Zhengxing Huang,Wei Dong,Huilong Duan,Haomin Li

DOI: https://doi.org/10.1109/jbhi.2013.2274281

IF: 7.7

2014-01-01

IEEE Journal of Biomedical and Health Informatics

Abstract:Clinical pathways leave traces, described as event sequences with regard to a mixture of various latent treatment behaviors. Measuring similarities between patient traces can profitably be exploited further as a basis for providing insights into the pathways, and complementing existing techniques of clinical pathway analysis (CPA), which mainly focus on looking at aggregated data seen from an external perspective. Most existing methods measure similarities between patient traces via computing the relative distance between their event sequences. However, clinical pathways, as typical human-centered processes, always take place in an unstructured fashion, i.e., clinical events occur arbitrarily without a particular order. Bringing order in the chaos of clinical pathways may decline the accuracy of similarity measure between patient traces, and may distort the efficiency of further analysis tasks. In this paper, we present a behavioral topic analysis approach to measure similarities between patient traces. More specifically, a probabilistic graphical model, i.e., latent Dirichlet allocation (LDA), is employed to discover latent treatment behaviors of patient traces for clinical pathways such that similarities of pairwise patient traces can be measured based on their underlying behavioral topical features. The presented method provides a basis for further applications in CPA. In particular, three possible applications are introduced in this paper, i.e., patient trace retrieval, clustering, and anomaly detection. The proposed approach and the presented applications are evaluated via a real-world dataset of several specific clinical pathways collected from a Chinese hospital.

Céline Weyermann,Céline Vanini,Thomas Souvignet

DOI: https://doi.org/10.1016/j.forsciint.2024.112020

IF: 2.676

2024-04-11

Forensic Science International

Abstract:In this article, three main approaches to situate forensic traces in time were revisited under the prism of the Sydney Declaration and adapted to be applicable to a large range of physical and digital traces. The first approach is based on time tags which are time-based characteristics produced as the result of an activity at a specific time. They can either be directly related to time (i.e.,time stamps) or indirectly (i.e., time indicators). While relatively straightforward, time tags require scientific knowledge to be correctly interpreted and to account for the risks of desynchronisation, anomalies and manipulation. The second approach is based on time dynamics and aim at measuring changes that occur as a function of time, such as caesium pulsation (i.e., on which international atomic time is based) or body cooling after death (i.e., from which time since death can be inferred). However, time dynamics phenomena are generally also influenced by other case-specific factors (e.g., environmental factors), and thus more difficult to reliably implement in practice. Finally, the third approach relies on relative sequences, using information unrelated to time, such as relative positions or dynamics of traces at the scene. As each approach has its potential and limitations, a combination of traces from different (both material and digital) sources and approaches is recommended to answer time questions in practice (When? How long? In whichsuccession?) and enhance the reliability of the dating endeavours. It is strongly recommended to consider the principles of the Sydney Declaration when implementing or developing dating methods, as they point at potential issues that are often forgotten in forensic research and practice, such as uncertainties linked to the concept of trace, scene investigation, the asymmetry of time, the importance of context and the multiplicity of purposes. Future research should focus on improving the reliability of these dating approaches by combining and systematising their usage in investigative practice, as well as in broader intelligence processes.

medicine, legal

Qing Liu,Kerry Taylor,Xiang Zhao,Geoffrey Squire,Xuemin Lin,Corne Kloppers,Richard Miller

DOI: https://doi.org/10.1145/2463676.2465268

2013-01-01

Abstract:A process trace describes the processes taken in a workflow to generate a particular result. Given many process traces, each with a large amount of very low level information, it is a challenge to make process traces meaningful to different users. It is more challenging to compare two complex process traces generated by heterogenous systems and have different levels of granularity. We present CTrace, a system that (1) lets users explore the conceptual abstraction of large process traces with different levels of granularity, and (2) provides semantic comparison among traces in which both the structural and the semantic similarity are considered. The above functions are underpinned by a novel notion of multi-granularity process trace and efficient multi-granularity similarity comparison algorithms.

