Search results

1 – 10 of 463
Article
Publication date: 13 March 2020

R.I. Ferguson, Karen Renaud, Sara Wilford and Alastair Irons

Cyber-enabled crimes are on the increase, and law enforcement has had to expand many of their detecting activities into the digital domain. As such, the field of digital

1151

Abstract

Purpose

Cyber-enabled crimes are on the increase, and law enforcement has had to expand many of their detecting activities into the digital domain. As such, the field of digital forensics has become far more sophisticated over the years and is now able to uncover even more evidence that can be used to support prosecution of cyber criminals in a court of law. Governments, too, have embraced the ability to track suspicious individuals in the online world. Forensics investigators are driven to gather data exhaustively, being under pressure to provide law enforcement with sufficient evidence to secure a conviction.

Yet, there are concerns about the ethics and justice of untrammeled investigations on a number of levels. On an organizational level, unconstrained investigations could interfere with, and damage, the organization's right to control the disclosure of their intellectual capital. On an individual level, those being investigated could easily have their legal privacy rights violated by forensics investigations. On a societal level, there might be a sense of injustice at the perceived inequality of current practice in this domain.

This paper argues the need for a practical, ethically grounded approach to digital forensic investigations, one that acknowledges and respects the privacy rights of individuals and the intellectual capital disclosure rights of organizations, as well as acknowledging the needs of law enforcement. The paper derives a set of ethical guidelines, and then maps these onto a forensics investigation framework. The framework to expert review in two stages is subjected, refining the framework after each stage. The paper concludes by proposing the refined ethically grounded digital forensics investigation framework. The treatise is primarily UK based, but the concepts presented here have international relevance and applicability.

Design/methodology/approach

In this paper, the lens of justice theory is used to explore the tension that exists between the needs of digital forensic investigations into cybercrimes on the one hand, and, on the other, individuals' rights to privacy and organizations' rights to control intellectual capital disclosure.

Findings

The investigation revealed a potential inequality between the practices of digital forensics investigators and the rights of other stakeholders. That being so, the need for a more ethically informed approach to digital forensics investigations, as a remedy, is highlighted and a framework proposed to provide this.

Research limitations/implications

The proposed ethically informed framework for guiding digital forensics investigations suggests a way of re-establishing the equality of the stakeholders in this arena, and ensuring that the potential for a sense of injustice is reduced.

Originality/value

Justice theory is used to highlight the difficulties in squaring the circle between the rights and expectations of all stakeholders in the digital forensics arena. The outcome is the forensics investigation guideline, PRECEpt: Privacy-Respecting EthiCal framEwork, which provides the basis for a re-aligning of the balance between the requirements and expectations of digital forensic investigators on the one hand, and individual and organizational expectations and rights, on the other.

Details

Journal of Intellectual Capital, vol. 21 no. 2
Type: Research Article
ISSN: 1469-1930

Keywords

Article
Publication date: 16 March 2015

Corinne Rogers

This paper aims to explore a new model of “record” that maps traditional attributes of a record onto a technical decomposition of digital records. It compares the core…

2439

Abstract

Purpose

This paper aims to explore a new model of “record” that maps traditional attributes of a record onto a technical decomposition of digital records. It compares the core characteristics necessary to call a digital object a “record” in terms of diplomatics or “evidence” in terms of digital forensics. It then isolates three layers of abstraction: the conceptual, the logical and the physical. By identifying the essential elements of a record at each layer of abstraction, a diplomatics of digital records can be proposed.

Design/methodology/approach

Digital diplomatics, a research outcome of the International Research on Permanent Authentic Records in Electronic Systems (InterPARES) project, gives archivists a methodology for analyzing the identity and integrity of digital records in electronic systems and thereby assessing their authenticity (Duranti and Preston, 2008; Duranti, 2005) and tracing their provenance.

Findings

Digital records consist of user-generated data (content), system-generated metadata identifying source and location, application-generated metadata managing the look and performance of the record (e.g., native file format), application-generated metadata describing the data (e.g., file system metadata OS), and user-generated metadata describing the data. Digital diplomatics, based on a foundation of traditional diplomatic principles, can help identify digital records through their metadata and determine what metadata needs to be captured, managed and preserved.

