Digital Forensics: Trends, Challenges and Future Research
VerifiedAdded on 2021/04/21
|8
|3484
|158
AI Summary
This assignment delves into the world of digital forensics, covering current trends, challenges, and future research areas. It discusses the methods and techniques used in retrieving digital evidence, including data reduction and mining frameworks. The assignment also explores the impact of increasing digital forensic data volumes and the need for big forensic data reduction. Additionally, it touches on pervasive social networking forensics and the importance of intelligence and evidence from mobile device extracts.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Gnumber Here <- put your Gnumber here; do not put your name (it is marked anonymously).
CO4514 – Digital Forensic Technology – Assignment 1
My Digital Desktop
Device Specification Why I Use It? How does it help
me?
Criminal Use
DELL Inspiron
15 5570
Processor: Intel Pentium Dual Core Processor (4415U variant) with
clock speed up to 2.3 GHz and a 2 MB cache.
RAM: 4 GB DDR4 RAM that can be upgraded to 16GB
Hard Drive: 1TB 5400 rpm Hard Drive
Display: 15.6-inch Full High Definition LED-Backlit Display with
Anti-glare feature and a resolution of 1920 x 1080
Optical Disk Drive: Tray load DVD Drive that can be used to read
and write DVD and CD
Connectivity: The connectivity features include an Intel Dual Band
Wireless 802.11ac with a maximum transfer speed up to 847 MBPS
along with a Bluetooth 4.1. A HDMI 1.4 port that is available for
video interfacing and a 3.5 mm jack for audio interface.
Battery: The 3-Cell integrated battery delivers 42WHr and up to 6
hours backup.
Other Utility Features: 2 USB 3.1 of Generation 1 and 1 USB 2.0
along with 1 USB 3.1 Type-C can be used for I/O peripheral
attachment. A 3-in-1 SD Media Card Reader is also included that
can read and write SD, SDHC and SDXC memory cards.
Keyboard and Trackpad: Full size keyboard with additional
This laptop has a
good configuration
being priced at
£435.78. Other
laptops in this price
range do not offer
the same
configurations.
I use this laptop for
my daily work,
which includes
Internet surfing,
Video editing, Online
streaming and
playing games. My
laptop also assists
me in creating
various
presentations and
documents like this
assignment.
This laptop can be
used for storing
stolen information,
for hacking email
and social media
accounts of other
people. It can also
be used for
spreading fake
news on different
forums and
websites.
CO4514 – Digital Forensic Technology – Assignment 1
My Digital Desktop
Device Specification Why I Use It? How does it help
me?
Criminal Use
DELL Inspiron
15 5570
Processor: Intel Pentium Dual Core Processor (4415U variant) with
clock speed up to 2.3 GHz and a 2 MB cache.
RAM: 4 GB DDR4 RAM that can be upgraded to 16GB
Hard Drive: 1TB 5400 rpm Hard Drive
Display: 15.6-inch Full High Definition LED-Backlit Display with
Anti-glare feature and a resolution of 1920 x 1080
Optical Disk Drive: Tray load DVD Drive that can be used to read
and write DVD and CD
Connectivity: The connectivity features include an Intel Dual Band
Wireless 802.11ac with a maximum transfer speed up to 847 MBPS
along with a Bluetooth 4.1. A HDMI 1.4 port that is available for
video interfacing and a 3.5 mm jack for audio interface.
Battery: The 3-Cell integrated battery delivers 42WHr and up to 6
hours backup.
Other Utility Features: 2 USB 3.1 of Generation 1 and 1 USB 2.0
along with 1 USB 3.1 Type-C can be used for I/O peripheral
attachment. A 3-in-1 SD Media Card Reader is also included that
can read and write SD, SDHC and SDXC memory cards.
Keyboard and Trackpad: Full size keyboard with additional
This laptop has a
good configuration
being priced at
£435.78. Other
laptops in this price
range do not offer
the same
configurations.
I use this laptop for
my daily work,
which includes
Internet surfing,
Video editing, Online
streaming and
playing games. My
laptop also assists
me in creating
various
presentations and
documents like this
assignment.
