NDLTD Global ETD Search
  • Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 44
  • 8
  • 5
  • 2
  • 2
  • Tagged with
  • 119
  • 119
  • 56
  • 36
  • 33
  • 27
  • 27
  • 23
  • 18
  • 17
  • 16
  • 16
  • 13
  • 13
  • 13
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.

Search results

Showing 21 to 30 of 119 (0.077 seconds)

Spelling suggestions: "subject:"digital forensic""

21

Proactive System for Digital Forensic Investigation

Alharbi, Soltan Abed 07 April 2014 (has links)
Digital Forensics (DF) is defined as the ensemble of methods, tools and techniques used to collect, preserve and analyse digital data originating from any type of digital media involved in an incident with the purpose of extracting valid evidence for a court of law. DF investigations are usually performed as a response to a digital crime and, as such, they are termed Reactive Digital Forensic (RDF). An RDF investigation takes the traditional (or post-mortem) approach of investigating digital crimes after incidents have occurred. This involves identifying, preserving, collecting, analyzing, and generating the final report. Although RDF investigations are effective, they are faced with many challenges, especially when dealing with anti-forensic incidents, volatile data and event reconstruction. To tackle these challenges, Proactive Digital Forensic (PDF) is required. By being proactive, DF is prepared for incidents. In fact, the PDF investigation has the ability to proactively collect data, preserve it, detect suspicious events, analyze evidence and report an incident as it occurs. This dissertation focuses on the detection and analysis phase of the proactive investigation system, as it is the most expensive phase of the system. In addition, theories behind such systems will be discussed. Finally, implementation of the whole proactive system will be tested on a botnet use case (Zeus). / Graduate / 0984 / 0537 / soltanalharbi@hotmail.com
Digital Forensics
Reactive Digital Forensic
Proactive Digital Forensic
22

Proactive System for Digital Forensic Investigation

Alharbi, Soltan Abed 07 April 2014 (has links)
Digital Forensics (DF) is defined as the ensemble of methods, tools and techniques used to collect, preserve and analyse digital data originating from any type of digital media involved in an incident with the purpose of extracting valid evidence for a court of law. DF investigations are usually performed as a response to a digital crime and, as such, they are termed Reactive Digital Forensic (RDF). An RDF investigation takes the traditional (or post-mortem) approach of investigating digital crimes after incidents have occurred. This involves identifying, preserving, collecting, analyzing, and generating the final report. Although RDF investigations are effective, they are faced with many challenges, especially when dealing with anti-forensic incidents, volatile data and event reconstruction. To tackle these challenges, Proactive Digital Forensic (PDF) is required. By being proactive, DF is prepared for incidents. In fact, the PDF investigation has the ability to proactively collect data, preserve it, detect suspicious events, analyze evidence and report an incident as it occurs. This dissertation focuses on the detection and analysis phase of the proactive investigation system, as it is the most expensive phase of the system. In addition, theories behind such systems will be discussed. Finally, implementation of the whole proactive system will be tested on a botnet use case (Zeus). / Graduate / 0984 / 0537 / soltanalharbi@hotmail.com
Digital Forensics
Reactive Digital Forensic
Proactive Digital Forensic
23

A Framework for Extended Acquisition and Uniform Representation of Forensic Email Evidence

January 2013 (has links)
abstract: The digital forensics community has neglected email forensics as a process, despite the fact that email remains an important tool in the commission of crime. Current forensic practices focus mostly on that of disk forensics, while email forensics is left as an analysis task stemming from that practice. As there is no well-defined process to be used for email forensics the comprehensiveness, extensibility of tools, uniformity of evidence, usefulness in collaborative/distributed environments, and consistency of investigations are hindered. At present, there exists little support for discovering, acquiring, and representing web-based email, despite its widespread use. To remedy this, a systematic process which includes discovering, acquiring, and representing web-based email for email forensics which is integrated into the normal forensic analysis workflow, and which accommodates the distinct characteristics of email evidence will be presented. This process focuses on detecting the presence of non-obvious artifacts related to email accounts, retrieving the data from the service provider, and representing email in a well-structured format based on existing standards. As a result, developers and organizations can collaboratively create and use analysis tools that can analyze email evidence from any source in the same fashion and the examiner can access additional data relevant to their forensic cases. Following, an extensible framework implementing this novel process-driven approach has been implemented in an attempt to address the problems of comprehensiveness, extensibility, uniformity, collaboration/distribution, and consistency within forensic investigations involving email evidence. / Dissertation/Thesis / M.S. Computer Science 2013
Computer science
Acquisition
Digital forensics
Email
Evidence Representation
24

