Topic Name: case studies related to digital forensics

What is Digital Forensis

Cyber forensic or computer forensic is important to find out of the cybercriminal. It plays a
major role nowadays. As compare with normal forensics we cannot find any blood splatters,
cloths, hairs, etc in cyber forensic cases. In cyber forensics we need to examine the computer
or related things and identify the evidence from it. So, I am taking you to the 5 cyber forensic
case studies.

Case no:1 Hosting Obscene Profiles (Tamil Nadu)

I am starting with a case which happened in Tamil Nadu. The case is about the hosting
obscene profiles. This case has solved by the investigation team in Tamil Nadu. The
complainant was a girl and the suspect was her college mate. In this case the suspect will
create some fake profile of the complainant and put in some dating website. He did this as a
revenge for not accepting his marriage proposal. So this is the background of the case.

Case no:2 Illegal money transfer (Maharashtra)

The second case is about an illegal money transfer. This case is happened in Maharashtra.
The accused in this case is a person who is worked in a BPO. He is handling the business of a
multinational bank. So, he had used some confidential information of the banks customers
and transferred huge sum of money from the accounts.

Case no:3 Creating Fake Profile (Andhra Pradesh)

The next case is of creating fake profile. This case is happened in Andhra Pradesh. The
complainant received obscene email from unknown email IDs. The suspect also noticed that
obscene profiles and pictures are posted in matrimonial sites.

Case no:4 Intellectual property theft (Karnataka)

Let see an intellectual property theft happened in software based company situated in
Bangalore. The complainant complains that some of the company’s employs had used the
company’s IT system and destoryed with the source code of the software under development.

Case no:5 Hacking (Karnataka)

Here is the fifth case which is a hacking case it happened in Bangalore Karnataka. In this
case the complainant receives the obscene pornographic material at her email address and
mobile phone. She also stated that she had a doubt somebody has hacked her accounts.

Acknowledgement
Digital forensics is a major area where researches are still being conducted on a large-scale basis as
the growth of computer-assisted crimes are innumerous and the fine-tuned approaches to investigate
cybercrimes are still in its infancy. Related manuscripts were obtained from previously published
literature which discusses about the challenges that exist within the domain, from the increasing
volume of data to the varying technology platforms and systems that exist. We conducted an
extensive study and found that the lack of effective evidence data acquisition methods because of
diversity of technology and their deployment platforms and the lack of effective models to process
large volumes of data to analyze are key limiting factors in this domain. This paper reviews the
existing forensic models, defines cybercrime, focuses on challenges and move on to proposing an
enhancement of cyber forensic approach which includes an operating system assisted profiling and
evidence preserving using virtualized secure logging scheme which can be applied to majority of
technology platforms Place:

Date:

Part – A:MIcroproject proposal

Crime follows humanity from the Garden of Eden and human being is confronted with
interesting mental conflicts such as whether to declare the world he is dare to commit a crime
and get away with it or protect himself. This conflict, deepest in our minds manifests itself in
actions: the criminal commits mistake and leave traces, always. Considering these aspects to get
more from the interpretation of digital evidence, suggests a new method - “crime and criminal
profiling”. Nykodym Point out that “the idea that an individual committing crime in cyberspace
can fit a certain outline (a profile) may seem farfetched, but evidence suggests that certain
distinguishing characteristics do regularly exist in cyber criminals

Operating system is the most powerful software, the brain of the computer system, so how can it
assist in cyber forensics? From a conventional criminal forensics perspective, it is very well
equivalent to the most intelligent and knowledgeable person assisting an autopsy. Being the
master software running on a digital computing platform, it is evident that Operating System
software has the ultimate knowledge and control over any event that is happening in the system.
In other words, any software running as a part of Operating Systems has the capability to
monitor all events from a system-wide perspective. At the same time, popular general purpose
Operating Systems has minimal security mechanisms enforced by default because it will affect
the overall system experience by the end user (e.g. the infamous User Authentication Module –
UAM – in Windows) and event logging from a cyber forensic perspective is not even a
secondary priority of popular Operating System

Aims

This work aims to identify the success factors and challenges faced in digital forensic for law

enforcement. The purpose is to identify and analyze the success factors and challenges on which

the scientific community has oriented its efforts and contrast them with the success factors and

challenges that digital forensic practitioners consider the most relevant, as well as the areas that

they believe need more attention.