This laptop can be
used for storing
stolen information,
for hacking email
and social media
accounts of other
people. It can also
be used for
spreading fake
news on different
forums and
websites.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Gnumber Here <- put your Gnumber here; do not put your name (it is marked anonymously).
numeric keypad and a smooth feather-touch touchpad.
Operating System: The laptop is Windows 10 Home Plus Single
Language, English
Dimensions:
H/W/D: 22.7mm x 380.0mm x 258.0mm (0.89 x 14.96 x 10.15)
Weight: 2.20kg (4.85 lbs)
(Source: PCWorld 2018)
Samsung
Galaxy S9
OS: Android 8.0 (Oreo)
Chipset: Exynos 9810 Octa
CPU: Octa-core (4x2.7 GHz Mongoose M3 & 4x1.8 GHz Cortex-A55)
GPU: Mali-G72 MP18
Card Slot: microSD, expandable up to 400 GB
Internal Memory: 64 GB
RAM: 4 GB
Primary camera: 12 MP
Secondary Camera: 8 MP
Wi-Fi: Yes
Bluetooth: Yes
Technology: GSM/HSPA/LTE
(Source: Samsung 2018 )
I prefer this phone
to the IPhone series
as I like the
versatility and
customization
capabilities that an
Android device
brings. I also prefer
to use this
particular device
over any other
Android devices as
it is has the fairly
latest technologies
embedded in it like
edge to edge
display, dual
camera and
Augmented Reality.
I use it for calling
other people and
sometimes use it for
browsing the
Internet while I am
travelling. I almost
never use it for
sending text
messages anymore.
However, I do use
instant messaging
and VoIP apps such
as WhatsApp.
The phone can
serve as a
communication tool
for different
criminal activities
such as theft,
robbery, extortion
and many more.
numeric keypad and a smooth feather-touch touchpad.
Operating System: The laptop is Windows 10 Home Plus Single
Language, English
Dimensions:
H/W/D: 22.7mm x 380.0mm x 258.0mm (0.89 x 14.96 x 10.15)
Weight: 2.20kg (4.85 lbs)
(Source: PCWorld 2018)
Samsung
Galaxy S9
OS: Android 8.0 (Oreo)
Chipset: Exynos 9810 Octa
CPU: Octa-core (4x2.7 GHz Mongoose M3 & 4x1.8 GHz Cortex-A55)
GPU: Mali-G72 MP18
Card Slot: microSD, expandable up to 400 GB
Internal Memory: 64 GB
RAM: 4 GB
Primary camera: 12 MP
Secondary Camera: 8 MP
Wi-Fi: Yes
Bluetooth: Yes
Technology: GSM/HSPA/LTE
(Source: Samsung 2018 )
I prefer this phone
to the IPhone series
as I like the
versatility and
customization
capabilities that an
Android device
brings. I also prefer
to use this
particular device
over any other
Android devices as
it is has the fairly
latest technologies
embedded in it like
edge to edge
display, dual
camera and
Augmented Reality.
I use it for calling
other people and
sometimes use it for
browsing the
Internet while I am
travelling. I almost
never use it for
sending text
messages anymore.
However, I do use
instant messaging
and VoIP apps such
as WhatsApp.
The phone can
serve as a
communication tool
for different
criminal activities
such as theft,
robbery, extortion
and many more.
Gnumber Here <- put your Gnumber here; do not put your name (it is marked anonymously).
Evidence Recovery
DELL Inspiron 15 5570
The device mentioned above falls into the category of a laptop computer. A computer has three
specific places where data is stored. The hard disk, the cache memory of the RAM and the cache
memory of the processor. The hard disk is where all types of files are stored. It is filled with various
forms of data that can be extracted and analysed as evidence. An image copy of the disk can be
created for forensic analysis and thus keeping the integrity of the evidence on the hard disk intact
(Lazaridis, Arampatzis and Pouros 2016). There can be different kinds of incriminating documents,
pictures, spreadsheets that would serve as evidence. These files might be locked using passwords.