Data visualisation in digital forensics

Fei, B.K.L. (Bennie Kar Leung) 07 March 2007 (has links)
As digital crimes have risen, so has the need for digital forensics. Numerous state-of-the-art tools have been developed to assist digital investigators conduct proper investigations into digital crimes. However, digital investigations are becoming increasingly complex and time consuming due to the amount of data involved, and digital investigators can find themselves unable to conduct them in an appropriately efficient and effective manner. This situation has prompted the need for new tools capable of handling such large, complex investigations. Data mining is one such potential tool. It is still relatively unexplored from a digital forensics perspective, but the purpose of data mining is to discover new knowledge from data where the dimensionality, complexity or volume of data is prohibitively large for manual analysis. This study assesses the self-organising map (SOM), a neural network model and data mining technique that could potentially offer tremendous benefits to digital forensics. The focus of this study is to demonstrate how the SOM can help digital investigators to make better decisions and conduct the forensic analysis process more efficiently and effectively during a digital investigation. The SOM’s visualisation capabilities can not only be used to reveal interesting patterns, but can also serve as a platform for further, interactive analysis. / Dissertation (MSc (Computer Science))--University of Pretoria, 2007. / Computer Science / unrestricted
Visualisation
Analysis
Digital forensics
Digital investigation
Self-organising map
UCTD
25

The development of an open-source forensics platform

Koen, Renico 17 February 2009 (has links)
The rate at which technology evolves by far outpaces the rate at which methods are developed to prevent and prosecute digital crime. This unfortunate situation may potentially allow computer criminals to commit crimes using technologies for which no proper forensic investigative technique currently exists. Such a scenario would ultimately allow criminals to go free due to the lack of evidence to prove their guilt. A solution to this problem would be for law enforcement agencies and governments to invest in the research and development of forensic technologies in an attempt to keep pace with the development of digital technologies. Such an investment could potentially allow new forensic techniques to be developed and released more frequently, thus matching the appearance of new computing devices on the market. A key element in improving the situation is to produce more research results, utilizing less resources, and by performing research more efficiently. This can be achieved by improving the process used to conduct forensic research. One of the problem areas in research and development is the development of prototypes to prove a concept or to test a hypothesis. An in-depth understanding of the extremely technical aspects of operating systems, such as file system structures and memory management, is required to allow forensic researchers to develop prototypes to prove their theories and techniques. The development of such prototypes is an extremely challenging task. It is complicated by the presence of minute details that, if ignored, may have a negative impact on the accuracy of results produced. If some of the complexities experienced in the development of prototypes could simply be removed from the equation, researchers may be able to produce more and better results with less effort, and thus ultimately speed up the forensic research process. This dissertation describes the development of a platform that facilitates the rapid development of forensic prototypes, thus allowing researchers to produce such prototypes utilizing less time and fewer resources. The purpose of the platform is to provide a set of rich features which are likely to be required by developers performing research prototyping. The proposed platform contributes to the development of prototypes using fewer resources and at a faster pace. The development of the platform, as well as various considerations that helped to shape its architecture and design, are the focus points of this dissertation. Topics such as digital forensic investigations, open-source software development, and the development of the proposed forensic platform are discussed. Another purpose of this dissertation is to serve as a proof-of-concept for the developed platform. The development of a selection of forensics prototypes, as well as the results obtained, are also discussed. Copyright / Dissertation (MSc)--University of Pretoria, 2009. / Computer Science / unrestricted
Open-source
Reco platform
Digital forensics
Close-source
UCTD
26

Digital Forensics in Second Life

Rakitianskaia, A.S. (Anastassia Sergeevna) January 2015 (has links)
Computers and the internet have become an integral part of our lives. People have grown accustomed to feeling constantly connected to the outside world, and in the past couple of decades online social networks and three-dimensional online virtual worlds have gained great popularity. In addition to social connections, virtual worlds (such as Second Life, a popular virtual world) offer their users opportunities for both work and play, and let them take part in things that might have been impossible in real life. However, the human factor plays a big role in the formation of the virtual community. The feeling of false anonymity online might lead to a feeling of freedom from any laws that govern the real world, and possibly facilitate offensive behaviour. The problem addressed by this study is the need to determine whether digital forensic techniques can be applied to an incident inside the Second Life environment (i.e. offensive behaviour between avatars, while logged in to Second Life), as well as to find possible sources of evidence accessible via the standard Second Life viewer. The former also requires a classification of various offenses committed in Second Life, in order to determine which actions are to be regarded as offences, and whether these actions occur inside or outside of the Second Life environment. In this dissertation the author’s own classification of various real-life offences is provided, together with a mapping of these offences to their alternatives in Second Life. Second Life is analysed and explored from a forensic perspective. A new digital forensic process model, derived from various existing models in the literature, has been developed by the author for this study. The model is designed to accommodate for the specifics of a virtual world environment. An exploratory experiment has been undertaken by the author in order to investigate how inexperienced users perceived Second Life, as well as how they reacted to attacks from other users, to identify the possible sources of evidence, and suggest possible digital forensic techniques based on the gathered data. / Dissertation (MSc)--University of Pretoria, 2015. / Computer Science / MSc / Unrestricted
Computer Security
Digital forensics
Forensic process
Virtual words
UCTD
27