Originality/value

The value and originality of this paper is in the application of diplomatic principles to a deconstructed, technical view of digital records through functional metadata for assessing the identity and authenticity of digital records.

Details

Records Management Journal, vol. 25 no. 1
Type: Research Article
ISSN: 0956-5698

Keywords

Article
Publication date: 7 October 2019

Sisira Dharmasri Jayasekara and Iroshini Abeysekara

The purpose of this paper is to discuss the role of digital forensics in an evolving environment of cyber laws giving attention to Bay of Bengal Initiative for…

Abstract

Purpose

The purpose of this paper is to discuss the role of digital forensics in an evolving environment of cyber laws giving attention to Bay of Bengal Initiative for Multi-Sectoral Technical and Economic Cooperation (BIMSTEC) countries, comprising Bangladesh, India, Myanmar, Sri Lanka, Thailand, Nepal and Bhutan, in a dynamic global context.

Design/methodology/approach

This study uses a case study approach to discuss the digital forensics and cyber laws of BIMSTEC countries. The objective of the study was expected to be achieved by referring to decided cases in different jurisdictions. Cyber laws of BIMSTEC countries were studied for the purpose of this study.

Findings

The analysis revealed that BIMSTEC countries are required to amend legislation to support the growth of information technology. Most of the legislation are 10-15 years old and have not been amended to resolve issues on cyber jurisdictions.

Research limitations/implications

This study was limited to the members of the BIMSTEC.

Originality/value

This paper is an original work done by the authors who have discussed the issues of conducting investigations with respect to digital crimes in a rapidly changing environment of information technology and deficient legal frameworks.

Details

Journal of Money Laundering Control, vol. 22 no. 4
Type: Research Article
ISSN: 1368-5201

Keywords

Open Access
Article
Publication date: 25 August 2022

Lelia Cristina Díaz-Pérez, Ana Laura Quintanar-Reséndiz, Graciela Vázquez-Álvarez and Rubén Vázquez-Medina

Based on this holistic model, the authors propose and analyze seven key issues related to the admissibility of digital media in cross-border trials considering four Latin…

Abstract

Purpose

Based on this holistic model, the authors propose and analyze seven key issues related to the admissibility of digital media in cross-border trials considering four Latin American countries.

Design/methodology/approach

The authors apply the modeling process of the soft systems methodology by Checkland in order to develop a holistic model focused on human situation problems involving digital media and information technology devices or systems.

Findings

The authors discuss the status of the identified key issues in each country and offer a perspective on the integration of cross-border work analyzing the contribution of these key issues to the collaboration between countries criminal cases or the use of foreign digital artifacts in domestic trials.

Research limitations/implications

In this study, the authors assumed that the problems of official interaction between agencies of different countries are considered solved. However, for future studies or research, the authors recommend that these issues can be considered as relevant, since they are related to cross-border cooperation topics that will necessarily require unavoidable official arrangements, agreements and formalities.

Practical implications

This work is aimed at defining and analyzing the key issues that can contribute to the application of current techniques and methodologies in digital forensics as a tool to support the legal framework of each country, considering cross-border trials. Finally, the authors highlight the implications of this study lie in the identification and analysis of the key issues that must be considered for digital forensics as a support tool for the admissibility of digital evidence in cross-border trials.

Social implications

The authors consider that digital forensic will have high demand in cross-border trials, and it will depend on the people mobility between the countries considered in this study.

Originality/value

This paper shows that the soft systems methodology allows elaborating a holistic model focused on social problems involving digital media and informatics devices.

Details

Applied Computing and Informatics, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 2634-1964

Keywords

Article
Publication date: 16 March 2015

Frederick B. Cohen

– The purpose of this study is to discuss moving forward on a global basis with digital diplomatics.

Abstract

Purpose

The purpose of this study is to discuss moving forward on a global basis with digital diplomatics.

