A New Digital Evidence Retrieval Model for Gambling Machine Forensic Investigation

A New Digital Evidence Retrieval Model For Gambling Machine Forensic Investigation

Jurnal Teknologi ◽

10.11113/jt.v54.91 ◽

2012 ◽

Author(s):

Pritheega Magalingam ◽

Azizah Abdul Manaf ◽

Zuraimi Yahya ◽

Rabiah Ahmad

Keyword(s):

Forensic Analysis ◽

Digital Evidence ◽

Retrieval Model ◽

Forensic Investigation ◽

Forensic Evidence ◽

Retrieval Method ◽

Illegal Gambling ◽

Digital Forensic ◽

Evidence Analysis ◽

Gaming Machine

Analisis forensik perkakasan melibatkan proses menganalisa data yang di perolehi secara elektronik untuk menunjukkan bukti sama ada peralatan elektronik adalah digunakan untuk melakukan jenayah, mengandungi bukti jenayah atau ia adalah satu sasaran jenayah. Penyalahgunaan mesin permainan merupakan sumber utama permainan haram dijalankan. Kerja penyelidikan ini memperkenalkan kaedah mendapatkan maklumat dari satu mesin permainan yang telah dirampas oleh PDRM dan menganalisis data yang diterjemahkan untuk membuktikan bahawa mesin permainan tersebut digunakan secara haram. Prosedur mendapatkan bukti digital ini dibina untuk membantu pihak polis atau penyiasat dalam penganalisaan maklumat digital dan ia boleh dijadikan sebagai satu garis panduan untuk mengenalpasti bukti yang relevan untuk menunjukan aktiviti perjudian haram dijalankan. Kata kunci: Forensik digital, analisis forensik, mesin judi, kaedah pengambilan informasi, penterjemahan, pencarian kata Hardware forensic analysis involves the process of analyzing digital evidence derived from digital sources. The analysis is done to facilitate and prove either the device is used to commit crime, whether it contains evidence of a crime or is the target of a crime. Gambling machines serve as the main source by which illegal games are conducted. This paper presents a method for retrieving information from a seized gaming machine, along with an analysis of the interpreted information to prove that the gaming machine was used illegally. The proposed procedures for the gambling machine forensic process will be important for forensic investigators (e.g., the police or private investigators), as they will assist these individuals in the digital forensic evidence analysis necessary to produce evidence relevant to illegal gambling. Key words: digital forensic, forensic analysis, gambling machine, information retrieval method, interpretation, string search

Download Full-text

Forensic investigation and analysis on digital evidence discovery through physical acquisition on smartphone

2015 World Congress on Internet Security (WorldCIS) ◽

10.1109/worldcis.2015.7359429 ◽

2015 ◽

Cited By ~ 3

Author(s):

Taniza Binti Tajuddin ◽

Azizah Abd Manaf

Keyword(s):

Digital Evidence ◽

Forensic Investigation

Download Full-text

A Metode Offline Forensik Untuk Analisis Digital Artefak Pada TOR Browser Di Sistem Operasi Linux

JITU : Journal Informatic Technology And Communication ◽

10.36596/jitu.v4i2.345 ◽

2020 ◽

Vol 4 (2) ◽

pp. 41-51

Author(s):

Wisnu Sanjaya ◽

Bambang Sugiantoro ◽

Yudi Prayudi

Keyword(s):

Operating System ◽

Operating Systems ◽

Rapid Development ◽

Digital Evidence ◽

Forensic Investigation ◽

User Privacy ◽

Web Browser ◽

Digital Footprint ◽

Technology Products ◽

The Creation

The rapid development of the IT world has covered all aspects of life and among IT technology products is the creation of Operating Systems and Web browser applications. Privacy in the use of IT in the open era is now highly expected, therefore now widely developed Operating Systems and Web browser applications that have facilities to protect user privacy. Linux and TOR Browser is a combination that is widely used in the field of security, but unfortunately many are misused by the person in a crime. The motivation to use both is to eliminate or minimize the digital footprint of the browsing activity so that it will complicate the search of digital evidence in a crime. This research proposes a framework of stages for TOR Browser analysis in Linux Operating System which aims to provide solution in forensic investigation using offline forensic method. The use of offline forensic methods to obtain detailed information from a digital proof on a computer in a off state

Download Full-text

Holistic Analytics of Digital Artifacts

International Journal of Digital Crime and Forensics ◽

10.4018/ijdcf.20210901.oa5 ◽

2021 ◽

Vol 13 (5) ◽

pp. 78-100

Author(s):

Ashok Kumar Mohan ◽

Sethumadhavan Madathil ◽

Lakshmy K. V.

