Digital Forensic Report for Exotic Mountain Tour Service
VerifiedAdded on 2023/06/12
|15
|3192
|288
AI Summary
This report is based on the investigation of suspicious activities by an employee of Exotic Mountain Tour Service. The report includes the scope of engagement, forensic tools used, analysis of USB drive programs, web-server, web-mail, steganography, and graphic image analysis.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running Header: DIGITAL FORENSIC REPORT
Name
Institution
Date
Name
Institution
Date
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
DIGITAL FORENSIC REPORT 2
Table of Contents
Abstract............................................................................................................................................5
Introduction......................................................................................................................................5
Background..................................................................................................................................5
Scope of Engagement..................................................................................................................6
Forensic tool used in the investigation........................................................................................6
Summary Finding........................................................................................................................7
Analysis...........................................................................................................................................7
Usb Drive Programs....................................................................................................................7
Web-Server..................................................................................................................................8
Web-Mail.....................................................................................................................................9
Steganography.............................................................................................................................9
Graphic image analysis..............................................................................................................10
Findings.........................................................................................................................................10
Exploring USB File System.......................................................................................................10
Table of Contents
Abstract............................................................................................................................................5
Introduction......................................................................................................................................5
Background..................................................................................................................................5
Scope of Engagement..................................................................................................................6
Forensic tool used in the investigation........................................................................................6
Summary Finding........................................................................................................................7
Analysis...........................................................................................................................................7
Usb Drive Programs....................................................................................................................7
Web-Server..................................................................................................................................8
Web-Mail.....................................................................................................................................9
Steganography.............................................................................................................................9
Graphic image analysis..............................................................................................................10
Findings.........................................................................................................................................10
Exploring USB File System.......................................................................................................10
DIGITAL FORENSIC REPORT 3
Web-Server................................................................................................................................11
Web-mail...................................................................................................................................12
Conclusion.....................................................................................................................................12
References......................................................................................................................................13
Web-Server................................................................................................................................11
Web-mail...................................................................................................................................12
Conclusion.....................................................................................................................................12
References......................................................................................................................................13
DIGITAL FORENSIC REPORT 4
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
DIGITAL FORENSIC REPORT 5
Abstract
Following the suspicious activities by Bob Aspen who is a travelling consultant employee
of Exotic Mountain Tour Service the manager of the company requested me to prepare a digital
forensic report. The report and the investigation will be based on some of the crucial information
provided by the manager that will assist to put evidence together of whether the said employee
has stolen sensitive information regarding the current marketing strategies the company has been
taking.
The report will also help the company to take the necessary legal steps regarding the
employees as the can lead to prosecution of the employees on act of cybercrimes. The report is
mostly directed on the initial information provided by the manager of a suspicious email filter on
the Web-Server of the company and a usb drive found on the desk of the employee
Introduction
Background
The information provided by Exotic Mountain Tour Service manager gives indication of
possible theft of information by critical analyzing the evidence in hand. For the suspicious emails
intercepted on the Web-Server is one of things that need to be thorough scrutinized to identify
the sender and the receipt of the same. The Usb drive found on the desk of the contracted
employee cannot be at this moment be said to contain sensitive information regarding the
company but can be meticulously checked so as to ascertain the same (Chung et al., 2012). This
report will give possible procedure, tools and analyzing tools for a good comprehensive forensic
report that can be used as evidence in prosecution of the suspect and provide information that can
Abstract
Following the suspicious activities by Bob Aspen who is a travelling consultant employee
of Exotic Mountain Tour Service the manager of the company requested me to prepare a digital
forensic report. The report and the investigation will be based on some of the crucial information
provided by the manager that will assist to put evidence together of whether the said employee
has stolen sensitive information regarding the current marketing strategies the company has been
taking.
The report will also help the company to take the necessary legal steps regarding the
employees as the can lead to prosecution of the employees on act of cybercrimes. The report is
mostly directed on the initial information provided by the manager of a suspicious email filter on
the Web-Server of the company and a usb drive found on the desk of the employee
Introduction
Background
The information provided by Exotic Mountain Tour Service manager gives indication of
possible theft of information by critical analyzing the evidence in hand. For the suspicious emails
intercepted on the Web-Server is one of things that need to be thorough scrutinized to identify
the sender and the receipt of the same. The Usb drive found on the desk of the contracted
employee cannot be at this moment be said to contain sensitive information regarding the
company but can be meticulously checked so as to ascertain the same (Chung et al., 2012). This
report will give possible procedure, tools and analyzing tools for a good comprehensive forensic
report that can be used as evidence in prosecution of the suspect and provide information that can
DIGITAL FORENSIC REPORT 6
make the company restrategize it plan in case it feels the information provided might
compromise it daily operations.
