There is an escalating perception in some quarters that the conclusions drawn from digital evidence are the subjective views of individuals and have limited scientific justification. This paper attempts to address this problem by presenting a formal model for reasoning about digital evidence. A Bayesian network is used to quantify the evidential strengths of hypotheses and, thus, enhance the reliability and traceability of the results produced by digital forensic investigations. The validity of the model is tested using a real court case. The test uses objective probability assignments obtained by aggregating the responses of experienced law enforcement agents and analysts. The results confirmed the guilty verdict in the court case with a probability value of 92.7%.
Privacy is a fundamental human right defined in the Universal Declaration of Human Rights. To enable the protection of data privacy, personal data that are not related to the investigation subject should be excluded during computer forensic examination. In the physical world, protection of privacy is controlled and regulated in most countries by laws. Legislation for handling private data has been established in various jurisdictions. In the modern world, the massive use of computers generates a huge amount of private data and there is correspondingly an increased expectation to recognize and respect human rights in digital investigation. However, there does not exist a forensically sound model for protecting private data in the context of digital investigation, and it poses a threat to privacy if the investigation involves the processing of such kind of data. In this paper, we try to address this important issue and present a cryptographic model designed to be incorporated into the current digital investigation framework, thereby adding a possible way to protect data privacy in digital investigation.
Because of the way computers operate, every discrete event potentially leaves a digital trace. These digital traces must be retrieved during a digital forensic investigation to prove or refute an alleged crime. Given resource constraints, it is not always feasible (or necessary) for law enforcement to retrieve all the related digital traces and to conduct comprehensive investigations. This paper attempts to address the issue by proposing a model for conducting swift, practical and cost-effective digital forensic investigations.
In recent years, peer-to-peer (P2P) applications have become the dominant form of Internet traffic. Foxy, a Chinese community focused filesharing tool, is increasingly being used to disseminate private data and sensitive documents in Hong Kong. Unfortunately, its scattered design and a highly distributed network make it difficult to locate a file originator. This paper proposes an investigative model for analyzing Foxy communications and identifying the first uploaders of files. The model is built on the results of several experiments, which reveal behavior patterns of the Foxy protocol that can be used to expose traces of file originators.
Research on using Bayesian networks to enhance digital forensic investigations has yet to evaluate the quality of the output of a Bayesian network. The evaluation can be performed by assessing the sensitivity of the posterior output of a forensic hypothesis to the input likelihood values of the digital evidence. This paper applies Bayesian sensitivity analysis techniques to a Bayesian network model for the well-known Yahoo! case. The analysis demonstrates that the conclusions drawn from Bayesian network models are statistically reliable and stable for small changes in evidence likelihood values.
To enable free communication between legal advisor and his client for proper functioning
The community of peer-to-peer (P2P) file-sharing networks has been expanding swiftly since the appearance of the very first P2P application (Napster) in 2001. These networks are famous for their excellent file transfer rates and adversely, the flooding of copyright-infringed digital materials. Recently, a number of documents containing personal data or sensitive information have been shared in an unbridled manner over the Foxy network (a popular P2P network in Chinese regions). These incidents have urged the authors to develop an investigation model for tracing suspicious P2P activities. Unfortunately, hindered by the distributed design and anonymous nature of these networks, P2P investigation can be practically difficult and complicated. In this chapter, the authors briefly review the characteristics of current P2P networks. By observing the behaviors of these networks, they propose some heuristic rules for identifying the first uploader of a shared file. Also, the rules have been demonstrated to be applicable to some simulated cases. The authors believe their findings provide a foundation for future development in P2P file-sharing networks investigation.
Internet auction fraud has become prevalent. Methodologies for detecting fraudulent transactions use historical information about Internet auction participants to decide whether or not a user is a potential fraudster. The information includes reputation scores, values of items, time frames of various activities and transaction records. This paper presents a distinctive set of fraudster characteristics based on an analysis of 278 allegations about the sale of counterfeit goods at Internet auction sites. Also, it applies a Bayesian approach to analyze the relevance of evidence in Internet auction fraud cases.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.