Design/methodology/approach

This study fused a historic review of multiple fields to form a proposed future.

Findings

Today, the metadata associated with digital record-keeping is largely based on the methods from the pre-digital age. It fails to take into account the underlying digital mechanisms and their unique properties. At the same time, digital systems already produce large quantities of redundant data that could be and has been used in consistency analysis. A rational improvement would be to use the nature of digital systems in conjunction with intentional redundancy to create metadata and other forms of redundant information that could be validated in diplomatic examination but would be hard to forge consistently by an internal act of alteration.

Originality/value

This study uses a unique approach of fusing digital forensic science with digital diplomatics in the form of using inherent redundancy in digital records and metadata for consistency analysis as a means to fuse the fields.

Details

Records Management Journal, vol. 25 no. 1
Type: Research Article
ISSN: 0956-5698

Keywords

Article
Publication date: 11 December 2019

Dana Wilson-Kovacs

Building on the findings of a British Academy-funded project on the development of digital forensics (DF) in England and Wales, the purpose of this paper is to explore how…

Abstract

Purpose

Building on the findings of a British Academy-funded project on the development of digital forensics (DF) in England and Wales, the purpose of this paper is to explore how triage, a process that helps prioritise digital devices for in-depth forensic analysis, is experienced by DF examiners and police officers in four English police forces. It is argued that while as a strategy triage can address the increasing demand in the examination of digital exhibits, careful consideration needs to be paid to the ways in which its set-up, undertaking and outcomes impact on the ability of law enforcement agencies to solve cases.

Design/methodology/approach

The methodological approach adopted here builds on the ethnographic turn in criminology. The analysis draws on 120 h of ethnographic observations and 43 semi-structured interviews. Observational data of the working DF environment at each location and a systematic evaluation of internal documents, organisational settings and police priorities helped refine emergent analysis threads, which were analytically compared between sites and against the testimonies of members of different occupational groups to identify similarities and differences between accounts.

Findings

The findings emphasise the challenges in the triage of digital exhibits as they are encountered in everyday practice. The discussion focusses on the tensions between the delivery of timely and accurate investigation results and current gaps in the infrastructural arrangements. It also emphasises the need to provide police officers with a baseline understanding of the role of DF and the importance of clearly defined strategies in the examination of digital devices.

Originality/value

This paper aims to bridge policy and practice through an analysis of the ways in which DF practitioners and police officers in four English constabularies reflect on the uses of triage in DF to address backlogs and investigative demands. Highlighting the importance of digital awareness beyond the technical remit of DF units, it offers new insights into the ways in which police forces seek to improve the evidential trail with limited resources.

Details

Policing: An International Journal, vol. 43 no. 1
Type: Research Article
ISSN: 1363-951X

Keywords

Article
Publication date: 31 October 2011

Robert Fox

This paper seeks to examine important issues relating to digital preservation with a focus on file integrity and digital forensics.

1178

Abstract

Purpose

This paper seeks to examine important issues relating to digital preservation with a focus on file integrity and digital forensics.

Design/methodology/approach

This is a viewpoint paper.

Findings

This paper highlights important issues relating to digital preservation and offers suggestions on comprehensive approaches to achieving a high level of integrity with library digital repositories.

Practical implications

Libraries have always had as a part of their core mission the preservation of information and cultural heritage. The seriousness with which the challenges associated with digital preservation are met will determine the reputation of libraries as continuing to be a reliable preserver of cultural heritage and research data.

Social implications

Libraries play an important role in cultural heritage and preservation of research data. This role is manifested both generally and specifically within the academic context. It is important that libraries stay at the forefront of developing reliable means for digital preservation.

Originality/value

Several means of achieving a high degree of reliability in the area of digital preservation are suggested. If these and similar ideas suggested from others in the field are followed, it will assist libraries in maintaining a reputation as reliable preservers of cultural heritage and as important players in twenty‐first century research endeavors.