Scope of Engagement
The following digital forensic examination was based of the two major thing
1. Usb drive
Is there any evidence that the Usb drive contains some sensitive regarding the contract of
Superior Bicycles, LLC contractor which was supposed to be kept top secret?
What evidence is there to show that the Usb had been used to retrieve information before
which might be restricted to access by employees of the company?
What evidence can be found in the drive to show that the company operations has been
compromised?
What evidence is there to directly link the employee of possible cyber-crime is the drive
is found containing companies sensitive information?
2. The suspicious email retrieved on the Web-Sever
What is kind of information that is contained in the email regarding the company?
Who is the sender and the receipting of the email?
When and how many emails have been sent?
To determine whether they was a security breach in the network?
The websites visited at the duration of the suspicious activity
Forensic tool used in the investigation
X-ways forensic
Volatility
make the company restrategize it plan in case it feels the information provided might
compromise it daily operations.
Scope of Engagement
The following digital forensic examination was based of the two major thing
1. Usb drive
Is there any evidence that the Usb drive contains some sensitive regarding the contract of
Superior Bicycles, LLC contractor which was supposed to be kept top secret?
What evidence is there to show that the Usb had been used to retrieve information before
which might be restricted to access by employees of the company?
What evidence can be found in the drive to show that the company operations has been
compromised?
What evidence is there to directly link the employee of possible cyber-crime is the drive
is found containing companies sensitive information?
2. The suspicious email retrieved on the Web-Sever
What is kind of information that is contained in the email regarding the company?
Who is the sender and the receipting of the email?
When and how many emails have been sent?
To determine whether they was a security breach in the network?
The websites visited at the duration of the suspicious activity
Forensic tool used in the investigation
X-ways forensic
Volatility
DIGITAL FORENSIC REPORT 7
Wireshark
The Coroner’s Toolkit
Summary Finding
The Usb drive is a tangible evidence of any cyber-crimes that the employee could have
committed but can be used as evidence if the file is examined (Damshenas, 2012). This will help
to identify the following files created by the user, files that the user could have protected
(stagenography, encryption and camouflaged). In addition it will determine whether they being
file deleted which comprises audible anomalies in mp3, mpeg, wav files, visual anomalies in gif,
bmp, jpeg files, structural oddities suggest manipulation and statistical properties of files deviate
from norm.
Using Autopsy to close the Web browser prior to starting evaluating of the system
duplicate the GCFI-LX.00n (where n represents a number between 1-5), hence the images files
capture by the manager links the work folder of the Bob Aspen to the evidence locker, this is the
folder labelled the operating section for Autopsy (Dykstra & Sherman, 2013). The results of the
examination are saved in the Autopsy evidence locker. Initial discoveries illustrates a possible
data theft or suspicious activity through the images provided by the EMTS manager, which
makes him, suspect the Bob Aspen is involved in some activities that can to be termed as
cybercrimes (Grispos et al., 2012). The images provided by the manager are captured using
Autopsy Browser and Sleuth Kit to assess a Linux Ext3 and Ext2 file system.
Wireshark
The Coroner’s Toolkit
Summary Finding
The Usb drive is a tangible evidence of any cyber-crimes that the employee could have
committed but can be used as evidence if the file is examined (Damshenas, 2012). This will help
to identify the following files created by the user, files that the user could have protected
(stagenography, encryption and camouflaged). In addition it will determine whether they being
file deleted which comprises audible anomalies in mp3, mpeg, wav files, visual anomalies in gif,
bmp, jpeg files, structural oddities suggest manipulation and statistical properties of files deviate
from norm.
