Frank Y. W. Law scite author profile

There is an escalating perception in some quarters that the conclusions drawn from digital evidence are the subjective views of individuals and have limited scientific justification. This paper attempts to address this problem by presenting a formal model for reasoning about digital evidence. A Bayesian network is used to quantify the evidential strengths of hypotheses and, thus, enhance the reliability and traceability of the results produced by digital forensic investigations. The validity of the model is tested using a real court case. The test uses objective probability assignments obtained by aggregating the responses of experienced law enforcement agents and analysts. The results confirmed the guilty verdict in the court case with a probability value of 92.7%.

show abstract

Protecting Digital Data Privacy in Computer Forensic Examination

Law

Chan

Yiu

et al. 2011

View full text Add to dashboard Cite

Privacy is a fundamental human right defined in the Universal Declaration of Human Rights. To enable the protection of data privacy, personal data that are not related to the investigation subject should be excluded during computer forensic examination. In the physical world, protection of privacy is controlled and regulated in most countries by laws. Legislation for handling private data has been established in various jurisdictions. In the modern world, the massive use of computers generates a huge amount of private data and there is correspondingly an increased expectation to recognize and respect human rights in digital investigation. However, there does not exist a forensically sound model for protecting private data in the context of digital investigation, and it poses a threat to privacy if the investigation involves the processing of such kind of data. In this paper, we try to address this important issue and present a cryptographic model designed to be incorporated into the current digital investigation framework, thereby adding a possible way to protect data privacy in digital investigation.

show abstract

A Cost-Effective Model for Digital Forensic Investigations

Overill

Kwan²,

Chow³

et al. 2009

View full text Add to dashboard Cite

Because of the way computers operate, every discrete event potentially leaves a digital trace. These digital traces must be retrieved during a digital forensic investigation to prove or refute an alleged crime. Given resource constraints, it is not always feasible (or necessary) for law enforcement to retrieve all the related digital traces and to conduct comprehensive investigations. This paper attempts to address the issue by proposing a model for conducting swift, practical and cost-effective digital forensic investigations.

show abstract

A Model for Foxy Peer-to-Peer Network Investigations

Ieong

Lai

Chow

et al. 2009

View full text Add to dashboard Cite

In recent years, peer-to-peer (P2P) applications have become the dominant form of Internet traffic. Foxy, a Chinese community focused filesharing tool, is increasingly being used to disseminate private data and sensitive documents in Hong Kong. Unfortunately, its scattered design and a highly distributed network make it difficult to locate a file originator. This paper proposes an investigative model for analyzing Foxy communications and identifying the first uploaders of files. The model is built on the results of several experiments, which reveal behavior patterns of the Foxy protocol that can be used to expose traces of file originators.

show abstract

Sensitivity Analysis of Bayesian Networks Used in Forensic Investigations

Kwan

Overill

Chow

et al. 2011

View full text Add to dashboard Cite

Research on using Bayesian networks to enhance digital forensic investigations has yet to evaluate the quality of the output of a Bayesian network. The evaluation can be performed by assessing the sensitivity of the posterior output of a forensic hypothesis to the input likelihood values of the digital evidence. This paper applies Bayesian sensitivity analysis techniques to a Bayesian network model for the well-known Yahoo! case. The analysis demonstrates that the conclusions drawn from Bayesian network models are statistically reliable and stable for small changes in evidence likelihood values.

show abstract

Protecting Digital Legal Professional Privilege (LPP) Data

Law

Lai

Jiang

et al. 2008

View full text Add to dashboard Cite

show abstract

Forensic Investigation of Peer-to-Peer Networks

Ieong

Lai

Chow

et al. 2010

View full text Add to dashboard Cite

The community of peer-to-peer (P2P) file-sharing networks has been expanding swiftly since the appearance of the very first P2P application (Napster) in 2001. These networks are famous for their excellent file transfer rates and adversely, the flooding of copyright-infringed digital materials. Recently, a number of documents containing personal data or sensitive information have been shared in an unbridled manner over the Foxy network (a popular P2P network in Chinese regions). These incidents have urged the authors to develop an investigation model for tracing suspicious P2P activities. Unfortunately, hindered by the distributed design and anonymous nature of these networks, P2P investigation can be practically difficult and complicated. In this chapter, the authors briefly review the characteristics of current P2P networks. By observing the behaviors of these networks, they propose some heuristic rules for identifying the first uploader of a shared file. Also, the rules have been demonstrated to be applicable to some simulated cases. The authors believe their findings provide a foundation for future development in P2P file-sharing networks investigation.

show abstract

Evaluation of Evidence in Internet Auction Fraud Investigations

Kwan

Overill

Chow

et al. 2010

View full text Add to dashboard Cite

Internet auction fraud has become prevalent. Methodologies for detecting fraudulent transactions use historical information about Internet auction participants to decide whether or not a user is a potential fraudster. The information includes reputation scores, values of items, time frames of various activities and transaction records. This paper presents a distinctive set of fraudster characteristics based on an analysis of 278 allegations about the sale of counterfeit goods at Internet auction sites. Also, it applies a Bayesian approach to analyze the relevance of evidence in Internet auction fraud cases.

show abstract

12 3

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Frank Y. W. Law

Reasoning About Evidence Using Bayesian Networks

Protecting Digital Data Privacy in Computer Forensic Examination

A Cost-Effective Model for Digital Forensic Investigations

A Model for Foxy Peer-to-Peer Network Investigations

Sensitivity Analysis of Bayesian Networks Used in Forensic Investigations

Protecting Digital Legal Professional Privilege (LPP) Data

Forensic Investigation of Peer-to-Peer Networks

Evaluation of Evidence in Internet Auction Fraud Investigations

Contact Info

Product

Resources

About