scholarly journals CustodyBlock: A Distributed Chain of Custody Evidence Framework

Information ◽  
2021 ◽  
Vol 12 (2) ◽  
pp. 88
Author(s):  
Fahad F. Alruwaili
Keyword(s):  
Digital Forensics ◽  
Research Direction ◽  
Digital Evidence ◽  
Smart Contracts ◽  
Critical Component ◽  
Original State ◽  
Relevant Evidence ◽  
Control Transfer ◽  
Evidence Framework ◽  
Chain Of Custody

With the increasing number of cybercrimes, the digital forensics team has no choice but to implement more robust and resilient evidence-handling mechanisms. The capturing of digital evidence, which is a tangible and probative piece of information that can be presented in court and used in trial, is very challenging due to its volatility and improper handling procedures. When computer systems get compromised, digital forensics comes into play to analyze, discover, extract, and preserve all relevant evidence. Therefore, it is imperative to maintain efficient evidence management to guarantee the credibility and admissibility of digital evidence in a court of law. A critical component of this process is to utilize an adequate chain of custody (CoC) approach to preserve the evidence in its original state from compromise and/or contamination. In this paper, a practical and secure CustodyBlock (CB) model using private blockchain protocol and smart contracts to support the control, transfer, analysis, and preservation monitoring is proposed. The smart contracts in CB are utilized to enhance the model automation process for better and more secure evidence preservation and handling. A further research direction in terms of implementing blockchain-based evidence management ecosystems, and the implications on other different areas, are discussed.

scholarly journals The Search and Seizure of Digital Evidence by Forensic Investigators in South Africa

2019 ◽  
Vol 22 ◽  
pp. 1-42 ◽  
Author(s):  
Jacobus Gerhardus Nortje ◽  
Daniel Christoffel Myburgh
Keyword(s):  
Information Technology ◽  
Police Officers ◽  
Digital Forensics ◽  
Legal Framework ◽  
Legal Aspects ◽  
Search And Seizure ◽  
Digital Evidence ◽  
Digital Forensic ◽  
Chain Of Custody ◽  
Principles And Standards

The discipline of digital forensics requires a combination of skills, qualifications and knowledge in the area of forensic investigation, legal aspects and information technology. The uniqueness of digital evidence makes the adoption of traditional legal approaches problematic. Information technology terminology is currently used interchangeably without any regard to being unambiguous and consistent in relation to legal texts. Many of the information technology terms or concepts have not yet achieved legal recognition. The recognition and standardisation of terminology within a legal context are of the utmost importance to ensure that miscommunication does not occur. To provide clarity or guidance on some of the terms and concepts applicable to digital forensics and for the search and seizure of digital evidence, some of the concepts and terms are reviewed and discussed, using the Criminal Procedure Act 51 of 1977 as a point of departure. Digital evidence is often collected incorrectly and analysed ineffectively or simply overlooked due to the complexities that digital evidence poses to forensic investigators. As with any forensic science, specific regulations, guidelines, principles or procedures should be followed to meet the objectives of investigations and to ensure the accuracy and acceptance of findings. These regulations, guidelines, principles or procedures are discussed within the context of digital forensics: what processes should be followed and how these processes ensure the acceptability of digital evidence. These processes include international principles and standards such as those of the Association of Chiefs of Police Officers and the International Organisation of Standardisation. A summary is also provided of the most influential or best-recognised international (IOS) standards on digital forensics. It is concluded that the originality, reliability, integrity and admissibility of digital evidence should be maintained as follows: Data should not be changed or altered. Original evidence should not be directly examined. Forensically sound duplicates should be created. Digital forensic analyses should be performed by competent persons. Digital forensic analyses should adhere to relevant local legal requirements. Audit trails should exist consisting of all required documents and actions. The chain of custody should be protected. Processes and procedures should be proper, while recognised and accepted by the industry. If the ACPO (1997) principles and ISO/IEC 27043 and 27037 Standards are followed as a forensic framework, then digital forensic investigators should follow these standards as a legal framework.  

