International Journal of Electronic Security and Digital Forensics (14 papers in press)
Drone Forensics: Investigative Guide for Law Enforcement Agencies
by Nilay Mistry, Hitesh Sanghvi
Abstract: Today technology takes humankind on the next level, where unmanned vehicles are taking participation in day to day activities. When these technologies like auto pilot vehicles, auto pilot cars, auto pilot aircraft can be very easily operated with remote control. Technology comes with its own pros and cons. Out of such technology drones - the flying object with remote command and control facility is known as UAV (Unmanned Aerial Vehicle) often called Drone. Most of the drones working on Remotely Piloted Aerial Systems (RPAS) technology. Drones are earlier used in photography, delivering items from one place to another place, transportation, etc. purpose. But sophisticated criminals and state actors use this technology in different way like spying, bombarding, shooting etc. Law enforcement deals with biggest challenges to cope up and to investigate such incidents from the drones which found from crime scene.
Keywords: Drone; UAV (Unmanned Aerial Vehicle); Forensic; Investigation; Tracking; Embedded system forensics; Remotely Piloted Aerial Systems (RPAS) technology.
Digital Forensics in private Seafile Cloud Storage from both client and server side
by Asgarali Bouyer, Mojtaba Zirak
Abstract: Recently many open source cloud computing software have been created for addressing needs of such users that provide free cloud storage Seafile is one of these popular and newly developed software that is open source Privacy and security of stored data is a main challenge for cloud users With increased use of established cloud services by cloud software, it possible for malicious users to use this services for criminal purposes So digital forensic investigations of these cloud services is necessary In this paper, we document a series of digital forensic experiments on Seafile cloud storage service with the aim of providing forensic researchers and practitioners on both the client and server sides of Seafile In this research, different circumstances is created for digital forensic examinations, such as when the user uses anti digital forensic tools to delete files. Also, Seafile client software and browsers are used for interaction with server.
Keywords: Cloud computing; digital forensics; Seafile; cloud forensics; open source cloud storage.
Splicing Forgery Localisation using Colour Illumination Inconsistencies
by PNRL Chandra Sekhar, T.N. Shankar
Abstract: In the digital imaging era, people used to deliberately distort images or videos for fun or misleading others. Image splicing is one of the methods of manipulation by copying an image from one photograph and pasting it into another.Typically, those two photographs were captured in different environments from various image sources. In this paper, we proposed a simple statisticalbased learning-free approach to reveal this type of splicing forgeries using illumination inconsistencies with the assumption that the original images may have uniform illumination. The image first segmented into irregular objects as superpixels and color illumination is estimated for each superpixel using greyness index in rg-chromaticity space. For each pair of superpixels, the dissimilarity is then estimated. A Superpixel Region Growing algorithm is proposed to extract automatically all the tampered superpixels to localize the spliced region without human involvement. The results of the experiment showthat the proposed method effectively localizes splicing forgery than the state of art.
Keywords: Image forensics; splicing forgery detection; Localisation; colour illumination estimation; region growing.
IoT Cybersecurity Threats Mitigation Via An Integrated Technical and Non-Technical Solutions
by HAZIM Al-Sibai, Theyab Alrubaie, Wael M. El-Medany
Abstract: Recent years have seen the rapid development and deployment of IoT (Internet-of-Things) Despite the effectiveness and efficiency brought about by this technology, there are numerous challenges in terms of security. Based on the scale and diversity of connected applications, new and critical threats to security and privacy have emerged. With a growing number of connected devices, every day so does the number of security threats and vulnerabilities posed to these devices. The IIoT (Industrial Internet of Things) is concerned with making industrial environments more connected and thus smarter. However, this transformation comes with a huge number of threats that should be addressed. The primary goal of this research paper is to provide a technical solution as well as a holistic approach (framework) of security concerns. This will be supported by number of non-technical factors to build a resilient cybersecurity model to effectively and efficiently mitigate cybersecurity threats.
Keywords: IoT; IIoT; Cybersecurity; Risks; Cyber-threats; Solutions.
LB & LT Feature Approach to Personal Identification Using Finger Knuckle Image Biological Trait.
by Brajesh Singh, RAVINDER KUMAR, R. Rama Kishore
Abstract: Biometric identification is an emerging field for personal authentication and has a large number of applications in the field of time attendance system and forensic domain. A variety of biometric traits are available, but among of them, hand-based biometrics are more popular because its ease of use and better performance. Lot of literature is available on the fingerprint identification but it is observed that fingerprints are always not a reliable source of information to be captured from the crime scene to identify suspect. Therefore, it is required to use some other hand-based biological trait such as finger knuckle print (back side of finger joint skin pattern) in order to identify the suspect. This paper proposed a finger knuckle image-based person identification. The performance of proposed biometric system is compared with the well-established fingerprint-based authentication system. The experiments were performed on the benchmark dataset like PolyU finger knuckle print dataset and FVC2002 fingerprint dataset. The experimental results show that the performance of proposed algorithm leads over many fingerprint-based identification systems. The proposed algorithm can also be used to design finger knuckle image-based biometric system instead of fingerprint-based biometric system.