Johannes Gottwald,Ulrich Simmross

DOI: https://doi.org/10.1016/j.forc.2024.100584

IF: 2.7

2024-05-13

Forensic Chemistry

Abstract:Occasionally, trace evidence 1 -casework faces major challenges, as not only suitable analytical methods must be available for relevant technical products and their traces, but background information regarding market or manufacturing processes must also be collected. Furthermore, analytical and forensic benefit are supposed to go together, in certain cases even under great time pressure. Given the focus of forensic service providers on individual traces, trace evidence work areas may not always be well prepared, particularly for products for which there are no collection traditions. On the basis of three fictitious case studies, an approach based on division of labor is presented and its advantages and disadvantages are discussed.

chemistry, analytical

Agnieszka Kosińska,Marcella Mrózek,Marta Łopyta-Mirocha,Marcin Tomsia

DOI: https://doi.org/10.1016/j.jtemb.2024.127527

2024-09-11

Abstract:Background: Securing the evidence in various investigative situations is often associated with trace analysis, including fingerprints or blood groups. However, when classic and conventional methods fail, trace elements, such as copper, zinc, fluorine, and many others found in exceedingly insignificant amounts in organisms, may prove useful and effective. Methods: The presented work reviews articles published between 2003 and 2023, describing the use of trace elements and the analytical methods employed for their analysis in forensic medicine and related sciences. Results & conclusion: Trace elements can be valuable as traces collected at crime scenes and during corpse examination, aiding in determining characteristics like the sex or age of the deceased. Additionally, trace elements levels in the body can serve as alcohol or drug poisoning markers. In traumatology, trace elements enable the identification of various instruments and the injuries caused by their use.

Jiyoon Ham,Joshua I. James

DOI: https://doi.org/10.48550/arXiv.2001.00301

2020-01-02

Computers and Society

Abstract:Fundamental processes in digital forensic investigation, such as disk imaging, were developed when digital investigation was relatively young. As digital forensic processes and procedures matured, these fundamental tools, that are the pillars of the reset of the data processing and analysis phases of an investigation, largely stayed the same. This work is a study of modern digital forensic imaging software tools. Specifically, we will examine the feature sets of modern digital forensic imaging tools, as well as their development and release cycles to understand patterns of fundamental tool development. Based on this survey, we show the weakness in current digital investigation fundamental software development and maintenance over time. We also provide recommendations on how to improve fundamental tools.

Vladimir A. Meshcheryakov,Olesya Yu. Tsurluj,,

DOI: https://doi.org/10.37399/issn2072-909x.2022.si.162-171

2022-10-05

Rossijskoe pravosudie

Abstract:The development of technology entails changes in all areas of activity, including the investigation and disclosure of crimes. The use of digital technologies for the commission of crimes necessitates the use of similar technologies for their investigation. Virtual space as a crime scene forms a specific mechanism of trace formation by supplementing it with the laws of cybernetic space, namely electronic-digital mapping, virtual traces, new properties of emerging traces and features of the formation of a trace pattern. The specifics of the mechanism of formation of virtual traces necessitates the use of special methods of detection, seizure, research and use of this type of traces in order to investigate and solve crimes in the field of high technology. The authors analyzed the main stages of the formation of evidentiary information in the virtual space, which justifies the expediency of forming recommendations on the use of the capabilities of new information technologies and telecommunication systems in the investigation of crimes. The article discusses the mechanism of electronic digital display of the trace when committing a crime in cyberspace. The definition of a virtual footprint will make it possible to formulate technical recommendations for the detection, removal, preservation, research and use of this type of footprint for the purpose of investigating and solving crimes. At the same time, the concept of a virtual trace is inextricably linked with the traditional definition of criminal procedural categories of information, trace and evidence. In the interrelation of approaches developed by the science of criminology to understanding the mechanism of trace formation, taking into account the specifics of modern ways of committing crimes using digital technologies, it is possible to develop effective recommendations for the investigation and disclosure of crimes. In order to achieve the set goals, the authors analyzed the currently available opinions on the issues studied in this article.

Jean-Alexandre Patteet,Christophe Champod

DOI: https://doi.org/10.1016/j.forsciint.2024.111997

IF: 2.676

2024-03-20

Forensic Science International

Abstract:Forensic toolmark examiners have been comparing features observed in toolmarks to help determine their source for over a century. However, in the past decade, the holistic process of comparing toolmarks and presenting findings in court have faced intense scrutiny. This paper provides a summary of the voiced criticisms, primarily concerning the scientific reliability and validity of the comparison methods employed by examiners and the conclusions they testify to. The focus of this review is specifically on the examination of striated toolmarks. We assess the comparison methods and reporting practices currently in use, while also delving deeper into research aligned with current recommendations, such as PCAST (The President's Council of Advisors on Science and Technology). Throughout the review, we examine both the strengths and weaknesses of existing practices, aiming to assist practitioners in identifying key research needs and addressing the concerns raised by critics. By doing so, we seek to enhance the credibility and effectiveness of toolmark analysis in the field of forensic science.

medicine, legal

Qing Liu,Xiang Zhao,Kerry Taylor,Xuemin Lin,Geoffrey Squire,Corne Kloppers,Richard Miller