Using Autopsy to close the Web browser prior to starting evaluating of the system
duplicate the GCFI-LX.00n (where n represents a number between 1-5), hence the images files
capture by the manager links the work folder of the Bob Aspen to the evidence locker, this is the
folder labelled the operating section for Autopsy (Dykstra & Sherman, 2013). The results of the
examination are saved in the Autopsy evidence locker. Initial discoveries illustrates a possible
data theft or suspicious activity through the images provided by the EMTS manager, which
makes him, suspect the Bob Aspen is involved in some activities that can to be termed as
cybercrimes (Grispos et al., 2012). The images provided by the manager are captured using
Autopsy Browser and Sleuth Kit to assess a Linux Ext3 and Ext2 file system.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
DIGITAL FORENSIC REPORT 8
Analysis
Usb Drive Programs
Usb drive utilizes EPROM and EEPROM technologies. The EEPROM innovation was
one of the initial types of non-volatile semiconductor memory chip (Lillis et al., 2016). The
advancement of EPROM technologies left the standard that was far-reaching in the late 1970s.
Initially EPROM memories were programmed, commonly with machine application, and
afterward deleted by exposing the chip to ultraviolet light if the product should have been
changed (Imran et al., 2016). Despite the fact that the deletion procedure took an hour or so in
the vicinity, this was very satisfactory for development conditions. Nonetheless, these
semiconductor memories could not be eradicated electrically, and an absolutely electrical course
of action would have been more helpful. The upside of an EEPROM memory aside from the way
that the information is stored is non-volatile, is that it is conceivable to read information from it
and furthermore delete it and write information to it. To delete the information, a generally high
voltage is required, and early EEPROMs required an outside high source of voltage. Later forms
of these memory chips perceived the trouble in numerous circuit plans of having an additional
supply only for the EEPROM, and they joined the high voltage source into the EEPROM chip.
Along these lines, the memory gadget could keep running from a solitary supply, in this way
significantly reducing the cost of a general circuit utilizing an EEPROM and disentangling the
design.
Web-Server
These computers convey webpages. Web servers are the PCs that stores sites online and
conveys website pages to users upon their request. The administration is alluded to as website
hosting. Each web server contains a unique IP (Internet Protocol) address, which advises
Analysis
Usb Drive Programs
Usb drive utilizes EPROM and EEPROM technologies. The EEPROM innovation was
one of the initial types of non-volatile semiconductor memory chip (Lillis et al., 2016). The
advancement of EPROM technologies left the standard that was far-reaching in the late 1970s.
Initially EPROM memories were programmed, commonly with machine application, and
afterward deleted by exposing the chip to ultraviolet light if the product should have been
changed (Imran et al., 2016). Despite the fact that the deletion procedure took an hour or so in
the vicinity, this was very satisfactory for development conditions. Nonetheless, these
semiconductor memories could not be eradicated electrically, and an absolutely electrical course
of action would have been more helpful. The upside of an EEPROM memory aside from the way
that the information is stored is non-volatile, is that it is conceivable to read information from it
and furthermore delete it and write information to it. To delete the information, a generally high
voltage is required, and early EEPROMs required an outside high source of voltage. Later forms
of these memory chips perceived the trouble in numerous circuit plans of having an additional
supply only for the EEPROM, and they joined the high voltage source into the EEPROM chip.
Along these lines, the memory gadget could keep running from a solitary supply, in this way
significantly reducing the cost of a general circuit utilizing an EEPROM and disentangling the
design.
Web-Server
These computers convey webpages. Web servers are the PCs that stores sites online and
conveys website pages to users upon their request. The administration is alluded to as website
hosting. Each web server contains a unique IP (Internet Protocol) address, which advises
DIGITAL FORENSIC REPORT 9
different PCs associated with the Internet on where to locate the server on the large networks.
The IP address (Internet Protocol) resembles this: 192.168.74.35; these address connections to a
location that is human-friendly, for example, http://www.wagon.com. Web has lease spaces on
the web server used by individuals or organizations to build their own sites, and the website
server apportions a special site deliver to every site it has (Kohn et al., 2013). When a person
connect the Internet, the PC likewise is given an exceptional IP address allocated by his ISP
(Internet Service Providers). This address distinguishes the PC's area on the system. When the
person hit on a connection to access a site, at www.wagon.com, the program used conveys a
demand to waGON's IP address. The request for IP address incorporates return data and
capacities like a postal letter sent across over town, yet for this situation, the data is exchanged
over a system (Martini & Choo, 2012). The correspondence goes through a few PCs while in
transit to waGON, each steering it nearer to its definitive destination.