Keywords: Biometric trait; Finger Knuckle Print; Fingerprint; Suspect Identification; Finger Knuckle image based Biometric system.
Reversible Selective Embedding for DICOM Image Security and Integrity using Visual Cryptography
by Debabala Swain, Bijay Paikaray, Sujata Chakravarty
Abstract: Information Security has been one of the biggest challenges in the era of telemedicine applications. To protect the patients private records in medical images, several traditional methods are used. One of them is hiding the sensitive part of the image by embedding a different message into it. The data embedding can be done using methods like Reversible Data Hiding (RDH) or reversible watermarking in the Region of Interest (ROI) of the original medical images. For ensuring the authenticity and integrity of the received medical image an innovative data embedding technique is proposed in this paper. The proposed technique chooses selective blocks from the ROI based on the smoothness concerning the Region of Noninterest (RONI) and performs the data embedding. The proposed technique is an application visual cryptography where the embedded region cannot be detected by an attacker. The experimental result proves the reversibility and the efficiency of the proposed approach.
Keywords: Reversible Embedding; Selective; ROI; RONI; DICOM; Visual Cryptography.
Physical Security Design of a Digital Forensic Lab
by Bing Zhou
Abstract: The physical security design of a digital forensic lab is one of the key components to ensure investigators are providing a secure environment to process and store evidence that has been entrusted to them. The existing guidelines that cover this topic generally provide the minimum requirements for securing a digital forensic lab. Following the existing guidelines as written will leave investigators with a lab operation that is inefficient and lacking in adequate layers of protection.One way an investigator can exhibit this is by going beyond the requirements called for in the existing guidelines and designing a physical security system that will provide a lab that is both physically secure and operationally efficient. In this paper, we show that the existing guidelines do not adequately protect a digital forensic lab from unauthorised access, and they come up short when developing processes for auditing lab access.
Keywords: digital forensic lab; physical security; access control; evidence management.
A Novel Hybrid Image Hiding Technique using Elliptic Curve Cryptography and DNA Computing Technique
by A. Vyasa Bharadwaja, V. Ganesan
Abstract: Proposed novel hybrid image hiding techniques uses the security features of ECC for encrypting the secret image before embedding with cover image and also map the secret image with DNA nucleotide to improve the level of security with high embedding capacity. In proposed image steganography, secret image is fed as input to ECC encryption algorithm and resultant ciphertext point is mapped with DNA nucleotide, and then converts it into binary digits. Second, cover image is compressed by using DWT compressing techniques. The compressed image is used as cover image to embed the secret image by using singular value decomposition algorithm. The resultant stego image will have high PSNR and less MSE. Results show that 36.23% decreased value of MSE value and 5.6 % increased value of PSNR for 512 by 512 image size.
Keywords: Image steganography; Elliptic Curve Cryptography; DNA Computing Technique; Peak Signal to Noise Ratio; Mean Square Error; Distortionless image; Singular Value Decomposition Technique.
Methodical tools for security level diagnostics of the modern university's activity
by Valeriia V. Loiko, Olena S. Aleksandrova, Nataliia N. Vinnikova, Vitaliy N. Zavadskyi, Daria N. Loiko
Abstract: The article proposes and substantiates the methodological basis for the diagnosis of the state of economic security of the university's activity. The authors have developed a comprehensive methodological set of tools for studying of the state of economic security. Based on the substantiated methodological provisions and the given algorithm of calculations, it is possible to determine the current state of the university's security by quantitative and qualitative measurement as well as determine the factors affecting this index. The method of determining these characteristics has the prospect of becoming the basis for effective management in the field of financing, will contribute to the sectoral adjustment of medium and long-term development concepts. The set of tools for monitoring the university's work should contribute to the development of algorithms for decision-making management on the further stable functioning of the establishment.
Keywords: university microenvironmental environment; information factors; security factors; security level; competitiveness; quality of education.
