Global ETD Search

31	C’est ma collection mais c’est bien plus que ça : analyse des processus de collecte et de l’évolution des images dans les collections de pornographie juvénile Fortin, Francis 01 1900 (has links) No description available. pornographie juvénile collection informatique judiciaire aggravation gravité child pornography collection computer forensics aggravation severity
32	WhatsApp Forensics: Locating Artifacts in Web and Desktop Clients Nicolas Villacis Vukadinovic (6623858) 14 May 2019 (has links) WhatsApp is the most popular instant messaging application worldwide. Since 2016, users can send and receive messages through desktop clients, either through the WhatsApp desktop application or the web client accessible from supported web browsers. The author identified a gap in the literature in terms of WhatsApp forensics for desktop and web clients. The aim of the study was to locate forensic artifacts on WhatsApp clients. These clients included the desktop application on both Windows and Mac operating systems. Chrome and Firefox web clients were also analyzed for the Windows operating system, as well as Chrome and Safari web clients on the Mac operating system. A WhatsApp log file was identified as the main artifact providing information throughout all clients analyzed. Cached profile pictures were also found, as well as history information about visited websites and ran applications. Computer System Security WhatsApp web client desktop client artifacts windows mac chrome safari firefox edge digital forensics cyber forensics computer forensics forensics
33	Kartläggning av internetbaserad tunn klient Ek, Ida, Hornebrant, Erik January 2014 (has links) Då datorer i alla dess former har kommit att bära betydande mängder relevant information för diverse forensiska utredningar så krävs en ingående kunskap gällande hur denna data lämpligast infångas. En typ av klient som nyligen har gjort sitt kommersiella intåg på marknaden är den internetbaserade tunna klienten. Det existerar i dagsläget begränsat med underlag gällande huruvida en sådan klient bär information som är relevant för en IT-forensisk utredning. Inom denna uppsats har därför en internetbaserad tunn klient av typen Chromebook varit mål för undersökning. Syftet har varit att kartlägga vilka sårbarheter som existerar, samt om möjligt huruvida dessa kan brukas som underlag vid en forensisk utredning. För detta ändamål har klientens lagrings- samt kommunikationsmönster analyserats. För genomförandet av detta brukades experimentella metodiker i form av penetrationstest samt IT-forensisk undersökning. Det har även kartlagts huruvida programvaror avsedda för operativsystemet Linux kan exekveras på klienten. Ändamålet med detta var att fastställa om klientens volatila minne kan utvinnas med hjälp av verktyg för just Linux. Rapportens resultat påvisar att det inom en klient av denna typ finns forensiskt värdefull information att inhämta. Det påvisas även att Chrome OS från en användares perspektiv kan anses som säkert. / Computers in various forms have come to carry a significant amount of relevant information for various forensic investigations. Therefore, detailed knowledge is required regarding how this data is best acquired. One type of client that has recently made its entry onto the commercial market is the Web Thin Client. As it is today, only a limited amount of relevant information can be found regarding in what capacity such a client contains data that is relevant to an IT-forensic investigation. For this reason, a Web thin client of the model Google Chromebook has been evaluated in this paper. The purpose of this examination has been to identify the vulnerabilities that currently exist, and if possible whether these can be used as a basis for a forensic investigation. To achieve this, the client's storage and communication patterns have been analyzed by implementation of experimental methodologies. The methods used for the purpose are penetration testing and an IT forensic investigation. Tests have also been performed to evaluate whether software for the Linux operating system can be executed on the client. The purpose of this was to determine whether the client's volatile memory can be extracted using tools created for Linux. The results presented in this paper demonstrate the fact that within a client of this type, valuable forensic information can be located. It is also established that Chrome OS from a user's perspective can be considered as safe. Computer forensics Chrome OS Chromebook Web thin client Vulnerability Assessment Linux IT-forensik Chrome OS Chromebook Internetbaserad tunn klient Sårbarhetsanalys Linux Computer Systems Datorsystem Computer Engineering Datorteknik
34	Success factors and challenges in digital forensics for law enforcement : A Systematic Literature Review Cervantes, Milagros January 2021 (has links) Context: The widespread use of communication and digital technology in the society has affected the number of devices requiring analysis in criminal investigations. Additionally, the increase of storage volume, the diversity of digital devices, and the use of cloud environment introduce more complexities to the digital forensic domain. Objective: This work aims to supply a taxonomy of the main challenges and success factors faced in the digital forensic domain in law enforcement. Method: The chosen method for this research is a systematic literature review of studies with topics related to success factors and challenges in digital forensics for law enforcement. The candidate studies were 1,428 peer-reviewed scientific articles published between 2015 and 2021. Those studies were retrieved from five digital databases following a systematic process. From those candidate studies, twenty were selected as primary studies due to their relevance to the topic. After backward searching, eight other studies were also included in the group of primary studies. A total of twentyeight primary studies were analyzed by applying thematic coding. Furthermore, a survey of digital forensic practitioners from the Swedish Police was held to triangulate the results achieved with the systematic literature review. Digital forensics computer forensics success factors opportunities challenges issues law enforcement Information Systems, Social aspects