Web-Mail
Frequently alluded to as just "mail server", an email server is a PC inside your system
that fills in as your virtual mail station. A mail server more often than not includes of a storage
region where message is separated for local clients and a set of consumer quantifiable tenets that
decide the way mail server is supposed to react to the recipient of a certain mail, a databank of
customer accounts, which the server will distinguishes and manage locally (Perumal et al.,
2015). The correspondences modules that are the sections that handle the exchanging of mails to
as well as from different mail servers as well as email users. Normally, the individual responsible
for the maintenance of the electronic message server (editing clients, inspecting framework
movement) is referred to as postmaster. Various message servers are planned to operate without
manual mediation during a typical operations.
different PCs associated with the Internet on where to locate the server on the large networks.
The IP address (Internet Protocol) resembles this: 192.168.74.35; these address connections to a
location that is human-friendly, for example, http://www.wagon.com. Web has lease spaces on
the web server used by individuals or organizations to build their own sites, and the website
server apportions a special site deliver to every site it has (Kohn et al., 2013). When a person
connect the Internet, the PC likewise is given an exceptional IP address allocated by his ISP
(Internet Service Providers). This address distinguishes the PC's area on the system. When the
person hit on a connection to access a site, at www.wagon.com, the program used conveys a
demand to waGON's IP address. The request for IP address incorporates return data and
capacities like a postal letter sent across over town, yet for this situation, the data is exchanged
over a system (Martini & Choo, 2012). The correspondence goes through a few PCs while in
transit to waGON, each steering it nearer to its definitive destination.
Web-Mail
Frequently alluded to as just "mail server", an email server is a PC inside your system
that fills in as your virtual mail station. A mail server more often than not includes of a storage
region where message is separated for local clients and a set of consumer quantifiable tenets that
decide the way mail server is supposed to react to the recipient of a certain mail, a databank of
customer accounts, which the server will distinguishes and manage locally (Perumal et al.,
2015). The correspondences modules that are the sections that handle the exchanging of mails to
as well as from different mail servers as well as email users. Normally, the individual responsible
for the maintenance of the electronic message server (editing clients, inspecting framework
movement) is referred to as postmaster. Various message servers are planned to operate without
manual mediation during a typical operations.
DIGITAL FORENSIC REPORT 10
Steganography
Steganography is data hidden inside other data. It is an encrypting system, which can be
applied together with cryptography, like an additional secure technique, to make sure that the
information is safe. Steganography approaches can be linked to video records, pictures, or sound
documents. Normally, when steganography is made of characters comprising hash stamping, but
its application inside pictures seems additionally normal. At any degree, steganography protects
from stealing copyrighted materials as well as additionally supporting in unapproved access.
Different from being inconceivable to an unauthorised third party, just like the case with
cryptography, steganography must be evaded by the third party (Sindhu, & Meshram, 2012). Not
exclusively should the concealed information be found—viewed as a considerable formidable
undertaking all by itself—it must be scrambled, which can be almost impossible.
Graphic image analysis
FIP (Forensic Image Processing) comprises the PC restoration and improvement of imagery
surveillance. The objective of FIP is to boost data extraction from imagery surveillance,
particularly imagery that is boisterous, fragmented, or over/under uncovered (Omeleze, &
Venter, 2013. In spite of the fact that this definition is concerning imagery surveillance, FIP
procedures can be connected to different kinds of images, for example impression images, shoe
UAV (unmanned aerial vehicle) infrared images, retinal images , and more.
Findings
Exploring USB File System
Investigating most recent USB drives are caused with FAT 32. Some old USB drives can
likewise be gained like FAT 12/16, which implies that these gadgets utilize File allocation table
Steganography
Steganography is data hidden inside other data. It is an encrypting system, which can be
applied together with cryptography, like an additional secure technique, to make sure that the
information is safe. Steganography approaches can be linked to video records, pictures, or sound
documents. Normally, when steganography is made of characters comprising hash stamping, but
its application inside pictures seems additionally normal. At any degree, steganography protects
from stealing copyrighted materials as well as additionally supporting in unapproved access.
Different from being inconceivable to an unauthorised third party, just like the case with
cryptography, steganography must be evaded by the third party (Sindhu, & Meshram, 2012). Not
exclusively should the concealed information be found—viewed as a considerable formidable
undertaking all by itself—it must be scrambled, which can be almost impossible.
