalable elastic services to many. The notion of pay-per use is attractive and in the current global recession hit economy it offers an economic solution to an organizations' IT needs. Computer forensics is a relatively new discipline born out of the increasing use of computing and digital storage devices in criminal acts (both traditional and hi-tech). In the last decade computer forensics has developed in terms of procedures, practices and tool support to serve the law enforcement community. However, it now faces possibly its greatest challenges in dealing with cloud computing. Through this paper we explore these challenges and suggest some possible solutions. Keywords: Forensic, Cybercrime, law Enforcement, Digital Universe, Cyberspace, Security BOOK Chapter ǀ Research Nexus in IT, Law, Cyber Security & Forensics. Open Access. Distributed Free Citation: Samuel Opuni Boateng (2022): Cloud Computing Forensic Challenges for Law Enforcement Book Chapter Series on Research Nexus in IT, Law, Cyber Security & Forensics. Pp 339-344 www.isteams.net/ITlawbookchapter2022. dx.doi.org/10.22624/AIMS/CRP-BK3-P54

Manuel Jesús Rivas Sández

DOI: https://doi.org/10.48550/arXiv.1508.01053

2015-08-05

Abstract:Cloud computing is a relatively new technology which is quickly becoming one of the most important technological advances for computer science. This technology has had a significant growth in recent years. It is now more affordable and cloud platforms are becoming more stable. Businesses are successfully migrating their systems to a cloud infrastructure, obtaining technological and economic benefits. However, others still remain reluctant to do it due to both security concerns and the loss of control over their infrastructures and data that the migration entails. At the same time that new technologies progress, its benefits appeal to criminals too. They can not only steal data from clouds, but they can also hide data in clouds, which has provoked an increased in the number of cybercrimes and their economic impacts. Their victims range from children and adults to companies and even countries. On the other hand, digital forensics have negatively suffered the impact of the boom of cloud computing due to its dynamic nature. The tools and procedures that were successfully proved and used in digital investigations are now becoming irrelevant, making it an urging necessity to develop new forensics capabilities for conducting an investigation in this new environment. As a consequence of these needs a new area has emerged, Cloud Forensics, which is the result of the intersection between cloud computing and digital forensics. Keywords: Cloud forensics, cloud computing, forensics investigation, forensic challenges.

Cryptography and Security,Computers and Society

Philgeun Jin,Namjun Kim,Sangjin Lee,Doowon Jeong

DOI: https://doi.org/10.1007/s10207-023-00745-4

2023-08-24

International Journal of Information Security

Abstract:The Dark Web is notorious for being a huge marketplace that promotes illegal products such as indecent images of children, drug, private data, and stolen financial data. To track criminals on the Dark Web, several challenges, arising from the Dark Web's nature, must be overcome. Dark websites frequently change domain names, so investigators find little evidence of criminals when using a common crawling method. Furthermore, disturbing material on the Dark Web threatens investigators' mental health and decreases the effectiveness of investigations. Above all, given the anonymity of the Dark Web, few clues remain to track criminals. To address these challenges, this article presents an advanced crawler to collect data considering the Dark Web ecosystem. Machine learning models that detect disturbing content are implemented to protect investigators' mental health. This article also describes tracking code and status module, pivotal clues that can strip the anonymity of perpetrators along with the cryptocurrency transactions studied in previous works. In this article, the current state of the Dark Web is introduced by analyzing 14,993 crawled dark websites. By presenting three case studies, it is proved that our proposed investigative methodology can identify operators of illegal dark websites by connecting dark websites with the corresponding surface websites.

computer science, information systems, theory & methods, software engineering