35	Towards Automation in Digital Investigations : Seeking Efficiency in Digital Forensics in Mobile and Cloud Environments Homem, Irvin January 2016 (has links) Cybercrime and related malicious activity in our increasingly digital world has become more prevalent and sophisticated, evading traditional security mechanisms. Digital forensics has been proposed to help investigate, understand and eventually mitigate such attacks. The practice of digital forensics, however, is still fraught with various challenges. Some of the most prominent of these challenges include the increasing amounts of data and the diversity of digital evidence sources appearing in digital investigations. Mobile devices and cloud infrastructures are an interesting specimen, as they inherently exhibit these challenging circumstances and are becoming more prevalent in digital investigations today. Additionally they embody further characteristics such as large volumes of data from multiple sources, dynamic sharing of resources, limited individual device capabilities and the presence of sensitive data. These combined set of circumstances make digital investigations in mobile and cloud environments particularly challenging. This is not aided by the fact that digital forensics today still involves manual, time consuming tasks within the processes of identifying evidence, performing evidence acquisition and correlating multiple diverse sources of evidence in the analysis phase. Furthermore, industry standard tools developed are largely evidence-oriented, have limited support for evidence integration and only automate certain precursory tasks, such as indexing and text searching. In this study, efficiency, in the form of reducing the time and human labour effort expended, is sought after in digital investigations in highly networked environments through the automation of certain activities in the digital forensic process. To this end requirements are outlined and an architecture designed for an automated system that performs digital forensics in highly networked mobile and cloud environments. Part of the remote evidence acquisition activity of this architecture is built and tested on several mobile devices in terms of speed and reliability. A method for integrating multiple diverse evidence sources in an automated manner, supporting correlation and automated reasoning is developed and tested. Finally the proposed architecture is reviewed and enhancements proposed in order to further automate the architecture by introducing decentralization particularly within the storage and processing functionality. This decentralization also improves machine to machine communication supporting several digital investigation processes enabled by the architecture through harnessing the properties of various peer-to-peer overlays. Remote evidence acquisition helps to improve the efficiency (time and effort involved) in digital investigations by removing the need for proximity to the evidence. Experiments show that a single TCP connection client-server paradigm does not offer the required scalability and reliability for remote evidence acquisition and that a multi-TCP connection paradigm is required. The automated integration, correlation and reasoning on multiple diverse evidence sources demonstrated in the experiments improves speed and reduces the human effort needed in the analysis phase by removing the need for time-consuming manual correlation. Finally, informed by published scientific literature, the proposed enhancements for further decentralizing the Live Evidence Information Aggregator (LEIA) architecture offer a platform for increased machine-to-machine communication thereby enabling automation and reducing the need for manual human intervention. Computer forensics network forensics mobile devices mobile forensics cloud computing semantic web hypervisors virtualization remote acquisition automation evidence analysis correlation P2P bittorrent Computer Sciences Datavetenskap (datalogi)
36	Developing a multidisciplinary digital forensic readiness model for evidentiary data handling Pooe, El Antonio 05 1900 (has links) There is a growing global recognition as to the importance of outlawing malicious computer related acts in a timely manner, yet few organisations have the legal and technical resources necessary to address the complexities of adapting criminal statutes to cyberspace. Literature reviewed in this study suggests that a coordinated, public-private partnership to produce a model approach can help reduce potential dangers arising from the inadvertent creation of cybercrime havens. It is against this backdrop that the study seeks to develop a digital forensic readiness model (DFRM) using a coordinated, multidisciplinary approach, involving both the public and private sectors, thus enabling organisations to reduce potential dangers arising from the inadvertent destruction and negating of evidentiary data which, in turn, results in the non-prosecution of digital crimes. The thesis makes use of 10 hypotheses to address the five research objectives, which are aimed at investigating the problem