Digital Forensics of Cybercrimes and the Use of Cyber Forensics Tools to Obtain Digital Evidence

2021 ◽  
pp. 45-68
Keyword(s):  
International Collaboration ◽  
Digital Forensics ◽  
Lessons Learned ◽  
Digital Evidence ◽  
Collaboration Networks ◽  
Forensic Evidence ◽  
Digital Ecosystems ◽  
Cyber Forensics ◽  
Chain Of Custody ◽  
New Strategies

This chapter evaluates the most relevant methodologies and best practices for conducting digital investigations, preserving digital forensic evidence and following chain of custody (CoC) of cybercrimes. Cybercriminals are assuming new strategies to launch their sophisticated cyberattacks within the ever-changing digital ecosystems. The authors recommend that digital investigations must continually shift to tackle cybercrimes and prosecute cybercriminals to increase international collaboration networks, to share prevention knowledge, and to analyze lessons learned. They also establish a cyber forensics model for miscellaneous ecosystems called cyber forensics model in digital ecosystems (CFMDE). This chapter also reviews the most important categories of tools to conduct digital investigations. Nevertheless, as the cybercrime sophistication keeps improving, it is also necessary to harden technologies, techniques, methodologies, and tools to acquire digital evidence in order to support and make cyber investigation cases stronger.

scholarly journals Manajemen Pengelolaan Bukti Digital Untuk Meningkatkan Aksesibilitas Pada Masa Pandemi Covid-19

2021 ◽  
Vol 19 (1) ◽  
pp. 27
Author(s):  
Moch Bagoes Pakarti ◽  
Dhomas Hatta Fudholi ◽  
Yudi Prayudi
Keyword(s):  
Management System ◽  
Digital Forensics ◽  
Current Problem ◽  
Human Life ◽  
Hash Functions ◽  
Digital Evidence ◽  
Chain Of Custody

Covid-19 has a major impact on human life, including the process of managing digital evidence. Management of digital evidence requires special handling that can store and maintain the integrity of digital evidence. The current problem is there is no concept of storing digital evidence that can be accessed online in wider accessibility. Online digital evidence management is proposed as a solution to solve this problem. This concept is in the form of an online digital evidence management system that can be accessed anywhere and anytime using MD5 and SHA1 hash functions in order to maintain the properties of digital evidence so that it can be legally accepted. The problems with digital evidence management require a Management System for Digital Evidence that is suitable for application in Digital Forensics Laboratory. This research had successfully implemented the concept of online chain of custody. It is expected, with the concept of Online Digital Evidence Management, this digital evidence control and all activities related to it can be maintained and well documented. Moreover, it can reach a wider area accessed anywhere and any time and reduce the spread of Covid-19.

scholarly journals THE INTEGRATION OF DIGITAL FORENSICS SCIENCE AND ISLAMIC EVIDENCE LAWS

2019 ◽  
Vol 4 (17) ◽  
pp. 61-70
Author(s):  
Mohamad Khairudin Kallil ◽  
Ahmad Che Yaacob
Keyword(s):  
Operating Procedure ◽  
Digital Forensics ◽  
Islamic Law ◽  
Standard Operating Procedure ◽  
Digital Evidence ◽  
Standard Requirement ◽  
Standard Operating ◽  
Chain Of Custody ◽  
Court Proceedings ◽  
A Chain

Evidence is anything that tends to prove or disprove a fact at issue in legal action. It involves the offering of alleged proof through testimony or objects at court proceedings to persuade the trier of fact about an issue in dispute. Islamic Evidence Law is a body of rules that helps to govern conduct and determines what will admissible in certain legal proceedings and trials. In the proceeding that involves digital evidence, the court will consider whether the digital evidence is admissible or inadmissible depends on the requirements of admissibility stated in law statutes in force and the existence of any Standard Operating Procedure (SOP). Under section 33 of the Syariah Court (Federal Territories) Evidence Act or other Syariah Evidence Enactments, digital evidence is subjected to be authenticated by the digital forensics experts. In digital forensics, the process of identification, preservation, collection, analysis, and presentation is the main procedures contained in any Standard Operating Procedure (SOP) of any digital forensics services. The court will ensure that this procedure can maintain the authenticity and the originality of the evidence especially on the issue of expert qualification, a chain of custody and analysis part. Thus, digital forensics is integrated with the Islamic law of evidence to maintain justice in delivering judgment. Therefore, this article examines the standard requirement of the admissibility of digital evidence by digital forensic methodology by using the qualitative approach on the analysis of articles, books, law statutes documents and law cases. The results show that the need for amendment of Syariah Court Evidence and Procedure statutes and the necessity of the existence of Standard Operating Procedure (SOP) on digital evidence in the Syariah courts as a guideline for judges, lawyers and parties involved.