These password protected files must be unlocked using password butte force software. Files can also
be encrypted. In the event that such encrypted files are present in the device, these must be
decrypted using data decryption software (Syambas and El Farisi 2014). Laptops like Dell Inspiron are
also used for Internet browsing using browsers Google Chrome and Mozilla Firefox. These browsers
can also be sued for downloading and uploading content on the Internet. The logs containing such
data can be extracted to trace the Internet activities of the user using this system (Mohite and
Ardhapurkar 2015). Tracing website visits along with determining the files that were uploaded or
downloaded plays an important role in forensic investigation as determining criminal activities
through online visits. The cache memory is a bit difficult to acquire, as the memory is volatile as can
be erased upon switching the computer power off. Thus, it is of utmost importance that the power
remains turned on for the investigation. This memory contains all the recent programs, applications
and files accessed from the system and therefore this information can be utilized the most recent
activities on the computer before it was seized for evidence extraction (Gubanov 2014).
The strengths of this technique are that all the data stored in the computer will be extracted as
evidence and the integrity of the original evidence is maintained due to the creation of an image
copy of the entire hard disk and the cache. The weaknesses are that the cache data can get deleted
if the system turned off before the data is extracted and the files in the system can be password-
protected or encrypted or both, therefore additional software support is required for evidence
recovery.
The techniques for evidence collection from the laptop that were identified in the previous section
of the paper is useful. These techniques can be used to extract all the data stored in the laptop,
although the activities that are generally conducted online by using this laptop cannot be entirely
traced. Online activity can be made untraceable by using several methods such as incognito mode
and VPN.
The collected evidence is presentable in court as the integrity of the original evidence is preserved
and therefore a third party can verify the findings. The entire online criminal activity cannot be
traces however; data on the activities on the local computer can be entirely extracted.
Samsung Galaxy S9
The security in android smartphones is upgraded in every patch. However, the flaws remain huge
and most of it is due to the enormous number of apps that are available for the android platform
(Quick and Choo 2017). The data stored in the device is collectively stored in the phone’s internal
memory, external memory and the cache. This data can be extracted using the methods stated for
the previous device. The files can be in document or image or even pdf format. However, two types
of evidence can be recovered from a smartphone that separates this device from the previous one
(Cahyani et al.2017). Firstly, this device can be used to make calls and thus the entire call history can
Evidence Recovery
DELL Inspiron 15 5570
The device mentioned above falls into the category of a laptop computer. A computer has three
specific places where data is stored. The hard disk, the cache memory of the RAM and the cache
memory of the processor. The hard disk is where all types of files are stored. It is filled with various
forms of data that can be extracted and analysed as evidence. An image copy of the disk can be
created for forensic analysis and thus keeping the integrity of the evidence on the hard disk intact
(Lazaridis, Arampatzis and Pouros 2016). There can be different kinds of incriminating documents,
pictures, spreadsheets that would serve as evidence. These files might be locked using passwords.
These password protected files must be unlocked using password butte force software. Files can also
be encrypted. In the event that such encrypted files are present in the device, these must be
decrypted using data decryption software (Syambas and El Farisi 2014). Laptops like Dell Inspiron are
also used for Internet browsing using browsers Google Chrome and Mozilla Firefox. These browsers
can also be sued for downloading and uploading content on the Internet. The logs containing such
data can be extracted to trace the Internet activities of the user using this system (Mohite and
Ardhapurkar 2015). Tracing website visits along with determining the files that were uploaded or
downloaded plays an important role in forensic investigation as determining criminal activities
through online visits. The cache memory is a bit difficult to acquire, as the memory is volatile as can
be erased upon switching the computer power off. Thus, it is of utmost importance that the power
remains turned on for the investigation. This memory contains all the recent programs, applications
and files accessed from the system and therefore this information can be utilized the most recent
activities on the computer before it was seized for evidence extraction (Gubanov 2014).
The strengths of this technique are that all the data stored in the computer will be extracted as
evidence and the integrity of the original evidence is maintained due to the creation of an image
copy of the entire hard disk and the cache. The weaknesses are that the cache data can get deleted
if the system turned off before the data is extracted and the files in the system can be password-
protected or encrypted or both, therefore additional software support is required for evidence
recovery.