statement. This study constitutes qualitative research and adopts the post-modernist approach. The study begins by investigating each of the 10 hypotheses, utilising a systematic literature review and interviews, followed by a triangulation of findings in order to identify and explore common themes and strengthen grounded theory results. The output from the latter process is used as a theoretical foundation towards the development of a DFRM model which is then validated and verified against actual case law. Findings show that a multidisciplinary approach to digital forensic readiness can aid in preserving the integrity of evidentiary data within an organisation. The study identifies three key domains and their critical components. The research then demonstrates how the interdependencies between the domains and their respective components can enable organisations to identify and manage vulnerabilities which may contribute to the inadvertent destruction and negating of evidentiary data. The Multidisciplinary Digital Forensic Readiness Model (M-DiFoRe) provides a proactive approach to creating and improving organizational digital forensic readiness. This study contributes to the greater body of knowledge in digital forensics in that it reduces complexities associated with achieving digital forensic readiness and streamlines the handling of digital evidence within an organisation. / Information Science / Ph.D. (Information Systems) Digital forensics Forensic readiness Computer forensics Planning Investigation Risk management Evidence Cybercrime Multidisciplinary approach Triangulation Grounded theory Systematic literature review Qualitative research 005.87 Computer crimes Digital Forensic Science Computer security
37	Exploring the value of computer forensics in the investigation of procurement fraud Themeli, Aluwani Rufaroh 01 1900 (has links) The research problem for this study was that forensic investigators in the Forensic Services (FS) of the City of Tshwane (CoT) are unable to successfully deal with procurement fraud as a result of the lack of knowledge, skills and resources required to conduct computer forensics during the investigation of procurement fraud. This research was conducted to ascertain the value of computer forensics in the investigation of procurement fraud. Further, the study sought to determine how to improve the CoT forensic investigators’ knowledge and competence regarding the application of computer forensics in the investigation of procurement fraud. The purpose of this study was to explore the procedures that should be followed by CoT forensic investigators when conducting computer forensics during the investigation of procurement fraud. The research also aimed to discover new information, not previously known to the researcher, related to computer forensics during the investigation of procurement fraud by exploring national and international literature. In addition, the study explored existing practices so as to use this information to improve the current CoT procedure, within the confines of the legislative requirements. The overall purpose of this study is to provide practical recommendations for best practices, based on the results of the data analysis, which address the problem and enhance the investigative skills of CoT forensic investigators. The study established that it is imperative and compulsory to apply computer forensics in any procurement fraud investigation in order to efficiently track down cyber criminals and solve complicated and complex computer crimes. It was also established that forensic investigators within the FS in the CoT lack the necessary computer skills to optimally investigate procurement fraud. It is therefore recommended that CoT forensic investigators acquire the necessary skills and essential training in computer forensics in order to improve their knowledge and competence regarding the application and understanding of the value of computer forensics in the investigation of procurement fraud. / School of Criminal Justice / M.Tech. (Forensic Investigation) Forensic investigation Computer forensics Procurement fraud Computer investigation Red flags Computer evidence Network forensics Kickbacks Conflict of interest Bid rigging 363.2596309682275
38	Procedures for searching evidence in the investigation of computer-related crime in Bulawayo, Zimbabwe Ncube, Njabulo 11 1900 (has links) Text in English / The continued advancement in myriad technological, societal and legal issues has affected the investigation of computer aided crimes. The investigators are confronted with tremendous impediments as the computer aided and traditional crime scenes differ. The study sought to analyse the procedures for searching evidence in the investigation of computer-related crime with the intention to improve admissibility of such evidence. The researcher employed empirical design to reach conclusions based upon evidence collected from observations and real life experiences. This aided the researcher to obtain information through face-to-face interviews. The study was qualitative in approach as it consisted of a set of interpretive and material practices that make the real social world visible. The training curriculum for investigators should include aspects of computer-related crime investigation, search and seizure of computer evidence. Search and collection of computer-related evidence should be done preferably by qualified forensic experts, so that evidence is accepted in court. / Police Practice / M. Tech. (Forensic Investigation) Criminal Investigation Forensic Investigation Computer forensics Computer-related crime Search Search warrant Evidence Chain of evidence 363.25968096891
