•  
  •  
 

Abstract

The current state of digital forensic investigation is continuously challenged by the rapid technological changes, the increase in the use of digital devices (both the heterogeneity and the count), and the sheer volume of data that these devices could contain. Although data privacy protection is not a performance measure, however, preventing privacy violations during the digital forensic investigation, is also a big challenge. With a perception that the completeness of investigation and the data privacy preservation are incompatible with each other, the researchers have provided solutions to address the above-stated challenges that either focus on the effectiveness of the investigation process or the data privacy preservation. However, a comprehensive approach that preserves data privacy without affecting the capabilities of the investigator or the overall efficiency of the investigation process is still an open problem. In the current work, the authors have proposed a digital forensic framework that uses case information, case profile data and expert knowledge for automation of the digital forensic analysis process; utilizes machine learning for finding most relevant pieces of evidence; and maintains data privacy of non-evidential private files. All these operations are coordinated in a way that the overall efficiency of the digital forensic investigation process increases while the integrity and admissibility of the evidence remain intact. The framework improves validation which boosts transparency in the investigation process. The framework also achieves a higher level of accountability by securely logging the investigation steps. As the proposed solution introduces notable enhancements to the current investigative practices more like the next version of Digital Forensics, the authors have named the framework `Digital Forensics 2.0', or `DF 2.0' in short.

References

Abbott, J., Bell, J., Clark, A., De Vel, O., & Mohay, G. (2006). Automated recognition of event scenarios for digital forensics. In Proceedings of the 2006 acm symposium on applied computing (pp. 293-300).

Al Awadhi, I., Read, J. C., Marrington, A., & Franqueira, V. N. (2015). Factors in uencing digital forensic investigations: Empirical evaluation of 12 years of dubai police cases. The Journal of Digital Forensics, Security and Law: JDFSL, 10 (4), 7.

Aminnezhad, A., Dehghantanha, A., & Abdullah, M. T. (2012). A survey on privacy issues in digital forensics. International Journal of Cyber-Security and Digital Forensics (IJCSDF), 1 (4), 311-323.

Anderson, M. (2015, November). Smartphone, computer or tablet? 36% of americans own all three. http:// www.pewresearch.org/fact-tank/ 2015/11/25/device-ownership/. (Accessed: 2018-01-14)

Ayers, D. (2009). A second generation computer forensic analysis system. digital investigation, 6 , S34-S42.

Barik, M. S., Gupta, G., Sinha, S., Mishra, A., & Mazumdar, C. (2007). An effcient technique for enhancing forensic capabilities of ext2 file system. digital investigation, 4 , 55-61.

Carrier, B. D., Spafford, E. H., et al. (2005). Automated digital evidence target definition using outlier analysis and existing evidence. In Dfrws.

CFReDS. (acc. Mar'18). Hacking case. https://www.cfreds.nist.gov/ Hacking Case.html. (Accessed: 2018-02-03)

Croft, N. J., & Olivier, M. S. (2010). Sequenced release of privacy-accurate information in a forensic investigation. Digital Investigation, 7 (1), 95-101.

Dehghantanha, A., & Franke, K. (2014). Privacy-respecting digital investigation. In Privacy, security and trust (pst), 2014 twelfth annual international conference on (pp. 129-138).

Driscoll, S. K. (2014). I messed up bad: lessons on the confrontation clause from the annie dookhan scandal. Ariz. L. Rev., 56 , 707.

Facebook-Business. (2014, March). Finding simplicity in a multi-device world. https://www.facebook.com/ business/news/ Finding-simplicity-in-a-multi -device-world. (Accessed: 2018-01-14)

Facebook-IQ. (2016, February). The multidevice movement: Teens in france and germany. https:// www.facebook.com/iq/articles/ the-multidevice-movement-teens -in-france-and-germany/. (Accessed: 2018-01-14)

Fischer-Hubner, S. (2001). It-security and privacy: design and use of privacy-enhancing security mechanisms. Springer-Verlag.

Garfinkel, S. L. (2010). Digital forensics research: The next 10 years. digital investigation, 7 , S64-S73.

Garfinkel, S. L. (2015). The expanding world of digital forensics.

Guo, H., Jin, B., & Huang, D. (2011). Research and review on computer forensics. In Forensics in telecommunications, information, and multimedia (pp. 224-233). Springer.

Hou, S., Uehara, T., Yiu, S., Hui, L. C., & Chow, K. (2011b). Privacy preserving multiple keyword search for confidential investigation of remote forensics. In Multimedia information networking and security (mines), 2011 third international conference on (pp. 595-599).