scholarly journals The Management of Physical Evidence and Chain of Custody (CoC) in Digital Forensic Laboratory Storage

2019 ◽  
pp. 001-010
Author(s):  
Tino Feri Efendi
Keyword(s):  
Management System ◽  
Digital Forensics ◽  
Current Problem ◽  
Computer Crime ◽  
Digital Evidence ◽  
Digital Forensic ◽  
Physical Evidence ◽  
Chain Of Custody ◽  
Special Space

Computer crime has 2 types of evidence, namely: physical evidence and digital evidence. Storage on physical evidence requires a special space that can hold physical evidence. However, a system that can store and manage physical evidence is needed.The current problem is the absence of a concept of storing physical evidence and its documentation (Chain of Custody). Management of Physical Evidence is proposed as a solution to solve the problem. This concept is in the form of a Physical Evidence Management System and Chain of Custody by taking the analogy of a Data Inventory. Problems with Physical Evidence Management require a Management System for Physical Evidence that is suitable for use in the UII Digital Forensics Laboratory. This research has successfully implemented the concept of Data Inventory. It is expected that with the concept of Physical Evidence Management the control of physical evidence and all activities related to it can be maintained and documented properly.

Digital Chain of Custody

2017 ◽  
Vol 7 (7) ◽  
pp. 117
Author(s):  
Matthew N.O. Sadiku ◽  
Adebowale E. Shadare ◽  
Sarhan M. Musa
Keyword(s):  
Digital Evidence ◽  
Chain Of Custody ◽  
Digital Investigation ◽  
A Chain ◽  
Admissible Evidence ◽  
Investigation Process

Digital chain of custody is the record of preservation of digital evidence from collection to presentation in the court of law. This is an essential part of digital investigation process.  Its key objective is to ensure that the digital evidence presented to the court remains as originally collected, without tampering. The chain of custody is important for admissible evidence in court. Without a chain of custody, the opposing attorney can challenge or dismiss the evidence presented. The aim of this paper is to provide a brief introduction to the concept of digital chain custody.

scholarly journals A Mobile-Oriented System for Integrity Preserving in Audio Forensics

2019 ◽  
Vol 9 (15) ◽  
pp. 3097 ◽  
Author(s):  
Diego Renza ◽  
Jaime Andres Arango ◽  
Dora Maria Ballesteros
Keyword(s):  
Computational Cost ◽  
Digital Evidence ◽  
Audio Signals ◽  
Audio Forensics ◽  
Audio Recordings ◽  
Hash Code ◽  
Chain Of Custody ◽  
Code Changes ◽  
Hash Codes

This paper addresses a problem in the field of audio forensics. With the aim of providing a solution that helps Chain of Custody (CoC) processes, we propose an integrity verification system that includes capture (mobile based), hash code calculation and cloud storage. When the audio is recorded, a hash code is generated in situ by the capture module (an application), and it is sent immediately to the cloud. Later, the integrity of the audio recording given as evidence can be verified according to the information stored in the cloud. To validate the properties of the proposed scheme, we conducted several tests to evaluate if two different inputs could generate the same hash code (collision resistance), and to evaluate how much the hash code changes when small changes occur in the input (sensitivity analysis). According to the results, all selected audio signals provide different hash codes, and these values are very sensitive to small changes over the recorded audio. On the other hand, in terms of computational cost, less than 2 s per minute of recording are required to calculate the hash code. With the above results, our system is useful to verify the integrity of audio recordings that may be relied on as digital evidence.

scholarly journals Digital Evidence Cabinets: A Proposed Framework for Handling Digital Chain of Custody

2014 ◽  
Vol 107 (9) ◽  
pp. 30-36 ◽  
Author(s):  
Yudi Prayudi ◽  
Ahmad Ashari ◽  
Tri K Priyambodo
Keyword(s):  
Digital Evidence ◽  
Chain Of Custody
Sign in / Sign up

Export Citation Format

Share Document