The techniques for evidence collection from the laptop that were identified in the previous section
of the paper is useful. These techniques can be used to extract all the data stored in the laptop,
although the activities that are generally conducted online by using this laptop cannot be entirely
traced. Online activity can be made untraceable by using several methods such as incognito mode
and VPN.
The collected evidence is presentable in court as the integrity of the original evidence is preserved
and therefore a third party can verify the findings. The entire online criminal activity cannot be
traces however; data on the activities on the local computer can be entirely extracted.
Samsung Galaxy S9
The security in android smartphones is upgraded in every patch. However, the flaws remain huge
and most of it is due to the enormous number of apps that are available for the android platform
(Quick and Choo 2017). The data stored in the device is collectively stored in the phone’s internal
memory, external memory and the cache. This data can be extracted using the methods stated for
the previous device. The files can be in document or image or even pdf format. However, two types
of evidence can be recovered from a smartphone that separates this device from the previous one
(Cahyani et al.2017). Firstly, this device can be used to make calls and thus the entire call history can
Gnumber Here <- put your Gnumber here; do not put your name (it is marked anonymously).
be extracted to trace the communication between the user of the phone and his or her contacts (Wu
et al. 2017). The second being the information collected by the applications present on the phone.
Extracting the call history and analysing it for evidence is very simple yet important. The results can
be utilised to trace the entire communication that the user might have had over a course of months
and even years. However, if the user deleted the call log, then the telephone operator can be
contacted to get a list of the user’s recent call history. Extracting information from the apps can be
tough nevertheless; the information will have almost every detail about the user’s life (Seghir and
Aspinall 2015). The apps on the smartphone record every piece of information from the locations
that the user had visited to the buying preferences of the user. However, most of the si not entirely
stored in the device memory. The data in the phone can be extracted. The data is submitted by the
apps back to its companies for evaluation and marketing purposes. The vast amount of data that is
uploaded to the companies’ servers can be retrieved by requesting the respective company and
following various legal procedures. Bixby is the new virtual assistant in the Samsung Galaxy S9. This
software listens to user voice passively and thus it can be used to recover data and spy on the user.
The strength of this method that the smartphone first records and then stores or uploads user data
in the background and therefore by tapping into that information, details on the user and his or her
life can be developed. The weakness of this method is that retrieving the data that is not stored in
the device can be tough and challenging as the owner of the apps might not comply with the
respective authorities.
The techniques that has been explained are very useful and can be used in any situation for
extracting evidence from this device. However, there might be some trouble recovering data that
has been uploaded to different servers all across the world.
The collected evidence can be used in court in court. However, data that has been procured illegally
will be immediately rejected. The evidence can be suitably used for prosecuting the criminal activity
identified in the earlier sections of this paper.
be extracted to trace the communication between the user of the phone and his or her contacts (Wu
et al. 2017). The second being the information collected by the applications present on the phone.
Extracting the call history and analysing it for evidence is very simple yet important. The results can
be utilised to trace the entire communication that the user might have had over a course of months
and even years. However, if the user deleted the call log, then the telephone operator can be
contacted to get a list of the user’s recent call history. Extracting information from the apps can be
tough nevertheless; the information will have almost every detail about the user’s life (Seghir and
Aspinall 2015). The apps on the smartphone record every piece of information from the locations
that the user had visited to the buying preferences of the user. However, most of the si not entirely
stored in the device memory. The data in the phone can be extracted. The data is submitted by the
apps back to its companies for evaluation and marketing purposes. The vast amount of data that is
uploaded to the companies’ servers can be retrieved by requesting the respective company and
following various legal procedures. Bixby is the new virtual assistant in the Samsung Galaxy S9. This
software listens to user voice passively and thus it can be used to recover data and spy on the user.
The strength of this method that the smartphone first records and then stores or uploads user data
in the background and therefore by tapping into that information, details on the user and his or her
life can be developed. The weakness of this method is that retrieving the data that is not stored in
the device can be tough and challenging as the owner of the apps might not comply with the
respective authorities.
The techniques that has been explained are very useful and can be used in any situation for
extracting evidence from this device. However, there might be some trouble recovering data that
has been uploaded to different servers all across the world.
