Data Forensics For Cyber Crime Investigation

By: B. Gupta

The exponential development in technology has caused the whole planet to go digital. However, one problem is that this technology’s evolution has often created threats to users’ privacy and protection. As a result, we have to focus on developing automated forensic countermeasures to help combat cybercrime. We need to analyze emerging modern forensics developments, including cloud forensics, social network analysis, and Internet of Things analysis. They are assisting with privacy protection while at the same time being used to track down the offenders. Technical, operational, and personnel-specific risks have been discovered as well. Furthermore, a significant obstacle to these programs’ successful implementation is their size, data length, chain of custody, and staff’s trustworthiness.

A few years earlier, the techniques of retrieving and studying computer data stored on desktops, smartphones, notebooks/netbooks were very primitive. Nevertheless, with the recent rise in the amount of cybercrime and the increasing use of electronic devices, the field of digital forensic research has acquired significance in today’s police investigations. By using cutting-edge information and networking technologies (e.g., the Internet), society is more reliant on communications networks, equipment, IoT devices, and cloud computing; further, economic activities have benefitted from them. All agreed, though, is there a definite advantage of closely linking the natural universe with ICT technologies. For these reasons, cyberattacks employ a variety of novel techniques, such as identity theft, software “zombie” creation, and distributed denial of service (DDoS) via botnets, as well as malware that is specifically targeted at various technologies, such as VoIP devices and intelligent appliances, effectively turning these devices into “botnets” of misused nodes, in order to affect online applications. [1]. They may have a profound effect on both large corporations and small firms. Prosecute immediately. Ensure the cybercriminals are promptly discovered, and the compelling proof is rendered accessible in the courts. There are several diverse methods used to investigate cybercrimes that may stretch through national boundaries and legal structures. This complicates the digital forensics environment in the realm of vast volumes and riches of data, as well as advanced hardware and device setups. Finally, it’s normal to track an attacker(s) over the Internet or find evidence of vast criminal activity numbers [8-10]. In the context of modern digital evidence, law enforcement authorities and security experts must change and modify their methods of investigation if they want to maintain success. Digital evidence collection capabilities must be prepped up for an interdisciplinary operation, such as electronic forensics, and field agents must be equipped to “deal with a diverse array of issues that encompasses many of the criminal justice disciplines, including regulation, data mining, networking, and financial research, as well as a computer science.” We also need to explore the most critical issues while building or applying new automated forensic techniques. Recently, researchers proposed digital forensics as a service concept [2], as represented in Figure 1. The digital evidence collector gathers evidence from physical devices and transfers it to a centralized cloud platform throughout this procedure. Digital proofs are processed by tools on the centralized platform and then evaluated by the case investigator and analyzer.

There are few areas in which we can apply the use of digital forensics. Law enforcing authorities have played an essential role in the early adoption of electronic forensics, which has led to constant innovation Computers can be considered ‘scenes of crimes,’ for instance. At the same time, they are involved in intrusion or denial of service assaults or can even carry incriminating information like addresses, notes, web history, or other content in the form of data. It is not only the substance of letters, texts but ‘metadata’ as well. A data forensics analysis can show when a record was created, when it was last modified, and who changed it. Many industrial companies have found uses for digital forensics in the modern past [11-14]:

• Intellectual property infringement
• Regulatory enforcement
• Improper communication and telephone use of the workforce
• Bankrupt proceedings
• Forgeries
• Fraud cases
• Job conflicts
• Corporate espionage

The trend towards more advanced information technologies has exposed new options; moreover, it has created new forensic science arena problems. Digital forensic issues still remain since various digital forensic investigators and analysts are still need to categorize the problems identified.  According to these findings, automated forensic technologies are already vulnerable to technological threats [3]. There are no technical problems, only operational, protocol, and skill issues. Noting that digital forensics necessitates ethical behavior as well as national abilities. The more challenging aspects of digital forensics include encryption, an enormous amount of data, and tool functionality, among various techniques [4]. Technological advancements also created certain goods and resources to be readily available. Encryption algorithms and protocols are developing to handle these issues, thus making cryptanalysis more complicated and time-consuming [5]. This method extracts valuable knowledge from files by connecting them in a chain. Using cryptography often conceals the suspects’ identities and leaves the electronic evidence indecipherable, enabling them to remain invisible and anonymous.  This has the potential to impact the investigative procedure of a digital investigator. With the majority of encrypted proof instances, it is impossible to obtain relevant details [6]. Because of this, ease of use, low expense, and accessibility of software for encrypted data storage, automated forensic procedures pose a danger to the method’s legitimacy and reputation. A significant threat to computer forensics exists not only in the encrypted data but in volume as well. Increased data volumes make data legal issues and investigators vulnerable to being outpaced by digital threats [7].

References:

1. Jang-Jaccard, J., & Nepal, S. (2014). A survey of emerging threats in cybersecurity. Journal of Computer and System Sciences, 80(5), 973-993.
2. van Beek, H. M., van den Bos, J., Boztas, A., van Eijk, E. J., Schramp, R., & Ugen, M. (2020). Digital forensics as a service: Stepping up the game. Forensic Science International: Digital Investigation, 35, 301021.
3. Alseelawi, N. S., Adnan, E. K., Hazim, H. T., Alrikabi, H., & Nasser, K. (2020). Design and implementation of an e-learning platform using N-TIER architecture.
4. Karie, N. M., & Venter, H. S. (2015). Taxonomy of challenges for digital forensics. Journal of forensic sciences, 60(4), 885-893.
5. Balogun, A. M., & Zhu, S. Y. (2013). Privacy impacts of data encryption on the efficiency of digital forensics technology. arXiv preprint arXiv:1312.3183.
6. Vincze, E. A. (2016). Challenges in digital forensics. Police Practice and Research, 17(2), 183-194.
7. Raghavan, S. (2013). Digital forensic research: current state of the art. CSI Transactions on ICT, 1(1), 91-114.
8. Yamaguchi, S., et al. (2021). Malware threat in Internet of Things and its mitigation analysis. In Research Anthology on Combating Denial-of-Service Attacks (pp. 371-387). IGI Global.
9. Dahiya, A., et al. (2022). A PBNM and economic incentive-based defensive mechanism against DDoS attacks. Enterprise Information Systems, 16(3), 406-426.
10. Mani, N., Moh, M., & Moh, T. S. (2021). Defending deep learning models against adversarial attacks. International Journal of Software Science and Computational Intelligence (IJSSCI), 13(1), 72-89.
11. Mishra, A., et al. (2011, September). A comparative study of distributed denial of service attacks, intrusion tolerance and mitigation techniques. In 2011 European Intelligence and Security Informatics Conference (pp. 286-289). IEEE.
12. Gupta, B. B., Misra, M., & Joshi, R. C. (2012). An ISP level solution to combat DDoS attacks using combined statistical based approach. arXiv preprint arXiv:1203.2400.
13. Shrivastava, G., Kumar, P., et al. (Eds.). (2018). Handbook of research on network forensics and analysis techniques. IGI Global.
14. Al-Sharif, Z. A., Al-Saleh, M. I., Alawneh, et al. (2020). Live forensics of software attacks on cyber–physical systems. Future Generation Computer Systems, 108, 1217-1229.

84100cookie-checkData Forensics For Cyber Crime Investigationyes