DOI: https://doi.org/10.1016/j.knosys.2013.07.009

IF: 8.139

2013-01-01

Knowledge-Based Systems

Abstract:A process trace describes the steps taken in a workflow to generate a particular result. Understanding a process trace is critical to be able to verify data, enable its re-use and to make appropriate decisions. Given many process traces, each with a large amount of very low level information, it is a challenge to make process traces meaningful to different users. It is more challenging to compare two complex process traces generated by heterogeneous systems and having different levels of granularity. In this paper, we present a novel notion of multi-granularity process trace that attempts to capture the conceptual abstraction of large process traces at different levels of granularity by leveraging ontology information. Based on this notion, graph matching based algorithms with semantic filtering are developed to efficiently and effectively compute the similarity between two process traces by considering both structural similarity and semantic similarity. Our experiment using both real world and synthetic datasets demonstrates that our techniques provide a practical approach for process trace similarity measurement.

Nikita Rana,Gunjan Sansanwal,Kiran Khatter,Sukhdev Singh

DOI: https://doi.org/10.48550/arXiv.1709.06529

2017-08-17

Abstract:In today's world of computers, any kind of information can be made available within few clicks for different endeavors. The information may be tampered by changing the statistical properties and can be further used for criminal activities. These days, Cyber crimes are happening at a very large scale, and possess big threats to the security of an individual, firm, industry and even to developed countries. To combat such crimes, law enforcement agencies and investment institutions are incorporating supportive examination policies, procedures and protocols to address the complete investigation process. The paper entails a detailed review of several cyber crimes followed by various digital forensics processes involved in the cyber crime investigation. Further various digital forensics tools with detail explanation are discussed with their advantages, disadvantages, challenges, and drawbacks. A comparison among all the selected tools is also presented. Finally the paper recommends the need of training programs for the first res ponder and judgement of signature based image authentication.

Computers and Society,Cryptography and Security

Quentin Milliet,Olivier Delémont,Pierre Margot

DOI: https://doi.org/10.1016/j.scijus.2014.07.001

Abstract:This article presents a global vision of images in forensic science. The proliferation of perspectives on the use of images throughout criminal investigations and the increasing demand for research on this topic seem to demand a forensic science-based analysis. In this study, the definitions of and concepts related to material traces are revisited and applied to images, and a structured approach is used to persuade the scientific community to extend and improve the use of images as traces in criminal investigations. Current research efforts focus on technical issues and evidence assessment. This article provides a sound foundation for rationalising and explaining the processes involved in the production of clues from trace images. For example, the mechanisms through which these visual traces become clues of presence or action are described. An extensive literature review of forensic image analysis emphasises the existing guidelines and knowledge available for answering investigative questions (who, what, where, when and how). However, complementary developments are still necessary to demystify many aspects of image analysis in forensic science, including how to review and select images or use them to reconstruct an event or assist intelligence efforts. The hypothetico-deductive reasoning pathway used to discover unknown elements of an event or crime can also help scientists understand the underlying processes involved in their decision making. An analysis of a single image in an investigative or probative context is used to demonstrate the highly informative potential of images as traces and/or clues. Research efforts should be directed toward formalising the extraction and combination of clues from images. An appropriate methodology is key to expanding the use of images in forensic science.

Oleg S. Kuchin,Yaroslava O. Kuchina,,

DOI: https://doi.org/10.18572/1813-1190-2021-2-20-29

2021-02-18

legal education and science

Abstract:Purpose. To compare and analyze the trend of appearance of the pseudo-term “digital criminology” in the science of criminology and prove that this is incorrect. Methodology: induction, deduction, synthesis, analysis, formal legal method, comparative legal method, logical method. Conclusions. The evolution of methods of committing crimes and instruments of crime does not always require the evolution of the science of criminology and the emergence of its varieties. You just have to assess the prospects of extrapolative ways and methods of proving the circumstances of the crimes in the era of digitalization of social relations, in terms of the provisions of modern criminal law and only criminal-legal research unit. The definition of “digital criminalistics”, which has recently appeared in science, actually misleads the scientific community with its novelty and originality, since such criminalistics in nature does not exist a priori. It is necessary to speak only about forensic or expert research of carriers of digital (electronic or computer) information. In criminalistics, it is logical to develop a new direction-the forensic study of electronic media of digital information and the use of computer expertise in establishing all the circumstances of the crime committed. And this is just a new section of forensic technology, studying a new subject of research for this naki. Here, the traditional forensic methodology should be applied, which will be aimed “atlinking” the electronic carrier of digital information and the digital information itself to a specific crime and to a specific person. Scientific and practical significance. The research is aimed at orienting forensic theory and practice towards the study of specific objects and contributes to the fact that all these studies are further applicable to the practice of crime investigation, and not only for theoretical purposes.