The collected evidence can be used in court in court. However, data that has been procured illegally
will be immediately rejected. The evidence can be suitably used for prosecuting the criminal activity
identified in the earlier sections of this paper.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Gnumber Here <- put your Gnumber here; do not put your name (it is marked anonymously).
Future Evidence Recovery
Evidence recovery from digital media has been simplified over the years. The digital media can be
used to collect every detail about the user starting from the time he or she wakes up to the time the
person goes to sleep.
The Forensic Investigator has to be present at the crime site to oversee the preservation of the
integrity of the data stored in the system as some data can be lost if the system is turned off. This
situation will be greatly remedied by the use of peer-to-peer digital evidence recovery (Dezfoli et al.
2013). Such a software will enable the forensic investigator to connect remotely to the system and
he or she does not have to be physically present at the crime scene. This will greatly benefit the
investigation due to several factors. Firstly, the investigator can save commute time as does not have
to travel to the site (Quick and Choo 2014). This vastly increases the time that the expert can spend
on studying the evidence. Second, the investigation can be started instantly as soon as the
connection is established and thus the culprit or his or her accomplices will not get enough time to
manipulate or damage the evidence stored in the system (Lillis et al. 2016). Third, the software can
be used to connect to a single or an entire node and can be used to extract any amount of
information from a single terminal (Perumal, Norwawi and Raman 2015). This is greatly beneficial for
the expert as now he or she can look for more than one culprit at the same time or to check whether
the culprit has used any other computer in the premises on not. Fourth, this type of evidence
collection is usually silent and is greatly beneficial when the culprit does not know that he or she is
being investigated on (Quick and Choo 2016). Therefore, complete secrecy is maintained, which is
crucial for digital forensic and investigation as digital evidence can be easily manipulated. This
creates a problem and raises concerns about the integrity of the evidence.
The challenges with this method of evidence acquisition is far outweighs the benefits that it poses.
The primary challenge is the transfer speed of the network that the computers are connected to.
However, for this process to work flawlessly, the source computer must be connected to the
Internet before the investigation process can start. The Internet cannot be connected on a stand-
alone system after the crime has been committed, as this act will be seen as evidence manipulation.
This speed will determine the strength of the connection between the computers and the time that
would be required to transfer the necessary evidence from the computer of the culprit to the
computer of the expert (Quick and Choo 2014). The computer from which the evidence is collected
is the source computer and the computer of the expert is the destination computer. The Internet
connection of the source computer and the destination computer must be stable, as in the event of
a disconnection of either one of the computer, the entire transfer process will have to restart. The
transfer process can be resumed in some scenarios, however it resuming the process from the last
file that was transferred is not recommended. This is because of the fact that the files that were
being transferred night have been corrupted due to the disconnection. The entire process can
become invalid due to a single disconnection and due to a single file being corrupted because of it.
The organization that the forensic expert is investigating might be uncooperative towards the
investigation as there are a lot of sensitive information about the organization at risk due to the
investigation. The expert will have access to the node and such an access can be used to extract all
the information that the servers of the company and the computers of its employees are
withholding. Organizations sometimes tend to use proprietary software. This software can also
hinder the investigation as this software are programmed to block remote connections that are
prying the host system for information. However, the expert cannot request the organization to
disable such defence mechanism capable software as the organization might be attacked during its
downtime. Therefore, this creates a huge problem, as the software cannot be disabled for security
Future Evidence Recovery
Evidence recovery from digital media has been simplified over the years. The digital media can be
used to collect every detail about the user starting from the time he or she wakes up to the time the
person goes to sleep.
The Forensic Investigator has to be present at the crime site to oversee the preservation of the
integrity of the data stored in the system as some data can be lost if the system is turned off. This
situation will be greatly remedied by the use of peer-to-peer digital evidence recovery (Dezfoli et al.
