Spelling suggestions: "subject:" forensic""
11 |
The Effectiveness of Remote Wipe as a Valid Defense for Enterprises Implementing a BYOD PolicyUz, Ali January 2014 (has links)
In today’s work place where corporations allow employees to use their own smart phones to access their company’s network and sensitive data, it is essential to ensure the security of said data. When an employee smart phone is compromised, companies will rely on the remote wipe command that attempts to remove sensitive data.
In this thesis, we analyze the effectiveness of remote wipe commands on the Apple iPhone and Android model devices and demonstrate how data can be recovered following a remote wipe procedure. We conduct two experiments on each device to verify whether remote wipe is a viable defense mechanism or not. Furthermore, we touch on the subject of mobile forensics used by law enforcement and review methods and techniques used to recover data for use as evidence in criminal cases.
|
12 |
Automated identification of digital evidence across heterogeneous data resourcesMohammed, Hussam J. January 2018 (has links)
Digital forensics has become an increasingly important tool in the fight against cyber and computer-assisted crime. However, with an increasing range of technologies at people's disposal, investigators find themselves having to process and analyse many systems with large volumes of data (e.g., PCs, laptops, tablets, and smartphones) within a single case. Unfortunately, current digital forensic tools operate in an isolated manner, investigating systems and applications individually. The heterogeneity and volume of evidence place time constraints and a significant burden on investigators. Examples of heterogeneity include applications such as messaging (e.g., iMessenger, Viber, Snapchat, and WhatsApp), web browsers (e.g., Firefox and Google Chrome), and file systems (e.g., NTFS, FAT, and HFS). Being able to analyse and investigate evidence from across devices and applications in a universal and harmonized fashion would enable investigators to query all data at once. In addition, successfully prioritizing evidence and reducing the volume of data to be analysed reduces the time taken and cognitive load on the investigator. This thesis focuses on the examination and analysis phases of the digital investigation process. It explores the feasibility of dealing with big and heterogeneous data sources in order to correlate the evidence from across these evidential sources in an automated way. Therefore, a novel approach was developed to solve the heterogeneity issues of big data using three developed algorithms. The three algorithms include the harmonising, clustering, and automated identification of evidence (AIE) algorithms. The harmonisation algorithm seeks to provide an automated framework to merge similar datasets by characterising similar metadata categories and then harmonising them in a single dataset. This algorithm overcomes heterogeneity issues and makes the examination and analysis easier by analysing and investigating the evidential artefacts across devices and applications based on the categories to query data at once. Based on the merged datasets, the clustering algorithm is used to identify the evidential files and isolate the non-related files based on their metadata. Afterwards, the AIE algorithm tries to identify the cluster holding the largest number of evidential artefacts through searching based on two methods: criminal profiling activities and some information from the criminals themselves. Then, the related clusters are identified through timeline analysis and a search of associated artefacts of the files within the first cluster. A series of experiments using real-life forensic datasets were conducted to evaluate the algorithms across five different categories of datasets (i.e., messaging, graphical files, file system, internet history, and emails), each containing data from different applications across different devices. The results of the characterisation and harmonisation process show that the algorithm can merge all fields successfully, with the exception of some binary-based data found within the messaging datasets (contained within Viber and SMS). The error occurred because of a lack of information for the characterisation process to make a useful determination. However, on further analysis, it was found that the error had a minimal impact on subsequent merged data. The results of the clustering process and AIE algorithm showed the two algorithms can collaborate and identify more than 92% of evidential files.
|
13 |
Adult forensics education as a contributor to lifelong success : a grounded theory study /Embree, Eric. January 1900 (has links)
Thesis (Ph. D., Education)--University of Idaho, March 1, 2009. / Major professor: Roger L. Scott. Includes bibliographical references (leaves 190-198). Also available online (PDF file) by subscription or by purchasing the individual file.
|
14 |
Inner themes-outer behaviours : a multivariate facet model of U.S. serial murderers' crime scene actionsGodwin, Grover Maurice January 1998 (has links)
No description available.