Graphic image analysis
FIP (Forensic Image Processing) comprises the PC restoration and improvement of imagery
surveillance. The objective of FIP is to boost data extraction from imagery surveillance,
particularly imagery that is boisterous, fragmented, or over/under uncovered (Omeleze, &
Venter, 2013. In spite of the fact that this definition is concerning imagery surveillance, FIP
procedures can be connected to different kinds of images, for example impression images, shoe
UAV (unmanned aerial vehicle) infrared images, retinal images , and more.
Findings
Exploring USB File System
Investigating most recent USB drives are caused with FAT 32. Some old USB drives can
likewise be gained like FAT 12/16, which implies that these gadgets utilize File allocation table
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
DIGITAL FORENSIC REPORT 11
for sorting out folder names. Mostly, there are two duplicates of the FAT table when that in the
event that one gets defiled. At the point when a file enters the file allocation table, its beginning
cluster is related to it (Quick & Choo, 2014). Every one of these clusters having a place with
various files are fastened together. Consequently, while erasure of any record from a USB drive
or Pen drive is, an E5 hex character otherwise called stigma supplants the principal character of
the filename. This cluster nonetheless which was related to the erased document is accessible to
the Operating framework which can be utilized.
Before beginning any USB Drive forensic examination, one must know about the
algorithm being utilized for storage of the files for that procured gadget (Rekhis & Boudriga,
2012). A portion of the USB drives simply should be connected to and can be then utilized as a
part of new frameworks. Certain situations can be looked by specialists where more up to date
forms like Windows 7, 8, and 10, can't perceive the USB Drive by examination machine. In such
situation, it is encouraged to attempt the USB drive on another framework. In any case, it is
critical to have a USB hardware blocker introduced in another framework in order to keep any
undesirable information transport between a framework and USB Drive. This is to ensure that no
adjustment or alteration is finished with the drive and no malware is transported to it.
Web-Server
In the event that your web or application server does exclude the essential log file section
fields required for leading the criminological examination, you should utilize an outsider utility
which does (Sindhu & Meshram, 2012). Amid the examination, attempt to separate the log file as
per client sessions, e.g. in the event that you are utilizing a type of a session token, for instance, a
cookie, endeavor to aggregate log passages as indicated by the token. This grouping will give
for sorting out folder names. Mostly, there are two duplicates of the FAT table when that in the
event that one gets defiled. At the point when a file enters the file allocation table, its beginning
cluster is related to it (Quick & Choo, 2014). Every one of these clusters having a place with
various files are fastened together. Consequently, while erasure of any record from a USB drive
or Pen drive is, an E5 hex character otherwise called stigma supplants the principal character of
the filename. This cluster nonetheless which was related to the erased document is accessible to
the Operating framework which can be utilized.
Before beginning any USB Drive forensic examination, one must know about the
algorithm being utilized for storage of the files for that procured gadget (Rekhis & Boudriga,
2012). A portion of the USB drives simply should be connected to and can be then utilized as a
part of new frameworks. Certain situations can be looked by specialists where more up to date
forms like Windows 7, 8, and 10, can't perceive the USB Drive by examination machine. In such
situation, it is encouraged to attempt the USB drive on another framework. In any case, it is
critical to have a USB hardware blocker introduced in another framework in order to keep any
undesirable information transport between a framework and USB Drive. This is to ensure that no
adjustment or alteration is finished with the drive and no malware is transported to it.
Web-Server
In the event that your web or application server does exclude the essential log file section
fields required for leading the criminological examination, you should utilize an outsider utility
which does (Sindhu & Meshram, 2012). Amid the examination, attempt to separate the log file as
per client sessions, e.g. in the event that you are utilizing a type of a session token, for instance, a
cookie, endeavor to aggregate log passages as indicated by the token. This grouping will give
DIGITAL FORENSIC REPORT 12
you a superior comprehension of the session flow and timetable and will evacuate clamor made
by different clients in the log document. After the grouping is done, you are left with bunches of
solicitations assembled by the client or the beginning IP address. Every cluster is sorted out
inside as indicated by the time that the request was made. This composed cluster depicts the
"Client session flow".
