Digital Forensics and Cyber Crime

Name: Digital Forensics and Cyber Crime | Second International ICST Conference, ICDF2C 2010, Abu Dhabi, United Arab Emirates, October 4-6, 2010, Revised Selected Papers
Brand: Springer
Price: 53.49 EUR
Availability: OnlineOnly

Second International ICST Conference, ICDF2C 2010, Abu Dhabi, United Arab Emirates, October 4-6, 2010, Revised Selected Papers

Ibrahim Baggili(Editor)

Springer (Publisher)

Published on 7. March 2011

X, 157 pages

E-Book

PDF with digital watermarking

System requirements

978-3-642-19513-6 (ISBN)

€53.49incl. 7% vat

System requirements

for PDF with digital watermarking

E-Book Single Licence

Available for download

Description

More details

Other editions

Content

Title
Preface
Organization
Table of Contents
Dealing with the Problem of Cybercrime
Introduction
Terminology and Taxonomies
A New Model for Classifying Cybercrime
Refining the Type I/II Classification of Cybercrime
Extending and Applying the Refined Taxonomy
International Cybercrime Legislation and Compliance with CoE Convention
Australia and the UAE - The Fight against Cybercrime
Conclusions and Future Work
References
Software Piracy Forensics: The Need for Further Developing AFC
Introduction
The AFC Test
References
A Simple Cost-Effective Framework for iPhone Forensic Analysis
Introduction
Literature Review
Proposed Method
Data Acquisition
Data Analysis
Data Reporting
Experimental Results
Voice Communication Related Evidence
Text Communication Related Evidence
Network Related Evidence
Audio-Visual Evidence
Location Related Evidence
Online Activity Related Evidence
User Activity Relatedd Evidence
Evaluations of the Digital Evidence
Comparisons with Existing Products and Methods
Challenges and Limitations
Conclusion
References
Detecting Intermediary Hosts by TCP Latency Measurements
Introduction
Background
Latency Propagation Theory
Statistical Model of Burst Inter-arrival Time
Experimental Setup
Burst Interarrival Time Results
RTT Experiment Results
Burst Interarrival Time Results from No Proxy Case
Burst Interarrival Time Results from Proxy Case
Discussion and Future Work
Conclusion
References
Reliable Acquisition of RAM Dumps from Intel-Based Apple Mac Computers over FireWire
Introduction
Reliable Acquisition of Mac OS X RAM Content via FireWire
State of the Arts
Reliable FireWire RAM Imaging for Intel-Based Apple Mac Computers
Extracting Fragments of Open AIM Conversations
AOL Instant Messenger Background
AOL Instant Messenger Chat Logs Formats in the RAM
Experimental Results
Future Work
References
Towards More Secure Biometric Readers for Effective Digital Forensic Investigation
Introduction
Biometric Technologies
Network Attacks
DoS Attacks
ARP Cache Poisoning Attack
Experiments
Network Architecture
Attack Tools
DoS Attacks Results for Fingerprint Readers
DoS Attacks Results for Iris Readers
ARP Cache Poisoning Attack Results for Fingerprint and Iris Readers
Enhanced Network Architecture for e-Forensic Investigation
Conclusion
References
Defining a Standard for Reporting Digital Evidence Items in Computer Forensic Tools
Introduction
Problem Statement
Related Literature and Software
Commercial Computer Forensic Tools
Standardization
Methodology
Discussion and Result
Computer Forensics Tool Survey
Chain of Custody
Forensic Community Opinion Questionnaire
Standard Definition
XML Schema
Conclusion
Future Work
References
Signature Based Detection of User Events for Post-mortem Forensic Analysis
Introduction
Contribution
Organization
Traditional Analysis in an Investigation
Automatic Detection of User Events
Windows Timestamps
Deriving User Action Signatures for Internet Explorer
Determining Traces for the Signature
Analysis of Timestamp Updates
Categories of Timestamps
Signature Generalization
Creation of the Signature for Opening Internet Explorer
Further Application of Signatures
Conclusions
Limitations
Future Work
References
Protecting Digital Evidence Integrity by Using Smart Cards
Introduction
Current Practices for Integrity Protection
Integrity Protection by FTK Imager 2.9
Integrity Protection by Encase
Problems with Current Practices
Attacks on Passwords
The Solution Based on the PIDESC Model
Pre-conditions
Procedure
Analysis of Proposed Solution with the PIDESC Model
Conclusion
References
An Architecture for the Forensic Analysis of Windows System Artifacts
Introduction
Forensic Analysis of Windows System Artifacts
Windows System Artifacts
Event Logs Evidentiary Values, Features, Tools and Related Issues
Swap File Evidentiary Values, Features, Tools and Related Issues
Architecture and System Requirements
Functional Requirements
Security, Software Quality and Other Requirements
System Architecture
Analyzer, Database and Visualizer
Conclusion and Future Work
References
An IP Traceback Model for Network Forensics
Introduction
Assumptions and Requirements for Forensic Traceback
IP Traceback
Background
Related Work
Proposed Model
Mark Information Encoding
Marking Operation
Traceback Operation
Analysis
Conclusion
References
Forensic Data Carving
Introduction
An Approach to Minimize Search Time
Lost and Unallocated Clusters, Slack Space
Header/Footer Carving
Carving JPEG Files
Header/Embedded Length Carving
Carving PDF Files
File Structure Based Carving
Carving Zip Files
Carving with Validation
Carving GIF Files
Header/Maximum File Size Carving
Results
Conclusion
References
Semantic Modelling of Digital Forensic Evidence
Introduction
Previous Work
Digital Investigation Concept
Encoding of Results
Encoding Metadata
Encoding Content
Encoding Events
Data Retrieval and Implementation
Conclusion
References
Author Index

System requirements

Save as PDF Copy link into clipboard

Schweitzer Fachinformationen

Digital Forensics and Cyber Crime

Description

More details

Other editions

Additional editions

Content

System requirements