Oleg S. Kuchin,Yaroslava O. Kuchina,,

DOI: https://doi.org/10.18572/1813-1190-2021-3-25-33

2021-03-25

legal education and science

Abstract:Purpose. To compare and analyze the trend of appearance of the pseudo-term ‘digital criminology’ in the science of criminology and prove that this is incorrect. Methodology: induction, deduction, synthesis, analysis, formal legal method, comparative legal method, logical method. Conclusions. The evolution of methods of committing crimes and instruments of crime does not always require the evolution of the science of criminology and the emergence of its varieties. You just have to assess the prospects of extrapolative ways and methods of proving the circumstances of the crimes in the era of digitalization of social relations, in terms of the provisions of modern criminal law and only criminal-legal research unit. The definition of ‘digital criminalistics’, which has recently appeared in science, actually misleads the scientific community with its novelty and originality, since such criminalistics in nature does not exist a priori. It is necessary to speak only about forensic or expert research of carriers of digital (electronic or computer) information. In criminalistics, it is logical to develop a new direction-the forensic study of electronic media of digital information and the use of computer expertise in establishing all the circumstances of the crime committed. And this is just a new section of forensic technology, studying a new subject of research for this naki. Here, the traditional forensic methodology should be applied, which will be aimed ‘atlinking’ the electronic carrier of digital information and the digital information itself to a specific crime and to a specific person. Scientific and practical significance. The research is aimed at orienting forensic theory and practice towards the study of specific objects and contributes to the fact that all these studies are further applicable to the practice of crime investigation, and not only for theoretical purposes.

Yuchen Wang,Zhongyuan Ji

DOI: https://doi.org/10.1155/2022/9524190

2022-07-15

Abstract:Trace inspection is a key technology for collecting crime scenes in the criminal investigation department. A lot of information can be obtained by restoring and analyzing the remaining traces on the scene. However, with the development of digital technology, digital trace inspection has become more and more popular. So, the main research of this article is the design and realization of the trace inspection system based on hyperspectral imaging technology. This article proposes nondestructive testing technology in hyperspectral imaging technology. Combining basic principles of spectroscopy and the image of residual traces such as car tires, shoe soles, and blood stains, it can identify the key traces. Then, based on the image denoising and least squares support vector machine method, this study improves the accuracy and restoration of the image. Therefore, this study designs a test for the trace inspection system for testing hyperspectral imaging technology. The test items include the performance of the trace inspection system, the noise reduction of the trace inspection system, and the ability of the trace inspection system to inspect blood stains. The final collected data are improved to get the trace inspection system based on hyperspectral imaging technology proposed in this study. Compared with the traditional trace inspection system, the experimental results show that the trace inspection system based on hyperspectral imaging technology can improve the accuracy by 5%-28%, compared with the traditional trace inspection system. The image restoration degree of the hyperspectral imaging technology trace inspection system can be improved by 1%-19%, compared with the traditional trace inspection system.

Nina OLINDER,Alexey TSVETKOV,Konstantin FEDYAKIN,Kristina ZABURDAEVA

DOI: https://doi.org/10.24234/wisdom.v16i3.403

2020-12-28

wisdom

Abstract:The aim of the study is to clarify the concept of the digital footprint in jurisprudence and social sciences and determine its meaning for interdisciplinary research. The subject of this work is the analysis of the concepts of “digital footprint”, “digital reputation”, “digital image of a person”. The article notes that special machine techniques are required to process digital traces. The ways of storage, transmission and use of digital traces are considered. The research identified the main problems of using digital information in public relations. Digital traces can be used in various studies in the humanities, social sciences: sociology, law, economics, psychology using interdisciplinary research methods. The result of the study was the conclusion that digital information does not always mean a digital footprint. Digital information will have a digital footprint only when it is transferred from one user to another in an online environment, uploaded to a social network, etc. (in the case when it is possible to "trace" its movement). Thus, the "digital footprint" is the ability of information recorded in digital form, to leave special "marks" on the route from subscriber to subscriber, the ability to track such marks, receive information about its movement and transformation in order to collect, process and analyze these data.