39	New and Emerging Mobile Apps Among Teens - Are Forensic Tools Keeping Up? Kelsey Billups (8800973) 06 May 2020 (has links) Mobile applications are an important but fast changing piece of the digital forensics’ world. For mobile forensics researchers and field analysts, it is hard to keep up with the pace of the ever-changing world of the newest and most popular applications teens are using. Mobile forensic tools are quickly becoming more and more supportive of new applications, but with how quickly apps are changing and new ones being released, it is still difficult for the tools to keep up. The research question for this project examines to what extent digital forensic tools support new and emerging applications seen recently in investigations involving teenagers? For this research, a survey was conducted asking digital forensic analysts, and others who investigate digital crimes, what applications they are coming across most frequently during investigations involving teens and whether those applications are being supported by forensic tools. The top three applications from the survey that were not supported by mobile forensic tools, Monkey, Houseparty, and Likee were populated onto a test device and then evaluated and analyzed to see what forensic artifacts were found in those applications. The mobile application artifacts were then compared on two different forensic tools to see which tool obtains the most forensic artifacts from the applications. Through the examination and analysis of the applications and data contained within the apps, it was determined that 61% of the populated forensic artifacts were recovered manually and only 45% were recovered by a forensic tool for the Monkey application. 100% of the populated forensic artifacts were recovered manually and only 29% were recovered by a forensic tool for the Houseparty application. 42% of the populated forensic artifacts were recovered manually and only 3% were recovered by a forensic tool for the Likee application. It was found that the extent of support from digital forensic tools for these types of applications depends greatly on how the application stores the artifacts, but the artifact extraction support was limited for all applications. This research benefits in helping researchers and analysts by understanding the data and artifacts contained within the applications, what forensic artifacts are recoverable, and where to find those important artifacts. This research can help in finding important evidence for future investigations.<br> Computer System Security Mobile Technologies cyber forensics Digital Forensics computer forensics Mobile Forensics mobile applications mobile app Social media use Android forensic toolkits
40	Digital bevisning : En definition Jacobsson, Emma, Andersson Wistad, Ebba January 2021 (has links) The digitalization of society has contributed to a more convenient lifestyle for the Swedishpopulation. Our everyday life includes digital technology that saves information about us and our actions from digital devices. Collected digital information can be admissible as evidence in a legal process. Despite the increase in crimes involving IT, Sweden seems to lack an official description for the concept of digital evidence. The purpose of this report is to propound two definitions: one for the general public and one more suitable for specific technical usage by people in the field. This report focuses on three different areas which together contribute to a holistic approach to gaining the basic knowledge and understanding of what digital evidence is. These areas include the value of digital evidence in a court decision, how anti-computer forensics can affect its extraction, and the legitimacy of digital evidence. To explore the various areas, employees within the police authority have answered questions based on their professional roles. The participants work as either investigators, preliminary investigation leaders, IT-computer forensic scientists, or prosecutors. The participants' answers have, together with literature, contributed to the definition of the concept of digital evidence and to the creation of a basic understanding of the subject of digital evidence. / Digitaliseringen av samhället har bidragit till en enklare vardag för den svenskabefolkningen. Denna vardag består till stor del av digital teknik som sparar information om oss och våra handlingar från digitala enheter. Insamlad digital information kan användas som bevismaterial i en rättsprocess. Trots den kraftfulla ökningen av IT-brott verkar Sverige sakna en officiell vedertagen beskrivning för begreppet digital bevisning. Arbetets syfte har varit att föreslå två definitioner; en för lekmän och en som lämpar sig för tekniskt kunniga. Arbetet fördjupar sig inom tre områden och bidrar därmed till ett helhetsperspektiv för att få en förståelse för vad digital bevisning är. Problemområdena innefattar den digitala bevisningens värde i ett domstolsbeslut, hur anti-forensik påverkar utvinningen och legitimiteten av digitala bevis. För att få en större förståelse för utmaningarna inom de angivna problemområdena har ett antal anställda inom polismyndigheten fått svara på frågor som riktar sig till deras arbetsuppgifter. Deltagarna som har blivit tillfrågade arbetar som utredare, förundersökningsledare, IT-forensiker och åklagare. Deltagarnas svar har tillsammans med tidigare forskning skapat utgångspunkten för att definiera begreppet digital bevisning och skapa en mera gedigen förståelse för digitala bevis. Digital evidence IT-forensic Anti-computer forensics Digital bevisning Digitala bevis Anti-forensik IT-forensik Law and Society Juridik och samhälle Information Systems, Social aspects

Search results