|
15 |
A study of computer forensics from a cross-cultural perspective: Australia and TaiwanLin, Yi-Chi January 2008 (has links)
The rise in the number and variety of digital devices has changed all facets of society,from the way we work and communicate to how our lives are recorded. Computers, notebooks, networks, mobile phones, digital cameras and embedded devices are all readily available and it is difficult to imagine a person that does not own at least some of these. However, with this rise in the use of electronics, comes its potential misuse. Electronic devices have transformed how existing crimes may occur, and also have allowed for several new forms of illegal activity. However, given the global nature of the Internet, such crimes may take place over multiple jurisdictions and countries. Where the investigation into computer-based crime occurs between two or more countries, there is a need for the two teams to understand the legal and cultural differences between them. Whilst the legal differences are written, interpreted and can be made explicit, there is less knowledge on the cultural differences between two countries, working in an emerging scientific field. Literature not only shows that the applications of science are affected by culture, but also demonstrates that computer forensics is a subject within the field of science. This research seeks to answer the question: Does Culture have impacts on Applications of Computer Forensics? In order to seek the answer of this problem, at least two countries with different cultural backgrounds and customs will be examined. Specifically, this work will discuss Australia and Taiwan, as these countries are examples of distinctive cultural variations found in the Asia Pacific. Culture is difficult to directly measure, and this work utilises the Delphi survey technique and case study interviews of computer forensic professionals and experts in the field in both Australia and Taiwan as its primary source of data collection. Analysis of this data provides both a view of the field at large, provided by the Delphi survey results and more detailed knowledge from specific experts gathered from the interviews. Specifically, the Delphi survey has 40 questions in five dimensions (Current Situation, Policy and Organization, Education, Law, and Personal Preference and Skill), and the interview is comprised of 13 questions, each asking for more depth than the Delphi can provide. The outcomes of this research directly compare the Australian and Taiwanese cultures as they apply to the field of computer forensics. As such, the most tangible outcome is a framework for Australian and Taiwanese law enforcement, forensic science community, and the court. The suggestions for cross-cultural, cross-border and collaborative digital forensic investigations can be provided based on the discoveries of this research. This thesis essentially helps the mutual understanding between Australian and Taiwanese computer forensic investigators. The understanding is able to improve the chances of success of future cooperation between Australia and Taiwan.
|
16 |
Tvorba analytického nástroje ke zjišťování vazeb pro potřeby forenzních analýz ICT / Development of analytical tool for relation detection required in digital forensicsHOUŠKA, Jan January 2015 (has links)
The objective of this thesis is to design and implement an application, which will on the basis of outputs from selected forensic tools analyse and search for relations among individual participants in communication. The paper will first describe procedures of digital forensics and selected programs used for digital forensics. Following chapters will be dedicated to description of the whole development cycle of the application. The main outcome of the thesis will be a finished application meeting the requirements of the assignment and enabling not only search for relations based on outputs from forensic tools, but also search for additional possible relations from open sources.
|
17 |
Patterns of Fraud: Tools for Election ForensicsDeckert, Joseph 03 October 2013 (has links)
Election fraud is a serious problem in a number of modern democracies. While election observers can combat this problem to some extent, election forensics aims to provide a low-cost supplement. Forensic tools uncover irregular patterns in aggregate election data which are consistent with fraud. This dissertation improves upon existing tools and establishes methods of controlling for other factors which could cause irregular patterns. These tools are utilized in three cases studies in an effort to better understand the nature of election fraud.
|
18 |
Evaluation of Phadebas Forensic Press test paper as a source of biological material for immunochromatographic testing and DNA analysisDavidek, Nicole Marie 24 September 2015 (has links)
Saliva is commonly found at crime scenes and other biological fluids, such as semen, urine, blood, and fecal matter may be present alongside saliva on an article of clothing, such as underwear. Forensic testing is required to detect saliva in order to corroborate events related to a crime and to identify stains that can be used in DNA analysis. A cross-reactivity study was carried out to determine the specificity of the Phadebas® Forensic Press test for saliva stains. Whole blood, semen, urine, fecal matter, vaginal secretions, condoms, lubricants, vinegar, and PBS were all tested for reactivity with the Phadebas® paper. Only fecal matter and urine demonstrated cross-reactivity within the 60-minute test window.