Frank CRISPINO

DOI: https://doi.org/10.1016/j.forsciint.2024.111968

IF: 2.676

2024-02-16

Forensic Science International

Abstract:For years, forensic science has been criticized for its lack of scientific foundations, explaining its methodological drawbacks. Notwithstanding recommendations to upgrade quality management and counter cognitive biases, the ontology of the trace and the very nature of forensic science amplified by its decision context is rarely invoked as sources of inescapable errors. Understanding what (forensic) science is could even reconcile the prescriptive approach and the descriptive cognitive reality, through an unexplored pathway, Peirce's semiotics. The implementation of a semiotic line of arguments could concur to the transparency of scientific opinions for security and justice purposes, with rich potentialities in sight.

medicine, legal

Graeme Horsman

DOI: https://doi.org/10.1111/1556-4029.15524

2024-04-21

Journal of Forensic Sciences

Abstract:Ground truth data (GTD) is used by those in the field of digital forensics (DF) for a variety of purposes including to evaluate the functionality of undocumented, new, or emerging technology and services and the digital traces left behind following their usage. Most accepted and reliable trace interpretations must be derived from an examination of relevant GTD, yet despite the importance of it to the DF community, there is little formal guidance available for supporting those who create it, to do so in a way that ensures any data is of good quality, reliable, and therefore usable. In an attempt to address this issue, this work proposes a minimum standard of documentation that must accompany the production of any GTD, particularly when it is intended for use in the process of discovering new knowledge, proposing original interpretations of a digital trace, or determining the functionality of any technology or service. A template structure is discussed and provided in Appendix S1 which sets out a minimum standard for metadata describing any GTD's production process and content. It is suggested that such an approach can support the maintenance of trust in any GTD and improve the shareability of it.

medicine, legal

Fahad M Ghabban,Ibrahim Alfadli,Omair Ameerbakhsh,Amer Nizar AbuAli,Arafat Al-Dhaqm,Mahmoud Ahmad Al-Khasawneh

DOI: https://doi.org/10.48550/arXiv.2108.05579

2021-08-12

Abstract:Network Forensics (NFs) is a branch of digital forensics which used to detect and capture potential digital crimes over computer networked environments crime. Network Forensic Tools (NFTs) and Network Forensic Processes (NFPs) have abilities to examine networks, collect all normal and abnormal traffic/data, help in network incident analysis, and assist in creating an appropriate incident detection and reaction and also create a forensic hypothesis that can be used in a court of law. Also, it assists in examining the internal incidents and exploitation of assets, attack goals, executes threat evaluation, also by evaluating network performance. According to existing literature, there exist quite a number of NFTs and NTPs that are used for identification, collection, reconstruction, and analysing the chain of incidents that happen on networks. However, they were vary and differ in their roles and functionalities. The main objective of this paper, therefore, is to assess and see the distinction that exist between Network Forensic Tools (NFTs) and Network Forensic Processes (NFPs). Precisely, this paper focuses on comparing among four famous NFTs: Xplico, OmniPeek, NetDetector, and NetIetercept. The outputs of this paper show that the Xplico tool has abilities to identify, collect, reconstruct, and analyse the chain of incidents that happen on networks than other NF tools.

Cryptography and Security

J I Thornton

Abstract:Color is used extensively in forensic science for the characterization and comparison of physical evidence, and should thus be well understood. Fundamental elements of color perception and color comparison systems are first reviewed. The second portion of this article discusses instances in which defects in color perception may occur, and the recognition of opportunities by means of which color perception and color discrimination may be expressed and enhanced. Application and limitations of color comparisons in forensic science, including soil, paint, and fibers comparisons and color tests, are reviewed.

Owen Mayer,Matthew C. Stamm

DOI: https://doi.org/10.1109/TIFS.2019.2924552

2019-07-20

Abstract:In this paper we introduce a new digital image forensics approach called forensic similarity, which determines whether two image patches contain the same forensic trace or different forensic traces. One benefit of this approach is that prior knowledge, e.g. training samples, of a forensic trace are not required to make a forensic similarity decision on it in the future. To do this, we propose a two part deep-learning system composed of a CNN-based feature extractor and a three-layer neural network, called the similarity network. This system maps pairs of image patches to a score indicating whether they contain the same or different forensic traces. We evaluated system accuracy of determining whether two image patches were 1) captured by the same or different camera model, 2) manipulated by the same or different editing operation, and 3) manipulated by the same or different manipulation parameter, given a particular editing operation. Experiments demonstrate applicability to a variety of forensic traces, and importantly show efficacy on "unknown" forensic traces that were not used to train the system. Experiments also show that the proposed system significantly improves upon prior art, reducing error rates by more than half. Furthermore, we demonstrated the utility of the forensic similarity approach in two practical applications: forgery detection and localization, and database consistency verification.

Computer Vision and Pattern Recognition,Image and Video Processing