Literature review:

The future work will focus on enhancing the digital forensic investigation process, which
involves research into more efficient evidence acquisition techniques which uses crime-
pattern matching algorithms and tools that should be ultimately built in as part of system or
kernel and in some cases even partially or fully implemented in hardware, and to extend the
solution to prevent the crime before it is or about to be committed.
CURRENT RESEARCH CHALLENGES

Constant developments in information technology and communication have posed challenges for
those profiling cybercrimes. Due to the application of computer used to investigate computer-based
crime has led to development of this new field called computer forensics. A. Major challenges faced
in Cyber Forensics

• The lack of real data sources for study and analysis purposes

• The dependency on efficient and readily available tools to data acquisition and analysis

• The limitation of the operating environment during the acquisition of data

• The volatility of the evidence

• The accessibility to the data – especially if the data is on distributed systems

• The volume of data and the time taken to undertake an investigation

• The ultimate lack and differences of laws across the countries

• Multitude of OS platforms and file systems.

The The lack of real data sources Missing real data sources is a serious problem across different areas
in computer science. Most agencies, vendors, providers (must) keep their data secure and private. One
cannot ignore the issue that a training set is needed in machine learning and an appropriate training set
must come from real cases in Cyber Forensics. It is difficult to formulate and test any novel
techniques and ideas on data that is fictitious. In the paper by McClelland, and Marturana it is
depicted an issue that is quite difficult to solve, and only a few known research projects have
attempted to learn from past real data to advance the state of the domain, or to improve the area of
what some call push-button forensics, where a system tries to automatically analyze the data on a
forensic image with little to no investigator interaction says Baggili and Endicott

Conclusion:

Forensic computing and cybercrime investigation emerged because of increase in digital crime due to
the development of the Internet and proliferation of computer technology. In this paper, we reviewed
the literatures in computer forensics and identified many categories of activity research in computer
forensics. A few research categories are framework, trustworthiness, computer forensics in networked
/virtualized environments and acquisition and analysis of evidence data. The advances such as
components, approaches, process of each category have been reviewed and discussed.

Abstarct:
Digital forensics is a major area where researches are still being conducted on a large-scale
basis as the growth of computer-assisted crimes are innumerous and the fine-tuned
approaches to investigate cybercrimes are still in its infancy. Related manuscripts were
obtained from previously published literature which discusses about the challenges that exist
within the domain, from the increasing volume of data to the varying technology platforms
and systems that exist. We conducted an extensive study and found that the lack of effective
evidence data acquisition methods because of diversity of technology and their deployment
platforms and the lack of effective models to process large volumes of data to analyze are key
limiting factors in this domain. This paper reviews the existing forensic models, defines
cybercrime, focuses on challenges and move on to proposing an enhancement of cyber
forensic approach which includes an operating system assisted profiling and evidence
preserving using virtualized secure logging scheme which can be applied to majority of
technology platforms

Rationale:

The main goal of digital forensics is to extract data from the electronic evidence, process
it into actionable intelligence and present the findings for prosecution. All processes
utilize sound forensic techniques to ensure the findings are admissible in court.

4 Digital Forensics Disciplines

Encompassed with the technological changes, several digital forensic disciplines have developed in
the past years. Stoyanova et al. (2020), and Karie and Venter (2014) describe the digital forensic
disciplines as follows:

 Computer forensics:
It is commonly used as a synonym for digital forensics and covers the investigation of digital
evidence from desktop computers, laptops, and server computers. Software forensics:
Concern with uncovering evidence by examining software.
 Database forensics:

Related to the analysis of data and metadata existing within a database. Multimedia forensics: Used
to uncover the authenticity of the information provided by images, videos, and audio files.

 Device forensics:
With a focus on the digital evidence from diverse types of devices from small to large-scale.
 IoT forensics:
Where the sources of evidence could be more wide-ranging than in the case of device
forensics, for instance, infant or patient monitoring systems, medical implants in humans
and animals, In-Vehicle Infotainment (IVI) systems, traffic lights, and so on.
 Network forensics:
That deals with the process of collecting and analyzing network data and tracking network traffic
to figure out the occurrence of security incidents. Moreover, cloud forensics is considered a
subset of network forensics focused on the cloud computing environment (Zawoad & Hasan
2013)