Global ETD Search

1	Comparative Analysis & Study of Android/iOS MobileForensics Tools / Komparativ Analys & Studie av Android/iOS Forensik Verktyg för Mobiltelefoner Shakir, Amer, Hammad, Muhammad, Kamran, Muhammad January 2021 (has links) This report aims to draw a comparison between two commercial mobile forensics and recovery tools, Magnet AXIOM and MOBILedit. A thorough look at previously done studies was helpful to know what aspects of the data extractions must be compared and which areas are the most important ones to focus upon. This work focuses on how the data extracted from one tool compares with another and provides comprehensive extraction based on different scenarios, circumstances, and aspects. Performances of both tools are compared based on various benchmarks and criteria. This study has helped establish that MOBILedit has been able to outperform Magnet AXIOM on more data extraction and recovery aspects. It is a comparatively better tool to get your hands on. Mobile forensics recovery tools Magnet AXIOM MOBILedit data extractions comparison forensic tools digital forensics mobile forensic tools Computer Systems Datorsystem
2	Forensic Methods and Tools for Web Environments January 2017 (has links) abstract: The Web is one of the most exciting and dynamic areas of development in today’s technology. However, with such activity, innovation, and ubiquity have come a set of new challenges for digital forensic examiners, making their jobs even more difficult. For examiners to become as effective with evidence from the Web as they currently are with more traditional evidence, they need (1) methods that guide them to know how to approach this new type of evidence and (2) tools that accommodate web environments’ unique characteristics. In this dissertation, I present my research to alleviate the difficulties forensic examiners currently face with respect to evidence originating from web environments. First, I introduce a framework for web environment forensics, which elaborates on and addresses the key challenges examiners face and outlines a method for how to approach web-based evidence. Next, I describe my work to identify extensions installed on encrypted web thin clients using only a sound understanding of these systems’ inner workings and the metadata of the encrypted files. Finally, I discuss my approach to reconstructing the timeline of events on encrypted web thin clients by using service provider APIs as a proxy for directly analyzing the device. In each of these research areas, I also introduce structured formats that I customized to accommodate the unique features of the evidence sources while also facilitating tool interoperability and information sharing. / Dissertation/Thesis / Doctoral Dissertation Computer Science 2017 Computer science Chrome OS digital forensics forensic framework forensic tools web environments web thin client
3	Validation des logiciels d'expertise judiciaire de preuves informatiques / Validation of digital forensic software Nikooazm, Elina 30 June 2015 (has links) Dans les affaires judiciaires, les juges confrontés à des questions d’ordre techniques en matière informatique, recourent à des experts qui mettent leur savoir-faire au service de la justice. Régulièrement mandatés par les tribunaux, ils ont pour mission d'éclairer le juge en apportant des éléments de preuve utiles à l'enquête.Ils recherchent dans les scellés informatiques les éléments relatifs aux faits incriminés en préservant l’intégrité des données et évitant toute altération des supports originaux. Les éléments de preuve ainsi recueillis sont analysés par l’expert qui déposera ses conclusions au magistrat sous forme d’un rapport d'expertise.les investigations techniques sont effectuées à l'aide des outils très sophistiqués qui permettent de prendre connaissance des informations présentes, effacées, cachées ou chiffrées dans les supports numériques examinés.Ce qui requiert une parfaite maîtrise du matériel déployé et une identification claire des bonnes pratiques de la discipline. Ce projet de recherches vise à mettre en exergue les défis techniques aux quels sont confrontés les experts, la complexité des outils utilisés dans le cadre des investigations techniques et l'importance de la mise en place des tests de validation qui permettent de connaître les capacités et limites de chaque outil. / In criminal cases, judges confronted with questions of technical order in computer technology, designate expert witnesses who put their expertise at the service of justice. Duly appointed by the courts, they help the judge by providing evidence relevant to the investigation.They search the suspect’s seized digital devices for elements of computer related crime, while preserving the integrity of the data and avoiding any alteration of the original media.The evidence thus collected is analyzed by a digital forensic expert who will document their findings to the judge in a report.Technical investigations are conducted by using powerful and sophisticated tools to find the current files and recover deleted, hidden or encrypted data from the digital media device examined.This requires perfect control of the utilized equipment and a clear identification of the methods used during the analysis. This research project aims to highlight the technical challenges which experts face, the complexity of digital forensic tools used for technical investigations, and the importance of their validation to understand the capabilities and limitations of each tool. Expertise judiciare en informatique Investigation technique Preuves numériques Validation Outils d'analyse de preuves Digital forensic Technical investigation Digital evidence Validation Digital forensic tools
4	L'expertise et la lutte contre la fraude monétique / Solid forensic assessment and the fight against payment card fraud Souvignet, Thomas 18 December 2014 (has links) Le montant annuel de la fraude européenne à la carte de paiement se monte à plus d’1,5 milliard d’euros. Cette manne aiguise l’appétit des groupes criminels qui exploitent la moindre faille de la monétique (écosystème de la carte de paiement). Les cinq principaux acteurs de la monétique (porteurs, émetteurs, accepteurs, acquéreurs et systèmes de paiement) s’appuient pourtant sur des systèmes et réseaux normalisés dont la sécurité est encadrée par des standards internationaux contraignants. Néanmoins, la fraude monétique ne cesse de progresser alors que les moyens de lutte (étatiques, collaboratifs ou individuels) restent limités.Après étude de la fraude monétique, cette thèse propose différentes actions (passives,réactives et proactives) visant à améliorer la lutte contre la fraude monétique. D’abord,il convient de mieux connaître la fraude en étudiant la provenance des données volées et plus seulement leur usage. Ensuite l’expertise de ces fraudes doit