A Forensic Analysis of Microsoft Teams

Herschel R Bowling (11218029) 02 August 2021 (has links)
Digital forensic investigators have a duty to understand the relevant components of the cases that they work. However, with the constant evolution of technologies, and the release of new platforms and programs, it is impossible for an investigator to be familiar with every application they encounter. It can also be difficult to know how forensic tools handle certain applications. This is why forensic researchers study and document new and emerging technologies, platforms, and applications, so that investigators have resources to utilize whenever they encounter an unfamiliar element in a case.<br><div><br></div><div>n 2017, Microsoft released a new communication platform, Microsoft Teams(Koenigsbauer, 2017). Due to the application’s relatively young age, there has not been any significant forensic research relating to Microsoft Teams. This platform as of April 2021 had 145million daily active users (Wright, 2021), nearly double the number of daily users at the same time in 2020 (Zaveri, 2020). This rapid growth is attributed in part to the need to work from home due to the COVID-19 virus (Zaveri, 2020). Given the size of its user base, it seems likely that forensic investigators will encounter cases where Microsoft Teams is a relevant component but may not have the knowledge required to efficiently investigate the platform.<br></div><div><br></div><div>To help fill this gap, an analysis of data stored at rest by Microsoft Teams was conducted, both on the Windows 10 operating system as well as on mobile operating systems, such as IOS and Android has been conducted. Basic functionality such as messaging, sharing files, participating in video conferences, and other functionalities that Teams provides were performed in an isolated testing environment. These devices were analyzed with both automated forensic tools, and non automated investigation. Specifically, Cellebrite UFED for the mobile devices, and Magnet AXIOM for the Windows device were used. Manual or non-automated investigation recovered, at least partially, the majority of artifacts across all three devices. In this study, the forensic tools used did not recover many of the artifacts that were found with manual investigation. These discovered artifacts, and the results of the tools, are documented in the hopes of aiding future investigations.<br></div><div><br></div>
Digital Forensics
Microsoft Teams
28

Smart Home Security Using Intrusion Detection and Prevention Systems

Nalubowa, Vivian Gloria January 2019 (has links)
As the connectivity of home devices elevates so does the volume and sophistication of cyber attacks consistently grow. Therefore, the need for network security and availability becomes more significant. Numerous sorts of countermeasures like firewalls and router-based packet filtering have been put in place, although these alone are not enough to brace the network from unauthorised access. One of the most efficient methods of stopping network adversaries is using Intrusion Detection and Prevention Systems (IDPS). The goal of an IDPS is to stop security attacks before they can be successfully carried out. In this paper, I looked at four network attacks namely; probing, denial of service, remote to user and user to root and improved their respective Snort rules to optimize processing time and capturing capacity using regular expressions and fast pattern. Snort with improved rules captured 100% of the attacks launched to the network while without the improved rules, Snort captured between 0% to 60% of the attacks launched to the network making an improvement of 40%.
Digital Forensics
cyber security
Intrusion Detection
Engineering and Technology
Teknik och teknologier
29

Preparing for the Unexpected : Guidelines for Industrial IoT Forensics Readiness

Molinaro, Paolo, Wagner, Raya January 2023 (has links)
The Industrial Internet of Things (IIoT) plays a critical role in modern industrial systems, contributing to increased efficiency, productivity, and innovation. However,its rapid evolution and the complexity of devices pose significant challenges to digital forensics readiness (DFR). This thesis aims to provide a set of guidelines forimplementing DFR within IIoT environments, addressing challenges such as datacollection and logging, device and data identification, verification, security, analysis,and reporting. The framework was developed through rigorous research processesand guided by expert interviews and a final survey, adhering to design science principles. Although the study’s outcomes are subject to some limitations, such as a smallnumber of experts for evaluation, the research contributes to a significant gap in theexisting literature by providing a robust, adaptable, and comprehensive guide to DFRin IIoT. Offering a foundation for future research to build upon, enhance DFR, andaddressing emerging IIoT technologies and scenarios.
digital forensics readiness
industrial internet of things
Computer Sciences
Datavetenskap (datalogi)
30

Creation and Testing of a Semi-Automated Digital Triage Process Model

Cantrell, Gary DeWayne 15 December 2012 (has links)
Digital forensics examiners have a growing problem caused by their own success. The need for digital forensics is increasing and so are the devices that need examining. Not only are the number of devices growing, but so is the amount of information those devices can hold. One result of this problem is a growing backlog that could soon overwhelm digital forensics labs across the country. One way to combat this growing problem is to use digital triage to find the most pertinent information first. Unfortunately, although several digital forensics models have been created, very few digital triage models have been developed. This results in most organizations, if they perform digital triage at all, performing digital triage in an untested ad hoc fashion that varies from office to office. This dissertation will contribute to digital forensics science by creating and testing a digital triage model. This model will be semi-automated to allow for the use by untrained users; it will be as operating system independent as possible; and it will allow the user to customize it based on a specific crime class or classes. The use of this model will decrease the amount of time it takes a digital triage examiner to make a successful assessment concerning evidence.
evidence previewing
digital triage
digital forensics
modeling
dissertation

Page generated in 0.0866 seconds