Details

OCLC Systems & Services: International digital library perspectives, vol. 27 no. 4
Type: Research Article
ISSN: 1065-075X

Keywords

Article
Publication date: 31 August 2012

Jason Bengtson

The purpose of this paper is to define and stimulate interest in a potential new specialty within the information science field.

855

Abstract

Purpose

The purpose of this paper is to define and stimulate interest in a potential new specialty within the information science field.

Design/methodology/approach

Sources on digital forensics and digital archeology are discussed, and the topic is examined critically from a librarian perspective. The author examines the possibility of an information science specialty pursuing the reconstruction of “digital palimpsests”, where data that later becomes historically significant has been deleted or partially overwritten on digital media.

Findings

The author identifies at least one key incident (the NASA moon landing tapes) where this potential field has already started to be defined. Examination of the literature indicates that emphasis in data recovery to this point has centered on the needs of law enforcement and disaster recovery rather than on the considerations of manuscript preservation, recovery, and curation. The author emphasizes the need for librarians to bring together the skills of multiple fields, especially that of information technology, in order to shape the tools needed to take the lead in “digital palimpsest” recovery.

Originality/value

The author asserts that the recovery of “digital palimpsests” will become important as digital archives age and society's position on what has historical value inevitably shifts. The author further asserts that members of the information science field must actively work to take ownership of the field before it is subsumed by information technology or another discipline less equipped to manage its nebulous considerations effectively.

Article
Publication date: 11 February 2019

Nikolaos Serketzis, Vasilios Katos, Christos Ilioudis, Dimitrios Baltatzis and George J. Pangalos

The purpose of this paper is to formulate a novel model for enhancing the effectiveness of existing digital forensic readiness (DFR) schemes by leveraging the capabilities…

Abstract

Purpose

The purpose of this paper is to formulate a novel model for enhancing the effectiveness of existing digital forensic readiness (DFR) schemes by leveraging the capabilities of cyber threat information sharing.

Design/methodology/approach

This paper uses a quantitative methodology to identify the most popular cyber threat intelligence (CTI) elements and introduces a lightweight approach to correlate those with potential forensic value, resulting in the quick and accurate triaging and identification of patterns of malicious activities.

Findings

While threat intelligence exchange steadily becomes a common practice for the prevention or detection of security incidents, the proposed approach highlights its usefulness for the digital forensics (DF) domain.

Originality/value

The proposed model can help organizations to improve their DFR posture, and thus minimize the time and cost of cybercrime incidents.

Details

Information & Computer Security, vol. 27 no. 2
Type: Research Article
ISSN: 2056-4961

Keywords

Article
Publication date: 20 January 2020

Joakim Kävrestad, Johan Zaxmy and Marcus Nohlberg

Using passwords to keep account and data safe is very common in modern computing. The purpose of this paper is to look into methods for cracking passwords as a means of…

Abstract

Purpose

Using passwords to keep account and data safe is very common in modern computing. The purpose of this paper is to look into methods for cracking passwords as a means of increasing security, a practice commonly used in penetration testing. Further, in the discipline of digital forensics, password cracking is often an essential part of a computer examination as data has to be decrypted to be analyzed. This paper seeks to look into how users that actively encrypt data construct their passwords to benefit the forensics community.

Design/methodology/approach

The study began with an automated analysis of over one billion passwords in 22 different password databases that leaked to the internet. The study validated the result with an experiment were passwords created on a local website was analyzed during account creation. Further a survey was used to gather data that was used to identify differences in password behavior between user that actively encrypt their data and other users.

Findings

The result of this study suggests that American lowercase letters and numbers are present in almost every password and that users seem to avoid using special characters if they can. Further, the study suggests that users that actively encrypt their data are more prone to use keyboard patterns as passwords than other users.

Originality/value

This paper contributes to the existing body of knowledge around password behavior and suggests that password-guessing attacks should focus on American letters and numbers. Further, the paper suggests that forensics experts should consider testing patterns-based passwords when performing password-guessing attacks against encrypted data.

Details

Information & Computer Security, vol. 28 no. 3
Type: Research Article
ISSN: 2056-4961

Keywords

1 – 10 of 463