être améliorée, en développant par exemple une captation du progrès scientifique. Une expertise qui doit être en partie transmise aux enquêteurs afin qu’ils puissent conduire leurs enquêtes. Enquêtes qui peuvent être dynamisées par des opérations réactives associant investigateurs et sachants techniques. Enfin, de manière proactive, les enquêtes et analyses de demain doivent être facilitées par les technologies monétiques conçues aujourd’hui. / Every year, payment card fraud exceeds 1.5 billion euros in Europe. Organised crime groups are exploiting any vulnerability possible to take a piece of this lucrative activity. Even though the five principal entities in the payment card industry (cardholders, issuers,acceptors, acquirers and payment system providers) are implementing binding security measures through out standardized systems and networks, fraud continues to increase. Efforts by the state, industry collaboration, and individuals have been unsuccessful in decreasing criminal advances. Having analysed the elements of payment card fraud, this thesis proposes several actions (passive, reactive and proactive) to help improve the fight against this fraud. First, itis relevant to gain knowledge of the source of the card details and not to focus only on its reuse. Next, forensic assessment has to be improved, for example by developing an increased scientific understanding of the technology. Such an expertise should then be passed on to investigators through effective training and knowledge transfer. Investigations should also be made more dynamic with reactive operations conducted in concert by investigators and technicians. Finally, in an ideal proactive spirit, future investigations and assessments should be oriented and facilitated by studying and influencing current payment card technology developments. Fraude monétique Terminaux Carte de paiement Expertise Enquête Cybercriminalité Outils criminalistiques Pays de l'Union européenne Payment card industry Forensic assessment Investigation Cybercrime Forensic tools Terminals Payment card
5	Prieskum a taxonómia sieťových forenzných nástrojov / Network Forensics Tools Survey and Taxonomy Zembjaková, Martina January 2021 (has links) Táto diplomová práca sa zaoberá prieskumom a taxonómiou sieťových forenzných nástrojov. Popisuje základné informácie o sieťovej forenznej analýze, vrátane procesných modelov, techník a zdrojov dát používaných pri forenznej analýze. Ďalej práca obsahuje prieskum existujúcich taxonómií sieťových forenzných nástrojov vrátane ich porovnania, na ktorý naväzuje prieskum sieťových forenzných nástrojov. Diskutované sieťové nástroje obsahujú okrem nástrojov spomenutých v prieskume taxonómií aj niektoré ďalšie sieťové nástroje. Následne sú v práci detailne popísané a porovnané datasety, ktoré sú podkladom pre analýzu jednotlivými sieťovými nástrojmi. Podľa získaných informácií z vykonaných prieskumov sú navrhnuté časté prípady použitia a nástroje sú demonštrované v rámci popisu jednotlivých prípadov použitia. Na demonštrovanie nástrojov sú okrem verejne dostupných datasetov použité aj novo vytvorené datasety, ktoré sú detailne popísane vo vlastnej kapitole. Na základe získaných informácií je navrhnutá nová taxonómia, ktorá je založená na prípadoch použitia nástrojov na rozdiel od ostatných taxonómií založených na NFAT a NSM nástrojoch, uživateľskom rozhraní, zachytávaní dát, analýze, či type forenznej analýzy.
6	Identifying anti-forensics : Attacks on the digital forensic process Siljac, Stjepan January 2022 (has links) The area of digital forensics might be old but the idea that criminals or other organisations are actively working to hide their steps is somewhat new. Roughly a year ago, a company announced that they can actively exploit security flaws in a popular digital forensics suite, thus raising questions of validity of evidence submitted to court. It is not known if this exploit is being used in the wild but the mere thought of security issues existing in tools is a serious issue for law enforcement. This paper sets out to clarify the digital forensic process, what tools are used within the digital forensic process and what anti-forensic techniques are available on the market. Using the digital forensic process as a base, this paper produces a model that classifies anti-forensic techniques into realms and shows which realm affects which stage of the digital forensics process. The digital forensic process, anti-forensic techniques and the model was then tested in a Delphi-inspired study where questions regarding the digital forensic process and anti- forensic techniques was asked to digital forensic specialists as well as information security specialists. The goal of the Delphi-study was to reach a consensus regarding the foundations (process and techniques) and their internal relationships (as described in the model). The first part of this paper’s conclusion is that a digital forensic process should contain the following stages: Planning -> Identification -> Acquisition -> Analysis -> Presentation. The paper also concludes that there are several digital forensic tools available for a practitioner, both open and closed source, and that the practitioner uses a mixture of the two. Apart from the process and the tools used, this paper concludes that there are several anti-forensic techniques available on the market and that these could be used by any malicious user that actively want to disrupt the digital forensic process. A second conclusion is that the proposed model connects the stages of the digital forensic process with anti-forensic techniques though the use of realms. The proposed model can be used to develop anti-anti-forensics methods, processes or techniques. digital forensics digital forensic process digital forensic tools anti-forensics digital evidence Övrig annan teknik
7	From whistleblowing tools to AI-supported data analysis: A compliance practitioner`s view on IT-tools for different aspects of investigations Endres, Markus 28 November 2023 (has links) The text discusses the evolving digital workplace, emphasizing the rise of cybercrime and the need for innovative investigative approaches. It explores the surge in web-based whistleblowing tools in Europe, driven by legislation, and delves into the functionalities and challenges of these tools, including issues of anonymity and data protection. The paper also highlights the role of AI-based forensic tools in government agencies, covering their benefits and potential risks. The use of AI in law enforcement is explored, acknowledging its effectiveness but also cautioning against biases and associated risks. The conclusion stresses the importance of balancing opportunities and risks, particularly in the context of legal and ethical considerations. info:eu-repo/classification/ddc/343 ddc:343

1

Page generated in 0.0826 seconds