International crime as a threat to global socio-economic security
by Serik M. Apenov, Nurbol S. Jetibayev, Mariyash K. Makisheva, Guldana A. Kuanalieva, Sergazy Kussainov
Abstract: The authors identify the concepts of international and transnational crime, focusing on its innovative component - the absence of the need for contacts and decentralisation of the sources of the criminal community. In particular, virtual organised criminal communities are analysed. The novelty of the research lies not only in their historical analysis, but also in the formation of a mechanism to counter them on the basis of a structural and international legal approach. The already implemented countermeasures are analysed and the international legislative acts that constitute the mechanism of global cyber security are structured. The practical significance of the study is determined by the fact that the developed comprehensive analysis of the phenomenon can be applied to the strategies of the socio-economic development of the state in the section of possible risks and compensation for losses from their implementation.
Keywords: international crime; organised crime; property; cyber security; legal measures.
International and interstate aspects of ensuring the rights of the suspect and the accused in the proceedings of forensic investigation
by Aizhan Aryn, Sagyngaliy Aidarbayev, Assel Sharipova, Akynkozha Zhanibekov, Aina Otarbayeva
Abstract: The purpose of this research is a comprehensive study of the international legal regulation of the rights of the suspect and the accused in the proceedings of forensic investigation as well as the national legislation of the Republic of Kazakhstan on the example of foreign norms. The scientific and research papers of foreign, local and Russian scientists, as well as various international treaties, regional agreements and national legislation of foreign states, were considered. The analysis of the current criminal procedural legislation regulating the forensic examination showed that it has not been adequately brought into conformity with recognised international human rights norms based on the priority of protecting the rights and interests of the individual as well as with the fundamental provisions enshrined in the constitution.
Keywords: universal declaration; international treaty; convention; the rights of suspect and the accused; forensic investigation.
Cyber legislation and cyber-related legal issues in Bangladesh: inadequacies and challenges
by Kudrat-E-Khuda Babu, Md. Ahsan Ullah
Abstract: Technology has inevitably evolved, driving significant human progress in every sphere of life. Amid this technological development, laws and regulations have been enacted to control offences relating to global advances in technology, including in Bangladesh. Bangladesh government has taken many initiatives to make the country digital. But in Bangladesh, the cyber-related laws are full of shortcomings and the customary laws are extremely outdated and most of the laws do not fit the era of ICT. Although Bangladesh government passed the ICT Act and the Digital Security Act to control cybercrime, the country's existing laws for fighting the menace are inadequate due to certain limitations. The article examines contemporary cyber legislation and legal issues in Bangladesh, together with the customary laws and existing policies, with a view to identifying their inadequacies and challenges. This article makes use of secondary data, i.e., books, journals, customary laws, acts etc.
Keywords: cyber legislation; cybercrime; cyber-security; technology; e-commerce; globalisation; the Digital Security Act 2018; the ICT Act 2006; cross-border; Bangladesh.
A robust and secure time-domain interference cancellation using optimisation method in MIMO-OFDM system
by Chittetti Venkateswarlu, Nandanavanam Venkateswara Rao
Abstract: In this paper, a robust and secure time-domain interference cancellation is proposed using modified genetic algorithm in orthogonal frequency division multiplexing based on MIMO-OFDM system. Hence, with an eye on regulating the interference occurrence in the AWGN channel, the communicated signals are subjected to the optimisation procedure prior to its arrival at the receiver end. In the work, the process of optimisation is effectively executed with the help of the modified genetic algorithm. The efficiency metrics are appropriately evaluated for the input and the regenerated signals by means of the SER, BER and the MSE for modulating the SNR values for the novel and the modern techniques. From the experimental results, the results show that although proposed method is not the optimal strategy to maximise the SNR, it offers a better performance than MMSE for MIMO frequency selective channels and thus threatens the overall security of the system.
Keywords: additive white Gaussian noise; interference cancellation; MIMO-OFDM; optimisation; reconstruction; modified genetic algorithm; MGA; fast Fourier transform; FFT.
Forensic analysis and data recovery from water-submerged hard drives
by Alicia Francois, Alastair Nisbet
Abstract: In many digital forensic investigations, a common location to recover files as evidence of wrongdoing is a computer hard drive. Hard drives have increased greatly in storage capacity since their introduction in computers in the 1950s making them a rich source of evidence for the forensic investigator. This awareness may also lead to the destruction of hard drives or entire computers by throwing them into water in an attempt to prevent recovery of data. This research looks at the solid state hard drives alongside platter hard drives in particular and the time water will take to enter the hard drive once it is submerged. Experiments show that once water has entered the drive, various components will be affected by the water and the drive will become inoperable. A guide for forensic investigators is constructed indicating the likely time required to recover the drive before water ingress occurs, and the various parts of the drive that may be damaged and whether repairs or replacement of those parts is possible.
Keywords: forensics; security; hard drive; water damage.