Hou, S., Uehara, T., Yiu, S.-M., Hui, L. C., & Chow, K. (2011a). Privacy preserving confidential forensic investigation for shared or remote servers. In Intelligent information hiding and multimedia signal processing (iih-msp), 2011 seventh international conference on (pp. 378-383).

Inspectorate, G. S. (2015). Changing policing in ireland. November.

Karabiyik, U., & Aggarwal, S. (2014). Audit: Automated disk investigation toolkit. The Journal of Digital Forensics, Security and Law: JDFSL, 9 (2), 129.

Key, S. (acc. Mar'18). Flat file export. https://www.guidancesoftware .com/app/flat-file-export. (Accessed: 2018-03-10)

Law, F. Y., Chan, P. P., Yiu, S.-M., Chow, K.-P., Kwan, M. Y., Tse, H. K., & Lai, P. K. (2011). Protecting digital data privacy in computer forensic examination. In Systematic approaches to digital forensic engineering (sadfe), 2011 ieee sixth international workshop on (pp. 1-6).

Lillis, D., Becker, B., O'Sullivan, T., & Scanlon, M. (2016). Current challenges and future research areas for digital forensic investigation. arXiv preprint arXiv:1604.03850.

Neuner, S., Mulazzani, M., Schrittwieser, S., & Weippl, E. (2015). Gradually improving the forensic process. In Availability, reliability and security (ares), 2015 10th international conference on (pp. 404-410).

OECD. (2002). Oecd guidelines on the protection of privacy and transborder ows of personal data. OECD Publishing.

Oriwoh, E., Jazani, D., Epiphaniou, G., & Sant, P. (2013). Internet of things forensics: Challenges and approaches. In Collaborative computing: Networking, applications and worksharing (collaboratecom), 2013 9th international conference conference on (pp. 608-615).

Palmer, G., et al. (2001). A road map for digital forensic research. In First digital forensic research workshop, utica, new york (pp. 27-30).

Pew-Research. (2017). Mobile fact sheet [Blog]. Pew Research Center: Internet, Science & Tech(January 12). http://www.pewinternet.org/ fact-sheet/mobile/. (Accessed: 2018-01-14)

Pollitt, M. M. (2004). A brief history of computer forensics. Unpublished manuscript.

Quick, D., & Choo, K.-K. R. (2014). Impacts of increasing volume of digital forensic data: A survey and future research challenges. Digital Investigation, 11 (4), 273-294.

Richard III, G. G., & Roussev, V. (2006). Next-generation digital forensics. Communications of the ACM, 49 (2), 76-80.

Rogers, M. (1999). Psychology of computer criminals. In annual computer security institute conference, st. louis, missouri.

Rogers, M. K. (2011). The psyche of cybercriminals: A psycho-social perspective. In Cybercrimes: A multidisciplinary analysis (pp. 217{235). Springer.

Rogers, M. K., Seigfried, K., & Tidke, K. (2006). Self-reported computer criminal behavior: A psychological analysis. digital investigation, 3 , 116-120.

Scanlon, M. (2016). Battling the digital forensic backlog through data deduplication. arXiv preprint arXiv:1610.00248.

Seo, K., Lim, K., Choi, J., Chang, K., & Lee, S. (2009). Detecting similar files based on hash and statistical analysis for digital forensic investigation. In 2009 2nd international conference on computer science and its applications, csa 2009.

Shebaro, B., & Crandall, J. R. (2011). Privacy-preserving network ow recording. digital investigation, 8 , S90{S100.

Staden, W. v. (2013). Protecting third party privacy in digital forensic investigations. In Advances in digital forensics ix (pp. 19{31). Springer.

Van Baar, R., van Beek, H., & van Eijk, E. (2014). Digital forensics as a service: A game changer. Digital Investigation, 11 , S54{S62.

Verma, R., Govindaraj, J., & Gupta, G. (2014). Preserving dates and timestamps for incident handling in android smartphones. In Ifip international conference on digital forensics (pp. 209-225).

Verma, R., Govindaraj, J., & Gupta, G. (2016). Data privacy perceptions about digital forensic investigations in india. In Ifip international conference on digital forensics (pp. 25-45).

Verma, R., Gupta, A., Sarkar, A., & Gupta, G. (2012, December). Forensically important artifacts resulting from usage of cloud client services. Presented as a Case Study at 2012 Annual Computer Security Applications Conference, Orlando, Florida, USA. https://www.acsac.org/2012/ program/case/Gupta.pdf. (Accessed: 2018-01-14)

Share

COinS
 
 

To view the content in your browser, please download Adobe Reader or, alternately,
you may Download the file to your hard drive.

NOTE: The latest versions of Adobe Reader do not support viewing PDF files within Firefox on Mac OS and if you are using a modern (Intel) Mac, there is no official plugin for viewing PDF files within the browser window.