Web-mail
EMTS Company and its employees depend intensely on email correspondences, making
it a significant factor in each case. Erased messages can frequently be recovered, regardless of
whether they are eradicated purposefully. Metadata, for example, email full header data, time
stamps, and so on, would all be able to be extremely valuable in an examination if the legitimacy
of an email is ever brought into question (Valjarevic, & Venter, 2012). Email users and servers
are regularly full database programs, complete with file sources, contact directors, time
administrators, logbooks, and numerous different features, which might all be gotten to
forensically. Eradicating or erasing an email does not really imply that it is gone for eternity.
Generally, messages can be forensically extricated even after erasure.
Conclusion
To execute the best possible incident reaction processes in an organization and to utilize
the standard strategy for web application forensic investigation, it is prompted that you utilize
product, for example, Sanctum's AppShield, which is custom-made particularly for this errand
and offers the complete logging facilities, examination, and security required for the present
forensic investigation. Undertaking web application investigation is intensely in light of the
supposition that all HTTP information is kept in the log files, and is effortlessly gotten to when
you a superior comprehension of the session flow and timetable and will evacuate clamor made
by different clients in the log document. After the grouping is done, you are left with bunches of
solicitations assembled by the client or the beginning IP address. Every cluster is sorted out
inside as indicated by the time that the request was made. This composed cluster depicts the
"Client session flow".
Web-mail
EMTS Company and its employees depend intensely on email correspondences, making
it a significant factor in each case. Erased messages can frequently be recovered, regardless of
whether they are eradicated purposefully. Metadata, for example, email full header data, time
stamps, and so on, would all be able to be extremely valuable in an examination if the legitimacy
of an email is ever brought into question (Valjarevic, & Venter, 2012). Email users and servers
are regularly full database programs, complete with file sources, contact directors, time
administrators, logbooks, and numerous different features, which might all be gotten to
forensically. Eradicating or erasing an email does not really imply that it is gone for eternity.
Generally, messages can be forensically extricated even after erasure.
Conclusion
To execute the best possible incident reaction processes in an organization and to utilize
the standard strategy for web application forensic investigation, it is prompted that you utilize
product, for example, Sanctum's AppShield, which is custom-made particularly for this errand
and offers the complete logging facilities, examination, and security required for the present
forensic investigation. Undertaking web application investigation is intensely in light of the
supposition that all HTTP information is kept in the log files, and is effortlessly gotten to when
DIGITAL FORENSIC REPORT 13
required. Unfortunately, numerous contemporary web and application servers do exclude
appropriate handling of HTTP interchanges logging. Those that do, give the client challenges
when trying to extricate the information in a way that will lead an appropriate examination of a
hacking attempt or possible burglary of information.
References
Chung, H., Park, J., Lee, S., & Kang, C. (2012). Digital forensic investigation of cloud storage
services. Digital investigation, 9(2), 81-95.
Damshenas, M., Dehghantanha, A., Mahmoud, R., & bin Shamsuddin, S. (2012, June). Forensics
investigation challenges in cloud computing environments. In Cyber Security, Cyber
Warfare and Digital Forensic (CyberSec), 2012 International Conference on (pp. 190-
194). IEEE.
Dykstra, J., & Sherman, A. T. (2013). Design and implementation of FROST: Digital forensic
tools for the OpenStack cloud computing platform. Digital Investigation, 10, S87-S95.
Grispos, G., Storer, T., & Glisson, W. B. (2012). Calm before the storm: The challenges of cloud
computing in digital forensics. International Journal of Digital Crime and Forensics
(IJDCF), 4(2), 28-48.
Imran, A., Aljawarneh, S., & Sakib, K. (2016). Web Data Amalgamation for Security
Engineering: Digital Forensic Investigation of Open Source Cloud. J. UCS, 22(4), 494-
520.
required. Unfortunately, numerous contemporary web and application servers do exclude
appropriate handling of HTTP interchanges logging. Those that do, give the client challenges
when trying to extricate the information in a way that will lead an appropriate examination of a
hacking attempt or possible burglary of information.
References
Chung, H., Park, J., Lee, S., & Kang, C. (2012). Digital forensic investigation of cloud storage
services. Digital investigation, 9(2), 81-95.
Damshenas, M., Dehghantanha, A., Mahmoud, R., & bin Shamsuddin, S. (2012, June). Forensics
investigation challenges in cloud computing environments. In Cyber Security, Cyber
Warfare and Digital Forensic (CyberSec), 2012 International Conference on (pp. 190-
194). IEEE.