2013). Such a software will enable the forensic investigator to connect remotely to the system and
he or she does not have to be physically present at the crime scene. This will greatly benefit the
investigation due to several factors. Firstly, the investigator can save commute time as does not have
to travel to the site (Quick and Choo 2014). This vastly increases the time that the expert can spend
on studying the evidence. Second, the investigation can be started instantly as soon as the
connection is established and thus the culprit or his or her accomplices will not get enough time to
manipulate or damage the evidence stored in the system (Lillis et al. 2016). Third, the software can
be used to connect to a single or an entire node and can be used to extract any amount of
information from a single terminal (Perumal, Norwawi and Raman 2015). This is greatly beneficial for
the expert as now he or she can look for more than one culprit at the same time or to check whether
the culprit has used any other computer in the premises on not. Fourth, this type of evidence
collection is usually silent and is greatly beneficial when the culprit does not know that he or she is
being investigated on (Quick and Choo 2016). Therefore, complete secrecy is maintained, which is
crucial for digital forensic and investigation as digital evidence can be easily manipulated. This
creates a problem and raises concerns about the integrity of the evidence.
The challenges with this method of evidence acquisition is far outweighs the benefits that it poses.
The primary challenge is the transfer speed of the network that the computers are connected to.
However, for this process to work flawlessly, the source computer must be connected to the
Internet before the investigation process can start. The Internet cannot be connected on a stand-
alone system after the crime has been committed, as this act will be seen as evidence manipulation.
This speed will determine the strength of the connection between the computers and the time that
would be required to transfer the necessary evidence from the computer of the culprit to the
computer of the expert (Quick and Choo 2014). The computer from which the evidence is collected
is the source computer and the computer of the expert is the destination computer. The Internet
connection of the source computer and the destination computer must be stable, as in the event of
a disconnection of either one of the computer, the entire transfer process will have to restart. The
transfer process can be resumed in some scenarios, however it resuming the process from the last
file that was transferred is not recommended. This is because of the fact that the files that were
being transferred night have been corrupted due to the disconnection. The entire process can
become invalid due to a single disconnection and due to a single file being corrupted because of it.
The organization that the forensic expert is investigating might be uncooperative towards the
investigation as there are a lot of sensitive information about the organization at risk due to the
investigation. The expert will have access to the node and such an access can be used to extract all
the information that the servers of the company and the computers of its employees are
withholding. Organizations sometimes tend to use proprietary software. This software can also
hinder the investigation as this software are programmed to block remote connections that are
prying the host system for information. However, the expert cannot request the organization to
disable such defence mechanism capable software as the organization might be attacked during its
downtime. Therefore, this creates a huge problem, as the software cannot be disabled for security
Gnumber Here <- put your Gnumber here; do not put your name (it is marked anonymously).
purposes meanwhile the investigation is being delayed due to the software as evidence extraction is
blocked. This method is only suitable for collecting evidence from the computer system. However, it
cannot be used in the event of evidence extraction from other digital media such phones, tablets,
and other such devices. These devices needs to be connected manually for evidence extraction as
these devices hold a large amount of data that needs to carefully extracted and filtered to serve as
evidence. Many times, it is beneficial for the investigator to visit the crime scene and collect
evidence following his or her own style of indexing as it helps to keep the investigation organized
and transparent to third party investigative entities. Preserving the evidence integrity by maintaining
the chain of evidence is very useful and rather a necessity to uphold the evidence in court. Digital
evidence frequently loses all of its credibility, as the chain of custody was not properly maintained.
There might also be some other form of digital evidence present at the site if investigation such a
USB thumb drive or a DVD. These devices might hold crucial information for the investigation and
thus must not be avoided by the digital forensic expert. This method of investigation collects all the
data irrespective of user for analysis. However, the privacy of the people other than the culprit must
be maintained. Privacy of people is generally neglected when mass data collection takes place.
Therefore, the expert must take precaution so as not to release any data that does not belong to the
culprit, by accident. The expert must filter out the necessary data from the excess and irrelevant
ones. This Filtering process however must be conducted manually as a software can never be used
to decide what data is relevant for the investigation.
purposes meanwhile the investigation is being delayed due to the software as evidence extraction is
blocked. This method is only suitable for collecting evidence from the computer system. However, it
cannot be used in the event of evidence extraction from other digital media such phones, tablets,
and other such devices. These devices needs to be connected manually for evidence extraction as
these devices hold a large amount of data that needs to carefully extracted and filtered to serve as
evidence. Many times, it is beneficial for the investigator to visit the crime scene and collect
evidence following his or her own style of indexing as it helps to keep the investigation organized
and transparent to third party investigative entities. Preserving the evidence integrity by maintaining
the chain of evidence is very useful and rather a necessity to uphold the evidence in court. Digital
evidence frequently loses all of its credibility, as the chain of custody was not properly maintained.