Keyword(s):

Digital Evidence ◽

Forensic Investigation ◽

Association Model ◽

Digital Devices ◽

Digital Forensic ◽

Unique Mapping ◽

Metadata Association ◽

Almost All ◽

Mapping Models ◽

Unique Association

Investigation of every crime scene with digital evidence is predominantly required in identifying almost all atomic files behind the scenes that have been intentionally scrubbed out. Apart from the data generated across digital devices and the use of diverse technology that slows down the traditional digital forensic investigation strategies. Dynamically scrutinizing the concealed or sparse metadata matches from the less frequent archives of evidence spread across heterogeneous sources and finding their association with other artifacts across the collection is still a horrendous task for the investigators. The effort of this article via unique pockets (UP), unique groups (UG), and unique association (UA) model is to address the exclusive challenges mixed up in identifying incoherent associations that are buried well within the meager metadata field-value pairs. Both the existing similarity models and proposed unique mapping models are verified by the unique metadata association model.

Download Full-text

Digital Forensic Investigation of Social Media, Acquisition and Analysis of Digital Evidence

International Journal of Strategic Engineering ◽

10.4018/ijose.2019010105 ◽

2019 ◽

Vol 2 (1) ◽

pp. 52-60 ◽

Cited By ~ 3

Author(s):

Reza Montasari ◽

Richard Hill ◽

Victoria Carpenter ◽

Farshad Montaseri

Keyword(s):

Social Media ◽

Social Interaction ◽

Social Networking ◽

Social Networking Sites ◽

Instant Messaging ◽

Digital Evidence ◽

Forensic Investigation ◽

Digital Forensic ◽

Photo Sharing ◽

Investigation Process

Various social networking sites (SNSs), widely referred to as social media, provide services such as email, blogging, instant messaging and photo sharing for social and commercial interactions. SNSs are facilitating new forms of social interaction, dialogue, exchange and collaboration. They allow millions of users and organisations worldwide to exchange ideas, post updates and comments or participate in activities and events, while sharing their wider interests. At the same time, such a phenomenon has led to an upsurge in significant criminal activities by perpetrators who are becoming increasingly sophisticated in their attempts to deploy technology to circumvent detection. Digital forensic Examiners (DFEs) often face serious challenges in relation to data acquisition. Therefore, this article aims to analyse the significance of SNSs in DFIs and challenges that DFEs often encounter when acquiring evidence from SNSs. Furthermore, this article describes the steps of the digital forensic investigation process that must be taken to acquire digital evidence that is both authentic and forensically sound.

Download Full-text

Analysis of Steganographic on Digital Evidence using General Computer Forensic Investigation Model Framework

International Journal of Advanced Computer Science and Applications ◽

10.14569/ijacsa.2020.0111141 ◽

2020 ◽

Vol 11 (11) ◽

Author(s):

Muh. Hajar Akbar ◽

Sunardi ◽

Imam Riadi

Keyword(s):

Digital Evidence ◽

Forensic Investigation ◽

Model Framework ◽

Computer Forensic ◽

General Computer

Download Full-text

Analisis Kelayakan Integrated Digital Forensics Investigation Framework Untuk Investigasi Smartphone

Jurnal Buana Informatika ◽

10.24002/jbi.v7i4.767 ◽

2016 ◽

Vol 7 (4) ◽

Cited By ~ 1

Author(s):

Ruuhwan Ruuhwan ◽

Imam Riadi ◽

Yudi Prayudi

Keyword(s):

Digital Forensics ◽

Electronic Media ◽

Digital Data ◽

Digital Evidence ◽

Forensic Investigation ◽

Digital Forensic ◽

Forensic Examination ◽

Different Types ◽

Valid Evidence

Abstract. The handling of digital evidence each and every digital data that can proof a determination that a crime has been committed; it may also give the links between a crime and its victims or crime and the culprit. How to verify a valid evidence is to investigate using the approach known as the Digital Forensic Examination Procedures. Integrated Digital Forensic Investigation Framework (IDFIF) is the latest developed method, so that it is interesting to further scrutinize IDFIF, particularly in the process of investigation of a smartphone. The current smartphone devices have similar functions with computers. Although its functions are almost the same as the computer, but there are some differences in the process of digital forensics handling between computer devices and smartphones. The digital evidence handling process stages need to overcome the circumstances that may be encountered by an investigator involving digital evidence particularly on electronic media and smartphone devices in the field. IDFIF needs to develop in such a way so it has the flexibility in handling different types of digital evidence.Keywords: digital evidence, IDFIF, investigation, smartphoneAbstraks. Penanganan bukti digital mencakup setiap dan semua data digital yang dapat menjadi bukti penetapan bahwa kejahatan telah dilakukan atau dapat memberikan link antara kejahatan dan korbannya atau kejahatan dan pelakunya. Cara pembuktian untuk mendapatkan bukti valid adalah dengan melakukaninvestigasi dengan pendekatan Prosedur Pemeriksaan Digital Forensic. Integrated Digital Forensics Investigation Framework (IDFIF) merupakan metode terbaru sehingga IDFIF ini menarik untuk diteliti lebih lanjut terutama dalam proses investigasi smartphone. Saat ini perangkat smartphone memiliki fungsi yang sama dengan komputer. Meskipun demikian, ada beberapa perbedaan dalam proses penanganan digital forensics diantara perangkat komputer dan smartphone. Tahapan proses penanganan barang bukti digital seharusnya dibuat untuk mengatasi keadaan umum yang mungkin dihadapi oleh investigator yangmelibatkan barang bukti digital terutama pada perangkat smartphone dan media elektronik terkait di lapangan. IDFIF perlu dikembangkan sehingga memiliki fleksibilitas dalam menangani berbagai jenis barang bukti digital.Kata Kunci: bukti digital, IDFIF, investigasi, smartphone