As conservation of sample is a necessity in forensics, a study was carried out to determine if a cutting from Phadebas® paper performs similarly to a cutting from the original sample or stain in immunochromatographic testing with RSID^TM-Saliva. Testing of extracts from fabric cuttings allowed for detection of 1:100 dilutions of saliva, whereas only neat, 1:5 and 1:10 dilutions were able to be detected when using Phadebas® paper extracts. These samples were stained and examined under a microscope to determine if enough nucleated epithelial cells were present for STR analysis. Of the 81 fabric extracts examined, 15 were shown to reach the threshold where either a partial or full STR profile would be expected. In contrast, none of the Phadebas® extracts reached the threshold, indicating that a cutting from the original stain is a more reliable source for DNA analysis.
Overall, these results support that the Phadebas® Forensic Press test is useful for detecting latent and diluted saliva stains but should be considered a screening method only due to false positive results observed with urine and fecal matter. Furthermore, using Phadebas® Forensic Press test paper as a source of biological material for immunochromatography or DNA analysis is not as successful as using the stained substrate itself, and should be avoided whenever additional sample is available for direct testing.
|
19 |
VEHICLE AND MOBILE APPLICATIONS INTERACTION ANALYSIS: DIGITAL FORENSICS APPROACHQiyuan Li (12476838) 28 April 2022 (has links)
<p> </p>
<p>With the Internet of Things (IoT) development, vehicles have become an essential part of this data transmission network. In order to access the vehicle's status via personal mobile devices, an increasing number of car manufacturers have began to provide mobile applications; some third-party companies offer Bluetooth adaptors for the On-Board Diagnostics-II (OBD-II) port on vehicles made post-1996 in the United States. By connecting the smartphone and the vehicle with either of these methods, the mobile applications can retrieve detailed data and the history of the vehicle. This research aims to answer what forensically relevant artifacts can be recovered from the MB Companion, FIXD, and Nonda ZUS applications. The research methods include adapting the National Institute of Standards and Technology (NIST) forensics framework, generating mock user data, extracting user data, and conducting in-depth digital forensics analysis. The recovered geolocation data, the vehicle-related artifacts, the applications on different vehicle brands, and the applications on various device platforms are primarily examined in the research.</p>
|
20 |
Continued forensic development - investigation into current trends and proposed model for digital forensic practitionersVan Ramesdonk, Paul January 2016 (has links)
Continuous professional development has been looked at in many professions over the years, most notably in primary and secondary education and in the medical fields. With digital forensics being cast into the limelight due to the rapid advancements in technology, academic institutions have added courses to address the void created by the boom in the industry. Little research has been done to address the issues that have now become apparent concerning continued learning in this field. The purpose of this research was to investigate the kinds of frameworks and methods used in other professions, and how the practitioners themselves see career development, and to create a framework that could be used to keep abreast of developments in the field of digital forensics, be it changes in the law, case law, or changes in software.
The data analysis showed quite a number of continued learning approaches that could be employed in the digital/computer forensic fields to achieve the objective of keeping abreast of changes in the field. Some, understandably, are due to the nature of the discipline. As part of practitioners' current approach to continued learning, they rely heavily on knowledge sharing in the form of learning from other professionals, through self-study by reading books, articles and research conducted in the forensic field, the use of Information and Communications Technology (ICT) for education, and the use of Internet sources such as user forums, Facebook groups, and web-blogs. The majority of the respondents had received formal training in digital forensics, and of the total number of participants, only six percent had not been involved in any form of continued learning activities in the past five years.
When looking at the data obtained, and because there are no formal requirements to perform continued learning in the digital/computer forensic field, it becomes clear that individuals themselves need to be self-driven to keep up to date with changes in the field. As seen in studies focused on continued learning activities in other professions, the research shows that digital/computer forensic practitioners experience similar barriers to their own approaches to continued learning.
|
Page generated in 0.0746 seconds