There might also be some other form of digital evidence present at the site if investigation such a
USB thumb drive or a DVD. These devices might hold crucial information for the investigation and
thus must not be avoided by the digital forensic expert. This method of investigation collects all the
data irrespective of user for analysis. However, the privacy of the people other than the culprit must
be maintained. Privacy of people is generally neglected when mass data collection takes place.
Therefore, the expert must take precaution so as not to release any data that does not belong to the
culprit, by accident. The expert must filter out the necessary data from the excess and irrelevant
ones. This Filtering process however must be conducted manually as a software can never be used
to decide what data is relevant for the investigation.
Gnumber Here <- put your Gnumber here; do not put your name (it is marked anonymously).
Reference List:
Cahyani, N.D.W., Martini, B., Choo, K.K.R. and Al‐Azhar, A.K.B.P., 2017. Forensic data acquisition
from cloud‐of‐things devices: windows Smartphones as a case study. Concurrency and Computation:
Practice and Experience, 29(14).
Dezfoli, F.N., Dehghantanha, A., Mahmoud, R., Sani, N.F.B.M. and Daryabar, F., 2013. Digital forensic
trends and future. International Journal of Cyber-Security and Digital Forensics (IJCSDF), 2(2), pp.48-
76.
Gubanov, Y., 2014. Retrieving Digital Evidence: Methods, Techniques and Issues. Retrieved on July.
Lazaridis, I., Arampatzis, T. and Pouros, S., 2016, May. Evaluation of digital forensics tools on data
recovery and analysis. In The Third International Conference on Computer Science, Computer
Engineering, and Social Media (CSCESM2016) (p. 67).
Lillis, D., Becker, B., O'Sullivan, T. and Scanlon, M., 2016. Current challenges and future research
areas for digital forensic investigation. arXiv preprint arXiv:1604.03850.
Mohite, M.P. and Ardhapurkar, S.B., 2015, April. Design and implementation of a cloud based
computer forensic tool. In Communication Systems and Network Technologies (CSNT), 2015 Fifth
International Conference on (pp. 1005-1009). IEEE.
PCWorld (2018). DELL Inspiron 15 5570 15.6" Laptop - Black. [online] Available at:
https://www.pcworld.co.uk/gbuk/computing/laptops/laptops/dell-inspiron-15-5570-15-6-laptop-
black-10169754-pdt.html [Accessed 14 Mar. 2018].
Perumal, S., Norwawi, N.M. and Raman, V., 2015, October. Internet of Things (IoT) digital forensic
investigation model: Top-down forensic approach methodology. In Digital Information Processing
and Communications (ICDIPC), 2015 Fifth International Conference on (pp. 19-23). IEEE.
Quick, D. and Choo, K.K.R., 2014. Data reduction and data mining framework for digital forensic
evidence: storage, intelligence, review and archive.
Quick, D. and Choo, K.K.R., 2014. Impacts of increasing volume of digital forensic data: A survey and
future research challenges. Digital Investigation, 11(4), pp.273-294.
Quick, D. and Choo, K.K.R., 2016. Big forensic data reduction: digital forensic images and electronic
evidence. Cluster Computing, 19(2), pp.723-740.
Quick, D. and Choo, K.K.R., 2017. Pervasive social networking forensics: intelligence and evidence
from mobile device extracts. Journal of Network and Computer Applications, 86, pp.24-33.
Samsung (2018). Samsung Galaxy S9 and S9+ - Price, Specs and Features | Samsung India. [online]
Available at: http://www.samsung.com/uk/smartphones/galaxy-s9/ [Accessed 14 Mar. 2018].
Seghir, M.N. and Aspinall, D., 2015, October. Evicheck: Digital evidence for android. In International
Symposium on Automated Technology for Verification and Analysis (pp. 221-227). Springer, Cham.