Download Full-text

Electronic Discovery (eDiscovery): Performing the Early Stages of the Enron Investigation

Issues in Accounting Education ◽

10.2308/issues-16-064 ◽

2019 ◽

Vol 35 (1) ◽

pp. 43-58

Author(s):

Eric M. Negangard ◽

Rebecca G. Fay

Keyword(s):

Electronic Communication ◽

Reference Model ◽

Preliminary Investigation ◽

Unstructured Data ◽

Digital Evidence ◽

Forensic Investigation ◽

Early Stages ◽

Electronic Discovery ◽

Tools And Techniques ◽

Digital Search

ABSTRACT A good investigator, whether it be in the context of an audit or a forensic investigation, recognizes the evidentiary value of digital evidence and can harness its power. The following instructional case introduces students to how digital evidence is incorporated into a forensic accounting investigation and challenges them to learn electronic discovery (eDiscovery) tools and techniques. While performing the early stages of the investigation at Enron, students gain exposure to the electronic discovery reference model (EDRM), learn the differences between structured and unstructured data, and deploy various digital search strategies. After performing their preliminary investigation, students are asked to “scope” the remainder of the investigation by creating a detailed workplan. At the conclusion of the case, students are encouraged to reflect upon their own methods of electronic communication. This encourages students to think before digitizing (and therefore memorializing) their next thought, statement, or action.

Download Full-text

Comparative Study and Analysis on Integrity of Data Files Using Different Tools and Techniques

Journal of Information Security and Cybercrimes Research ◽

10.26735/symq8715 ◽

2021 ◽

Vol 4 (1) ◽

pp. 43-54

Author(s):

Kumarshankar Raychaudhuri ◽

M. George Christopher ◽

Nayeem Abbas Hamdani

Keyword(s):

Comparative Study ◽

Data File ◽

Digital Evidence ◽

Forensic Investigation ◽

Digital Devices ◽

Sample Data ◽

Chain Of Custody ◽

Data Files ◽

Forensic Tools ◽

Tools And Techniques

Digital forensic investigation is the scientific process of collection, preservation, examination, analysis, documentation and presentation of digital evidence from digital devices, so that the evidence is in compliance with legal terms and acceptable in a court of law. Integrity of the digital evidence is an indispensable part of the investigation process and should be preserved to maintain the chain of custody. This is done through hashing technique using standardized forensic tools. However, while handling the evidences , lack of knowledge might lead to unintentional alteration of computed hash. This violates the chain of custody and makes the evidence inadmissible in a court of law. In this paper, our objective is to determine the different conditions under which the original hash value of a digital evidence changes. For this, we create different scenarios using sample data files and compute their hash values. A comparative study and analysis are done to determine in which scenario the original hash value of the data file changes. The results of the research will prove useful and essential for Criminal Justice Functionaries in gaining knowledge about various conditions leading to the change in hash value of digital evidence and therefore, avoid its accidental alteration during forensic investigation/examination.

Download Full-text

Browser Forensic Investigations of WhatsApp Web Utilizing IndexedDB Persistent Storage

Future Internet ◽

10.3390/fi12110184 ◽

2020 ◽

Vol 12 (11) ◽

pp. 184

Author(s):

Furkan Paligu ◽

Cihan Varol

Keyword(s):

Web Application ◽

Single Case ◽

Frame Analysis ◽

Time Frame ◽

Digital Evidence ◽

Proof Of Concept ◽

Forensic Investigation ◽

Legal Cases ◽

Investigation Methods ◽

Persistent Storage

Digital Evidence is becoming an indispensable factor in most legal cases. However, technological advancements that lead to artifact complexity, are forcing investigators to create sophisticated connections between the findings and the suspects for admissibility of evidence in court. This paper scrutinizes whether IndexedDB, an emerging browser technology, can be a source of digital evidence to provide additional and correlating support for traditional investigation methods. It particularly focuses on the artifacts of the worldwide popular application, WhatsApp. A single case pretest–posttest quasi experiment is applied with WhatsApp Messenger and Web Application to populate and investigate artifacts in IndexedDB storage of Google Chrome. The findings are characterized and presented with their potential to be utilized in forensic investigation verifications. The storage locations of the artifacts are laid out and operations of extraction, conversion and presentation are systematized. Additionally, a proof of concept tool is developed for demonstration. The results show that WhatsApp Web IndexedDB storage can be employed for time frame analysis, demonstrating its value in evidence verification.

Download Full-text