Dykstra, J., & Sherman, A. T. (2013). Design and implementation of FROST: Digital forensic
tools for the OpenStack cloud computing platform. Digital Investigation, 10, S87-S95.
Grispos, G., Storer, T., & Glisson, W. B. (2012). Calm before the storm: The challenges of cloud
computing in digital forensics. International Journal of Digital Crime and Forensics
(IJDCF), 4(2), 28-48.
Imran, A., Aljawarneh, S., & Sakib, K. (2016). Web Data Amalgamation for Security
Engineering: Digital Forensic Investigation of Open Source Cloud. J. UCS, 22(4), 494-
520.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
DIGITAL FORENSIC REPORT 14
Kohn, M. D., Eloff, M. M., & Eloff, J. H. (2013). Integrated digital forensic process
model. Computers & Security, 38, 103-115.
Lillis, D., Becker, B., O'Sullivan, T., & Scanlon, M. (2016). Current challenges and future
research areas for digital forensic investigation. arXiv preprint arXiv:1604.03850.
Martini, B., & Choo, K. K. R. (2012). An integrated conceptual digital forensic framework for
cloud computing. Digital Investigation, 9(2), 71-80.
Omeleze, S., & Venter, H. S. (2013, August). Testing the harmonised digital forensic
investigation process model-using an Android mobile phone. In Information Security for
South Africa, 2013 (pp. 1-8). IEEE.
Perumal, S., Norwawi, N. M., & Raman, V. (2015, October). Internet of Things (IoT) digital
forensic investigation model: Top-down forensic approach methodology. In Digital
Information Processing and Communications (ICDIPC), 2015 Fifth International
Conference on (pp. 19-23). IEEE.
Quick, D., & Choo, K. K. R. (2014). Impacts of increasing volume of digital forensic data: A
survey and future research challenges. Digital Investigation, 11(4), 273-294.
Rekhis, S., & Boudriga, N. (2012). A system for formal digital forensic investigation aware of
anti-forensic attacks. IEEE Transactions on Information Forensics and Security, 7(2),
635-650.
Kohn, M. D., Eloff, M. M., & Eloff, J. H. (2013). Integrated digital forensic process
model. Computers & Security, 38, 103-115.
Lillis, D., Becker, B., O'Sullivan, T., & Scanlon, M. (2016). Current challenges and future
research areas for digital forensic investigation. arXiv preprint arXiv:1604.03850.
Martini, B., & Choo, K. K. R. (2012). An integrated conceptual digital forensic framework for
cloud computing. Digital Investigation, 9(2), 71-80.
Omeleze, S., & Venter, H. S. (2013, August). Testing the harmonised digital forensic
investigation process model-using an Android mobile phone. In Information Security for
South Africa, 2013 (pp. 1-8). IEEE.
Perumal, S., Norwawi, N. M., & Raman, V. (2015, October). Internet of Things (IoT) digital
forensic investigation model: Top-down forensic approach methodology. In Digital
Information Processing and Communications (ICDIPC), 2015 Fifth International
Conference on (pp. 19-23). IEEE.
Quick, D., & Choo, K. K. R. (2014). Impacts of increasing volume of digital forensic data: A
survey and future research challenges. Digital Investigation, 11(4), 273-294.
Rekhis, S., & Boudriga, N. (2012). A system for formal digital forensic investigation aware of
anti-forensic attacks. IEEE Transactions on Information Forensics and Security, 7(2),
635-650.
DIGITAL FORENSIC REPORT 15
Sindhu, K. K., & Meshram, B. B. (2012). Digital Forensic Investigation Tools and
Procedures. International Journal of Computer Network and Information Security, 4(4),
39.
Valjarevic, A., & Venter, H. S. (2012, August). Harmonised digital forensic investigation
process model. In Information Security for South Africa (ISSA), 2012 (pp. 1-10). IEEE.
Sindhu, K. K., & Meshram, B. B. (2012). Digital Forensic Investigation Tools and
Procedures. International Journal of Computer Network and Information Security, 4(4),
39.
Valjarevic, A., & Venter, H. S. (2012, August). Harmonised digital forensic investigation
process model. In Information Security for South Africa (ISSA), 2012 (pp. 1-10). IEEE.
1 out of 15
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.