Reference List:
Cahyani, N.D.W., Martini, B., Choo, K.K.R. and Al‐Azhar, A.K.B.P., 2017. Forensic data acquisition
from cloud‐of‐things devices: windows Smartphones as a case study. Concurrency and Computation:
Practice and Experience, 29(14).
Dezfoli, F.N., Dehghantanha, A., Mahmoud, R., Sani, N.F.B.M. and Daryabar, F., 2013. Digital forensic
trends and future. International Journal of Cyber-Security and Digital Forensics (IJCSDF), 2(2), pp.48-
76.
Gubanov, Y., 2014. Retrieving Digital Evidence: Methods, Techniques and Issues. Retrieved on July.
Lazaridis, I., Arampatzis, T. and Pouros, S., 2016, May. Evaluation of digital forensics tools on data
recovery and analysis. In The Third International Conference on Computer Science, Computer
Engineering, and Social Media (CSCESM2016) (p. 67).
Lillis, D., Becker, B., O'Sullivan, T. and Scanlon, M., 2016. Current challenges and future research
areas for digital forensic investigation. arXiv preprint arXiv:1604.03850.
Mohite, M.P. and Ardhapurkar, S.B., 2015, April. Design and implementation of a cloud based
computer forensic tool. In Communication Systems and Network Technologies (CSNT), 2015 Fifth
International Conference on (pp. 1005-1009). IEEE.
PCWorld (2018). DELL Inspiron 15 5570 15.6" Laptop - Black. [online] Available at:
https://www.pcworld.co.uk/gbuk/computing/laptops/laptops/dell-inspiron-15-5570-15-6-laptop-
black-10169754-pdt.html [Accessed 14 Mar. 2018].
Perumal, S., Norwawi, N.M. and Raman, V., 2015, October. Internet of Things (IoT) digital forensic
investigation model: Top-down forensic approach methodology. In Digital Information Processing
and Communications (ICDIPC), 2015 Fifth International Conference on (pp. 19-23). IEEE.
Quick, D. and Choo, K.K.R., 2014. Data reduction and data mining framework for digital forensic
evidence: storage, intelligence, review and archive.
Quick, D. and Choo, K.K.R., 2014. Impacts of increasing volume of digital forensic data: A survey and
future research challenges. Digital Investigation, 11(4), pp.273-294.
Quick, D. and Choo, K.K.R., 2016. Big forensic data reduction: digital forensic images and electronic
evidence. Cluster Computing, 19(2), pp.723-740.
Quick, D. and Choo, K.K.R., 2017. Pervasive social networking forensics: intelligence and evidence
from mobile device extracts. Journal of Network and Computer Applications, 86, pp.24-33.
Samsung (2018). Samsung Galaxy S9 and S9+ - Price, Specs and Features | Samsung India. [online]
Available at: http://www.samsung.com/uk/smartphones/galaxy-s9/ [Accessed 14 Mar. 2018].
Seghir, M.N. and Aspinall, D., 2015, October. Evicheck: Digital evidence for android. In International
Symposium on Automated Technology for Verification and Analysis (pp. 221-227). Springer, Cham.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Gnumber Here <- put your Gnumber here; do not put your name (it is marked anonymously).
Syambas, N.R. and El Farisi, N., 2014, October. Development of digital evidence collection methods
in case of Digital Forensic using two step inject methods. In Telecommunication Systems Services and
Applications (TSSA), 2014 8th International Conference on (pp. 1-6). IEEE.
Wu, S., Zhang, Y., Wang, X., Xiong, X. and Du, L., 2017. Forensic analysis of WeChat on Android
smartphones. Digital investigation, 21, pp.3-10.
Syambas, N.R. and El Farisi, N., 2014, October. Development of digital evidence collection methods
in case of Digital Forensic using two step inject methods. In Telecommunication Systems Services and
Applications (TSSA), 2014 8th International Conference on (pp. 1-6). IEEE.
Wu, S., Zhang, Y., Wang, X., Xiong, X. and Du, L., 2017. Forensic analysis of WeChat on Android
smartphones. Digital investigation, 21, pp.3-10.
1 out of 8
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.